[vchkpw] vpopmail in inconsistent state
I just migrated my qmail + vpopmail-5.4.10 + qmailadmin-1.2.8 server, and had a hard drive fail shortly after the migration was complete, and the recovery process ended up trashing the vpopmail state in ways I'm unable to diagnose. I am running FreeBSD 7.0, and am using SMTP-after-POP and the cdb-style database. Here are the symptoms: * I can not add users, either via qmailadmin or vadduser. Vadduser reports: Failed while attempting to add user to auth backend Error: no auth connection * I noticed the owner of open-smtp was root. I think this was not the case on my old server. If I change it manually to vpopmail it changes back to root when the next POP occurs. I don't know whether this indicates any actual problem, since the smtprules and SMTP-after-POP seems to be working ok, but I thought I'd mention it. Thanks in advance for any thoughts about this. -Kurt Bigler !DSPAM:495e971c32679176710914!
[vchkpw] way to deliver to Maildir bypassing .qmail files?
Hi, I'm in a time-sensitive bind in which I need to set something up quickly for a user in my existing qmail+vpopmail+qmailadmin system (which has a little procmail sprinkled in). The goal is to create a new forward or forwarding account that forwards to this user's existing account but bypasses the .qmail file associated with that account (which invokes spam filtering). In short I want to deliver to the Maildir but skip the .qmail instructions. If I'm not mistaken the mechanisms I can think of within vpopmail do NOT do this. This is a solution to a problem that this user is in a critical health-related process that requires that she reliably receive critical email (from people who have the new address). The other requirement is not to have to alter this person's email settings in a way that would require adding another account to her Apple Mail scenario. The user has visual problems and limited capacity to deal with things like an extra folder appearing in her Apple Mail interface. The only thing I could think of is that maybe a very short procmail command file might name a Maildir which gets delivered to directly without reference to the .qmail file which would cause the spam filter (sorely needed for the existing address) to be invoked. But if there were a more straighforward way to do this directly in qmail+vpopmail I'd like to know about it. I am currently using vpopmail 5.4.10 (and qmailadmin 1.2.8), and right now is not the time to upgrade (please). Thanks for any thoughts. -Kurt !DSPAM:4d74696232714823518965!
Re: [vchkpw] way to deliver to Maildir bypassing .qmail files?
That's what I checked out first. It does not really go directly to the Maildir when an "&" line is used, whether that is in a .qmail-address file under the domain directory or in the .qmail file in the user directory. You might have meant to use a "/" line which is what Rick suggested and I'm trying that with no luck so far. -Kurt On 3/6/11 9:29 PM, "Tren Blackburn" wrote: > You can deliver directly to the Maildir via a forward. Details are in the man > pages. > > HTH, > > Tren > > - Original Message - > From: Kurt Bigler [mailto:k...@breathsense.com] > Sent: Sunday, March 06, 2011 09:13 PM > To: vchkpw@inter7.com > Subject: [vchkpw] way to deliver to Maildir bypassing .qmail files? > > Hi, > > I'm in a time-sensitive bind in which I need to set something up quickly for > a user in my existing qmail+vpopmail+qmailadmin system (which has a little > procmail sprinkled in). > > The goal is to create a new forward or forwarding account that forwards to > this user's existing account but bypasses the .qmail file associated with > that account (which invokes spam filtering). In short I want to deliver to > the Maildir but skip the .qmail instructions. If I'm not mistaken the > mechanisms I can think of within vpopmail do NOT do this. > > This is a solution to a problem that this user is in a critical > health-related process that requires that she reliably receive critical > email (from people who have the new address). The other requirement is not > to have to alter this person's email settings in a way that would require > adding another account to her Apple Mail scenario. The user has visual > problems and limited capacity to deal with things like an extra folder > appearing in her Apple Mail interface. > > The only thing I could think of is that maybe a very short procmail command > file might name a Maildir which gets delivered to directly without reference > to the .qmail file which would cause the spam filter (sorely needed for the > existing address) to be invoked. > > But if there were a more straighforward way to do this directly in > qmail+vpopmail I'd like to know about it. > > I am currently using vpopmail 5.4.10 (and qmailadmin 1.2.8), and right now > is not the time to upgrade (please). > > Thanks for any thoughts. > > -Kurt > > > > > > > > > > !DSPAM:4d747c7332712961132975!
Re: [vchkpw] way to deliver to Maildir bypassing .qmail files?
Rick et al, On 3/6/11 9:30 PM, "Rick Widmer" wrote: > On 3/6/2011 10:13 PM, Kurt Bigler wrote: >> Hi, >> >> I'm in a time-sensitive bind in which I need to set something up quickly for >> a user in my existing qmail+vpopmail+qmailadmin system (which has a little >> procmail sprinkled in). >> >> The goal is to create a new forward or forwarding account that forwards to >> this user's existing account but bypasses the .qmail file associated with >> that account (which invokes spam filtering). In short I want to deliver to >> the Maildir but skip the .qmail instructions. If I'm not mistaken the >> mechanisms I can think of within vpopmail do NOT do this. > > Don't create an account for the new address, instead create a > .qmail-new-address file in the domain directory. In that .qmail file > add the following: > > /full/path/to/old/Maildir/ > > I don't believe it is possible with qmailadmin anymore, but you should > be able to set it up by hand. It will probably show up in qmailadmin > once you create the forward, but DO NOT edit it with qmailadmin. > > Rick Yes, thanks, I just tried that, having carefully checked the full path name, incoming emails are being discarded. The log shows qmail-queue accepting delivery but nothing comes through. Permissions look ok, unless qmail is being fussy about the owner. I do have one symlink involved in my setup (which has caused no other problems): vps# ll -ld /var/vpopmail/domains lrwxr-xr-x 1 root vchkpw 12 Feb 13 2009 /var/vpopmail/domains -> /old/domains and I wonder whether the root owner of the symlink should instead be vpopmail, but don't dare to change it casually since the mail system is live and working. The rest of the items in the pathname are all: drwx-- vpopmail vchkpw And I also tried spelling the full pathname using /old/domains directly instead of going through the symlink /var/vpopmail/domains. Next I'm trying to see if I can use a relative path (using . instad of /) in the qmail-* file. Thanks for the help so far. -Kurt !DSPAM:4d747e6032715437842646!
Re: [vchkpw] way to deliver to Maildir bypassing .qmail files?
