[vchkpw] clearopensmtp and open-smtp file ownership
On my email server I'm currently using a roaming users setup. I've thought about switching to smtp-auth but I haven't gotten to it yet. I recently upgraded to vpopmail 5.5.0 and since then whenever clearopensmtp is ran it changes the uid and gid for the open-smtp file to what seems like a random set of numbers some examples: -rw-r--r-- 1 1897687832 1897687828 57 May 19 15:02 open-smtp -rw-r--r-- 1 2233736392 2233736388 57 May 19 15:16 open-smtp -rw-r--r-- 1 3140857928 3140857924 57 May 19 15:25 open-smtp -rw-r--r-- 1 1166784920 1166784916 57 May 19 15:28 open-smtp Heres my configure for vpopmail ./configure '--enable-roaming-users=y' '--enable-logging=y' '--enable-ip-alias-domains=y' '--enable-clear-passwd=n' '--enable-tcpserver-path=/home/vpopmail/etc/' '--enable-qmail-ext' '--enable-logging=e' '--enable-tcprules-prog=/usr/local/bin/tcprules' '--enable-rebuild-tcpserver-file' '--enable-spamassassin' '--disable-clear-passwd' I'm not sure what to do to fix this other than setup a script to chown the file for me, or downgrade vpopmail. !DSPAM:4bf440b632718865571437!
Re: [vchkpw] Simscan and Clam 0.95.3
Rick Macdougall wrote: > On 27/01/2010 1:35 PM, DAve wrote: >> Good afternoon all, >> >> I was just getting going upgrading our Clamav install and beginning to >> use clamav on our outbound mail as well as SA. >> simscan: calling clamdscan >> simscan: cdb looking up version clamav >> simscan: fatal error executing clamdscan >> simscan: exit error code: 71 >> qmail-inject: fatal: mail server temporarily rejected message (#4.3.0) >> [r...@smtp1:/usr/local/src/simscan-1.4.0]# clamdscan . >> /usr/local/src/simscan-1.4.0/.: OK >> > > Could be a permissions problem. I've seen that error message with > permission problems before. > > I've also sen it with selinux installed as well. $5 to the man in the back. I did edited my new clamd.conf and changed the user. I did not replace it. It is working now, thank you. DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Adams http://appleseedinfo.org !DSPAM:4b609fb332713227491710!
[vchkpw] Simscan and Clam 0.95.3
Good afternoon all, I was just getting going upgrading our Clamav install and beginning to use clamav on our outbound mail as well as SA. I patched netqmail to use the reject-message.patch, no issues there. I then patched simscan 1.40 using JS patch, simscan-1.4.0-combined.2.patch and then tested in the simscan source directory before installing. (All one line at the prompt) QMAILQUEUE=/usr/local/src/simscan-1.4.0/simscan SIMSCAN_DEBUG=2 NOP0FCHECK=1 /var/qmail/bin/qmail-inject < mail-1.txt But it doesn't seem to work, clamdscan still crashes with error 71. Here is the debug output. [r...@smtp1:/usr/local/src/simscan-1.4.0]# QMAILQUEUE=/usr/local/src/simscan-1.4.0/simscan SIMSCAN_DEBUG=2 NOP0FCHECK=1 /var/qmail/bin/qmail-inject < mail-1.txt simscan: cdb looking up simscan: cdb for found clam=no,spam=yes,attach=.exe:.scr:.com:.pif:.bat simscan: pelookup clam = no simscan: pelookup spam = yes simscan: pelookup attach = .exe:.scr:.com:.pif:.bat simscan: attachment flag attach = .exe:.scr:.com:.pif:.bat simscan: .exe is attachment number 0 simscan: .scr is attachment number 1 simscan: .com is attachment number 2 simscan: .pif is attachment number 3 simscan: .bat is attachment number 4 simscan: starting: work dir: /var/qmail/simscan/1264616927.742599.63398 simscan: pelookup: called with sysad...@smtp1.tls.net simscan: pelookup: domain is smtp1.tls.net simscan: cdb looking up smtp1.tls.net simscan: pelookup: local part is sysadmin simscan: cdb looking up sysad...@smtp1.tls.net simscan: pelookup: called with dave.l...@pixelhammer.com simscan: pelookup: domain is pixelhammer.com simscan: cdb looking up pixelhammer.com simscan: pelookup: local part is dave.list simscan: cdb looking up dave.l...@pixelhammer.com simscan: cdb for dave.l...@pixelhammer.com found clam=yes,spam=yes,attach=.exe:.scr:.com:.pif:.bat simscan: pelookup clam = yes simscan: pelookup spam = yes simscan: pelookup attach = .exe:.scr:.com:.pif:.bat simscan: attachment flag attach = .exe:.scr:.com:.pif:.bat simscan: .exe is attachment number 0 simscan: .scr is attachment number 1 simscan: .com is attachment number 2 simscan: .pif is attachment number 3 simscan: .bat is attachment number 4 simscan: cdb looking up version attach simscan: calling clamdscan simscan: cdb looking up version clamav simscan: fatal error executing clamdscan simscan: exit error code: 71 qmail-inject: fatal: mail server temporarily rejected message (#4.3.0) [r...@smtp1:/usr/local/src/simscan-1.4.0]# clamdscan . /usr/local/src/simscan-1.4.0/.: OK --- SCAN SUMMARY --- Infected files: 0 Time: 0.264 sec (0 m 0 s) [r...@smtp1:/usr/local/src/simscan-1.4.0]# clamdscan -V ClamAV 0.95.3/10326/Fri Jan 22 13:18:42 2010 I have not seen anything new on this issue, am I in need of a clue bat? Compiling Clam and simscan showed no errors. Thanks, DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Adams http://appleseedinfo.org !DSPAM:4b60879932711123417815!
Re: [vchkpw] qmail-tap
DAve wrote: > Good morning, > > We have been using qmail-tap to send copies of one domains emails to an > archive server. The other day the archive server failed and the messages > began filling up my qmail queue. > > Is there a way I can setup a separate queue just for the messages being > created by the qmail-tap process? Never mind. I just created a second instance of qmail at /var/qmail-archive. smtproutes in the public instance sends the archive messages to the archive process listening on 127.0.0.1, and smtproutes in the archive process sends the messages to the archive server itself. If we ever have an issue again, all archive mail can just pile up in the /var/qmail-archive queue. Dave -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Adams http://appleseedinfo.org !DSPAM:4b27ed6432717617036155!
Re: [vchkpw] chkuser and mailbox quotas
Tonix (Antonio Nati) wrote: DAve ha scritto: Good morning, We have, for a long time now, successfully used MailScanner on our gateway servers and then routing clean mail to our pop toasters. The pop toasters are running netqmail, vpopmail 5-4-17, and chkuser 2.0.8. I am having an issue where users are going overquota and not doing anything about it until mail begins to bounce. What limits cause chkuser to switch from "rcpt mailbox is overquota" to "not existing recipient"? I am unable to find the answer, though it might be staring me in the face. chkuser will never switch from "overquota" to "no such user". What can happen is limit set in chkuser settings is not reached (for whatever reason), then the e-mail go to the next stage of delivery, but delivery aborts because quota limit is reached for the recipients. But you never have "no such user". Cheers, Tonino Yea, it was a long day with many things to keep track of. Once I slept on it I knew it was not a chkuser issue, so I looked at the logs with fresh eyes and found the issue. I sent my poor apology to the list yesterday. DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Quincy Adams http://appleseedinfo.org !DSPAM:4acde2f632711636713040!
Re: [vchkpw] chkuser and mailbox quotas
DAve wrote: Good morning, We have, for a long time now, successfully used MailScanner on our gateway servers and then routing clean mail to our pop toasters. The pop toasters are running netqmail, vpopmail 5-4-17, and chkuser 2.0.8. I am having an issue where users are going overquota and not doing anything about it until mail begins to bounce. What limits cause chkuser to switch from "rcpt mailbox is overquota" to "not existing recipient"? I am unable to find the answer, though it might be staring me in the face. Right now if a users don't fix their quota issue in time I have to manually restart milter-ahead on my MailScanner servers to clear the cache of non-existant users. Trying to understand the problem before I decide what to do about it. Thanks, DAve DOH! chkuser is behaving correctly. Seems milter-ahead caches only "yes accept the message" or "no refuse the message". Nothing else. Once an overquota response is cached, milter-ahead responds with "no user". I reduced my milter cache to one minute. I'll go get my coffee now. DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Quincy Adams http://appleseedinfo.org !DSPAM:4accabc532711406020917!
Re: [vchkpw] Trouble compiling under solaris 10 sparc
hello and thank you for the quick reply.
i tried version 5.4.27 so for my project i will use that version.
For the storage.h problem i will try to help you.
commenting the line's produced following errors:
make all-recursive
Making all in cdb
( cat warn-auto.sh; \
echo CC=\'`head -1 conf-cc`\'; \
echo LD=\'`head -1 conf-ld`\'; \
cat find-systype.sh; \
) | sh > systype
( cat warn-auto.sh; \
echo 'main="$1"; shift'; \
echo 'rm -f "$main"'; \
echo 'ar cr "$main" ${1+"$@"}'; \
case "`cat systype`" in \
sunos-5.*) ;; \
unix_sv*) ;; \
irix64-*) ;; \
irix-*) ;; \
dgux-*) ;; \
hp-ux-*) ;; \
sco*) ;; \
*) echo 'ranlib "$main"' ;; \
esac \
) > makelib
chmod 755 makelib
( cat warn-auto.sh; \
echo exec "`head -1 conf-cc`" -fPIC '-c ${1+"$@"}' \
) > compile
chmod 755 compile
( cat warn-auto.sh; \
echo 'main="$1"; shift'; \
echo exec "`head -1 conf-ld`" \
'-o "$main" "$main".o ${1+"$@"}' \
) > load
chmod 755 load
( ( ./compile tryulong32.c && ./load tryulong32 && \
./tryulong32 ) >/dev/null 2>&1 \
&& cat uint32.h2 || cat uint32.h1 ) > uint32.h
rm -f tryulong32.o tryulong32
./compile cdb_hash.c
./compile cdb_unpack.c
./compile cdb_seek.c
./makelib cdb.a cdb_hash.o cdb_unpack.o cdb_seek.o
./compile cdbmake_pack.c
./compile cdbmake_hash.c
./compile cdbmake_add.c
./makelib cdbmake.a cdbmake_pack.o cdbmake_hash.o \
cdbmake_add.o
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vpopmail.o `test
-f 'vpopmail.c' || echo './'`vpopmail.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-md5.o `test -f
'md5.c' || echo './'`md5.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-bigdir.o `test
-f 'bigdir.c' || echo './'`bigdir.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vauth.o `test -f
'vauth.c' || echo './'`vauth.c
vauth.c: In function `set_vpasswd_files':
vauth.c:385: warning: int format, pid_t arg (arg 6)
vauth.c: In function `vauth_setpw':
vauth.c:634: warning: int format, uid_t arg (arg 5)
vauth.c:634: warning: int format, gid_t arg (arg 6)
vauth.c: In function `vwrite_dir_control':
vauth.c:1017: warning: int format, pid_t arg (arg 5)
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-file_lock.o
`test -f 'file_lock.c' || echo './'`file_lock.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vpalias.o `test
-f 'vpalias.c' || echo './'`vpalias.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-seek.o `test -f
'seek.c' || echo './'`seek.c
seek.c: In function `MakeSeekable':
seek.c:65: warning: implicit declaration of function `vmin'
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vlimits.o `test
-f 'vlimits.c' || echo './'`vlimits.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-maildirquota.o
`test -f 'maildirquota.c' || echo './'`maildirquota.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vutil.o `test -f
'vutil.c' || echo './'`vutil.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-vlistlib.o `test
-f 'vlistlib.c' || echo './'`vlistlib.c
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-backfill.o `test
-f 'backfill.c' || echo './'`backfill.c
backfill.c: In function `remove_line':
backfill.c:87: warning: int format, uid_t arg (arg 4)
backfill.c:87: warning: int format, gid_t arg (arg 5)
backfill.c:87: warning: unsigned int format, mode_t arg (arg 6)
gcc -I. -Icdb -I.-fPIC -g -O2 -Wall -c -o libvpopmail_a-client.o `test
-f 'client.c' || echo './'`client.c
client.c: In function `client_connect':
client.c:60: error: syntax error before numeric constant
client.c:156: error: invalid lvalue in unary `&'
client.c:157: error: request for member `sun_family' in something not a
structure or union
client.c:158: error: request for member `sun_path' in something not a
structure or union
client.c:166: error: invalid lvalue in unary `&'
*** Error code 1
make: Fatal error: Command failed for target `libvpopmail_a-client.o'
Current working directory /root/vpopmail-5.4.28
*** Error code 1
The following command caused the error:
failcom='exit 1'; \
for f in x $MAKEFLAGS; do \
case $f in \
*=* | --[!k]*);; \
*k*) failcom='fail=yes';; \
esac; \
done; \
dot_seen=no; \
target=`echo all-recursive | sed s/-recursive//`; \
list='cdb'; for subdir in $list; do \
echo "Making $target in $subdir"; \
if test "$subdir" = "."; then \
dot_
[vchkpw] chkuser and mailbox quotas
Good morning, We have, for a long time now, successfully used MailScanner on our gateway servers and then routing clean mail to our pop toasters. The pop toasters are running netqmail, vpopmail 5-4-17, and chkuser 2.0.8. I am having an issue where users are going overquota and not doing anything about it until mail begins to bounce. What limits cause chkuser to switch from "rcpt mailbox is overquota" to "not existing recipient"? I am unable to find the answer, though it might be staring me in the face. Right now if a users don't fix their quota issue in time I have to manually restart milter-ahead on my MailScanner servers to clear the cache of non-existant users. Trying to understand the problem before I decide what to do about it. Thanks, DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Quincy Adams http://appleseedinfo.org !DSPAM:4acb614f32714985119730!
[vchkpw] Trouble compiling under solaris 10 sparc
hello I'm having problems compiling vpopmail 5.4.28 under solaris 10 sparc. I receive following error : storage.h:30:20: endian.h: No such file or directory storage.h:31:22: byteswap.h: No such file or directory *** Error code 1 make: Fatal error: Command failed for target `libvpopmail_a-maildirquota.o' Current working directory /src/vpopmail-5.4.28 *** Error code 1 The following command caused the error: failcom='exit 1'; \ for f in x $MAKEFLAGS; do \ case $f in \ *=* | --[!k]*);; \ *k*) failcom='fail=yes';; \ esac; \ done; \ dot_seen=no; \ target=`echo all-recursive | sed s/-recursive//`; \ list='cdb'; for subdir in $list; do \ echo "Making $target in $subdir"; \ if test "$subdir" = "."; then \ dot_seen=yes; \ local_target="$target-am"; \ else \ local_target="$target"; \ fi; \ (cd $subdir && make $local_target) \ || eval $failcom; \ done; \ if test "$dot_seen" = "no"; then \ make "$target-am" || exit 1; \ fi; test -z "$fail" make: Fatal error: Command failed for target `all-recursive' Current working directory /src/vpopmail-5.4.28 *** Error code 1 make: Fatal error: Command failed for target `all' which is normal since both endian.h and byteswap.h don't exist under solaris. Does anyone know a sollution which does not force me to backtrack every release to find the latest version that does compile? !DSPAM:4acb3c2932711020371026!
Re: [vchkpw] vpopmail valias wildcard support - every...@domain.com
Jeff Koch wrote: Hi: In the case where a domain has, say, 100 email accounts, is there an easy way to configure a wildcard alias or mailinglist so that an email can be sent to everyone? Otherwise I can see that in a constantly changing organization it could be a lot of work to keep a mailing list or alias current. vpopbull would not work since the individual domains don't have that access. If you use ezmlm-idx with SQL support adding and removing users from a list is easy and a simple webpage can be build in minutes. That was the path we took. Depending on how you add/remove accounts a wrapper around the vpopmail tools can add/remove users from any company maillists too. DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Quincy Adams http://appleseedinfo.org !DSPAM:49f7225b32681242592022!
Re: [vchkpw] Opinions needed
Matt Brookings wrote: My current TODO: * Disk updates must be deferrable; maybe with threading * Statistics gathering like average disk poll time, biggest poll time, shortest poll time, etc As you can see, the deferring updates is not yet implemented. The performance I'm currently seeing is acceptable, but it would probably not cut it on a *very* large system with many absent users and catchalls collecting gigs of email in a single directory. I hope to release a beta to developers once the deferring code is ready. Opinions on this? :) Not sure what opinions you want, programmatic or project worthiness 8^) In the last two years we and other ISPs we know have dropped any hope of quotas. Disk space is cheap, and clients want unlimited space because, "All the online email services have no limit!". While we still have quotas, I am pretty much asked by the account manager to increase them every time a client exceeds the limit. I see the quotas going away soon. DAve -- The whole internet thing is sucking the life out of me, there ain't no pony in there. !DSPAM:497a394932681764082979!
Re: [vchkpw] Poll of sorts
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was wondering if anyone had any input on moving vpopmail to Subversion. After working with CVS for years, and then moving most of my development trees to Subversion, I've found it to be much easier to work with. I'd be very interested in seeing the project moved over to Subversion. Does anyone have any input on this? I've not used version control since prior to subversion, but I can say I have not met any subversion users who would switch back to CVS. DAve -- The whole internet thing is sucking the life out of me, there ain't no pony in there. !DSPAM:496e11eb32678567255061!
Re: [vchkpw] Poll of sorts
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was wondering if anyone had any input on moving vpopmail to Subversion. After working with CVS for years, and then moving most of my development trees to Subversion, I've found it to be much easier to work with. I'd be very interested in seeing the project moved over to Subversion. Does anyone have any input on this? - -- Have you looked at/considered Git? I've just started using it, and I'm finding that I like it's approach much better than CVS or Subversion. It's website is at http://git-scm.com/ Dave !DSPAM:496e110e32671977374722!
