Re: [qmailtoaster] heartbleed bug
hey folks - please be aware that simply patching OpenSSL is NOT sufficient to mitigate the risk. if you have been using a RHEL/CentOS 6 system to host services secured by SSL, then you should consider your keys compromised, revoke your keys, and deploy new keys and new certs. read http://heartbleed.com to learn more. -steve On Apr 8, 2014, at 7:57 PM, Cecil Yother, Jr. c...@yother.com wrote: FYI, This fix has only come out in the past few days. On 04/08/2014 04:54 PM, Eric Shubert wrote: On 04/08/2014 01:04 PM, Peter Peterse wrote: Finn Buhelt schreef op 8-4-2014 21:53: Hi list Will this affects QMT ? ( latest release uses openssl-1.01 which is hit) New security holes are always showing up. The latest one, the so-called http://heartbleed.com/Heartbleed Bug http://heartbleed.com/ in the OpenSSL https://www.openssl.org/ cryptographic library, is an especially bad one - taken from zdnet.com Regards, Finn Hi Finn, I've read CentOS 6 is affected and CentOS 5 not. CentOS 5.10 contains OpenSSL 0.9.8e Regards, Peter RHEL/CentOS has fixed this in openssl-1.0.1e-16.el6_5.7 The fixed package was in all of the mirrors I happened to catch. To check if your package has the fix applied, you can: $ rpm -q openssl --changelog | grep CVE-2014-0160 If you get nothing back (and you're on COS6) you should (yum) update your openssl package. -- cj's_sig.png -- http://five.sentenc.es signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [qmailtoaster] Re: missing Perl dependencies qmailtoaster-plus
ok, I'll take a poke at this. sorry I haven't been more available to real with repoforge/RPMforge issues recently :( btw, one last time (imagine me writing this in letters of fire forty feet high): installing Perl modules from CPAN (whether via CPAN module, CPANPLUS, cpanminus, or what have you) will *never* be sufficient to satisfy a RPM dependency. just because the module is installed somewhere on your system does *not* mean that RPM knows about it. :) -shuff -- http://five.sentenc.es On Feb 14, 2013, at 4:18 PM, Eric Shubert e...@shubes.net wrote: It looks to me as though qtp-install-rpmforge probably needs a little tweaking to be compatible with repoforge (the rpmforge successor). Anyone care to have a look at it? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: RPMForge
On Feb 19, 2011, at 10:58 AM, Eric Shubert wrote: Steve, I noticed that rpmforge has reorganized packages a bit (I was looking for rsync 3.x, and it appears to have moved). Do I understand correctly that packages which are part of the base CentOS are now in the rpmforge-extras repo? If so, the rpmforge repo can be safely enabled by default, and I should change the qtp-install-rpmforge script accordingly. Thanks for your expertise. :) heya Eric! here's the announcement: http://www.mail-archive.com/users@lists.rpmforge.net/msg01924.html so, in a nutshell, there are two options: 1) enable rpmforge, don't enable rpmforge-extras: this means that none of the base CentOS packages should be replaced, but you might not see all the packages that you expect 2) enable rpmforge, enable rpmforge-extras: you should see all the packages you expect, but you'll have to be explicit about overwriting some packages from CentOS does that help? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: sa-update
On Feb 14, 2011, at 10:06 AM, Eric Shubert wrote: The dependencies for SA/perl don't appear to be in the rpmforge repo, so you might have to use CPAN for those modules. hey folks! sorry i haven't been following this thread closely. which dependencies are missing from RPMforge? please let me know so that we can fix it. :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Clamav update trouble
On Nov 4, 2010, at 1:19 PM, Francisco Paco Peralta wrote: Well, I finally went through your instructions and everything appears to be functioning well. I thank you. awesome! i'm glad to hear it. :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Clamav update trouble
On Oct 29, 2010, at 10:46 AM, Eric Shubert wrote: Since the Util.pm file is what's giving you problems, and that's part of the (main) perl package, I'd try updating that package. Since you already have the current version, yum's not going to do that for you. You'll need to download the rpm, then run rpm against that file as such: # rpm -Uvh --replacepkgs --replacefiles --force perl-5.8.8*.rpm Make sure you get the right verion/arch that you presently have installed. I think this one might be it for you: http://mirror.centos.org/centos/5/os/i386/CentOS/perl-5.8.8-27.el5.i386.rpm The version *and* *arch* should match what you have from: # rpm -q perl (Steve, please chime in here if you have any further insight) installing a fresh new upstream perl is a fine idea; however, since `rpm -V perl` produced no output, it looks like his perl package is ok. here's a way to get to the bottom of this situation. let's see the output of the following command: find /usr/lib/perl5/ -type f | xargs rpm -qf | grep package this will find all the files in the local Perl distribution that are not part of an RPM. there should be a few; if there's no output at all from this command, i'll be *really* suspicious. :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Clamav update trouble
On Oct 29, 2010, at 12:40 PM, Francisco Paco Peralta wrote: file /usr/lib/perl5/site_perl/5.8.8/Archive/Zip.pm is not owned by any package ... file /usr/lib/perl5/5.8.8/i386-linux-thread-multi/Scalar/Util.pm is not owned by any package ... file /usr/lib/perl5/site_perl/5.8.8/IO/Compress/Zip.pm is not owned by any package i bet your problems are related to these packages. now, how to root them out... 1) print out a copy of the email you just sent. THE NEXT STEP WILL ASSUREDLY BREAK THINGS. DO NOT DO THIS ON YOUR PRODUCTION SYSTEM WHILE IT IS RUNNING. 2) delete all those files except for /usr/lib/perl5/5.8.8/i386-linux-thread-multi/perllocal.pod. yes, all of them. 3) do another `rpm -V perl`. if you see any output, reinstall a fresh perl package as documented earlier in the thread. do not proceed until `rpm -V perl` produces no output. 4) now, go through the list you printed out back in step 1. for each file, check to see if it still exists on your system. if it does, great, move on to the next. if it doesn't, you'll need to figure out whether or not it's something you need. since i don't know everything you have running on your system, i can't tell you for certain how to do that. it might be useful to build another qmailtoaster installation and use that as a point of reference. 5) if any of those files were part of Perl modules that you still need, install them from RPMs. `yum install 'perl(Module::Name)'` is your friend. when all is said and done, you should have a working system again, at which point you can reflect on the reasons why not to install Perl modules from CPAN. :) i'm really sorry that you're in this situation, and i wish i had a simpler way to fix things. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Clamav update trouble
On Oct 25, 2010, at 5:51 PM, Eric Shubert wrote: Perhaps a perl expert here (Steve maybe?) might help with how to straighten things out. I'm not real strong with CPAN. hi! i have been (a bit belatedly) following this thread. Paco, please run `rpm -V perl` (as root) and capture the output. if the output is, say, 10 lines or fewer, then please post it to the list; if it's longer, please stick it up on a pastebin somewhere and send us a link. my first guess as to what is wrong is that by using the CPAN shell you have clobbered some element of the system perl package, and now it is misbehaving. on a system with package management (e.g. RHEL/CentOS, Debian, Ubuntu, Gentoo, Solaris, *BSD, etc.) you should not use the CPAN shell ever, for any reason, at all, no matter what it says in a wiki or a README (and if you know enough to know when you can disregard that statement, more power to you :) ). -shuff -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v PGP 8477B706 (A92A 1F7E 6D76 16A0 BFF9 E61D AD54 0251 8477 B706) PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] re: Bizzare process
On Aug 31, 2010, at 4:18 PM, Maxwell Smart wrote: Any ideas? root 25440 88.2 0.0 4548 1172 ?RAug24 9351:12 dialog --clear --title QmailToaster-Plus Menu --menuYou can use the UP/DOWN ... `man dialog` dialog is a utility used to display interactive dialogs. `rpm -ql qmailtoaster-plus | xargs grep dialog` will show you that some of the scripts in QmailToaster-Plus call it. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: qtp-newmodel fails: rpmforge
On Aug 3, 2010, at 10:45 PM, Patrick Ring wrote: but is there something I could adjust here to get this going? just install the rpmforge-release package as you would to enable RPMforge on any other RHEL/CentOS system. instructions are here: http://wiki.centos.org/AdditionalResources/Repositories/RPMForge#head-20e1f65f19ccf2f5fbf5adb30dbaf5ea963a64ae -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es/ PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: qtp-newmodel fails: rpmforge
On Aug 3, 2010, at 10:45 PM, Patrick Ring wrote: but is there something I could adjust here to get this going? just install the rpmforge-release package as you would to enable RPMforge on any other RHEL/CentOS system. instructions are here: http://wiki.centos.org/AdditionalResources/Repositories/RPMForge#head-20e1f65f19ccf2f5fbf5adb30dbaf5ea963a64ae -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es/ PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] qtp-newmodel fails: rpmforge
On Aug 3, 2010, at 8:19 AM, Patrick Ring wrote: I'm trying to update a fresh load before I migrate to it and right after sandbox mounts, I get: Error getting repository data for rpmforge, repository not found qtp-mount-sandbox - installation of dependent packages failed qtp-mount-sandbox - is your qmailtoaster-plus.repo package up to date? qtp-newmodel - qtp-mount-sandbox failed, exiting I've run a yum update already, and a yum install qmailtoaster-plus.repo says the qmailtoaster-plus.repo-0.2-2.noarch is the latest. this issue may be the one that showed up in a thread a few days ago: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg28750.html if so, a workaround is here: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg28768.html -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] rpmforge / Centos 5.5
On Aug 3, 2010, at 11:17 AM, Martin Waschbuesch wrote: I don't know if anyone else has experienced this, but when you use rpmforge (which I rely on for a lot of perl php modules) and update mrtg using the rpmforge package, the qmailmrtg-toaster stuff does not seem to work anymore. Instead, the scripts that generate the graphs complained about a missing module. Now, I reverted to the previous (official centos) version and explicitly skip this package, but perhaps someone else has encountered it and knows why it happens and can be fixed? E.g. might it be that newer mrtg releases are no longer compatible? etc. are you on a 64-bit system? might you be running into this bug? http://oss.oetiker.ch/mrtg-trac/ticket/94 http://permalink.gmane.org/gmane.linux.rpm.rpmforge.suggest/518 if not, please post the error message you're seeing, as well as the version of the mrtg package (`rpm -q mrtg`). thanks, -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: rpmforge / Centos 5.5
On Aug 3, 2010, at 3:43 PM, Eric Shubert wrote: So what's the bottom line solution? Wait for the patch to be applied to rpmforge version? i'm still not clear what exactly the problem is (that's why i asked for Martin's mrtg version). the patch is already in the current RPMforge package (2.16.4-2). -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: x86_64 updateing
On Jul 29, 2010, at 1:26 PM, Joel Eddy wrote: # qtp-install-rpmforge qtp-install-rpmforge v0.3 - getting latest version of rpmforge-release ... qtp-install-rpmforge - http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release.spec not found, please try again later. What do you suggest? Keep trying? the error message is misleading; trying again later will not help you in this case. :) you need to install the appropriate rpmforge-release package for your release and architecture. the rpmforge-release packages can be found here: http://packages.sw.be/rpmforge-release/ the current version of rpmforge-release is 0.5.1-1. (sorry for not noticing this thread earlier, folks!) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Help needed to implement Logwatch and Fail2ban
On Jun 7, 2010, at 3:39 PM, karpaha vinayaham wrote: I would like to implement Logwatch and Fail2ban on my server, i am running Centos 5.2. Could any one help me on this. 1. enable RPMforge repository (http://wiki.centos.org/AdditionalResources/Repositories/RPMForge) 2. `sudo yum install logwatch fail2ban` 3. read documentation -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] verizon iphone emails
On May 17, 2010, at 4:51 PM, David Milholen wrote: I know there something a while back on email for blackberrys and othe pda type phones. I am not seeing any current smtp connections from some phones using verizon, The sender is getting a 5.7.1 error message invalid format. I believe there was something that had to be done in the tcprules. i believe you may be correct. fortunately the list archives are available online, and are searchable :) http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/ the wiki is also searchable! http://wiki.qmailtoaster.com/index.php/Special:Search?search=blackberryfulltext=Search -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] new model update script error.