It is working now. I had omitted the / at the end of the pathname used to distinguish a Maildir line from an mbox line. Incidentally the Maildir line works equally well in the .qmail-* file in the domain directory and in the .qmail file in the account directory. Thanks for the help, and sorry for taking extra bandwidth due to my typo. -Kurt On 3/6/11 10:42 PM, "Kurt Bigler" wrote: > Rick et al, > > On 3/6/11 9:30 PM, "Rick Widmer" wrote: > >> On 3/6/2011 10:13 PM, Kurt Bigler wrote: >>> Hi, >>> >>> I'm in a time-sensitive bind in which I need to set something up quickly for >>> a user in my existing qmail+vpopmail+qmailadmin system (which has a little >>> procmail sprinkled in). >>> >>> The goal is to create a new forward or forwarding account that forwards to >>> this user's existing account but bypasses the .qmail file associated with >>> that account (which invokes spam filtering). In short I want to deliver to >>> the Maildir but skip the .qmail instructions. If I'm not mistaken the >>> mechanisms I can think of within vpopmail do NOT do this. >> >> Don't create an account for the new address, instead create a >> .qmail-new-address file in the domain directory. In that .qmail file >> add the following: >> >> /full/path/to/old/Maildir/ >> >> I don't believe it is possible with qmailadmin anymore, but you should >> be able to set it up by hand. It will probably show up in qmailadmin >> once you create the forward, but DO NOT edit it with qmailadmin. >> >> Rick > > Yes, thanks, I just tried that, having carefully checked the full path name, > incoming emails are being discarded. The log shows qmail-queue accepting > delivery but nothing comes through. > > Permissions look ok, unless qmail is being fussy about the owner. I do have > one symlink involved in my setup (which has caused no other problems): > > vps# ll -ld /var/vpopmail/domains > lrwxr-xr-x 1 root vchkpw 12 Feb 13 2009 /var/vpopmail/domains -> > /old/domains > > and I wonder whether the root owner of the symlink should instead be > vpopmail, but don't dare to change it casually since the mail system is live > and working. > > The rest of the items in the pathname are all: > > drwx-- vpopmail vchkpw > > And I also tried spelling the full pathname using /old/domains directly > instead of going through the symlink /var/vpopmail/domains. > > Next I'm trying to see if I can use a relative path (using . instad of /) in > the qmail-* file. > > Thanks for the help so far. > > -Kurt > > > > > > > > > > !DSPAM:4d74884e32711005111589!
[vchkpw] [SPAM] qmail+vpopmail upgrade questions
I run a small server currently with qmail-1.03 + qmailadmin 1.2.8 + vpopmail 5.4.10 qmail-1.03 has the chkuser patch applied (not a recent version). Although it did not help my problem I also just applied Christopher K. Davis qmail patch (to qmail-smtpd only) because I hoped it would resolve a "CNAME lookup failed temporarily" problem. In any case I am thinking that I should probably upgrade thinking it might solve problems I haven't even run into yet, and perhaps apply more patches to qmail, and I wonder if anyone has any opinions about packaged combinations of qmail+vpopmail with good sets of patches for use on a small server that is currently FreeBSD that I would like to move to MacOSX in several months. I see there is now a "toaster" that includes vpopmail, which if memory serves did not exist several years ago. I'd like to get SMTP auth in the process. So in short I'd like to upgrade to achieve better reliability and security, and facilitate support. I also have a custom patch to vdelivermail that I'd like to preserve, so I'm not looking for anything based on binaries. The above is currently running on FreeBSD (that is 3 years old or so) and I'm hoping to move it to Mac server (although not using their included email), and hope to have a solution that will not make such a transition more difficult. I'd also like to keep existing mail flow with all users and their qmailadmin settings, etc., so hopefully just a recompile that will preserve existing functionality, something I can test live in the wee hours expecting no major issues. Thanks in advance for any thoughts. -Kurt !DSPAM:501b1fab34211181221211!
[vchkpw] [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
Geez, people are always so opinionatedly curious. Does it every occur to anyone that some people are different than other people, and that that, as well as technical issues can actually influence choices? I don't pretend to be purely rational. Have you all tried using OSX for a server? Or do you just "know" thing about it? I'm not "bent" on it, but I'd like to try it, and believe I can afford to, since I have various outs if it doesn't work. There are some "because" things that I can list here, but my point might be better made if you considered these secondary to the desire to try things. My "reasons" for Mac: * After the UNIVAC 1108, the IBM 360, the PDP-11, and the Apple II, the Mac was my next computer, and is what I've used ever since except to run my server, or when I am forced to use Windows because in fact I have to develop for it. * I think Windows sucks bad, and I like UNIX only without a UI. I'm very good in vi. But for running my server this time I'd like to try a UI for a for vanilla file management and such, and I don't think I want it to be either Gnome or KDE, because I've never liked them enough to try to learn them. I won't mention X-Windows. Apple Remote Desktop has some problems but they seem not bad for a server without its own display, and I can always use a different remote desktop if needed. * I expected it might likely work well enough for me, and therefore will expand use of my familiar desktop into at least a portion of my server-related work, creating a smoother overall workflow. * I have a *new* (fairly new) Mac mini Server and have several things up and running on it. qmail+vpopmail is the only major requirement I haven't tackled yet. * Curiously the first point you mention "some sort of raid" is one reason I want to use OSX, because I really like SoftRAID, which runs only on the Mac. It is installed at home on all my Macs, and I'm quite fond of it and use it at levels that most customers don't touch. And there are some features planned for the future that I'm quite excited about. I've had terrible experiences with Apple RAID in the past and also would not want to use Apple's own drivers for data I care about. *** I would consider running QMT in a VM, but would rather avoid a VM. I've never touched CentOS. My "distro" of choice still would be Mac-native. I suppose I would try building from sources and see what happens. I really don't want my *entire* server in a VM (just qmail+vpopmail if really necessary) and also really don't want multiple IP's, and suspect sharing a single IP with host and mail VM would be problematic. I already have native Apache, SQL, PHP, etc. and figure it is a good thing to leave it that way if I want to "try" Mac for whatever it may be worth. But if the whole idea doesn't work maybe I will just install some linux on my Mac mini. But in that case I suppose I could put the whole thing in a linux VM under MacOSX and run SoftRAID in the Mac host. It is just not stuff I'd thought through since I naively didn't expect Mac to be such a problem. If it really is such a problem, then I guess the "why Mac" questions may be sensible. It just surprises me. *** Please address any non-OSX-related replies to the original thread. I still may want to ugprade my existing FreeBSD installation, and all my other questions still stand. Thanks. -Kurt On 8/2/12 8:13 PM, "Eric Shubert" wrote: > I wonder too, why OSX? The only thing I can think of is perhaps you have > an older MacMini laying around that you'd like to use. That's certainly > usable for something such as this, but I wouldn't recommend running a > server w/out some sort of raid (I prefer the SW variety). > > Disclaimer: I've recently taken charge of the QMail-Toaster.com project, > so I'm a bit biased. ;) > > If you're really bent on OSX, you could run a QMT mail server as a VM > under whichever virtualization platform you prefer. Migrating your > existing setup to QMT should be fairly easy, depending on your vpopmail > settings. QMT has a slew of qmail patches applied, and I'm presently > upgrading vpopmail to 5.4.33 (long awaited), which will bring all of the > QMT packages current with upstream releases. There is a large community > behind QMT, so you won't need to look far for helpful support. > > QMT is presently only available on CentOS/RHEL, so that might be a > drawback to you. If you're familiar with packaging though, you might > want to roll your own for whatever distro you choose. We hope to have > the sources available on GitHub by the end of the year, and will be > using OBS to build the packages. > > You're welcome to join us in our endeavors. !DSPAM:501bad5d34214839465487!
