[qmailtoaster] Help request to comunity on tech issue.
Hello everyone I am the owner of a growing hosting enterprise in my country (Perú), and we are facing big rise on our client number. As an efect of this we are seeying a rise in mail outbound in our servers. Even thoug we put limits to hourly sending, having more than 9k clients, all delivering through the same cluster, it lacks of efectiveness because each server in cluster uses only one ip for sending tasks. We are now seeying blocking issues because of the many clents generated traffic. We talked to some people at godaddy and hostgator, as we know they use a cluster system that includes on each server a list of IPs that rotates in a random fashion, so even with high demand quality service on mail delivery from client accounts is always achieved. I would like to ask for some guidance and help to this comunity on how can we could implement such solution to rotate in a random or other way the IPs for sending clients mails. I hope you people can see my situation and can help me with this. We used to work with exim, but since we changed to QMT it was the best desition we ever made on this matters. Now we need to push it to a next level. Thanks a lot.
Re: [qmailtoaster] Re: Help request to comunity on tech issue.
Hello Eric, thanks for your reply. We do not have spam issues with our customers, what we have is a high volume due to large clients number. All meassures to void spam sending are taken, but the blocks are being generated for large volume send from just a bunch of IPs (5) which are the number of mta's qmt in our cluster. As all you may know, having 9k clients with at least 4 email accounts per client and a limit of 350 per hour per account, it is still a big traffic generated. So I am looking forward to have better service on delivery having in mind that custmer number is growing fast and anti-spam messures do its job preatty good. But of the lack of IP on each mta in cluster, it is affecting delivery. Hope someone around may share a solution. Thanks. On lun 21/05/12 4:55 PM , Eric Shubert e...@shubes.net sent: I don't know if rotating addresses is the best solution or not. It's certainly not practical for small QMT installations. I think in many (if not all or most) of these cases, the user's password has been compromised. This is especially likely if it's possible to configure a client insecurely (plain text password with no TLS/SSL). I've seen this happen on more than one occasion, on a small domain. Password sniffing does happen. First step is to ensure that clients cannot attempt to authenticate with clear text passwords. This can be enforced with dovecot, but we don't have a way yet to enforce it on the sending/smtp side. I'm hopeful that Sam will get this feature built into spamdyke in the near future. Another good defensive weapon is a script I came across on the spamdyke list today, and hope to make available in some form with QTP in the future. It's a script that periodically checks the logs for accounts which have sent more messages in a given interval than some allowed limit. When it finds such an account, it changes the password, removes messages from that account still in the queue, and notifies the postmaster with an email. I think this is very practical, because passwords do become compromised on occasion, even with full encryption (human action). The script is written in python, and will need a little tweaking for the QMT environment, as it's presently written to scan a spamdyke log (the author wasn't using the submission port at all). I think it'd be better to scan the send log if that's feasible. Anywise, I think this approach is promising. If anyone has any thoughts on this, please chime in. It's in everyone's interest to be protecting our public IP addresses so they don't get blacklisted. Thanks. -- -Eric 'shubes' On 05/21/2012 01:42 PM, fmende...@terra.com [1] wrote: Hello everyone I am the owner of a growing hosting enterprise in my country (Perú), and we are facing big rise on our client number. As an efect of this we are seeying a rise in mail outbound in our servers. Even thoug we put limits to hourly sending, having more than 9k clients, all delivering through the same cluster, it lacks of efectiveness because each server in cluster uses only one ip for sending tasks. We are now seeying blocking issues because of the many clents generated traffic. We talked to some people at godaddy and hostgator, as we know they use a cluster system that includes on each server a list of IPs that rotates in a random fashion, so even with high demand quality service on mail delivery from client accounts is always achieved. I would like to ask for some guidance and help to this comunity on how can we could implement such solution to rotate in a random or other way the IPs for sending clients mails. I hope you people can see my situation and can help me with this. We used to work with exim, but since we changed to QMT it was the best desition we ever made on this matters. Now we need to push it to a next level. Thanks a lot. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com [2] For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com [3]
Re: [qmailtoaster] Help request to comunity on tech issue.
