Re: [toaster] Relay with authentication

2009-11-03 Thread Shane Chrisp 

Tarique Saleh Mahmud wrote:

That is the correct behaviour. It will not matter what email address is 
in the From field as long as its valid. If the recipient account is on 
that server, authentication will not be required. Otherwise it would 
never receive email unless the person sending it also had an account on 
the same server.


Try sending from outside your network to another email account outside 
your network but relaying via your server and you should get a relaying 
denied message.


--
Regards

Shane Chrisp
2000 Computers & Networks Pty Ltd
Suite 6, 49 Hay St, Subiaco, WA 6008
Ph 08 9382 1399 Fx 08 9382 1720
Mb 0412 409 856
Email sh...@2000cn.com.au
Web http://www.2000cn.com.au
Web http://www.ausmodchips.com




Rick,

Outsider can't send mail to others domain using our email address in 
the from field but if someone uses our email address(x...@mydomain.com) 
in the from field and any address (a...@mydomain.com) of our domain in 
the to field then our server is not asking for authentication. For 
example, if someone from local network or outside network configures 
outlook/eudora/outlook express for the account x...@mydomain.com and 
send email to any_acco...@mydomain.com then our server is not asking 
for the password/authentication.


Here is my /var/qmail/control/locals file:

mail.gmgairlines.com
mail.samahrazor.com
mail.gmggroup.com

Regards,

Tarique

Rick Macdougall wrote:

Tarique Saleh Mahmud wrote:

Rick,

Here is my qmail-smtpd run file:

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 800 \
   /usr/local/bin/tcpserver -v -H -R -l 0 \
   -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
   -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
   /usr/local/bin/rblsmtpd \
   -r bl.spamcop.net \
   -r zen.spamhaus.org \
   /var/qmail/bin/qmail-smtpd \
   /home/vpopmail/bin/vchkpw /bin/true 2>&1



Hi,

Well everything seems correct.

Are you sure outside users can relay through you ?  Not just deliver 
to local users, but deliver to someone at yahoo or gmail.


Is there anything in /var/qmail/control/locals ?

Regards,

Rick

Re: [toaster] logging option

2009-07-31 Thread Shane Chrisp 



Many thanks.. I had edited the run files. How do I restart the logging for
the new options?

  

svc -du /service/qmail-smtpd/log/

Shane

Re: [toaster] logging option

2009-07-30 Thread Shane Chrisp 

Qmail List wrote:

Dear All,

Is there a way to log the incoming, outgoing of the emails in a specific
file and rotate it?

thanks



  
Multilog already does this. If you followed the toaster install 
instructions, see http://cr.yp.to/daemontools/multilog.html


Unless your meaning logging the actual messages themselves and not just 
where they are going. In which case you

probably need to look at the tap patches or something similar.

Shane

Re: [toaster] POP3 SSL Certificate Expired

2009-06-16 Thread Shane Chrisp 

Jeff Koch wrote:


Zsolt - thanks but can you tell me where the certificate is located?



They should be located in /var/qmail/control

Re: [toaster] adding pop3ds to an existing qmail rollout

2009-06-14 Thread Shane Chrisp 

Edvin Seferovic wrote:


I am not sure what that has to do with pop3? J

 

@Bill.. what is your opinion on dovecot? Will there be any new updates 
to the toaster in the near future?


 


Regards,

E:S

 



Bill made a post some time back that he is not really maintaining the 
toaster any more due to his work elsewhere. So it
is not likely that his toaster will be updated again unless he has a 
need to do so. One of the regulars on the list did do
some work towards updating the toaster and posted some of his work. 
Maybe he will chime in and make his work available

again.

There has also been discussion by many of us quite some time back about 
Dovecot and how much lighter it is on resources and also
so much fast at sorting and threading that Courier ever was. I think 
most of those who frequent this list have converted to Dovecot

and are extremely happy with its performance.

Shane

Re: [toaster] cancel

2009-06-10 Thread Shane Chrisp 

helionu...@hnet.com.br wrote:

PLS cancel subscription




From the headers of every email from the list. To manage your 
subscription...


List-Post: 
List-Help: 

"List-Unsubscribe: "

List-Subscribe:

Re: [toaster] Supervise not running after ubuntu upgrade

2009-04-03 Thread Shane Chrisp 

mcas...@itc.transcom.co.mz wrote:

Check out the start of this article for how to get supervise working on 
ubuntu.


http://www.howtoforge.com/perfect-djbdns-setup-on-ubuntu8.04-amd64

They changed things quite a bit on the newer version of Ubuntu. There 
are other ways of

doing it, but that was one of the first ones that came up on google.

Shane

Hello
I am newbie to qmail, after upgrade my mail server from Ubuntu Dapper to
Hardy qmail is not working. System is a 32 bit Dell server running Ubuntu
8.04 now.
I tried qmailctl restart and obtain :

Restarting qmail:
* Stopping qmail-smtpd.
svc: warning: unable to control /service/qmail-smtpd: supervise not running
* Sending qmail-send SIGTERM and restarting.
svc: warning: unable to control /service/qmail-send: supervise not running
* Restarting qmail-smtpd.
svc: warning: unable to control /service/qmail-smtpd: supervise not running

r...@server:/usr/lib# vpopmailctl stat
/service/qmail-pop3d: supervise not running
/service/qmail-pop3d/log: supervise not running
/service/qmail-pop3ds: supervise not running
/service/qmail-pop3ds/log: supervise not running

Supervise is not running at all, i need help, what can I do , need to fast
solve it.
thanks
Manuel Castro

Re: [toaster] Issues With Relay Mail and Spam

2009-03-23 Thread Shane Chrisp 

AJ Bourg wrote:
Anybody? I have more messages in the queue because of this and I'm 
getting rather frustrated because I'm not sure what is going on.





Received: from unknown (HELO F35D3CCB236648E) (anonym...@121.206.73.92) 
This line suggests that the user is authenticated with the user id of 
anonymous.

Re: [toaster] RELAYCLIENT

2009-03-04 Thread Shane Chrisp 

Qmail List wrote:

Simscan not scan (with clamav and spamassassin) smtp auth clients , if you

have clients that relay in tcp.smtp you can set qmailqueue="" 
  

to avoid  scanning.



Am I right to have 


127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/simscan"

In /home/vpopmail/etc/tcp.smtp?

If so, why are the scannings still running?

Thanks

  
What compile options did you use with simscan, have you used the option 
--enable-spam-auth-user=y ?

Re: [toaster] SMTP Connection Refused

2009-02-27 Thread Shane Chrisp 

Dawg E Biscuit wrote:

Did not have the clamd.pid file,  was not set in the conf file.

The permissions are all clamav.clamav in that directory and above,  
though there is a .dblock file in all the directories that I am not 
sure about though it is owned by clamav.clamav


I am unable to find a clamd.log file ... unless it is writing directly 
to the syslog.


I thought about upgrading clam but everything I have read has stated 
that it doesn''t play well with the toaster and daemontools.  I am 
experienced enough to compile it from source but just don't want to 
break anything else.


There is nothing wrong with running the newer versions of clamd, it 
works fine. You just dont need the patches anymore and some of the 
config file options have changed a bit so you need to edit a few options.

Re: [toaster] SMTP Connection Refused

2009-02-26 Thread Shane Chrisp 

Dawg E Biscuit wrote:
Searched the list using multiple queries.  Found partial answers, to 
the Connect Error 2 and simscan but now can\t get past Connection 
Refused you are seeing in the log.


Running simscan, spamd and clamd all from the toaster install with 
Bill's patches.


Have you tried adding recordio to your qmail-smtp/run file and the 
trying to send something and watching the output?

Re: [toaster] SMTP Connection Refused

2009-02-26 Thread Shane Chrisp 

Dawg E Biscuit wrote:
Not using mysql for the backend authentication, just a straight 
toaster install with vpopmail doing the authentication for the smtp.  
I have the username and password correct as I am able to login to the 
pop3 server with the same credentials.


Rob


How about spamd, clamd and simscan? I recall the connect() error your 
seeing,
I just dont recall what the actual issue was off hand. Have you searched 
the toaster list for answers?

Re: [toaster] SMTP Connection Refused

2009-02-26 Thread Shane Chrisp 

Dawg E Biscuit wrote:

What type of backend server are you using for vpopmail, mysql?

Do you have the correct username/password details setup and have you 
allowed IP connections to mysql?


Shane
Yes my mail client has not changed settings from the old server to the 
new server,  it is Thunderbird is set to authenticate.


Mail Client is Thunderbird 2.0

Regards,
Rob G

Shane Chrisp wrote:

Dawg E Biscuit wrote:

Have you got your mail client set to smtp auth?

Well this is the first time I have posted in a long time.  Afters 
years of service I have decided to build a new server that will 
handle my email and everything went according to plan when 
installing but there are a few problems.   The main one being I am 
unable to send email from my mail client,  I have not tested webmail 
as I don't use that all that much but SMTP connections are a must.


When I try to send email I get that the connection has been 
temporarily refused Error #4.0.3.


I have done some troubleshooting and searching in this archive and 
on the web and cannot find anything that will fix this problem.


Here are some log Snippets

- QMAIL-SMTP/ CURRENT -
@400049a721ae36717e0c tcpserver: status: 1/20
@400049a721ae367189c4 tcpserver: pid 5394 from 69.63.33.62
@400049a721ae367189c4 tcpserver: ok 5394 0:192.168.1.50:25 
:69.63.33.62::49269
@400049a721af021fffac CHKUSER accepted sender: from 
 remote 
<[192.168.1.100]:unknown:69.63.33$
@400049a721af023d3c0c CHKUSER accepted rcpt: from 
 remote 
<[192.168.1.100]:unknown:69.63.33.6$

@400049a721af02af763c connect(): Connection refused
@400049a721b320707f2c tcpserver: end 5394 status 0
@400049a721b320708ae4 tcpserver: status: 0/20
@400049a7271320045b94 tcpserver: status: 0/20
@400049a727381d490c24 tcpserver: status: 1/20
@400049a727381d4917dc tcpserver: pid 5777 from 69.63.33.62
@400049a727381d491bc4 tcpserver: ok 5777 0:192.168.1.50:25 
:69.63.33.62::49480
@400049a72738209d4804 CHKUSER accepted sender: from 
 remote 
<[192.168.1.100]:unknown:69.63.33$
@400049a7273820b8e654 CHKUSER accepted rcpt: from 
 remote 
<[192.168.1.100]:unknown:69.63.33.6$

@400049a727382dd7c56c connect(): Connection refused
@400049a7273b39e1218c tcpserver: end 5777 status 0
@400049a7273b39e1295c tcpserver: status: 0/20
@400049a728890a4737cc tcpserver: status: 1/20
@400049a728890a474384 tcpserver: pid 5798 from 69.63.33.62
@400049a728890a47476c tcpserver: ok 5798 0:192.168.1.50:25 
:69.63.33.62::49517
@400049a728890d12fe14 CHKUSER accepted sender: from 
 remote 
<[192.168.1.100]:unknown:69.63.33$
@400049a728890d2f0dac CHKUSER accepted rcpt: from 
 remote 
<[192.168.1.100]:unknown:69.63.33.6$

@400049a728891f62a524 connect(): Connection refused
@400049a7288b1609886c tcpserver: end 5798 status 0
@400049a7288b16099424 tcpserver: status: 0/20

- Freshclam.log 
Received signal: wake up
ClamAV update process started at Thu Feb 26 12:06:50 2009
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/support/faq for an explanation.
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.2 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
ERROR: Can't lock database directory: /usr/local/share/clamav
--
--
freshclam daemon 0.90.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
ClamAV update process started at Thu Feb 26 13:39:19 2009
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.2 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 50, sigs: 500667, f-level: 38, 
builder: sven)

Downloading daily-9049.cdiff [100%]
Ignoring mirror 24.215.0.24 (too often connections with outdated 
version)
ERROR: getpatch: Can't download daily-9050.cdiff from 
database.clamav.net

Downloading daily-9050.cdiff [100%]
Ignoring mirror 130.59.10.36 (too often connections with outdated 
version)
ERROR: getpatch: Can't download daily-9051.cdiff from 
database.clamav.net

Downloading daily-9051.cdiff [100%]
daily.inc updated (version: 9051, sigs: 13885, f-level: 38, builder: 
guitar)

WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 15, recommended = 38
DON'T PANIC! Read http://www.clamav.net/support/faq
Database updated (514552 signatures) from database.clamav.net (IP: 
208.70.244.158)

--
Received signal: wake up
ClamAV update process started at Thu Feb 26 15:39:21 2009
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.2 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
ERROR: Can't lock database directory: /usr/local/share/clamav
--
Received signal: wake up
ClamAV u

Re: [toaster] SMTP Connection Refused

2009-02-26 Thread Shane Chrisp 
H: x86_64, CPU: x86_64)
ClamAV update process started at Thu Feb 26 18:05:42 2009
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.2 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 50, sigs: 500667, f-level: 38, 
builder: sven)
daily.inc is up to date (version: 9051, sigs: 13885, f-level: 38, 
builder: guitar)

--



 qmail/current -
@400049a65aae2256ea9c info msg 6023930: bytes 411604 from 
 qp 7258 uid 501
@400049a65aae229153bc starting delivery 2: msg 6023930 to local 
internet-helpers.net-ad...@internet-helpers.net

@400049a65aae22915f74 status: local 2/10 remote 0/20
@400049a65aae22915f74 delivery 1: success: did_0+1+0/qp_7258/
@400049a65aae2291635c status: local 1/10 remote 0/20
@400049a65aae22b6313c end msg 6023912
@400049a65aae25237434 delivery 2: success: did_0+0+1/
@400049a65aae25237c04 status: local 0/10 remote 0/20
@400049a65aae25237fec end msg 6023930
@400049a6e1902869d534 status: exiting
@400049a6e1f12262f88c status: local 0/10 remote 0/20
@400049a71fff126e9314 status: exiting
@400049a72062128687e4 status: local 0/10 remote 0/20
@400049a7271315ce8ec4 status: exiting
@400049a72713164ae2e4 status: local 0/10 remote 0/20

As far as I can tell I am getting log watch messages from the server 
but nothing via smtp.


/-  /service/qmail-smtp/run -
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 6000 \
   /usr/local/bin/tcpserver -v -H -R -l 0 \
   -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
   -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
   /var/qmail/bin/qmail-smtpd \
   /home/vpopmail/bin/vchkpw /bin/true 2>&1

- ~vpopmail/etc/tcp.smtp 
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/simscan"

I have also done:

127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/simscan",NOP0FCHECK="1"

with no different results.