Re: [vchkpw] [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
I guess you weren't kidding about using FreeBSD. But I realize my idea of applying more standard patches to see if my problem goes away is perhaps a little indirect given the amount of effort involve. So I guess I will go ahead and post a qmail troubleshooting question here, separately. And then at a later day I'll look into the toaster. From other comments here perhaps running it in a VM on the mac may not be such a bad thing for as long as I continue to use qmail+vpopmail, and I really haven't found an alternative that satisfies my usage. -Kurt On 8/3/12 6:25 AM, "Rick Romero" wrote: > > I don't disagree with any of your points :) > I use FreeBSD, I don't know why anyone would run Linux for any real > server load - I'M JUST KIDDING! :)) > > Have you taken a look at Matt Simerson's toaster script? It's > targeted at FreeBSD, but I'm fairly confident the instructions are OSX > friendly. At least in the past they were. > > http://www.tnpi.net/internet/mail/toaster/ > > Rick > > Quoting Kurt Bigler : > > >> *** >> >> I would consider running QMT in a VM, but would rather avoid a VM. I've >> never touched CentOS. My "distro" of choice still would be Mac-native. I >> suppose I would try building from sources and see what happens. I really >> don't want my *entire* server in a VM (just qmail+vpopmail if really >> necessary) and also really don't want multiple IP's, and suspect sharing a >> single IP with host and mail VM would be problematic. I already have native >> Apache, SQL, PHP, etc. and figure it is a good thing to leave it that way if >> I want to "try" Mac for whatever it may be worth. >> >> But if the whole idea doesn't work maybe I will just install some linux on >> my Mac mini. But in that case I suppose I could put the whole thing in a >> linux VM under MacOSX and run SoftRAID in the Mac host. It is just not >> stuff I'd thought through since I naively didn't expect Mac to be such a >> problem. If it really is such a problem, then I guess the "why Mac" >> questions may be sensible. It just surprises me. >> > >> >> -Kurt >> >> >> >> On 8/2/12 8:13 PM, "Eric Shubert" wrote: >> >>> I wonder too, why OSX? The only thing I can think of is perhaps you have >>> an older MacMini laying around that you'd like to use. That's certainly >>> usable for something such as this, but I wouldn't recommend running a >>> server w/out some sort of raid (I prefer the SW variety). >>> >>> Disclaimer: I've recently taken charge of the QMail-Toaster.com project, >>> so I'm a bit biased. ;) >>> >>> If you're really bent on OSX, you could run a QMT mail server as a VM >>> under whichever virtualization platform you prefer. Migrating your >>> existing setup to QMT should be fairly easy, depending on your vpopmail >>> settings. QMT has a slew of qmail patches applied, and I'm presently >>> upgrading vpopmail to 5.4.33 (long awaited), which will bring all of the >>> QMT packages current with upstream releases. There is a large community >>> behind QMT, so you won't need to look far for helpful support. >>> >>> QMT is presently only available on CentOS/RHEL, so that might be a >>> drawback to you. If you're familiar with packaging though, you might >>> want to roll your own for whatever distro you choose. We hope to have >>> the sources available on GitHub by the end of the year, and will be >>> using OBS to build the packages. >>> >>> You're welcome to join us in our endeavors. >> >> >> >> > > > > > > > !DSPAM:50208c4f34211260758337!
[vchkpw] [SPAM] Re: [vchkpw] [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
I had a chance to buy a used pdp-8e from the physics department for "cheap". I guess it was still a little too big for my tastes and the Apple II came out about that time. ;) I guess we get away with such OT remarks 'cause there's so many of us old-timers. But really computers were more fun when they didn't do everything so easily. The crisply explicit does not engage the imagination. Multi-user space wars (written by a friend) on a text terminal on a HP realtime mini with 4 other players was, well, better than anything in gaming that has happenned since. -Kurt On 8/3/12 5:37 AM, "Postmaster" wrote: > WHAT! - no pdp-8 :) > > On 08/03/12 06:52, Kurt Bigler wrote: >> * After the UNIVAC 1108, the IBM 360, the PDP-11, and the Apple II, the Mac >> was my next computer > > > > > !DSPAM:50208d2034211484845289!
Re: [vchkpw] Re: [SPAM] anti-OSX [was: qmail+vpopmail upgrade questions]
Thanks, and to Matt also. On 8/3/12 11:18 AM, "Eric Shubert" wrote: >> * I think Windows sucks bad, and I like UNIX only without a UI. I'm very >> good in vi. But for running my server this time I'd like to try a UI for a >> for vanilla file management and such, and I don't think I want it to be >> either Gnome or KDE, because I've never liked them enough to try to learn >> them. I won't mention X-Windows. Apple Remote Desktop has some problems >> but they seem not bad for a server without its own display, and I can always >> use a different remote desktop if needed. > > If you're only looking for file management in a UI, I'd try a text based > one such as Vifm or Midnight Commander, as opposed to a GUI. What I want from file management is essentially "GUI". I can tolerate text interfaces in the terminal, but it is harder to swallow as a cheap gui imitation. It is still a gui in essence even if it is text-based, if it provides a view of the filesystem that does not require typing a command to get a directory listing. So I just prefer a GUI, and among GUI's I don't really even like to look at Windows Explorer, much less Midnight Commander. I can adjust to anything, and maybe it is worth that adjustment if a GUI is just too expensive in terms of connection bandwidth, but it is not the experiment I had in mind to try next. Basically, the whole point is to use the Mac Finder, which in spite of being broken to hell by Apple, is still better than any Windows or unix file management GUI I have seen so far. (It worked really well in OS 9 and actually Apple has never fixed it since, so it is crippled in 10 or so ways that are regularly annoying.) Sometimes I am "visual" and in a visual environment I basically relax. Using a terminal I am not relaxed, even if I am somewhat efficient. >> * I expected it might likely work well enough for me, and therefore will >> expand use of my familiar desktop into at least a portion of my >> server-related work, creating a smoother overall workflow. > > I think this is an unrealistic expectation, in some senses. It doesn't > matter much which desktop platform you use to manage servers. It depends on what is to be done. When doing canned configuration stuff I use a web interface. The rest of the time I'm in the shell and some fraction of that time I could be in a file browser instead, and in that case I'd rather it be familiar and at least not ugly, therefore (for me) Mac. > You only > really need a web browser and ssh. Unfortunately for some, a good bit of > server admin work is CLI. Since you know vi though, you should be pretty > much home free. Yup, if I had more time I'd develop my own Finder replacement that was more expressive in relation to CLI-available functionality. Lacking that I'll stick with the Finder for moving things around, and seeing what I did. (Unforch the Finder can't create symlinks.) > So I don't get credit for guessing you have a