On May 7, 2010, at 10:11 AM, Bilgehan Poyraz wrote: Error: No Package Matching perl(Archive::Tar) yum on your system can't find the right package. please post the full output of the following command: $ sudo yum provides 'perl(Archive::Tar)' based on what you've already posted, it looks like you haven't enabled the RPMforge repository; that's where this Perl module, and a number of others, come from. thanks, -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] new model update script error.
that output looks correct; sorry, i don't know why your system isn't seeing perl(Archive::Tar). maybe run a `sudo yum clean all` and try again? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Error in Sending Mail
On Apr 27, 2010, at 12:41 PM, Eric Shubert wrote: I've no idea why you would need XML/SAX/. Is there a rule that uses it that's not part of the stock QMT? How are you installing XML/SAX? I would use the rpmforge repo instead of CPAN, but that doesn't really explain why you would need it to begin with. the error Amit is encountering is so common that it is an entry in the Perl-XML FAQ: http://perl-xml.sourceforge.net/faq/#parserdetails.ini there are tons of Perl programs that want to use XML::SAX; i would hesitate to conjecture which one is involved here. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: Error in Sending Mail
On Apr 27, 2010, at 2:18 PM, Eric Shubert wrote: Perhaps there's another XML parser that is used if XML::SAX doesn't exist? I can only speculate. I expect that there are others on the list that know better than I do about this. it's the other way around; that error message indicates that XML::SAX is falling back to its built-in pure-Perl parser, and the fix is to install a better one (or to take action that indicates to XML::SAX that yes, you really do want it to use the pure-Perl parser). it's all in the FAQ. -shuff -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] servercert.pem common name
On Nov 25, 2009, at 8:54 AM, Athiqur Rahman wrote: The common name of my servercert.pem is set to 'localhost'. How to I change this, or create a new certificate with the common name of my mail server. http://www.madboa.com/geek/openssl/ or other such howtos. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] re: EZMLM
On Nov 23, 2009, at 4:31 PM, Maxwell Smart wrote: Is there any place one can find out how to use the EZMLM included with the ISO toaster? do you have a specific issue that isn't covered by one of the first four Google hits for 'ezmlm'? you also may want to check http://wiki.qmailtoaster.com/ . -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: sa-stats wrong?
On Nov 9, 2009, at 10:06 AM, Eric Shubert wrote: Any perl programmers out there care to have a look at it? sure. the problem is in lines 290-307; it's a variable scope issue. the variables $perc1, $perc2, and $perc3 are used in the printf() on line 308; however, each of them is declared inside if..else blocks, which means that they are undefined outside of the scope of those if..else blocks. i would point out that running Perl with warnings enabled, which is a pretty much universal best practice, exposes the problem :) the bug is fixed in sa-stats-1.03 (http://www.rulesemporium.com/programs/sa-stats-1.0.txt ); attached is a patch that modifies sa-stats-1.03 to work with QMailToaster. if for some reason you don't want to update to sa- stats-1.03, i have also attached a patch that implements a fix for the problem within 1.02. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es sa-stats-1.03_qtp.patch Description: Binary data sa-stats-1.02_variable-scope.patch Description: Binary data PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] problem
On Oct 28, 2009, at 12:15 PM, Noel Rivera (Border Less) wrote: Hello list I check my current log in /var/log/qmail/spam and I have this warning @40004ae86dd92209fb4c [19398] warn: bayes: cannot open bayes databases /home/vpopmail/.spamassassin/bayes_* R/W: lock failed: File exists @40004ae86dd9220a12bc [19398] info: spamd: processing message 20091028161939.13cca1dec...@mail.fxe.net for clamav:89 @40004ae86ddb32d3b60c [19397] info: spamd: connection from mailserver.mxbyrail.com [127.0.0.1] at port 37783 @40004ae86de234b6a2f4 [19398] warn: bayes: cannot open bayes databases /home/vpopmail/.spamassassin/bayes_* R/W: lock failed: File exists @40004ae86de41bf6032c [19397] warn: bayes: cannot open bayes databases /home/vpopmail/.spamassassin/bayes_* R/W: lock failed: File exists @40004ae86de428cbd324 [19397] info: spamd: processing message 20091028161907.3d1f11dec...@mail.fxe.net for clamav:89 @40004ae86dec0ddd379c [19397] warn: bayes: cannot open bayes databases /home/vpopmail/.spamassassin/bayes_* R/W: lock failed: File exists Anybody help me? Google turns up a number of different instances of similar error messages: http://www.google.com/search?q=spamassassin+lock+failed+file+exists which of these have you tried and eliminated before posting to the list? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: how to look in the log
On Oct 28, 2009, at 1:14 PM, Jim Shupert wrote: 10-26 08:36:39 tcpserver: ok 3878 sifter.pps-inc.com: 192.168.200.222:25 :216.37.105.169::33074 10-26 08:36:39 rblsmtpd: 216.37.105.169 pid 3878: 451 http://www.spamhaus.org/SBL/sbl.lasso?query=SBL77346 these two lines are the key. the first line shows the remote mail server (216.37.105.169) initiating a connection to your mail server. the second line shows your mail server refusing the connection because the remote mail server's IP address is in the Spamhaus SBL. to see why, check the URL which is helpfully posted there in your log. Mr. Bob needs to get his mail server delisted, or he's going to have trouble sending to lots of other people besides you. for a more thorough treatment of qmail logs, read John Simpson's excellent page: http://qmail.jms1.net/logfiles.shtml -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: how to look in the log
On Oct 28, 2009, at 2:08 PM, Jim Shupert wrote: isn't that a diff subnet ? 216.37.105.169 -him , noted offender 216.37.96.0/20 it is not. welcome to CIDR :) http://www.subnet-calculator.com/cidr.php enter the offending subnet as listed by Spamhaus (216.37.96.0) in the IP Address fields, then enter 20 (the /20 part of the address) in the Mask Bits field, then look at the CIDR Address Range field to see which IP addresses fall within the subnet. http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] ppc install?
On Oct 28, 2009, at 2:18 PM, Jake Vickers wrote: The build flags you used then will still work today. You will need to use the cnt40 flag for your particular case, since that will be CentOS 4 i'd also be interested to know if any of the necessary third-party packages (mostly Perl modules) are *not* available in RPMforge for el4 PPC. the appropriate configuration RPM is available here: http://packages.sw.be/rpmforge-release/rpmforge-release-0.4.0-1.el4.rf.ppc.rpm please install this package as soon as you've finished installing CentOS 4 and pulling down the latest patches, but before you start install Qmailtoaster. again, please make note of any packages that are not automatically found by yum and let me know, so that i can track down why they aren't available. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] chkuser problem again
On Oct 28, 2009, at 4:39 PM, sysadmin wrote: tcprules: fatal: unable to parse this line: 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/ private,RBLSMTPD=,NOP0FCHECK=1SENDER_NOCHECK=1 see the word fatal up there? that means badness. if you see a warning like that, you should not expect that everything will work correctly. you forgot the comma between the NOP0FCHECK and SENDER_NOCHECK directives. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: ppc install?