Any ideas would be greatly appreciated.  Running a AMD64 with 
CentOS5.2 X86_64 version


Installed everything but Razor and TMDA on the toaster as razor 
wouldn't go and I subscribe to too many lists to fight with TMDA to 
get it setup properly right now.


Regards,
Rob G





--
Regards

Shane Chrisp
2000 Computers & Networks Pty Ltd
Suite 6, 49 Hay St, Subiaco, WA 6008
Ph 08 9382 1399 Fx 08 9382 1720
Mb 0412 409 856
Email sh...@2000cn.com.au
Web http://www.2000cn.com.au
Web http://www.ausmodchips.com

Re: [toaster] simscan: connect error 2

2009-02-19 Thread Shane Chrisp 

k...@cuea.edu wrote:

What is the meaning of this error simscan: connect error 2


Best Regards,

..
Emmanuel Kiew,
ICT Dept.
CUEA

  


You can stop that error with something like this in your 
/service/qmail-smtp/run


NOP0FCHECK="1"
export NOP0FCHECK

or by adding NOP0FCHECK="1" to your tcpserver allow lines like

:allow,CHKUSER_RCPTLIMIT="30",CHKUSER_WRONGRCPTLIMIT="2",CHKUSER_MBXQUOTA="95",QMAILQUEUE="/var/qmail/bin/simscan",NOP0FCHECK="1"

Shane

Re: [toaster] Why - Received: from unknown

2008-12-30 Thread Shane Chrisp 

Jeff Koch wrote:

A good pick up by Tren, I didn't think about tcpserver initially. As far 
as I know, the only reason you will experience any sort of delay is if 
the dns that the accepting server is not functioning properly. I have 
taken to running a copy of dnscache on each of the front end servers for 
qmail to use only as it is very lightweight and extremely fast and 
simple to setup.


That being said, before moving to this setup I did have a problem on a 
server which was having lots of trouble due to lookups failing and it 
was giving 4xx temporary errors due to load and timing out connections. 
Since moving to the above setup I have not seen a repeat of these 
problems. Others may have different experiences that I would be 
interested in hearing about as well.


Shane



#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 800 \
/usr/local/bin/tcpserver -v -H -R -l 0 \
-x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp rblsmtpd \
-r x \
-r x \
/var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 2>&1

Thanks for the clue. I see we're using the 'H' option which prevents 
reverse DNS lookups. This configuration setup (with the exception of our 
rblsmtpd entries) is a stock Shupp Toaster - so I guess the question is 
why the stock toaster is configured not to do reverse DNS lookups when 
doing so triggers the spamassassin 'RDNS_NONE' flag.


Any comments? Would rDNS lookups totally slow down a production server?



At 02:09 AM 12/30/2008, you wrote:

What switches are you using to call tcpserver with for your 
qmail-smtpd process?


t

- Original Message -
From: Jeff Koch 
To: toaster@shupp.org 
Sent: Mon Dec 29 23:05:30 2008
Subject: Re: [toaster] Why - Received: from unknown


The receiving mailserver can do reverse DNS perfectly - just doesn't seem
to want to do it during qmail smtp connections. I checked the
/etc/nsswitch.conf file and changed it from:

hosts:  files mdns4_minimal [NOTFOUND=return] dns

to:

hosts:  dns files

That didn't seem to help either. Do you think a reboot or a service 
restart

is necessary after making this change?


At 11:49 PM 12/29/2008, you wrote:
>Jeff Koch wrote:
>>Hi:
>>Does anyone happen to know why all emails received by qmail are 
reported

>>as 'Received: from unknown' even though the sending mailserver clearly
>>identifies itself and has reverve DNS setup?
>>Here's a good example from an email I just recieved:
>>Received: from unknown (HELO lists.sourceforge.net) (216.34.181.88)
>
>That suggests the reverse dns lookups are failing on that server. 
Have you

>tried some lookups manually to see if they are working? I had an issue
>similar to this just recently with a new server and it took a while to
>realise that I had made a mistake in the nssswitch.conf file and it was
>trying to resolve everything via ldap instead of via dns.
>
>Shane

Best Regards,

Jeff Koch, Intersessions


Best Regards,

Jeff Koch, Intersessions

Re: [toaster] Why - Received: from unknown

2008-12-29 Thread Shane Chrisp 

Jeff Koch wrote:


Hi:

Does anyone happen to know why all emails received by qmail are reported 
as 'Received: from unknown' even though the sending mailserver clearly 
identifies itself and has reverve DNS setup?


Here's a good example from an email I just recieved:

Received: from unknown (HELO lists.sourceforge.net) (216.34.181.88)




That suggests the reverse dns lookups are failing on that server. Have 
you tried some lookups manually to see if they are working? I had an 
issue similar to this just recently with a new server and it took a 
while to realise that I had made a mistake in the nssswitch.conf file 
and it was trying to resolve everything via ldap instead of via dns.


Shane

Re: [toaster] clamd error

2008-12-22 Thread Shane Chrisp 
On Mon, 2008-12-22 at 15:37 +0300, k...@cuea.edu wrote:
> I see this error when i look at /var/log/clamd/current
> 
> @4000494f89513409115c ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f8953205a8a14 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f89542bcb7e94 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f895534ca5204 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f89570635801c ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f8958250ccb6c ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f8959317199b4 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f895b026f2564 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f895c0dc5eeac ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> @4000494f895d2e644244 ERROR: LOCAL: Socket file /tmp/clamd.socket is
> in use by another process.
> 
> how do i solve this problem? it seems that clam is not scanning the mails!
> 

 I would say that clam is either running already or that you need to
remove the stale socket file and then restart. Also make sure you have

FixStaleSocket yes

in your clamd.conf

Shane

Re: [toaster] Clam updates

2008-12-21 Thread Shane Chrisp 
On Sun, 2008-12-21 at 07:59 -0700, John Harmon wrote:
> >   
> Well, assuming I haven't installed, and want to stick with the RPM, is 
> there anything I need to do to get it to work in conjunction with Bill's 
> toaster?

No really. The only things to change will probably be the paths. You
will no doubt need to edit /var/qmail/supervise/clamd/run after install
as it points to /usr/local/bin/clamd and the rpm will probably install
to /usr/bin or similar. 

The old patch for clam used to turn on the following options so you will
also want to turn them on in your clamd.conf

LogFile stderr
LogClean
LogVerbose
Foreground
ScanMail


Regards
Shane

Re: [toaster] Clam updates

2008-12-20 Thread Shane Chrisp 
On Sat, 2008-12-20 at 19:12 -0700, John Harmon wrote:
> Bill (and others).  I have 2 questions.
> 
> 2.  If I install clam from an RPM (latest version), do I need to do 
> anything to get it to work in conjunction with your toaster?

 Just update your clam, check the config files for any options that may
have changed and run. If you installed originally from source then your
probably better off updating from source again to keep the paths etc the
same. There is nothing special about the clam config in the toaster.

Shane

Re: [toaster] Advice on upgrading clamav?

2008-12-13 Thread Shane Chrisp 
On Sat, 2008-12-13 at 22:23 -0800, Tom Collins wrote:
> I'm running 0.91.2 on two servers, and 0.88.x on two others.  I figure
> it's about time to upgrade (ya think?!) and remember reading that
> there are changes that affect the toaster.
> 
> 
> I'm wondering:
> 
> 
> 1) Do Bill's clamav patches work with the latest versions of ClamAV?
> a) If not, are they even necessary any more?
> b) If they are necessary, has anyone updated them and made them
> available for downloading?

You don't need the patches anymore, but you will need to read the
upgrade notes on clam as some of the config option have changed
between .93 and .94 and the options need changing or clam wont start up.

> 
> 2) I think I need to make changes to simscan, but it looks like jms1
> has a patch to take care of that.

Im not sure what the change is to simscan that your referring to as I
had no problems with simscan after upgrading.

> 
> Any other things to consider?
> 
> -Tom
> 
> 
> 
>

Re: [toaster] Login problem in webmail without using @domainpart

2008-12-09 Thread Shane Chrisp 
On Tue, 2008-12-09 at 22:35 -0800, Mark Walker wrote:
> Recently, some of my users are having login problems using squirrelmail. I 
> have added the defaul domain in vpopmail and most of the users can login with 
> just typing their username. Some users have to type in [EMAIL PROTECTED] as 
> well then only login is permitted. Kindly let me know why this is happening. 
> 

Your logs might help you determine what the problem is. Of course only
users from the domain which is in the defaultdomain file will be able to
authenticate with just the username portion of their email address. Any
other users at other domains will need to authenticate with the full
email address.

Shane

Re: [toaster] MX retry

2008-11-23 Thread Shane Chrisp 
On Sun, 2008-11-23 at 14:37 +0100, Maciej Sołtysiak wrote:

If your going to do that you might as well just use the smtproutes file.

example.com:secondarymx.com

Shane

> Well,
> 
> I haven't had the time to explore the MX issue, however as a quick
> workaround, would redirecting traffic on network level be of help?
> something like:
> 
> # iptables -t nat -A OUTPUT -p tcp --dport 25 -d MX1 -j DNAT
> --to-destination MX2
> 
> Regards,
> Maciej
> 
> 
> Mark Walker pisze: 
> > Dear All,
> > 
> > A second domain has started to reject mails from my server. I hope this is 
> > not becoming a threat. Please advice any workarounds. My servers keeps 
> > retrying their primary MX and then says connection died. Panic mode ! Pls 
> > help !
> > 
> > --- On Mon, 11/17/08, Mark Walker <[EMAIL PROTECTED]> wrote:
> > 
> >   
> > > Subject: Re: [toaster] MX retry
> > > To: toaster@shupp.org
> > > Date: Monday, November 17, 2008, 12:58 AM
> > > rfc2821 patch is available but reading earlier posts by bill
> > > he says that it may break TLS. 
> > > 
> > > 
> > > --- On Sun, 11/16/08, Maciej Sołtysiak
> > > <[EMAIL PROTECTED]> wrote:
> > > 
> > > 
> > > > From: Maciej Sołtysiak
> > > >   
> > > <[EMAIL PROTECTED]>
> > > 
> > > > Subject: Re: [toaster] MX retry
> > > > To: toaster@shupp.org
> > > > Date: Sunday, November 16, 2008, 12:03 PM
> > > > Well, I think I've seen a patch for qmail to try
> > > >   
> > > other
> > > 
> > > > MXs upon temporary errors.
> > > > What does google say?
> > > > 
> > > > Regards,
> > > > Maciej
> > > >   
> > 
> > 
> >   
> >   
>

Re: [toaster] MX retry

2008-11-14 Thread Shane Chrisp 
On Fri, 2008-11-14 at 00:35 -0800, Mark Walker wrote:

I recently posted a question regarding the same thing and from what i
could find qmail will not try the next preference mx unless the first
one is not contactable at all, and not in the case of a temporary error
code. I hope that what I found was actually incorrect and that someone
can actually confirm how qmail is handling the temp error codes.

Shane

> Hello,
> 
> When I send mails to a particular domain I get the following error;
> deferral: Connected_to_X.X.X.X_but_connection_died._(#4.4.2)/
> When I informed the admin of that domain they said that the mail server which 
> I am trying is the low pref MX which won't accept connections and  and should 
> try the next preference. I beleive qmail will try the next pref. Please let 
> me know your comments. 
> 
> Regards 
> 
> 
>

Re: [toaster] enable-spamassassin in vpopmail

2008-10-17 Thread Shane Chrisp 
On Fri, 2008-10-17 at 17:04 +0200, Alessio Cecchi wrote:

Specify the options you want spamc to run with in the spamc.conf file in
the spamassassin directory.

from man spamc

If the -F switch is specified, that file will be used.  Otherwise,
"spamc" will attempt to load spamc.conf in "SYSCONFDIR" (default:
   /etc/mail/spamassassin).

Shane

> Hello,
> 
> i have build vpopmail with --enable-spamassasin=yes but in my installation 
> spamd is running via socket, spamc called by vdelivermail search for spamd in 
> 127.0.0.1:
> 
> Oct 17 16:56:53 mail18 spamc[26973]: connect to spamd on 127.0.0.1 failed, 
> retrying (#1 of 3): Connection refused
> Oct 17 16:56:54 mail18 spamc[26973]: connect to spamd on 127.0.0.1 failed, 
> retrying (#2 of 3): Connection refused
> Oct 17 16:56:55 mail18 spamc[26973]: connect to spamd on 127.0.0.1 failed, 
> retrying (#3 of 3): Connection refused
> Oct 17 16:56:56 mail18 spamc[26973]: connection attempt to spamd aborted 
> after 
> 3 retries
> 
> I haven't find any options like in simscan for spamc-args, how can i edit 
> this?
> 
> Thanks

[toaster] greylisting

2008-10-15 Thread Shane Chrisp 
Just setup greylisting on one of my servers and I noticed that the
greylisting-delete-expired.sh file can be simplified from

mysql -h $MYSQLHOST -u $MYSQLUSER -p$MYSQLPASS $MYSQLDB -e "delete FROM
relaytofrom WHERE origin_type = \"AUTO\" and ( unix_timestamp(  )-
unix_timestamp( record_expires )  >0 )"

to

mysql -h $MYSQLHOST -u $MYSQLUSER -p$MYSQLPASS $MYSQLDB -e "delete FROM
relaytofrom WHERE origin_type = \"AUTO\" and record_expires < NOW()"

Im not sure off hand if this will work on versions below mysql 4, but I
doubt there are too many 3.23 servers left out there these days. I have
this crond to fire every 5 minutes and its working very well.

Shane

Re: [toaster] Anyone using simscan + spamc

2008-09-30 Thread Shane Chrisp 
On Tue, 2008-09-30 at 23:49 +0800, Shane Chrisp wrote: 
> > That will happen if the email is addressed to more than one person. 
> > Other than that, if it's only addressed to one person, simscan should 
> > pass the user name correctly.
> 
> I might have to try an older version of simscan then as it doesnt matter
> who its going to its only getting the global settings cause its passing
> the clamav user all the time.

Ok, it wasnt the version of Simscan, im now back on 1.4.0, it was the
spamc.conf file in the spamassassin config directory. It looks like you
cant use it in association with Simscan. I now have the per user configs
working properly. I just had to add the extra options I had in the
spamc.conf file into the --enable-spamc-args= compile time option.

Thanks for your help Rick and Jason.

