Re: [qmailtoaster] chkusr settings

[Tonix - Antonio Nati]

Eric,

as far as I remember, no.

I usually suggest to use different smtp servers for public MX server and 
authenticated users server, and disable chkuser on server for 
authenticated users.


Sorry for my bad remembering, but I've dismissed my email servers five 
years ago (going to use a collegue which relies on qmail, and for which 
I've written additional code), so I don't have anymore the day by day 
feeling.


Regards,

Tonino

Il 19/09/2017 15:43, Eric Broch ha scritto:


Rajesh,Tonino:

Without even modifying qmail wouldn't chkuser be disabled completely 
with the RELAYCLIENT setting:


RELAYCLIENT=""

Eric


On 9/19/2017 3:57 AM, Tonix - Antonio Nati wrote:

Rajesh,

I don't know which version of chkuser is included in qmailtoaster.
Behaviour has changed sometimes. I always tried to configurations 
stable, but sometimes evolutions lead to a change.

So, which is the version in qmailtoaster?

About forcing to authenticate, you need the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* feature, but it exists from 2.0.9.


Check documentation in 
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html.


Regards,

Tonino

Il 19/09/2017 11:39, Rajesh M ha scritto:

Tonino,

thanks for the detailed information

just wanted a final clarification

i require chkuser for smtp authentication purpose only on port 587 for my 
customers who need unrestricted email sending with authentication.

I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
port 587.

in my chkuser_settings.h i have uncommented and recompiled qmailtoaster

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

so in my tcp.smtp, if i set

CHKUSER_START="NONE"

it should allow my customers to authenticate and send out emails without any 
chkuser checks other than smtp authentication, right ?

thanks,
rajesh



will that disable all other aspects for


- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To:qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 09:23:01 +0200
Subject:

Eric,

it looks like I told and wrote wrong instructions (and I remembered
wrong sequences in last reply).

Let's say there is a potential bug in the application, which I'm seeing
only now, after years. It is not really a code bug. It is that I wrote
something in the code and something different in documentation.

Logic (in version 2.0.9 of chkuser code) says:

  1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
 starting_value = 1 (this option is not compatible in compilation
 with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
  2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domain base (starting_value = 0)
  3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
 and NOT assigned, checkuser is disabled (starting_value = -1)
  4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 ALWAYS, checkuser is always ON (starting_value = 1)
  5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 DOMAIN, checkuser works on domains base (starting_value = 0)
  6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
 different from ALWAYS and DOMAIN, checkuser works on domains bases
 (starting_value = 0)
  7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domains base (starting_value = 0)

So, the real default is chekuser working on domains base. Other options
lead to different behaviours. If you want to disable it, you must
declare a variable and not assign it (not assign it is different than
assigning "" or empty value).

For a better code and a better usage, it should be (in red the code I
added):

 

 +#if defined CHKUSER_STARTING_VARIABLE
 +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
 +if (starting_string) {
 +if (strcasecmp(starting_string, "ALWAYS") == 0) {
 +starting_value = 1;
 +} else if (strcasecmp(starting_string, "DOMAIN") ==
 0) {
 +starting_value = 0;
 +} else if (strcasecmp(starting_string, "NONE") == 0) {
 +starting_value = -1;
 +}
 +} else {
 +starting_string = "";
 +starting_value = -1;
 +}
 +#endif

 

In such a case value "NONE" and absence of variable assign would disable
chkuser. ALWAYS would enable it forever, any other value would enable it
on domain base.

Sorry, and thanks for forcing me to read again the code.

Tonino



Hi Tonino,

When CHKUSER_START is set, or not set, the ensuing logic of chkuser
keys on the value of 'starting_value', correct?

1) CHKUSER_START="NONE" (starting_value=1)
2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
3) CHKUSER_START="" (starting_value=0)
4) 

Re: [qmailtoaster] chkusr settings

[Rajesh M]

tonino, eric

thanks for your help

it looks like setting

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

and CHKUSER_START="NONE"

compels authentication but will not check for other aspects like valid mx, 
recpient /sender format etc

tcp.smtp (tcp.smtp.587.cdb in my case) needs to be recompiled and qmail has to 
be restarted.

rajesh

- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 11:57:19 +0200
Subject:

Rajesh,

I don't know which version of chkuser is included in qmailtoaster.
Behaviour has changed sometimes. I always tried to configurations
stable, but sometimes evolutions lead to a change.
So, which is the version in qmailtoaster?

About forcing to authenticate, you need the
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* feature, but it exists from 2.0.9.

Check documentation in
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html.

