[vchkpw] default domain
Hello List, How can I enable the default-domain option without a recompile? Thanks for the help. Regards, RD
Re: [vchkpw] how to delete mail domain alias
How can i delete mail domain alias added with "vaddaliasdomain"? Use vdeldomain. It won't delete the underlying "non-alias" domain, just the alias. Paul -- Paul OehlerNEXCESS.NET Internet Solutionshttp://nexcess.net304 1/2 S. State St.Ann Arbor, MI 481041.866.NEXCESS
Re: [vchkpw] chkuser 2.0.7 released
Charles, you've found an error. Your output in the private e-mail has been extremely useful, so I've checked the code, and found a small (stupid!) bug that works when CHKUSER_STARTING_VARIABLE is defined (in such a case, no check is done on sender). In 2.0.8 (I'll try to publish it today or tomorrow) this is fixed. Anyway, this is the correction, inside chkuser.c, in the routine chkuser_sender: int chkuser_sender (stralloc *sender) { int count; + if (first_time_init_flag) { + first_time_init (); + } #if !defined CHKUSER_ALWAYS_ON defined CHKUSER_STARTING_VARIABLE if (starting_value == -1) { return CHKUSER_OK; } #endif #if defined CHKUSER_SENDER_FORMAT || defined CHKUSER_SENDER_MX - if (first_time_init_flag) { - first_time_init (); - } #if defined CHKUSER_SENDER_NOCHECK_VARIABLE Thanks, Tonino At 01.44 07/12/2004, you wrote: On Tue, 26 Oct 2004, tonix (Antonio Nati) wrote: Patch is working in a production enviromnent, but it is anyway released as development version, because changes are so important that I'ld like to have a wider testing. As usual, please help me testing it. Any bug warning, feedback or comment is welcome! It looks like there are some issues with verifying the sender dns... Two things I've noticed: -This patch seems to undo the mfcheck patch. Previous to patching with chkuser, qmail-smtpd would reject any mail without a proper dns entry for the envelope sender, now it seems to let that all through. My only patches are Bill Shupp's toaster patch and chkuser 2.0.7. -Turning on what I think is the equivalent option in chkuser does not seem to do anything (#define CHKUSER_SENDER_MX). For example, with /var/qmail/control/mfcheck set to 1 and the above define set in chkuser_settings.h: [EMAIL PROTECTED]/home/spork]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost Escape character is '^]'. 220 xena.foo.net UCE PROHIBITED ESMTP mail from: [EMAIL PROTECTED] 250 ok quit 221 xena.foo.net UCE PROHIBITED Connection closed by foreign host. And just to be sure, from outside any tcprules checks: [EMAIL PROTECTED] telnet mail.foo.net 25 Trying 216.220.96.26... Connected to mail.foo.net. Escape character is '^]'. 220 xena.foo.net UCE PROHIBITED ESMTP mail from: [EMAIL PROTECTED] 250 ok quit 221 xena.foo.net UCE PROHIBITED Connection closed by foreign host. [EMAIL PROTECTED] host -t mx no.real.domain.here.tv.us Host not found. That should be rejected outright, correct? Thanks, Charles Tonino [EMAIL PROTECTED] Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
[vchkpw] SMTP Auth problem
I'm having problems with SMTP Auth. I have installed: Netqmail 1.0.5 Vpopmail 5.4.8 Simscan 1.0.8 Spamassassin Clamav Chkuser 2.0.7 Bill Shupp's composite TLS SMTP Auth patch, from http://shupp.org/smtp-auth-tls/ The error I'm getting is this: 503 auth not available (#5.3.3) -- # telnet 217.158.68.125 25 Trying 217.158.68.125... Connected to 217.158.68.125. Escape character is '^]'. 220 mail.datasnake.co.uk ESMTP EHLO datasnake.co.uk 250-mail.datasnake.co.uk 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 0 250 AUTH LOGIN PLAIN CRAM-MD5 AUTH PLAIN 503 auth not available (#5.3.3) -- SMTP does deliver locally. The smtpd log gives only this: 2004-12-07 11:30:47.177877500 tcpserver: pid 20753 from 81.178.252.159 2004-12-07 11:30:47.178302500 tcpserver: ok 20753 mail.datasnake.co.uk:217.158.68.125:25 81-178-252-159.dsl.pipex.com:81.178.252.159::1314 I am starting SMTP with -- #!/bin/sh QMAILQUEUE=/var/qmail/bin/simscan export QMAILQUEUE QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` exec /usr/local/bin/softlimit -m 20971520 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 -- Any help gratefully received Cheers Alastair ___ Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with Yahoo! Mail to make your dream a reality. Get Yahoo! Mail www.yahoo.co.uk/10k
Re: [vchkpw] SMTP Auth problem
On Tuesday 07 December 2004 13:56, Alastair Battrick wrote: I'm having problems with SMTP Auth. I have installed: Netqmail 1.0.5 Vpopmail 5.4.8 Simscan 1.0.8 Spamassassin Clamav Chkuser 2.0.7 Bill Shupp's composite TLS SMTP Auth patch, from http://shupp.org/smtp-auth-tls/ The error I'm getting is this: 503 auth not available (#5.3.3) -- # telnet 217.158.68.125 25 Trying 217.158.68.125... Connected to 217.158.68.125. Escape character is '^]'. 220 mail.datasnake.co.uk ESMTP EHLO datasnake.co.uk 250-mail.datasnake.co.uk 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 0 250 AUTH LOGIN PLAIN CRAM-MD5 AUTH PLAIN 503 auth not available (#5.3.3) -- SMTP does deliver locally. The smtpd log gives only this: 2004-12-07 11:30:47.177877500 tcpserver: pid 20753 from 81.178.252.159 2004-12-07 11:30:47.178302500 tcpserver: ok 20753 mail.datasnake.co.uk:217.158.68.125:25 81-178-252-159.dsl.pipex.com:81.178.252.159::1314 I am starting SMTP with -- #!/bin/sh QMAILQUEUE=/var/qmail/bin/simscan export QMAILQUEUE QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` exec /usr/local/bin/softlimit -m 20971520 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 -- You should start smtp with the folowing command line : qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true Read the smtp-auth docs.