Regards
Shane

Re: [toaster] Anyone using simscan + spamc

2008-09-30 Thread Shane Chrisp 
On Tue, 2008-09-30 at 11:42 -0400, Rick Macdougall wrote:
> Shane Chrisp wrote:
> >> Regards,
> >>
> >> Rick
> > 
> >  I dont know if I am doing something wrong or if maybe its a problem
> > with Simscan 1.4.0 but it wont pass the [EMAIL PROTECTED] details through. 
> > Its
> > always sending clamav which is who simscan, clamd and spamd run as.
> > 
> > Any thoughts?
> > 
> 
> That will happen if the email is addressed to more than one person. 
> Other than that, if it's only addressed to one person, simscan should 
> pass the user name correctly.

I might have to try an older version of simscan then as it doesnt matter
who its going to its only getting the global settings cause its passing
the clamav user all the time.

Re: [toaster] Anyone using simscan + spamc

2008-09-30 Thread Shane Chrisp 
On Mon, 2008-09-29 at 11:06 -0400, Rick Macdougall wrote:
> Yup, we do that here with user prefs stored in MySQL.
> 
> Nothing to it really, just make sure you have the correct configure 
> lines for simscan.
> 
> We use the following (with simscan 1.2)
> 
> ./configure --enable-user=clamav --enable-clamav=y --enable-spam=y 
> --enable-custom-smtp-reject=y --enable-per-domain=y --enable-received 
> --enable-spamc-args="-d spa010.munged.ca,spa013.munged.ca -H" 
> --enable-spamc-user=y --enable-attach=y --enable-spam-hits=10 
> --enable-regex --with-pcre-include=/usr/include/pcre/
> 
> Regards,
> 
> Rick

 I dont know if I am doing something wrong or if maybe its a problem
with Simscan 1.4.0 but it wont pass the [EMAIL PROTECTED] details through. Its
always sending clamav which is who simscan, clamd and spamd run as.

Any thoughts?

Shane

Re: [toaster] Anyone using simscan + spamc

2008-09-29 Thread Shane Chrisp 
On Mon, 2008-09-29 at 14:06 -0400, Jason S wrote:
> Shane Chrisp wrote:
> > On Mon, 2008-09-29 at 12:16 -0400, Jason S wrote:
> > 
> >> right. If you enable spam-hits, then passthru is disabled.
> >>
> >> --enable-spam-passthru=y|n
> >> This option turns spam passthru on and off.  When enabled, email
> >> identified as spam via the X-Spam-Status: header will be passed on 
> >> to the user instead of rejected.
> >> Note : *Enabling spam-hits effectively disables this option*
> > 
> > I have played around with these options too and I would use it, but I
> > cant seem to work out how to reject mail to users who dont want it
> > passed through to them. Do you do that, or do you just pass all mail
> > through to the users maildir or delete it?
> > 
> 
> I pass it all through to the user's spam folder. that is just how it 
> works best for my setup.
> 
> if you want selective treatment of spam (using the pass-through method), 
> you can create a .qmail file in the user's Maildir (or use the valias 
> table in mysql) and use Maildrop to drop the spam into the .Spam folder 
> (or just delete it).

Thanks for your answer but personally I can see why spam just keeps
increasing to higher and ever higher levels. When you start accepting
all emails and either deleting them or dropping them into a spam folder
all its does is to encourage the spammers to send even more. If everyone
rejected the spam emails at smtp time you would see a dramatic change in
the volume of spam.

Regards
Shane

Re: [toaster] Anyone using simscan + spamc

2008-09-29 Thread Shane Chrisp 
On Mon, 2008-09-29 at 12:16 -0400, Jason S wrote:

> right. If you enable spam-hits, then passthru is disabled.
> 
> --enable-spam-passthru=y|n
> This option turns spam passthru on and off.  When enabled, email
> identified as spam via the X-Spam-Status: header will be passed on 
> to the user instead of rejected.
> Note : *Enabling spam-hits effectively disables this option*

I have played around with these options too and I would use it, but I
cant seem to work out how to reject mail to users who dont want it
passed through to them. Do you do that, or do you just pass all mail
through to the users maildir or delete it?

Re: [toaster] Anyone using simscan + spamc

2008-09-29 Thread Shane Chrisp 
On Mon, 2008-09-29 at 11:06 -0400, Rick Macdougall wrote:
> Shane Chrisp wrote:
> > Hi,
> > 
> >  Is anyone running simscan + spamc with user prefs stored in sql or even
> > in file at all? I have been looking at it and it doesnt look like its
> > that difficult to set up but maybe im missing something. Any input would
> > be appreciated.
> > 
> > Shane
> > 
> 
> Yup, we do that here with user prefs stored in MySQL.
> 
> Nothing to it really, just make sure you have the correct configure 
> lines for simscan.
> 
> We use the following (with simscan 1.2)
> 
> ./configure --enable-user=clamav --enable-clamav=y --enable-spam=y 
> --enable-custom-smtp-reject=y --enable-per-domain=y --enable-received 
> --enable-spamc-args="-d spa010.munged.ca,spa013.munged.ca -H" 
> --enable-spamc-user=y --enable-attach=y --enable-spam-hits=10 
> --enable-regex --with-pcre-include=/usr/include/pcre/

Thanks Rick. Much appreciated.

cheers
Shane

Re: [toaster] Anyone using simscan + spamc

2008-09-29 Thread Shane Chrisp 
On Mon, 2008-09-29 at 10:51 -0400, Jason S wrote:
> Shane Chrisp wrote:
> > Hi,
> > 
> >  Is anyone running simscan + spamc with user prefs stored in sql or even
> > in file at all? I have been looking at it and it doesnt look like its
> > that difficult to set up but maybe im missing something. Any input would
> > be appreciated.
> > 
> > Shane
> > 
> 
> are you referring to spamassassin user prefs or per-user simscan prefs?

Sorry, spamassassin user preferences.

[toaster] Anyone using simscan + spamc

2008-09-29 Thread Shane Chrisp 
Hi,

 Is anyone running simscan + spamc with user prefs stored in sql or even
in file at all? I have been looking at it and it doesnt look like its
that difficult to set up but maybe im missing something. Any input would
be appreciated.

Shane

Re: [toaster] Qmail Headers

2008-09-28 Thread Shane Chrisp 
On Sun, 2008-09-28 at 16:49 +0300, Jaroslav wrote:
> thanks Shane for explanation. 
> Had the same question too.
> Can we take a look at the perl script also ?:
> 

Sorry im not at liberty to disclose the script as its not mine to
share. 

Shane

Re: [toaster] Qmail Headers

2008-09-28 Thread Shane Chrisp 
On Sun, 2008-09-28 at 15:35 +0200, Maciej Sołtysiak wrote:
> Shane,
> 
> may I ask what is the reason for surrounding the address with [] ?
> Is it for conformance with standards or ease of log parsing or something 
> else ?
> 
> I'm asking just to find it if there's something I'm missing.

 It is for a perl script that works with just about every other mta's
headers except qmail out. Its to do with rbl checking. Figured id be
better off making qmail the same as the other mta rather than changing
the script to make it support qmail. So your not likely to miss
anything, but it may come in handy for someone else who finds the same
issue with the IP in () not being found, but within [] it is.

Shane

Re: [toaster] Qmail Headers

2008-09-28 Thread Shane Chrisp 
Just to get this into the archives, I finally got around to looking into adding 
the
square brackets into the header. This is how to do it for anyone who might like 
to do it.

This changes the Received line from :-

Received: from x (HELO x.x.x) (x.x.x.x)

to

Received: from x (HELO x.x.x) ([x.x.x.x])


--- ./received.c1998-06-15 18:53:16.0 +0800
+++ ../../../netqmail-1.05/netqmail-1.05/received.c 2008-09-28 
20:07:14.226463651 +0800
@@ -60,8 +60,9 @@
 safeput(qqt,remoteinfo);
 qmail_puts(qqt,"@");
   }
+  qmail_puts(qqt,"[");
   safeput(qqt,remoteip);
-  qmail_puts(qqt,")\n  by ");
+  qmail_puts(qqt,"])\n  by ");
   safeput(qqt,local);
   qmail_puts(qqt," with ");
   qmail_puts(qqt,protocol);

Re: [toaster] clamav: 0.90.2 ==> 0.94 ???

2008-09-09 Thread Shane Chrisp 
On Tue, 2008-09-09 at 21:55 -0500, Mike Schleif wrote:

svc -d /service/clamd
svc -d /service/clamd

and to restart replace the -d with -u

> * Tren Blackburn <[EMAIL PROTECTED]> [2008:09:09:19:11:39-0700] scribed:
> > The patch is required if you're running clamav via supervise. If no
> > newer patch is available then stop running it via supervise and
> > install the latest version as per the clamav website.
> 
> Yes, we are running it under supervise.
> 
> HOW do I stop clam completely?
> 
> 
> # ps aux | grep clam
> clamav2515  0.0  0.2   2812  1292 ?Ss   Sep08   0:00 
> /usr/local/bin/freshclam -d
> root  2667  0.0  0.0   1488   316 ?SSep08   0:00 supervise 
> clamd
> clamav2673 47.9 15.6 152000 80640 ?RSep08 987:04 
> /usr/local/sbin/clamd
> clamav2679  0.0  0.0   1628   384 ?SSep08   0:00 
> /usr/local/bin/multilog t /var/log/clamd
> clamav   21312  0.0  0.1   1940   640 ?S20:59   0:00 
> /var/qmail/bin/simscan
> clamav   21314  0.0  0.1   2616   720 ?S20:59   0:00 clamdscan 
> --stdout
> clamav   21379  0.0  0.1   1940   640 ?S21:00   0:00 
> /var/qmail/bin/simscan
> clamav   21381  0.0  0.1   2616   720 ?S21:00   0:00 clamdscan 
> --stdout
> clamav   21385  0.0  0.1   1940   640 ?S21:00   0:00 
> /var/qmail/bin/simscan
> clamav   21387  0.0  0.1   2616   720 ?S21:00   0:00 clamdscan 
> --stdout
> clamav   21409  0.0  0.1   1940   640 ?S21:00   0:00 
> /var/qmail/bin/simscan
> clamav   21411  0.0  0.1   2616   720 ?S21:00   0:00 clamdscan 
> --stdout
> clamav   21416  0.0  0.1   1940   640 ?S21:01   0:00 
> /var/qmail/bin/simscan
> clamav   21418  0.0  0.1   2616   720 ?S21:01   0:00 clamdscan 
> --stdout
> clamav   21419  0.0  0.1   1940   640 ?S21:01   0:00 
> /var/qmail/bin/simscan
> . . .
> 
> Then, HOW do I UN-supervise it?
> 
> 
> > Regards,
> > 
> > Tren
> > 
> > - Original Message -
> > From: Mike Schleif <[EMAIL PROTECTED]>
> > To: shupp-toaster mailing list 
> > Sent: Tue Sep 09 19:09:23 2008
> > Subject: [toaster] clamav: 0.90.2 ==> 0.94 ???
> > 
> > Please, advise.
> > 
> > What is required to upgrade my toasters (many !!!) from clamav 0.90.2,
> > which is the latest in Bill's Linux Qmail Toaster v. 0.9.2, to clamav
> > "WARNING: Local version: 0.90.2 Recommended version: 0.94" ???
> > 
> > According to here:
> > 
> > 
> > 
> > we _require_ a patch:
> > 
> > wget http://shupp.org/patches/clamav-0.90.2.patch
> > 
> > 
> > What am I missing?
> 
>

Re: [toaster] clamav: 0.90.2 ==> 0.94 ???

2008-09-09 Thread Shane Chrisp 
On Tue, 2008-09-09 at 21:48 -0500, Mike Schleif wrote:

I havnt used the patch on any newer versions of clamav as its only for
config options anyway. Simply download and compile the new version and
check the upgrade notes for .93 about the changes to some of the config
option, change them in your config file and install and restart clamd. I
have been running .94 on a number of servers for about a week now with
no problems.

Shane

> We are running Debian exclusively.
> 
> Recently, I discovered
> deb http://volatile.debian.org/debian-volatile etch/volatile main
> 
> This allows me to keep up with clamav on my personal servers.
> 
> Is there some pathing issues with that clamav and toaster?
> 
> What do you think?
> 
> 
> * Tren Blackburn <[EMAIL PROTECTED]> [2008:09:09:19:11:39-0700] scribed:
> > The patch is required if you're running clamav via supervise. If no
> > newer patch is available then stop running it via supervise and
> > install the latest version as per the clamav website.
> > 
> > Regards,
> > 
> > Tren
> > 
> > - Original Message -
> > From: Mike Schleif <[EMAIL PROTECTED]>
> > To: shupp-toaster mailing list 
> > Sent: Tue Sep 09 19:09:23 2008
> > Subject: [toaster] clamav: 0.90.2 ==> 0.94 ???
> > 
> > Please, advise.
> > 
> > What is required to upgrade my toasters (many !!!) from clamav 0.90.2,
> > which is the latest in Bill's Linux Qmail Toaster v. 0.9.2, to clamav
> > "WARNING: Local version: 0.90.2 Recommended version: 0.94" ???
> > 
> > According to here:
> > 
> > 
> > 
> > we _require_ a patch:
> > 
> > wget http://shupp.org/patches/clamav-0.90.2.patch
> > 
> > 
> > What am I missing?
> 
>

Re: [toaster] reject nonexistent account

2008-08-28 Thread Shane Chrisp 
On Thu, 2008-08-28 at 21:28 -0300, Gaston Marion wrote:
> My friends: someone knows where it can be configured to reject qmail
> mails to nonexistent accounts within my domain? Thank you very much!
> 
>  

The .qmail-default file should have something like this. The path may be
different depending on where you installed vpopmail to.

| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox

Shane

Re: [toaster] how to make vpopmail work with new courie-auth?

2008-07-21 Thread Shane Chrisp 
On Mon, 2008-07-21 at 14:46 +0800, 姜文栋 wrote:

Why not just use dovecot instead?

> toaster,您好!
> 
> courier-authlib-0.61.0
> ChangeLog:  * Makefile: Drop the unmaintained authvchkpw module.
> 
> I still want to use  authvchkpw, how? or how can I use authmysql?
> Any one can give me any tips?
> 
> Thanks!
> 
> 致
> 礼!
>   
> 
> 姜文栋
> [EMAIL PROTECTED]
>   2008-07-21

Re: [toaster] multiple SMTP ports

2008-07-18 Thread Shane Chrisp 
On Fri, 2008-07-18 at 21:02 -0700, Kurt Bigler wrote:
> Hi, all,
> 
> This is perhaps technically off-topic since I don't use a toaster
> configuration, but I thought this was a good list to ask the question to.
> If not my apologies and I'll try the vchkpw list.
> 
> The question of listening on multiple ports has come up before.  It was
> suggested that either another tcpserver command could be added to the
> startup script with configurations cloned/modified, or if separate
> configurations are not needed to use iptables to redirect an additional port
> to the existing one.
> 
> I do not need separate configurations, but I don't seem to have a command
> called iptables on my freebsd server.
> 
> I currently invoke qmail smtp as follows:
> 
> 
> env - PATH="/var/qmail/bin:/usr/local/bin" \
> tcpserver -v -H -R -l$HOSTNAME -x /var/vpopmail/etc/tcp.smtp.cdb \
> -c200 -u89 -g89 0 25 fixcrio /var/qmail/bin/qmail-smtpd-chkuser 2>&1 | \
> /usr/local/bin/setuidgid qmaill \
> /usr/local/bin/multilog t n100 s100 /var/log/smtp &
> 
> 
> and I am wondering if I will cause problems if I just duplicate the above
> command with 25 changed to something else.  Is there an issue of some single
> queue being involved, or of collisions in logging?