On Oct 28, 2009, at 3:04 PM, Eric Shubert wrote: It'd be nice if FUSE-unionfs was available for this. Which is the latest kernel version for YD4? (Same as COS4?) hm; it's not clear to me from a quick web search what exactly the relationship is between YDL and CentOS, so i can't speak authoritatively. these are all the versions of fuse-unionfs currently in RPMforge; are you looking for a different version/arch? i see 0.23 for el4 and el5, i386/x86_64/ppc, and 0.23 for el3 i386. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] What is DKIM?
On Oct 10, 2009, at 2:11 AM, amit IKF wrote: So what is DKIM? How can I signed my mail to pass DKIM? please search before asking a question. http://video.qmailtoaster.com/video/how-to-setup-dkim-on-qmail.html -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es/ PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Suggestions on a bug tracker system
On Oct 7, 2009, at 8:25 AM, Jake Vickers wrote: With things as busy as they are these days with everyone, I've come to the conclusion that we need a bug-tracking system for Qmailtoaster where users can submit bugs, and I/others can see them and respond/fix the issue. I think we used to use Flyspray here previously, but I am open to suggestions from everyone. The bug tracking system for Trac is okay and usable, but I am not going to convert the whole website and project over to Trac just to get a bug tracker. my first thought is that you might consider using one of the existing free development hosting sites (e.g. SourceForge, Google Code, BerliOS etc.). i also remember finding Unfuddle (http://unfuddle.com) a while back and thinking it might be a useful lighter-weight alternative to SourceForge. i understand that Mantis is good for defect tracking and development; we use RT at work, but it's more oriented towards a helpdesk/user- support environment. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] RE: Mails not being scanned / filtered by SA server
On Oct 1, 2009, at 10:53 AM, Atul Paralikar wrote: [r...@mail qmt]#qmlog spamd 09-14 11:38:14 [8862] error: Can't locate Mail/DomainKeys/Message.pm in @INC (@INC contains: /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib64/ perl5 /site_perl/5.8.8/x86_64-linux-thread-multi /usr/lib64/perl5/ site_perl/5.8.7/x86_64-linux-thread-multi /usr/lib64/perl5/site_perl/ 5.8.6/x86_64- linux-thread-multi /usr/lib64/perl5/site_perl/5.8.5/x86_64-linux- thread-multi [r...@mail qmt]#cpan Cpan Trying with /usr/bin/links -source to get ftp://ftp.perl.org/pub/CPAN/modules/03modlist.data.gz Going to read /root/.cpan/sources/modules/03modlist.data.gz Going to write /root/.cpan/Metadata Mail::DomainKeys::Message is up to date. [r...@mail qmt]# rpm -qa|grep -i domainkeys perl-Mail-DomainKeys-1.0-1.el5.rf libdomainkeys-toaster-0.68-1.3.6 Why SA is not detecting the installed plugin of DomainKeys? How to rectify this? this is indeed the problem; until you fix this issue, SA will continue to not work. first things first, don't install Perl modules from CPAN on a RPM- managed system; you will assuredly break things at some point or another, and the problem will be difficult to fix. i can see that you have the perl-Mail-DomainKeys package from rpmforge installed; this is good. please post the output of the following two commands: $ rpm -V perl-Mail-DomainKeys $ rpm -ql perl-Mail-DomainKeys /usr/lib/perl5/vendor_perl/5.8.8/Mail /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Header.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Key /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Key.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Key/Private.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Key/Public.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Message.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Policy.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/DomainKeys/Signature.pm /usr/share/doc/perl-Mail-DomainKeys-1.0 /usr/share/doc/perl-Mail-DomainKeys-1.0/Changes /usr/share/doc/perl-Mail-DomainKeys-1.0/MANIFEST /usr/share/doc/perl-Mail-DomainKeys-1.0/META.yml /usr/share/doc/perl-Mail-DomainKeys-1.0/README /usr/share/doc/perl-Mail-DomainKeys-1.0/THANKS /usr/share/man/man3/Mail::DomainKeys.3pm.gz `rpm -V` should give you no output at all; `rpm -qf` should give you the output as shown above. if you get anything different, then your installed package has been corrupted (perhaps by using CPAN to do a manual install); the fix is to remove perl-Mail-DomainKeys (`sudo rpm - e --nodeps perl-Mail-DomainKeys`) and reinstall it (`sudo yum install perl-Mail-DomainKeys`). -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Problems emailing large number of recipients
On Sep 24, 2009, at 11:55 AM, John Hansen wrote: What do I need to change/update in order for these to be sent out without errors? you need to set up an ezmlm mailing list on the toaster and have your user send mass emails via this list rather than via Outlook. that's what mailing lists are for. :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] root mail and UpdateSaneSecurity
On Sep 3, 2009, at 11:27 AM, Eric Shubert wrote: qmail doesn't use the /etc/aliases file (and the newaliases command). Postfix and exim do though. I haven't used aliases with native qmail (outside of vpopmail). I think that /var/qmail/alias/ comes into play for this. Would anyone like to explain how this directory and its (some hidden) contents work? http://www.lifewithqmail.org/lwq.html#aliases is a good place to start. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Razor2 strikes again
On Sep 3, 2009, at 1:17 PM, d...@acbsco.com wrote: Does anyone know where/how/why spamassassin would be calling Razor2 and/or Razor? And how to stop spamassassin from calling it? # find /etc/mail/spamassassin/ | xargs grep Razor2 will find the config file (or files) where Razor2 is being enabled. make sure any instance of 'loadplugin Mail::SpamAssassin::Plugin::Razor2' is commented out, then run `spamassassin --lint` and examine the output to make sure Razor2 is gone and that you haven't broken anything, then restart spamd. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] spamassassin: logs, headers
On Sep 2, 2009, at 5:35 PM, Kent Busbee wrote: See response below; Toni Cosma wrote: Hi list, What is logged to /var/log/qmail/spamd/current ? Only when a message is marked as spam ? My spam log looks like below: tail -f /var/log/qmail/spamd/current @40004a9ab0dd04178dd4 [2244] info: spamd: server killed by SIGTERM, shutting down @40004a9ab14b3391d5ec [2178] error: Can't locate Mail/DomainKeys/Message.pm in @INC (@INC contains: I am no expert, but the above two lines do not look right. Is spamd running? Try this: ps aux | egrep spamd | spamd this log message contains both the problem and its solution. spamd died (so no SpamAssassin processing). why did it die? because it can't find the Mail::DomainKeys::Message Perl module. where is this module? let's ask yum: [sh...@srdce ~]$ sudo yum -y provides 'perl(Mail::DomainKeys::Message)' perl-Mail-DomainKeys-1.0-1.el5.rf.noarch : Perl module that implements DomainKeys Matched from: Other : perl(Mail::DomainKeys::Message) at least that's where i get it from (the rpmforge repository). install the missing Perl module and restart spamd. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Thank You!
On Aug 19, 2009, at 1:59 PM, Jake Vickers wrote: OSS projects for donations I've donated to vim in the past, but I'd like to hear from the rest of the community as to what other projects you would choose. SpamAssassin and/or spamdyke, no question. also, as a bit of a dark horse candidate, i suggest CACert.org, without whom i'd need to buy SSL certificates from some horrible commercial CA. i recommend that anyone who is currently using a self- signed cert look at CACert.org and consider joining the web of trust. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Thank You!