Hello Natalio, do you have a precise example on how to implement this? Thanks. On lun 21/05/12 4:35 PM , Natalio Gatti nga...@gmail.com sent: I can only think in one solution. Via iptables and src-nat. Not so-random, but you can change your outbound IP address every minute. And AFAIK, once a connection has been established, the nat table mantains the translation. On Mon, May 21, 2012 at 5:42 PM, wrote: Hello everyone I am the owner of a growing hosting enterprise in my country (Perú), and we are facing big rise on our client number. As an efect of this we are seeying a rise in mail outbound in our servers. Even thoug we put limits to hourly sending, having more than 9k clients, all delivering through the same cluster, it lacks of efectiveness because each server in cluster uses only one ip for sending tasks. We are now seeying blocking issues because of the many clents generated traffic. We talked to some people at godaddy and hostgator, as we know they use a cluster system that includes on each server a list of IPs that rotates in a random fashion, so even with high demand quality service on mail delivery from client accounts is always achieved. I would like to ask for some guidance and help to this comunity on how can we could implement such solution to rotate in a random or other way the IPs for sending clients mails. I hope you people can see my situation and can help me with this. We used to work with exim, but since we changed to QMT it was the best desition we ever made on this matters. Now we need to push it to a next level. Thanks a lot.
[qmailtoaster] CentOS 6 install update?
Hello, anyone may tell me if there is any updates on scripts to install qmailtoaster on CentOS 6 without any issues? Thanks.
Re: [qmailtoaster] Help needed with Qmail-Toaster setup
oh! it was automatic, off now. Sorry. On dom 05/02/12 12:59 PM , Bharath Chari qmailtoas...@arachnis.com sent: On Sunday 05 February 2012 06:49 AM, fmende...@terra.com wrote:Well this is the scenario. Can you please turn off return receipts on mail sent to the list. Thanks Bharath - Esta mensagem foi verificada pelo E-mail Protegido. Este mensaje ha sido verificado por el E-mail Protegido.
Re: [qmailtoaster] Help needed with Qmail-Toaster setup
Hey Peter, thanks for the answeres. About been permisive with spam, thats never something we do. We actually suspend and then ban the users that by using our services causes spam complaints or RBL listings (which demonstrates that the list they use is harvested). We ZERO tolerant to spam. Although the emailing usage is a growing issue. I already read the link you share, but that is only if you have multiple domains assigned to a singular and different ip to each one. This is not the case. Hopefully some one around may share a solution. Thanks a lot. On dom 05/02/12 6:23 AM , Peter Peltonen peter.pelto...@gmail.com sent: Hi, On Sun, Feb 5, 2012 at 3:19 AM, wrote: Well this is the scenario. With 90 customers, having between 5 to 10 email accounts, all of them sending every day no more than 300 emails/h giving as result peaks of even 270,000 emails an hour. It is simple math to That is a lot of email... know that with only 1 IP for all that outbound will at least start to be defered. To that you can add the fact that some user do send email as mailing marketing within the already set limitations but still their lists (who knows!) might and surely be plenty of haverst emails and spam-traps and complainers. So in less than a week our main IP is broken. Lowering the If it is valid marketing email (the receivers have accepted to receive the email) then I would implement a system that would somehow spread the emails sent to a longer interval of time so you won't hit any limit on the receiving side. But for me it sounds like some of your customers are sending spam? You should not encourage this, even if you make money out of it. There are rules and legislation that you can present to your customers and make them reconsider their marketing approaches. sending limits bellow 300/h is not atractive to new customers. So you see the only way to balance this issues is by changing the outbound IP in a random way or from time to time. If you still want to do this and you are 100% sure that it is legit email your users are sending, here are some approaches you could try: A quick googling revealed a patch that can assign a different ip to your qmail depending on the domain where you sent the email from: http://rno-consultores.com/mail/qmail/qmail-1.03_outgoingips.patch [2] If an IP gets blacklisted you could then quickly change the mappings. This approach would be useful as you could this way also identify the domains that do get blacklisted and investigate why it happens. You need to recompile Qmail to integrate this patch and I have never used it by myself. The other approach is a simple one: AFAIK the address used by Qmail for sending email is defined in /var/qmail/control/me So You could rather easily come up with a script that randomly writes a new hostname to that file and run that script from a cron job. Not sure if Qmail restart is needed after changing the hostname. Regards, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com [3] For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com [4] Esta mensagem foi verificada pelo E-mail Protegido. Este mensaje ha sido verificado por el E-mail Protegido.