Thats all you need to do. Change the port number to what you want and
start up the new configuration.

Re: [toaster] just migrated from courier to dovecot

2008-07-03 Thread Shane Chrisp 
>Seems to be snappier to me as well. I've got it running just fine with
>cdb and quota support enabled. While large mailboxes (and I've got a
>lot) still take some time to initially load, searches are much faster
>than courier as well.
>Anyone have daemontools scripts together already?


Just found this in my favourites

http://www.thedjbway.org/imap/dovecot.html

Re: [toaster] spam mail's

2008-06-19 Thread Shane Chrisp 
On Thu, 2008-06-19 at 02:49 -0700, Newbie Qmail wrote:
> how to configure the simscan for dropmsg?

Make sure you have --enable-spam=y and you may even want to use
--enable-spam-hits=xx --enable-spam-auth-user=y --enable-spam-passthru=y
as config options for simscan

Then add a line such as this to /var/qmail/simcontrol and
run /var/qmail/bin/simscanmk to update it. Im pretty sure that all the
instructions are included in the toaster docs anyway.

:clam=yes,spam=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif,spam_hits=7.0

You can also set per domain hit levels such as below would reject spam
for domain.com with hits of 5.0 and everything else at 7.0

example.com:clam=yes,spam=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif,spam_hits=5.0
:clam=yes,spam=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif,spam_hits=7.0

Shane

> - Original Message 
> From: Qmail List <[EMAIL PROTECTED]>
> To: toaster@shupp.org
> Sent: Thursday, June 19, 2008 2:39:10 PM
> Subject: RE: [toaster] spam mail's
> 
> > Recent days i started getting huge number of spam mails eg: "V agra
> Super
> Active for YOUR", at present the msg goes to 
> > user with Spam detection software, running on the system and
> attaching
> the  spam mail. instead of it is there a way to 
> > quarantine the msg or delete that msg...
> 
> You can configure simscan to dropmsg
>  
> 
> 
> 
>

RE: [toaster] qmail send receive

2008-06-13 Thread Shane Chrisp 
On Fri, 2008-06-13 at 08:33 +0300, Jussi Siponen wrote:

Has the system been updated and now have exim or postfix or some other
mail server running which is the default for the platform that its
running on?

> -
> 
> From: Newbie Qmail [mailto:[EMAIL PROTECTED]
> Sent: 12. kesäkuuta 2008 19:47
> To: toaster@shupp.org
> Subject: [toaster] qmail send receive
> 
> 
> Good evening everybody
> I have a strange problem in my qmail server. First let me brief about my 
> qmail setup
> i am using debian 3.1 OS and qmail+spamassassin+clamav . So far the server 
> was doing it pretty good. The problem started after my
> vacation holls. my colleague was telling he didnt add/modify anything this 
> mail server other than one cronjob
> (cronjob is restarting the qmail server every 5 minutes.)
> Now the problem is if the qmail server is not getting restarted, the mails 
> are not getting delivered to internal/external users
> had a look at qmail-send/run, nothing seems modified.
> can anyone helpme out here
> 
> kavitha
> 
> 
>

Re: [toaster] dovecot

2008-05-31 Thread Shane Chrisp 
On Sat, 2008-05-31 at 16:30 +0800, Qmail List wrote:
> Hi,
> 
> What is the auth mechanism to be used with dovecot?

# vpopmail authentication 
  passdb vpopmail {
# [cache_key=] - See cache_key in PAM for explanation.
#args =
}

I think that is what your asking about.

Re: [toaster] Urgent: preline: fatal: unable to run /usr/bin/maildrop: file does not exist

2008-05-01 Thread Shane Chrisp 
On Thu, 2008-05-01 at 12:02 -0400, JP Maxwell / Gmail wrote:
> Is it something that should have been installed w/ the toaster or
> should I already have it? 

No its up to you to get it if you want it.

> I see the package available via apt - I could just install it?
> 
> On Thu, May 1, 2008 at 12:00 PM, JP Maxwell / Gmail
> <[EMAIL PROTECTED]> wrote:
> Well, that's the same thing, I can't seem to find it...  did I
> miss a step?
> 
> 
> 
> On Thu, May 1, 2008 at 11:58 AM, Qmail List
> <[EMAIL PROTECTED]> wrote:
> > preline: fatal: unable to run /usr/bin/maildrop:
> file does not exist
> 
> 
> Where is your maildrop?
> 
> 
> 
>

Re: [toaster] Urgent: preline: fatal: unable to run /usr/bin/maildrop: file does not exist

2008-05-01 Thread Shane Chrisp 
On Thu, 2008-05-01 at 11:54 -0400, JP Maxwell / Gmail wrote:
> /usr/bin/maildrop:

Have you installed maildrop? Is it in /usr/bin or is it
in /usr/local/bin perhaps?

Re: [toaster] disable SpamAssasin for IP

2008-04-08 Thread Shane Chrisp 
On Wed, 2008-04-09 at 01:54 +0300, Jaroslav wrote:
> Hello all.
> How i can whitelist an IP address in toaster ?
> 
> I have added in /etc/mail/spamassassin/local.cf
> trusted_networks 213.190.x.x

Did you restart spamd after adding this line?

> 
> but logs still show:
> simscan:[15714]:CLEAN (0.70/5.00) . 213.190.x.x
> 
> Seems like it counts spam level for white listed IP ?
> Or I am doing something wrong?
> 
> Thank you,
> Jaroslav

Re: [toaster] Adding an RBL

2008-03-25 Thread Shane Chrisp 
On Tue, 2008-03-25 at 02:48 -0400, Jeff Koch wrote:
> Hi Guys:
> 
> I'd like to add the Spamhaus RBL lists to the Toaster. Can anyone explain 
> the procedure? Does Bill's toaster support the 
> '/var/qmail/control/blacklists' file?
> 

Simply edit /services/qmail-smtpd/run and add something like below. Just
add "-r rbl.he.re " for each rbl you want to use.

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
HOSTNAME='hostname -f`
QMAILQUEUE="/var/qmail/bin/simscan"
NOP0FCHECK="1"
export QMAILQUEUE NOP0FCHECK

exec /usr/local/bin/softlimit -m 3000 \
/usr/local/bin/tcpserver -vRD -l $HOSTNAME -c $MAXSMTPD
-x /home/vpopmail/etc/tcp.smtp.cdb -u "$QMAILDUID" -g "$NOFILESGID" 0
smtp \
/usr/local/bin/rblsmtpd -t5 -b -C \
-r relays.dnsbl.sorbs.net \
-r recent.spam.dnsbl.sorbs.net \
-r misc.dnsbl.sorbs.net \
-r nomail.rhsbl.sorbs.net \
-r zen.spamhaus.org \
-r list.dsbl.org \
-r bl.spamcop.net \
/usr/local/bin/fixcrio /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw 
/bin/true 2>&1

RE: [toaster] HELP!!! SPAMASSASSIN

2008-03-11 Thread Shane Chrisp 
On Tue, 2008-03-11 at 18:01 -0300, Gastón Marión wrote:
> Alejandro como estas? sabes que instale otro servidor qmail tal cual
> como dice en la página www.shupp.org... La cuestión es que ahora
> cuando veo en los logs del spam figura que no encuentra ni puede
> ejecutar el archivo spamd, el log es el siguiente…
> 
>  
> 
> ./run: line 2: /usr/bin/spamd: cannot execute: No such file or
> directory
> 
If you updated SA via CPAN its probably in /usr/local/bin now.

Re: [toaster] qmail-smtpd to require auth

2008-02-27 Thread Shane Chrisp 

On Wed, 2008-02-27 at 10:12 +0100, Alessio Cecchi wrote:
> Il Monday 25 February 2008 09:26:58 Lampa ha scritto:
> > Hello,
> >
> > force auth with chkuser CHKUSER_MUSTAUTH="". Check your code source if
> > it's enabled (supported).
> 
> Hello,
> 
> where i can find all available options that CHKUSER provides?
> 
> Thanks

Try here

http://www.interazioni.it/opensource/chkuser/

Shane

Re: [toaster] how to return over-quota messages to sender?

2008-01-18 Thread Shane Chrisp 
If your using chkusr you can use something like this to set the bounce
at smtp time if the mailbox is over 95%

:allow,CHKUSER_MBXQUOTA="95"


On Fri, 2008-01-18 at 11:50 +0200, Jaroslav wrote:
> Hello, 
> I get lot's of emails like:
> 
> Hi. This is the qmail-send program at my.domain.com.
> I'm afraid I wasn't able to deliver your message to the following
> addresses. 
> This is a permanent error; I've given up. Sorry it didn't work out.
> 
> <[EMAIL PROTECTED]>:
> user is over quota
> 
> 
> 
> How it can be done, so those messages would have been returned to
> sender, but not postmaster ? 
> thank you so much! 
> 
> cheers,
> Jaroslav

Re: [toaster] R: [toaster] Info for send mail

2008-01-08 Thread Shane Chrisp 
On Wed, 2008-01-09 at 06:56 +0200, [EMAIL PROTECTED] wrote:
> It's not the envelope, it's only the "To:" header modified, it's a filter
> bypass technique.

Well your a better mind reader than I am. I was trying to determine if
the person is actually having a problem with the mail server, or if they
are just receiving emails which as you say have modified headers to
conceal the information.

> > Where is are you seeing this undisclosed recipient in the to field? In
> > you client, or in your mail servers log files?
> >
> >
> > On Tue, 2008-01-08 at 11:12 +0100, Info Neoblu wrote:
> >>
> >> > -Messaggio originale-
> >> > Da: Shane Chrisp [mailto:[EMAIL PROTECTED]
> >> > Inviato: martedì 8 gennaio 2008 11.00
> >> > A: toaster@shupp.org
> >> > Oggetto: Re: [toaster] Info for send mail
> >> >
> >> > That sounds like a problem with the mail client rather than the
> >> server.
> >> > “Undisclosed Recipient:;†is pretty normal for mailouts from
> >> clients
> >> > such as outlook express etc.
> >> >
> >> This happens on different clients Outlook, Outlook Express, Thunderbird
> >>  with different versions.
> >>
> >
> >
> 
>

Re: [toaster] R: [toaster] Info for send mail

2008-01-08 Thread Shane Chrisp 
Where is are you seeing this undisclosed recipient in the to field? In
you client, or in your mail servers log files?


On Tue, 2008-01-08 at 11:12 +0100, Info Neoblu wrote:
> 
> > -Messaggio originale-
> > Da: Shane Chrisp [mailto:[EMAIL PROTECTED]
> > Inviato: martedì 8 gennaio 2008 11.00
> > A: toaster@shupp.org
> > Oggetto: Re: [toaster] Info for send mail
> > 
> > That sounds like a problem with the mail client rather than the server.
> > “Undisclosed Recipient:;” is pretty normal for mailouts from clients
> > such as outlook express etc.
> > 
> This happens on different clients Outlook, Outlook Express, Thunderbird  
> with different versions.
>

Re: [toaster] Info for send mail

2008-01-08 Thread Shane Chrisp 
That sounds like a problem with the mail client rather than the server. 
“Undisclosed Recipient:;” is pretty normal for mailouts from clients
such as outlook express etc.

Shane

On Tue, 2008-01-08 at 10:34 +0100, Info Neoblu wrote:
> If in the field “To:” there “Undisclosed Recipient:;” messages are not
> sent or received, this is because insert in the field “Ccn”. 
> How can I do to remedy the problem? 
> Thanks.
> 
>  
> 
> Michele Salerno
> 
>  
> 
> Neoblu Service Provider di Salerno Michele
> 
> Via Bari, 33 - 75100 Matera (MT)
> 
> Tel. +39 0835 1825113
> 
> Fax. Tel. +39 0835 1825109
> 
> Web. http://www.neoblu.it
> 
> P.IVA: 01147740771 - C.F.: SLRMHL78D29A662W
> 
>  
> 
>

Re: [toaster] Error en server

2008-01-04 Thread Shane Chrisp 
On Fri, 2008-01-04 at 12:08 -0300, Gastón Marión wrote:
> Hello people the error detecting is...
>
>Reporting-MTA: dns;bay0-omc1-s19.bay0.hotmail.com
>Received-From-MTA: dns;BAY133-W3
>Arrival-Date: Fri, 4 Jan 2008 05:10:55 -0800
>
>Final-Recipient: rfc822;[EMAIL PROTECTED]
>Action: failed
>Status: 5.5.0
>Diagnostic-Code: smtp;554 Transaction Failed
>(1022769381:189:-2147467259)

What do your qmail-smtpd log files say? Are you on some sort of dsl
service? If so do you have an MTU issue?

Shane

[toaster] Qmail not trying Secondary MX's

2008-01-03 Thread Shane Chrisp 
I have just found qmail not trying to contact a secondary MX for a
domain when the primary is not connectable at all. At first I thought
maybe the dns patch was missing but when I checked it appears to be
there still. So is anyone else noticing this or is it just me?

Shane

Re: [toaster] Forwards handling

2007-12-21 Thread Shane Chrisp 
On Fri, 2007-12-21 at 10:42 +0200, [EMAIL PROTECTED] wrote:
> As i understand from your recommendation is that you delete or do not
> deliver to a mailbox all messages that are considered as spam ?

I never delete mail, its always bounced during the smtp conversation so
that the sender gets notified in case of a false positive or it is
accepted. I dont give the clients the option to play with the spam
settings in SA either and I get very few false positives.

> I still deliver spam messages but i deliver them to the "Spam" folder
> using procmail. If a user sets it's mailbox to forward all messages to
> another external mailbox i think that the procmail is never run and if it
> is run the message still gets forwarded.
> 
> Again, if i'm not mistaking you recommendation will not help me a great deal.

If this is how you want to run your systems then no my option is not
going to help you out. However I would recommend that if your going have
customers setting up forwards, you should consider rejecting the spam at
smtp conversation time instead. But that is of course your own choice.

