[spamdyke-users] spamdyke forgets to log sometimes ?
I've had twice the following issue with spamdyke : no reference to a message is found in /var/log/mail.info but i can find it in qmail logs... Dunno whether it's syslog losing log lines or a bug in spamdyke ? (there is no way for the message to avoid spamdyke on this server) have a nice day ! -- Sébastien Guilbaud ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] config-test does not recognize Plesk SMTP_AUTH
Hi, I've been using spamdyke for about 2 weeks now, and I'm quite satisfied with the results. Thanks for this great tool. As the subject states, I'm running a Plesk 8.1 based system. Today I upgraded from the 2.6.3 version, to the 3.1.0. The good news is: I got everything working so far. But what made me curious are two things: With the old 2.6.3 I could use the --smtp-auth-command option, with the new 3.1.0 this does not work anymore. Not working anymore in this case means, that I have to remove this option or my client gets an error message. In the logs it looks like authentication is tried twice. Really weired, but since Plesk delivers a SMTP_AUTH capable server, this is no problem - at least my relaying tests all failed when not authenticated. So I think I'm still good. During the trial and error phase of this, I ran the --config-test option of spamdyke. Although smtp authentication works, the config-test gives me this warning: WARNING: /var/qmail/bin/qmail-smtpd does not appear to offer SMTP AUTH support. Please use the smtp-auth-command flag or the smtp-auth-command-encryption flag as well as the access-file and local-domains-file flags so spamdyke will be able to authenticate users and correctly allow them to relay. Now I'm wondering why this warning occurs at all. Is it a misconfiguration on my part, or just the config-test failing to detect the SMTP AUTH capabilities of my qmail_smtpd? bye, Michael P.S.: Although offtopic: Can anybody point me to a place where the commandline of qmail_smtpd is explained? Basically I would like to know, why /var/qmail/bin/true has to be in the commandline twice, or even better, what qmail_smtpd in general does with it's parameters? Thanks. - my spamdyke.conf log-level=2 local-domains-file=/var/qmail/control/rcpthosts max-recipients=5 idle-timeout-secs=60 graylist-dir=/var/qmail/gray graylist-min-secs=300 graylist-max-secs=1814400 reject-empty-rdns reject-unresolvable-rdns reject-ip-in-cc-rdns greeting-delay-secs=5 check-dnsrbl=zombie.dnsbl.sorbs.net check-dnsrbl=dul.dnsbl.sorbs.net check-dnsrbl=bogons.cymru.com #smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true local-domains-file=/var/qmail/control/rcpthosts reject-missing-sender-mx hostname=v31616.vierfpeile.de tls-certificate-file=/var/qmail/control/servercert.pem ---end my spamdyke.conf my xinetd.d config for smtp_psa - server = /var/qmail/bin/tcp-env server_args = -Rt0 /usr/local/bin/spamdyke -f /etc/spamdyke.conf /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true my xinetd.d config for smtp_psa - ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke forgets to log sometimes ?
A few questions: What version of spamdyke are you using? Older versions didn't log every message, especially if the connection was whitelisted. Newer versions should log everything. Also, how busy is your server? syslogd will drop messages if the server is overloaded; I believe this is why DJB didn't use it for qmail. With the latest version of spamdyke, you can use the log-target directive to make spamdyke avoid syslog. Its messages will appear in the same files as your qmail logs. I'd be very interested to know if that solves the problem. -- Sam CLippinger Seb wrote: I've had twice the following issue with spamdyke : no reference to a message is found in /var/log/mail.info but i can find it in qmail logs... Dunno whether it's syslog losing log lines or a bug in spamdyke ? (there is no way for the message to avoid spamdyke on this server) have a nice day ! ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] Problem in v3.1.1 make it un-usable.
I have two server. One I install the latest spamdyke v3.1.1, let's call this server A and the other server B. Both have spamdyke v3.1.1, using plesk. But when I send email via webmail from server A to the server B email, some how the email cannot be delivered. When I check server B the log shows a lot of Broken pipe. How I know as all the email was trap in server A queue, so I force qmail to send and immediately check the server log in server B. Nov 13 22:19:52 manna spamdyke[19583]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe So I install v3.0.1 in server B (with the same configuration) and did the same thing by forcing qmail to send the trap queue. Now all the email is send through. At this point I have kept v3.1.1 on server A to see if there are other issue. Have to down grade to v3.0.1 as both email send via webmail cannot be transmitted. It seems like v3.1.1 need to resolve this critical issue. I hope some how this report will help to resolve the issue. Send instant messages to your online friends http://uk.messenger.yahoo.com ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Problem in v3.1.1 make it un-usable.