Re: [vchkpw] vpopmail development
Matt Brookings wrote: Remember that this feature does not yet exist, and that there are probably many systems with backfilling needs that go back years. Potentially this patch could hit a system with four levels of hashing simply because there's been a lot of additions and deletions. If the backfill patch doesn't take this into consideration, we may need to consider writing some sort of utility to analyze and "clean", a system that is "overhashed". My system would be one of those, here are the stats from just one domain after 4 years of use. I have been putting off hacking together a Perl script to move everything around and update the MySQL tables. Honestly, I cannot say there is any performance hit even with the dirs this messed up. [r...@newnfs:/usr/local/scripts/old-scripts]# ./dircheck.sh tls.net dir 0 ->35 dir 1 ->38 dir 2 ->36 dir 3 ->30 dir 4 ->32 dir 5 ->38 dir 6 ->32 dir 7 ->33 dir 8 ->38 dir 9 ->33 dir A ->31 dir B ->26 dir C ->45 dir D ->32 dir E ->32 dir F ->19 dir G ->36 dir H ->42 dir I ->39 dir J ->30 dir K ->34 dir L ->30 dir M ->33 dir N ->31 dir O ->33 dir P ->26 dir Q ->27 dir R ->24 dir S ->29 dir T ->31 dir U ->32 dir V ->25 dir W ->38 dir X ->45 dir Y ->30 dir Z ->30 dir a ->31 dir b ->11 dir c ->31 dir d ->36 dir e -> 3 dir f -> 2 dir g -> 5 dir h ->64 dir i ->14 dir j ->13 dir k ->13 dir l ->13 dir m -> 26 dir n ->17 dir o ->36 dir p ->16 dir q ->17 dir r ->33 dir s ->23 dir t ->30 dir u -> 620 dir v -> 759 DAve -- The whole internet thing is sucking the life out of me, there ain't no pony in there. !DSPAM:496b560c32679005657564!
Re: [vchkpw] vpopmail development
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Remo Mattei wrote: I agree with you.. So I hope this stays. vpopmail and qmailadmin development are high on our list of items this year. We're finishing up leftover items from the final quarter of 2008, and then we're to schedule vpopmail and qmailadmin development to start the first quarter of 2009. Cheers! My reward for fixing the dir_control to backfill still stands. http://pixelhammer.com/Dan/aargh.jpg Follow the thread... http://www.mail-archive.com/vchkpw@inter7.com/msg25272.html I could improve on the prize some as well, how about two dozen award winning homemade cookies and a snapped drive shaft u-joint from the Seattle Monorail? DAve -- The whole internet thing is sucking the life out of me, there ain't no pony in there. !DSPAM:49667b6832671673621925!
Re: [vchkpw] vpopmail development
Remo Mattei wrote: Are people moving to a different options? Just wonder.. And if they are what are those options? I hope not, I've not seen anything that comes close to the abilities of vpopmail. We are preparing to completely overhaul our backend server and integrate vpopmaild into our intranet. DAve Thanks, Remo Tom Collins On 1/8/09 12:55 PM, "Tom Collins" wrote: On Jan 6, 2009, at 3:54 AM, aledr wrote: There's a lot of patches on SourceForge tracker to be accepted and I have my own patches and improvements for vpopmail that I would like to see in the package. There's no activity on the SF CVS for months, is It in active development yet? It's not in active development. All of the past "lead developers" on the project (including myself) have been too busy to dedicate any time to it. Some of the patches on SourceForge won't ever go into the mainstream releases (as least as far as I'm concerned), but remain available for those who want to add that functionality. Unfortunately, doing anything with vpopmail and qmailadmin has moved very far down my to do list. -Tom -- The whole internet thing is sucking the life out of me, there ain't no pony in there. !DSPAM:4966689e32671466455160!
Re: [vchkpw] ANNOUNCE: IndiMail authmodule for courier-imap
Top posting, as in "firing for effect". Holy Smokes people, did this become the qmail list overnight? Tom Collins is one of the nicest most helpful people on this list and he has contributed immensely to vpopmail. I for one deeply value his opinion. I do not see inter7 asking for the topic to go away, and I have never seen an "approval" procedure with inter7 for any topic. Can we get back to figuring out how the dir_control system works now? DAve Quey wrote: On 27/08/08 14:03:38, Tom Collins wrote: On Aug 25, 2008, at 9:08 PM, Quey wrote: Do your own homework, hint: there is a reason some distros do not include PAM for very good reasons, and it aint'coz they wana be different' I dont have the time to give you a 50 page lesson on the risks of using it. Translation: I read a headline on digg/reddit/Slashdot/kuro5hin that PAM is insecure. I didn't really understand the article, but I'll act like a security expert and throw my weight around on mailing lists. Actually I dont read any of them, I have far better things to do then read a bunch of whiners posts, half those participants probably see low flying black helicopters every night You have no Idea on my credentials, those who know me, know them, my CEO knows them, the fact you don't doesnt surprise, nor bother me in the least. And I think i'd agree with, oh I dunno, lets say Patrick Volkerding for one, over some twat like you who wants to make out, nobody who has a clue has ever said PAM can be very detrimental. , this is a mailing list for VPopMail, nothing else! Unless you have obtained prior permission from the list maintainers (inter7) for advertising ANYTHING on THEIR list, in which case it usually follows with a disclaimer that it is posted with permission from the maintainers of . The point is, this is of interest to vpopmail users that need a replacement auth module for recent versions of Courier-IMAP. Thats entirely fine so long as inter7 have approved it, if not, it is akin to spamming, regardless of what it is, and if it persists with no approval, his address may be entered into one of reputable RBL's I wont bother responding to the trest of your diatribe, as your just trolling, your one of the immaterial scum of the net, I gonre your types every day, and now i've replied to you, I dont have a need to continue with you any further, since you;ve displayed incredible lack of anything. be gone troll -- Don't tell me I'm driving the cart! !DSPAM:48b55b4e32318337413843!
[vchkpw] Off Topic: I had a good day
Sorry for the off topic post but I just have to tell someone. I have a house full of teenagers twice a week. I let my sons band practice downstairs, full drum kit and amps, the whole shootin match. I give them a place to practice, make them dinner, fix their guitars, tell them to drive careful when they leave. This has been Thursday and Sunday nights for almost a year. Funny thing happened tonight after practice. My wife called me downstairs and all the kids were in the kitchen. In the middle of the floor was a new hardcase with a New Haven made Ovation six string guitar. They had saved their money since November and pooled it together to get me something they said I wouldn't spend the money on for myself. It was their way of saying thanks. I nearly cried. The next generation is going to be just fine. DAve -- Google finally, after 7 years, provided a logo for veterans. Thank you Google. What to do with my signature now? !DSPAM:47c782aa120501733610833!
Re: [vchkpw] Seems to be a problem with dir_control table
aledr wrote: > Hi! > > I was searching for domains information in my servers and I realized > that when I add a domain using vadddomain it doesn't insert a new row > into dir_control table with my domain name, but vpopmail insert the > rows after I execute vmoddomain (with wrong cur_users number). Is this > right? > It seems, as I understand it, that dir_control with MySQL has been misunderstood for quite awhile. I am building a list of "temptations" to coerce a fix. http://pixelhammer.com/Dan/aargh.jpg Details here, http://www.mail-archive.com/vchkpw@inter7.com/msg25292.html Maybe I need to drop the smokes and booze and throw in some toys instead. I have a flying monkey that squeals when it hits the wall, you can't tell me that ain't fun for hours. You could always up the ante. Got anything for the cause better than a flying monkey? ;^) DAve -- Google finally, after 7 years, provided a logo for veterans. Thank you Google. What to do with my signature now? !DSPAM:477e9516310545614411381!
Re: [vchkpw] [OT] IMAP Servers: Dovecot or Binc?
Tom Collins wrote: > Courier-IMAP seems to be putting a heavy load on my server when someone > accesses a mailbox with a large number of messages in it. I recently > scanned the mailboxes on my server, and sent some notices out to clients > who had boxes with old, unread messages in them. I think that today > some have gone online to pick up that mail, and I'm suffering the > consequences (server load of 14.0+). > > What's the preferred IMAP server for a machine that will have 100-200 > connections (plan for growth...) but may have an occasional mailbox with > 1000+ messages in it. I've searched the archives and tried to google > for "imap server performance" and "imap server comparison" but haven't > come up with much after an hour. > > My impression is that Dovecot performs well, better than courier, but > I'm wondering if anyone can offer up some real-world numbers to help me > make my decision. > We suffered the same problem and came to the same conclusion. Courier had to go. We installed Binc two years ago and have been very happy so far. I doesn't even use enough resources to know it is there, I honestly forget about it. We looked at Dovecot and may again, but we choose Binc because we needed maildir++ quota support (which Dovecot now supports). DAve -- Google finally, after 7 years, provided a logo for veterans. Thank you Google. What to do with my signature now? !DSPAM:476974f432004989090215!
Re: [vchkpw] After 7 years of neglect Qmail is now ours
Rick Widmer wrote: > > > DAve wrote: >> Rick Widmer wrote: >>> On the other hand, what do you want to do with it now that it is public >>> domain? 100 forks -- all different -- will not help the qmail world. >> >> I think that will be the natural progression, and it will probably be a >> good thing in the long run. Those who actually know qmail and understand >> it's operation will provide the best packaged solutions, and those who >> do not know qmail will gravitate to those products. In the end, the >> cream will rise to the top. > > You are probably right that is what will happen. I don't have to like > it though. :) I think there should be one qmail, and the next version > should be qmail-1.05 -- exactly the same thing as you get from > netqmail-1.05. Then add the ability to control common patches with a > ./configure script. > >> The question in my mind is who will own the name qmail, and what >> product, if any, will bear that name. > > I don't know if it'll be approved, but I got the qmail project name on > SourceForge, minutes after I heard it was put in public domain. > > > > > We'd run a Inter7 supported version of qmail-1.5, of course the nicest thing is we can change nothing and go on happy as clams with our installs of the old patchy, outdated, unsupported qmail that so many seem to hate s much. ;^) DAve -- I've been asking Google for a Veteran's Day logo since 2000, maybe 1999. I was told they finally did a Veteran's Day logo, but none of the links I was given return anything but a normal Google logo. Sad, very sad. Maybe the Chinese Government didn't like it? !DSPAM:475453e032007800612025!
Re: [vchkpw] After 7 years of neglect Qmail is now ours
Rick Widmer wrote: > > > Boris Pavlov wrote: >> Quey wrote: >>> Dan J Bernstein has recently put Qmail into the public domain, >>> _http://cr.yp.to/qmail/dist.html_ >>> >>> >>> >> >> HAH! Is this confirmed in some way? > > What more confirmation do you need than the second paragraph from the > URL you listed above: > > == > D. J. Bernstein > Internet mail > qmail > > Information for distributors > If you're a distributor, you should join the > 0 mailing list. > > I hereby place the qmail package (in particular, qmail-1.03.tar.gz, with > MD5 checksum 622f65f982e380dbe86e6574f3abcb7c) into the public domain. > You are free to modify the package, distribute modified versions, etc. > > This does not mean that modifications are encouraged! Please take time > to ensure that your distribution of qmail supports exactly the same > interface as everyone else's. In particular, if you move files, please > set up symbolic links from the original locations, so that you don't > frivolously break scripts that work everywhere else. > == > > > On the other hand, what do you want to do with it now that it is public > domain? 100 forks -- all different -- will not help the qmail world. I think that will be the natural progression, and it will probably be a good thing in the long run. Those who actually know qmail and understand it's operation will provide the best packaged solutions, and those who do not know qmail will gravitate to those products. In the end, the cream will rise to the top. The question in my mind is who will own the name qmail, and what product, if any, will bear that name. I've no problem running Inter7 Super-Duper Mail Server, or Netqmail v 2.0, or ShuppMail v 1.0, or qmail v 2.0. But there are some current installations supplying qmail installation instructions I would not run if they provided a package. I would prefer those didn't go by the name qmail, but it ain't up to me. DAve -- I've been asking Google for a Veteran's Day logo since 2000, maybe 1999. I was told they finally did a Veteran's Day logo, but none of the links I was given return anything but a normal Google logo. Sad, very sad. Maybe the Chinese Government didn't like it? !DSPAM:4754334632001643018724!
Re: [vchkpw] qmail on 64 bits plataform
João Luiz - Terra wrote: Hi all, Are there problems with qmail in redhat linux enterprise 64 bit? Thank you Joao I am running qmail on two SunFire servers under FreeBSD 64 with no issues and wonderful performance. I'd try it. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] My single point of failure... failed
Tren Blackburn wrote: Hi DAve; -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Friday, October 05, 2007 11:39 AM To: vpopmail Subject: [vchkpw] My single point of failure... failed I got bit hard this morning and I am looking for a solution. I have been slowly getting our email system up to snuff moving from a pair of servers to two gateway AV scanners, three vpopmail toasters, and two outbound qmail servers. The toasters mount the Maildirs via NFS, the AV scanners talk to the toasters via milter-ahead, and the NFS mailstore hosts MySQL for vpopmail. I've just gotten load balancers installed and moved the outbound traffic there first, getting a good load test on vpopmaild for smtp-auth. I had promised to provide the scripts and now I am actually seeing how well they work. Problems arose when my NFS server went stupid this morning and all mail stopped. AV scanners couldn't verify mailboxes because the toasters couldn't see MySQL, the outbound servers couldn't do smtp-auth for the same reason. It wouldn't have mattered anyway because my Maildirs were offline. NFS is my single point of failure, even though it is RAID5, dual NIC, dual power supply (SUN Enterprise 250), it went offline. I need to fix that, I can cluster MySQL but I am looking for ways to have either a clustered NFS with rw permissions and appropriate locking/syncing, or NFS failover from the toasters. I am looking at GFS and active/active NFS and HaNFS. Has anyone gone down this path yet? I have. There's a couple ways of doing this. I've never played with GFS so I can't comment on that. The easiest solution I've found is doing an Active/Standby configuration between 2 nodes using DRBD to replicate the data in real time. There's quite a few solutions out there to handle resource seizure on node failure. If you want absolutely simple, go heartbeat v1. If you want to break your mailstore into 2 pieces (I have no idea how large of a mailstore you're working with. Mine is breaking 70G pretty soon) then you can do an Active/Active configuration using the High Availability manager from LinuxHA.net. I like that product mainly because it's written specifically for 2 node active/active clusters. And if you really want to muddy the waters, you can go with heartbeat v2 (I still have a bad taste in my mouth from it though) It's always best to keep major components on their own sets of boxen. My MySQL servers are a 2 node load balanced multi-master replicated pair. My Mailstore is a 2 node Active/Passive pair as described above (I cheat a bit and do some iSCSI exports on the "passive" box to the Windows people who demanded I share my storage with them. It's also handled by the HA software, so if the box exporting the iSCSI targets goes down, it shuffles across to the NFS box, and vice-versa) My inbound/outbound SMTP is across 4 dedicated load-balanced boxen. IMAP4(s)/POP3(s) is on its own pair and same with Web. If any of this seems useful to you let me know. No one should have to go through the nightmare of a key server going down. I hate getting yelled at. :) I am at least on the right or similar track. Here is some more background. Currently the gateways run MailScanner/sendmail/spamassassin/clamav/bitdefender, we have vpopmail/chkuser on the eclusters (toasters) providing pop and webmail, and the outbound servers provide smtp and smtp-auth (to become smtp-auth only) also running spamassassin and clamav via simscan. Everything sits behind a PIX and everything will eventually sit behind two Coyote Point EQ350si devices. Right now only the outbound servers are being load balanced. I am liking the look of HaNFS and DRDB but I have to look toward the future which involves sending half my mail system to a remote NOC. We have a dedicated 1GB fiber to provide a private LAN between the NOCs. My concern is over resyncing the mailstores after a fiber failure, which I KNOW will happen sooner or later. Not real sure if active/active or active/passive will be the best option, resyncing in general doesn't look inviting. My mailstore is only 60GB, few clients use webmail, most download everything all day. But it would certainly be a concern. When I setup MySQL as a cluster I will also be installing a local RO slave on each ecluster (toaster), just for auth purposes. I am assuming you found no problems running vpopmail/qmail on your mailstores? How do you handle failover? Any problems with qmail-local during deliveries? Thanks for the response. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] My single point of failure... failed
I got bit hard this morning and I am looking for a solution. I have been slowly getting our email system up to snuff moving from a pair of servers to two gateway AV scanners, three vpopmail toasters, and two outbound qmail servers. The toasters mount the Maildirs via NFS, the AV scanners talk to the toasters via milter-ahead, and the NFS mailstore hosts MySQL for vpopmail. I've just gotten load balancers installed and moved the outbound traffic there first, getting a good load test on vpopmaild for smtp-auth. I had promised to provide the scripts and now I am actually seeing how well they work. Problems arose when my NFS server went stupid this morning and all mail stopped. AV scanners couldn't verify mailboxes because the toasters couldn't see MySQL, the outbound servers couldn't do smtp-auth for the same reason. It wouldn't have mattered anyway because my Maildirs were offline. NFS is my single point of failure, even though it is RAID5, dual NIC, dual power supply (SUN Enterprise 250), it went offline. I need to fix that, I can cluster MySQL but I am looking for ways to have either a clustered NFS with rw permissions and appropriate locking/syncing, or NFS failover from the toasters. I am looking at GFS and active/active NFS and HaNFS. Has anyone gone down this path yet? Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] vpopmail 5.4.24 released
Rick Widmer wrote: http://vpopmail.sf.net/ 5.4.24 - released 29-Sep-2007 Release Notes: This is a minor bug fix release. Unless compiler warnings bother you as much as they bother me, or you want to use longer passwords, you can ignore it. On the other hand, if you haven't test compiled vpopmail within the last month, you should seriously consider compiling with your favorite set of ./configure options. (On a test system!) If you do, please post your configuration options and if they succeed or fail on the vpopmail mailing list. I would also like to hear from a ldap user. A large patch for ldap was added, recently and I don't know if it has been tested yet. The topic of starting vpopmail version 6 has recently come up on the vpopmail list. This discussion is moving, if you want to be involved, please join us on the SourceForge vpopmail-devel mailing list [EMAIL PROTECTED] http://sourceforge.net/projects/vpopmail/ I am not a developer, and I didn't sleep in a Holiday Inn last night. I would like to know what is going on and just maybe, when I am certain it may be a good thing, comment. Could I subscribe to the dev list? I would absolutely understand a "no" answer and not give it a second thought. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Shared libvpopmail thoughts
Rick Widmer wrote: DAve wrote: Traction! Finally! I'll up the ante to guaranteed 24 hour turn around on testing any fixes, I'll setup a VMWare server just so I can test any patches. But that's not all... I will also throw in a pristine copy of a Mac rescue CD with all OSes from 7.1 to 8.6 including all patches, AND bottle of Jose Gold. Shipped of course, at no cost to the programmer who fixes dir-control. DAve Looks like I need to start the vpopmail 6.0.0 branch... Rick All of this, and more, could be yours ;^) http://pixelhammer.com/Dan/aargh.jpg DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Shared libvpopmail thoughts