On Aug 19, 2009, at 2:56 PM, Phil Leinhauser wrote: All that money on expensive certs I've spent!!! That one works for me! seriously :) bear in mind, however, that the CAcert.org root certificates are not included by default in many major browsers, which means that users need to manually install them. how is this an improvement over self- signed certs? it's an improvement in that once a user installs the CAcert.org roots *once*, he then has secure access to *all* sites and services that use CAcert.org-issued certificates; the user (or, for a larger organization, the tech support staff) need to do the same amount of work, but the benefit is much greater. if you're going to use CAcert.org-issued certs, i strongly recommend that you get yourself well-linked into the web of trust. read this document (http://wiki.cacert.org/wiki/FAQ/AssuranceIntroduction) to learn how to get your trust points up; if you can attend an assurance party, you can quickly pass the first milestone, and in addition you can visit your local Notary Public, have your identity verified and notarized, and send the paperwork off to CAcert.org in order to get a big chunk of points (they call this Trusted Third Party assurance). once you pass your first milestone of trust points, you can get certificates that last for two years rather than 6 months, this is a major convenience :) in short: i can't in good conscience recommend that you use a cert from CAcert.org for a commercial service unless you have some other mechanism (e.g. tech support staff, or an autoinstaller, or something) for pushing out the root certs to your users' machines, not because of any concern about the security or trustworthiness of CAcert.org, but because people will see scary SSL warning and you may lose business. on the other hand, for any non-commercial purpose, they're *AWESOME*, and in addition to saving money, you're supporting an excellent cause. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] Re: [qmailtoaster-devel] qmtmenu project
On Aug 13, 2009, at 8:57 AM, Jake Vickers wrote: Don't forget this is still out there. I do not think I have gotten anyone who wanted developer access yet. If you have any scripting experience then you'd be a welcome addition! I just got the initial file up there - I do not care what language it's ultimately written in (Bash, Python, etc.). I'd just like to see some progress made on it. thanks for the reminder! i'm back from being out of town for a week and a half; i'll take a look at this and see what i can do. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] send mails localy
On Jul 16, 2009, at 9:06 AM, José Campos wrote: Why can’t I send mails locally? When I try send one message to myself it falls. Tell me that can't find a valid MX for sender domain. searching the mailing list archive (http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/ ) for local email problem finds this thread: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg17206.html please read through it and follow the troubleshooting steps. also, follow the troubleshooting steps documented on the wiki: http://wiki.qmailtoaster.com/index.php/Troubleshooting -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] SMTP timeouts
On Jul 13, 2009, at 3:44 PM, Gilbert T. Gutierrez, Jr. wrote: I think I will stay with some basic blacklists now. I am not sure which ones though. `qtp-set-rbls -moderate` is probably a good start. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es PGP.sig Description: This is a digitally signed message part
Re: [qmailtoaster] To upgrade my running qmailtoaster package
On Jul 10, 2009, at 6:20 AM, Karpaha Vinayaham wrote: I have updated the package, can anyone one tell me what is sandbox and union filesystem. please search before you ask a question. http://www.google.com/search?q=union+filesystem the first response to that query contains the answer to your question. also, qtp-newmodel is a shell script. you can read it, and see what it does. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es/ - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Error connecting mailbox on squirrelmail
On Jul 9, 2009, at 8:44 AM, José Campos wrote: Sorry bothering you again. I'am no very experiencia Linux admin. How can I do what you mentioned on previous message. http://www.google.com/search?q=introduction+to+dns -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Diverts mail
On Jul 8, 2009, at 10:07 AM, Mahesh Bhat wrote: “Transaction Time delay” Thanks for the quick reply… do you thing this is a problem with RBL’s because.. my mail server accepts the mails but takes a lot time in checking if that mail is spam or not. do not ask Constantin to guess; test your RBLs yourself. your RBLs live in /var/qmail/control/blacklists. for each of the blacklists you use, try a test lookup against it and see how long it takes to respond. each RBL has a test address; if it is working properly, it must respond to a request for that address. this is documented here, in section 5: http://tools.ietf.org/html/draft-irtf-asrg-dnsbl-08 you can use the 'dig' command to test a RBL; 'man dig' to find out how to use it. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] server listed in spamcop
On Jul 7, 2009, at 10:57 AM, Juan Pablo García wrote: Maybe I'm kind of naïve, but I don't understand why does a facility (vacation autoresponders) created since the start of the electronic mail services, would need to be blocked. IMHO, it shouldn't be part of spam control! you're not naïve, you just didn't read the links that are relevant to the discussion :) the SpamCop admins do not share your opinion. read the SpamCop FAQ entry that Peter posted in his original message (included below) for a detailed treatment of this topic. http://www.spamcop.net/fom-serve/cache/329.html -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] server listed in spamcop
On Jul 7, 2009, at 12:51 PM, Peter Peltonen wrote: * spammer forges a foo...@wahoo.dom address * this foo...@yahoo.com happens to be a spamcop trap * spammer sends from this address an email to my user, who has autoresponder on at this point in the chain, ideally you'd reject the mail instead of delivering it to the user and triggering the autoresponder. ways to accomplish this include: * SPF * Spamdyke * DomainKeys/DKIM am i misunderstanding your scenario? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] does spamdyke max-recipients setting affect mailing lists?
On Jul 7, 2009, at 3:24 PM, Peter Peltonen wrote: Spamdyke's default configuration includess this setting: max-recipients=50 Say I am running ezmlm or mailman mailing lists with more than 50 recipients. Does spamdyke now prevent these mailing lists from functioning? your answer is here: http://lifewithqmail.org/lwq.html#multi-rcpt this is, in fact, one of the primary reasons to make it easy for your users to set up their own email lists rather than just jamming a ton of addresses into the To: field. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Installation errors on CentOS 5.3 x86_64
On Jun 25, 2009, at 10:28 AM, John Hansen wrote: nroff -man qmail-local.8 qmail-local.0 /bin/sh: nroff: command not found make: *** [qmail-local.0] Error 127 error: Bad exit status from /var/tmp/rpm-tmp.26371 (%build) there's your first problem. $ sudo yum -q provides '*/nroff' groff-1.18.1.1-11.1.i386 : A document formatting system. Matched from: Filename: /usr/bin/nroff $ `yum install groff` and try again :) Jake, perhaps you should add groff as a BuildRequires to the qmail- toaster SRPM? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] Installation errors on CentOS 5.3 x86_64
On Jun 25, 2009, at 12:12 PM, John Hansen wrote: error: Failed dependencies: exim conflicts with qmail-toaster-1.03-1.3.18.x86_64 here is your second problem; you have exim installed. as the error message says, exim conflicts with qmail-toaster. you need to uninstall it before you can continue. $ sudo yum remove exim as a general principle, look at the very first error that you encounter, and make sure you understand what it means before you proceed further; in this case, all the successive errors stemmed from the fact that you hadn't successfully installed the qmail-toaster package, and the error message i quoted explains why. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
[qmailtoaster] bl.csma.biz not responding to queries
hello folks! are any of the rest of you seeing DNS timeouts from the bl.csma.biz blacklist? yesterday morning i started seeing intermittent slow SMTP response from my server; i finally got around to debugging and discovered that this blacklist had stopped responding. i mention this only because this is one of the default blacklists installed by `qtp-set-rbls -tight`, so some of you may be being bitten by this problem as well. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] bl.csma.biz not responding to queries
On Jun 17, 2009, at 2:00 PM, Eric Shubert wrote: Thanks, Steve. I have removed it from the blacklist-tight file in the svn repository, so the next QTP version (1.3.11) will not contain it. For those who are running the tight configuration, you can remove it from /etc/blacklist-tight, then re-run `qtp-set-rbls -tight`. that would be /opt/qmailtoaster-plus/etc/blacklists-tight, but yes :) thanks for the quick fix! i've opened a ticket in the QTP trac concerning this and some other RBL issues. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] List service issue (need to turn off authorization responses)
On Jun 11, 2009, at 1:15 PM, Patrick Ring wrote: I've figured out how to make it so only his (moderator) address can be the only authorized sender, but the list persists in asking to send an ACCEPT email to authorize sending the messages. I've set it so only moderators can post and all others bounce, but I can't seem to find a setting that makes it just send a message without sending a authorize/accept response. in the list configuration directory (/home/vpopmail/domains/domain/ listname ) there is a file called 'editor'; this file describes the pipeline through which each incoming message to the list gets passed. you need to know what each of the steps in this pipeline does, why it is there, and what the various arguments and options mean. fortunately, each of the ezmlm-* commands comes with a man page :) -steve p.s. i suspect you want the focus on the ezmlm-store command, particularly with the -s option. -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] Creating e-mail users with VQAdmin vs. Qmailadmin
On May 19, 2009, at 11:20 AM, Eric Shubert wrote: Once again, I'd like to recommend that vqadmin be dropped from QMT. The problems it has appear to outweigh the benefits it provides, especially now that qcontrol is available. Does anyone have any objections to this? I think it deserves some discussion. i have no objection per se to dropping vqadmin; however, it seems a bit disingenuous to propose QControl as the appropriate replacement, given that it's commercial software. a statement such as vqadmin is broken, so we're dropping it; you'll need to use the command-line tools to add and delete domains would, i think, do a better job of setting appropriate expectations in the minds of users who don't follow this list. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v http://five.sentenc.es smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] clamav-toaster-0.95
On Mar 31, 2009, at 9:10 AM, Jake Vickers wrote: I was hoping someone on the list would make me aware of updates. I'm already subscribed to 20+ mailing lists and really don't want to sub to another. i'm not subscribed to the clamav mailing list, but i learn about new versions from my daily logwatch emails: --- begin paste --- Received signal: wake up ClamAV update process started at Sun Mar 29 12:02:56 2009 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.94.2 Recommended version: 0.95 DON'T PANIC! Read http://www.clamav.net/support/faq main.cld is up to date (version: 50, sigs: 500667, f-level: 38, builder: sven) Trying host db.us.clamav.net (65.120.238.5)... Downloading daily-9179.cdiff [100%] daily.cld updated (version: 9179, sigs: 37725, f-level: 41, builder: sven) WARNING: Your ClamAV installation is OUTDATED! WARNING: Current functionality level = 38, recommended = 41 --- end paste --- -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] perl-Getopt-Long conflict with qtp-newmodel
On Mar 24, 2009, at 10:24 AM, Thomas M. Jaeger wrote: Did “yum update –y” and qmailtoaster-plus updated. Then when trying to run qtp-newmodel through qtp-menu, all current toaster packages download for install. However, when qtp-newmodel tries to update perl modules, I get a “Transaction Check Error” that states a man file conflict between perl-Getopt-Long and a file with perl-5.8.8-15.el5_2.1. Below is the perl install section of qtp- newmodel. Running on CentOS 5.2 (yum updated to all current packages). I tried to search the archives but had no success finding any similar problem. Maybe I am not searching correctly or you might have a new suggestion as what I should do to get updated? ok, there are two problems in play here: 1) you have not configured yum to prevent third-party repositories from clobbering system packages. to do this, follow the instructions here: http://wiki.centos.org/PackageManagement/Yum/Priorities however, just doing this will not be sufficient to help you... 2) qtp-newmodel uses RPM package names (following the rpmforge naming convention) to model Perl dependencies; a better way is to use RPM's own Perl-specific dependency format, e.g. 'perl(LWP::UserAgent)' instead of 'perl-LWP-UserAgent'. this enables yum to be more flexible about dependency solving and not try to install a third-party package which will conflict with an existing core package. attached is a patch to qtp-newmodel which makes the appropriate changes; i just did a cursory test on my own system, and it seems to work OK. Jake, please consider merging it for a future release? FYI, if QmailToaster needs specific versions of Perl modules, RPM's Perl dependency syntax supports that as well, e.g. 'perl(LWP::UserAgent) = 5.805' instead of 'perl(LWP::UserAgent)'. so, to sum up: Thomas, please configure the priorities plugin to protect your core packages from being clobbered. Jake, please modify qtp-newmodel so that it doesn't needlessly try to clobber core packages. :) -steve qtp-newmodel_perldeps.patch Description: Binary data -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] simscan problem
On Mar 23, 2009, at 1:28 PM, Dan Page wrote: My toaster was working fine but as of lately it seems simscan is not running clamav or spamassassin on incoming mail. running /var/qmail/bin/simscanmk -g produces: LibClamAV Error: cl_cvdhead: Can't open file /usr/share/clamav/ main.cvd LibClamAV Error: cl_cvdhead: Can't open file /usr/share/clamav/ daily.cvd simscan versions cdb file built. /var/qmail/control/simversions.cdb this sounds a lot like the problem i saw a while back around the release of clamav-toaster-0.93. are you running freshclam to get clamav database updates? if so, you may need a patched version of simscan that knows how to read the updates in the new format. i have packaged such a patch here: http://www.vecna.org/software/simscan-toaster/ please make sure that you have handy an already-built version of the stock simscan-toaster *before* you install a patched RPM, so that you can easily roll back if something goes wrong. -steve p.s. i have already submitted this update to Jake; no doubt it'll make its way into the distribution at some point, one way or another, and then i'll be able to take down this page. for the time being, have at it. :) -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] See the email that was rejected by rblsmtpd
On Mar 2, 2009, at 8:42 AM, Shai wrote: 2009-03-02 13:29:22.480904500 rblsmtpd: 118.167.135.243 pid 7727: 451 http://www.spamhaus.org/query/bl?ip=118.167.135.243 --- Now, I was wondering what this email was about, from and sent to. Is it kept somewhere for me to look? no; it was rejected. all you know about it is that the server at 18.167.135.243 tried to deliver it to you; according to the link in your logs, spamhaus lists it on two of their blacklists. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] clamav 0.94.1 availability
On Nov 18, 2008, at 7:57 AM, Eric Shubert wrote: If you use qtp-newmodel you shouldn't need to be concerned about this. ;) According to qtp-remove-pkgs script, # only packages = the specific version will be removed remove_older=\ clamav-toaster-0.92.1-1.3.17 \ I believe it'd be ok to update it directly. I hope we find out soon if that's not the case (so I can modify the qtp-remove-pkgs script appropriately). i can confirm that updating with qtp-newmodel was successful for me (CentOS 5 i386); i would be awfully surprised if manually building and installing the RPM produced different results. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
[qmailtoaster] updated ezmlm?