Regards,

Tonino

Il 19/09/2017 11:39, Rajesh M ha scritto:
> Tonino,
>
> thanks for the detailed information
>
> just wanted a final clarification
>
> i require chkuser for smtp authentication purpose only on port 587 for my 
> customers who need unrestricted email sending with authentication.
>
> I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
> port 587.
>
> in my chkuser_settings.h i have uncommented and recompiled qmailtoaster
>
> #define CHKUSER_STARTING_VARIABLE "CHKUSER_START"
>
> so in my tcp.smtp, if i set
>
> CHKUSER_START="NONE"
>
> it should allow my customers to authenticate and send out emails without any 
> chkuser checks other than smtp authentication, right ?
>
> thanks,
> rajesh
>
>
>
> will that disable all other aspects for
>
>
> - Original Message -
> From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
> To: qmailtoaster-list@qmailtoaster.com
> Sent: Tue, 19 Sep 2017 09:23:01 +0200
> Subject:
>
> Eric,
>
> it looks like I told and wrote wrong instructions (and I remembered
> wrong sequences in last reply).
>
> Let's say there is a potential bug in the application, which I'm seeing
> only now, after years. It is not really a code bug. It is that I wrote
> something in the code and something different in documentation.
>
> Logic (in version 2.0.9 of chkuser code) says:
>
>   1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
>  starting_value = 1 (this option is not compatible in compilation
>  with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
>   2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
>  declared checkuser works on domain base (starting_value = 0)
>   3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
>  and NOT assigned, checkuser is disabled (starting_value = -1)
>   4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
>  ALWAYS, checkuser is always ON (starting_value = 1)
>   5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
>  DOMAIN, checkuser works on domains base (starting_value = 0)
>   6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
>  different from ALWAYS and DOMAIN, checkuser works on domains bases
>  (starting_value = 0)
>   7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
>  declared checkuser works on domains base (starting_value = 0)
>
> So, the real default is chekuser working on domains base. Other options
> lead to different behaviours. If you want to disable it, you must
> declare a variable and not assign it (not assign it is different than
> assigning "" or empty value).
>
> For a better code and a better usage, it should be (in red the code I
> added):
>
>  
>
>  +#if defined CHKUSER_STARTING_VARIABLE
>  +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
>  +if (starting_string) {
>  +if (strcasecmp(starting_string, "ALWAYS") == 0) {
>  +starting_value = 1;
>  +} else if (strcasecmp(starting_string, "DOMAIN") ==
>  0) {
>  +starting_value = 0;
>  +} else if (strcasecmp(starting_string, "NONE") == 0) {
>  +starting_value = -1;
>  +}
>  +} else {
>  +starting_string = "";
>  +starting_value = -1;
>  +}
>  +#endif
>
>  
>
> In such a case value "NONE" and absence of variable assign would disable
> chkuser. ALWAYS would enable it forever, any other value would enable it
> on domain base.
>
> Sorry, and thanks for forcing me to read again the code.
>
> Tonino
>
>
>> Hi Tonino,
>>
>> When CHKUSER_START is set, or not set, the ensuing logic of chkuser
>> keys on the value of 'starting_value', correct?
>>
>> 1) CHKUSER_START="NONE" (starting_value=1)
>> 2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
>> 3) 

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Rajesh,Tonino:

Without even modifying qmail wouldn't chkuser be disabled completely 
with the RELAYCLIENT setting:


RELAYCLIENT=""

Eric


On 9/19/2017 3:57 AM, Tonix - Antonio Nati wrote:

Rajesh,

I don't know which version of chkuser is included in qmailtoaster.
Behaviour has changed sometimes. I always tried to configurations 
stable, but sometimes evolutions lead to a change.

So, which is the version in qmailtoaster?

About forcing to authenticate, you need the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* feature, but it exists from 2.0.9.


Check documentation in 
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html.


Regards,

Tonino

Il 19/09/2017 11:39, Rajesh M ha scritto:

Tonino,

thanks for the detailed information

just wanted a final clarification

i require chkuser for smtp authentication purpose only on port 587 for my 
customers who need unrestricted email sending with authentication.

I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
port 587.

in my chkuser_settings.h i have uncommented and recompiled qmailtoaster

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

so in my tcp.smtp, if i set

CHKUSER_START="NONE"

it should allow my customers to authenticate and send out emails without any 
chkuser checks other than smtp authentication, right ?

thanks,
rajesh



will that disable all other aspects for


- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To:qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 09:23:01 +0200
Subject:

Eric,

it looks like I told and wrote wrong instructions (and I remembered
wrong sequences in last reply).

Let's say there is a potential bug in the application, which I'm seeing
only now, after years. It is not really a code bug. It is that I wrote
something in the code and something different in documentation.

Logic (in version 2.0.9 of chkuser code) says:

  1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
 starting_value = 1 (this option is not compatible in compilation
 with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
  2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domain base (starting_value = 0)
  3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
 and NOT assigned, checkuser is disabled (starting_value = -1)
  4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 ALWAYS, checkuser is always ON (starting_value = 1)
  5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 DOMAIN, checkuser works on domains base (starting_value = 0)
  6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
 different from ALWAYS and DOMAIN, checkuser works on domains bases
 (starting_value = 0)
  7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domains base (starting_value = 0)

So, the real default is chekuser working on domains base. Other options
lead to different behaviours. If you want to disable it, you must
declare a variable and not assign it (not assign it is different than
assigning "" or empty value).