Tren Blackburn wrote: -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 25, 2007 12:13 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] Shared libvpopmail thoughts Tom Collins wrote: On Sep 25, 2007, at 10:06 AM, John Simpson wrote: the idea of splitting the domains and mailboxes into different directories has been around forever, there's no excuse for somebody to not have made the adjustment by now. I'm all for keeping it, but someone should fix it. On my server, with a cdb backend, I have the following structure: main directory: 65 domains 0: 25 domains 1: 2 domains 2: 2 domains 3: 0 domains 4: 3 domains 5: 44 domains Just for reference, here's the .dir-control file for that server: 116 0 3 0 0 0 61 61 61 0 2 2 5 0 0 5 I'd love to see vadddomain do a better job of back-filling domains. Maybe vadddomain and vdeldomain could work together to keep directories at a balanced level. Keep track of the next directory to fill in a file (which needs to be protected by a file lock). The .dir-control file is supposed to work that way. On vdeldomain, if the domain came out of a directory "less than" the next_directory, update next_directory. On vadddomain, if next_directory has 100 domains after the addition, scan forward until you find a directory with <100 domains and update next_directory. It should be possible to make the code generalized enough to work for the domains directory and the individual domain directories (for managing users via vuseradd and vuserdel). dir-control is a train wreck. If we ever left vpopmail (unlikely) it would be because of dir-control. I'm not a C programmer but I have lots of coding experience with IBM Basic, JCL, COBOL, Perl, PHP, Ruby, JavaScript, Bash, etc. Trying to figure out dir-control gave me a headache and I never did get anyone to own up to knowing how it worked. If someone would fix it, I would provide a 6 pack of Jones (any flavor), a carton of Marlborough reds, some tokens, a Magic Eight Ball, and a big bag of twizzlers to sweeten the deal. Dave Oooh! That's a sweet deal...I'll throw in a 6 pack of Beer from Canada from the brewery of your choice! Traction! Finally! I'll up the ante to guaranteed 24 hour turn around on testing any fixes, I'll setup a VMWare server just so I can test any patches. But that's not all... I will also throw in a pristine copy of a Mac rescue CD with all OSes from 7.1 to 8.6 including all patches, AND bottle of Jose Gold. Shipped of course, at no cost to the programmer who fixes dir-control. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Shared libvpopmail thoughts
Tom Collins wrote: On Sep 25, 2007, at 10:06 AM, John Simpson wrote: the idea of splitting the domains and mailboxes into different directories has been around forever, there's no excuse for somebody to not have made the adjustment by now. I'm all for keeping it, but someone should fix it. On my server, with a cdb backend, I have the following structure: main directory: 65 domains 0: 25 domains 1: 2 domains 2: 2 domains 3: 0 domains 4: 3 domains 5: 44 domains Just for reference, here's the .dir-control file for that server: 116 0 3 0 0 0 61 61 61 0 2 2 5 0 0 5 I'd love to see vadddomain do a better job of back-filling domains. Maybe vadddomain and vdeldomain could work together to keep directories at a balanced level. Keep track of the next directory to fill in a file (which needs to be protected by a file lock). The .dir-control file is supposed to work that way. On vdeldomain, if the domain came out of a directory "less than" the next_directory, update next_directory. On vadddomain, if next_directory has 100 domains after the addition, scan forward until you find a directory with <100 domains and update next_directory. It should be possible to make the code generalized enough to work for the domains directory and the individual domain directories (for managing users via vuseradd and vuserdel). dir-control is a train wreck. If we ever left vpopmail (unlikely) it would be because of dir-control. I'm not a C programmer but I have lots of coding experience with IBM Basic, JCL, COBOL, Perl, PHP, Ruby, JavaScript, Bash, etc. Trying to figure out dir-control gave me a headache and I never did get anyone to own up to knowing how it worked. If someone would fix it, I would provide a 6 pack of Jones (any flavor), a carton of Marlborough reds, some tokens, a Magic Eight Ball, and a big bag of twizzlers to sweeten the deal. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] Re: [Fwd: [Fwd: [Fwd: Squirrelmail falls over every 8 hrs]]]
Dave Johnson wrote: Hi All Sorry for the cross posting. I am not such whether it is a MYSQL, IMAP or Vpopmail problem. Platform Info 6.2-STABLE FreeBSD 6.2-STABLE #0: Wed Mar 21 22:00:47 Qmail php5-5.2.1_3 php5-mysqli-5.2.1_3 mysql-server-5.0.37 courier-authlib-base-0.59.1 courier-authlib-vchkpw-0.59.1 courier-imap-4.1.2,1 IMAP Squirrelmail The problem Every 8 hrs the Squirrelmail facility stops functioning and users get the following message: Unknown User or Password Incorrect We are have to restart the server every 8 hrs for SQUIRRELMail to work properly. Any Ideas? What is your MySQL failed connection count when you have to restart? Also check http://www.pastebin.ca/663647 Sorry, I never click pastebin or tinyurl. I never drive at night without my headlights on either ;^) DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] [Fwd: [Fwd: [Fwd: Squirrelmail falls over every 8 hrs]]]
Hi All Sorry for the cross posting. I am not such whether it is a MYSQL, IMAP or Vpopmail problem. Platform Info 6.2-STABLE FreeBSD 6.2-STABLE #0: Wed Mar 21 22:00:47 Qmail php5-5.2.1_3 php5-mysqli-5.2.1_3 mysql-server-5.0.37 courier-authlib-base-0.59.1 courier-authlib-vchkpw-0.59.1 courier-imap-4.1.2,1 IMAP Squirrelmail The problem Every 8 hrs the Squirrelmail facility stops functioning and users get the following message: Unknown User or Password Incorrect We are have to restart the server every 8 hrs for SQUIRRELMail to work properly. Any Ideas? Also check http://www.pastebin.ca/663647
Re: [vchkpw] Qmail alias and vpopmail/checkuser
Quey wrote:
So you add all your new domains by hand ?? most of us have
intergrated systems and something central that connects and doe sit all,
be it a local custom CRM or one of the off shelf ones, so everything is
linked, maybe you should be writing a wrapper :)
We add users directly into SQL and the first message creates the needed
account directories. We add domains by script in one server and the
control files are shared via NFS. We are looking at replacing our
current system when we upgrade to use vpopmaild on all toasters.
We don't have a wrapper around vadddomain, I know I can write a wrapper,
we have had wrappers around just about all the vpopmail tools at one
time or another. I can create new .qmail files for abuse easily for the
current domains as well, it's just a quick bash script.
Foreget everything I have said previously.
New question, is it possible to have a global default alias for abuse,
or must I manage an abuse address for all 450+ domains separately?
DAve
DAve wrote:
Quey wrote:
DAve wrote:
I discovered something interesting the other day, something I really
should have been paying attention to earlier.
It would seem I cannot get an abuse address to work using qmail
aliases in the /var/qmail/alias directory. Of course vadddomain does
not create them for me.
What is everyone else doing for abuse addresses with new domains? We
have 450+ domains, most of which do not accept mail for abuse. I
could knock out a quick wrapper for vadddomain, but a system wide
alias would be killer as all abuse mail should come to myself and
the other systems admin.
your scripting process that executes adds the domain needs to be
better written, ours adds the domains then adds the aliases...
system("/home/vpopmail/bin/vadddomain -q 50MB $DOMAIN $PASS") == 0 or
die &AHFail(QmailAddDomainError);
system("/home/vpopmail/bin/vadduser -q $DQUOTAM [EMAIL PROTECTED]
$PASS") == 0 or die &AHFail(QmailAddDU);
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED]
[EMAIL PROTECTED]") == 0 or die &AHFail(QmailAddDAW) ;
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED] [EMAIL PROTECTED]")
== 0 or die &AHFail(QmailAddDAI);
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED] [EMAIL PROTECTED]")
== 0 or die &AHFail(QmailAddDAA);
I don't have a wrapper around vadddomain, I said I could write a
wrapper but I have not. I am wondering if there is anything I can do
to have a global alias for abuse to save having an abuse address for
every domain.
DAve
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
Re: [vchkpw] Qmail alias and vpopmail/checkuser
Quey wrote:
DAve wrote:
I discovered something interesting the other day, something I really
should have been paying attention to earlier.
It would seem I cannot get an abuse address to work using qmail
aliases in the /var/qmail/alias directory. Of course vadddomain does
not create them for me.
What is everyone else doing for abuse addresses with new domains? We
have 450+ domains, most of which do not accept mail for abuse. I could
knock out a quick wrapper for vadddomain, but a system wide alias
would be killer as all abuse mail should come to myself and the other
systems admin.
your scripting process that executes adds the domain needs to be better
written, ours adds the domains then adds the aliases...
system("/home/vpopmail/bin/vadddomain -q 50MB $DOMAIN $PASS") == 0 or
die &AHFail(QmailAddDomainError);
system("/home/vpopmail/bin/vadduser -q $DQUOTAM [EMAIL PROTECTED] $PASS")
== 0 or die &AHFail(QmailAddDU);
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED] [EMAIL PROTECTED]")
== 0 or die &AHFail(QmailAddDAW) ;
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED] [EMAIL PROTECTED]") == 0
or die &AHFail(QmailAddDAI);
system("/home/vpopmail/bin/valias -i [EMAIL PROTECTED] [EMAIL PROTECTED]") ==
0 or die &AHFail(QmailAddDAA);
I don't have a wrapper around vadddomain, I said I could write a wrapper
but I have not. I am wondering if there is anything I can do to have a
global alias for abuse to save having an abuse address for every domain.
DAve
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
[vchkpw] Qmail alias and vpopmail/checkuser
I discovered something interesting the other day, something I really should have been paying attention to earlier. It would seem I cannot get an abuse address to work using qmail aliases in the /var/qmail/alias directory. Of course vadddomain does not create them for me. What is everyone else doing for abuse addresses with new domains? We have 450+ domains, most of which do not accept mail for abuse. I could knock out a quick wrapper for vadddomain, but a system wide alias would be killer as all abuse mail should come to myself and the other systems admin. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Anti-spam solution - favs?
ISP Lists wrote: I've got vpopmail/netqmail built using typical clamav and spamassassin (clamd, spamd). I've got XBL filtering and CHKUSER enabled on smtp. I'm actively training my Bayes filters. I do not use verified sender or SPF. Spamassassin's local.cf look like this: required_score 6 rewrite_header Subject [SPAM] report_safe 0 use_pyzor 0 use_razor2 1 use_dcc 0 dcc_home /var/dcc skip_rbl_checks 0 rbl_timeout 3 score RCVD_IN_BL_SPAMCOP_NET 2 use_bayes 1 bayes_auto_learn 1 bayes_path /home/spamd/.spamassassin/bayes I STILL find a good bit of spam is getting through. (pharma, mortgages, stock hype, etc) I wonder whether there are other/better anti-spam tools I should use to cull the spam more effectively. Suggestions most welcome. Are you using any SARE rules? Grey listing may also help, for the time being anyway. A simple greet pause might help as well. Grey listing and greet pause will depend on the spam you are receiving. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Farewell
Michael, Best of luck, perhaps keep us posted where you've landed...? Take care, Dave. Michael Bowe wrote: I thought I would drop a note to the list to say farewell. Many years ago I used to own an ISP that used vpopmail+MySQL for all our email hosting. I wrote a mailserver guide which became quite popular. ( It is currently hosted at http://www.bowe.id.au/michael/isp/webmail-server.htm ) As I found vpopmail bugs or limitations I submitted patches to the developers. When vpopmail moved to sourceforge, I was given full developer access. I then spent a fair bit of time trying to improve the included documentation. I cleaned up and documented a lot of the source code. I also remember having fun cleaning up the configure script. Tom Collins even popped in one day to say hello when he was on holidays in my neck of the woods (Australia). Was great to meet him in person. My vpopmail contributions have dropped away in recent years, because my ISP was bought by a larger company and I went on to work for them. They used Postfix not vpopmail. I still tinkered with vpopmail a bit, because I had built many small vpopmail servers for customers along the way Now I am about to switch jobs and work for a new ISP, and they also use Postfix. So guess this new job will cut my final ties to vpopmail. There's no doubt in my mind that Postfix kicks some serious qmail butt. However even as a Postfix fan, I am the first to admit that vpopmail is a great set of tools for vmail style hosting. Its a shame that qmail never progressed past v1.03. Back in those days we didnt even have spam or virus problems, let alone need to worry about SMTP-AUTH, TLS etc. I'll be unsubscribing from this list a few days time. I wanted to say thanks to all the developers who have contributed to vpopmail along the way. And also a big thankyou to people who used by mailserver guide and sent me feedback over the years. Michael.
Re: [vchkpw] "not existing recipient" under high load
Alastair Battrick wrote: Charles J. Boening wrote: I've seen this as well. Are you using an SQL backend? Yes, vpopmail stores user data in MySQL Query caching is your friend here, there are also lots of archive messages concerning setup in MySQL to avoid issues with authentication, chkuser, etc. All apply. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] [SPAM] Re: [vchkpw] [SPAM] valias doesn't show aliases for an alias domain
Chad E. Berg wrote: Here is the situation: I have an alias domain bdhtechnology.net which is aliased to bdhtechnology.com. If I run '~vpopmail/bin/valias bdhtechnology.com' I can see all of the aliases for the domain. However if I run '~vpopmail/bin/valias bdhtechnology.net' I get no output at all. Furthermore if I run '~vpopmail/bin/valias -n bdhtechnology.com' (or with any domain) I get a seg. fault. Attached is the discussion with John Simpson from the qmailrocks mailing list. He believes this issue is a bug in vpopmail. I am using vpopmail v5.4.18 w/ MySQL support. Here is my configure line: ./configure --enable-logging=p --enable-auth-module=mysql --disable-passwd --enable-clear-passwd --disable-many-domains --enable-auth-logging --enable-sql-logging --enable-valias --disable-mysql-limits --enable-roaming-users --enable-onchange-script --enable-libdir=/var/lib/mysql Thanks, Chad I can at least confirm that there is no problem with 5.4.17 using MySQL. My alias reporting works just fine. bash-2.05b# ./vuserinfo -v version: 5.4.17 ./configure \ --enable-tcpserver-file=/shared/qmail/control \ --enable-learn-passwords \ --enable-vpopuser=vpopmail \ --enable-vpopgroup=vchkpw \ --enable-qmail-ext \ --enable-incdir=/usr/local/include/mysql \ --enable-libdir=/usr/local/lib/mysql \ --enable-clear-password \ --enable-auth-module=mysql \ --enable-valias DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible. !DSPAM:45f8517319873020815088!
Re: [vchkpw] Vpopmail smtp-auth
DAve wrote: Rick Widmer wrote: DAve wrote: DAve wrote: Tom Collins wrote: DAve, I think you've found a bug in vchkpw. Bug? After running this entire situation through my thick head, again, I more suspect I am trying to do something with vchkpw it was never intended to do. >> I think... that vchkpw will not work without a complete working >> install. It seems to need to have access to the domains, >> virtualdomains, and users/cdb file. Exactly. vchkpw expects to run on a system with a full vpopmail installation. As I thought too. I have already given up on vchkpw just for that reason. It seemed like a poor use of vchkpw and any changes to make it work would be silly. Possibly a separate stand alone program just for authentication against a vpopmail DB would be a better idea, but I don't know who would be interested. Looking back 4 years and 11 servers ago, I should have chosen LDAP. Is no one else using a physically separate outbound smtp server? I am open to suggestions on how to auth using my vpopmail DB. John Simpson has a validrcptto patch which modifies qmail-smtp to verify email addresses against a cdb file, and the latest vpopmail provides an onchange script that lets you update the cdb files when users are added or removed. http://qmail.jms1.net/patches/vpopmail.shtml I use that on one old Sparc 10 server for user verification, just for those clients who who insist on paying for a "mailspool". vpopmaild can be used to verify a vpopmail login. Just attempt to login to the daemon with the user and password, using the silent option. If the user is valid the login attempt will succeed. I am not aware of a program to do this, but if you write one, I would consider adding it to the contrib directory of vpopmail. A quick check of using Perl to auth against a vpopmaild instance works just dandy. I hacked up a copy of the generic checkpassword.pl script from qmail.org and had it working pretty quickly. It took longer to upgrade my test server and get vpopmaild working. But what is the silent option? Did you mean compact? Let me get some projects out of the way (like DST, again!) and I will put together a Perl and PHP example. Thank you for the pointer, you just solved a very big problem for me. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Vpopmail smtp-auth
Rick Widmer wrote: DAve wrote: DAve wrote: Tom Collins wrote: DAve, I think you've found a bug in vchkpw. Bug? After running this entire situation through my thick head, again, I more suspect I am trying to do something with vchkpw it was never intended to do. >> I think... that vchkpw will not work without a complete working >> install. It seems to need to have access to the domains, >> virtualdomains, and users/cdb file. Exactly. vchkpw expects to run on a system with a full vpopmail installation. As I thought too. I have already given up on vchkpw just for that reason. It seemed like a poor use of vchkpw and any changes to make it work would be silly. Possibly a separate stand alone program just for authentication against a vpopmail DB would be a better idea, but I don't know who would be interested. Looking back 4 years and 11 servers ago, I should have chosen LDAP. Is no one else using a physically separate outbound smtp server? I am open to suggestions on how to auth using my vpopmail DB. John Simpson has a validrcptto patch which modifies qmail-smtp to verify email addresses against a cdb file, and the latest vpopmail provides an onchange script that lets you update the cdb files when users are added or removed. http://qmail.jms1.net/patches/vpopmail.shtml I use that on one old Sparc 10 server for user verification, just for those clients who who insist on paying for a "mailspool". vpopmaild can be used to verify a vpopmail login. Just attempt to login to the daemon with the user and password, using the silent option. If the user is valid the login attempt will succeed. I am not aware of a program to do this, but if you write one, I would consider adding it to the contrib directory of vpopmail. Interesting idea! Once we get our vpopmail installation upgraded on the master DB server, that is a good possibility. This morning I hacked up a quick Perl script to do the authentication and it is working fine. This confirms that my qmail-auth installation is working, and my remote vpopmail DB is reachable. If you have any other uses for Perl (spamassassin) on the machine and keep it loaded in RAM, this may well be the most efficient method... You are directly opening the database and looking up the info you need. Anything else you do just adds another layer, and the program you use still has to open the database. PHP might be able to do the same thing with a slightly smaller memory footprint. That is my problem with a Perl solution, which I generally avoid, and is why we never used qmail-scanner. I am looking into vpopmaild this weekend. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Vpopmail smtp-auth
DAve wrote: Tom Collins wrote: DAve, I think you've found a bug in vchkpw. Bug? After running this entire situation through my thick head, again, I more suspect I am trying to do something with vchkpw it was never intended to do. In a nutshell I am trying to use vchkpw as an auth tool only, and nothing else from vpopmail. For some reason, it wants to create the user's directory if it doesn't already exist. This could be related to updating the lastauth file in the user's directory. Disabling AUTH_LOGGING on that system will help, but you'll still have code trying to create the directory. Ok, so I'm not completely crazy. Configuring with --disable-auth-logging got the messages to stop last night, so I was on the right track. However, tailing the remote MySQL logs shows that the only queries to hit MySQL are the following. # configured with --disable-auth-logging select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain = "pixelhammer.com" # configured with --enable-auth-logging select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain = "pixelhammer.com" replace into lastauth set user='dave.list', domain='pixelhammer.com', remote_ip='', timestamp=1173418087 Remote IP is not set. (I would think this was normal as checkpassword_debug is not setting the env variables) So disabling auth logging helped, but authentication still fails. Though, it certainly looks like the query is made correctly to SQL and the result returned. I am again suspicious of the assign error shown in the output of checkpassword_debug. bash-2.05b# /usr/local/src/vpopmail-5.4.17/contrib/checkpassword_debug -vvv -c /home/vpopmail/bin/vchkpw -l dave.list%pixelhammer.com Please enter password: "/home/vpopmail/bin/vchkpw" started with pid 20840 sending "dave.list%pixelhammer.comNULLNULL0NULL" (35 bytes) to checkpassword with uid/gid: 0/0 waiting... Error. Domain pixelhammer.com was not found in the assign file done normal exit from checkpassword checkpassword exit value: 6 I think... that vchkpw will not work without a complete working install. It seems to need to have access to the domains, virtualdomains, and users/cdb file. Go into login_virtual_user() and get rid of everything from the comment, "If thier directory path is empty make them a new one" to right before "#ifdef CLEAR_PASS". Let me know if that works, and I'll make changes to the release version. That code could probably be permanently removed -- the user's directory is created by vdelivermail when necessary. vchkpw doesn't need to be doing it. It seemed to have no effect. If that means can you remove it?, I can test on a working production toaster and let you know (I got a spare now ;^) Now debating how to go around this. I really want to auth against my existing vpopmail DB. This morning I hacked up a quick Perl script to do the authentication and it is working fine. This confirms that my qmail-auth installation is working, and my remote vpopmail DB is reachable. I really really don't want to use a Perl script to do this. Searching for other checkpassword programs shows nothing that will do a SQL auth, just CDB, LDAP, radius. Is no one else using a physically separate outbound smtp server? I am open to suggestions on how to auth using my vpopmail DB. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Autoresponders under vpopmail - reco?
