RE: [qmailtoaster] concerning updates to qmailtoaster
Rajesh & Eric: I find this thread particularly compelling -- I have 3 different "large" qmail servers, each of which hosts more than 20,000 users. One of the most difficult items to control is when one of my users gets infected with a "virus" (or other type of malware) that then abuses the fact that qmail itself (or, at least not QMT) doesn't validate the FROM header entry against the authentication credentials. Years ago, when I spoke to Jake Vickers about it, he claimed it was essentially impossible, however since then I have to suspect it is very much possible -- because the CHKUSER log entries show (on a single line) the from and auth user data. Not having the time to delve into CHKUSER arguments, I wrote a script that checks the CHKUSER entries in the log files and warns (and eventually suspends) users who send from different domains than what they logged in as. (I also use it to automatically throttle users who send too many emails -- SPAM! I allow only 250 SMTP connections a day. :) It would be an AMAZING help to me if SpamDyke (or CHKUSER) would be able to DENY these fraudulent headers INSTANTLY... so let's keep looking at this, if you don't mind! Thanks Dan McAllister IT4SOHO PS: NOTE: It is NECESSARY for some users to be allowed to bypass this check (and SPF and other checks) -- in particular for backup mail servers who might queue up messages for a server while it is down and deliver them once back up. -Original Message- From: Rajesh M [mailto:24x7ser...@24x7server.net] Sent: Sunday, July 24, 2016 9:51 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] concerning updates to qmailtoaster eric i am using spamdyke5 a new spamdyke.conf was generated which i am using and the qmail services are working like normal my idea was to block email ids where the reply-to (envelope sender) were different from authentication domain. so in my config file i have this since as per spamdyke config it will go through all the aspects reject-sender=not-local reject-sender=authentication-domain-mismatch reject-sender=no-mx however in my thunderbird when using a different reply-to email id it does not work. in whitelist_ip i have only one ip : 127.0.0.0.1 in my whitelist_senders i do not have the sending domain listed rajesh - Original Message - From: Eric [mailto:ebr...@whitehorsetc.com] To: qmailtoaster-list@qmailtoaster.com Sent: Sun, 24 Jul 2016 11:57:17 -0600 Subject: Rajesh, It would be just like any other RPM update. The RPM install will stop and start services. With Spamdyke, if you're upgrading to 5, you'll have to run a script (below) I provided, but until you run it you're toaster will be rejecting email (it only takes a second to run). Remember if you have special settings in spamdyke.conf backup! #!/bin/sh sed -i \ -e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \ -e 's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \ -e 's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \ -e 's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g' \ -e 's/local-domains-file/qmail-rcpthosts-file/g' \ -e 's/local-domains-entry=/#local-domains-entry=(Add these entries to qmail-rcpthosts-file)/g' \ -e 's/morercpthosts/qmail-morercpthosts-cdb/'g /etc/spamdyke/spamdyke.conf Eric On 7/24/2016 5:32 AM, Rajesh M wrote: > hi > > i am using qmailtoaster on centos 6 > > the SRPMS i have are from the old qmail site and a few from > ftp.whitehorse > > my question was whether i can update dovecot, spamassassin and > spamdyke without causing intereference with existing working qmailtoaster, > similar to the manner in which i update clam. > > i would be shutting down the qmailserver during the updates > > > thanks > rajesh > > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] concerning updates to qmailtoaster
eric i am using spamdyke5 a new spamdyke.conf was generated which i am using and the qmail services are working like normal my idea was to block email ids where the reply-to (envelope sender) were different from authentication domain. so in my config file i have this since as per spamdyke config it will go through all the aspects reject-sender=not-local reject-sender=authentication-domain-mismatch reject-sender=no-mx however in my thunderbird when using a different reply-to email id it does not work. in whitelist_ip i have only one ip : 127.0.0.0.1 in my whitelist_senders i do not have the sending domain listed rajesh - Original Message - From: Eric [mailto:ebr...@whitehorsetc.com] To: qmailtoaster-list@qmailtoaster.com Sent: Sun, 24 Jul 2016 11:57:17 -0600 Subject: Rajesh, It would be just like any other RPM update. The RPM install will stop and start services. With Spamdyke, if you're upgrading to 5, you'll have to run a script (below) I provided, but until you run it you're toaster will be rejecting email (it only takes a second to run). Remember if you have special settings in spamdyke.conf backup! #!/bin/sh sed -i \ -e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \ -e 's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \ -e 's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \ -e 's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g' \ -e 's/local-domains-file/qmail-rcpthosts-file/g' \ -e 's/local-domains-entry=/#local-domains-entry=(Add these entries to qmail-rcpthosts-file)/g' \ -e 's/morercpthosts/qmail-morercpthosts-cdb/'g /etc/spamdyke/spamdyke.conf Eric On 7/24/2016 5:32 AM, Rajesh M wrote: > hi > > i am using qmailtoaster on centos 6 > > the SRPMS i have are from the old qmail site and a few from ftp.whitehorse > > my question was whether i can update dovecot, spamassassin and spamdyke > without causing intereference with existing working qmailtoaster, similar to > the manner in which i update clam. > > i would be shutting down the qmailserver during the updates > > > thanks > rajesh > > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] concerning updates to qmailtoaster
Rajesh, It would be just like any other RPM update. The RPM install will stop and start services. With Spamdyke, if you're upgrading to 5, you'll have to run a script (below) I provided, but until you run it you're toaster will be rejecting email (it only takes a second to run). Remember if you have special settings in spamdyke.conf backup! #!/bin/sh sed -i \ -e 's/reject-missing-sender-mx/reject-sender=no-mx/g' \ -e 's/rejection-text-missing-sender-mx/rejection-text-sender-no-mx/g' \ -e 's/reject-identical-sender-recipient/reject-recipient=same-as-sender/g' \ -e 's/rejection-text-identical-sender-recipient/rejection-text-recipient-same-as-sender/g' \ -e 's/local-domains-file/qmail-rcpthosts-file/g' \ -e 's/local-domains-entry=/#local-domains-entry=(Add these entries to qmail-rcpthosts-file)/g' \ -e 's/morercpthosts/qmail-morercpthosts-cdb/'g /etc/spamdyke/spamdyke.conf Eric On 7/24/2016 5:32 AM, Rajesh M wrote: hi i am using qmailtoaster on centos 6 the SRPMS i have are from the old qmail site and a few from ftp.whitehorse my question was whether i can update dovecot, spamassassin and spamdyke without causing intereference with existing working qmailtoaster, similar to the manner in which i update clam. i would be shutting down the qmailserver during the updates thanks rajesh - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] concerning updates to qmailtoaster
hi i am using qmailtoaster on centos 6 the SRPMS i have are from the old qmail site and a few from ftp.whitehorse my question was whether i can update dovecot, spamassassin and spamdyke without causing intereference with existing working qmailtoaster, similar to the manner in which i update clam. i would be shutting down the qmailserver during the updates thanks rajesh - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