Mac Mini? ;) Yeah, I appreciated that, and glossed over it. >> * Curiously the first point you mention "some sort of raid" is one reason I >> want to use OSX, because I really like SoftRAID, which runs only on the Mac. >> It is installed at home on all my Macs, and I'm quite fond of it and use it >> at levels that most customers don't touch. And there are some features >> planned for the future that I'm quite excited about. I've had terrible >> experiences with Apple RAID in the past and also would not want to use >> Apple's own drivers for data I care about. > > That should be fine. I'm partial to software raid myself, but I do it > all with the mdadm CLI utility. I'm sure that SoftRAID is slicker. I can't speak to mdadm. I use SoftRAID purely via its GUI, although it has CLI support. >> I would consider running QMT in a VM, but would rather avoid a VM. I've >> never touched CentOS. > > Not a big deal. It's much like the CLI in OSX. Things are in different > places is all. You really don't need to concern yourself with most of > that though. Much less than if you try to roll your own on OSX. Ok, I'll take that advice. >> My "distro" of choice still would be Mac-native. > > Obviously BSD would be closest. With QMT you really don't need to know > much about the OS though. Everything's scripted. Then I might as well stick with FreeBSD since it already compiles. >> and also really don't want multiple IP's, and suspect sharing a >> single IP with host and mail VM would be problematic. > > There's no problem with this. Virtualization software can provide NAT > for the VM's nic(s). Ok, I had Parallels NAT break host functionality on the LAN once, which made me nervous. (I could not print over the LAND as long as Parallels NAT was enabled on that Mac.) I have also never put a real server behind a NAT before, so wasn't sure about it. > It should be > no surprise that the server industry (if there is such a thing) has made > big moves toward virtualization for nearly a decade now. Yes. I
[vchkpw] deleting an alias domain
It is unclear to me from the documentation how to delete an alias domain. I was afraid to just remove the symbolic link from the domains directory, thinking this might leave something not cleaned-up somewhere. But I was also afraid to run vdeldomain on an alias domain, thinking it might follow the symlink and delete the original domain. So what is the right way to delete an alias domain using vpopmail? Thanks, Kurt Bigler
Re: [vchkpw] User vpopmail cant login through sqwebmail
on 11/7/02 4:46 PM, Afif <[EMAIL PROTECTED]> wrote: > Dear all, > > I ave problem about vpopmail user authentication, way every user in > vpopmail can't login through sqwebmail, but throught pop3 mail client > its can use normally, > do I make some mistake? would you please give soulution for this case? > I've been reinstall sqwebmail but the problem still exist > highly appreciate for yr help What mail client are you using? Have you tried several? I have noticed that OutlookExpress for Macintosh (all versions for the last several years) will fail on pop several times (maybe 3 times, maybe 20 times) when a newly created pop account is used for the first time. By just clicking Send and Receive quickly a dozen or so times it eventually works. Once it works once it works forever. I don't know what it is about OutlookExpress, how it can behave differently for new accounts that have not previously been used. Would be interested if anyone else has solved this problem. I am new to this list - maybe the issue has been brought up before. -Kurt Bigler
Re: [vchkpw] Re: aliases
on 11/14/02 9:17 AM, Peter Palmreuther <[EMAIL PROTECTED]> wrote: [snip] > Have you _ever_ understood what qmail uses /var/qmail/users/* for? > No? Than you lied and you haven't read qmail documentation. [snip] The information in the rest of your email is very helpful. Incredibly so for me, and I thank you for it. However, do you realize how full of assumptions most explanations (e.g. helpful explanations from people who know things) and documentation are? Full of assumed knowledge and assumed points of view. So often this makes even extensive documentation almost useless for asimilating even the basics - unless you have lots of time on your hands and can study and study and study until the obvious hidden information finally dawns on you. I find that in particular information about the internet and about server software is more buried right in front of us all than any other area I have ever studied. So the bottom line is no one really needs to prove anything about how hard someone else has studied the documentation. Some of us have studied until it hurt. Others reach their threshold of pain much sooner. But let's face it, learning from documentation is often a pain. A little dialog with someone can help almost effortlessly to bring forward the implicit points of view and create seeds for the process of assimilation, so that returning to the doc can then be fruitful. Documentation writers can learn from this. And learn and learn and learn - I believe without limit. Documentation can be much better. It is hard to be without attitude, and to rid oneself of all the hidden assumptions of being involved in a particularly community of discourse. Documentation is ideally written for everybody. That is an impossible task, but it can be approached. I appreciate this list and the help it provides to supplement the inevitable limitations of documentation (limitations that are experienced very differently by different people needing to learn and get work done). I am just lobbying for the cause of relieving us all from any need to even so much as clarify what someone has failed to do in using the documentation. This would leave our helpful information totally uncolored by anything besides help, which I think would be a good step. After all there is no need to defend the documentation. Like everything it was hard work to write it, and tries to meet an impossible goal. It is good to be aware of both all the time. The "best" of us (and who is that anyway?) will miss the obvious often enough whether writing or reading. Thanks, Kurt Bigler
Re: [vchkpw] massive deletion of accounts
on 12/4/02 2:02 PM, Brendan McAlpine <[EMAIL PROTECTED]> wrote: > Is there an easy way to remove a number of email accounts using > vdeluser all at once? > > My problem is thisI want to remove several thousand mail accounts > from my server, but I don't want to manually run vdeluser for each one. > Is there any way for vdeluser to read from a list of addresses to > remove? > > Is there a better way to do this? If you have a list of addresses, just edit the list to place vdeluser at the beginning of each line. Then run the result as a shell script. For example in vi, escape to ex mode by typing colon and then after the colon type: %s/^/vdeluser / I don't know off-hand if other arguments are needed, so this is just for example. > > TIA > > Brendan > > >
Re: [vchkpw] vpopmail + mysql + sqwebmail