I cant think of any way of having the email forwarded and yet not
forwarding on the spam.

Shane

> If you care to explain in more detail what is the exact behavior and what
> is going on ?
> 
> > Simply run good spamassassin filtering on your server and you wont
> > forward spam on. If your not already, consider also using rules from
> > http://www.rulesemporium.com/rules.htm in your SA setup and use
> > RulesDuJour to keep them up to date.
> >
> > Shane
> >
> >
> > On Tue, 2007-12-18 at 11:30 +0200, [EMAIL PROTECTED] wrote:
> >> Hello list !
> >>
> >> Is there a way i can control forwarder addresses that the users set ?
> >>
> >> Here is the encountered scenario:
> >>
> >> Users set a forward for the mailbox on my server to a remote yahoo
> >> address. This causes for all spam that they receive to be also sent to
> >> the
> >> yahoo servers which, in turn, will start to consider my server as a
> >> spamming one and keep deferring messages for large periods of times.
> >> This
> >> behavior disturbs other user's communications when yahoo addresses are
> >> involved since the legitimate messages are deferred for large periods of
> >> time also.
> >>
> >> My question is, if a limit on the forwarded e-mail addresses can be set
> >> to
> >> only local addresses. This is a preferred behavior unlike disabling
> >> forwards altogether.
> >>
> >> Thank you in advance for your answers and clarifications in case i mis
> >> understood the situation encountered.
> >>
> >
> >
> 
>

Re: [toaster] Forwards handling

2007-12-18 Thread Shane Chrisp 
Simply run good spamassassin filtering on your server and you wont
forward spam on. If your not already, consider also using rules from
http://www.rulesemporium.com/rules.htm in your SA setup and use
RulesDuJour to keep them up to date.

Shane


On Tue, 2007-12-18 at 11:30 +0200, [EMAIL PROTECTED] wrote:
> Hello list !
> 
> Is there a way i can control forwarder addresses that the users set ?
> 
> Here is the encountered scenario:
> 
> Users set a forward for the mailbox on my server to a remote yahoo
> address. This causes for all spam that they receive to be also sent to the
> yahoo servers which, in turn, will start to consider my server as a
> spamming one and keep deferring messages for large periods of times. This
> behavior disturbs other user's communications when yahoo addresses are
> involved since the legitimate messages are deferred for large periods of
> time also.
> 
> My question is, if a limit on the forwarded e-mail addresses can be set to
> only local addresses. This is a preferred behavior unlike disabling
> forwards altogether.
> 
> Thank you in advance for your answers and clarifications in case i mis
> understood the situation encountered.
>

Re: [toaster] auth only

2007-11-28 Thread Shane Chrisp 
On Wed, 2007-11-28 at 19:06 +0100, Lampa wrote:
> Hello,
> 
> i know but i need auth all users eg forced smtp authentication. No
> authenticated users should be dropped connection.

What do you want to do exactly? Your not going to accept any email from
other servers, just from authenticated users? If thats what your trying
to do, turn off the line :allow in your tcp.smtp file.

> 
> 2007/11/28, Qmail List <[EMAIL PROTECTED]>:
> > > is possible to turn on (via some variable) requirements of auth ? Eg.
> > > users with no user/passwd cannot send email.
> >
> > Bill's toaster has smtp-auth built in
> >
> 
>

Re: [toaster] Applying John Simpsons validrcptto patch

2007-11-02 Thread Shane Chrisp 
On Fri, 2007-11-02 at 12:28 +0100, Sasa Ebach wrote:
> > ...
> > 250 snoopy.2000cn.com.au
> > mail from: <[EMAIL PROTECTED]>
> > 250 ok
> > rcpt to: <[EMAIL PROTECTED]>
> > 511 sorry, no mailbox here by that name (#5.1.1 - chkuser)
> 
> Oh, I didn't realize that I could configure that. I will try to find out 
> more about that.
> 
> But still, does it have the configurable threshhold of J.S.'s approach?
> 
> RCPT TO: <[EMAIL PROTECTED]>
> 421 too many invalid addresses, goodbye (#4.3.0)
> Connection closed by foreign host.
> 
> (trying to find more information about chkuser on google, any other hints?)
> 
> -se

There are lots of options in the chkuser patch. Check the website for
further info. http://www.interazioni.it/opensource/chkuser/

Shane

Re: [toaster] Applying John Simpsons validrcptto patch

2007-11-02 Thread Shane Chrisp 
On Fri, 2007-11-02 at 11:45 +0100, Sasa Ebach wrote:
> >> [1] http://qmail.jms1.net/patches/validrcptto.cdb.shtml
> >> [2] http://qmail.jms1.net/patches/netqmail-1.05-validrcptto.cdb.2.patch
> > 
> > What does this patch do that chkuser doesn't already do?
> 
> It stops delivery of non existant adresses at the earliest possible point. 
> Here is what my server does:
> 
> # telnet localhost 25
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 s1.digitale-wertschoepfung.de ESMTP
> EHLO testing
> 250-s1.digitale-wertschoepfung.de
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 0
> 250 AUTH LOGIN PLAIN CRAM-MD5
> AUTH PLAIN ...
> 235 ok, go ahead (#2.0.0)
> MAIL FROM: <[EMAIL PROTECTED]>
> 250 ok
> RCPT TO: <[EMAIL PROTECTED]>
> 250 ok

I think you better check how your system is setup. This is what you
should get from a system with chkuser patch installed.

...
250 snoopy.2000cn.com.au
mail from: <[EMAIL PROTECTED]>
250 ok
rcpt to: <[EMAIL PROTECTED]>
511 sorry, no mailbox here by that name (#5.1.1 - chkuser)

Shane

Re: [toaster] rblsmtpd Not Doing RBL Lookups

2007-10-16 Thread Shane Chrisp 
On Tue, 2007-10-16 at 11:33 -0400, Ken Schweigert wrote:

Maybe try running a local copy of dnscache on the same box. Ive had a
similar issue before and thats what I did to overcome the problem. Its
not likely that your having exactly the same problem, but it would be
worth a try and I do like running dnscache on the front end smtp servers
now as they seem a bit quicker to respond. I also set a 5 second time
out on the dns lookup.

Shane

> Let me start with I have 5 other Shupp Toaster installs and all of
> them work great.  However, my 6th one is really starting to bake my
> noodle.  Short problem:  it won't check against the RBLs I have
> configured.  Mail delivers just fine, but it's not blocking
> connections from dynamic IPs which should be listed in the RBL.
> 
> I use, generally, the same smtpd/run supervise script on all my boxes;
> some have a whitelist, some don't, etc.  Here is what I have on the
> 6th box (sanitized) :
> 
> [EMAIL PROTECTED] etc]# more /var/qmail/supervise/qmail-smtpd/run
> #!/bin/sh
> QMAILDUID=`id -u vpopmail`
> NOFILESGID=`id -g vpopmail`
> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
> exec /usr/local/bin/softlimit -m 2500 \
> /usr/local/bin/tcpserver -v -H -R -l 0 \
> -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
> -u "$QMAILDUID" -g "$NOFILESGID" aa.bb.cc.dd smtp \
> /usr/local/bin/rblsmtpd -t 20 -b \
> -a whitelist.mydomain.tld \
> -r "safe.dnsbl.sorbs.net:safe.dnsbl.sorbs.net - see
> " \
> -r "combined.njabl.org:combined.njabl.org - see
> " \
> -r "zen.spamhaus.org:zen.spamhaus.org - see
> " \
> /var/qmail/bin/qmail-smtpd \
> /home/vpopmail/bin/vchkpw /bin/true 2>&1
> [EMAIL PROTECTED] etc]#
> 
> I can't see anything wrong with the file, and I've even copy-n-pasted
> the config from a known working server and it still won't query the
> RBL.
> 
> I've tested the rblsmtpd binary with the following command:
> 
> [EMAIL PROTECTED] etc]# TCPREMOTEIP="61.144.178.252" /usr/local/bin/rblsmtpd
> -t 20 -b -r safe.dnsbl.sorbs.net /bin/true
> rblsmtpd: 61.144.178.252 pid 32658: 553 Dynamic IP Addresses See:
> http://www.sorbs.net/lookup.shtml?61.144.178.252
> 220 rblsmtpd.local
> 
> [EMAIL PROTECTED] etc]#
> 
> This should at least tell me the binary is compiled right and that
> there is connectivity to the RBL.
> 
> I've also looked in /var/log/messages and 'dmesg' and don't see
> anything unusual; no blocked packets by iptables to tcp/53, no error
> messages.
> 
> I've restarted the qmail-smtpd service multiple times but to no avail.
> 
> The only thing that seems to help is if I manually add an entry to
> '/home/vpopmail/etc/tcp.smtp' and rebuild the database.  Then I see
> rblsmtpd entries in /var/log/qmail/smtpd/current.
> 
> I'm really at a loss as to why it's not working and would appreciate any 
> input.
> 
> Oh, AMD-64 box with Redhat-ES-4.
> 
> Thanks!
> -ken

[toaster] Compile error on debian etch

2007-10-10 Thread Shane Chrisp 
Hi,

 Im trying to install the toaster on a new debian etch system and after
applying the qmail-toaster-0.9.1.patch.bz2 patch file, I get the
following error. Can anyone shed any light on what is causing this
error, or what files may be missing from the system which need
installing to correct it.

./compile qmail-qmtpd.c
qmail-qmtpd.c: In function ‘badproto’:
qmail-qmtpd.c:15: warning: incompatible implicit declaration of built-in
function ‘_exit’
qmail-qmtpd.c: In function ‘resources’:
qmail-qmtpd.c:16: warning: incompatible implicit declaration of built-in
function ‘_exit’
qmail-qmtpd.c: In function ‘safewrite’:
qmail-qmtpd.c:22: warning: incompatible implicit declaration of built-in
function ‘_exit’
qmail-qmtpd.c: In function ‘saferead’:
qmail-qmtpd.c:34: warning: incompatible implicit declaration of built-in
function ‘_exit’
./compile rcpthosts.c
./load qmail-qmtpd rcpthosts.o control.o constmap.o \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a open.a getln.a sig.a case.a env.a stralloc.a \
alloc.a substdio.a error.a str.a fs.a auto_qmail.o
./compile qmail-smtpd.c
qmail-smtpd.c:169: error: variable ‘spamt’ has initializer but
incomplete type
qmail-smtpd.c: In function ‘setup’:
qmail-smtpd.c:218: error: ‘spfbehavior’ undeclared (first use in
this function)
qmail-smtpd.c:218: error: (Each undeclared identifier is reported only
once
qmail-smtpd.c:218: error: for each function it appears in.)
qmail-smtpd.c:227: error: ‘SPF_DEFEXP’ undeclared (first use in this
function)
qmail-smtpd.c:253: error: ‘surblmax’ undeclared (first use in this
function)
qmail-smtpd.c:254: error: ‘SURBLABSMAX’ undeclared (first use in
this function)
qmail-smtpd.c:267: error: ‘surbldata’ undeclared (first use in this
function)
qmail-smtpd.c: In function ‘bmcheck’:
qmail-smtpd.c:359: error: ‘BMCHECK_BMF’ undeclared (first use in
this function)
qmail-smtpd.c:361: error: ‘BMCHECK_BMFNR’ undeclared (first use in
this function)
qmail-smtpd.c:363: error: ‘BMCHECK_BMT’ undeclared (first use in
this function)
qmail-smtpd.c:365: error: ‘BMCHECK_BMTNR’ undeclared (first use in
this function)
qmail-smtpd.c:367: error: ‘BMCHECK_BHELO’ undeclared (first use in
this function)
qmail-smtpd.c: In function ‘smtp_helo’:
qmail-smtpd.c:507: error: ‘BMCHECK_BHELO’ undeclared (first use in
this function)
qmail-smtpd.c: In function ‘smtp_ehlo’:
qmail-smtpd.c:522: error: invalid use of undefined type ‘struct
spam_t’
qmail-smtpd.c:522: error: invalid use of undefined type ‘struct
spam_t’
qmail-smtpd.c:533: error: ‘BMCHECK_BHELO’ undeclared (first use in
this function)
qmail-smtpd.c: In function ‘smtp_rset’:
qmail-smtpd.c:538: error: ‘surblsize’ undeclared (first use in this
function)
qmail-smtpd.c:539: error: ‘surblwhite’ undeclared (first use in this
function)
qmail-smtpd.c: In function ‘smtp_mail’:
qmail-smtpd.c:552: error: ‘BMCHECK_BMF’ undeclared (first use in
this function)
qmail-smtpd.c:554: error: ‘BMCHECK_BMFNR’ undeclared (first use in
this function)
qmail-smtpd.c:558: error: ‘surblwhite’ undeclared (first use in this
function)
qmail-smtpd.c:560: error: ‘CHKUSER_OK’ undeclared (first use in this
function)
qmail-smtpd.c:562: error: ‘spfbehavior’ undeclared (first use in
this function)
qmail-smtpd.c:565: error: ‘SPF_OK’ undeclared (first use in this
function)
qmail-smtpd.c:566: error: ‘SPF_NONE’ undeclared (first use in this
function)
qmail-smtpd.c:567: error: ‘SPF_UNKNOWN’ undeclared (first use in
this function)
qmail-smtpd.c:568: error: ‘SPF_NEUTRAL’ undeclared (first use in
this function)
qmail-smtpd.c:569: error: ‘SPF_SOFTFAIL’ undeclared (first use in
this function)
qmail-smtpd.c:570: error: ‘SPF_FAIL’ undeclared (first use in this
function)
qmail-smtpd.c:571: error: ‘SPF_ERROR’ undeclared (first use in this
function)
qmail-smtpd.c:574: error: ‘SPF_NOMEM’ undeclared (first use in this
function)
qmail-smtpd.c: In function ‘smtp_rcpt’:
qmail-smtpd.c:644: error: ‘BMCHECK_BMT’ undeclared (first use in
this function)
qmail-smtpd.c:646: error: ‘BMCHECK_BMTNR’ undeclared (first use in
this function)
qmail-smtpd.c:660: error: ‘CHKUSER_KO’ undeclared (first use in this
function)
qmail-smtpd.c:664: error: ‘CHKUSER_RELAYING’ undeclared (first use
in this function)
qmail-smtpd.c:671: error: ‘surbldata’ undeclared (first use in this
function)
qmail-smtpd.c:673: error: ‘surblwhite’ undeclared (first use in this
function)
qmail-smtpd.c: In function ‘put’:
qmail-smtpd.c:695: error: ‘surbldata’ undeclared (first use in this
function)
qmail-smtpd.c:695: error: ‘surblsize’ undeclared (first use in this
function)
qmail-smtpd.c:695: error: ‘surblmax’ undeclared (first use in this
function)
qmail-smtpd.c: In function ‘spfreceived’:
qmail-smtpd.c:768: error: ‘spfbehavior’ undeclared (first use in
th

Re: [toaster] imapd: Maximum connection limit reached for :

2007-09-10 Thread Shane Chrisp 
On Mon, 2007-09-10 at 10:59 -0400, Juan José Miquel wrote:

At a guess id say edit the imapd.conf file?