hey folks, i'd like to request a version bump of the ezmlm bundled with qmailtoaster. as best i can tell, we're currently shipping 0.40; the current stable version of that old branch is 0.444, so that would be the minimum increase. that branch is dead, though; the current stable branch is 5.x (there are apparently some changes), and there's also a development branch, 7.x. these newer versions include significant bugfixes and functionality improvements; i discovered their existence while searching for a way to get ezmlm to accept messages from SRS-rewritten sender addresses (functionality added in the 7.x branch, btw). i'll see if i can put up a testing VM and try packaging one of the newer versions of ezmlm; if i have any success, i'll send along my results. would this be of use to anybody else? i find it hard to believe i'm the only qmailtoaster user running mailing lists :) thanks, -steve --- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] import a list of users
On Oct 3, 2008, at 2:52 PM, Kyle Quillen wrote:
Yea i looked in there but the script below was all that I could find
and that will just set the users passwords to a default pass how
would I modify the script to look at the txt file for all the info?
well, if you populate the script in the format Firstname Lastname
Username Password, then you can change the while line to
while read FIRSTNAME LASTNAME USERNAME PASS
and it'll do what you want.
-steve
#!/bin/sh
#
# BULK USER ADDING FOR QMAIL TOASTER
#
# Created after I ran into an issue of creating 20,000 users on my
toaster!
# Initial ideas come from a script that PakOgah [EMAIL PROTECTED]
# helped me with.
# Still very manual, but Work in Progress
#
# Suggestions to [EMAIL PROTECTED]
#
# Change a few variables and you are good to go
#
#
# Location of the users file
# Rememeber that the users file is in the format
# Firstname Lastname Username
USERS_FILE=/path/to/file.txt
# The mail domain to which users are created
#
MAILDOMAIN=@domain.com
# the vadduser command
QMAILADD=/home/vpopmail/bin/vadduser
# Select a default password for all users
PASS=mypass
#Specify the Default Quota_in_bytes for your Users
# 10 MB = 10 x 1024 x 1024
QUOTA=10485760
#Fun starts here No more variables to change below this line
cat ${USERS_FILE} | \
while read FIRSTNAME LASTNAME USERNAME
do
echo adding the user: $USERNAME
$QMAILADD -q $QUOTA -c $FIRSTNAME $LASTNAME $USERNAME
$MAILDOMAIN $PASS
done
#
-Original Message-
From: news on behalf of Eric Shubert
Sent: Fri 10/3/2008 12:07 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] import a list of users
Kyle Quillen wrote:
All,
I have a listing of roughly 900 emails that I have to import to a
toaster. I already have the server up and running and I have the
list
in a comma seperated txt file but how do I do a bulk add of the
users.
Thanks
Q
Have you forgotten the wiki? ;)
--
-Eric 'shubes'
-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
winmail
.dat
-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
If this were played upon a stage now, I could condemn it as an
improbable fiction. - Fabian, Twelfth Night, III,v
smime.p7s
Description: S/MIME cryptographic signature
Re: [qmailtoaster] QControl
On Sep 16, 2008, at 9:44 AM, Jake Vickers wrote: There are a few code-cleanup items that need to be completed, as well as a couple features that need to be added. Suggestions are welcome to the address provided on the site. when adding or editing a domain, the quota config field is labeled Quota in Bytes: (10M = 10 MB). this led me to believe that i could specify quota in the syntax 50M, but doing that produces an error of Please enter numbers only for the quota! Hit your BACK button to correct this. is this functionality that hasn't been implemented yet? if not, it might be a good idea to change the field text. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v smime.p7s Description: S/MIME cryptographic signature
Re: [qmailtoaster] Clamav - Is thre a better way
On Jul 9, 2008, at 9:49 AM, Jake Vickers wrote: Richard Baxant wrote: So, is there a simpler way to get realtime updates without waiting for an outdated src.rpm being released? If you install the src.rpm and look at the files you will see all of the changes that need to be made in the spec file. Download the source from clam, patch for the toaster, and rebuild your own RPM. better yet, rebuild your own RPM, test it, put your new SRPM online, and notify the rest of us :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] QMT slowly breaking?
On Jun 5, 2008, at 10:24 AM, Jake Vickers wrote: [EMAIL PROTECTED] wrote: Parsing package install arguments No Match for argument: perl-Net-SMTP Nothing to do Try installing the rpmforge repos and running again: https://rpmrepo.org/RPMforge/Using i fear i'm missing something obvious, but perl(Net::SMTP) is provided by the base perl RPM in CentOS 4. `yum install perl-Net-SMTP` is never going to work; the script would need either to `yum install perl-Net-SMTP-Multipart` (if it actually needs that module) or just be happy with the Net::SMTP that's already installed. does that sound right? my CentOS 5 toaster doesn't have a perl-Net-SMTP RPM installed. thanks, -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] investigating a spurious SPF rejection
Hello folks! I'm trying to figure out why my toaster rejected a particular email over the past weekend. The remote correspondent, [EMAIL PROTECTED], was sending to a valid user on one of my domains. crowcastle.net publishes a SPF record, which appears to be valid; according to the SPF tester at http://www.kitterman.com/spf/ validate.html (and also http://www.openspf.org/Why?id=cat% 40crowcastle.netip=76.96.30.56receiver=mail.vecna.org), it seems this message should have been accepted. However, I see the following messages in my smtp log: 04-18 17:41:23 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote QMTA06.emeryville.ca.mail.comcast.net:unknown:76.96.30.56 rcpt : sender accepted 04-18 17:41:24 qmail-smtpd: spf-reject: HELO (QMTA06.emeryville.ca.mail.comcast.net) from 76.96.30.56. MAILFROM:[EMAIL PROTECTED] 04-18 17:42:24 tcpserver: end 6561 status 0 04-18 17:42:24 tcpserver: status: 0/100 /var/qmail/control/spfbehavior is set to 3, so the message was bounced; what further debugging can I do to determine why? At the time, I was running the current release of all the toaster packages except for clamd (I installed the clamd update earlier this morning), on CentOS 5. Thanks for any assistance you can provide. -Steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS, smtproutes and credentials
On Apr 18, 2008, at 10:41 AM, Dan Herbon wrote: And just to make sure I am reading correctly. If the domains on my server I want to forward are bob.com emaildomain.com and the destination smtp.encryptedmailserviceimusing.com then I would do: Bob.com:smtp.encryptedmailserviceimusing.com username password emaildomain.com:smtp.encryptedmailserviceimusing.com username password I'd put each domain on a separate line correct? And if I want to forward all mail I would just do :smtp.encryptedmailserviceimusing.com username password looks good. iirc smtproutes are not case-sensitive; can anyone else confirm that? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS, smtproutes and credentials
On Apr 18, 2008, at 10:31 AM, Dan Herbon wrote: Now my problem. The service requires that I “Enable TLS on your mail server for all outgoing mail.” I have username and password credentials provided by this service. The server won’t accept my mail unless the credentials are included. How would I configure TLS to provide the credentials? documented here: http://wiki.qmailtoaster.com/index.php/Smtproutes :remote_server_address username password :) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] simscanmk -g throws LibClamAV error
Hello folks! I recently upgraded from an ancient QmailToaster to the latest version, migrating to a new machine in the process. qtp-backup, qtp- newmodel, and qtp-restore are *wonderful*. :) Unfortunately, I now see an error every time I run simscanmk -g: 'LibClamAV Error: cl_cvdhead: Can't open file /usr/share/clamav/ daily.cvd'. I checked, and indeed that file is not present on my system. I did some research and got the impression that as of a recent version, ClamAV no longer downloads all its daily upgrades as one big daily.cvd, but instead downloads individual patches into daily.inc; is that correct? There is, apparently, a patch that resolves this issue: http://qmail.jms1.net/simscan/ And more information here: http://www.antagonism.org/mail/simscan.shtml Is this fix already in QmailToaster? Are other people seeing this problem? thanks, -Steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] qmailtoaster doesn't recognize [EMAIL PROTECTED]
hello folks! according to the ezmlm-idx faq, the user's guide, and the admin's guide, i'm supposed to be able to allow subscribers to post to a list using alternate addresses (http://mail.inter7.com/images/qmailadmin/ help/ezman/ezman-3.html, section 3.2) supposedly i can add addresses to this database either by sending email to list-allow-subscribe@server or by running `ezmlm-sub path-to-list/allow address`. however, while both procedures seems to complete without errors, ezmlm still rejects mail from the addresses i add. is this functionality implemented in qmailtoaster? i am, unfortunately, running an older version of the toaster; if the answer is the bug is fixed in a later version, that's good enough for me. has anyone else done this successfully? thanks, -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to smtp-auth
On Sep 10, 2007, at 8:52 AM, miguel velasco wrote: Hi, I´d like to know what patch should I install to send emails in qmailtoaster with smtp authentication mode. Nowadays I download my emails fron my ISP with fetchmail and injet them successfully to Qmailtoaster. And I´d like to send all the email by my ISP with authentication mode. I have read about qmail-smtp auth and qmail-remote auth for qmail but I don´t know if the way of installation and configuration is the same for qmailtoaster. I´v tried adding to smtproutes the login and password as follows: [EMAIL PROTECTED] etc]# cat /var/qmail/control/smtproutes mydomain.es:smtp.mydomain.es login password the problem is in this line. this line tells qmail to use smtp.mydomain.es (with the provided credentials) for all email being sent to mydomain.es. however, in your test message, you're not sending to mydomain.es; you're sending to gmail.com. the line in smtproutes should look like this: :smtp.mydomain.es login password this tells qmail to send *all* outbound mail through your ISP's mail server. hope this helps, -steve p.s. http://wiki.qmailtoaster.com/index.php/Smtproutes -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] IMAP-IDLE / findings...