For a better code and a better usage, it should be (in red the code I
added):

 

 +#if defined CHKUSER_STARTING_VARIABLE
 +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
 +if (starting_string) {
 +if (strcasecmp(starting_string, "ALWAYS") == 0) {
 +starting_value = 1;
 +} else if (strcasecmp(starting_string, "DOMAIN") ==
 0) {
 +starting_value = 0;
 +} else if (strcasecmp(starting_string, "NONE") == 0) {
 +starting_value = -1;
 +}
 +} else {
 +starting_string = "";
 +starting_value = -1;
 +}
 +#endif

 

In such a case value "NONE" and absence of variable assign would disable
chkuser. ALWAYS would enable it forever, any other value would enable it
on domain base.

Sorry, and thanks for forcing me to read again the code.

Tonino



Hi Tonino,

When CHKUSER_START is set, or not set, the ensuing logic of chkuser
keys on the value of 'starting_value', correct?

1) CHKUSER_START="NONE" (starting_value=1)
2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
3) CHKUSER_START="" (starting_value=0)
4) unset -v CHKUSER_START (starting_value=-1) *A situation where CHKUSER_START 
is not even specified in either either the smtpd run file or tcp.smtp.

In the code the logic falls out in a different manner for -1, 0, or 1.

So wouldn't CHKUSER_START="NONE" (starting_value=1) fall out differently than 
CHKUSER_START="" (starting_value=0) or CHKUSER_START not specified (starting_value=-1)?

Eric



On 9/18/2017 1:58 PM, Tonix - Antonio Nati wrote:

Eric,

you are right. I wrote "NONE" 

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Tonino,

 chkuser.c v.2.0.9

Eric

On 9/19/2017 3:57 AM, Tonix - Antonio Nati wrote:

Rajesh,

I don't know which version of chkuser is included in qmailtoaster.
Behaviour has changed sometimes. I always tried to configurations 
stable, but sometimes evolutions lead to a change.

So, which is the version in qmailtoaster?

About forcing to authenticate, you need the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* feature, but it exists from 2.0.9.


Check documentation in 
http://opensource.interazioni.it/qmail/chkuser/documentation/chkuser_settings.html.


Regards,

Tonino

Il 19/09/2017 11:39, Rajesh M ha scritto:

Tonino,

thanks for the detailed information

just wanted a final clarification

i require chkuser for smtp authentication purpose only on port 587 for my 
customers who need unrestricted email sending with authentication.

I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
port 587.

in my chkuser_settings.h i have uncommented and recompiled qmailtoaster

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

so in my tcp.smtp, if i set

CHKUSER_START="NONE"

it should allow my customers to authenticate and send out emails without any 
chkuser checks other than smtp authentication, right ?

thanks,
rajesh



will that disable all other aspects for


- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To:qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 09:23:01 +0200
Subject:

Eric,

it looks like I told and wrote wrong instructions (and I remembered
wrong sequences in last reply).

Let's say there is a potential bug in the application, which I'm seeing
only now, after years. It is not really a code bug. It is that I wrote
something in the code and something different in documentation.

Logic (in version 2.0.9 of chkuser code) says:

  1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
 starting_value = 1 (this option is not compatible in compilation
 with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
  2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domain base (starting_value = 0)
  3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
 and NOT assigned, checkuser is disabled (starting_value = -1)
  4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 ALWAYS, checkuser is always ON (starting_value = 1)
  5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
 DOMAIN, checkuser works on domains base (starting_value = 0)
  6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
 different from ALWAYS and DOMAIN, checkuser works on domains bases
 (starting_value = 0)
  7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
 declared checkuser works on domains base (starting_value = 0)

So, the real default is chekuser working on domains base. Other options
lead to different behaviours. If you want to disable it, you must
declare a variable and not assign it (not assign it is different than
assigning "" or empty value).

For a better code and a better usage, it should be (in red the code I
added):

 

 +#if defined CHKUSER_STARTING_VARIABLE
 +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
 +if (starting_string) {
 +if (strcasecmp(starting_string, "ALWAYS") == 0) {
 +starting_value = 1;
 +} else if (strcasecmp(starting_string, "DOMAIN") ==
 0) {
 +starting_value = 0;
 +} else if (strcasecmp(starting_string, "NONE") == 0) {
 +starting_value = -1;
 +}
 +} else {
 +starting_string = "";
 +starting_value = -1;
 +}
 +#endif

 

In such a case value "NONE" and absence of variable assign would disable
chkuser. ALWAYS would enable it forever, any other value would enable it
on domain base.

Sorry, and thanks for forcing me to read again the code.

Tonino



Hi Tonino,

When CHKUSER_START is set, or not set, the ensuing logic of chkuser
keys on the value of 'starting_value', correct?