on 12/22/02 5:37 PM, Hugo Escobar <[EMAIL PROTECTED]> wrote: > > Hi list: > > Sorry if this is off-topic but the sqwebmail ml-manager seems to be > discarding message postings. > > This is what I have so far: > > Vpopmail+mysql working fine. > > $ telnet 110 > > always works for all the virtualdomains. > > > When it comes to the SqWebMail part, everything compiles, installs, etc. > but when I try to log in I get the following message: > > Internal error (module sqconfig.c, line 63) - contact system > administrator Maybe it would help if you would post line 63 of sqconfig.c and the context around it, i.e. maybe lines 40 through 90 or so. (If you don't know C you can perhaps still try to judge from visual organization of the code where is a good place to start and stop.) Then even people with different versions or without ml-manager might be able to help you, or you may save the expert a trip to the source. > Configuration information: > > vpopmail-5.2.1 > mysql Ver 11.15 Distrib 3.23.41, for redhat-linux-gnu (i386) > sqwebmail-3.4.0.20021212 > > relevant line in the /usr/local/share/sqwebmail/authdaemonrc: > authmodulelist="authcustom authvchkpw" > > authdaemond is running. > > Any ideas? > > Hugo > > > > > > > > > > >
Re: [vchkpw] vpopmail + mysql + sqwebmail
on 12/22/02 5:37 PM, Hugo Escobar <[EMAIL PROTECTED]> wrote: > > Hi list: > > Sorry if this is off-topic but the sqwebmail ml-manager seems to be > discarding message postings. > > This is what I have so far: > > Vpopmail+mysql working fine. > > $ telnet 110 > > always works for all the virtualdomains. > > > When it comes to the SqWebMail part, everything compiles, installs, etc. > but when I try to log in I get the following message: > > Internal error (module sqconfig.c, line 63) - contact system > administrator I don't have the same version of sqwebmail as you, but it looks like this might be a problem opening the sqconfig file (whatever that is) for writing. The error is likely to be a failure at this point in the C code: f=fopen(p, "w"); if (!f) enomem(); enomem is a macro that generates the error message you see with the file name and line number. fopen is what is failing. So if you can figure out that that configuration file might be, I suppose it might be a permission problem with that file, the directory containing it, or the user/group that one of the sqwebmail applications is running under. Sorry can't look into this more right now - hoping that might give you a clue. > > Configuration information: > > vpopmail-5.2.1 > mysql Ver 11.15 Distrib 3.23.41, for redhat-linux-gnu (i386) > sqwebmail-3.4.0.20021212 > > relevant line in the /usr/local/share/sqwebmail/authdaemonrc: > authmodulelist="authcustom authvchkpw" > > authdaemond is running. > > Any ideas? > > Hugo > > > > > > > > > > >
Re: [vchkpw] vpopmail + mysql + sqwebmail
on 12/22/02 9:07 PM, Hugo Escobar <[EMAIL PROTECTED]> wrote: > On Mon, 2002-12-23 at 00:17, Kurt Bigler wrote: >> on 12/22/02 5:37 PM, Hugo Escobar <[EMAIL PROTECTED]> wrote: >> >>> >>> Hi list: >>> >>> Sorry if this is off-topic but the sqwebmail ml-manager seems to be >>> discarding message postings. >>> >>> This is what I have so far: >>> >>> Vpopmail+mysql working fine. >>> >>> $ telnet 110 >>> >>> always works for all the virtualdomains. >>> >>> >>> When it comes to the SqWebMail part, everything compiles, installs, etc. >>> but when I try to log in I get the following message: >>> >>> Internal error (module sqconfig.c, line 63) - contact system >>> administrator >> >> I don't have the same version of sqwebmail as you, but it looks like this >> might be a problem opening the sqconfig file (whatever that is) for writing. >> The error is likely to be a failure at this point in the C code: >> >> f=fopen(p, "w"); >> if (!f) enomem(); >> >> enomem is a macro that generates the error message you see with the file >> name and line number. fopen is what is failing. >> >> So if you can figure out that that configuration file might be, I suppose it >> might be a permission problem with that file, the directory containing it, >> or the user/group that one of the sqwebmail applications is running under. >> >> Sorry can't look into this more right now - hoping that might give you a >> clue. >> > > Yes, indeed > > that file is one of the files that store "session" information related > to the user. The name of the file is "sqwebmail-ip" and this is supposed > to be created in the directory > > ~vpopmail/domains///Maildir. > > The problem is that when the function gets called, the first parameter > should be "~vpopmail/domains///Maildir", but > the function only receives ".", in other words, sqwebmail is trying to > create the file at the root directory. You mean the code is running cd'd to "/" so that "." is "/" ? Conceivably some code is trying to generate a pathname and uses "." instead when it gives up due to some error. Did you try running as root temporarily just to see if that helps? Unjustifiable hunch: maybe a chdir is failing. Maybe "." is fine when the current directory is set right. > So I guess I should dig deeper > into the source code. > >>> >>> Configuration information: >>> >>> vpopmail-5.2.1 >>> mysql Ver 11.15 Distrib 3.23.41, for redhat-linux-gnu (i386) >>> sqwebmail-3.4.0.20021212 >>> >>> relevant line in the /usr/local/share/sqwebmail/authdaemonrc: >>> authmodulelist="authcustom authvchkpw" >>> >>> authdaemond is running. >>> >>> Any ideas? >>> >>> Hugo >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >> >> >> > > > >
Re: [vchkpw] Bounce message
on 12/24/02 3:18 AM, Edoardo Serra <[EMAIL PROTECTED]> wrote: > Hi, > > I have many domains configured on my server (running vpopmail 5.2.1) and > I'd like > to have a per domain bounce message > > I mean, I'd like to have the domain whose mailbox caused the bounce listed > in the > bounce message, not the main domain of my server > > I don't want the following to happen: > > Hi. This is the qmail-send program at .com. > I'm afraid I wasn't able to deliver your message to the following > addresses. > This is a permanent error; I've given up. Sorry it didn't work out. > > .com>: > Sorry, no mailbox here by that name. (#5.1.1) > > [...] > > Any hint ? > > Regards > > Edoardo Serra I'm just a tad confused by some of the details of what you are saying, but let me try to find out if you are trying to do the same thing I have wanted to do... The "presenting" problem is that as things are, all the bounced-bounce messages come to the postmaster account at the server domain (i.e. to me). I would like bounced-bounce messages to go to the postmaster at the domain that rejected the message (which will only SOMETIMES be me). I was told by inter7 consultants (6 months ago) that without writing some code Qmail will not let you specify on a per domain basis who the bounced bounce message gets sent to. I responded that it was really the bounce message that was causing the problem because it was addressed as from the postmaster at the server domain instead of the postmaster of the domain that could not receive the message. In spite of this they only offered this option: > you could write yourself a script that would be called > from /var/qmail/alias/.qmail-postmaster that could parse where the > bounce came from and put it into the correct postmaster's mailbox. It > would be easier than hacking the qmail/vpopmail source code. I have not tried implementing this however. It does seem to me to be a deficiency in qmail+vpopmail that the bounce message is not sent from the correct domain. Do others agree? Kurt Bigler
Re: [vchkpw] Virtual Domain - Receiving but cannot retrieve