> Hello All,
>  
> I get this error on a new installed server:
>  
> imapd: Maximum connection limit reached for :
>  
> How do a fix it?
>  
> Thanks
>  
> Juan

Re: [toaster] Turn off MX Check

2007-07-30 Thread Shane Chrisp 
On Mon, 2007-07-30 at 10:39 +0200, Erki-Kiss Zsolt wrote:
> On Mon, Jul 30, 2007 at 10:29:04AM +0200, Erki-Kiss Zsolt wrote:
> > 
> > >  Anyone know if there is a way to turn off the sender MX check in
> > > chkuser in the tcp.smtp or the qmail-smtp/run file? I have a few
> > > messages from a host which I want to accept and then turn it back on
> > > again due to thier dns being totally broken at the moment.
> > 
> > First remove comment and set this #define in toaster source in
> > chkuser_settings.h file: 
> > 
> > #define CHKUSER_SENDER_NOCHECK_VARIABLE "SENDER_NOCHECK"
> 
> Sorry, recompile source and reinstall is needed too of course.

Thanks for your help.

cheers
Shane

[toaster] Turn off MX Check

2007-07-29 Thread Shane Chrisp 
Hi,

 Anyone know if there is a way to turn off the sender MX check in
chkuser in the tcp.smtp or the qmail-smtp/run file? I have a few
messages from a host which I want to accept and then turn it back on
again due to thier dns being totally broken at the moment.

Shane

RE: [toaster] Spam scores required

2007-07-25 Thread Shane Chrisp 
On Tue, 2007-07-24 at 18:47 -0400, Andy Abshagen wrote:

Exactly right. This was discussed in a thread I started a few months
ago. The bug I found was that If spamassassin tagged the message as spam
with a score of say 5.0 and the simcontrol file has a score of 10, the
message would be bounced regardless. I found that by setting the
spamassassin score to something very high things worked fine.

Shane

> Bill,
> 
> You are correct.  Changing the number in simcontrol only changes the reject 
> score not the tag score.  If you want emails to be tagged at a lower number 
> you need to setup the per user as you stated.
> 
> Andy
> 
> -Original Message-
> From: Bill Shupp [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, July 24, 2007 6:45 PM
> To: toaster@shupp.org
> Subject: Re: [toaster] Spam scores required
> 
> [EMAIL PROTECTED] wrote:
> > It exactly is (trying to make hits 5.1 for that domain):
> >
> > bohemiaevents.com:clam=yes,spam=yes,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif,spam_hits=5.1
> > :clam=yes,spam=yes,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif
> >
> 
> Ah, I think I know what's happening.  I believe spam_hits does not
> change the spam threshhold for being marked as spam, but rather changes
> the *reject* threshold.  Perhaps someone knows for sure?  I don't have
> time to look it up.
> 
> If you need custom scores for users, you should look into per-user
> preferences, like storing preferences in SQL.
> 
> Bill
>

RE: [toaster] Problem with Outgoing mail

2007-07-25 Thread Shane Chrisp 
On Wed, 2007-07-25 at 10:04 +0300, [EMAIL PROTECTED] wrote:
> Hi Jussi,
> 
> Yes, you are right. The squirrel mail is configured to use SMTP only but i am 
> unable to telnet on port 25 on localhost.
> 
> [EMAIL PROTECTED] squirrelmail-1.4.9a]# telnet localhost 25
> Trying 127.0.0.1...
> Connected to localhost.localdomain (127.0.0.1).
> Escape character is '^]'.
> Connection closed by foreign host.
> 
> Also the qmail-smtpd logs says that tcp.smtp file does not exists.
> 
> @400046a7018238ada2cc tcpserver: pid 21513 from 127.0.0.1
> @400046a7018238ada6b4 tcpserver: warning: dropping connection, unable to 
> read /home/vpopmail/etc/tcp.smtp.cdb: file does not exist


Here is your problem. Create your tcp.smtp file as per the docs.

Quote:

# NOTE: If you are on the x86_64 platform, you need to edit cdb/compile
to add the -fPIC argument to cc. It should look something like this:
'exec gcc -fPIC -02 -c ${1+"$@"}' After editing compile, do "make &&
make install-strip" again. see this post for more details

echo '127.:allow,RELAYCLIENT=""' > ~vpopmail/etc/tcp.smtp
(cd ~vpopmail/etc ; tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp)

cheers
Shane

Re: [toaster] PDF spam

2007-07-11 Thread Shane Chrisp 
On Wed, 2007-07-11 at 13:16 +0200, Maciej Sołtysiak wrote:
> Hi,
> 
> I was wondering is it just me or are you guys too receiving PDF spam lately?
> 
> Regards,
> Maciej

Its the latest thing in spam now that inline images are being filtered
by so many servers. There is a addin for SA
http://www.rulesemporium.com/plugins.htm#pdfinfo but I havnt tried it
out so not sure how well it does or doesnt work.

Shane

Re: [toaster] simscan error

2007-06-13 Thread Shane Chrisp 
On Thu, 2007-06-14 at 10:54 +0700, sangprabv wrote:

Try raising the softlimit memory limit in /service/qmail-smtpd/run.

> Hi,
> I got simscan error when receiving or sending email. Below is the
> captured log.
>  
> @40004670ba831b77e21c simscan: calling clamdscan
> @40004670ba840979f104 LibClamAV Error: cli_calloc(): Can't
> allocate memory (28 bytes).
> @40004670ba84097b547c calloc_problem: Cannot allocate memory
> @40004670ba84097bb624 LibClamAV Error: Problem parsing signature
> at line 18260
> @40004670ba84097c082c LibClamAV Error: Problem parsing database at
> line 18260
> @40004670ba8409f3ff1c LibClamAV Error: Can't
> load /tmp/clamav-bc605300686cf6b127f86fcada9129e5/main.db: Malformed
> database
> @40004670ba8439e6d67c LibClamAV Error: Can't
> load /var/lib/clamav/main.cvd: Malformed database
>  
> Anybody knows what it's about and how to fix it?
>  
> Regards
>  
>  
> Willy
> 
>

Re: [toaster] memory allocation error

2007-06-02 Thread Shane Chrisp 
On Sun, 2007-06-03 at 00:30 +0800, Qmail List wrote:
> Hi,
> 
> Fresh installation of Bill's toaster on a CentOS 5 x86_64 and getting this 
> error.
> 
> @400046620a5e332bb17c /var/qmail/bin/qmail-smtpd: error while loading 
> shared libraries: libgssapi_krb5.so.2: failed to map segment from shared 
> object: Cannot allocate memory
> 
> Any idea? 

Have you tried increasing the soflimit (memory) limit
in /service/qmail-smtpd/run? 

Shane

Re: [toaster] Problem with libltdl.so.3 in courier-authlib etch

2007-05-24 Thread Shane Chrisp 
On Thu, 2007-05-24 at 15:20 +0200, Alessio Cecchi wrote:
> Hello all!
> 
> After installing the courier-authlib in debian ethc authdaemond can't start 
> becaus don't find the file libltdl.so.3.
> 
> With this command you can fix it:
> 
> ln -s /usr/local/lib/libltdl.so.3 /usr/lib/

You could probably add /usr/local/lib to /etc/ld.so.conf and issue a
ldconfig as well.

Shane

Re: [toaster] SMTP timeout sending mail

2007-05-18 Thread Shane Chrisp 
On Fri, 2007-05-18 at 07:57 -0500, J.T. Johnston wrote:
> In the last few days I have been having extremely long waits when 
> sending emails.  It is now to the point that most mail clients timeout 
> before the server responds.  I have connected via telnet on port 25 and 
> noticed that I connect but have a wait of 1 to 2 minutes before the '220 
> - mail.mydomain.com Welcome to Qmail Toaster...' line comes up.  The 
> last time I had a problem with email similar to this, the DNS servers 
> that I use had changed (I'm not using DNS caching).  Now, it appears 
> that DNS lookups are very quick (pinging google.com returns an address 
> immediately & receiving email is not a problem).  Any suggestions?
> 
> Thanks,
> J.T. Johnston
> Monroeville, AL

Are you using any RBL's? Maybe one of them isnt responding any longer or
has changed?

Shane

Re: [toaster] Simscan 1.3.1.shupp2

2007-05-07 Thread Shane Chrisp 
On Mon, 2007-05-07 at 11:51 -0700, Bill Shupp wrote:
> Shane Chrisp wrote:
> > On Mon, 2007-05-07 at 13:58 +0800, Shane Chrisp wrote:
> >
> >  Well I can confirm that raising the score to 10 as below fixed the
> > issue. It would appear that if SA marks the message as spam, then
> > simscan would bounce it regardless of the score in the simcontrol file.
> > Im using a score of 10 as none of the domains are using a score higher
> > than this, but you would probably be able to set the required_hits to
> > 100 if you wanted to.
> >
> > Spamd:
> > 2007-05-07 21:08:06.336703500 [678] info: spamd: clean message
> > (8.6/10.0) for clamav:89 in 6.9 seconds, 18645 bytes.
> >
> > simscan:
> > 2007-05-07 21:08:06.448404500 simscan:[2406]:SPAM REJECT
> > (8.60/5.50):9.3654s:Any idea:...
> >
> > Shane
> >
> >   
> 
> I thought spam_hits was to be used with spam_passthru.  So you would not
> rely on rejecting spam via spam_assassin's threshold, but only spam_hits
> in simcontrol.  So that the point of spam_hits is so you can allow spam
> in under a certain threshold, say for going through an optional spam
> folder, rather than SMTP rejection.  This is the only way that I've used
> spam_hits in the past rather than just turning off passthru.
> 
> Regards,
> 
> Bill

I tried using spam_passthru but had too many issues with maildrop that
in the end I just stuck with this setup and it worked well until this I
recompiled. 

My compile options for simscan are

./configure --enable-user=clamav --enable-clamav=y --enable-spam=y
--enable-spam-hits=10 --enable-per-domain=y
--enable-custom-smtp-reject=y --enable-attach=y --enable-ripmime
--enable-received=y --enable-spam-auth-user=y
--enable-spamassassin-path=/usr/local/bin/spamassassin
--enable-spamc=/usr/local/bin/spamc

According to the wiki if you want to use the options --enable-spam and 
 --enable-spam-hits=number you should not use --enable-spam-passthru.

Although reading the wiki it would appear that this is not happening as the 
description says:
quote:
 "Perhaps the most popular method is a mix of the others. Which is to reject 
email that scores 
very high and to pass through other email to the user even if it is marked as 
spam. This seems 
to help with the "false positive" issue; email marked as spam but not really 
spam. Use these options:
 --enable-spam
 --enable-spam-hits=number
   where number is the spamassassin score at which you want to reject the email"

Anyway this is working well for me now, so no need to change anything. I can 
live with simply 
telling SA that spam has an incredibly high score and letting simscan work it 
out from there.

cheers
Shane

Re: [toaster] Simscan 1.3.1.shupp2

2007-05-07 Thread Shane Chrisp 
On Mon, 2007-05-07 at 13:58 +0800, Shane Chrisp wrote:

 Well I can confirm that raising the score to 10 as below fixed the
issue. It would appear that if SA marks the message as spam, then
simscan would bounce it regardless of the score in the simcontrol file.
Im using a score of 10 as none of the domains are using a score higher
than this, but you would probably be able to set the required_hits to
100 if you wanted to.

Spamd:
2007-05-07 21:08:06.336703500 [678] info: spamd: clean message
(8.6/10.0) for clamav:89 in 6.9 seconds, 18645 bytes.

simscan:
2007-05-07 21:08:06.448404500 simscan:[2406]:SPAM REJECT
(8.60/5.50):9.3654s:Any idea:...

Shane


> On Mon, 2007-05-07 at 13:25 +0800, Shane Chrisp wrote:
> 
> In reply to my own message, I thought about the fact that I updated
> spamassassin to version 3.2.0 the other day so I added 
> 
> required_hits 10.0
> 
> to spamassassin's local.cf and now the spamd logs are showing that the
> tests are being compared against the score of 10. Im yet to see a
> message which is above one of the client domains scores and below the
> 10.0 threshold so im not sure if it fixes the issue yet. I will let you
> know when it happens.
> 
> Shane
> 
> > Bill, (and others)
> > 
> > Ive compiled the 1.3.1.shupp2 from your site and im noticind that the
> > spamd logs show all messages testing against a score of 5.0 regardless
> > of what the score is assigned to the domain or user in the simcontrol
> > file. 
> > 
> > eg:
> > 2007-05-07 13:01:29.778242500 [1621] info: spamd: identified spam
> > (5.7/5.0) for clamav:89 in 7.5 seconds, 15920 bytes.
> > 
> > and the message was rejected, yet the domain in question has a score of
> > 6.8 in the simcontrol file.
> > 
> > Has anyone else seen this and do you know of a fix for it at all?
> > 
> > cheers
> > Shane
> > 
>

Re: [toaster] Simscan 1.3.1.shupp2

2007-05-06 Thread Shane Chrisp 
On Mon, 2007-05-07 at 13:25 +0800, Shane Chrisp wrote:

In reply to my own message, I thought about the fact that I updated
spamassassin to version 3.2.0 the other day so I added 

required_hits 10.0

to spamassassin's local.cf and now the spamd logs are showing that the
tests are being compared against the score of 10. Im yet to see a
message which is above one of the client domains scores and below the
10.0 threshold so im not sure if it fixes the issue yet. I will let you
know when it happens.

Shane

> Bill, (and others)
> 
> Ive compiled the 1.3.1.shupp2 from your site and im noticind that the
> spamd logs show all messages testing against a score of 5.0 regardless
> of what the score is assigned to the domain or user in the simcontrol
> file. 
> 
> eg:
> 2007-05-07 13:01:29.778242500 [1621] info: spamd: identified spam
> (5.7/5.0) for clamav:89 in 7.5 seconds, 15920 bytes.
> 
> and the message was rejected, yet the domain in question has a score of
> 6.8 in the simcontrol file.
> 
> Has anyone else seen this and do you know of a fix for it at all?
> 
> cheers
> Shane
>

[toaster] Simscan 1.3.1.shupp2

2007-05-06 Thread Shane Chrisp 
Bill, (and others)

Ive compiled the 1.3.1.shupp2 from your site and im noticind that the
spamd logs show all messages testing against a score of 5.0 regardless
of what the score is assigned to the domain or user in the simcontrol
file. 

eg:
2007-05-07 13:01:29.778242500 [1621] info: spamd: identified spam
(5.7/5.0) for clamav:89 in 7.5 seconds, 15920 bytes.

and the message was rejected, yet the domain in question has a score of
6.8 in the simcontrol file.

