[vchkpw] default domain

2004-12-07 Thread RD 
Hello List,
How can I enable the default-domain option without a recompile?
Thanks for the help.
Regards,
RD

Re: [vchkpw] how to delete mail domain alias

2004-12-07 Thread Paul Oehler 



 How can i 
delete mail domain alias added with "vaddaliasdomain"?
Use vdeldomain. It won't delete the 
underlying "non-alias" domain, just the alias.

Paul
-- Paul OehlerNEXCESS.NET Internet 
Solutionshttp://nexcess.net304 1/2 S. 
State St.Ann Arbor, MI 
481041.866.NEXCESS

Re: [vchkpw] chkuser 2.0.7 released

2004-12-07 Thread tonix (Antonio Nati) 


Charles,
you've found an error. Your output in the private e-mail has been
extremely useful, so I've checked the code, and found a small (stupid!)
bug that works when CHKUSER_STARTING_VARIABLE is defined (in such a case,
no check is done on sender).
In 2.0.8 (I'll try to publish it today or tomorrow) this is
fixed.
Anyway, this is the correction, inside chkuser.c, in the routine
chkuser_sender:
int chkuser_sender (stralloc
*sender) {
int count;
+ if (first_time_init_flag) {
+ first_time_init ();
+ }
#if !defined CHKUSER_ALWAYS_ON  defined
CHKUSER_STARTING_VARIABLE
 if (starting_value == -1) {
 return CHKUSER_OK;
 }
#endif
#if defined CHKUSER_SENDER_FORMAT || defined CHKUSER_SENDER_MX
- if (first_time_init_flag)
{
-
first_time_init ();
- }
#if defined CHKUSER_SENDER_NOCHECK_VARIABLE
Thanks,
Tonino
At 01.44 07/12/2004, you wrote:
On Tue, 26 Oct 2004, tonix
(Antonio Nati) wrote:
Patch is working in a production
enviromnent, but it is anyway released as development
version, because changes are so important that I'ld like to have a wider
testing.
As usual, please help me testing
it.
Any bug warning, feedback or comment is welcome!
It looks like there are some issues with verifying the sender
dns...
Two things I've noticed:
-This patch seems to undo the mfcheck patch. Previous
to patching with chkuser, qmail-smtpd would reject any mail without a
proper dns entry for the envelope sender, now it seems to let that all
through. My only patches are Bill Shupp's toaster patch and chkuser
2.0.7.
-Turning on what I think is the equivalent option in chkuser does not
seem to do anything (#define CHKUSER_SENDER_MX).
For example, with /var/qmail/control/mfcheck set to 1 and the above
define set in chkuser_settings.h:
[EMAIL PROTECTED]/home/spork]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost
Escape character is '^]'.
220 xena.foo.net UCE PROHIBITED ESMTP
mail from: [EMAIL PROTECTED]
250 ok
quit
221 xena.foo.net UCE PROHIBITED
Connection closed by foreign host.
And just to be sure, from outside any tcprules checks:
[EMAIL PROTECTED] telnet mail.foo.net 25
Trying 216.220.96.26...
Connected to mail.foo.net.
Escape character is '^]'.
220 xena.foo.net UCE PROHIBITED ESMTP
mail from: [EMAIL PROTECTED]
250 ok
quit
221 xena.foo.net UCE PROHIBITED
Connection closed by foreign host.
[EMAIL PROTECTED] host -t mx no.real.domain.here.tv.us
Host not found.
That should be rejected outright, correct?
Thanks,
Charles

Tonino



[EMAIL PROTECTED]
Interazioni di Antonio Nati


http://www.interazioni.it 
[EMAIL PROTECTED]

[vchkpw] SMTP Auth problem

2004-12-07 Thread Alastair Battrick 
I'm having problems with SMTP Auth. 