on 12/26/02 6:22 PM, George Minich <[EMAIL PROTECTED]> wrote: > Seasons Greetings to all on the list! I have a question that deals with > qmail/vpopmail and multiple domains. I have configured a second domain > using the vqadmin.cgi. When I look at the various config file and directory > structures, all look fine. When I send a test message from a domain > external to my physical location, the message arrives to the user in the > correct Maildir. The problem is that when I log in via a POP3 client, the > new messages do not appear. When I look in the maildir directory, they are > there. I have tried this with the default "postmaster" user and another > test user that I had created. I used Outlook Express to test this. My experience with Outlook Express for Mac: It reports errors for a while before a new account created in the client starts working. But then you should be seeing a connection failure or other error, not just getting no mail. The connection failure will repeat several times (generally less than 10) and then go away, after which point the account will continue to work. I think it will start failing again if you change the mail server. Each new account created will have this problem until it clears up. > > Here is the message data just in case it helps: > > File name in user/maildir: 1040930845.73216.mail.calistowireless.com,S=1923 > > File data: > > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 73213 invoked from network); 26 Dec 2002 19:27:25 - > Received: from unknown (HELO relay.toshiba.ca) (209.167.114.3) > by 216.94.149.2 with SMTP; 26 Dec 2002 19:27:25 - > Received: from imap.toshiba.ca (vortech [209.167.114.99]) > by relay.toshiba.ca (8.8.7/8.8.7) with ESMTP id OAA22975 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:33 -0500 > Received: from localhost (imap2a [192.168.3.251]) > by imap.toshiba.ca (Postfix) with ESMTP id 0633E3FD46 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:32 -0500 (EST) > Received: from aaa (unknown [216.94.149.220]) > by imap.toshiba.ca (Postfix) with SMTP id 003523FC91 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:30 -0500 (EST) > Message-ID: <001e01c2ad16$4519ce00$[EMAIL PROTECTED]> > From: "George Minich" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: test > Date: Thu, 26 Dec 2002 14:37:47 -0500 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_000_001B_01C2ACEC.5C223440" > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2800.1106 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 > X-Virus-Scanned: by AMaViS new-20020517 > > This is a multi-part message in MIME format. > > --=_NextPart_000_001B_01C2ACEC.5C223440 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > test > > --=_NextPart_000_001B_01C2ACEC.5C223440 > Content-Type: text/html; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > > > charset=3Diso-8859-1"> > > > > > test > > > --=_NextPart_000_001B_01C2ACEC.5C223440-- > > I did restart the services after I added the new domain. Does anyone have > an idea as to what may not be allowing me to retrieve these messages? > > Thank You > > George > > > >
Re: [vchkpw] Virtual Domain - Receiving but cannot retrieve
on 12/26/02 6:22 PM, George Minich <[EMAIL PROTECTED]> wrote: > Seasons Greetings to all on the list! I have a question that deals with > qmail/vpopmail and multiple domains. I have configured a second domain > using the vqadmin.cgi. When I look at the various config file and directory > structures, all look fine. When I send a test message from a domain > external to my physical location, the message arrives to the user in the > correct Maildir. The problem is that when I log in via a POP3 client, the > new messages do not appear. When I look in the maildir directory, they are > there. I have tried this with the default "postmaster" user and another > test user that I had created. I used Outlook Express to test this. > > Here is the message data just in case it helps: > > File name in user/maildir: 1040930845.73216.mail.calistowireless.com,S=1923 > > File data: > > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 73213 invoked from network); 26 Dec 2002 19:27:25 - > Received: from unknown (HELO relay.toshiba.ca) (209.167.114.3) > by 216.94.149.2 with SMTP; 26 Dec 2002 19:27:25 - > Received: from imap.toshiba.ca (vortech [209.167.114.99]) > by relay.toshiba.ca (8.8.7/8.8.7) with ESMTP id OAA22975 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:33 -0500 > Received: from localhost (imap2a [192.168.3.251]) > by imap.toshiba.ca (Postfix) with ESMTP id 0633E3FD46 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:32 -0500 (EST) > Received: from aaa (unknown [216.94.149.220]) > by imap.toshiba.ca (Postfix) with SMTP id 003523FC91 > for <[EMAIL PROTECTED]>; Thu, 26 Dec 2002 14:37:30 -0500 (EST) > Message-ID: <001e01c2ad16$4519ce00$[EMAIL PROTECTED]> > From: "George Minich" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: test > Date: Thu, 26 Dec 2002 14:37:47 -0500 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_000_001B_01C2ACEC.5C223440" > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2800.1106 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 > X-Virus-Scanned: by AMaViS new-20020517 > > This is a multi-part message in MIME format. > > --=_NextPart_000_001B_01C2ACEC.5C223440 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > test > > --=_NextPart_000_001B_01C2ACEC.5C223440 > Content-Type: text/html; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > > > charset=3Diso-8859-1"> > > > > > test > > > --=_NextPart_000_001B_01C2ACEC.5C223440-- > > I did restart the services after I added the new domain. Does anyone have > an idea as to what may not be allowing me to retrieve these messages? Try logging in to the port using telnet, and typing the POP commands by hand. You can do this locally for on your server using telnet localhost 110 and see what you learn from that. > > Thank You > > George > > > >
[vchkpw] phantom vpopmail alias domain
I have an alias domain that exists and appears to be working without the usual symbolic link for it being present in /var/vpopmail/domains. If I try to add that domain I get a message indicating the domain already exists. Sending email to that domain routes correctly to the domain that it is supposed to be an alias of. But the alias domain is invisible. Does vpopmail maintain the domain list somewhere else? I'm aware that vpopmail is just a layer on top of qmail, and I admit that I don't know enough about qmail to really understand the underpinnings, so apologies. I am using vpopmail-5.3.12. Thanks, Kurt Bigler
[vchkpw] unexpected Delivered-To
I am receiving spam addressed to a particular non-existent user on my own account (not a postmaster account), which is at the same domain as the non-existent user. The catch-all setting for the domain is "bounced". How can this happen? Here is an example header, to clarify. Since I am not suspecting that DNS-resolving issues are involved, I have changed the domain name to "example": > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 43200 invoked from network); 6 Oct 2003 21:52:43 - > Received: from unknown (HELO 24.153.97.91) (24.153.97.91) > by vps.breathsense.com with SMTP; 6 Oct 2003 21:52:43 - > To: <[EMAIL PROTECTED]> > From: "Expert Programmers" <[EMAIL PROTECTED]> > Subject: Better Applications Require Better Developers! wzjf > X-Priority: 3 > Reply-To: [EMAIL PROTECTED] > Message-Id: <[EMAIL PROTECTED]> > Date: Mon, 6 Oct 2003 14:52:55 +0400 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 > X-MSMail-Priority: Normal > Mime-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_005_0001_BNOJVXEC.BDBQJPGV" "faith" is neither an account nor a forward for the domain in question, and so should bounce. If I send to that address, either locally or via another SMTP it bounces. So how can a message "To" that address end up "Delivered-To" me? I am using: vpopmail 5.3.12 qmail 1.03 qmailadmin 1.0.6 Thanks for any help. -Kurt Bigler