1) CHKUSER_START="NONE" (starting_value=1)
2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
3) CHKUSER_START="" (starting_value=0)
4) unset -v CHKUSER_START (starting_value=-1) *A situation where CHKUSER_START 
is not even specified in either either the smtpd run file or tcp.smtp.

In the code the logic falls out in a different manner for -1, 0, or 1.

So wouldn't CHKUSER_START="NONE" (starting_value=1) fall out differently than 
CHKUSER_START="" (starting_value=0) or CHKUSER_START not specified (starting_value=-1)?

Eric



On 9/18/2017 1:58 PM, Tonix - Antonio Nati wrote:

Eric,

you are right. I wrote "NONE" instead of "everything different from
ALWAYS or DOMAIN" in order to semplify things, but the concept is

Re: [qmailtoaster] chkusr settings

[Rajesh M]

Tonino,

thanks for the detailed information

just wanted a final clarification

i require chkuser for smtp authentication purpose only on port 587 for my 
customers who need unrestricted email sending with authentication.

I have compiled a separate cdb file called tcp.smtp.587.cdb exclusively for 
port 587.

in my chkuser_settings.h i have uncommented and recompiled qmailtoaster

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

so in my tcp.smtp, if i set

CHKUSER_START="NONE"

it should allow my customers to authenticate and send out emails without any 
chkuser checks other than smtp authentication, right ?

thanks,
rajesh



will that disable all other aspects for


- Original Message -
From: Tonix - Antonio Nati [mailto:to...@interazioni.it]
To: qmailtoaster-list@qmailtoaster.com
Sent: Tue, 19 Sep 2017 09:23:01 +0200
Subject:

Eric,

it looks like I told and wrote wrong instructions (and I remembered
wrong sequences in last reply).

Let's say there is a potential bug in the application, which I'm seeing
only now, after years. It is not really a code bug. It is that I wrote
something in the code and something different in documentation.

Logic (in version 2.0.9 of chkuser code) says:

 1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
starting_value = 1 (this option is not compatible in compilation
with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
 2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
declared checkuser works on domain base (starting_value = 0)
 3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
and NOT assigned, checkuser is disabled (starting_value = -1)
 4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
ALWAYS, checkuser is always ON (starting_value = 1)
 5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
DOMAIN, checkuser works on domains base (starting_value = 0)
 6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
different from ALWAYS and DOMAIN, checkuser works on domains bases
(starting_value = 0)
 7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
declared checkuser works on domains base (starting_value = 0)

So, the real default is chekuser working on domains base. Other options
lead to different behaviours. If you want to disable it, you must
declare a variable and not assign it (not assign it is different than
assigning "" or empty value).

For a better code and a better usage, it should be (in red the code I
added):



+#if defined CHKUSER_STARTING_VARIABLE
+starting_string = env_get (CHKUSER_STARTING_VARIABLE);
+if (starting_string) {
+if (strcasecmp(starting_string, "ALWAYS") == 0) {
+starting_value = 1;
+} else if (strcasecmp(starting_string, "DOMAIN") ==
0) {
+starting_value = 0;
+} else if (strcasecmp(starting_string, "NONE") == 0) {
+starting_value = -1;
+}
+} else {
+starting_string = "";
+starting_value = -1;
+}
+#endif



In such a case value "NONE" and absence of variable assign would disable
chkuser. ALWAYS would enable it forever, any other value would enable it
on domain base.

Sorry, and thanks for forcing me to read again the code.

Tonino


> Hi Tonino,
>
> When CHKUSER_START is set, or not set, the ensuing logic of chkuser
> keys on the value of 'starting_value', correct?
>
> 1) CHKUSER_START="NONE" (starting_value=1)
> 2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
> 3) CHKUSER_START="" (starting_value=0)
> 4) unset -v CHKUSER_START (starting_value=-1) *A situation where 
> CHKUSER_START is not even specified in either either the smtpd run file or 
> tcp.smtp.
>
> In the code the logic falls out in a different manner for -1, 0, or 1.
>
> So wouldn't CHKUSER_START="NONE" (starting_value=1) fall out differently than 
> CHKUSER_START="" (starting_value=0) or CHKUSER_START not specified 
> (starting_value=-1)?
>
> Eric
>
>
>
> On 9/18/2017 1:58 PM, Tonix - Antonio Nati wrote:
>> Eric,
>>
>> you are right. I wrote "NONE" instead of "everything different from
>> ALWAYS or DOMAIN" in order to semplify things, but the concept is
>> clear: every value different from DOMAIN or ALWAYS will disable chkuser.
>>
>> Note: everything is disabled except the
>> *CHKUSER_EXTRA_MUSTAUTH_VARIABLE* functionality.
>>
>> Regards,
>>
>> Tonino
>>
>> Il 18/09/2017 21:51, Eric Broch ha scritto:
>>>
>>> Rajesh,
>>>
>>> I apologize for the responses that have not been helpful. After
>>> looking at the settings (below) from here
>>> 
>>> and going through the code, I'm convinced that the "NONE" option
>>> will not be helpful or do what you expect or what the 

Re: [qmailtoaster] chkusr settings

[Tonix - Antonio Nati]

Eric,

it looks like I told and wrote wrong instructions (and I remembered 
wrong sequences in last reply).