I have installed:
Netqmail 1.0.5
Vpopmail 5.4.8
Simscan 1.0.8  Spamassassin  Clamav
Chkuser 2.0.7
Bill Shupp's composite TLS  SMTP Auth patch, from
http://shupp.org/smtp-auth-tls/

The error I'm getting is this:
503 auth not available (#5.3.3)
--
# telnet 217.158.68.125 25
Trying 217.158.68.125...
Connected to 217.158.68.125.
Escape character is '^]'.
220 mail.datasnake.co.uk ESMTP
EHLO datasnake.co.uk
250-mail.datasnake.co.uk
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
AUTH PLAIN
503 auth not available (#5.3.3)
--

SMTP does deliver locally.

The smtpd log gives only this:

2004-12-07 11:30:47.177877500 tcpserver: pid 20753 from 81.178.252.159
2004-12-07 11:30:47.178302500 tcpserver: ok 20753 
mail.datasnake.co.uk:217.158.68.125:25
81-178-252-159.dsl.pipex.com:81.178.252.159::1314


I am starting SMTP with
--
#!/bin/sh

QMAILQUEUE=/var/qmail/bin/simscan
export QMAILQUEUE

QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

exec /usr/local/bin/softlimit -m 20971520 \
/usr/local/bin/tcpserver -v -R -l $LOCAL -x 
/home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21
--

Any help gratefully received

Cheers
Alastair



___ 
Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with Yahoo! Mail to 
make your dream a reality. 
Get Yahoo! Mail www.yahoo.co.uk/10k

Re: [vchkpw] SMTP Auth problem

2004-12-07 Thread Ispas Paul 
On Tuesday 07 December 2004 13:56, Alastair Battrick wrote:
 I'm having problems with SMTP Auth.

 I have installed:
 Netqmail 1.0.5
 Vpopmail 5.4.8
 Simscan 1.0.8  Spamassassin  Clamav
 Chkuser 2.0.7
 Bill Shupp's composite TLS  SMTP Auth patch, from
 http://shupp.org/smtp-auth-tls/

 The error I'm getting is this:
 503 auth not available (#5.3.3)
 --
 # telnet 217.158.68.125 25
 Trying 217.158.68.125...
 Connected to 217.158.68.125.
 Escape character is '^]'.
 220 mail.datasnake.co.uk ESMTP
 EHLO datasnake.co.uk
 250-mail.datasnake.co.uk
 250-STARTTLS
 250-PIPELINING
 250-8BITMIME
 250-SIZE 0
 250 AUTH LOGIN PLAIN CRAM-MD5
 AUTH PLAIN
 503 auth not available (#5.3.3)
 --

 SMTP does deliver locally.

 The smtpd log gives only this:

 2004-12-07 11:30:47.177877500 tcpserver: pid 20753 from 81.178.252.159
 2004-12-07 11:30:47.178302500 tcpserver: ok 20753
 mail.datasnake.co.uk:217.158.68.125:25
 81-178-252-159.dsl.pipex.com:81.178.252.159::1314


 I am starting SMTP with
 --
 #!/bin/sh

 QMAILQUEUE=/var/qmail/bin/simscan
 export QMAILQUEUE

 QMAILDUID=`id -u vpopmail`
 NOFILESGID=`id -g vpopmail`
 MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
 LOCAL=`head -1 /var/qmail/control/me`

 exec /usr/local/bin/softlimit -m 20971520 \
 /usr/local/bin/tcpserver -v -R -l $LOCAL -x
 /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g
 $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21
 --


You should start smtp with the folowing command line : 

qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true
Read the smtp-auth docs.

Re: [vchkpw] SMTP Auth problem

2004-12-07 Thread Alastair Battrick 
Ispas Paul wrote:
On Tuesday 07 December 2004 13:56, Alastair Battrick wrote:
I'm having problems with SMTP Auth.
snip
I am starting SMTP with
--
#!/bin/sh
QMAILQUEUE=/var/qmail/bin/simscan
export QMAILQUEUE
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
exec /usr/local/bin/softlimit -m 20971520 \
   /usr/local/bin/tcpserver -v -R -l $LOCAL -x
/home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g
$NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21
--
You should start smtp with the folowing command line : 

qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true
Read the smtp-auth docs. 
Hi Paul
Thanks for your help. Which documentation are you referring to?
The information you gave me does not appear to be correct, as a 
different error started when doing it the way you describe. It now 
works, when starting qmail-smtpd like so:
qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true

Thanks anyway - it's working now
Alastair

Re: [vchkpw] default domain

2004-12-07 Thread Jeremy Kitchen 
On Tuesday 07 December 2004 12:52 am, RD wrote:
 Hello List,

 How can I enable the default-domain option without a recompile?

with later versions (later than 5.3.28 I believe, but if you're upgrading, 
grab the latest) the defaultdomain is not hard coded, and is in 
~vpopmail/etc/defaultdomain

otherwise, you have to recompile.