Dave Richardson wrote: What recommendation does the list have for autoresponders under vpopmail 5.4.10? I've got qmailadmin at my disposal for the domains and I use squirrelmail for webmail. All on LAMP. I have no local user accounts, all are virtual. I'm not particularly excited about the squirrelmail plugins that require users to FTP files into the environment. I REALLY appreciate your ideas! Dave. We use qmail-autoresponder-mysql, to get it to play with Squirrelmail required abusing valias and creating a Squirrelmail plugin. It's use is 'risky'. There has been talk about updating valias to return results in a structured manner which would make this much easier, at least less risky. If I had to do it again I would look at vpopmaild or qmailadmin. There must be a way to get it integrated into Squirrelmail, might take a bit-o-fiddling though. We have not yet worked with vpopmaild. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] Autoresponders under vpopmail - reco?
What recommendation does the list have for autoresponders under vpopmail 5.4.10? I've got qmailadmin at my disposal for the domains and I use squirrelmail for webmail. All on LAMP. I have no local user accounts, all are virtual. I'm not particularly excited about the squirrelmail plugins that require users to FTP files into the environment. I REALLY appreciate your ideas! Dave.
Re: [vchkpw] Vpopmail smtp-auth
Tom Collins wrote: DAve, I think you've found a bug in vchkpw. Bug? After running this entire situation through my thick head, again, I more suspect I am trying to do something with vchkpw it was never intended to do. In a nutshell I am trying to use vchkpw as an auth tool only, and nothing else from vpopmail. For some reason, it wants to create the user's directory if it doesn't already exist. This could be related to updating the lastauth file in the user's directory. Disabling AUTH_LOGGING on that system will help, but you'll still have code trying to create the directory. Ok, so I'm not completely crazy. Configuring with --disable-auth-logging got the messages to stop last night, so I was on the right track. However, tailing the remote MySQL logs shows that the only queries to hit MySQL are the following. # configured with --disable-auth-logging select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain = "pixelhammer.com" # configured with --enable-auth-logging select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain = "pixelhammer.com" replace into lastauth set user='dave.list', domain='pixelhammer.com', remote_ip='', timestamp=1173418087 Remote IP is not set. (I would think this was normal as checkpassword_debug is not setting the env variables) So disabling auth logging helped, but authentication still fails. Though, it certainly looks like the query is made correctly to SQL and the result returned. I am again suspicious of the assign error shown in the output of checkpassword_debug. bash-2.05b# /usr/local/src/vpopmail-5.4.17/contrib/checkpassword_debug -vvv -c /home/vpopmail/bin/vchkpw -l dave.list%pixelhammer.com Please enter password: "/home/vpopmail/bin/vchkpw" started with pid 20840 sending "dave.list%pixelhammer.comNULLNULL0NULL" (35 bytes) to checkpassword with uid/gid: 0/0 waiting... Error. Domain pixelhammer.com was not found in the assign file done normal exit from checkpassword checkpassword exit value: 6 I think... that vchkpw will not work without a complete working install. It seems to need to have access to the domains, virtualdomains, and users/cdb file. Go into login_virtual_user() and get rid of everything from the comment, "If thier directory path is empty make them a new one" to right before "#ifdef CLEAR_PASS". Let me know if that works, and I'll make changes to the release version. That code could probably be permanently removed -- the user's directory is created by vdelivermail when necessary. vchkpw doesn't need to be doing it. It seemed to have no effect. If that means can you remove it?, I can test on a working production toaster and let you know (I got a spare now ;^) Now debating how to go around this. I really want to auth against my existing vpopmail DB. Thanks Tom, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Vpopmail smtp-auth
Rick Romero wrote: On Thu, 2007-03-08 at 08:55 -0500, DAve wrote: Rainer Duffner wrote: DAve wrote: Good morning, No errors when building, seems to work, bash-2.05b# /home/vpopmail/bin/vuserinfo [EMAIL PROTECTED] Error. Domain pixelhammer.com was not found in the assign file That should not happen. What happens when you add a domain? Does it get added to the assign file? I do not want to add a domain to this server. I do not think you understand what this server is doing. See below, this server is doing *outbound* service only, there will be no local deliveries. I have a similar setup - but locked down to an IP and a separate qmail install. That IP/qmail install is only for auth'd outgoing email - nothing gets delivered to hosted domains. Even if you're not doing 'local' delivery, you still need to be able to resolve a username with vuserinfo. Otherwise vchkpw won't be able to auth for you either. So yes, you need a complete install as if it's a complete server. Hmm, other than the assign file situation vuserinfo works, bash-2.05b# ./vuserinfo [EMAIL PROTECTED] Error. Domain pixelhammer.com was not found in the assign file name: dave.list passwd: $1$jB.dCgrW$GbolDS0pK/BMUJuoHwhq20 clear passwd: xx comment/gecos: dave.list uid:0 gid:0 flags: 0 gecos: dave.list limits: No user limits set. dir: /home/vpopmail/domains/pixelhammer.com/dave.list quota: NOQUOTA usage: NOQUOTA last auth: Thu Mar 8 09:13:00 2007 last auth ip: 64.184.10.26 bash-2.05b# Other than the assign file and the virtualdomains file, it is a complete server. If I scp over a assign file, a virtualdomains file, run /var/qmail/bin/qmail-newu, restart qmail, the assign error goes away in vuserinfo. However the checkpassword_debug still fails to work. I am going to try and get back to it today. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Vpopmail smtp-auth
Rainer Duffner wrote: DAve wrote: Good morning, Seems I am posting all over the internet these last two weeks, but I can't seem to grab my butt lately. I got FreeBSD running on the Sunfires, netqmail installed, Simscan install, ClamAV installed, everything is working fine. Last step, smtp-auth, why did I try? I should have let today end on a good note. If you use FreeBSD, you should use Matt Simersons FreeBSD Qmail Toaster: http://www.tnpi.biz. Why? Is this a known issue that Matt's install has found a solution for? ... Mysql 4.0, also tried 4.1. I think both are now EOL in that no timely security-fixes are provided any longer. You have to use 5.x - though 4.x should still work, of course. We have 4.X on several servers, several Masters, we cannot just upgrade one server in our NOC. We have to plan these things. No errors when building, seems to work, bash-2.05b# /home/vpopmail/bin/vuserinfo [EMAIL PROTECTED] Error. Domain pixelhammer.com was not found in the assign file That should not happen. What happens when you add a domain? Does it get added to the assign file? I do not want to add a domain to this server. I do not think you understand what this server is doing. See below, this server is doing *outbound* service only, there will be no local deliveries. The one thing that is different, is I have an empty assign file. This server is used for smtp-auth *outbound* only service. So, just for fun I added the test domain to the assign file, still fails. Did you build the cdb? Yes. The sql-error is also not good, though I can't say what it is caused by ATM. If you can, use Matt's toaster. At this point I don't see how Matt's install will make smtp-auth to a MySQL vpopmail table via vchkpw, any different than what I currently have. Netqmail works, Simscan works, normal unauthorized mail via port 25 works. I and several others have been using this server for outbound mail without problem. The only failure is smtp-auth using vchkpw. If I attempt to test a passwd using checkpassword_debug, I have the problem I stated. The same MySQL/vpopmail build, with the same configure args, works fine on three toasters handling *inbound* mail. At this point it looks like I need a different checkpasswd program. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] Vpopmail smtp-auth
Good morning, Seems I am posting all over the internet these last two weeks, but I can't seem to grab my butt lately. I got FreeBSD running on the Sunfires, netqmail installed, Simscan install, ClamAV installed, everything is working fine. Last step, smtp-auth, why did I try? I should have let today end on a good note. Nothing different from my other vpopmail installs. I can login to mysql from the server no problems. That I did check right away. FreeBSD 6.2 Vpopmail 5.4.17 Netqmail 1.05 (new for me, normally patched qmail my self) qmail-smtpd-auth-0.5.6 (Installation of qmail-smtpd AUTH 056 (Build 2004272152823) finished at Tue Mar 6 12:43:03 EST 2007) Mysql 4.0, also tried 4.1. -- bash-2.05b# cat args-vpopmail ./configure \ --enable-tcpserver-file=/var/qmail/control/tcp.smtp.cdb \ --enable-learn-passwords \ --enable-vpopuser=vpopmail \ --enable-vpopgroup=vchkpw \ --enable-incdir=/usr/local/include/mysql \ --enable-libdir=/usr/local/lib/mysql \ --enable-clear-password \ --enable-auth-module=mysql \ --enable-mysql-replication \ --enable-valias --- No errors when building, seems to work, bash-2.05b# /home/vpopmail/bin/vuserinfo [EMAIL PROTECTED] Error. Domain pixelhammer.com was not found in the assign file name: dave.list passwd: $1$jB.dCgrW$GbolDS0pK/BMUJuoHwhq20 clear passwd: XX comment/gecos: dave.list uid:0 gid:0 flags: 0 gecos: dave.list limits: No user limits set. dir: /home/vpopmail/domains/pixelhammer.com/dave.list quota: NOQUOTA usage: NOQUOTA last auth: Tue Mar 6 15:02:40 2007 last auth ip: 64.184.10.26 My run file is unchanged except for IP and host, bash-2.05b# cat /service/qmail-smtpd-auth/run #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`head -1 /var/qmail/control/concurrencyincoming` if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" ]; then echo QMAILDUID, NOFILESGID, or MAXSMTPD is unset in echo $0 exit 1 fi exec /usr/local/bin/softlimit -m 3000 \ /usr/local/bin/tcpserver -v -P -R -h -l auth-smtp1.tls.net -x /var/qmail/control/tcp.smtp-auth.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 10.0.241.161 587 \ /usr/local/bin/fixcrio /var/qmail/bin/qmail-smtpd-auth \ /home/vpopmail/bin/vchkpw /usr/bin/true 2>&1 The odd thing is I get this error in my /var/log/qmail/smtp-auth/current when I try to send mail, bash-2.05b# cat /var/log/qmail/smtpd-auth/current | tai64nlocal 2007-03-06 14:51:08.554888500 tcpserver: status: 1/100 2007-03-06 14:51:08.555269500 tcpserver: pid 70711 from 64.184.10.26 2007-03-06 14:51:08.583719500 tcpserver: ok 70711 auth-smtp1.tls.net:10.0.241.161:587 64-184-10-26.bb.hrtc.net:64.184.10.26::3026 2007-03-06 14:51:08.760630500 vmysql: error creating table 'lastauth': Table 'lastauth' already exists 2007-03-06 14:51:08.761187500 vmysql: sql error[f]: delete command denied to user: '[EMAIL PROTECTED]' for table 'lastauth' 2007-03-06 14:51:09.064200500 tcpserver: end 70711 status 0 The one thing that is different, is I have an empty assign file. This server is used for smtp-auth *outbound* only service. So, just for fun I added the test domain to the assign file, still fails. I built and tried the checkpassword program, just to get a better idea what was happening (I like this prog, used it before). bash-2.05b# /usr/local/src/vpopmail-5.4.17/contrib/checkpasswd_debug -vvv -c /home/vpopmail/bin/vchkpw -l ldg%tls.net -u89 -g89 switching from gid 0 to 89 (vchkpw) switching from uid 0 to 89 (vpopmail) Please enter password: x "/home/vpopmail/bin/vchkpw" started with pid 71902 sending "ldg%tls.netNULLxNULL0NULL" (21 bytes) to checkpassword with uid/gid: 89/89 waiting... vmysql: error creating table 'lastauth': Table 'lastauth' already exists vmysql: sql error[f]: delete command denied to user: '[EMAIL PROTECTED]' for table 'lastauth' done normal exit from checkpassword checkpassword exit value: 6 Tried to search for an answer, but no luck. Is there any additional info I can provide? DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Maintenance mail to all user / to a whole domain
Juan Enciso wrote: Maybe you need vpopbull. It's an binary installed into ~vpopmail/bin We use something like this, WARNING not real code. #!/bin/sh # TEXT=/usr/local/src/MASSMAIL/email.txt LIST=`/home/vpopmail/bin/vpopbull -Vn` for i in $LIST; do /var/qmail/bin/sendmail $i < $TEXT echo "Sending to account $i" done For any ezmlm lists we have, I make sure the system admin is always a moderator. I just send a maintenance message to each list. Keep in mind the email.txt needs to be properly formatted as well. http://www.inter7.com/vpopmail/doc/vpopbull.html http://www.qmailwiki.org/Vpopmail#vpopbull DAve On 2/2/07, *Renaud* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: Hello, I'm using a qmail+vpopmail and I was wondering if you already heard about a solution that would let me send a mail to all existing users in the vpopmail database (or to all users of a specific domain) without the need to create a mailing list or an alias containing all of them? My current solution would be to actually update the subscribers list of such a mailing list every night.. (anyone could post to an alias, the users wouldn't like it :)) Thanks, Regards, Renaud -- Juan Enciso Condeña Teléfono: (511) 3238504 E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> MSN: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] NFS Clustering
Tren Blackburn wrote: Another option possibly is DRBD (http://www.drbd.org). Version 8 is nearing gold which will allow concurrent access to 2 block devices. Of course, I'm not entirely sure if this is a linux only solution and am only tossing it out as an option for those looking for a cheaper/free solution ;) Looks only Linux, but that is fine. Best OS for the job I say, no torch to carry here. We run a lot of FreeBSD, but Linux, Windows, and Solaris as well. I like the looks of it, do you have an experience with drbd? DAve t. -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 30, 2007 5:49 AM To: vchkpw@inter7.com Subject: Re: [vchkpw] NFS Clustering Nicholas Harring wrote: If you haven't yet bought hardware for the NFS, NetApp makes this a snap with SnapMirror. I don't remember all of the ins and outs, but its perfect for situations like this, its very bandwidth efficient, and its got the same bullet-proof reliability their products are known for. We currently use a Solaris Enterprise 250, old, but stone cold reliable. I'll need something in the other NOC. I've not looked at NetAPP. Otherwise I'd think your SAN vendor should have some form of block level replication available. This is where I am headed. We are looking at SANiq (Lefthand Networks) which can do volume replication in realtime. I am thinking that a NFS server in each location, sharing a iSCSI volume, would be worth looking into. Let the SAN keep the two volumes in sync and let NFS handle the multiple access to the volume. Hope that helps, Absolutely, thanks. DAve Nick -----Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Monday, January 29, 2007 3:59 PM To: vpopmail Subject: [vchkpw] NFS Clustering Good afternoon/evening/morning, We have been tasked with splitting our mail services between our two NOCs. We have ordered a 1GB fiber connection between both locations. We will be moving one of two mailgateways, two of four pop toasters, and one of two smtp servers to the second NOC. Both border routers will be BGP advertising the same IP range and each location will have hardware load balancing. I can easily setup replication for my MySQL backend, but my NFS mail store is another concern. Is anyone else working with this type of configuration? I've not yet looked into NFS clustering or what may be involved. (I will have a iSCSI based SAN available which will have nodes/modules in both geographical locations, which may help). Any advice on what methods/tools work well is appreciated. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible. -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] NFS Clustering
Nicholas Harring wrote: If you haven't yet bought hardware for the NFS, NetApp makes this a snap with SnapMirror. I don't remember all of the ins and outs, but its perfect for situations like this, its very bandwidth efficient, and its got the same bullet-proof reliability their products are known for. We currently use a Solaris Enterprise 250, old, but stone cold reliable. I'll need something in the other NOC. I've not looked at NetAPP. Otherwise I'd think your SAN vendor should have some form of block level replication available. This is where I am headed. We are looking at SANiq (Lefthand Networks) which can do volume replication in realtime. I am thinking that a NFS server in each location, sharing a iSCSI volume, would be worth looking into. Let the SAN keep the two volumes in sync and let NFS handle the multiple access to the volume. Hope that helps, Absolutely, thanks. DAve Nick -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Monday, January 29, 2007 3:59 PM To: vpopmail Subject: [vchkpw] NFS Clustering Good afternoon/evening/morning, We have been tasked with splitting our mail services between our two NOCs. We have ordered a 1GB fiber connection between both locations. We will be moving one of two mailgateways, two of four pop toasters, and one of two smtp servers to the second NOC. Both border routers will be BGP advertising the same IP range and each location will have hardware load balancing. I can easily setup replication for my MySQL backend, but my NFS mail store is another concern. Is anyone else working with this type of configuration? I've not yet looked into NFS clustering or what may be involved. (I will have a iSCSI based SAN available which will have nodes/modules in both geographical locations, which may help). Any advice on what methods/tools work well is appreciated. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] NFS Clustering
Good afternoon/evening/morning, We have been tasked with splitting our mail services between our two NOCs. We have ordered a 1GB fiber connection between both locations. We will be moving one of two mailgateways, two of four pop toasters, and one of two smtp servers to the second NOC. Both border routers will be BGP advertising the same IP range and each location will have hardware load balancing. I can easily setup replication for my MySQL backend, but my NFS mail store is another concern. Is anyone else working with this type of configuration? I've not yet looked into NFS clustering or what may be involved. (I will have a iSCSI based SAN available which will have nodes/modules in both geographical locations, which may help). Any advice on what methods/tools work well is appreciated. Thanks, DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] which files truly determine "relay" into a qmail server
Michael, let me ask a "true/false" question or two of you/the list based upon your response (which I REALLY appreciate!): Q: ONLY the content of the 'rcpthosts' and 'morercpthosts' (and any special cases in tcp.smtp) defines which domains' incoming mail will be accepted by SMTPd. True or False? Q: Domains that appear in 'locals' or 'virtualdomains' (for presumed delivery on the local box) but DO NOT appear in rcpthosts/morercpthosts/tcp.smtp (and have no smtphosts controls) CANNOT receive mail directly under normal circumstances. True or False? In summary, domains that appear in local/virtualdomains but do not appear in rcpthosts/etc have a VERY high probability of being misconfigured - with a likely root cause of improper/incomplete deletion of a domain from the system. True or False? (speculative answer, I understand) THANKS A TON! Dave. Michael Krieger wrote: locals: Domains that the server should deliver as local rather than sending off to other people. When you send mail to your own domain, it knows to not deliver it to the MX of that domain by its presence in the locals file rcpthosts / morercpthosts: Domains that the SMTP daemon should receive mail for (allow) without the presence of RELAYCLIENT as set in tcp.smtp or by SMTP authentication. Domains in here will always be accepted, and domains not in here will be rejected unless relaying is allowed. morercpthosts is just a continuation, with your most popular domains to be in rcpthosts, just for speed of lookup. In modern fast systems, it doesn't matter. virtualdomains: A list of the prepended strings by domains, allowing the system to prepend an identifier based on the domain in question. This converts [EMAIL PROTECTED] to [EMAIL PROTECTED] for later processing. smtproutes: A list of domains and their artificial MX server to send mail to. Domains in here should also be in rcpthosts, but not treated as local. Use this if you are delivering mail to another MX for select domains, or if you have a smarthost. For domains that your mail server will accept mail from the Internet, see `cat rcpthosts morercpthosts`. -M - Original Message From: Dave Richardson <[EMAIL PROTECTED]> To: vchkpw@inter7.com Sent: Thursday, January 18, 2007 10:39:27 AM Subject: [vchkpw] which files truly determine "relay" into a qmail server I've been asked to admin an old, jumbled install of qmail/vpopmail (many are local users, many are vpopmail users with .cdb). I'm having a brain cramp because the install has domains splattered all over the following files: /var/qmail/control: locals rctphosts morercpthosts virtualdomains My exercise is to identify ONLY those domains that the server will actually accept delivery for from the Internet so that we can start pruning away the domains that seems to be lingering with no customers/accounts/purpose/etc. My intention/belief was that ONLY 'rcpthosts' and 'morerctphosts' govern which domains the server will accept delivery/relay for from the outside. Thus, I felt that if I built a master list from these two files, any other domains I might find are automatically "unused". However this install has a number of domains that are aliases in the 'locals' file to a single local account and the domains only seem to appear in 'locals'. Does 'locals' (or 'virtualdomains') in any way influence the relay decision to accept incoming mail? Or am I right that ONLY 'rcpthosts' and 'morercpthosts' define the permitted domains. Sorry for the long explanation, validation/help is much appreciated! Dave.