Has anyone else seen this and do you know of a fix for it at all?

cheers
Shane

Re: [toaster] Headers

2007-03-22 Thread Shane Chrisp 
On Thu, 2007-03-22 at 08:19 -0500, Gary Bowling wrote:
> 
> Seems a security risk because it shows both the internal address and
> the external address of the client, not the server. Which gives a
> hacker an easy way to start discovering outside/inside address pairs.
> 
> Finding who the user that sent the message is, is identified by the
> sending email address. I don't have a problem with that being in the
> header, but the IP address pairs of the client machine I'm not all
> that comfortable with. 
> 
> Gary
> 
> 
> Gary Bowling
> GBCO.US
> [EMAIL PROTECTED]
> 


 You do realise that NAT will identify the internal (private) IP address
anyway dont you? If your that worried, then get yourself a PIX firewall
or similar to protect your network or hack the source yourself to remove
it because I think thats about the only way your going to remove that
line. Or maybe if those clients are directly routed by you, let them
through without smtp auth by adding a line to the tcp.smtp file? As for
the users email address being in the header, that could be forged if you
turn off smtp auth.

Shane

Re: [toaster] Original message in bounces

2007-03-22 Thread Shane Chrisp 
On Thu, 2007-03-22 at 10:06 -0300, Mauro N. Infantino wrote:
> Hi all,
> 
> I've already asked this but I couldn't find an answer yet. Sorry.
> 
> We've configured a toaster for several accounts with a very limited quota (3
> MB). The problem I'm having is that when the user A tries to send a 5 MB
> email to the user B, the email bounces (and includes a base64 encoded
> version of the attachments) to the user A, which also bounces. Basically, we
> have a double-bounce situation here, not because of account inexistance, but
> because of the quota.
> 
> Anyways, the problem is that I actually want A to be notified about the
> bounce. Is there any way to strip the original message? Even better, to
> strip only the attachments in the bounce?
> 
> Regards,
> Mauro.
> 

There is a patch around somewhere to strip attachments, tho I dont
remember if it was posted on this list of the vchkpw list. A search of
both list archives should find it.

Shane

Re: [toaster] Headers

2007-03-22 Thread Shane Chrisp 
On Thu, 2007-03-22 at 07:55 -0500, Gary Bowling wrote:
> When I send a message to someone else, in the headers for the received 
> message, you get the following:
> 
> Received: from unknown (HELO ?192.168.11.10?) ([EMAIL 
> PROTECTED]@70.240.235.119)
>   by 0 with ESMTPA; 22 Mar 2007 11:50:48 -
> 
> 
> This header line contains the client machine's internal ip address 
> (192.168.11.10) which of course is a private address, and also my public 
> address 70.240.235.119.
> 
> These addresses are of the client, the actual toaster server addresses 
> are above that line along with other header info.
> 
> My question is. Is there a way to get rid of my client IP addresses in 
> the header? Seems like a security risk to me.

Why is the header a security risk? Its a standard smtp auth header added
for trackability and should be left in place so that it can be tracked.
If you remove that information and someone starts pumping spam out of
your network, how are you going to know who its coming from unless you
have that info?

Shane

Re: [toaster] QmailAdmin and Qmail behind proxy

2007-03-11 Thread Shane Chrisp 
On Sun, 2007-03-11 at 01:17 -0700, Rick Widmer wrote:
> SKT/MIS/ROZI wrote:
> > Can i install the qmailadmin on different server?
> 
> No.  Qmailadmin needs direct access to files and must reside on the mail 
> server.
> 
> 
> > Is it have a way to let them communicate?
> 
> Vpopmaild can be configured to allow access from another machine, but 
> currently there isn't a user interface to let users manage their mail 
> accounts available for it.  Bill has mentioned that he is working on 
> one, but it isn't released yet.

There is http://www.inter7.com/?page=vhostadmin available, but it needs
some mods/fixes to make it work nicely.

Re: [toaster] Message send failure, 451 error

2007-03-06 Thread Shane Chrisp 
On Wed, 2007-03-07 at 02:29 +1030, [EMAIL PROTECTED] wrote:
> Thanks Shane,
> 
> That was from /var/log/qmail/current, which I thought was a combination of
> qmail-send and qmail-smtpd, however I don't see all the info in it which I
> see in /var/log/qmail/smtpd/current so thanks here it is:
> 
> log of a typical delivery attempt, looking at qmail-smtpd log
> 
> # tail /var/log/qmail/smtpd/current | tai64nlocal
> 
> 2007-03-07 02:27:13.881194500 tcpserver: ok 31451 0:my_ip_address:25
> :my_relays_ip_address::45142
> 2007-03-07 02:27:14.508057500 CHKUSER accepted rcpt: from
> <[EMAIL PROTECTED]::> remote
>  rcpt
> <[EMAIL PROTECTED]> : found existing recipient
> 2007-03-07 02:27:14.987645500 connect(): No such file or directory
> 2007-03-07 02:27:15.049539500 tcpserver: end 31451 status 0
> 
> This 'connect(): No such file or directory' message is new. 

You might want to try adding recordio to your smtpd/run file below to
get a more detailed output of where this connect error is failing. Are
you running clam and spamd? Maybe one of them isnt running for some
reason? Thats about my only guess at this point.

Shane

> I don't know
> which file it is talking about; the contents of my
> /service/qmail-smtpd/run file are:
> 
> #!/bin/sh
> QMAILDUID=`id -u vpopmail`
> NOFILESGID=`id -g vpopmail`
> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
> exec /usr/local/bin/softlimit -m 1000 \
> /usr/local/bin/tcpserver -v -H -R -l 0 \
> -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
> /var/qmail/bin/qmail-smtpd \
> /home/vpopmail/bin/vchkpw /bin/true 2>&1
> 
> (As you can see I have increased the memory limit whilst troubleshooting).
> 
> I have verified that all executables exist, file permissions set
> correctly. I have done a qmailctl cdb.
> 
> and
> # cat /home/vpopmail/etc/tcp.smtp
> 
> 127.:allow,RELAYCLIENT=""
> :allow,QMAILQUEUE="/var/qmail/bin/simscan"
> 
> /var/qmail/bin/simscan is there, permissions -rws--x--x, owned by clamav/root
> 
> ...any more info I can provide?

Re: [toaster] Message send failure, 451 error

2007-03-06 Thread Shane Chrisp 
On Wed, 2007-03-07 at 01:13 +1030, [EMAIL PROTECTED] wrote:
> Hi all,
> 
> This problem regards a RH9 box I have had setup running a Shupp Toaster
> solidly for over 12 months. I have barely touched it in the last 6; system
> resources are fine and everything has been OK. Until last Friday, when
> people sending mail to my server started receiving something like this:
> 
> (log entries from remote host, sending TO my server):
> 
> 2007-03-07 00:56:15.625834500 status: local 0/10 remote 0/20
> 2007-03-07 00:59:35.128206500 new msg 261221
> 2007-03-07 00:59:35.128225500 info msg 261221: bytes 434 from
> <[EMAIL PROTECTED]> qp 27683 uid 89
> 2007-03-07 00:59:35.34700 starting delivery 30048: msg 261221 to
> remote [EMAIL PROTECTED]
> 2007-03-07 00:59:35.347571500 status: local 0/10 remote 1/20
> 2007-03-07 00:59:36.622510500 delivery 30048: deferral:
> 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/
> 2007-03-07 00:59:36.622527500 status: local 0/10 remote 0/20
> 2007-03-07 00:59:41.023791500 new msg 261327
> 2007-03-07 00:59:41.023809500 info msg 261327: bytes 434 from
> <[EMAIL PROTECTED]> qp 27689 uid 89
> 2007-03-07 00:59:41.207978500 starting delivery 30049: msg 261327 to
> remote [EMAIL PROTECTED]
> 2007-03-07 00:59:41.207997500 status: local 0/10 remote 1/20
> 2007-03-07 00:59:42.484134500 delivery 30049: deferral:
> 202.173.137.34_failed_after_I_sent_the_message./Remote_host_said:_451_mail_server_temporarily_rejected_message_(#4.3.0)/
> 2007-03-07 00:59:42.484154500 status: local 0/10 remote 0/20

This looks like its from the qmail-send logs which is outgoing from your
server and not incoming, so the mail is being rejected by the remote
host and not by your host. Doing a 'qmailctl queue' will show you any
messages in your queue. My guess is the remote host is running grey
listing of some sort.

Shane

> All I can find in reference to an error 451 are mentions of SPF errors,
> and I have not changed my SPF configuration. I have however experimented
> by disabling SPF (echo 1 > /var/qmail/control/spfbehaviour ; qmailctl
> restart) and (echo 0 > /var/qmail/control/spfbehaviour ; qmailctl restart)
> however neither made any difference.
> 
> I've done all the obvious things, checked & repaired mysql databases,
> queried my domains with the qmail & vpopmail tools to make sure everything
> is working there. But not change; my mail server is simply rejecting
> everything not sent from one of my hosted domains. Sounds like
> greylisting; but I haven't made any configuration changes. I'm stuck...
> Can anyone help?

Re: [toaster] Simscan Logs

2007-02-11 Thread Shane Chrisp 
On Mon, 2007-02-12 at 00:30 -0300, Hutger H. wrote:

Simscan adds info to the qmail logs in /var/logs/qmail/smtpd/current and
the other info may be located in /var/logs/spamd which is the
spamassassin logs. As for quarantine, the defaults doesnt do this as far
as i am aware, but i always slightly modify Bills setup a little bit to
suit our environment.

For more info, maybe look at the simscan wiki which you can find linked
off the inter7 website.

Shane

> Fellows,
> 
> I already sent two messages with questions to the toaster list and
> there's no replies so far. I know that nobody is obligated to help
> others, but I supposed that was a collaborative list with members trying
> to help each other.  
> 
> Hutger.
> 
> 
> 
> Hutger H. wrote:
> > Hi there,
> >
> > One of my servers has the Bill's Qmail Toaster with Simscan and
> > everything, apparently, seems to be working fine. However, I've been
> > looking for the Simscan logs and the quarantine logs/directory with no
> > success ... Does someone know where I can find this information? Or, at
> > least, how can I get it?
> >
> > Thanks in advance,
> >
> > Hutger
> >
> >
> >   
>

[toaster] XSS Bug in vhostadmin

2007-01-29 Thread Shane Chrisp 
I know this is not exactly vpopmail related, but as its a vpopmail
related tool i thought others here would like to be made aware of this.

I have been using vhostadmin for a while now, and have just noticed that
it is vulnerable to a xss attack which could lead to the underlying
system being cracked. The problem is the $MODULES_DIR var is not being
protected against injection of a remote path and simply accepts whatever
is passed to it such as

http://server/path/to/vhostadmin/modules/main.php?MODULES_DIR=http://remoteserver/path/to/bad/file.php?&cmd=0wn3d


A quick fix is to change global.inc and change 
$MODULES_DIR = 'modules';
to
define("MODULES_DIR", "modules");

and then change all references in any file it appears in of 

$MODULES_DIR 
to 
MODULES_DIR 

and comment out any references to 

global $MODULES_DIR;
to
//global $MODULES_DIR;


There may be other issues, but this one I came accross yesterday when I
noticed the above formated url in the apacge logs. Also, we have
modified some of the system ourselves, so it is entirely possible that
we may be partly to blame for some or all of this, but it would
certainly be worth watching out for if you are using the system.

Regards
Shane

Re: [toaster] suspending and account

2007-01-15 Thread Shane Chrisp 
On Mon, 2007-01-15 at 22:25 -0500, Jason Smith wrote:
> Jeff Koch wrote:
> >
> > Hi:
> >
> > What are the recommendation's on the best way of suspending a 
> > customer's email service without them losing email. Perhaps a method 
> > that will block pop logins but still allow mail to be received.
> >
> > TIA
> >
> >
> >
> > Best Regards,
> >
> > Jeff Koch
> vmoduser has several switches for disabling account features:
> 
> -p ( disable POP access )
> -s ( disable SMTP AUTH access )
> -w ( disable webmail [IMAP from localhost*] access )
> -i ( disable non-webmail IMAP access )
> -b ( bounce all mail )
> -o ( user is not subject to domain limits )
> -r ( disable roaming user/pop-before-smtp )

Or if you use a mysql backend you can use these to work out the value
and put it into the gid field of the user you want to deny access to.

/* gid flags */
#define NO_PASSWD_CHNG 0x01
#define NO_POP 0x02
#define NO_WEBMAIL 0x04
#define NO_IMAP0x08
#define BOUNCE_MAIL0x10
#define NO_RELAY   0x20
#define NO_DIALUP  0x40
#define V_USER0   0x080
#define V_USER1   0x100
#define V_USER2   0x200
#define V_USER3   0x400
#define NO_SMTP   0x800
#define QA_ADMIN 0x1000
#define V_OVERRIDE   0x2000
#define NO_SPAMASSASSIN 0x4000
#define DELETE_SPAM  0x8000
#define SA_ADMIN 0x1
#define SA_EXPERT0x2

Re: [toaster] ClamAV Error

2006-05-06 Thread Shane Chrisp 
On Saturday 06 May 2006 19:49, Michael R. Bagnall wrote:

Did you stop clam while you installed it? How about freshclam too?

