Re: [vchkpw] vpopmail/qmail doublebounce issue
Tom Harrison wrote: At 9/7/2004 10:40 AM, you wrote: On Tuesday 07 September 2004 12:37 pm, Tom Harrison wrote: > > > I noticed after removing Comcast as the relay that the queue began > > > filling with doublebounces, addressed to "[EMAIL PROTECTED]", and > > > the log indicated tons of entries like this: > > > > > > [...] to remote [EMAIL PROTECTED] > > > > > > [...] vpopmail knows that ts5.com is a local domain [...] > > > >put mail.ts5.com into locals, or alias it to your ts5.com virtualdomain. > > OK. I put "mail.ts5.com" into locals. Should all the local domains be > there? I note that the vpopmail instructions say that vadddomain will > modify locals, but on our system locals remained empty. New result of > qmail-showctl is below. man qmail-send. understand the roles of the locals and virtualdomains files. I had read it, and now have read it again. Your first advice (above) told me to violate those instructions, which I did. I have undone that change and added what I think should be the correct definitions for doublebounce (see qmail-showctl result below) In short, if the domain is handled by vpopmail, you don't want it in locals. OK, agreed. Just curious, why did you suggest it the first time? Please forgive me if I somehow unconsciously misled you in my first posting, though I thought I disclosed everything needed So, the problem persists, though it has changed slightly, which I think means that the virtualdomains entry "mail.ts5.com:ts5.com" is at least directing the mail to the local processing. Error messages now are of the form: @4000413e45e20f52c484 new msg 3794192 @4000413e45e20f52dbf4 info msg 3794192: bytes 3104 from <[EMAIL PROTECTED]> qp 24395 uid507 @4000413e45e210eeb58c starting delivery 1277: msg 3794192 to local [EMAIL PROTECTED] @4000413e45e210eed0e4 status: local 1/10 remote 3/20 @4000413e45e2116de80c delivery 1277: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/ts5.com/other/Maildir//did_0+0+1/ @4000413e45e2116e074c status: local 0/10 remote 3/20 @4000413e45e2116e0b34 end msg 3794192 "postmaster" does indeed exist as a user folder in the domain ts5.com, of course. What am I missing? Tom Harrison * qmail-showctl results * [EMAIL PROTECTED] bin]# ./qmail-showctl qmail home directory: /var/qmail. user-ext delimiter: -. paternalism (in decimal): 2. silent concurrency limit: 120. subdirectory split: 23. user ids: 501, 502, 503, 0, 504, 505, 506, 507. group ids: 501, 502. badmailfrom: (Default.) Any MAIL FROM is allowed. bouncefrom: (Default.) Bounce user name is MAILER-DAEMON. bouncehost: (Default.) Bounce host name is mail.ts5.com. concurrencylocal: (Default.) Local concurrency is 10. concurrencyremote: (Default.) Remote concurrency is 20. databytes: (Default.) SMTP DATA limit is 0 bytes. defaultdomain: Default domain name is mail.ts5.com. defaulthost: (Default.) Default host name is mail.ts5.com. doublebouncehost: (Default.) 2B recipient host: mail.ts5.com. doublebounceto: 2B recipient user: postmaster. envnoathost: (Default.) Presumed domain name is mail.ts5.com. helohost: (Default.) SMTP client HELO host name is mail.ts5.com. idhost: (Default.) Message-ID host name is mail.ts5.com. localiphost: (Default.) Local IP address becomes mail.ts5.com. locals: me: My name is mail.ts5.com. percenthack: (Default.) The percent hack is not allowed. plusdomain: Plus domain name is mail.ts5.com. qmqpservers: (Default.) No QMQP servers. queuelifetime: Message lifetime in the queue is 86400 seconds. rcpthosts: SMTP clients may send messages to recipients at ts5.com. SMTP clients may send messages to recipients at ts4.com. SMTP clients may send messages to recipients at christy9.com. morercpthosts: (Default.) No effect. morercpthosts.cdb: (Default.) No effect. smtpgreeting: (Default.) SMTP greeting: 220 mail.ts5.com. smtproutes: SMTP route: aol.com:SMTP.*.Net timeoutconnect: (Default.) SMTP client connection timeout is 60 seconds. timeoutremote: (Default.) SMTP client data timeout is 1200 seconds. timeoutsmtpd: (Default.) SMTP server data timeout is 1200 seconds. virtualdomains: Virtual domain: ts5.com:ts5.com Virtual domain: ts4.com:ts4.com Virtual domain: christy9.com:christy9.com Virtual domain: mail.ts5.com:ts5.com defaultdelivery: I have no idea what this file does. concurrencyincoming: I have no idea what this file does. rcpthosts.lock: I have no idea what this file does. virtualdomains.lock: I have no idea what this file does. locals.lock: I have no idea what this file does. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail Based on "Virtual domain: mail.ts5.com:ts5.com " it would appear that you created an alias for [EMAIL PROTECTED] to go to t5.com? Curious that mail.t5.com does not show up in your RCPTHOST
RE: [vchkpw] allowing users to change their own passwords