Re: [vchkpw] everyone seen this?
Steve Cole wrote: http://wiki.ctyme.com/index.php/Qmail_Sucks Perkel, he announced his intentions awhile back. -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] which files truly determine "relay" into a qmail server
I've been asked to admin an old, jumbled install of qmail/vpopmail (many are local users, many are vpopmail users with .cdb). I'm having a brain cramp because the install has domains splattered all over the following files: /var/qmail/control: locals rctphosts morercpthosts virtualdomains My exercise is to identify ONLY those domains that the server will actually accept delivery for from the Internet so that we can start pruning away the domains that seems to be lingering with no customers/accounts/purpose/etc. My intention/belief was that ONLY 'rcpthosts' and 'morerctphosts' govern which domains the server will accept delivery/relay for from the outside. Thus, I felt that if I built a master list from these two files, any other domains I might find are automatically "unused". However this install has a number of domains that are aliases in the 'locals' file to a single local account and the domains only seem to appear in 'locals'. Does 'locals' (or 'virtualdomains') in any way influence the relay decision to accept incoming mail? Or am I right that ONLY 'rcpthosts' and 'morercpthosts' define the permitted domains. Sorry for the long explanation, validation/help is much appreciated! Dave.
Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
Guys, in the interest of advancing the science of vpopmail, would you please consider taking this discussion/argument/difference-of-opinion offline? I'm keenly anxious to see the possible new directions that vpopmail may grow given the several threads of recent activity. Your energy and wisdom applied to that end would be most excellent! Cheers, Dave.
Re: [vchkpw] Rename user's .qmail to .vpopmail
Tom Collins wrote: (sorry for not including this in my last email) On Jan 5, 2007, at 10:34 AM, Rick Widmer wrote: I still want to change files to .vpopmail, unless they go out of their way to disable it. I think Charles Cazabon's objection to .qmail files that are executed by vdelivermail is a strong enough reason to do so. I want to eliminate as many of his objections to vpopmail as I can. Who the heck is Charles Cazabon and why should I care that he thinks our files shouldn't be called .qmail? Vpopmail is an add-on to Qmail -- let's just rename vdelivermail to qmail-vpop... If vdelivermail handled the file identically to the way qmail-local does, would he be OK with that? Drop what your are doing, right now! You must swing a dead chicken around your office five times. Then (after putting the chicken down) hop on your left foot five times while chanting "Only I interpret RFCs... Only I interpret RFCs...". You may still protect your offspring from the wrath of the qmail list. You however are doomed, sorry to say. Hurry, it's not too late. Do it for the children. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] A vpopmail farm/NFS framework?
DAve wrote: Tom Collins wrote: On Jan 2, 2007, at 1:37 PM, DAve wrote: front-end (target)-> NFS (source) --- /home/vpopmail/domains -> /shared/vdomains /var/qmail/control -> /shared/qmail-control /usr/local/www -> /shared/webmail /var/tmp -> /shared/webmail-sessions Don't forget /var/qmail/users as well. -- Tom Collins - [EMAIL PROTECTED] Thank you, that is a big whoops on my part. I actually have the following qmail dirs mapped. alias -> /shared/qmail-alias control -> /shared/qmail-control users -> /shared/qmail-users It has been that long since I had to log in and look at that directory ;^) DAve DAve, Tom, Joshua; You have my sincerest thanks for your thoughtful and VERY useful contributions! Thank you! Dave.
Re: [vchkpw] A vpopmail farm/NFS framework?
Tom Collins wrote: On Jan 2, 2007, at 1:37 PM, DAve wrote: front-end (target)-> NFS (source) --- /home/vpopmail/domains -> /shared/vdomains /var/qmail/control -> /shared/qmail-control /usr/local/www -> /shared/webmail /var/tmp -> /shared/webmail-sessions Don't forget /var/qmail/users as well. -- Tom Collins - [EMAIL PROTECTED] Thank you, that is a big whoops on my part. I actually have the following qmail dirs mapped. alias -> /shared/qmail-alias control -> /shared/qmail-control users -> /shared/qmail-users It has been that long since I had to log in and look at that directory ;^) DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] A vpopmail farm/NFS framework?
DAve wrote: Sorry, had more thoughts... Dave Richardson wrote: Anyone aware of a particularly good discussion of building a farm of vpopmail "compliant" front-end machines for user access to a central file server via NFS on linux? I'm concerned that I haven't thought through issues in how to properly account for webmail/IMAP, MySQL for storing smtp-auth IPs for relay control, and a few other topics. Googling hasn't yielded much but a few threads from the *BSD folks. My tentative thinking is 2+ front end machines that draw from a common/identical configuration that provide the client interfaces via: - SMTPd, smtp-auth, pop3d, send, IMAPd, anti-virus, anti-spam, webmail (apache + squirrelmail) I would advise using the local supervise scripts. They should change so little that running them from a mounted dir really isn't needed. In our case we wanted them local. For example, exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver -v -P -R -h -l ecluster4.tls.net -x \ /var/qmail/control/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 10.0.241.134 25 \ /usr/local/bin/fixcrio /var/qmail/bin/qmail-smtpd 2>&1 Putting the host name and the IP in the run file will make your headers more informative. Most How-Tos don't show that. You could script a solution I'm sure if you choose to share run files. As far as smtp-auth IPs, we offer smtp to only the networks we own for outbound mail, we make everyone else us smtp-auth. Our IPs don't change often enough to warrant sharing tcp.cdb, though we configured it that way from the beginning. Using smtp-auth instead of relay IP solutions means we don't have to modify and rebuild cdb files all day. Keep in mind that changing a shared file will make all servers see the changes immediately, for better or for worse. It's a balancing act. Risk vs Convenience. - CHKUSER talking to the backend server CHKUSER doesn't care, there is nothing special to do. - Local /var/qmail/ (typical) install for queue, bin, supervise, etc... possibly taken from the central, backend server via nightly rsync where needed. Run a local queue, trust me on this. /var/qmail/control is really all you need to share, and actually you could get by without it. We found data in there changes so little it really isn't an advantage having it on NFS or scripting a solution via rsync. DAve - NFS client communication to the central backend server We use a large MySQL/NFS machine for this here. We have each front-end server (toaster/ecluster/whatever) connecting to a common MySQL DB. We also use a self authored management program to modify vpopmail DB entries. Currently we NFS mount a common directory on each front-end machine. That directory contains the following; domains, qmail-control, webmail. We then use symlinks to map the required directories on each front-end server. front-end (target)-> NFS (source) --- /home/vpopmail/domains -> /shared/vdomains /var/qmail/control -> /shared/qmail-control /usr/local/www -> /shared/webmail /var/tmp -> /shared/webmail-sessions Make sure your NFS mount is up and operational before starting qmail. A single, large server provides the "backend" services to these machines for: - MySQL server (for smtp-auth tracking, squirrelmail prefs/abook/sigs, users, domains) - NFS Service providing Client-mounted folder(s) for the domains' email. Any special compile/configuration suggestions to support this that I wouldn't normally use on a single-box solution? Should the client machines be logging to their local drives, to an NFS mounted drive, or log over the network (like syslog-ng, even possible with multilog???) to any particular host? We use local logging, I would advise against NFS logging, it was iffy for us. Never had a need to investigate logging over the network. We only have three front-end machines so it is easy enough to log into the offending machines and tail/grep the logs. Headers will always tell you which machine to investigate. Any administrative issues that grow through this distributed model? I'm thinking about whether vqadmin or qmailadmin will continue to function correctly when run from any of the "farm" machines? Would I just allow one "admin" machine for vqadmin/qmailadmin to prevent issues? We use neither. Any risks of data collision/overlap or other issues that might surface with this multi-server model? Central MySQL should solve most of this, right? THANKS! Three years up and running, 50,000 delivered messages a day. No problems ever with lost mail or failures. Clients still scream "you lost my message" and I prove them wrong each time, but they still try. I hope that helps.
Re: [vchkpw] A vpopmail farm/NFS framework?
Dave Richardson wrote: Anyone aware of a particularly good discussion of building a farm of vpopmail "compliant" front-end machines for user access to a central file server via NFS on linux? I'm concerned that I haven't thought through issues in how to properly account for webmail/IMAP, MySQL for storing smtp-auth IPs for relay control, and a few other topics. Googling hasn't yielded much but a few threads from the *BSD folks. My tentative thinking is 2+ front end machines that draw from a common/identical configuration that provide the client interfaces via: - SMTPd, smtp-auth, pop3d, send, IMAPd, anti-virus, anti-spam, webmail (apache + squirrelmail) - CHKUSER talking to the backend server - Local /var/qmail/ (typical) install for queue, bin, supervise, etc... possibly taken from the central, backend server via nightly rsync where needed. - NFS client communication to the central backend server We use a large MySQL/NFS machine for this here. We have each front-end server (toaster/ecluster/whatever) connecting to a common MySQL DB. We also use a self authored management program to modify vpopmail DB entries. Currently we NFS mount a common directory on each front-end machine. That directory contains the following; domains, qmail-control, webmail. We then use symlinks to map the required directories on each front-end server. front-end (target)-> NFS (source) --- /home/vpopmail/domains -> /shared/vdomains /var/qmail/control -> /shared/qmail-control /usr/local/www -> /shared/webmail /var/tmp -> /shared/webmail-sessions Make sure your NFS mount is up and operational before starting qmail. A single, large server provides the "backend" services to these machines for: - MySQL server (for smtp-auth tracking, squirrelmail prefs/abook/sigs, users, domains) - NFS Service providing Client-mounted folder(s) for the domains' email. Any special compile/configuration suggestions to support this that I wouldn't normally use on a single-box solution? Should the client machines be logging to their local drives, to an NFS mounted drive, or log over the network (like syslog-ng, even possible with multilog???) to any particular host? We use local logging, I would advise against NFS logging, it was iffy for us. Never had a need to investigate logging over the network. We only have three front-end machines so it is easy enough to log into the offending machines and tail/grep the logs. Headers will always tell you which machine to investigate. Any administrative issues that grow through this distributed model? I'm thinking about whether vqadmin or qmailadmin will continue to function correctly when run from any of the "farm" machines? Would I just allow one "admin" machine for vqadmin/qmailadmin to prevent issues? We use neither. Any risks of data collision/overlap or other issues that might surface with this multi-server model? Central MySQL should solve most of this, right? THANKS! Three years up and running, 50,000 delivered messages a day. No problems ever with lost mail or failures. Clients still scream "you lost my message" and I prove them wrong each time, but they still try. I hope that helps. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] A vpopmail farm/NFS framework?
Anyone aware of a particularly good discussion of building a farm of vpopmail "compliant" front-end machines for user access to a central file server via NFS on linux? I'm concerned that I haven't thought through issues in how to properly account for webmail/IMAP, MySQL for storing smtp-auth IPs for relay control, and a few other topics. Googling hasn't yielded much but a few threads from the *BSD folks. My tentative thinking is 2+ front end machines that draw from a common/identical configuration that provide the client interfaces via: - SMTPd, smtp-auth, pop3d, send, IMAPd, anti-virus, anti-spam, webmail (apache + squirrelmail) - CHKUSER talking to the backend server - Local /var/qmail/ (typical) install for queue, bin, supervise, etc... possibly taken from the central, backend server via nightly rsync where needed. - NFS client communication to the central backend server A single, large server provides the "backend" services to these machines for: - MySQL server (for smtp-auth tracking, squirrelmail prefs/abook/sigs, users, domains) - NFS Service providing Client-mounted folder(s) for the domains' email. Any special compile/configuration suggestions to support this that I wouldn't normally use on a single-box solution? Should the client machines be logging to their local drives, to an NFS mounted drive, or log over the network (like syslog-ng, even possible with multilog???) to any particular host? Any administrative issues that grow through this distributed model? I'm thinking about whether vqadmin or qmailadmin will continue to function correctly when run from any of the "farm" machines? Would I just allow one "admin" machine for vqadmin/qmailadmin to prevent issues? Any risks of data collision/overlap or other issues that might surface with this multi-server model? Central MySQL should solve most of this, right? THANKS! D.
Re: [vchkpw] vpopmail sans qmail.
Darrel O'Pry wrote: On Fri, 2006-12-22 at 11:02 -0600, Rick Romero wrote: I think it would be nice to feel like to owner/author of qmail was actually behind it. And to do that, he should be improving upon it - that is, accepting at least the patches that we all use. Obviously it's not a complete product, unless you can point me to a substantial 'stock qmail' userbase. Nobody can even provide binaries for the 'lessers' among us - so they will never use it. These couple lines are the crux of the problem for my higher ups. They feel that there is not central driving force behind qmail on a fast moving internet. It lacks user and general support base. It doesn't come with our linux distribution, and it can't receive support from packagers. If they want qmail support its one more vendor in the loop. I've got to interface with the business guys. I would contact one of the many commercial entities currently supporting qmail (how about Inter7?). Your example would mean that you have to pay for both developer support and vendor support with something like Redhat. Redhat could always say "it's a sendmail issue" or "it's a Postfix issue". The stated problem of DJB not supporting qmail removes that, it is unlikely that anyone is the qmail commercial support community would say "contact DJB, we can't fix that". In my experience just the opposite would happen, the qmail support community would respond "sure we can change that". Look at what they already support. Many people point to the myriad number of patches for qmail and proclaim "it's out of date, it takes so many patches to do anything". I believe it is more a case of "so many patches, I can configure/engineer almost any solution with qmail". Just my thoughts and I should probably let the thread die. But if support is your stumbling block I would contact a commercial qmail support company, like the one running this list, and at least get a quote and a contract to review. No, I don't work for inter7, I've not contracted with inter7 for support, they are not paying me to promote them. Though, I did take their offer for free stuff on the website and got some cool sh*&t once ;^) DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] vpopmail sans qmail.