> This morning I did an update on my Clam AV from the toaster site and
> I am getting this error in my log when I reload:
>
> @4000445c8c52170420c4 +++ Started at Sat May  6 06:45:12 2006
> @4000445c8c5217042c7c clamd daemon 0.88.1 (OS: linux-gnu, ARCH:
> i386, CPU: i686)
> @4000445c8c521704344c Log file size limited to 1048576 bytes.
> @4000445c8c5217043834 Verbose logging activated.
> @4000445c8c5217044004 Reading databases from /usr/local/share/clamav
> @4000445c8c5430ff7adc LibClamAV Warning:
> 
> @4000445c8c5431000f4c LibClamAV Warning: ***  This version of the
> ClamAV engine is outdated.  ***
> @4000445c8c5431001eec LibClamAV Warning: *** DON'T PANIC! Read
> http://www.clamav.net/faq.html ***
> @4000445c8c5431002aa4 LibClamAV Warning:
> 
> @4000445c8c5436fac694 Protecting against 54291 viruses.
> @4000445c8c5437763824 Unix socket file /tmp/clamd
> @4000445c8c543776a96c Setting connection queue length to 15
> @4000445c8c543776b13c Listening daemon: PID: 3013
> @4000445c8c543776f78c Archive: Archived file size limit set to
> 10485760 bytes.
> @4000445c8c543776ff5c Archive: Recursion level limit set to 8.
> @4000445c8c5437770b14 Archive: Files limit set to 1000.
> @4000445c8c54377712e4 Archive: Compression ratio limit set to 250.
> @4000445c8c5437771ab4 Archive support enabled.
> @4000445c8c543777554c Archive: RAR support disabled.
> @4000445c8c5437776104 Portable Executable support enabled.
> @4000445c8c54377768d4 Mail files support enabled.
> @4000445c8c5430a4 OLE2 support enabled.
> @4000445c8c543874 HTML support enabled.
> @4000445c8c5437778044 Self checking every 1800 seconds.
>
> Have I done something wrong to still be getting an outdated error?
>
> Thanks;
>
> Michael Bagnall
> ElusiveMind
> [EMAIL PROTECTED]
> http://elusivemind.net

Re: [toaster] DSPAM

2006-04-20 Thread Shane Chrisp 
On Thursday 20 April 2006 23:46, Bill Shupp wrote:
> Is anyone on this list using DSPAM instead of or in addition to
> SpamAssassin?

I have looked into it a couple of times, but never gotten around to trying to 
integrate it into the current toaster setup. Would be interested to see how 
it performs/compares to SA in regards to resource usage, speed and 
flexibility.

Shane

Re: [toaster] id: vpopmail: No such user?

2006-04-07 Thread Shane Chrisp 
On Saturday 08 April 2006 03:10, Nikki Locke wrote:
> Shane Chrisp wrote:
> > On Fri, 2006-04-07 at 12:30 +0100, Nikki Locke wrote:
> >
> > Check your startup script is calling `id -u vpopmail`. Id say its just a
> > typo which will be simply fixed and then restart qmail with a svc
> > -du /service/qmail-whatever

Cool. Glad you got it sorted.

> It was a left over message - I rebooted and it went away. It would be nice
> to know how to get rid of old proctitle messages _without_ rebooting.

Comment out the svscan line in the inittab file and issue an init q then 
uncomment it and issue the init q command again. Its that easy.

Shane

Re: [toaster] id: vpopmail: No such user?

2006-04-07 Thread Shane Chrisp 
On Fri, 2006-04-07 at 12:30 +0100, Nikki Locke wrote:

Check your startup script is calling `id -u vpopmail`. Id say its just a
typo which will be simply fixed and then restart qmail with a svc
-du /service/qmail-whatever

Shane



> ps aux is giving me the following...
> 
> root 10930  0.0  0.0  1728  180 ?SMar31   0:00 
> readproctitle service errors: ...
> ..
> 
> ..
> 
> ..
> ...id: vpopmail: No such user?id: vpopmail:
> No such user?
> 
> I _do_ have a user called vpopmail, though.
> 
> [EMAIL PROTECTED] service]# id -u vpopmail
> 89
> 
> Could it be an old message from during the install? 
> 
> If so, what is the best way to get rid of it (ideally without rebooting)?
> 
> I note that svscan is installed in inittab, instead of in /etc/init.d, 
> which makes it slightly more dodgy to fiddle with.
>

Re: [toaster] whitelisting an email address

2006-03-30 Thread Shane Chrisp 
On Thu, 2006-03-30 at 17:32 +, Bob Hutchinson wrote:
> On Thursday 30 Mar 2006 18:14, Shane Chrisp wrote:
> > On Thu, 2006-03-30 at 09:00 -0800, Noel Sanchez wrote:
> > > How do I whitelist an email address or a domain? I have spamassassin
> > > installed per the toaster and have set the spam level to 5. A certain
> > > domain for some reason is being marked as 8, but I need to allow them
> > > access to send us email. I have searched archives and spamassassin but
> > > only read about editing user_prefs. I don’t have user_prefs for each
> > > user.
> >
> > If your only using spamassassin, then you can use the line in local.cf
> >
> > whitelist_from [EMAIL PROTECTED]
> >
> > then restart spamassassin.
> >
> > Or if your using simscan, you can do it in /var/qmail/control/simcontrol
> >
> > [EMAIL PROTECTED]:clam=yes,spam=no
> 
> umm, this would disable spamassassin for all mail *to* [EMAIL PROTECTED], not 
> *from*

Umm yes you are quite right. I think i need more coffee or sleep. :)

Re: [toaster] whitelisting an email address

2006-03-30 Thread Shane Chrisp 
On Thu, 2006-03-30 at 09:00 -0800, Noel Sanchez wrote:
> How do I whitelist an email address or a domain? I have spamassassin
> installed per the toaster and have set the spam level to 5. A certain
> domain for some reason is being marked as 8, but I need to allow them
> access to send us email. I have searched archives and spamassassin but
> only read about editing user_prefs. I don’t have user_prefs for each
> user. 

If your only using spamassassin, then you can use the line in local.cf

whitelist_from [EMAIL PROTECTED]

then restart spamassassin.

Or if your using simscan, you can do it in /var/qmail/control/simcontrol

[EMAIL PROTECTED]:clam=yes,spam=no

then issue a /var/qmail/bin/simscanmk


cheers
Shane


>  
> 
> @4000442c0e3c2ad87ba4 [32041] info: spamd: connection from mail
> [127.0.0.1] at port 41001
> 
> @4000442c0e3c2fcf8a44 [32041] info: spamd: processing message
> <[EMAIL PROTECTED]> for clamav:89
> 
> @4000442c0e3d113dfa84 [32041] info: spamd: identified spam
> (7.5/5.0) for clamav:89 in 0.6 seconds, 2047 bytes.
> 
> @4000442c0e3d115128ac [32041] info: spamd: result: Y  7 -
> AWL,BAYES_00,HTML_MESSAGE,MSGID_DOLLARS,RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME
>  
> scantime=0.6,size=2047,user=clamav,uid=89,required_score=5.0,rhost=mail,raddr=127.0.0.1,rport=41001,mid=<[EMAIL
>  PROTECTED]>,bayes=0,autolearn=no
> 
>

Re: [toaster] Error In Qmail Log File

2006-02-19 Thread Shane Chrisp 
On Sun, 2006-02-19 at 09:50 -0600, ElusiveMind wrote:
> Looks like things are running as a combination root/qmaill/qmails
> 
> 
> Here is my current process dump:
> 
> 
> [EMAIL PROTECTED] src]# ps -aux | grep qmail
> Warning: bad syntax, perhaps a bogus '-'?
> See /usr/share/doc/procps-3.2.3/FAQ
> root  2931  0.0  0.0  2660  284 ?S09:30   0:00
> supervise qmail-send
> root  2933  0.0  0.0  1456  284 ?S09:30   0:00
> supervise qmail-smtpd
> root  2935  0.0  0.0  3320  460 ?S09:30
> 0:00 /usr/local/bin/tcpserver -v -H -R -l 0
> -x /home/vpopmail/etc/tcp.smtp.cdb -c 20 -u  -g  0

The user / group here should typically be those of vpopmail eg: 89.

check your /service/qmail-smtpd/run file

>  smtp /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true
> qmaill2937  0.0  0.0  2244  340 ?S09:30
> 0:00 /usr/local/bin/multilog t /var/log/qmail
> qmaill2938  0.0  0.0  2268  272 ?S09:30
> 0:00 /usr/local/bin/multilog t /var/log/qmail/smtpd
> qmails8419  0.0  0.0 00 ?Z09:49   0:00
> [qmail-send] 
> root  8425  0.0  0.1  5492  652 pts/1S+   09:49   0:00 grep
> qmail
> 
>  
> Thanks;
> 
> 
> Michael Bagnall
> ElusiveMind
> [EMAIL PROTECTED]
> http://elusivemind.net
> 
> On Feb 19, 2006, at 9:46 AM, Shane Chrisp wrote:
> 
> > That all looks about right. What user/group is qmail running as? It
> > has
> > 
> > to be a permissions error somewhere.
> > 
> > 
> 
>

Re: [toaster] Error In Qmail Log File

2006-02-19 Thread Shane Chrisp 
On Sun, 2006-02-19 at 09:34 -0600, ElusiveMind wrote:
> Yeah I actually did that before emailing:
> 
> Here is what I have:
> 
> drwxr-sr-x   2 alias  qmail 4096 Feb 19 09:07 alias
> drwxr-xr-x   2 root   qmail 4096 Feb 19 09:10 bin
> drwxr-xr-x   2 root   qmail 4096 Feb 19 09:06 boot
> drwxr-xr-x   2 root   qmail 4096 Feb 19 09:10 control
> drwxr-xr-x   2 root   qmail 4096 Feb 19 09:06 doc
> drwxr-xr-x  10 root   qmail 4096 Feb 19 09:06 man
> drwxr-x---  11 qmailq qmail 4096 Feb 19 09:06 queue
> -rwxr-xr-x   1 root   root   215 Feb 19 09:09 rc
> drwxr-xr-x   6 root   root  4096 Feb 19 09:10 supervise
> drwxr-xr-x   2 root   qmail 4096 Feb 19 09:06 users
> 
> and for the control folder:
> 
> -rw-r--r--  1 root qmail  3 Feb 19 09:10 concurrencyincoming
> -rw-r--r--  1 root qmail 11 Feb 19 09:09 defaultdelivery
> -rw-r--r--  1 root qmail  2 Feb 19 09:06 spfbehavior

That all looks about right. What user/group is qmail running as? It has
to be a permissions error somewhere.

Re: [toaster] Error In Qmail Log File

2006-02-19 Thread Shane Chrisp 
On Sun, 2006-02-19 at 09:23 -0600, ElusiveMind wrote:
> Hey Folks;
> 
> I am setting up things via the toaster and have come across an error  
> I can't seem to get past. I am able to successfully get qmail  
> running, but I am seeing this in the log file:
> 
> alert: cannot start: unable to read controls
> 
> The only thing I can find with reference to this problem is a library  
> problem. I really hope that this is not the case :)
> 
> I'm attempting to install on CentOS 4.2. Has anyone else experienced  
> this issue?

Check the permissions on the /var/qmail/control dir and the files within
it.

Shane

Re: [toaster] RBL Support For Toaster

2006-02-17 Thread Shane Chrisp 
On Fri, 2006-02-17 at 16:59 +, Júlio Olivares wrote:
> It's easy to enable, just change your /service/qmail-smtpd/run
> Example:
> 
> #!/bin/sh
> QMAILDUID=`id -u vpopmail`
> NOFILESGID=`id -g vpopmail`
> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
> export QMAILQUEUE="/var/qmail/bin/qfilter"
> exec /usr/local/bin/softlimit -m 2000 \
> /usr/local/bin/tcpserver -v -H -R -l 0 \
> -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
> /usr/local/bin/rblsmtpd -b -C -r dnsbl-1.uceprotect.net \

I would add the -t switch to the rblsmtpd program to prevent a non
answering dns server from slowing things to a crawl if there is a
problem. Using -t5 tells rblsmtpd to timeout if there is no answer in 5
seconds.

eg: /usr/local/bin/rblsmtpd -b -C -t -r dnsbl-1.uceprotect.net \

cheers
Shane


> -r list.dsbl.org \
> -r dnsbl.njabl.org \
> -r sbl-xbl.spamhaus.org \
> -r relays.ordb.org \
> -r bl.spamcop.net  \
> /var/qmail/bin/qmail-smtpd \
> /home/vpopmail/bin/vchkpw /bin/true 2>&1
> 
> 
> Regards,
> 
> Júlio Olivares
> 
> 
> - Original Message - 
> From: "Michael Bagnall" <[EMAIL PROTECTED]>
> To: 
> Sent: Friday, February 17, 2006 4:51 PM
> Subject: [toaster] RBL Support For Toaster
> 
> 
> > Hey Folks;
> >
> > First - I apologize if this has been covered before.
> >
> > Secondly - I'm going to be using the toaster page to build a qmail  server 
> > with a couple of changes. I am going to enable SQL support in  vpopmail 
> > and I'm also in need of supporting RBL.
> >
> > Is there a configuration change documented somewhere that explains  making 
> > RBL work? I could not find this on the site.
> >
> > Thanks;
> >
> > Michael Bagnall
> > http://elusivemind.net
> > [EMAIL PROTECTED]
> >
> >
> >
> > 
> 
>

Re: [toaster] empty return-path:

2006-02-14 Thread Shane Chrisp 
On Tue, 2006-02-14 at 12:28 +0100, FuturaHost.Com's Support wrote:
> Hello
> 
> Got some SPAM like this:
> Return-Path: Received: from mail.cihost.com (mail.cihost.com
> [63.249.159.33]) by home.kiski.net with smtp; Feb, 13 2006 11:12:51 PM
> +0600
> 
> Was going to !@ the badmailfrom, but want to check with the list if this
> is really recommended.
> 
> Thanks

I would add that IP, or possibly the whole range in the whois to the cdb
file and deny them that way. We block most of China and Korea due to the
amount of spam and the fact that they just dont seem to care about it
and take action against thier clients when you report it to them.

Shane

Re: [toaster] "Mailbag" linux mail server ?

2006-02-09 Thread Shane Chrisp 
On Thu, 2006-02-09 at 12:56 -0500, Jeff Koch wrote:
> Hi Tom:
> 
> Are any entries required in qmail's 'smtproutes' file?

No.

> 
> At 11:10 AM 2/9/2006, you wrote:
> >On Feb 9, 2006, at 8:00 AM, Florent Gilain wrote:
> >>Being a backup MX server that will receive emails for many selected domains
> >>during their primary MX server crash, keep theses mails and automatically
> >>re-send them to the primary when it will be up again?
> >>
> >>PS : such a functionnality is called "mailbag" in mail server products for
> >>windows like "Argosoft Mail Server" for example...
> >
> >In DNS, make the server a secondary MX record (make sure you have another 
> >MX with a lower value).
> >
> >Add the domain to rcpthosts or morercpthosts.  If morercpthosts, run 
> >qmail-newmrh to have it rebuild morercpthosts.cdb.
> >
> >That's it.  Make sure the domain is NOT in locals or virtualdomains or 
> >qmail will attempt to deliver it on the "mailbag" server.
> >
> >--
> >Tom Collins  -  [EMAIL PROTECTED]
> >QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
> >You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
> >
> 
> Best Regards,
> 
> Jeff Koch, Intersessions 
>

  1   2   >