I would like to report that v3.1.0 also suffer from the same issue as described below. So now I am back to v3.0.1, I think many mail will be missing if I continue to test. I believei it should be able to resolve quickly. - Original Message From: david boh [EMAIL PROTECTED] To: spamdyke-users@spamdyke.org Sent: Tuesday, November 13, 2007 11:22:01 PM Subject: [spamdyke-users] Problem in v3.1.1 make it un-usable. I have two server. One I install the latest spamdyke v3.1.1, let's call this server A and the other server B. Both have spamdyke v3.1.1, using plesk. But when I send email via webmail from server A to the server B email, some how the email cannot be delivered. When I check server B the log shows a lot of Broken pipe. How I know as all the email was trap in server A queue, so I force qmail to send and immediately check the server log in server B. Nov 13 22:19:52 manna spamdyke[19583]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe So I install v3.0.1 in server B (with the same configuration) and did the same thing by forcing qmail to send the trap queue. Now all the email is send through. At this point I have kept v3.1.1 on server A to see if there are other issue. Have to down grade to v3.0.1 as both email send via webmail cannot be transmitted. It seems like v3.1.1 need to resolve this critical issue. I hope some how this report will help to resolve the issue. Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke forgets to log sometimes ?
What version of spamdyke are you using? Older versions didn't log every message, especially if the connection was whitelisted. Newer versions should log everything. 3.1.1 installed this morning in place of 3.1.0 Also, how busy is your server? syslogd will drop messages if the server is overloaded; I believe this is why DJB didn't use it for qmail. This server is a lot cooler since spamdyke was installed :-) Thanks a lot for spamdyke, sam, it works perfectly on 6+ servers (and counting) and stops loads of spam : 71 smtp connections refused on about 73 incoming connections on the biggest server (a day), not bad at all :-) With the latest version of spamdyke, you can use the log-target directive to make spamdyke avoid syslog. Its messages will appear in the same files as your qmail logs. I'd be very interested to know if that solves the problem. ouch. This would break my munin plugin and a couple of scripts I use to extract statistics. I'll try to modify them to handle multilog log files and tai timestamps one of these days -- Sébastien Guilbaud ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke forgets to log sometimes ?
On Tuesday 13 November 2007 15:42, Seb wrote: What version of spamdyke are you using? Older versions didn't log every message, especially if the connection was whitelisted. Newer versions should log everything. 3.1.1 installed this morning in place of 3.1.0 Also, how busy is your server? syslogd will drop messages if the server is overloaded; I believe this is why DJB didn't use it for qmail. This server is a lot cooler since spamdyke was installed :-) Thanks a lot for spamdyke, sam, it works perfectly on 6+ servers (and counting) and stops loads of spam : 71 smtp connections refused on about 73 incoming connections on the biggest server (a day), not bad at all :-) With the latest version of spamdyke, you can use the log-target directive to make spamdyke avoid syslog. Its messages will appear in the same files as your qmail logs. I'd be very interested to know if that solves the problem. ouch. This would break my munin plugin and a couple of scripts I use to extract statistics. I'll try to modify them to handle multilog log files and tai timestamps one of these days Logwatch has routines for handling tai timestamps see /usr/share/logwatch/scripts/shared/applytaidate -- Sébastien Guilbaud ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- - Bob Hutchinson Midwales dot com - ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] config-test does not recognize Plesk SMTP_AUTH
Plesk is such a queer duck. I like its control panel but it sure does some screwy things to the system configuration. I see something in your spamdyke configuration file that could be causing the SMTP AUTH problem. You have the following line commented out: smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true This is actually two commands -- smtp_auth and cmd5checkpw. They should be given on two separate lines and they should offer encrypted authentication: smtp-auth-command-encryption=/var/qmail/bin/smtp_auth /var/qmail/bin/true smtp-auth-command-encryption=/var/qmail/bin/cmd5checkpw /var/qmail/bin/true I suspect the authentication is failing because cmd5checkpw is the program that can actually process your credentials but it's not being started (because your configuration file lists it as a parameter to smtp_auth). However, you're correct that you don't need it with 3.0.0 and later -- spamdyke now automatically detects successful authentication without running the commands itself. Next, your config-test is giving strange results because you probably used this command: spamdyke -f /etc/spamdyke.conf /var/qmail/bin/qmail-smtpd Plesk doesn't patch qmail-smtpd to provide SMTP AUTH, so