Re: [vchkpw] "Domain already exists" but doesn't really
on 10/6/03 7:42 PM, W.D. McKinney <[EMAIL PROTECTED]> wrote: > This is frustrating: > > mailman# cd /usr/home/vpopmail > mailman# cd bin > mailman# ./vdeldomain deesignnet.com > Error: Domain does not exist > mailman# ./vadddomain deesignnet.com > Please enter password for postmaster: > enter password again: > Error: Domain already exists I'm no expert but this sounds like what was happening to me when I upgraded to a new version of vpopmail that handled aliased domains differently. One of the vpopmail readme files describes the issue of the change in how domain aliases were handled, but without explaining the underlying mechanics fully, so I had to post here to find out. Here is the message I posted about my problem, and the response I got: on 6/5/03 7:04 PM, Kurt Bigler wrote: > I have an alias domain that exists and appears to be working without the usual > symbolic link for it being present in /var/vpopmail/domains. If I try to add > that domain I get a message indicating the domain already exists. Sending > email to that domain routes correctly to the domain that it is supposed to be > an alias of. But the alias domain is invisible. > > Does vpopmail maintain the domain list somewhere else? I'm aware that > vpopmail is just a layer on top of qmail, and I admit that I don't know enough > about qmail to really understand the underpinnings, so apologies. > > I am using vpopmail-5.3.12. on 6/5/03 9:02 PM, Tom Collins wrote: > /var/qmail/users/assign has the mapping of alias domain to real > domain/directory. I believe I edited the assign file and fixed the problem. -Kurt
Re: [vchkpw] unexpected Delivered-To
on 10/7/03 12:37 AM, an off-list replier wrote: >> How can this happen? > > *Any* header can be forged.:^) Ok, but I'm not clear on one thing. qmail+vpopmail is going to route locally based on the to field of the incoming message, right? So you are saying this message was forged locally, meaning a hacked server? Curiously your off-list reply cased my server to generate this message: message is looping /var/vpopmail/domains/breathsense.com/kkb/Maildir/ and I got your reply in the form of a double-bounce, since your server rejected the direct reply to you (the bounce message). And thus I an using the list again [EMAIL PROTECTED] the off-list conversation! Thanks, Kurt Bigler
[vchkpw] possible to refine local domains to local addresses?
I just discovered a phenomenon that is probably familiar to many of you: the fact that spammers (or viruses) can relay through my server because of its accepted domains (domains at which my server hosts pop accounts), simply by forging a bad address at one of the accepted domains and allowing the resulting bounce to deliver their content to the specified "from" address, via the bounce message. It seems to me that an obvious way to deal with this would be to simply not accept entire domains (except for domains that require full wildcard delivery) but only accept delivery to specific legitimate addresses for which either POP accounts or forwards exist. I understand that this means checking against a larger list but my list of legitimate email addresses is probably less than 5 times the size of legitimate domains so I think this would not be a problem, especially since in my case this is a total of less than 100 email addresses. I would also guess that if I were using MySQL beyind vpopmail instead of just text files that this would be even less of a problem, and that I could make this upgrade in the future if SMTP server performance became an issue. Besides if I had this protection in place, the mail throughput of my server could probably be reduced by a factor of 2, if not much more at times. I am using qmail + vpopmail5.3.12 for both POP and SMTP purposes. As far as I know no such mechanism as I am describing exists. Is there a way to do this? Thanks for any suggestions. -Kurt Bigler
[vchkpw] Qmailadmin and webmin interoperability.
I am using qmailadmin 1.0.6 to manage my qmail + vpomail5.3.12 configuration, but I recently discovered that webmin has some modules for configuring qmail, and provides flexibility not provied by qmailadmin 1.0.6 such as specifying rejected addresses. I am wondering if anyone has had any experience with the combination of qmailadmin and webmin to administer qmail+vpopmail and know whether the combination is safe. My guess is that any lists I see in webmin that are *empty* are probably safe to configure via webmail, and any others are likely to be updated by qmailadmin/vpopmail and any changes I make there will either be blown away, or worse yet, intervere with qmailadmin/vpopmail operation. Thanks for any experience or thoughts on this. -Kurt Bigler
Re: [vchkpw] possible to refine local domains to local addresses?
on 1/31/04 9:46 PM, Jeremy Kitchen <[EMAIL PROTECTED]> wrote: > On Sat, 2004-01-31 at 23:39, Kurt Bigler wrote: >> I just discovered a phenomenon that is probably familiar to many of you: >> the fact that spammers (or viruses) can relay through my server because of >> its accepted domains (domains at which my server hosts pop accounts), simply >> by forging a bad address at one of the accepted domains and allowing the >> resulting bounce to deliver their content to the specified "from" address, >> via the bounce message. > > and you actually observe this happening? Actually what I see are double bounces, and I make the inference about what would have happenned if the from address of the original message accepted by my SMTP had actually existed. Please correct me if that inference is wrong. So my conclusion is if that I plugged this hole, I would eliminated all the worthless double-bounce messages, plus I would also avoid any possibility of my server being used indirectly to relay. -Kurt > I've never received such an > email, nor have I ever seen it happen to my machine, or any other > machine I've worked on in the past.. > > -Jeremy
[vchkpw] indirect reasons for 5.7.1?
This is regarding qmail + vpopmail 5.3.12 running under tcpserver, on FreeBSD 4.6.1. My server was bouncing *everything* with 5.7.1, that is including stuff that should have been delivered to domains hosted by my server. I panicked and just rebooted my server (because reboot is very quick and it is the most reliable way to fix a bunch of things quickly without having to take time to identify a problem), and thus lost some of the evidence. But I am suspicious based on previous expeirences that if a certain process dies that some process starts responding to all smtp requests with 5.7.1. Or is there any other obvious reason why qmail might go into a permanent 5.7.1 mode? Thanks for any thoughts, and sorry to be so lacking in info. I did do a quick ps when I discovered the problem and I'm pretty sure that the tcpserver process involving qmail-smtpd was probably not there. I only remembered it should have been there after rebooting and doing another ps. Is there some default mode for smtp connections that takes over under such a circumstance? Thanks, Kurt Bigler
Re: [vchkpw] indirect reasons for 5.7.1?