Rick Romero wrote: DAve wrote: Patch smatch, if it's a patch everyone gets to beat qmail up and scream at each other about what a wasted never updated POS qmail is. So patches are bad bad bad. Only software that is poor and decrepit uses patches. But, let someone add that patch to the source code and bundle up a new package and suddenly every new user who posts a question is told "You need the latest version". I have seen this many many times on many many maillists. We have not had to make a security update to our qmail installs in the 5 years we have been running them. All it took was running "patch < somediff" a few times ONCE during the initial install. Lets be honest here, most minor version upgrades in OSS are the result of contributed patches (developer or user). Yet no one is claiming that vpopmail/postfix/perl/ruby/python is a patchy POS after we see the developers accepting patches from users and rolling out an upgrade. I think it would be nice to feel like to owner/author of qmail was actually behind it. And to do that, he should be improving upon it - that is, accepting at least the patches that we all use. Obviously it's not a complete product, unless you can point me to a substantial 'stock qmail' userbase. Nobody can even provide binaries for the 'lessers' among us - so they will never use it. Point taken, but the constant "qmail is patchy" as an excuse to belittle the software and it's users is getting on my nerves of late. I have also found myself falling into the "if you can't build an email server, you shouldn't be administering one" camp, blame it on the fact that I deal weekly with mis-configured Exchange servers and Barracuda installs. I ranted 8^o I propose that someone create a shell script that installs qmail and a set of user selected "Modules" chosen from a menu. Vpopmail could be a "Module", chkuser could be a "Module", bigip could be a "Module". You could even rerun the script to add/subtract "Modules", much like Apache Toolbox. Maybe then people would get over their aversion to "patches" in qmail. Check out Matt Simerson's Mail::Toaster - I think the back end is even in CPAN now.. www.tnpi.biz. I've totally felt like a 'Matt schill' lately, but IMHO what he has done just rocks. Never feel bad for giving good advice. We already have a standard install procedure we use, or we would likely be running Matt's Toaster as well. I have never heard anything bad about it. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] vpopmail sans qmail.
Christopher Chan wrote: John Simpson wrote: On 2006-12-18, at 0444, Christopher Chan wrote: Darrel O'Pry wrote: I'm currently considering replacing qmail in my mail systems. I was wondering if anyone had tried vpopmail with postfix or exim and what their experiences were. Yeah, I use vpopmail with postfix. Love it. postfix user existence checks mean I don't have large queues. How? I have looked for this several times in the past few years and not seen it. Other than the postfix.txt on the inter7 website, but nothing substantial about how it is done, caveats, etc. funny, i've been doing the same thing using qmail (making sure recipient email addresses exist before accepting a RCPT command in the SMTP conversation) for over a year now. Yes. with a patch. I know patches exist. I have nothing against qmail. I will recommend qmail where it is most suitable...as the mta for outgoing mails for a mailing list or as the second stage in the inbound system due to dot-qmail which is a delivery system that is second to none. Uh oh, I feel it coming Patch smatch, if it's a patch everyone gets to beat qmail up and scream at each other about what a wasted never updated POS qmail is. So patches are bad bad bad. Only software that is poor and decrepit uses patches. But, let someone add that patch to the source code and bundle up a new package and suddenly every new user who posts a question is told "You need the latest version". I have seen this many many times on many many maillists. We have not had to make a security update to our qmail installs in the 5 years we have been running them. All it took was running "patch < somediff" a few times ONCE during the initial install. Lets be honest here, most minor version upgrades in OSS are the result of contributed patches (developer or user). Yet no one is claiming that vpopmail/postfix/perl/ruby/python is a patchy POS after we see the developers accepting patches from users and rolling out an upgrade. I propose that someone create a shell script that installs qmail and a set of user selected "Modules" chosen from a menu. Vpopmail could be a "Module", chkuser could be a "Module", bigip could be a "Module". You could even rerun the script to add/subtract "Modules", much like Apache Toolbox. Maybe then people would get over their aversion to "patches" in qmail. Thank you, I feel better, you may return to your regularly scheduled list mail. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] ezmlm and chkuser - vpopmail 5.4.10
SOLVED: Per this thread (google cache): http://72.14.203.104/search?q=cache:MR4qfHVugXIJ:www.tnpi.biz/support/forums/index.php%3Ft%3Dmsg%26th%3D516%26start%3D0%26rid%3D0+chkuser+ezmlm&hl=en&gl=us&ct=clnk&cd=20 in chkuser_settings.h /* #define CHKUSER_ENABLE_ALIAS_DEFAULT */ to #define CHKUSER_ENABLE_ALIAS_DEFAULT and then re-run "make setup check" Sorry to bother the list. Dave Richardson wrote: Having trouble getting my first ezmlm list to run on a newly built server with vpopmail 5.4.10 and CHKUSER 2.0.8b. CHKUSER was built using chkuser_settings.h with: -- /* * The following #define set the character used for lists extensions * be careful: this is a single char '-' definition, not a "string" */ #define CHKUSER_EZMLM_DASH '-' /* * Enables checking for EZMLM lists * this define substitutes #define CHKUSER_ENABLE_LISTS * */ #define CHKUSER_ENABLE_EZMLM_LISTS -- vpopmail was built with: -- ./configure \ --enable-roaming-users \ --enable-logging=p \ --disable-passwd \ --enable-clear-passwd \ --disable-domain-quotas \ --enable-auth-module=mysql \ --enable-auth-logging \ --enable-sql-logging \ --enable-valias \ --disable-users-big-dir \ --disable-mysql-limits \ --enable-tcprules-prog=/usr/local/bin/tcprules \ --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --enable-relay-clear-minutes=180 -- A message to the list directly with subject "subscribe" by an unsubscribed user receives a notice: ezmlm-reject: fatal: Sorry, I don't accept commands in the subject line. Please send a message to the -help address shown in the the ``Mailing-List:'' header for command info (#5.7.0) -- A message to the list-subscribe address (i.e. [EMAIL PROTECTED]) with subject "subscribe" returns [server] does not like recipient. Remote host said: 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) -- So, I conclude that CHKUSER is rejecting an unknown user called "list-subscribe" even though I think I have correctly enabled ezmlm extension checking for CHKUSER. Advice would be most appreciated! Thanks, Dave.
[vchkpw] ezmlm and chkuser - vpopmail 5.4.10
Having trouble getting my first ezmlm list to run on a newly built server with vpopmail 5.4.10 and CHKUSER 2.0.8b. CHKUSER was built using chkuser_settings.h with: -- /* * The following #define set the character used for lists extensions * be careful: this is a single char '-' definition, not a "string" */ #define CHKUSER_EZMLM_DASH '-' /* * Enables checking for EZMLM lists * this define substitutes #define CHKUSER_ENABLE_LISTS * */ #define CHKUSER_ENABLE_EZMLM_LISTS -- vpopmail was built with: -- ./configure \ --enable-roaming-users \ --enable-logging=p \ --disable-passwd \ --enable-clear-passwd \ --disable-domain-quotas \ --enable-auth-module=mysql \ --enable-auth-logging \ --enable-sql-logging \ --enable-valias \ --disable-users-big-dir \ --disable-mysql-limits \ --enable-tcprules-prog=/usr/local/bin/tcprules \ --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --enable-relay-clear-minutes=180 -- A message to the list directly with subject "subscribe" by an unsubscribed user receives a notice: ezmlm-reject: fatal: Sorry, I don't accept commands in the subject line. Please send a message to the -help address shown in the the ``Mailing-List:'' header for command info (#5.7.0) -- A message to the list-subscribe address (i.e. [EMAIL PROTECTED]) with subject "subscribe" returns [server] does not like recipient. Remote host said: 511 sorry, no mailbox here by that name (#5.1.1 - chkuser) -- So, I conclude that CHKUSER is rejecting an unknown user called "list-subscribe" even though I think I have correctly enabled ezmlm extension checking for CHKUSER. Advice would be most appreciated! Thanks, Dave.
Re: [vchkpw] Removng Duplicate Email
Dang, I was going to use that one. Maybe I'll switch. Cheers, Dave - Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]> To: Sent: Monday, December 04, 2006 11:35 AM Subject: Re: [vchkpw] Removng Duplicate Email I would use bill shupp toasterI just build a centos 4.4 with that it's the best online... Just my 2 cents Remo Dave Cook wrote: Hi Remo: Yes, I use maildrop and the standard Spamassassin filters in /usr/share/spamassassin. My local.cf file in /etc/mail/spamassassin is: # These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. ok_locales all skip_rbl_checks 1 required_hits 5.0 rewrite_header Subject ***SPAM*** report_safe 0 use_pyzor 1 use_razor2 1 use_dcc 1 use_auto_whitelist 1 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_file_mode 0666 add_header all Status _YESNO_ Autolearn=_AUTOLEARN_ score=_SCORE_ required=_REQD_ tests=_TESTS_ bayes=_BAYES_ Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ add_header all Level _STARS(*)_ add_header spam Flag _YESNOCAPS_ I also run DCC, Pyzor and Razor2 (as you can see). The dups are intermittent and happen when the server is under heavy load. I read an article here: http://www.cyber-sentry.com/index.php?id=108 as to why this can happen. The filtering software appears to be working fine. My qmail install is a standard toaster install from here: http://wiki.qmailtoaster.com/index.php/CentOS_4.3_QmailToaster_Install. All I really need to do is implement this eliminate-dups script if it's required. Maybe play with the timeouts of Pyzor, Razor2 etc? Cheers, Dave - Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]> To: Sent: Monday, December 04, 2006 12:36 AM Subject: Re: [vchkpw] Removng Duplicate Email !DSPAM:45744843321701987214747! -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.6/567 - Release Date: 12/4/2006
Re: [vchkpw] Removng Duplicate Email
Hi Remo:
Yes, I use maildrop and the standard Spamassassin filters in
/usr/share/spamassassin. My local.cf file in /etc/mail/spamassassin is:
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
ok_locales all
skip_rbl_checks 1
required_hits 5.0
rewrite_header Subject ***SPAM***
report_safe 0
use_pyzor 1
use_razor2 1
use_dcc 1
use_auto_whitelist 1
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1
bayes_file_mode 0666
add_header all Status _YESNO_ Autolearn=_AUTOLEARN_ score=_SCORE_
required=_REQD_ tests=_TESTS_ bayes=_BAYES_ Checker-Version SpamAssassin
_VERSION_ (_SUBVERSION_) on _HOSTNAME_
add_header all Level _STARS(*)_
add_header spam Flag _YESNOCAPS_
I also run DCC, Pyzor and Razor2 (as you can see). The dups are
intermittent and happen when the server is under heavy load. I read an
article here:
http://www.cyber-sentry.com/index.php?id=108 as to why this can happen. The
filtering software appears to be working fine. My qmail install is a
standard toaster install from here:
http://wiki.qmailtoaster.com/index.php/CentOS_4.3_QmailToaster_Install. All
I really need to do is implement this eliminate-dups script if it's
required. Maybe play with the timeouts of Pyzor, Razor2 etc?
Cheers,
Dave
- Original Message -
From: "Remo Mattei" <[EMAIL PROTECTED]>
To:
Sent: Monday, December 04, 2006 12:36 AM
Subject: Re: [vchkpw] Removng Duplicate Email
so u get dub when mail comes in? do u use maildrop? if you also use
other filter that may cause the problem.
Remo
Dave Cook wrote:
Hi Remo:
That was just a left-over from testing. I removed the user-default and
I still get dups. That's where I started this morning when the dup
thing started.
Getting back to the eliminate-dups script.
1) I have the following in .qmail-delivery: (in
/home/vpopmail/domains/mydomain.com/)
| /usr/local/sbin/eliminate-dups mydomain.com duphash
&[EMAIL PROTECTED]
2) I have the following in .qmail-default: (in
/home/vpopmail/domains/mydomain.com/)
| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
3) The eliminate-dups script is here:
#! /usr/bin/perl
#--
# Copyright 2006 Russell Nelson <[EMAIL PROTECTED]>
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.
#--
#
#
# Modified for use with vpopmail
# by Chris Hardie <[EMAIL PROTECTED]>
# originally by Russell Nelson, http://www.qmail.org/eliminate-dups
#
#
# Now, if delivery to the mbox is deferred, eliminate-dups will NOT be
# run a second time for the same message.
#
# Set up ~vpopmail/domains/domain.com/.qmail-default as follows:
#
# | /home/vpopmail/bin/vdelivermail '' [EMAIL PROTECTED]
#
# Then create a ~vpopmail/domains/domain.com/.qmail-delivery file as
follows:
#
# |bin/eliminate-dups domain.com duphash
# &[EMAIL PROTECTED]
#
# Now, if delivery to the mbox is deferred, eliminate-dups will NOT be
# run a second time for the same message.
my $basedir = "/home/vpopmail/domains";
my $domainname = shift;
my $hname = shift;
my $hashname = "$basedir/$domainname/$hname";
use Digest::MD5;
$md5 = new Digest::MD5;
$loose = 1; # loose matching if set.
while(<>) {
last if /^$/;
next if $ignore_continue && /^\s/;
$ignore_continue = 0;
if (/^received:/i) {
$ignore_continue = 1;
next;
}
if (!$loose) {
$headers .= $_;
next;
}
if ($keep_continue && /^\s/) {
$headers .= $_;
next;
}
$keep_continue = 0;
if (m/^(from|message-id|date):/i) {
$headers .= $_;
$keep_continue = 1;
next;
}
next;
}
$md5->add($headers);
$md5->addfile(STDIN);
$hash = $md5->hexdigest;
print "$headers Our hash:$hash\n";
if (open(HASH, "<$hashname.newer")) {
flock(HASH, 2);
while() { chomp; exit 99 if $_ eq $hash; }
}
open(HASH, "<$hashname.older") || die "$0: Cannot open $hashname.older";
while() { chomp; exit 99 if $_ eq $hash; }
# roll the files once a week.
if (-M "$hashname.older" > 7) {
rename("$hashname.newer", "$hashname.older") || die "$0: Unable
to move newer to older";
}
# add the hash to the "received messages" list.
open(HASH, ">>$hashname.newer") || die "$0: Cannot append to
$hashname.newer";
print HASH "$hash\n";
close(HASH);
print "Original message";
exit 0;
a) Putting | /home/vpopmail/bin/vdelivermail '
Re: [vchkpw] Removng Duplicate Email
Hi Remo:
That was just a left-over from testing. I removed the user-default and I
still get dups. That's where I started this morning when the dup thing
started.
Getting back to the eliminate-dups script.
1) I have the following in .qmail-delivery: (in
/home/vpopmail/domains/mydomain.com/)
| /usr/local/sbin/eliminate-dups mydomain.com duphash
&[EMAIL PROTECTED]
2) I have the following in .qmail-default: (in
/home/vpopmail/domains/mydomain.com/)
| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
3) The eliminate-dups script is here:
#! /usr/bin/perl
#--
# Copyright 2006 Russell Nelson <[EMAIL PROTECTED]>
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.
#--
#
#
# Modified for use with vpopmail
# by Chris Hardie <[EMAIL PROTECTED]>
# originally by Russell Nelson, http://www.qmail.org/eliminate-dups
#
#
# Now, if delivery to the mbox is deferred, eliminate-dups will NOT be
# run a second time for the same message.
#
# Set up ~vpopmail/domains/domain.com/.qmail-default as follows:
#
# | /home/vpopmail/bin/vdelivermail '' [EMAIL PROTECTED]
#
# Then create a ~vpopmail/domains/domain.com/.qmail-delivery file as
follows:
#
# |bin/eliminate-dups domain.com duphash
# &[EMAIL PROTECTED]
#
# Now, if delivery to the mbox is deferred, eliminate-dups will NOT be
# run a second time for the same message.
my $basedir = "/home/vpopmail/domains";
my $domainname = shift;
my $hname = shift;
my $hashname = "$basedir/$domainname/$hname";
use Digest::MD5;
$md5 = new Digest::MD5;
$loose = 1; # loose matching if set.
while(<>) {
last if /^$/;
next if $ignore_continue && /^\s/;
$ignore_continue = 0;
if (/^received:/i) {
$ignore_continue = 1;
next;
}
if (!$loose) {
$headers .= $_;
next;
}
if ($keep_continue && /^\s/) {
$headers .= $_;
next;
}
$keep_continue = 0;
if (m/^(from|message-id|date):/i) {
$headers .= $_;
$keep_continue = 1;
next;
}
next;
}
$md5->add($headers);
$md5->addfile(STDIN);
$hash = $md5->hexdigest;
print "$headers Our hash:$hash\n";
if (open(HASH, "<$hashname.newer")) {
flock(HASH, 2);
while() { chomp; exit 99 if $_ eq $hash; }
}
open(HASH, "<$hashname.older") || die "$0: Cannot open $hashname.older";
while() { chomp; exit 99 if $_ eq $hash; }
# roll the files once a week.
if (-M "$hashname.older" > 7) {
rename("$hashname.newer", "$hashname.older") || die "$0: Unable to
move newer to older";
}
# add the hash to the "received messages" list.
open(HASH, ">>$hashname.newer") || die "$0: Cannot append to
$hashname.newer";
print HASH "$hash\n";
close(HASH);
print "Original message";
exit 0;
a) Putting | /home/vpopmail/bin/vdelivermail '' [EMAIL PROTECTED] in
the .qmail-default file stops email delivery and doesn't work.
b) This file is owned by vpopmail.vchkpw and is executable and is in my
/usr/local/sbin directory.
Question: Does vpopmail read .qmail files in the user's Maildirs? (i.e.
/home/vpopmail/domains/mydomain.com/dcook)
I need some direction on where these files should reside, if it actually
works and how I can test it. Any help greatly appreciated.
Cheers,
Dave
- Original Message -
From: "Remo Mattei" <[EMAIL PROTECTED]>
To:
Sent: Sunday, December 03, 2006 11:21 PM
Subject: Re: [vchkpw] Removng Duplicate Email
why do u have a user and a default with the same info? try to remove the
user's one and see if u get mail and if it gets dubs..
Just a suggestion..
My 2 cents
Dave Cook wrote:
Hi Remo:
It's the user default file in /home/vpopmail/domains/mydomain.com/ I
also have a .qmail-default file in that same directory with the same
contents.