spamdyke can't see it. Instead, Plesk uses relaylock for that purpose. You should really test with: spamdyke -f /etc/spamdyke.conf /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true With that command line, the SMTP AUTH banners will appear and spamdyke won't complain about it any more. So in summary, you can either use Plesk's relaylock OR you can use spamdyke's smtp-auth-command-encryption directive. Using both is unnecessary and wastes server resources. If you have some users (or servers) that need to relay without authenticating, continue using relaylock. If you don't, create an empty access file and use spamdyke's smtp-auth-command-encryption and access-file instead of relaylock. It's a bit more efficient. To answer your last question about qmail-smtpd's command line, it doesn't have one by default. Most of the time, when you see command line options passed to qmail-smtpd, you're looking at a patched version of qmail-smtpd. (In Plesk's case, the extra options are not parameters to qmail-smtpd, they're actually parameters to relaylock.) Typically, any parameters are commands to process SMTP AUTH attempts. The authentication commands always come in pairs -- the auth command and a true command. This is a holdover from DJB's original checkpassword program, which runs the second command if the authentication is successful. I think his intent was that successful authentications could have side-effects, such as logging or unlocking resources. The password-checking program could be generic (i.e. only check the password) and the second command could perform the side-effect. In practice, this hasn't happened. People have simply written password-checking programs that perform the side-effects internally. true is used as the side-effect command because it's small and fast. For more information on checkpassword (but not much more), see DJB's site: http://cr.yp.to/checkpwd/interface.html -- Sam Clippinger Grimmi Meloni wrote: Hi, I've been using spamdyke for about 2 weeks now, and I'm quite satisfied with the results. Thanks for this great tool. As the subject states, I'm running a Plesk 8.1 based system. Today I upgraded from the 2.6.3 version, to the 3.1.0. The good news is: I got everything working so far. But what made me curious are two things: With the old 2.6.3 I could use the --smtp-auth-command option, with the new 3.1.0 this does not work anymore. Not working anymore in this case means, that I have to remove this option or my client gets an error message. In the logs it looks like authentication is tried twice. Really weired, but since Plesk delivers a SMTP_AUTH capable server, this is no problem - at least my relaying tests all failed when not authenticated. So I think I'm still good. During the trial and error phase of this, I ran the --config-test option of spamdyke. Although smtp authentication works, the config-test gives me this warning: WARNING: /var/qmail/bin/qmail-smtpd does not appear to offer SMTP AUTH support. Please use the smtp-auth-command flag or the smtp-auth-command-encryption flag as well as the access-file and local-domains-file flags so spamdyke will be able to authenticate users and correctly allow them to relay. Now I'm wondering why this warning occurs at all. Is it a misconfiguration on my part, or just the config-test failing to detect the SMTP AUTH capabilities of my qmail_smtpd? bye, Michael P.S.: Although offtopic: Can anybody point me to a place where the commandline of qmail_smtpd is
Re: [spamdyke-users] Problem in v3.1.1 make it un-usable.
Can you send more information about your setup? Could you send the contents of your /etc/xinetd.d/smtp_psa file and your spamdyke configuration file (if you have one)? -- Sam Clippinger david boh wrote: I would like to report that v3.1.0 also suffer from the same issue as described below. So now I am back to v3.0.1, I think many mail will be missing if I continue to test. I believei it should be able to resolve quickly. - Original Message From: david boh [EMAIL PROTECTED] To: spamdyke-users@spamdyke.org Sent: Tuesday, November 13, 2007 11:22:01 PM Subject: [spamdyke-users] Problem in v3.1.1 make it un-usable. I have two server. One I install the latest spamdyke v3.1.1, let's call this server A and the other server B. Both have spamdyke v3.1.1, using plesk. But when I send email via webmail from server A to the server B email, some how the email cannot be delivered. When I check server B the log shows a lot of Broken pipe. How I know as all the email was trap in server A queue, so I force qmail to send and immediately check the server log in server B. Nov 13 22:19:52 manna spamdyke[19583]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe So I install v3.0.1 in server B (with the same configuration) and did the same thing by forcing qmail to send the trap queue. Now all the email is send through. At this point I have kept v3.1.1 on server A to see if there are other issue. Have to down grade to v3.0.1 as both email send via webmail cannot be transmitted. It seems like v3.1.1 need to resolve this critical issue. I hope some how this report will help to resolve the issue. Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke forgets to log sometimes ?