On Jul 17, 2007, at 7:25 AM, Jake Vickers wrote: I don't own an iPhone, but can you tell me where the plugin comes from, and possibly some more details? I'd like to put something on the wiki on this (I have a Treo 700w myself), and I'm sure I'll be needing this in the future, since one of my clients just activates 38 iPhones. Thanks. IMAP-IDLE plugin for Mail.app: http://www.rothwell.us/imapidle/ index.html v1.06 didn't work for me (Mail.app crashed repeatedly immediately after starting) but 1.07-pre3 works fine. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] aimm.museum domain name
On May 17, 2007, at 10:47 AM, Eric Shubes wrote: aimn.museum is apparently a valid domain, but has no MX record and thus cannot receive outside email: $ host aimn.museum aimn.museum has address 195.7.77.20 $ host -t mx aimn.museum aimn.museum has no MX record $ typo, Eric :) --- begin paste --- $ dig -t mx aimm.museum ; DiG 9.3.2 -t mx aimm.museum ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 34978 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 6 ;; QUESTION SECTION: ;aimm.museum. IN MX ;; ANSWER SECTION: aimm.museum.86400 IN MX 110 mx3.megamailservers.com. aimm.museum.86400 IN MX 10 mx1.megamailservers.com. aimm.museum.86400 IN MX 100 mx2.megamailservers.com. ;; AUTHORITY SECTION: aimm.museum.86400 IN NS ns1.meganameservers.com. aimm.museum.86400 IN NS ns2.meganameservers.com. aimm.museum.86400 IN NS ns3.meganameservers.com. ;; ADDITIONAL SECTION: mx3.megamailservers.com. 86400 IN A 216.251.32.73 mx1.megamailservers.com. 86400 IN A 216.251.32.71 mx2.megamailservers.com. 86400 IN A 216.251.32.72 ns1.meganameservers.com. 86400 IN A 216.251.32.100 ns2.meganameservers.com. 86400 IN A 216.251.32.101 ns3.meganameservers.com. 86400 IN A 64.29.144.65 ;; Query time: 34 msec ;; WHEN: Thu May 17 10:49:39 2007 ;; MSG SIZE rcvd: 274 --- end paste --- so, there do indeed seem to be valid nameserver records, and from what i can see, they're nominally properly configured: --- begin paste --- $ telnet mx1.megamailservers.com 25 Trying 216.251.32.71... Connected to mx1.megamailservers.com. Escape character is '^]'. 220 mail69c0.megamailservers.com ESMTP Sendmail 8.13.6.20060614/8.13.1; Thu, 17 May 2007 10:52:21 -0400 HELO lirael.hmdc.harvard.edu 250 mail69c0.megamailservers.com Hello lirael.hmdc.harvard.edu [140.247.116.52], pleased to meet you MAIL From: [EMAIL PROTECTED] 250 2.1.0 [EMAIL PROTECTED]... Sender ok RCPT To: [EMAIL PROTECTED] 250 2.1.5 [EMAIL PROTECTED]... Recipient ok QUIT 221 2.0.0 mail69c0.megamailservers.com closing connection Connection closed by foreign host. --- end paste --- so, what happens when you try to send mail to this user? do you get a bounce message? do you see entries in your log showing the mail going out? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spam - did moderate
On Apr 16, 2007, at 7:25 PM, Jim Shupert, Jr. wrote: Friends, In my ongoing battele against SPAM ... I have done blacklists-moderate -r zen.spamhaus.org -r bl.spamcop.net -r list.dsbl.org -r cbl.abuseat.org But I am thinking I must have something amiss... out of 200 emails only 8 were marked spam.. this is because these blacklists go into effect before SpamAssassin does; only the mail that makes it past the blacklists is ever even scanned by SpamAssassin. to put it another way: the blacklists stopped so much spam that they only let by 8 false positives out of 200 emails. that's not great, but how does it compare to how you were doing before? There must be a log that I can look at that will show me how hard it is working. How can I 'see' more about what simscan - spamassassin is doing? look at /var/log/qmail/smtp/current and grep for rblsmtpd; every time you see a line that looks like this: 2007-04-16 19:35:39.092940500 rblsmtpd: 70.23.21.6 pid 2015: 451 http://www.spamhaus.org/query/bl?ip=70.23.21.6 it means that rblsmtpd refused an incoming SMTP connection based on a blacklist (in this case spamhaus). you can pipe the output of the grep through tai64nlocal to convert the datestamps to local time. if you have the qmailmrtg-toaster package installed (which you probably do), look at http://your.toaster.com/stats-toaster/ and find the Smtp Allow/Deny section; you'll see graphs documenting how many SMTP connections are being denied. -steve -- If this were play'd upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin can't find HTML::Parser
On Mar 2, 2007, at 8:50 AM, [EMAIL PROTECTED] wrote: Hello I have installed HTML::Parser through Webmin as well as CPAN shell. Spamassassin won't build and here is the error message: # rpmbuild --rebuild --with cnt40 spamassassin-toaster-*.src.rpm Installing spamassassin-toaster-3.1.7-1.3.6.src.rpm error: Failed build dependencies: perl(HTML::Parser) is needed by spamassassin- toaster-3.1.7-1.3.6.i386 HTML::Parser is version 3.56. I have uninstalled and reinstalled again, build still fails. At command line, perl -e 'use HTML::Parser' succeeds. Suggestions appreciated (maybe try an older version of HTML::Parser?), this same issue came up just a few weeks ago: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/ msg11781.html -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] dependency failure for HTML::Parser
On Feb 21, 2007, at 2:44 PM, Dustin Krysak wrote: Hi there - I am going through an install on a centos 4.4 machine. Now when thet install script gets to the spam assasin portion, it errors out with the failed dependency of a perl CPAN module... HTML:Parser. I know in fact this is installed, and even tried installign it again with: # perl -MCPAN -e shell cpan install HTML:Parser I get no build or install errors, yet when i start the qmail toaster install script, I get teh same failed dependency... Any ideas? you're manually installing this module using CPAN; that will not satisfy the RPM dependency. at least two options are available to you: 1) use yum to install a RPM of perl-HTML-Parser (there is quite likely one at rpmforge.net) 2) build your own RPM using cpan2rpm and install it -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Should I use qmail toaster?
On Jan 17, 2007, at 10:10 AM, Dave wrote: What exactly are the licensing issues that prevent qmail from simply being folded in to the CentOS or Ubuntu disrabutions? http://cr.yp.to/distributors.html -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Should I use qmail toaster?