Let's say there is a potential bug in the application, which I'm seeing 
only now, after years. It is not really a code bug. It is that I wrote 
something in the code and something different in documentation.


Logic (in version 2.0.9 of chkuser code) says:

1. if CHKUSER_ALWAYS_ON is declared, chkuser is always ON:
   starting_value = 1 (this option is not compatible in compilation
   with CHKUSER_STARTING_VARIABLE; only one of them may be defined).
2. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
   declared checkuser works on domain base (starting_value = 0)
3. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is declared
   and NOT assigned, checkuser is disabled (starting_value = -1)
4. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
   ALWAYS, checkuser is always ON (starting_value = 1)
5. if CHKUSER_STARTING_VARIABLE is declared and assigned AND equal to
   DOMAIN, checkuser works on domains base (starting_value = 0)
6. if CHKUSER_STARTING_VARIABLE is declared and assigned with values
   different from ALWAYS and DOMAIN, checkuser works on domains bases
   (starting_value = 0)
7. if CHKUSER_STARTING_VARIABLE (by default CHKUSER_START) is NOT
   declared checkuser works on domains base (starting_value = 0)

So, the real default is chekuser working on domains base. Other options 
lead to different behaviours. If you want to disable it, you must 
declare a variable and not assign it (not assign it is different than 
assigning "" or empty value).


For a better code and a better usage, it should be (in red the code I 
added):


   

   +#if defined CHKUSER_STARTING_VARIABLE
   +starting_string = env_get (CHKUSER_STARTING_VARIABLE);
   +if (starting_string) {
   +if (strcasecmp(starting_string, "ALWAYS") == 0) {
   +starting_value = 1;
   +} else if (strcasecmp(starting_string, "DOMAIN") ==
   0) {
   +starting_value = 0;
   +} else if (strcasecmp(starting_string, "NONE") == 0) {
   +starting_value = -1;
   +}
   +} else {
   +starting_string = "";
   +starting_value = -1;
   +}
   +#endif

   

In such a case value "NONE" and absence of variable assign would disable 
chkuser. ALWAYS would enable it forever, any other value would enable it 
on domain base.


Sorry, and thanks for forcing me to read again the code.

Tonino



Hi Tonino,

When CHKUSER_START is set, or not set, the ensuing logic of chkuser 
keys on the value of 'starting_value', correct?


1) CHKUSER_START="NONE" (starting_value=1)
2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
3) CHKUSER_START="" (starting_value=0)
4) unset -v CHKUSER_START (starting_value=-1) *A situation where CHKUSER_START 
is not even specified in either either the smtpd run file or tcp.smtp.

In the code the logic falls out in a different manner for -1, 0, or 1.

So wouldn't CHKUSER_START="NONE" (starting_value=1) fall out differently than 
CHKUSER_START="" (starting_value=0) or CHKUSER_START not specified (starting_value=-1)?

Eric



On 9/18/2017 1:58 PM, Tonix - Antonio Nati wrote:

Eric,

you are right. I wrote "NONE" instead of "everything different from 
ALWAYS or DOMAIN" in order to semplify things, but the concept is 
clear: every value different from DOMAIN or ALWAYS will disable chkuser.


Note: everything is disabled except the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* functionality.


Regards,

Tonino

Il 18/09/2017 21:51, Eric Broch ha scritto:


Rajesh,

I apologize for the responses that have not been helpful. After 
looking at the settings (below) from here 
 
and going through the code, I'm convinced that the "NONE" option 
will not be helpful or do what you expect or what the documentation 
even states (Tonix, please review):




CHKUSER_STARTING_VARIABLE 2.0.5 commented "CHKUSER_START"
Sets the variable that must be read, at qmail-smtpd start, in order 
to understand how to use chkuser for any domain. The variable must 
be filled with the following values:


NONE = chkuser will not work
ALWAYS = chkuser will work always
DOMAIN = chkuser will work depending on single domain settings

Any other value, or a missing value, will disable chkuser.
Incompatible with CHKUSER_ALWAYS_ON since 2.0.9



Since you've already defined 'CHKUSER_STARTING_VARIABLE' at compile 
time in chkuser_settings.h, I think simply leaving the variable 
CHKUSER_START (null) out of both the run file and the tcp.smtp file 
you will get what you've been expecting (stop and start qmail of 
course). The settings section indicates this as well:

"Any other value, or a missing value, will disable chkuser."
In fact, in my study of the code, I don't 

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Hi Tonino,

When CHKUSER_START is set, or not set, the ensuing logic of chkuser keys 
on the value of 'starting_value', correct?


1) CHKUSER_START="NONE" (starting_value=1)
2) CHKUSER_START="ANYTHING ELSE" (starting_value=1)
3) CHKUSER_START="" (starting_value=0)
4) unset -v CHKUSER_START (starting_value=-1) *A situation where CHKUSER_START 
is not even specified in either either the smtpd run file or tcp.smtp.