Wow -- 730K daily connections is a pretty busy server. What do your load and CPU utilization numbers look like? Does syslog log to files on the local machine or are you using a network syslog server? Most importantly, are you seeing any other missing messages or is this issue specific to spamdyke? -- Sam Clippinger Seb wrote: What version of spamdyke are you using? Older versions didn't log every message, especially if the connection was whitelisted. Newer versions should log everything. 3.1.1 installed this morning in place of 3.1.0 Also, how busy is your server? syslogd will drop messages if the server is overloaded; I believe this is why DJB didn't use it for qmail. This server is a lot cooler since spamdyke was installed :-) Thanks a lot for spamdyke, sam, it works perfectly on 6+ servers (and counting) and stops loads of spam : 71 smtp connections refused on about 73 incoming connections on the biggest server (a day), not bad at all :-) With the latest version of spamdyke, you can use the log-target directive to make spamdyke avoid syslog. Its messages will appear in the same files as your qmail logs. I'd be very interested to know if that solves the problem. ouch. This would break my munin plugin and a couple of scripts I use to extract statistics. I'll try to modify them to handle multilog log files and tai timestamps one of these days -- Sébastien Guilbaud ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] config-test does not recognize Plesk SMTP_AUTH
Hi Sam, thank you for your very detailed answer. In fact you were right about relaylock. I removed it during my tests and forgot to add it during the config-test. Anyway, I gave it another shot, and I'm still stuck with the same problem. I used loglevel 4 and got a warning saying: WARNING: command aborted abnormally: /var/qmail/bin/relaylock This line is shown directly above the TLS Success and the SMTP-Auth Warning messages of the test: SUCCESS: /var/qmail/bin/relaylock appears to offer TLS support. Continue using the tls-certificate-file flag so spamdyke will be able to filter all traffic. WARNING: /var/qmail/bin/relaylock does not appear to offer SMTP AUTH support. Please use the smtp-auth-command flag or the smtp-auth-command-encryption flag as well as the access-file and local-domains-file flags so spamdyke will be able to authenticate users and correctly allow them to relay. I decided to run strace and see what's happening. To me it seems like something goes wrong during the testing of the SMTP Auth capacities? - strace excerpt - [ creation of the socket .] [pid 19807] select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0}) [pid 19807] write(1, 220 myserver.mydomain.com ESMTP\r\n, 26 unfinished ... [pid 19806] ... select resumed ) = 1 (in [5], left {29, 926000}) [pid 19807] ... write resumed ) = 26 [pid 19806] read(5, 220 myserver.mydomain.com ESMTP\r\n, 4095) = 26 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(5, [], [4], NULL, {30, 0}) = 1 (out [4], left {30, 0}) [pid 19806] write(4, EHLO localhost\r\n, 16) = 16 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(8, [5 7], [], NULL, {30, 0} unfinished ... [pid 19807] select(1, [0], NULL, NULL, {1200, 0}) = 1 (in [0], left {1200, 0}) [pid 19807] read(0, EHLO localhost\r\n, 1024) = 16 [pid 19807] select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0}) [pid 19807] write(1, 250-myserver.mydomain.com\r\n250-STARTTLS..., 64 unfinished ... [pid 19806] ... select resumed ) = 1 (in [5], left {29, 999000}) [pid 19807] ... write resumed ) = 64 [pid 19806] read(5, 250-myserver.mydomain.com\r\n250-STARTTLS..., 4069) = 64 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(5, [], [4], NULL, {30, 0}) = 1 (out [4], left {30, 0}) [pid 19806] write(4, QUIT\r\n, 6) = 6 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(8, [5 7], [], NULL, {30, 0} unfinished ... [pid 19807] select(1, [0], NULL, NULL, {1200, 0}) = 1 (in [0], left {1200, 0}) [pid 19807] read(0, QUIT\r\n, 1024) = 6 [pid 19807] select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0}) [pid 19807] write(1, 221 myserver.mydomain.com\r\n, 20 unfinished ... [pid 19806] ... select resumed ) = 1 (in [5], left {30, 0}) [pid 19807] ... write resumed ) = 20 [pid 19806] read(5, 