On Jan 17, 2007, at 10:30 AM, Dave wrote: http://cr.yp.to/distributors.html Yeah... I saw that, but I am not sure what the implications of that are Seemingly you could distribute a binary image... right? no; you may not distribute a binary image, you must distribute exactly the binary image provided by DJB (which is a tarball of / var/qmail, whereas QmailToaster uses RPMs). the version of qmail in QmailToaster includes a number of patches that differentiate it from stock qmail. same with ezmlm, daemontools, etc. do i have this right, folks? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SMTP Remote authentication
On Dec 21, 2006, at 7:47 AM, Fernando Azevedo wrote: Hi all! I've been searching and googling for some info but without any success so far, so... I come to the list again for help. Although I have static IP addresses for my mail servers (obviously) I've been struggling with my ISP because for some stupid reason some RBL like SORBS identify my addresses as DHCP addresses and therefore I've been getting blocked. As I expect that my ISP will take a loong time before understanding (and eventually solve) my problem I'm trying to have a quick fix for my e-mail delivery problems. I can use my ISP SMTP servers to relay all my mail and that way they'll not get blocked. The problem with this is that my ISP demands that I authenticate at the SMTP server with my internet account user credentials. I know sendmail has this feature from scratch and I imagine that qmail has this as well. My problem is that I cannot find where to configure this... Can anyone assist pelase? you want to take advantage of the qmail-remote-auth patch, documented here: http://wiki.qmailtoaster.com/index.php/Smtproutes in a nutshell, make sure something like this is the last line in /var/ qmail/control/smtproutes: :your.isp.mailserver.com yourusername yourpassword -steve PS: wouldn't SPF be a more reasonable approach that RBL's to fight SPAM??? only if more sites published SPF records. :) anyway, the goal of SPF is really to fight spoofing and thus theoretically cut down on spam, whereas RBLs take a content-based approach. seems to me like that two work well together; why use only one? -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Re: Issues with spam causing high load and unresponsive server
On Nov 7, 2006, at 1:30 PM, Joshua Zukerman wrote: None of those accounts exist, yet it says found existing recipient ? I don't understand that part. do you have a catchall account defined? look in qmailadmin to find out. you may want to configure your domains to drop (not bounce) messages to any undefined addresses rather then sending them to a catchall. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to disable SPF checking for secondary MX?
On Nov 2, 2006, at 6:05 AM, Slawomir Rucinski wrote: You're right. That works for IP nubers in tcprules. But small problem IP for backup MX can be changed by ikp(ipartners) without warn me. that's annoying. here are two possible solutions: 1) use a different backup MX provider; i've been very satisfied with http://rollernet.us. 2) write a script that runs `host backup-mx-server` and compares it to a previously saved value, then run it from a cron job and have it email you as soon as the address changes. if you're really brave, you could even have it automatically edit your tcprules file and restart qmail :) personally, i like the first solution better. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] ***SPAM*** Re: [qmailtoaster] ***SPAM*** Problems with URIDNSBL / SURBL
On Oct 26, 2006, at 2:18 PM, Erik Espinoza wrote: You wouldn't happen to be running CentOS 3? hm - i see a similar problem, and i am running CentOS 3. is this a known bug? is there a fix? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Imformal poll: Upon which distro are you running qmailtoaster?
currently CentOS 3; planning an upgrade to CentOS 4, once the new machine is built. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] um, RulesEmporium?
On Oct 17, 2006, at 8:03 AM, Steve Huff wrote: anyone else seeing some, um, nonstandard content at http:// www.rulesemporium.net/? I'm trying to figure out whether the web server has simply been defaced or whether it's a DNS-level problem. upon further investigation it seems that the RulesEmporium folks may have forgotten to renew their domain :( -steve --- If this were play'd upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to install QT on top of sendmail?
On Oct 5, 2006, at 4:07 AM, Quinn Comendant wrote: Because I find the Qmail - Qmail migration simpler than Sendmail - Sendmail, and installing QT is much easier than setting up Sendmail + extras. ;P do you know about Jake's backup script? http://www.v2gnu.com/qmail/backup-restore.html it may come in handy when migrating your config from one toaster to the other :) -steve --- If this were play'd upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] vpopmail + permissions + httpd
On Sep 27, 2006, at 3:26 PM, Erik Espinoza wrote: That's just bad policy. One miscoding in apache, one badly written cgi, one bug in your config and you're serving mail directories. It can be done, sure, but I'd recommend against it. mark, are you doing this in an attempt to make mailing list archives web- accessible? perhaps an alternate (and much safer) plan would look something like this: 1) set up a web-accessible directory somewhere 2) write a script that traverses /home/vpopmail/domains, identifies the appropriate list directories, and uses rsync to push changes over to the web directory 3) use cron to run this script every minute (or every five minutes, or whenever) this doesn't expose your users' mail spools to potential compromise via apache, and it also means that if anything happens to your webspace, it's easy to regenerate your mail archives by rerunning your script. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] How to install QT on top of sendmail?
On Sep 26, 2006, at 7:27 PM, Quinn Comendant wrote: I will need to find _some_ solution. What are my options, as painful as they might be? so you have the old sendmail solution running on your production hardware right now? here's my suggestion: 1) build another box 2) migrate the sendmail solution to it 3) put the other box into production for a short time 4) build your qmailtoaster on the production box 5) migrate gradually 6) retire the other box -steve --- If this were play'd upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Recommendation for the backup and restore scripts
On Sep 22, 2006, at 8:50 AM, Jake Vickers wrote: Craig Smith wrote: The backup and restore scripts are excellent, I've just spent the past 2 days testing them thoroughly for our systems and they work a charm. The only thing I came across eventually, was the lack of spamassassin backup/restore or the tcp.smtp file for access. Our local.cf for spamassassin contains a fair amount of edited items as well as 2 custom rulesets in the folder. The tcp.smtp contains several entries for various clients that are allowed to relay through us. Thanks for the suggestions and code. I need to sit down and revamp these scripts anyway. There has also been a request to include Squirrelmail configs into the backups. Soon! heh, while you're at it... a little while back i was trying to add rsync-over-ssh support to the backup/restore scripts, but got bogged down and didn't finish the project. here's my basic idea for how to do it: for backups: 1) create the tarball locally. 2) check to see if the name of the previous tarball has been saved (it would be in, say, /last-toaster-backup). 3) ssh to the backup server and check to see if there's a tarball with the same name as the file named in /last-toaster-backup; if there is, make a copy of it with the same name as the current tarball. 4) use rsync-over-ssh to push the differences between the previous tarball and the current tarball over the network (if you have a slow connection, or a large toaster installation, you should see significant savings). 5) if the rsync succeeds, delete the local copy of the current tarball. 6) ssh to the backup server and delete the previous tarball (unless you want to save multiple revisions) 7) make note of the name of the current tarball in /last-toaster-backup. for restores: 1) ssh to the backup server and find the name of the most recent tarball. 2) use rsync-over-ssh to pull a copy of the most recent tarball over to the local machine. 3) do the restore. 4) make note of the name of the current tarball in /last-toaster-backup. 5) delete the local copy of the current tarball. does this make sense? the trickiest part is keeping a persistent record of the filenames. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Recommendation for the backup and restore scripts
On Sep 22, 2006, at 11:36 AM, Jake Vickers wrote: I need to think about the rsync one for a bit. It would be easy if you didn't want it to check for previous files, and you would of course have to add keys to your authorized_keys list; unless you don't mind installing some extra packages and using SSHFS... Just some thoughts real quick. Let me think about this one a bit. true, but then you don't get the full benefit of rsync (in terms of only sending the diff over the wire). it still keeps you from needing to run a FTP service (boo!), but in that case just use sftp/ scp instead. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] backscatter
On Sep 21, 2006, at 12:49 PM, slamp slamp wrote: I followed what you did and my domain was disabled again. This is my tcp.smp file. 127.:allow,RELAYCLIENT= 208.11.75.2:allow,SPFBEHAVIOR=1,QMAILQUEUE=/var/qmail/bin/simscan 216.90.171.2:allow,SPFBEHAVIOR=1,QMAILQUEUE=/var/qmail/bin/simscan :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER _WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan I am wondering why it works for you and not for me. hm. you might want to talk to the Rollernet people about this problem; have you configured your valid user table through Rollernet's admin interface? Can you get a detailed explanation from Rollenet as to why you are being blocked? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Pyzor installation
On Sep 18, 2006, at 9:37 AM, Jake Vickers wrote: No, it's not. I installed Pyzor from source, installed the proper perl modules and then added the config to my local.cf file. I did have to create a rules in my local.cf to actually give pyzor tests a score, since they give a really low score by default. Nobody has really written a how-to yet, but I can try and do so this week if I get some time. It's really easy, though. Basically what I've already outlined. would you mind writing up your procedure, Jake? i tried to install Pyzor a while back but couldn't get it to build (on a CentOS 3 box). thanks, -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] other patches
On Sep 18, 2006, at 10:53 AM, Simone Marzona wrote: - I would like to be able to send outgoing email to smtp with autentication.. something like smtproutes but with auth. Some one can give me an hint? this document with help you with the authenticated outbound SMTP: http://www.qmailtoaster.com/qt-doc/QT-README.remote-auth -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] 3rd party spamassassin scanning service
On Sep 15, 2006, at 9:22 AM, Craig Smith wrote: If I can send smtp authentication along with it that would solve the problem, but I can't see how to do that. Is it possible or are we stuck if a domains mail server has smtp authentication on. Is there any way around the error as below? for a while, we were stuck, but apparently this is no longer the case! read this doc: http://www.qmailtoaster.com/qt-doc/QT-README.remote-auth -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] backup server
On Sep 13, 2006, at 9:23 AM, South Computers wrote: Just a thought/question. I have had a backup server running for the last year or so now, and it works great. But I was wondering if anyone out there have any thoughts on setting up the backup server to accept all pop3 connections no matter what the username/ password, but of course, deliver no mail. The problem is that when the system is in failover state, and pointing to the backup server, when a client tries to retrieve their email most email clients prompt for the username/password if they are not automatically authenticated. Often, the user will attempt to put in a different username or password, and screw up their settings, when they are in fact actually correct. i thought about this problem and hacked up a trivial POP3 server in Perl: http://www.vecna.org/software/bogopop.html it listens on 110/tcp and basically says OK to the basic set of POP commands (but always says there are no new messages). i haven't tested it beyond making sure that it does what it says it does, and i'm sure there are problems that i haven't yet run into (i have no idea how well it would scale, for example), but it might be a start of a solution. it works on a RHEL4 machine and is pretty standard, so i would assume it'll work on other Linuxes. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] backup server
On Sep 14, 2006, at 9:54 AM, South Computers wrote: Cool! Thanks Steve! I'll give it a shot... Also I'm wondering if I can just change the supervise script for the qmail pop3 daemon somehow to allow this.. Haven't had the chance to play with it yet though. i'm sure you could; however, bear in mind that if there's already a real pop3 server running on the system, this script will not work. you'd have to disable the real pop3 server and change /var/qmail/ supervise/pop3/run so that it looks something like exec /usr/bin/softlimit -m 900 path/to/bogopop.pl 21 (i just made that up; i have not verified it! don't take my word for it!) you'd then lose the benefits of running under tcpserver... hm. it might make more sense to look at what qmail-pop3d does, write a specific replacement for that (rather than a generic trivial pop3 server), and then put that in the existing supervise script, behind qmail-popup and tcpserver. on the other hand, you may not want qmail- popup running if your backup mail server doesn't have access to your user database. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin/bayes not working well?
