Re: [qmailtoaster] Auth before RBL patch
Hi there, I definitely agree with the idea that it is very hard to make users change the port... How do we do this? How do we apply the patch? Looks like i am yet a step by step do the necessary things kind of admin.. :) If you have time would you please reply? Thanks, Regards Devrim Vardar [EMAIL PROTECTED] Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Devrim Vardar wrote: Hi there, I definitely agree with the idea that it is very hard to make users change the port... It's not so hard, particularly if they can't send email because they're on a dynamic IP address that's on a blocklist. Keep in mind, port 25 still works for the most part. It's not like you *must* use port 587 for submission, at least not for the forseeable future. I'm betting that you'll see client email programs default to port 587 at some point. How do we do this? How do we apply the patch? Looks like i am yet a step by step do the necessary things kind of admin.. :) Then you *really* don't want to even consider applying patches yourself. Believe me, having users change their port is easier than it is for a novice admin to apply source code patches. Plus, you'll need to apply the patches every time you upgrade qmail-toaster. Talk about a PITA. If you have time would you please reply? Thanks, Regards Devrim Vardar [EMAIL PROTECTED] Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey
Re: [qmailtoaster] Auth before RBL patch
As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Auth before RBL patch
So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Auth before RBL patch
I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Oops, I misspoke. You need to add 587 to the firewall.sh script and rerun it. That should get you going. Eric Shubes wrote: No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Auth before RBL patch
No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Dan, Looking back over the conversation - you will also need to upgrade your toaster version, as 1.3.7 did not have the submission port. That and the firewall and you should be up and running. Hope that this saves you time hunting for a port you are not running. Jon Eric Shubes wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Gee you're fast! :) Erik Espinoza wrote: Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [qmailtoaster] Auth before RBL patch
Thanks for the info. Attempting to use qtp-newmodel now on my test machine. Hope it goes great! -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 4:03 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Gee you're fast! :) Erik Espinoza wrote: Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
That's what she said . . . Erik On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: Gee you're fast! :) Erik Espinoza wrote: Done! On 1/23/07, Eric Shubes [EMAIL PROTECTED] wrote: EE, The firewall.sh script needs to be modified on the main site to allow port 587 for submission. Just a reminder. ;) Dan Herbon wrote: No I cannot telnet to port 587. ill look around. Thanks -Original Message- From: Eric Shubes [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:47 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Auth before RBL patch
Boy, it seems I'm not doing very good today. I should have said with or without TLS. If you're using secure connections, you want to use TLS for smtp, SSL for pop and imap. Eric Shubes wrote: No, it can be used with or without SSL. Is a firewall blocking the port (standard toaster firewall does not), or port not being forwarded? (depends on your configuration) Can you telnet into 587? Dan Herbon wrote: I've never used this port and when I set outlook to it, it just fails. Do I have to set the server up with a SSL certificate or something? -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:32 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch Correct. On 1/23/07, Dan Herbon [EMAIL PROTECTED] wrote: So just to clarify, if I set my roaming users laptops to send through port 587 it will bypass the blacklists but will require authentication? I've been having lots of trouble with the new zen.spamhaus.org blacklist since the upgrade. Seems the PBL advisory list has every IP block of roadrunner on the list which is now causing all my roaming users to have their emails kicked back even though they authenticate. -Original Message- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 2:02 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Auth before RBL patch As time has gone by, a lot of isp's have been blocking outgoing port 25 for all but their static users. I always recommend my users set port 587 in case they use someone elses Wireless they can still use my Toaster for outgoing without issue. There are advantages for using the standard. Erik On 1/23/07, Sergey Menshikov [EMAIL PROTECTED] wrote: Eric Shubes wrote: Sergey Menshikov wrote: Hi All, I have to accept e-mail from users in blacklisted IPs, so attached are the simple patches for qmail-smtpd and rblsmptd to delay RBL rejection until smtp DATA command is issued. * rblsmtpd with option -e, if IP is blacklisted, sets environment variable BLACKLISTMSG to rejection code and message and, in all cases, starts qmail-smtpd. * qmail-smptpd checks for BLACKLISTMSG at DATA command stage, and, if set, and not authenticated, outputs the message, aborting DATA command. Fairly trivial but I believe useful patch, I wonder if it could be included into distribution. I tested it on and still use it on my site, using rpmbuild against * ucspi-tcp-toaster-0.88-1.3.2.src.rpm * qmail-toaster-1.03-1.3.7.src.rpm Thank you! Best regards, Sergey Menshikov Sergey, The latest toaster now uses the standard smtp submission port (587), which does not check blacklists and requires authentication. I'm not certain which version first contained this change, but it was after 1.3.7. Thanks, Eric, I did not know this :) Though asking all my friends and family to find their SMTP port setting and change it to 587 is harder for me than patch qmail ;) Best regards Sergey -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]