In the code the logic falls out in a different manner for -1, 0, or 1.

So wouldn't CHKUSER_START="NONE" (starting_value=1) fall out differently than 
CHKUSER_START="" (starting_value=0) or CHKUSER_START not specified (starting_value=-1)?

Eric



On 9/18/2017 1:58 PM, Tonix - Antonio Nati wrote:

Eric,

you are right. I wrote "NONE" instead of "everything different from 
ALWAYS or DOMAIN" in order to semplify things, but the concept is 
clear: every value different from DOMAIN or ALWAYS will disable chkuser.


Note: everything is disabled except the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* functionality.


Regards,

Tonino

Il 18/09/2017 21:51, Eric Broch ha scritto:


Rajesh,

I apologize for the responses that have not been helpful. After 
looking at the settings (below) from here 
 
and going through the code, I'm convinced that the "NONE" option will 
not be helpful or do what you expect or what the documentation even 
states (Tonix, please review):




CHKUSER_STARTING_VARIABLE 2.0.5 commented "CHKUSER_START"
Sets the variable that must be read, at qmail-smtpd start, in order 
to understand how to use chkuser for any domain. The variable must be 
filled with the following values:


    NONE = chkuser will not work
    ALWAYS = chkuser will work always
    DOMAIN = chkuser will work depending on single domain settings

Any other value, or a missing value, will disable chkuser.
Incompatible with CHKUSER_ALWAYS_ON since 2.0.9



Since you've already defined 'CHKUSER_STARTING_VARIABLE' at compile 
time in chkuser_settings.h, I think simply leaving the variable 
CHKUSER_START (null) out of both the run file and the tcp.smtp file 
you will get what you've been expecting (stop and start qmail of 
course). The settings section indicates this as well:

"Any other value, or a missing value, will disable chkuser."
In fact, in my study of the code, I don't think the NONE option does 
anything. If Tonix is looking at this thread maybe he could help 
*fingers crossed*.


Please let me know how it goes.

Eric

On 9/18/2017 12:33 PM, Eric Broch wrote:


Rajesh,

Can you set this in /var/qmail/supervise/smtp/run

CHKUSER_START="NONE"
export CHKUSER_START

exec 
/usr/bin/softlimit




On 9/18/2017 12:10 PM, Eric Broch wrote:


Sorry, my mistake, Rajesh,

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

sets CHKUSER_STARTING_VARIABLE to CHKUSER_START


On 9/18/2017 11:53 AM, Eric Broch wrote:


Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
    if (starting_string) {
    if (strcasecmp(starting_string, "ALWAYS") == 0) {
    starting_value = 1;
    } else if (strcasecmp(starting_string, "DOMAIN") 
== 0) {

    starting_value = 0;
    }
    } else {
    starting_string = "";
    starting_value = -1;
    }



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

Re: [qmailtoaster] chkusr settings

[Tonix - Antonio Nati]

Eric,

you are right. I wrote "NONE" instead of "everything different from 
ALWAYS or DOMAIN" in order to semplify things, but the concept is clear: 
every value different from DOMAIN or ALWAYS will disable chkuser.


Note: everything is disabled except the 
*CHKUSER_EXTRA_MUSTAUTH_VARIABLE* functionality.


Regards,

Tonino

Il 18/09/2017 21:51, Eric Broch ha scritto:


Rajesh,

I apologize for the responses that have not been helpful. After 
looking at the settings (below) from here 
 
and going through the code, I'm convinced that the "NONE" option will 
not be helpful or do what you expect or what the documentation even 
states (Tonix, please review):




CHKUSER_STARTING_VARIABLE 2.0.5 commented "CHKUSER_START"
Sets the variable that must be read, at qmail-smtpd start, in order to 
understand how to use chkuser for any domain. The variable must be 
filled with the following values:


NONE = chkuser will not work
ALWAYS = chkuser will work always
DOMAIN = chkuser will work depending on single domain settings

Any other value, or a missing value, will disable chkuser.
Incompatible with CHKUSER_ALWAYS_ON since 2.0.9



Since you've already defined 'CHKUSER_STARTING_VARIABLE' at compile 
time in chkuser_settings.h, I think simply leaving the variable 
CHKUSER_START (null) out of both the run file and the tcp.smtp file 
you will get what you've been expecting (stop and start qmail of 
course). The settings section indicates this as well:

"Any other value, or a missing value, will disable chkuser."
In fact, in my study of the code, I don't think the NONE option does 
anything. If Tonix is looking at this thread maybe he could help 
*fingers crossed*.


Please let me know how it goes.