Cheers,
Dave
- Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]>
To:
Sent: Sunday, December 03, 2006 8:51 PM
Subject: Re: [vchkpw] Removng Duplicate Email
!DSPAM:45739d0b199767320219403!
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.6/565 - Release Date: 12/2/2006
Re: [vchkpw] Removng Duplicate Email
Hi Remo: It's the user default file in /home/vpopmail/domains/mydomain.com/ I also have a .qmail-default file in that same directory with the same contents. Cheers, Dave - Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]> To: Sent: Sunday, December 03, 2006 8:51 PM Subject: Re: [vchkpw] Removng Duplicate Email so is this the .qmail-default or the user? Remo Dave Cook wrote: Hi Remo: Thanks for the response. Yes, I have that file. For myself as an example: .qmail-dcook and it contains: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox Cheers, Dave - Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]> To: Sent: Sunday, December 03, 2006 7:35 PM Subject: Re: [vchkpw] Removng Duplicate Email !DSPAM:4573737c283213607818837! -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.6/565 - Release Date: 12/2/2006
Re: [vchkpw] Removng Duplicate Email
Hi Remo: Thanks for the response. Yes, I have that file. For myself as an example: .qmail-dcook and it contains: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox Cheers, Dave - Original Message - From: "Remo Mattei" <[EMAIL PROTECTED]> To: Sent: Sunday, December 03, 2006 7:35 PM Subject: Re: [vchkpw] Removng Duplicate Email do you have a .qmail-user file? what are the setting on that? Remo Dave Cook wrote: Hi: I'm trying to use Chris Hardie's modified Russell Nelson script: http://www.mail-archive.com/vchkpw@inter7.com/msg08313.html to remove duplicate email my customers are getting. I followed everything to the letter but can't seem to get it to work. I tried the .default-delivery file setup in the /home/vpopmail/domains// directory and modified the .qmail-default file for that domain as per the instructions but nothing seems to be happening. I'm new to vpopmail so if someone has got this working could you shed some light on it for me? Where should these files reside to have this work properly? Cheers, Dave Cook !DSPAM:457358e1262601480917376! -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.6/565 - Release Date: 12/2/2006
[vchkpw] Removng Duplicate Email
Hi: I'm trying to use Chris Hardie's modified Russell Nelson script: http://www.mail-archive.com/vchkpw@inter7.com/msg08313.html to remove duplicate email my customers are getting. I followed everything to the letter but can't seem to get it to work. I tried the .default-delivery file setup in the /home/vpopmail/domains// directory and modified the .qmail-default file for that domain as per the instructions but nothing seems to be happening. I'm new to vpopmail so if someone has got this working could you shed some light on it for me? Where should these files reside to have this work properly? Cheers, Dave Cook
Re: [vchkpw] File size
I believe that's a PHP setting. Check php.ini Austin Jorden wrote: I'm limited on the file size that our webmail users can send, I'd like to be able to modify this size control - is there a wya to do this? -- Austin Jorden !DSPAM:45536b6127414302157015!
Re: [vchkpw] Qmail smtp oddity with vpopmail and chkuser
Tom Collins wrote: On Oct 27, 2006, at 7:06 AM, DAve wrote: mail from: [EMAIL PROTECTED] ## At this point qmail-smtpd just sits and never responds 250 ok The only difference is the colon after the mail from command. No colon and qmail-smtpd responds, a colon and it does not, ever. I narrowed it down to stock qmail works, and qmail + chkuser does not. It seems to make no difference which vpopmail I use. This is very odd to me because this configuration has passed millions of messages in the past two years. I see no reason why it should fail to respond to an incoming connection incorrectly now. Just as an FYI, RFC821 says you need angle brackets around the email address (and no space after the colon). Regardless, qmail-smtpd should come back. I just tried your test on my system (Shupp Toaster) and it came back fine. Yea, I normally use the full correct syntax, but I know my server do not require it so I generally type by habit, right or wrong. I did try a correct syntax and the results got even odder. bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from:<[EMAIL PROTECTED]> ^] telnet> quit Connection closed. bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from<[EMAIL PROTECTED]> ^] telnet> quit Connection closed. bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from <[EMAIL PROTECTED]> ^] telnet> quit Connection closed. bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from [EMAIL PROTECTED] 250 ok ^] telnet> quit Now only "mail from [EMAIL PROTECTED]" works. Noting else does. I am completely perplexed. I have made one more change, I scp'd over my sources for vpopmail from a working server and recompiled and reinstalled onto the failing server and the problem persisted. I will try doing the same with qmail and chckuser next. Need to get some things done first. It is looking like the only difference will be FreeBSD versions. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
[vchkpw] Qmail smtp oddity with vpopmail and chkuser
Good morning, I have been upgrading one of my toasters and ran into a problem. It seems that my MailScanner server keeps timing out trying to connect to this one toaster. Checking it via telnet from the MailScanner server shows this to be true, under an odd circumstance. This works, bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from [EMAIL PROTECTED] 250 ok This does not, bash-2.05b# telnet 10.0.241.135 25 Trying 10.0.241.135... Connected to ecluster5. Escape character is '^]'. 220 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! ESMTP helo avhost1 250 smtp.tls.net UNAUTHORIZED USE WILL BE PROSECUTED! mail from: [EMAIL PROTECTED] ## At this point qmail-smtpd just sits and never responds 250 ok The only difference is the colon after the mail from command. No colon and qmail-smtpd responds, a colon and it does not, ever. I narrowed it down to stock qmail works, and qmail + chkuser does not. It seems to make no difference which vpopmail I use. This is very odd to me because this configuration has passed millions of messages in the past two years. I see no reason why it should fail to respond to an incoming connection incorrectly now. The *two* differences between my working configurations and this one is FreeBSD version, and my other installs also carried these patches, 5.4.10-spamc-to-maildrop.patch 5.4.10-spamc.patch Both of which we no longer need. Any head slaps, finger pointing, clue bats appreciated. DAve Install information follows. I am running the following versions, FreeBSD 6.2 qmail-1.03 (conf-split = 97) qmail-0.0.0.0.patch qmail-103.patch qmail-maildir++.patch vpopmail-5.4.10 and/or vpopmail-5.4.17 chkuser-2.0.8b-release === vpopmail configured as follows, ./configure --enable-tcpserver-file=/shared/qmail/control --enable-learn-passwords --enable-vpopuser=vpopmail --enable-vpopgroup=vchkpw --enable-qmail-ext --enable-incdir=/usr/local/include/mysql --enable-libdir=/usr/local/lib/mysql --enable-clear-password --enable-auth-module=mysql --enable-valias --enable-spamassassin = chkuser_settings.h #define CHKUSER_VPOPMAIL #define CHKUSER_STARTING_VARIABLE "CHKUSER_START" #define CHKUSER_ENABLE_UIDGID #define CHKUSER_DOMAIN_WANTED #define CHKUSER_ENABLE_USERS #define CHKUSER_ENABLE_ALIAS #define CHKUSER_EZMLM_DASH '-' #define CHKUSER_BOUNCE_STRING "bounce-no-mailbox" #define CHKUSER_ENABLE_LOGGING #define CHKUSER_SENDER_NOCHECK_VARIABLE "RELAYCLIENT" #define CHKUSER_MIN_DOMAIN_LEN 4 #define CHKUSER_LOG_VALID_SENDER #define CHKUSER_RCPT_LIMIT_VARIABLE "CHKUSER_RCPTLIMIT" #define CHKUSER_WRONGRCPT_LIMIT_VARIABLE "CHKUSER_WRONGRCPTLIMIT" #define CHKUSER_MBXQUOTA_VARIABLE "CHKUSER_MBXQUOTA" #define CHKUSER_ERROR_DELAY 1000 #define CHKUSER_RCPT_DELAY_ANYERROR #define CHKUSER_SENDER_DELAY_ANYERROR #define CHKUSER_NORCPT_STRING "511 sorry, no mailbox here by that name (#5.1.1 - chkuser)\r\n" #define CHKUSER_RESOURCE_STRING "430 system temporary unavailable, try again later (#4.3.0 - chkuser)\r\n" #define CHKUSER_MBXFULL_STRING "522 sorry, recipient mailbox is full (#5.2.2 - chkuser)\r\n" #define CHKUSER_MAXRCPT_STRING "571 sorry, reached maximum number of recipients for one session (#5.7.1 - chkuser)\r\n" #define CHKUSER_MAXWRONGRCPT_STRING "571 sorry, you are violating our security policies (#5.1.1 - chkuser)\r\n" #define CHKUSER_DOMAINMISSING_STRING "511 sorry, you must specify a domain (#5.1.1 - chkuser)\r\n" #define CHKUSER_RCPTFORMAT_STRING "511 sorry, recipient address has invalid format (#5.1.1 - chkuser)\r\n" #define CHKUSER_RCPTMX_STRING "511 sorry, can't find a valid MX for rcpt domain (#5.1.1 - chkuser)\r\n" #define CHKUSER_SENDERFORMAT_STRING "571 sorry, sender address has invalid format (#5.7.1 - chkuser)\r\n" #define CHKUSER_SENDERMX_STRING "511 sorry, can't find a valid MX for sender domain (#5.1.1 - chkuser)\r\n" #define CHKUSER_INTRUSIONTHRESHOLD_STRING "571 sorry, you are violating our security policies (#5.7.1 - chkuser)\r\n" #define CHKUSER_NORELAY_STRING "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)\r\n" #define CHKUSER_ENABLE_EZMLM_LISTS #define CHKUSER_IDENTIFY_REMOTE_VARIABLE "CHKUSER_IDENTIFY" #define CHKUSER_USERS_DASH '-' #define CHKUSER_RCPTMX_TMP_STRING "451 DNS temporary failure (#4.5.1 - chkuser)\r\n" #define CHKUSER_SENDERMX_TMP_STRING "451 DNS temporary failure (#4.5.1 - chkuser)\r\n" #define CHKUSER_MAILMAN_ST
[vchkpw] POP3 authentication - erratic vmysql auth problem - self solved
On a new linux mailserver I was having an erratic problem with mysql and pop3 authentication. Authentication works 90+% of the time. However, using The Bat! and Outlook clients, I randomly see the following authentication failure and the user must poll pop3 again - which then succeeds. -- this text from TheBat -- FETCH - Server reports error. The response is: vmysql: can't read settings from /home/vpopmail/etc/vpopmail.mysql -ERR aack, child crashed Here's /home/vpopmail/etc/vpopmail.mysql -rw-r- 1 vpopmail vchkpw 45 Oct 1 08:25 vpopmail.mysql I didn't think the pop3 daemon is crashing (i.e. bad mem limits in 'run' file). qmailctl stat: /service/qmail-send: up (pid 2568) 3791 seconds /service/qmail-send/log: up (pid 2570) 3791 seconds /service/qmail-smtpd: up (pid 2574) 3791 seconds /service/qmail-smtpd/log: up (pid 2569) 3791 seconds /service/qmail-pop3d: up (pid 2571) 3791 seconds /service/qmail-pop3d/log: up (pid 2576) 3791 seconds messages in queue: 0 messages in queue but not yet preprocessed: 0 SOLUTION: In spite of what the qmailctl stat told me, I found that increasing the pop3 'run' file memory limit from 800 to 1200 appears to suppress this issue. Any thoughts on "why" would be welcome. Otherwise, one for the archives... Thanks! Dave.
Re: [vchkpw] vbulletin exploit toolbox....
I pasted too quickly before getting vbulletin and vpopbull separated. My mistake list, apologies. Rick Macdougall wrote: Dave Richardson wrote: This message just rolled across the bugtraq mailing list... The message didn't indicate that the application owner had been contacted to do any mitigation.. FYI http://msgs.securepoint.com/cgi-bin/get/bugtraq0610/230.html What does this have to do with vpopmail ?? Rick
[vchkpw] vbulletin exploit toolbox....
This message just rolled across the bugtraq mailing list... The message didn't indicate that the application owner had been contacted to do any mitigation.. FYI http://msgs.securepoint.com/cgi-bin/get/bugtraq0610/230.html Dave.
Re: [vchkpw] Why is vadduser creating a hierarchy?
Sure, I've tried to get vconvert to work on the source server, but it's a really old version of vpopmail and the files for the users on an NFS mount in a non-standard folder. There are other issues with the source configuration, but in short, they have all 7000 users in one primary domain folder. I have written a script (you know that now) that is parsing this source folder, then parsing the /etc/shadow file, and creating a series of commands to directly call /home/vpopmail/vadduser with the required values (per user) for every user. So the problem is that I've got to solve the sync of the user Maildirs once we're ready to migrate completely. My sources are in a single domain folder, now my targets are in a single domain folder. Once I rsync the folder data, I'm essentially ready to go. My thinking was that I could "repair" the big-dirs issue after the fact by slowly moving users' Maildirs from the domain folder to a domain subfolder. The alternative solution would be to find a much smarter way to rysnc the data based upon where the big-dirs enabled target migration puts the users' maildirs. I suppose I could go down that road too, scripting for it, but I suspect the rsync activity would take considerably longer than the few hours it does now. We're moving almost 25G of email, albeit within a local LAN. Appreciate your consideration of options, opinions welcome! Ismail YENIGUL wrote: Dave, What is the problem with big-dirs while migrating the users? If you can tell us the reason of the disabling big-dirs, We can try to find out a solution without disabling big-dirs. I guess it is related with the script? Sunday, October 8, 2006, 11:29:56 PM, you wrote: OK, fair point. So let me ask this please. If I migrate with big-dirs DISABLED, then I recompile to enable big-dirs AND I move some accounts into subfolders "a", "b", "c", etc while making appropriate adjustments in vpopmail table, is that an appropriate way to control this risk? THANKS! Ismail YENIGUL wrote: Dave, Please note that creating 7000 sub directories in a single directory will effect your performance negatively. Friday, October 6, 2006, 11:50:26 PM, you wrote: Rick Macdougall wrote: Dave Richardson wrote: I'm using a script to add thousands of user accounts as part of a migration for a single domain. It's a perl script making repeated calls to /home/vpopmail/bin/vadduser -e "dsfgskjghaekjrgkr" [EMAIL PROTECTED] The scripting is working fine, I see the accounts correctly in MySQL's vpopmail table. However, I'm seeing vadduser create a hierarchy of folders after about the first 80-100 users are added. Using subfolders A-z,0-9. I only have about 7,000 users to manage and would rather NOT subtree (whatever the term is) this user hierarchy. What logic controls when vadduser decides to subtree the folders for a particular domain? Or, should I just let my script run out all the migrations, create the user/Maildirs wherever, and then start moving them to the root of the domain folder? That leaves some nasty work in SQL to clean up the home folder field! Hi, Configure vpopmail with --disable-users-big-dir. --disable-users-big-dirDisable hashing of user directories. Regards, Rick Thanks Rick and Jon!
Re: [vchkpw] Why is vadduser creating a hierarchy?
OK, fair point. So let me ask this please. If I migrate with big-dirs DISABLED, then I recompile to enable big-dirs AND I move some accounts into subfolders "a", "b", "c", etc while making appropriate adjustments in vpopmail table, is that an appropriate way to control this risk? THANKS! Ismail YENIGUL wrote: Dave, Please note that creating 7000 sub directories in a single directory will effect your performance negatively. Friday, October 6, 2006, 11:50:26 PM, you wrote: Rick Macdougall wrote: Dave Richardson wrote: I'm using a script to add thousands of user accounts as part of a migration for a single domain. It's a perl script making repeated calls to /home/vpopmail/bin/vadduser -e "dsfgskjghaekjrgkr" [EMAIL PROTECTED] The scripting is working fine, I see the accounts correctly in MySQL's vpopmail table. However, I'm seeing vadduser create a hierarchy of folders after about the first 80-100 users are added. Using subfolders A-z,0-9. I only have about 7,000 users to manage and would rather NOT subtree (whatever the term is) this user hierarchy. What logic controls when vadduser decides to subtree the folders for a particular domain? Or, should I just let my script run out all the migrations, create the user/Maildirs wherever, and then start moving them to the root of the domain folder? That leaves some nasty work in SQL to clean up the home folder field! Hi, Configure vpopmail with --disable-users-big-dir. --disable-users-big-dirDisable hashing of user directories. Regards, Rick Thanks Rick and Jon!
Re: [vchkpw] Why is vadduser creating a hierarchy?
Rick Macdougall wrote: Dave Richardson wrote: I'm using a script to add thousands of user accounts as part of a migration for a single domain. It's a perl script making repeated calls to /home/vpopmail/bin/vadduser -e "dsfgskjghaekjrgkr" [EMAIL PROTECTED] The scripting is working fine, I see the accounts correctly in MySQL's vpopmail table. However, I'm seeing vadduser create a hierarchy of folders after about the first 80-100 users are added. Using subfolders A-z,0-9. I only have about 7,000 users to manage and would rather NOT subtree (whatever the term is) this user hierarchy. What logic controls when vadduser decides to subtree the folders for a particular domain? Or, should I just let my script run out all the migrations, create the user/Maildirs wherever, and then start moving them to the root of the domain folder? That leaves some nasty work in SQL to clean up the home folder field! Hi, Configure vpopmail with --disable-users-big-dir. --disable-users-big-dirDisable hashing of user directories. Regards, Rick Thanks Rick and Jon!
Re: [vchkpw] Why is vadduser creating a hierarchy?
OK, I RTFM'd and found this from Ken... but CAN I TURN IT OFF? Is anyone out there? "Virtual domain user directory structure Vpopmail uses an adaptive directory structure based on a state file ".dir-control" which is automatically managed by the core vpopmail api functions "vadduser" and "vdeluser". For sites with 100 users or less, all user directories are stored in the virtual domain directory. For sites that go above 100 users the adaptive directory structure goes into effect. The basic idea is to break up the user Maildir directories across multple directories and sub directories so that there are never more than 100 user directories in a single directory. The default directory setup allows for 62 directories in 3 levels and 100 user directories per directory. The total number of user directories is equal to 100 + (62 * 100) + (62 * 62 * 100) + (62 * 62 * 62 * 100) = over 24 million directories. This should be more than sufficent for any site and probably goes beyond the technology of directory structures. If you are going to be storing large numbers of user directories, make sure you set your file system to have a higher than normal percentage of inodes. Vpopmail will automatically create these directories and sub directories as needed and populate each directory with up to 100 user accounts. As soon as a directory reaches 100 users it will create the next directory or sub directory and store the new users directory there. Look in the source code release directory contrib/ for a contributed directory reorganization program." Dave Richardson wrote: I'm using a script to add thousands of user accounts as part of a migration for a single domain. It's a perl script making repeated calls to /home/vpopmail/bin/vadduser -e "dsfgskjghaekjrgkr" [EMAIL PROTECTED] The scripting is working fine, I see the accounts correctly in MySQL's vpopmail table. However, I'm seeing vadduser create a hierarchy of folders after about the first 80-100 users are added. Using subfolders A-z,0-9. I only have about 7,000 users to manage and would rather NOT subtree (whatever the term is) this user hierarchy. What logic controls when vadduser decides to subtree the folders for a particular domain? Or, should I just let my script run out all the migrations, create the user/Maildirs wherever, and then start moving them to the root of the domain folder? That leaves some nasty work in SQL to clean up the home folder field!