-Jeremy

-- 
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l
  kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail
 GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED]


pgpzgkiwRaRYv.pgp
Description: PGP signature

Re: [vchkpw] courier-imap

2004-12-07 Thread Oden Eriksson 
fredag 03 december 2004 21.27 skrev Tom Collins:
 On Dec 3, 2004, at 11:42 AM, Oden Eriksson wrote:
  The question still, is how to make this work, not to make me start
  using smtp
  auth.

 It sounds like (from Jeremey's email) that kmail leaves its IMAP
 connection open at all times and that's the problem.

No, it doesn't. If I close kmail and check connections at both ends it is not 
persistant, it dies after less than a minute.

 One solutions would be to patch Courier-IMAP to update the timestamp
 for the connection every 15 minutes it was still open.

While kmail is running i guess it sends a NOOP or something at given 
intervals. I haven't checked what exactly it does.

 Is it possible to configure kmail to not keep a persistent IMAP
 connection?  Can you add a bogus POP account to kmail so it's popping
 into the server every 15 minutes?

It's not persistent. As a work around I guess I could pop it now and then to 
still be a relay client.

Maybe it's just kmail that sucks and I'm barking at the wrong tree. No one 
here uses this combo?

-- 
Regards // Oden Eriksson

Re: [vchkpw] default domain

2004-12-07 Thread RD 
Hi Jeremy, thanks! I'm running 5.4.0 so your suggestion works like a charm.
Best Regards,
Rd
Jeremy Kitchen wrote:
On Tuesday 07 December 2004 12:52 am, RD wrote:
Hello List,
How can I enable the default-domain option without a recompile?

with later versions (later than 5.3.28 I believe, but if you're upgrading, 
grab the latest) the defaultdomain is not hard coded, and is in 
~vpopmail/etc/defaultdomain

otherwise, you have to recompile.
-Jeremy

[vchkpw] chkuser 2.0.8 released

2004-12-07 Thread tonix (Antonio Nati) 



chkuser 2.0.8 has been released, and is available at

www.interazioni.it/opensource.
As usual, this version has been tested and is now working on my
production systems since some weeks.
This version, basically: 

freeze
all important changes in 2.0.7 (closing DB connections among all) 
is
more RFC compliant (NULL SENDER is now ALWAYS accepted, and all FORMAT
and MX checking defines are OFF by default) 
cleans
some small bugs. 
It has been released as complete release package, and as
update of previous installed versions (from 2.0.5 to
2.0.7).
Additional note:
I put on the site a small script displaying chkuser activity.
On one of my systems, I defined acceptance limits for existing (limit is
50) and wrong (limit is 5) users.
On that system, I'm facing each day several attacks, and these acceptance
limits help me rejecting them.
They are also suggesting me to implement additional features for
rejecting those IP.
Any comment on this topic is welcomed. 

qstat -yesterday 
CHKUSER entries 10135 
CHKUSER accepted null senders 365 
CHKUSER rejected senders 268 
CHKUSER accepted senders 3615 
CHKUSER rejected rcpts 966 
CHKUSER accepted rcpts 3809 
CHKUSER rejected relaying 88 
CHKUSER accepted relaying 42 
CHKUSER mbx overquota 0 
CHKUSER max rcpt intrusion triggers 0 
CHKUSER max wrong rcpt intrusion triggers 62 
CHKUSER rejected intrusions 920 
Please note I may answer any question until friday, then I'll be
again available at the end of the month.
Tonino