221 myserver.mydomain.com\r\n, 4005) = 20 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(8, [5 7], [], NULL, {30, 0} unfinished ... [pid 19807] exit_group(0) = ? Process 19807 detached ... select resumed ) = 1 (in [5], left {29, 999000}) read(5, , 3985) = 0 close(5)= 0 time(NULL) = 1194975400 select(8, [7], [], NULL, {30, 0}) = 1 (in [7], left {30, 0}) read(7, , 3985) = 0 close(7)= 0 time(NULL) = 1194975400 close(4)= 0 wait4(19807, 0x7fbfff0a5c, WNOHANG, NULL) = 0 kill(19807, SIGKILL)= 0 write(2, WARNING: command aborted abnorma..., 61WARNING: command aborted abnormally: /var/qmail/bin/relaylock) = 61 - strace excerpt - I don't know if it is the right approach to the problem, but maybe it will give you some clue? I also tried to imitate what I see in the log above by telnetting my system manually, because the strace only shows the first few bytes of each read operation: myserver:~ # telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 myserver.mydomain.com ESMTP EHLO localhost 250-myserver.mydomain.com 250-STARTTLS 250-PIPELINING 250 8BITMIME QUIT 221 myserver.mydomain.com Connection closed by foreign host. I'm far from being a SMTP crack, but shouldn't there be a line announcing my SMTP_AUTH capabilities as well? bye, Michael Sam Clippinger wrote: Plesk is such a queer duck. I like its control panel but it sure does some screwy things to the system configuration. I see something in your spamdyke configuration file that could be causing the SMTP AUTH problem. You have the following line commented out: smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true This is actually two commands -- smtp_auth and cmd5checkpw. They should be given on two
[spamdyke-users] Unusual Graylisting Behavior
I've been running SD3.1.1 for a little over an hour and have been watching my smtpd logs and noticed something I didn't expect to happen with graylisting. I asked my wife to send me an email while I watched the logs. I saw it connect, get the graylist message, then saw it connect to one of my secondary MX servers and get delivered. Below are the two line from my smtpd logs: 2007-11-13 13:47:12.940625500 DENIED_GRAYLISTED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 65.118.8.28 origin_rdns: zk.ironkeep.net auth: (unknown) 2007-11-13 13:47:19.382061500 ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 63.149.22.68 origin_rdns: ns3.byte-productions.com auth: (unknown) I have my two secondary MX servers listed in the ip_file associated with 'never-graylist-ip-file'. I'm assuming that my mailserver received the connection, sent a 'try again later' message and then her ISP's mailserver just tried the next server in my MX list. Is there a better way to handle my config to work with secondary MXs? Should they just be whitelisted instead of allow graylisted? Thanks! -ken My spamdyke.conf file: log-level=2 log-target=0 local-domains-file=/var/qmail/control/rcpthosts #max-recipients=15 idle-timeout-secs=60 graylist-dir=/home/vpopmail/graylist graylist-min-secs=300 graylist-max-secs=1814400 never-graylist-ip-file=/home/vpopmail/never_graylist_these_ips #policy-url=http://my.policy.explanation.url/ sender-blacklist-file=/home/vpopmail/blacklist_senders recipient-blacklist-file=/home/vpopmail/blacklist_recipients ip-in-rdns-keyword-file=/home/vpopmail/blacklist_keywords ip-blacklist-file=/home/vpopmail/blacklist_ip reject-empty-rdns reject-unresolvable-rdns rdns-whitelist-file=/home/vpopmail/whitelist_rdns ip-whitelist-file=/home/vpopmail/whitelist_ip greeting-delay-secs=5 check-dnsrbl=safe.dnsbl.sorbs.net check-dnsrbl=combined.njabl.org check-dnsrbl=sbl-xbl.spamhaus.org check-dnsrbl=bogons.cymru.com reject-missing-sender-mx tls-certificate-file=/var/qmail/control/servercert.pem ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] config-test does not recognize Plesk SMTP_AUTH