[vchkpw] Why is vadduser creating a hierarchy?
I'm using a script to add thousands of user accounts as part of a migration for a single domain. It's a perl script making repeated calls to /home/vpopmail/bin/vadduser -e "dsfgskjghaekjrgkr" [EMAIL PROTECTED] The scripting is working fine, I see the accounts correctly in MySQL's vpopmail table. However, I'm seeing vadduser create a hierarchy of folders after about the first 80-100 users are added. Using subfolders A-z,0-9. I only have about 7,000 users to manage and would rather NOT subtree (whatever the term is) this user hierarchy. What logic controls when vadduser decides to subtree the folders for a particular domain? Or, should I just let my script run out all the migrations, create the user/Maildirs wherever, and then start moving them to the root of the domain folder? That leaves some nasty work in SQL to clean up the home folder field!
[vchkpw] What does vconvert assume about /etc/password source domains?
What does 'vconvert' assume about /etc/password source domains? Where does it expect the users' files? Can it work against NFS-stored Maildirs?
[vchkpw] What's the state of vconvert?
Can someone comment on the state of vconvert please? Available documentation is a bit sparse (sorry that's not supposed to hurt feelings) # ./vconvert -v version: 5.4.17 vconvert: usage The first option sets which format to convert FROM, the second option sets which format to convert TO. -e = etc format -c = cdb format -m = sql format -S = set sqwebmail passwords -v = version -d = debug info Q: Is there a "test" mode to see what vconvert thinks it would do? Q: What do I do if the migration is between servers, and from /etc/passwd to mysql/vpopmail? I don't think I can figure out how to convince it to straddle two servers to go straight to mysql on the source server. Do I need to output from source (/etc/passwd) to CDB, then move the CDB to target and migrate CDB to mysql? Q: What does -d really do? Q: Ken's documentation infers that individual domains can be selected under certain circumstances? Not for /etc/password or is it possible? Thanks! Dave.
Re: [vchkpw] Re: auth error help please - RESOLVED
Would it be notable that this server is a VMWare slice? Dave Richardson wrote: uname -a Linux example.com 2.6.9-22.ELsmp #1 SMP Mon Sep 19 18:32:14 EDT 2005 i686 i686 i386 GNU/Linux Robin Bowes wrote: Dave Richardson wrote: Hmmm. Strange. softlimit raised from 400 to 800 seems to fix it. However I'm running softlimit at 400 on a Fedora box without issue. I support RH EL4 has "bigger" libraries or more of them? The RHEL4 box is not 64-bit, by any chance is it? R.
Re: [vchkpw] Re: auth error help please - RESOLVED
uname -a Linux example.com 2.6.9-22.ELsmp #1 SMP Mon Sep 19 18:32:14 EDT 2005 i686 i686 i386 GNU/Linux Robin Bowes wrote: Dave Richardson wrote: Hmmm. Strange. softlimit raised from 400 to 800 seems to fix it. However I'm running softlimit at 400 on a Fedora box without issue. I support RH EL4 has "bigger" libraries or more of them? The RHEL4 box is not 64-bit, by any chance is it? R.
Re: [vchkpw] auth error help please - RESOLVED
Hmmm. Strange. softlimit raised from 400 to 800 seems to fix it. However I'm running softlimit at 400 on a Fedora box without issue. I support RH EL4 has "bigger" libraries or more of them? Sorry to trouble the list. Dave Richardson wrote: I'm installing a new system, my first auth test against pop3 says this: Escape character is '^]'. +OK <[EMAIL PROTECTED]> user [EMAIL PROTECTED] +OK pass Pa$$w0rd /home/vpopmail/bin/vchkpw: error while loading shared libraries: libcrypto.so.4: failed to map segment from shared object: Cannot allocate memory -ERR authorization failed Connection closed by foreign host. Distro is RH EL4. No compile errors that I noted during build from source for netqmail, vpopmail, courier-imap, courier-authlib. Am using MySQL backend. my vpopmail config was: ./configure \ --enable-roaming-users \ --enable-logging=p \ --disable-passwd \ --enable-clear-passwd \ --disable-domain-quotas \ --enable-auth-module=mysql \ --enable-auth-logging \ --enable-sql-logging \ --enable-valias \ --disable-mysql-limits \ --enable-tcprules-prog=/usr/local/bin/tcprules \ --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --enable-relay-clear-minutes=180 courier-authlib 0.58 config was: ./configure \ --prefix=/usr/local/courier-authlib \ --without-authpam \ --without-authldap \ --without-authpwd \ --without-authmysql \ --without-authpgsql \ --without-authshadow \ --without-authuserdb \ --without-authcustom \ --without-authcram \ --without-authpipe \ --with-authdaemon \ --with-redhat \ --with-authvchkpw courier-imap 4.1.1 config was: COURIERAUTHCONFIG=/usr/local/courier-authlib/bin/courierauthconfig \ CPPFLAGS=-I/usr/local/courier-authlib/include \ ./configure \ --prefix=/usr/local/courier-imap \ --disable-root-check \ --with-redhat
[vchkpw] auth error help please
I'm installing a new system, my first auth test against pop3 says this: Escape character is '^]'. +OK <[EMAIL PROTECTED]> user [EMAIL PROTECTED] +OK pass Pa$$w0rd /home/vpopmail/bin/vchkpw: error while loading shared libraries: libcrypto.so.4: failed to map segment from shared object: Cannot allocate memory -ERR authorization failed Connection closed by foreign host. Distro is RH EL4. No compile errors that I noted during build from source for netqmail, vpopmail, courier-imap, courier-authlib. Am using MySQL backend. my vpopmail config was: ./configure \ --enable-roaming-users \ --enable-logging=p \ --disable-passwd \ --enable-clear-passwd \ --disable-domain-quotas \ --enable-auth-module=mysql \ --enable-auth-logging \ --enable-sql-logging \ --enable-valias \ --disable-mysql-limits \ --enable-tcprules-prog=/usr/local/bin/tcprules \ --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \ --enable-relay-clear-minutes=180 courier-authlib 0.58 config was: ./configure \ --prefix=/usr/local/courier-authlib \ --without-authpam \ --without-authldap \ --without-authpwd \ --without-authmysql \ --without-authpgsql \ --without-authshadow \ --without-authuserdb \ --without-authcustom \ --without-authcram \ --without-authpipe \ --with-authdaemon \ --with-redhat \ --with-authvchkpw courier-imap 4.1.1 config was: COURIERAUTHCONFIG=/usr/local/courier-authlib/bin/courierauthconfig \ CPPFLAGS=-I/usr/local/courier-authlib/include \ ./configure \ --prefix=/usr/local/courier-imap \ --disable-root-check \ --with-redhat
Re: [vchkpw] Email addresses with spaces
Charles, you are not out of your mind. :-) Charles Butcher wrote: There was a discussion on the qpsmtpd list recently that touched on this. It seems spaces are legit, but note that if one is to be compliant with the RFC then addresses must be rejected if they don't contain angle brackets. Qmail doesn't enforce this, but there are patches for it. https://rt.perl.org/rt3/Ticket/Display.html?id=38747 IMHO anyone expecting to use email addresses containing spaces is out of their mind, and asking for trouble, but that's just me, not the RFC :-) C. On 26/09/2006, at 15:20, Tom Collins wrote: There's a tracker item on SourceForge[1] about vdelivermail not accepting email addresses with spaces in the local part (something like "a b [EMAIL PROTECTED]"). The problem is that qmail-smtpd accepts them as valid, but vdelivermail does not. Anyone want to weigh in with an opinion before I make some change we'll regret? I doubt anyone is using spaces, but a quick web search seems to imply (discussion of RFC2822) that they're legal (along with a lot of other crap). [1] https://sourceforge.net/tracker/?func=detail&atid=577798&aid=1565423&group_id=85937 -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] vpopmail problem
Hi all
Some help please
We are running a mail server at one of our clients and have picked up
the following error when using squirrel mail.
Sep 3 10:44:41 mail imapd: LOGIN FAILED, [EMAIL PROTECTED],
ip=[127.0.0.1]
Sep 3 10:44:41 mail authdaemond: vmysql: sql error[3]: MySQL server has
gone away
Sep 3 10:44:46 mail imapd: LOGOUT, ip=[127.0.0.1], rcvd=52, sent=332
we are running the following
apache+mod_ssl-1.3.34+2.8.25_3
courier-authlib-base-0.58_2
courier-authlib-vchkpw-0.58_2
courier-imap-4.1.0,1 IMAP
qmail
freebsd 6.1
Thanks
--
DAVE JOHNSON
INSPIRED INTERNET & WEB SOLUTIONS
+27 21 556 4868 Main
+27 21 557 5292 Fax
+27 83 303 9254 Cell
[EMAIL PROTECTED]
Important Notice:
Important restrictions, qualifications and disclaimers("the Disclaimer")
apply to this email. To read this click on the following address:
http://www.wsnet.co.za/disclaimer
The Disclaimer forms part of the content of this email in terms of
section 11 of the Electronic Communications and Transactions Act, 25 of
2002. If you are unable to access the Disclaimer, send a blank e-mail to
[EMAIL PROTECTED] and we will send you a copy of the Disclaimer.
Re: [vchkpw] Closed
My same file ends 127.0.0.1:allow,RELAYCLIENT="" :allow Doug Appleton wrote: Hello there.. Well here is the contents of my tcp.smtp file located under /home/etc/vpopmail 127.:allow,RELAYCLIENT="" Any more thoughts? Doug -Original Message- From: Harm van Tilborg [mailto:[EMAIL PROTECTED]] Sent: Monday, August 28, 2006 10:51 AM To: vchkpw@inter7.com Subject: Re: [vchkpw] Closed Hi Doug, Maybe a stupid question, but are you connecting at port 25? It is also possible that you have disabled access from localhost by some tcprules file? Kind regards, Harm van Tilborg Doug Appleton wrote: Hello .. This is what I am receiving.. SMTPD is running but still no luck.. Trying 127.0.0.1 Connected to localhost.localdomain Escape character is '^]'. Connection by foreign host Any help would be greatly appreciated .. Doug
[vchkpw] VMware for vpopmail kit?
I have a customer who is inclined to consolidate their 5-10K users from a couple of qmail servers onto a "high power" VMWare server. I understand VMWare conceptually, and have seen some minor conflicts noted in general email threads for other products. However, I haven't worked directly with VMWare, so some of this concern/interest is academic. Anyhow, I'm concerned that kernel modifications, low-level disk behaviors, loadable modules, or "tweaked" native libraries under VMWare might create unintended hurdles to such a setup being successful. Anyone have any experience or advice for such a scenario? Thanks, Dave.
Re: [vchkpw] QMail Forward
Sorry /var/qmail/control/smtproutes look it up, it's well documented my friend Austin Jorden wrote: /var/control/smtproutes or /var/qmail/control/smtproutes ??? Austin On Thu, August 17, 2006 8:48 am, Dave Richardson wrote: /var/control/smtproutes may not exist, so create it. Austin Jorden wrote: I need all outgoing traffic from my Qmail Server to go towards another device, where can I change these settings at under the Qmail server to make it do this? - Austin Jorden
Re: [vchkpw] QMail Forward
/var/control/smtproutes may not exist, so create it. Austin Jorden wrote: I need all outgoing traffic from my Qmail Server to go towards another device, where can I change these settings at under the Qmail server to make it do this? - Austin Jorden
Re: [vchkpw] Chkuser - on relay server
John Simpson recently posted his patch that parallels conceptual functionality from CHKUSER but separates depedencies as I read it. Might be a fit, haven't tried it... http://qmail.jms1.net/patches/validrcptto.cdb.shtm Szeki - Inc wrote: I have a relay server, and have a backend with vpopmail, another with sendmail (old install), and some other (inlcuding winfs szerver too). I want to use chkuser to check the recipient from a combined list, or cdb, or sql storage, to allow only valid recipients to the backend servers. (so they can't use catch-all, or it can be configureble like [EMAIL PROTECTED]) I can make a big list, from all the users I have on the backends, and I want chkuser to check the recipient aginst this list. It is possible ? There is a program, witch can handle this(RECIPIENTS extension), but it is hard to integrate for me with qmail. (If someone can integrate it, or modify it to fit in shupp's toaster, so after patching qmail with it, I can patch this on top of it, than I will be more than happy :) Possible problems: alias extensins Peter
Re: [vchkpw] weird, disturbing error
Paul Theodoropoulos wrote: i wrote to the list about a month ago - i'm migrating our entire company to new servers in a new location. i've tackled the data migration with no problems - rsync is your friend - but i've run up on a weird problem while testing the new server (which has all the mysql db's and everything else in place - the new server is identical to the old one, so all binaries were copied over). i performed a pop3 connection on the command line from a remote server to the new server to ensure authentication was working. i tried my own login - worked fine. however, i then tried a random customer's login - and it crashed. my account and the customer's account are identical in all other respects. but when i entered the password: pass theirpass -ERR aack, child crashed urk. so, on a hunch, on the new server i ran 'vpasswd theirpass' - exact same password. and after doing that, it worked fine. what am i missing here? is there some sort of 'salt' to the passwords that needs to be reset now that they're on a new server? if so, i'm in for some ugliness if every password has to be reset by hand. i tried trussing (this is solaris) the process, but couldn't see what specifically was causing the problem. Paul Theodoropoulos http://www.anastrophe.com I ran into the a year or two ago during a move. I attributed it to moving from Solaris to FreeBSD. I simply had my move script use the clear text password from MySQL to make new passwords for every user as part of the data move. You could write a script on the new box to query the old SQL, fetch the cleartext pass, and run vpasswd on the result. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Qmailrocks version qmail 1.03 with chkuser 2.0
Keep in mind that netqmail and qmailrocks are MODIFIED source code distributions from the REAL qmail code. I believe Tonino (Tonix) derives his patches for 'chkuser' against qmail unmodified. As a result, you need to do some smart hunting. I have been successful at manually patching net-qmail 1.05 (?) with chkuser 2.0b (?) manually. It's about 20 minutes of effort since about half the patches apply correctly. Maybe someone has integrated chkuser patch into one of the re-rolled source kits? Adriano Frare wrote: Dear Friends. How I install path chkuser 2.0 with qmailrocks ? I patched but show some errors, BEGIN = [EMAIL PROTECTED] qmail-1.03]# patch < /downloads/chkuser-2.0.8b-release/ CHKUSER.automatic_patching chkuser.c CHKUSER.changelog CHKUSER.copyright chkuser.h CHKUSER.log_format CHKUSER.manual_patching CHKUSER.readme CHKUSER.running chkuser_settings.h netqmail-1.05_auth-0.4.2_chkuser-2.0.8.patch netqmail-1.05_chkuser-2.0.8.patch netqmail-1.05_toaster-0.6-1_chkuser-2.0.8b.patch [EMAIL PROTECTED] qmail-1.03]# patch < /downloads/chkuser-2.0.8b-release/netqmail-1.05_chkuser-2.0.8.patch patching file Makefile Hunk #2 succeeded at 316 (offset 12 lines). Hunk #3 FAILED at 1556. 1 out of 3 hunks FAILED -- saving rejects to file Makefile.rej patching file TARGETS Hunk #1 succeeded at 396 (offset 11 lines). patching file chkuser.c patching file chkuser.h patching file chkuser_settings.h patching file conf-cc Hunk #1 FAILED at 1. 1 out of 1 hunk FAILED -- saving rejects to file conf-cc.rej patching file qmail-smtpd.c Hunk #2 FAILED at 34. Hunk #3 succeeded at 419 with fuzz 2 (offset 165 lines). Hunk #4 FAILED at 433. Hunk #5 FAILED at 444. 3 out of 5 hunks FAILED -- saving rejects to file qmail-smtpd.c.rej [EMAIL PROTECTED] qmail-1.03]# pwd /usr/src/qmail/qmail-1.03 === END Thanks for help. Adriano
Re: [vchkpw] vpopmaild patch
VeNoMouS wrote: Let me be the first to say WTF? Is it just me or is this English so bad it makes no sense to you either? -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Dmitriy MiksIr Sent: Saturday, 10 June 2006 4:08 a.m. To: vchkpw@inter7.com Subject: [vchkpw] vpopmaild patch Hi! VpopmailD - is very useful for many function. May be in future mail will be delivered via this daemon too =)) I write check_user patch for vpopmaild (as source of ideas was used chkuser of Antonio Nati). Also i rewrite a little access levels systems, for centralized access control... and help command for show only available for current access level commands. This batch seems work, but not tested very careful - any suggestions will be welcome. After weekends i will try to add command for check quotas. In his defense, his English is better than my Russian. Thinking about that, his English is better than many journalists. I have read articles more than twice and still not been able to understand what was intended. ;^) DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible.
Re: [vchkpw] Blocking Fake Froms?
Why aren't you kicking those users off of your system? They must clearly be in violation of a policy of your system? Why make software fix an enforcement problem that you are clearly responsible for? Sorry to be honest about it, but if you know who the problem users are, remove them. Vpopmail/qmail shouldn't be used, in my opinion, to police this situation. Dave. Mustafa S,ims,ek wrote: Hi, i use FreeBSD 6.0, Qmail and Vpopmail. my server has smtp auth and pop before smtp. some users do spam on my server. i use spamguard for this people block. it is very good but spammers foxy. They use fake from name and spamguard block wrong address. For example : [EMAIL PROTECTED] is a real user and has smtp auth. He wrote from name [EMAIL PROTECTED] and spamguard block [EMAIL PROTECTED] so [EMAIL PROTECTED] has smtp auth already. i have some question about this situation 1. is it possible configure qmail blocking from names? Only @myserver.com could send e-mails? 2. this spammer use fake ip addresses so i can't detect real user. is it possible to detect real user from logs?