Re: [vchkpw] SMTP Auth problem
Ispas Paul wrote: On Tuesday 07 December 2004 13:56, Alastair Battrick wrote: I'm having problems with SMTP Auth. snip I am starting SMTP with -- #!/bin/sh QMAILQUEUE=/var/qmail/bin/simscan export QMAILQUEUE QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` LOCAL=`head -1 /var/qmail/control/me` exec /usr/local/bin/softlimit -m 20971520 \ /usr/local/bin/tcpserver -v -R -l $LOCAL -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21 -- You should start smtp with the folowing command line : qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true Read the smtp-auth docs. Hi Paul Thanks for your help. Which documentation are you referring to? The information you gave me does not appear to be correct, as a different error started when doing it the way you describe. It now works, when starting qmail-smtpd like so: qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true Thanks anyway - it's working now Alastair
Re: [vchkpw] default domain
On Tuesday 07 December 2004 12:52 am, RD wrote: Hello List, How can I enable the default-domain option without a recompile? with later versions (later than 5.3.28 I believe, but if you're upgrading, grab the latest) the defaultdomain is not hard coded, and is in ~vpopmail/etc/defaultdomain otherwise, you have to recompile. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpzgkiwRaRYv.pgp Description: PGP signature
Re: [vchkpw] courier-imap
fredag 03 december 2004 21.27 skrev Tom Collins: On Dec 3, 2004, at 11:42 AM, Oden Eriksson wrote: The question still, is how to make this work, not to make me start using smtp auth. It sounds like (from Jeremey's email) that kmail leaves its IMAP connection open at all times and that's the problem. No, it doesn't. If I close kmail and check connections at both ends it is not persistant, it dies after less than a minute. One solutions would be to patch Courier-IMAP to update the timestamp for the connection every 15 minutes it was still open. While kmail is running i guess it sends a NOOP or something at given intervals. I haven't checked what exactly it does. Is it possible to configure kmail to not keep a persistent IMAP connection? Can you add a bogus POP account to kmail so it's popping into the server every 15 minutes? It's not persistent. As a work around I guess I could pop it now and then to still be a relay client. Maybe it's just kmail that sucks and I'm barking at the wrong tree. No one here uses this combo? -- Regards // Oden Eriksson
Re: [vchkpw] default domain
Hi Jeremy, thanks! I'm running 5.4.0 so your suggestion works like a charm. Best Regards, Rd Jeremy Kitchen wrote: On Tuesday 07 December 2004 12:52 am, RD wrote: Hello List, How can I enable the default-domain option without a recompile? with later versions (later than 5.3.28 I believe, but if you're upgrading, grab the latest) the defaultdomain is not hard coded, and is in ~vpopmail/etc/defaultdomain otherwise, you have to recompile. -Jeremy
[vchkpw] chkuser 2.0.8 released
chkuser 2.0.8 has been released, and is available at www.interazioni.it/opensource. As usual, this version has been tested and is now working on my production systems since some weeks. This version, basically: freeze all important changes in 2.0.7 (closing DB connections among all) is more RFC compliant (NULL SENDER is now ALWAYS accepted, and all FORMAT and MX checking defines are OFF by default) cleans some small bugs. It has been released as complete release package, and as update of previous installed versions (from 2.0.5 to 2.0.7). Additional note: I put on the site a small script displaying chkuser activity. On one of my systems, I defined acceptance limits for existing (limit is 50) and wrong (limit is 5) users. On that system, I'm facing each day several attacks, and these acceptance limits help me rejecting them. They are also suggesting me to implement additional features for rejecting those IP. Any comment on this topic is welcomed. qstat -yesterday CHKUSER entries 10135 CHKUSER accepted null senders 365 CHKUSER rejected senders 268 CHKUSER accepted senders 3615 CHKUSER rejected rcpts 966 CHKUSER accepted rcpts 3809 CHKUSER rejected relaying 88 CHKUSER accepted relaying 42 CHKUSER mbx overquota 0 CHKUSER max rcpt intrusion triggers 0 CHKUSER max wrong rcpt intrusion triggers 62 CHKUSER rejected intrusions 920 Please note I may answer any question until friday, then I'll be again available at the end of the month. Tonino