relaylock uses the TCPREMOTEIP environment variable (set by tcpserver or tcp_env) to determine the IP address of the remote server. When spamdyke runs its configuration tests, it sets TCPREMOTEIP to 127.0.0.1. relaylock doesn't seem to offer SMTP AUTH to that IP address. Try this -- set TCPREMOTEIP to another value: export TCPREMOTEIP=11.22.33.44 Then run the configuration test one more time. The SMTP AUTH test should succeed. I see this on my Plesk server when I test with your configuration file: spamdyke-3.1.1/spamdyke# cat config.txt log-level=2 local-domains-file=/var/qmail/control/rcpthosts max-recipients=5 idle-timeout-secs=60 graylist-dir=/var/qmail/gray graylist-min-secs=300 graylist-max-secs=1814400 reject-empty-rdns reject-unresolvable-rdns reject-ip-in-cc-rdns greeting-delay-secs=5 check-dnsrbl=zombie.dnsbl.sorbs.net check-dnsrbl=dul.dnsbl.sorbs.net check-dnsrbl=bogons.cymru.com smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true smtp-auth-command=/var/qmail/bin/cmd5checkpw /var/qmail/bin/true local-domains-file=/var/qmail/control/rcpthosts reject-missing-sender-mx hostname=v31616.vierfpeile.de tls-certificate-file=/var/qmail/control/servercert.pem spamdyke-3.1.1/spamdyke# export TCPREMOTEIP=11.22.33.44 spamdyke-3.1.1/spamdyke# ./spamdyke -f config.txt --config-test /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true spamdyke 3.1.1+TLS (C)2007 Sam Clippinger, samc (at) silence (dot) org http://www.spamdyke.org/ Use -h for an option summary or see README.html for complete option details. Testing configuration... WARNING: Running tests as superuser root (0), group root (0). These test results may not be valid if the mail server runs as another user. INFO: Running command to test capabilities: /var/qmail/bin/relaylock WARNING: command aborted abnormally: /var/qmail/bin/relaylock SUCCESS: /var/qmail/bin/relaylock appears to offer TLS support. Continue using the tls-certificate-file flag so spamdyke will be able to filter all traffic. WARNING: /var/qmail/bin/relaylock appears to offer SMTP AUTH support but the smtp-auth-command, smtp-auth-command-encryption and/or access-file flags are in use. This is not necessary and needlessly creates extra load on the server. ERROR(graylist-dir): Unable to read graylist directory /var/qmail/gray: No such file or directory ERROR: Tests complete. Errors detected. spamdyke-3.1.1/spamdyke# -- Sam Clippinger Grimmi Meloni wrote: Hi Sam, thank you for your very detailed answer. In fact you were right about relaylock. I removed it during my tests and forgot to add it during the config-test. Anyway, I gave it another shot, and I'm still stuck with the same problem. I used loglevel 4 and got a warning saying: WARNING: command aborted abnormally: /var/qmail/bin/relaylock This line is shown directly above the TLS Success and the SMTP-Auth Warning messages of the test: SUCCESS: /var/qmail/bin/relaylock appears to offer TLS support. Continue using the tls-certificate-file flag so spamdyke will be able to filter all traffic. WARNING: /var/qmail/bin/relaylock does not appear to offer SMTP AUTH support. Please use the smtp-auth-command flag or the smtp-auth-command-encryption flag as well as the access-file and local-domains-file flags so spamdyke will be able to authenticate users and correctly allow them to relay. I decided to run strace and see what's happening. To me it seems like something goes wrong during the testing of the SMTP Auth capacities? - strace excerpt - [ creation of the socket .] [pid 19807] select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0}) [pid 19807] write(1, 220 myserver.mydomain.com ESMTP\r\n, 26 unfinished ... [pid 19806] ... select resumed ) = 1 (in [5], left {29, 926000}) [pid 19807] ... write resumed ) = 26 [pid 19806] read(5, 220 myserver.mydomain.com ESMTP\r\n, 4095) = 26 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(5, [], [4], NULL, {30, 0}) = 1 (out [4], left {30, 0}) [pid 19806] write(4, EHLO localhost\r\n, 16) = 16 [pid 19806] time(NULL) = 1194975400 [pid 19806] select(8, [5 7], [], NULL, {30, 0} unfinished ... [pid 19807] select(1, [0], NULL, NULL, {1200, 0}) = 1 (in [0], left {1200, 0}) [pid 19807] read(0, EHLO localhost\r\n, 1024) = 16 [pid 19807] select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0}) [pid 19807] write(1, 250-myserver.mydomain.com\r\n250-STARTTLS..., 64 unfinished ... [pid 19806] ... select resumed ) = 1 (in [5], left {29, 999000}) [pid 19807] ... write resumed ) = 64 [pid 19806] read(5, 250-myserver.mydomain.com\r\n250-STARTTLS..., 4069) = 64 [pid 19806] time(NULL)
Re: [spamdyke-users] Problem in v3.1.1 make it un-usable.