-Original Message- From: Jim Clark [mailto:[EMAIL PROTECTED] Sent: Saturday, September 04, 2004 5:14 PM To: [EMAIL PROTECTED] Subject: [vchkpw] allowing users to change their own passwords Hello, I'm new to this list so I apologize in advance for asking what will likely be a common question. I manage a new virtual web site and email service for our church, and our web hosting company uses qmail and vpopmail for virtual mail administration. I'm looking for a way to allow the people I have created mailboxes for to change their own passwords, set up forwarding and vacation messages without asking me to do it for them. I would like to do this with a browser interface, and I expect to write one myself. I have figured out how to manipulate the correct ../auth files with a new MD5 password, but I can't sort out how to authenticate the user against that MD5 file in the first place before we change it. If anyone has either an idea on how I can do my own authentication, or if there is a package I can install to simplify my life for ens user password maintenance, I'm all ears. Thanks in advance... Jim *** Jim, I'm not sure if this is an option for you but have you looked at qmailadmin? It can be found at: http://sourceforge.net/projects/qmailadmin/ and plugs right into vpopomail. It would accomplish everything you listed above and is brand-able for your church to boot. Check it out. Thank you, Jake Seitz - Founder Agatestreet.com - Cleaning Inbox's one domain at a time! http://www.agatestreet.com d 1.866.850.1608 f 1.858.964.6461
RE: [vchkpw] oracle database backend
Jeremy, We are doing a proof of concept on Oracle right now. I can send along my notes as we move forward if you'd like. To be honest though I think we will end up standardizing on LDAP for read type calls and mySQL for writes/updates purely for price vs. performance reasons. The idea being that LDAP is (based on implementation of course) much faster for reads then writes and much, much cheaper then Oracle. Keep in mind I'm not dismissing Oracle by any means, it's just a much harder sell. BTW, how's Cathy doing? Thank you, Jake Seitz Agatestreet.com http://www.agatestreet.com d 1.866.850.1608 f 1.858.964.6461 -Original Message- From: Jeremy Kitchen [mailto:[EMAIL PROTECTED] Sent: Thursday, July 01, 2004 4:05 PM To: [EMAIL PROTECTED] Subject: [vchkpw] oracle database backend I'm just curious... is anyone using the oracle backend for vpopmail? and if so, is it pretty solid? Thanks :) -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
RE: [vchkpw] Eureka! Finished POP3-Frequency-Patch (against brute forcing)
Anders Brander said: > Hi, > > On Thu, 2004-02-12 at 02:15, Jake S wrote: >> Also, perhaps instead of "you have to wait xx minutes" maybe you can >> just >> list 0 messages. > > The idea of listing 0 messages (as new) could lead to some support > nightmares. A customer consequently using the wrong password, and there > is no sign that anything is wrong - or worse, some third malicious part > causing this. > > /Anders > > > Anders. I'm not seeing your logic if a user has made it to checking their inbox then the credentials would have already been checked via vchkpw, correct or not and the appropriate errors would be listed. Also, with a timeout error code your bound to get support calls asking if you can bend the rules for that user because they have a "very" important message (usually larger penis ads) verses you simply say no new messages and no one knows the difference. Just some thoughts Either way I'd like to see that patch! Thank you, Jake S
RE: [vchkpw] Heureka! Finished POP3-Frequency-Patch (against bruteforcing)
-Original Message- From: knom [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 11, 2004 4:21 PM To: [EMAIL PROTECTED] Subject: [vchkpw] Heureka! Finished POP3-Frequency-Patch (against bruteforcing) Hi! I finished the Patch forqmail-pop3d which doesn't allow more then xx logins every yy seconds. (As some of you may know from GMX.net) If you log in more often then eg. 10 times in 5 minutes you get an error message which says, that you have to wait xx minutes until relogin. Thats quite good against pop3 bruteforcing, I think ! If anybody is interested in how including this feature, please write me ! Thanks, knom. Are you throttling connections by IP address or by username/passwords? Also, perhaps instead of "you have to wait xx minutes" maybe you can just list 0 messages. Jake
RE: [vchkpw] pop3 login frequency patch
From: knom [mailto:[EMAIL PROTECTED] Sent: Saturday, February 07, 2004 4:44 PM To: [EMAIL PROTECTED] Subject: [vchkpw] pop3 login frequency patch Hi ! Is there any patch for blocking too frequent pop3-logins (bruteforce attacks) ?? If not, is anyone interested in some ? I'm doing this right at the moment ! knom19. I for sure am, Jake
RE: [vchkpw] spamassassin patch ready ahead of schedule
-Original Message- From: Rob Nelson [mailto:[EMAIL PROTECTED] Sent: Friday, January 30, 2004 12:11 PM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] spamassassin patch ready ahead of schedule I for one am interested in looking at this. Is there a URL available to download the plugin? Charles Sprickman wrote: >Sorry to be replying late... > >But, if anyone is interested, we have a squirrelmail plugin and a small >C program to handle turning spam-filtering on/off and also for setting >vacations and forwards from within SquirrelMail. It does not require >running your webserver as the vpopmail user. Combined with the "sasql" >plugin, it gives users the ability to set many vpopmail options without >having to ever look at qmailadmin. > >Let me know if anyone has interest in this. The only thing I ask is >that if you find it useful, that you contribute any cleanup back to me. > >Thanks, > >Charles > > I am interested as well! Jake S
Re: [vchkpw] Mailer Daemons
martin said: > > > Greetings - > > Recently I am getting a few emails that get returned saying > > Connected to 207.155.248.45 but sender was rejected. > Remote host said: 550 Invalid domain terabytellc.com > > > or...that a host that is being sent the email to can not be found by our > email server.could this be a reverse DNS issue? > > thanks, > Marty > > terabytellc.com points to a 64.186 address. Not sure where your picking up 207.155.248.45 from? mail.terabytellc.cominternet address = 64.186.34.68 Jake