Eric

On 9/18/2017 12:33 PM, Eric Broch wrote:


Rajesh,

Can you set this in /var/qmail/supervise/smtp/run

CHKUSER_START="NONE"
export CHKUSER_START

exec 
/usr/bin/softlimit




On 9/18/2017 12:10 PM, Eric Broch wrote:


Sorry, my mistake, Rajesh,

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

sets CHKUSER_STARTING_VARIABLE to CHKUSER_START


On 9/18/2017 11:53 AM, Eric Broch wrote:


Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
if (starting_string) {
if (strcasecmp(starting_string, "ALWAYS") == 0) {
starting_value = 1;
} else if (strcasecmp(starting_string, "DOMAIN") == 
0) {

starting_value = 0;
}
} else {
starting_string = "";
starting_value = -1;
}



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt  : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: 
from  remote 
 rcpt  : rcpt ignored, 
session over intrusion threshold
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: 
from  remote 
 rcpt  : rcpt ignored, 
session over intrusion threshold

help required please

rajesh

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Rajesh,

I apologize for the responses that have not been helpful. After looking 
at the settings (below) from here 
 
and going through the code, I'm convinced that the "NONE" option will 
not be helpful or do what you expect or what the documentation even 
states (Tonix, please review):




CHKUSER_STARTING_VARIABLE 2.0.5 commented "CHKUSER_START"
Sets the variable that must be read, at qmail-smtpd start, in order to 
understand how to use chkuser for any domain. The variable must be 
filled with the following values:


    NONE = chkuser will not work
    ALWAYS = chkuser will work always
    DOMAIN = chkuser will work depending on single domain settings

Any other value, or a missing value, will disable chkuser.
Incompatible with CHKUSER_ALWAYS_ON since 2.0.9



Since you've already defined 'CHKUSER_STARTING_VARIABLE' at compile time 
in chkuser_settings.h, I think simply leaving the variable CHKUSER_START 
(null) out of both the run file and the tcp.smtp file you will get what 
you've been expecting (stop and start qmail of course). The settings 
section indicates this as well:

"Any other value, or a missing value, will disable chkuser."
In fact, in my study of the code, I don't think the NONE option does 
anything. If Tonix is looking at this thread maybe he could help 
*fingers crossed*.


Please let me know how it goes.

Eric

On 9/18/2017 12:33 PM, Eric Broch wrote:


Rajesh,

Can you set this in /var/qmail/supervise/smtp/run

CHKUSER_START="NONE"
export CHKUSER_START

exec 
/usr/bin/softlimit




On 9/18/2017 12:10 PM, Eric Broch wrote:


Sorry, my mistake, Rajesh,

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

sets CHKUSER_STARTING_VARIABLE to CHKUSER_START


On 9/18/2017 11:53 AM, Eric Broch wrote:


Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
    if (starting_string) {
    if (strcasecmp(starting_string, "ALWAYS") == 0) {
    starting_value = 1;
    } else if (strcasecmp(starting_string, "DOMAIN") == 0) {
    starting_value = 0;
    }
    } else {
    starting_string = "";
    starting_value = -1;
    }



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt   : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from  remote  rcpt  : rcpt ignored, session over intrusion threshold 
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from  remote  rcpt   : rcpt ignored, session over intrusion threshold


help required please

rajesh





-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical 

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Rajesh,

Can you set this in /var/qmail/supervise/smtp/run

CHKUSER_START="NONE"
export CHKUSER_START

exec 
/usr/bin/softlimit




On 9/18/2017 12:10 PM, Eric Broch wrote:


Sorry, my mistake, Rajesh,

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

sets CHKUSER_STARTING_VARIABLE to CHKUSER_START


On 9/18/2017 11:53 AM, Eric Broch wrote:


Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
    if (starting_string) {
    if (strcasecmp(starting_string, "ALWAYS") == 0) {
    starting_value = 1;
    } else if (strcasecmp(starting_string, "DOMAIN") == 0) {
    starting_value = 0;
    }
    } else {
    starting_string = "";
    starting_value = -1;
    }



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt   : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from  remote  rcpt  : rcpt ignored, session over intrusion threshold 
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from  remote  rcpt   : rcpt ignored, session over intrusion threshold


help required please

rajesh





-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Sorry, my mistake, Rajesh,

#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

sets CHKUSER_STARTING_VARIABLE to CHKUSER_START


On 9/18/2017 11:53 AM, Eric Broch wrote:


Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
    if (starting_string) {
    if (strcasecmp(starting_string, "ALWAYS") == 0) {
    starting_value = 1;
    } else if (strcasecmp(starting_string, "DOMAIN") == 0) {
    starting_value = 0;
    }
    } else {
    starting_string = "";
    starting_value = -1;
    }



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt   : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from  remote  rcpt  : rcpt ignored, session over intrusion threshold 
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from  remote  rcpt   : rcpt ignored, session over intrusion threshold


help required please

rajesh





-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Rajesh,

In the code there is no check for 'CHKUSER_START' but there is for 
'CHKUSER_STARTING_VARIABLE'. So, in tcp.smtp use 
'CHKUSER_STARTING_VARIABLE' like so:


CHKUSER_STARTING_VARIABLE="NONE"

then stop and start qmail.