Sure my friend. Both server has the same smtp_psa and configure ( both server have 3.0.1 and duplicate/mirror setting) SMTP_PSA { socket_type = stream protocol= tcp wait= no disable = no user= root instances = UNLIMITED server = /var/qmail/bin/tcp-env server_args = -Rt0 /var/qmail/bin/relaylock /usr/local/bin/spamdyke --config-file /var/qmail/spamdyke/spamdyke.conf /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true } SPAMDYKE.CONF log-level=2 local-domains-file=/var/qmail/control/rcpthosts max-recipients=30 idle-timeout-secs=300 graylist-dir=/var/qmail/spamdyke/graylist graylist-min-secs=120 graylist-max-secs=1814400 #greeting-delay-secs = 1 sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients # ip-in-rdns-keyword-file=/var/qmail/spamdyke/blacklist_keywords ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip # rdns-blacklist-dir=/var/qmail/spamdyke/blacklist_rdns.d sender-whitelist-file=/var/qmail/spamdyke/whitelist_recipients # reject-empty-rdns # reject-unresolvable-rdns # reject-ip-in-cc-rdns # rdns-whitelist-file=/var/qmail/spamdyke/whitelist_rdns ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip reject-missing-sender-mx check-dnsrbl=dul.dnsbl.sorbs.net #check-dnsrbl=sbl.spamhaus.org - Original Message From: Sam Clippinger [EMAIL PROTECTED] To: spamdyke users spamdyke-users@spamdyke.org Sent: Wednesday, November 14, 2007 12:13:44 AM Subject: Re: [spamdyke-users] Problem in v3.1.1 make it un-usable. Can you send more information about your setup? Could you send the contents of your /etc/xinetd.d/smtp_psa file and your spamdyke configuration file (if you have one)? -- Sam Clippinger david boh wrote: I would like to report that v3.1.0 also suffer from the same issue as described below. So now I am back to v3.0.1, I think many mail will be missing if I continue to test. I believei it should be able to resolve quickly. - Original Message From: david boh [EMAIL PROTECTED] To: spamdyke-users@spamdyke.org Sent: Tuesday, November 13, 2007 11:22:01 PM Subject: [spamdyke-users] Problem in v3.1.1 make it un-usable. I have two server. One I install the latest spamdyke v3.1.1, let's call this server A and the other server B. Both have spamdyke v3.1.1, using plesk. But when I send email via webmail from server A to the server B email, some how the email cannot be delivered. When I check server B the log shows a lot of Broken pipe. How I know as all the email was trap in server A queue, so I force qmail to send and immediately check the server log in server B. Nov 13 22:19:52 manna spamdyke[19583]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19585]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19580]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19586]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 1542 bytes to file descriptor 1: Broken pipe Nov 13 22:19:52 manna spamdyke[19587]: ERROR: unable to write 36 bytes to file descriptor 1: Broken pipe So I install v3.0.1 in server B (with the same configuration) and did the same thing by forcing qmail to send the trap queue. Now all the email is send through. At this point I have kept v3.1.1 on server A to see if there are other issue. Have to down grade to v3.0.1 as both email send via webmail cannot be transmitted. It seems like v3.1.1 need to resolve this critical issue. I hope some how this report will help to resolve the issue. Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users Send instant messages to your online friends http://uk.messenger.yahoo.com ___ spamdyke-users