On Aug 14, 2006, at 6:03 PM, Jared Markell wrote: I've been training spamassassin's Bayesian for awhile now using a crontab job. It sa-learns usually 200 spams a day and usually some Ham we can let it chew on. But no matter how hard we try, spamassassin.. just.. well, sucks. Some things are being marked as spam, but a LOT is not. Here are sample headers from one of the emails that was being marked as spam, and it tells me that Bayes is actually HELPING spam get through.. any ideas on how to fix this? Is my Bayes library corrupt? How can I fix it? another thought: configure one or more of the distributed spam checksum services (Razor2, Pyzor, DCC). i recently set up Razor2 according to the instructions here () and it seems to be working fine, imposing only a minimal load on my creaky server. also, for Jake: have you seen this spam-training script? http://www.ruwenzori.net/code/teach-sa/ it's a bit more complex than the sa-learn script you have on your site; however, it not only processes spam/ham into SA's Bayesian DB but also reports them back to Razor2/Pyzor/DCC, if they are configured on the system. i haven't had time to test it out yet, but it looks worthwhile; might it perhaps be a candidate for inclusion in a future Toaster release? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Spamassassin/bayes not working well?
On Aug 17, 2006, at 9:44 AM, Steve Huff wrote: On Aug 14, 2006, at 6:03 PM, Jared Markell wrote: I've been training spamassassin's Bayesian for awhile now using a crontab job. It sa-learns usually 200 spams a day and usually some Ham we can let it chew on. But no matter how hard we try, spamassassin.. just.. well, sucks. Some things are being marked as spam, but a LOT is not. Here are sample headers from one of the emails that was being marked as spam, and it tells me that Bayes is actually HELPING spam get through.. any ideas on how to fix this? Is my Bayes library corrupt? How can I fix it? another thought: configure one or more of the distributed spam checksum services (Razor2, Pyzor, DCC). i recently set up Razor2 according to the instructions here () and it seems to be working fine, imposing only a minimal load on my creaky server. oops, these instructions: http://wiki.apache.org/spamassassin/RazorSiteWide also, for Jake: have you seen this spam-training script? http://www.ruwenzori.net/code/teach-sa/ it's a bit more complex than the sa-learn script you have on your site; however, it not only processes spam/ham into SA's Bayesian DB but also reports them back to Razor2/Pyzor/DCC, if they are configured on the system. i haven't had time to test it out yet, but it looks worthwhile; might it perhaps be a candidate for inclusion in a future Toaster release? on second thought, this script would need some modification to fit in with Qmail-Toaster. still worth a look, though. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] some emails not being checked for spam
On Aug 15, 2006, at 11:13 AM, Jared Markell wrote: Still trying to figure out why my server still lets so much spam through.. it's unbelievable. I disabled Bayes as it doesn't even look like it's working, and dropped the spam required rating, and that helped a lot. However, it appears a lot of messages aren't even getting scanned, and I don't know why? It appears to happen on splits/aliases (forwards).. does this ring a bell? Sample header below... hm. have you run a test similar to the following: # spamassassin -D --test-mode /usr/share/doc/spamassassin-toaster*/ sample-spam.txt do you see SA complaining about not being able to do things, or does everything look ok? also, have you checked /var/log/qmail/spamd/current to make sure SA isn't throwing error messages? for a long time my Bayesian db wasn't getting built because of wrong permissions on files in /etc/mail/ spamassassin/.spamassassin, and so Bayesian filtering was useless. finally, have you added any additional rules (perhaps by using RulesDuJour)? which ones? and even before SA gets invoked; what's the contents of /var/qmail/ control/blacklists? as i posted recently, you might want to enable DNSBL lookups in SA as well as in rblsmtpd, and also enable SURBL lookups in SA; to do so, you need to add loadplugin Mail::SpamAssassin::Plugin::URIDNSBL to / etc/mail/spamassassin/local.cf and change skip_rbl_checks 1 to skip_rbl_checks 0. if you do this, then even if the spam isn't coming directly from a blacklisted host (which should cause rblsmtpd to reject it outright), if there's a blacklisted host somewhere in the mail routing chain it'll increase the SA score. don't forget to run `spamassassin -D --lint` after each change you make to the SA config! -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] surbl not kickin in
On Aug 10, 2006, at 1:50 AM, Eric Shubes wrote: Heh, I just noticed something else. In my SA book (O'Reilly, Alan Schwartz), it says that the URIDNSBL plugin is loaded by 25_uribl.cf (SA3.0). I don't see it (25_uribl.cf tests to see if URIDNSBL is loaded though). Does anyone know where/if this is loaded in the default SA distribution? on my moderately out-of-date toaster, the URIDNSBL module is not loaded by default; i had to add the following line to /etc/mail/ spamassassin/local.cf: loadplugin Mail::SpamAssassin::Plugin::URIDNSBL (and, incidentally, i had to do the same thing for Mail::SpamAssassin::Plugin::URIDNSBL to get SA to filter based on SPF status). i'm hoping that the fact that local.cf gets processed after 25_uribl.cf doesn't do any harm; it doesn't seem to so far. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] SpamAssassin and SURBL
On Aug 10, 2006, at 9:53 AM, Jamie Thom wrote:
I'm also happy the revised version of the SURBL instructions on the
wiki work so I've edited it again to remove my old version.
If you're using a bunch of rbls in your blacklists file I suspect
you'll want to edit 25_uribl.cf and comment out
#uridnsbl URIBL_SBL sbl.spamhaus.org. TXT
#body URIBL_SBL eval:check_uridnsbl('URIBL_SBL')
#describe URIBL_SBL Contains an URL listed in the SBL
blocklist
#tflags URIBL_SBL net
#reuse URIBL_SBL
As well as set skip_rbl_checks to 1 in local.cf? ...to avoid
duplication of effort as Eric suggests. Though I suspect that info
doesn't necessarily belong in that location in the wiki.
first off, if you do this you'll also need to edit /usr/share/
spamassassin/50_scores.cf and comment out the line
score URIBL_SBL 0 0.629 0 0.996
since otherwise SA will complain that you're assigning scores to a
nonexistent rule when you run `spamassassin -D --lint` (which is a
good idea to run after every change you make to the SA config)
on the other hand, if your system is not tight on resources, i would
recommend not doing this. why? because in my experience so far,
rblsmtpd is only effective on messages that are relayed from a
blacklisted host directly to you. even after i added more servers
to /var/qmail/control/blacklists, i was still receiving significant
amounts of spam, since spammers were relaying mail through open
relays, but the spams were passing through trusted systems before
they got to me, and so rblsmtpd was letting them in.
now that i've enabled SURBL and DNSBL checks in SA, even though those
spams still get in, they're accurately tagged so that my users' MUAs
can deal with them appropriately.
-steve
--
If this were played upon a stage now, I could condemn it as an
improbable fiction. - Fabian, Twelfth Night, III,v
-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] surbl not kickin in
On Aug 10, 2006, at 11:37 AM, Eric Shubes wrote: Where'd you get the idea that local.cf is processed after 25_uribl.cf? It looks to me to be the other way around. My 25_uribl.cf (current toaster release) contains ifplugin Mail::SpamAssassin::Plugin::URIDNSBL at the beginning, so I'm guessing that if it's not loaded by then, the rule doesn't fire. Besides which, since local.cf contains things such as skip_rbl_checks, wouldn't it have to be processed first? $ spamassassin -D --lint cut debug: using /usr/share/spamassassin for default rules dir cut debug: config: read file /usr/share/spamassassin/25_uribl.cf cut debug: using /etc/mail/spamassassin for site rules dir cut debug: config: read file /etc/mail/spamassassin/local.cf that's why :) on the other hand, since it's Perl, it seems reasonable that all the config files are probably read and parsed into a big data structure, and then all the conditional logic gets applied, so that hopefully the only issue related to precedence is when you redefine the same value somewhere else (which is kind of the point of having local.cf load last, so that you can clobber any default values that are set elsewhere without needing to hack on the files in /usr/share/ spamassassin any more than necessary). right now i'm not up for diving into Mail::SpamAssassin::Conf and figuring out what really happens, though. anyone? -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