Here's the code and the environment variable chkuser checks:



starting_string = env_get (CHKUSER_STARTING_VARIABLE);
    if (starting_string) {
    if (strcasecmp(starting_string, "ALWAYS") == 0) {
    starting_value = 1;
    } else if (strcasecmp(starting_string, "DOMAIN") == 0) {
    starting_value = 0;
    }
    } else {
    starting_string = "";
    starting_value = -1;
    }



Eric

On 9/18/2017 11:38 AM, Eric Broch wrote:

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt   : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from  remote  rcpt  : rcpt ignored, session over intrusion threshold 
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from  remote  rcpt   : rcpt ignored, session over intrusion threshold


help required please

rajesh





-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] chkusr settings

[Eric Broch]

Sorry to ask this, but did you restart qmail after the change?

On 9/18/2017 8:52 AM, Rajesh M wrote:

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser using 
CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: 
from  remote 
 rcpt   : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from  remote  rcpt  : rcpt ignored, session over intrusion threshold 
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from  remote  rcpt   : rcpt ignored, session over intrusion threshold


help required please

rajesh





-
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] chkusr settings

[Remo Mattei]

if you are in any sort going to use chkuser you want the
chkuser_users_dash otherwise mailing list will not work.. I remember I
worked with Tonix to have that implemented.

Remo

On 9/18/17 7:52 AM, Rajesh M wrote:
> hi eric
>
> i wished to disable chkusr mx check, format check etc .. and turn off chkuser 
> using CHKUSER_START="NONE"
>
> the default installation of qmail always keeps chkuser on with no control
> so i rebuild chkuser from source
>
> CHANGES FOR CHK USER
> EXTRA SOURCE FROM RPM
> rpm -Uvh qmail-1.03-1.qt.src.rpm
> nano /root/rpmbuild/SPECS/qmail.spec
> put a sleep in this for 120 seconds
>
> open 2nd window of ssh
> service qmail stop
>
> in first window run
> rpmbuild -bb --define "dist .qt.el6" qmail.spec
> the process will now for halt for 180 seconds which gives us time to modify 
> chkuser_settings.h settings
>
> in second window go to
> cd /root/rpmbuild/BUILD/qmail-1.03
> nano chkuser_settings.h
>
> UNCOMMENT THIS
> #define CHKUSER_STARTING_VARIABLE "CHKUSER_START" 
>
> comment out the following
> /* #define CHKUSER_RCPT_MX */
> /* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
> /* #define CHKUSER_USERS_DASH '-' */
>
>
> now the problem is that even if I set CHKUSER_START="NONE" i get errors
>
> here is my tcp.smtp file for submission port (i use separate tcp.smtp files 
> for 25 and 587)
>
> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"
>
> i still get errors as such
>
> 2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: from 
>  remote 
>  rcpt  : max number 
> of recipients
> 2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from 
>  remote 
>  rcpt  : rcpt 
> ignored, session over intrusion threshold 
> 2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from 
>  remote 
>  rcpt  : rcpt 
> ignored, session over intrusion threshold
>
> help required please
>
> rajesh
>
>
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] chkusr settings

[Rajesh M]

hi eric

i wished to disable chkusr mx check, format check etc .. and turn off chkuser 
using CHKUSER_START="NONE"

the default installation of qmail always keeps chkuser on with no control
so i rebuild chkuser from source

CHANGES FOR CHK USER
EXTRA SOURCE FROM RPM
rpm -Uvh qmail-1.03-1.qt.src.rpm
nano /root/rpmbuild/SPECS/qmail.spec
put a sleep in this for 120 seconds

open 2nd window of ssh
service qmail stop

in first window run
rpmbuild -bb --define "dist .qt.el6" qmail.spec
the process will now for halt for 180 seconds which gives us time to modify 
chkuser_settings.h settings

in second window go to
cd /root/rpmbuild/BUILD/qmail-1.03
nano chkuser_settings.h

UNCOMMENT THIS
#define CHKUSER_STARTING_VARIABLE "CHKUSER_START"

comment out the following
/* #define CHKUSER_RCPT_MX */
/* #define CHKUSER_ENABLE_USERS_EXTENSIONS */
/* #define CHKUSER_USERS_DASH '-' */


now the problem is that even if I set CHKUSER_START="NONE" i get errors

here is my tcp.smtp file for submission port (i use separate tcp.smtp files for 
25 and 587)

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_START="NONE"

i still get errors as such

2017-09-18 11:48:08.810159500 CHKUSER rejected rcpt: from 
 remote 
 rcpt  : max number of 
recipients
2017-09-18 11:48:09.894092500 CHKUSER rejected intrusion: from 
 remote 
 rcpt  : rcpt ignored, 
session over intrusion threshold
2017-09-18 11:48:11.226284500 CHKUSER rejected intrusion: from 
 remote 
 rcpt  : rcpt 
ignored, session over intrusion threshold

help required please

rajesh



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com