[qmailtoaster] Help needed with Qmail-Toaster setup
Hi to all. I just build my qmail-toaster box for my sharing host business. But Im trying to protect the IPs we use for send customers emails under no more than 300/h. Since I have 90 users on that box and some users have like 10 emails each, I really need a way to protect the main IP. So what Im asking to you guys, is there a way to patch qmail-toaster so each time an email is sent it picks up a different IP from the box's IP pool (no more than 4 ips are in it)? Like a random pick up or such? I hope you guys can help me out, 'cause otherwise I will be having problems soon due to emails sent of my many clients. thanks in advantage for you kind help :) Best regards. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Help needed with Qmail-Toaster setup
Well this is the scenario. With 90 customers, having between 5 to 10 email accounts, all of them sending every day no more than 300 emails/h giving as result peaks of even 270,000 emails an hour. It is simple math to know that with only 1 IP for all that outbound will at least start to be defered. To that you can add the fact that some user do send email as mailing marketing within the already set limitations but still their lists (who knows!) might and surely be plenty of haverst emails and spam-traps and complainers. So in less than a week our main IP is broken. Lowering the sending limits bellow 300/h is not atractive to new customers. So you see the only way to balance this issues is by changing the outbound IP in a random way or from time to time. I really hope some of you guys can help me out as I've been told that this list is very helpfull with its users. Regards. On sáb 04/02/12 6:09 PM , Peter Peltonen peter.pelto...@gmail.com sent: Hi, On Sat, Feb 4, 2012 at 8:10 PM, wrote: I just build my qmail-toaster box for my sharing host business. But Im trying to protect the IPs we use for send customers emails under no more than 300/h. Since I have 90 users on that box and some users have like 10 emails each, I really need a way to protect the main IP. I'm wondering: what does limit you for sending more than 300 mails per hour -- your ISP? And how does they do this -- is your ISP perhaps blocking all other SMTP traffic from you than their own and they somehow limit this smart host connection? Could you maybe ask them to make an exception with your server, so you can make direct SMTP connections to the MX hosts you are delivering messages to, so you won't have to use your ISP's SMTP server as a smart host? Or are you just afraid that if you relay your customers email you will get blacklisted because of spam they might send? For this I would rather see the solution being preventing them sending spam than changing IP addresses: forcing them to use authentication is the first obvious step. Best, Peter - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com [2] For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com [3] Esta mensagem foi verificada pelo E-mail Protegido. Este mensaje ha sido verificado por el E-mail Protegido.
[qmailtoaster] IP Rotation
Hi to all. I run a little hosting enterprise. And for more than a year I had problems with IP blocking due to clients sending mails using the same main ip. After doing some research and talking to other hosting wembasters they came with the idea to have a different set of ips but linked to the main domain of the server. Like mx1, mx2, mx3...each one of them assigned to a different IP of each other and different from the main ip, and also make them rotate each time a mail is send. So at the end any mail will come from one of the mx[N].mysharehostingdomain.com The point is that I don't know how to do this with qmailtoaster. Any ideas and help please? thanks.