on 4/2/04 1:53 PM, X-Istence <[EMAIL PROTECTED]> wrote: > Kurt Bigler wrote: >> This is regarding qmail + vpopmail 5.3.12 running under tcpserver, on >> FreeBSD 4.6.1. >> >> My server was bouncing *everything* with 5.7.1, that is including stuff that >> should have been delivered to domains hosted by my server. > > 5.7.1 can mean a domain is not on your rcpthosts list. > /var/control/rcpthosts No, rcpthosts was fine (or rebooting would have been vanishingly unlikely to fix it). >> I panicked and just rebooted my server (because reboot is very quick and it >> is the most reliable way to fix a bunch of things quickly without having to >> take time to identify a problem), and thus lost some of the evidence. > > Reboot should be your last thing to try, what if it was more serious and > the box never came back up? Everything else *seemed* fine. Reboot has proven very reliable. It is a virtual server with the parent (?) server monitored/maintained by my provider, which makes a bit of a difference. Every moment lost not identifying the problem is a liability, so I used reboot to compensate for my lack of ready knowledge. In this particular case it turned out to be a good thing, but I hope to work now to reduce the chance of it happening again. >> But I am suspicious based on previous expeirences that if a certain process >> dies that some process starts responding to all smtp requests with 5.7.1. >> Or is there any other obvious reason why qmail might go into a permanent >> 5.7.1 mode? > > Check rcpthosts, restart qmail-smtpd, only things that would affect a > 5.7.1. Which means permanent error, or permanent not allowed. Yes, I am thinking of having the server monitor and restart these things automatically. I know some people don't like that approach, but I don't have 24/7 staff coverage (just me who sleeps long hours). >> Thanks for any thoughts, and sorry to be so lacking in info. I did do a >> quick ps when I discovered the problem and I'm pretty sure that the >> tcpserver process involving qmail-smtpd was probably not there. I only >> remembered it should have been there after rebooting and doing another ps. >> Is there some default mode for smtp connections that takes over under such a >> circumstance? > > Well, if your SMTP service was not there, your server could not be > accepting mail, thus there would be nothing to bounce. Thus it would not > be able to create 5.7.1 bounces in the first place. I was wondering whether tcpserver on its own would start handling them if qmail-smtpd disappeared. It seems to me tcpserver can do quite a few things on its own. It would be very unfriendly if it were to do 5.7.1's rather than indicating a temporary failure though. Thanks, Kurt Bigler
Re: [vchkpw] indirect reasons for 5.7.1?
on 4/2/04 2:05 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > on 4/2/04 1:53 PM, X-Istence <[EMAIL PROTECTED]> wrote: > >> Kurt Bigler wrote: >>> Thanks for any thoughts, and sorry to be so lacking in info. I did do a >>> quick ps when I discovered the problem and I'm pretty sure that the >>> tcpserver process involving qmail-smtpd was probably not there. I only >>> remembered it should have been there after rebooting and doing another ps. >>> Is there some default mode for smtp connections that takes over under such a >>> circumstance? >> >> Well, if your SMTP service was not there, your server could not be >> accepting mail, thus there would be nothing to bounce. Thus it would not >> be able to create 5.7.1 bounces in the first place. > > I was wondering whether tcpserver on its own would start handling them if > qmail-smtpd disappeared. It seems to me tcpserver can do quite a few things > on its own. It would be very unfriendly if it were to do 5.7.1's rather > than indicating a temporary failure though. Oops sorry, I was thinking of inetd when I said "tcpserver" above. Maybe inetd provides some sort of default coverage for a port that no other process is watching? -Kurt > > Thanks, > Kurt Bigler > >
Re: [vchkpw] indirect reasons for 5.7.1? - behavior confirmed
on 4/2/04 1:15 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > This is regarding qmail + vpopmail 5.3.12 running under tcpserver, on > FreeBSD 4.6.1. > > My server was bouncing *everything* with 5.7.1, that is including stuff that > should have been delivered to domains hosted by my server. > > I panicked and just rebooted my server (because reboot is very quick and it > is the most reliable way to fix a bunch of things quickly without having to > take time to identify a problem), and thus lost some of the evidence. > > But I am suspicious based on previous expeirences that if a certain process > dies that some process starts responding to all smtp requests with 5.7.1. > Or is there any other obvious reason why qmail might go into a permanent > 5.7.1 mode? > > Thanks for any thoughts, and sorry to be so lacking in info. I did do a > quick ps when I discovered the problem and I'm pretty sure that the > tcpserver process involving qmail-smtpd was probably not there. I only > remembered it should have been there after rebooting and doing another ps. > Is there some default mode for smtp connections that takes over under such a > circumstance? > > Thanks, > Kurt Bigler I confirmed that if I kill this process (line from ps output): qmaild86243 0.0 0.1 904 360 ?? SNJ 3:05PM 0:00.09 tcpserver -v -H -R -lvps.breathsense.com -x /var/vpopmail/etc/tcp.smtp.cdb -c200 -u1003 -g1001 0 25 fixcrio /var/qmail/bin/qmail-smtpd that incoming SMTP attempts are greeted by a 5.7.1 error. Does anyone understand how this happens? Thanks, Kurt Bigler
Re: [vchkpw] indirect reasons for 5.7.1? - behavior confirmed
on 4/2/04 6:24 PM, X-Istence <[EMAIL PROTECTED]> wrote: > Kurt Bigler wrote: > >> >> I confirmed that if I kill this process (line from ps output): >> >> qmaild86243 0.0 0.1 904 360 ?? SNJ 3:05PM 0:00.09 >> tcpserver -v -H -R -lvps.breathsense.com -x >> /var/vpopmail/etc/tcp.smtp.cdb -c200 -u1003 -g1001 0 25 fixcrio >> /var/qmail/bin/qmail-smtpd >> >> that incoming SMTP attempts are greeted by a 5.7.1 error. >> >> Does anyone understand how this happens? >> >> Thanks, >> Kurt Bigler > > Well, considering that is your SMTP service, it looks like another > server on the same system is taking over, or you configured something wrong. > > since its freebsd, take a look at: > > sockstat -4, and look for port 25 and what process has it in use if you > kill that process you mentioned. The plot thickens. sockstat produced no output, apparently a limitation of the virtual server implementation. Inquiring into this, the parent server apparently had default processes answering (stupidly) when virtual server email servers were not running. The administrator fixed this with a quick configuration change, and now everything behaves as expected. Thanks for your help, which lead to the resolution. Still a mystery to me why a default SMTP answerer would respond with 5.7.1. I inquired about that but got no reply yet. -Kurt
Re: [vchkpw] Spamassin configuration
on 2/25/05 3:43 PM, Jason S <[EMAIL PROTECTED]> wrote: > On Fri, 25 Feb 2005 16:47:36 -0500 (EST), Ron Dyck <[EMAIL PROTECTED]> wrote: >> I'm currently upgrading my mail server and am installing simscan. Simscan >> claims that there is an option to configure vpopmail with spamassassin >> option: >> --enable-spamassassin >> (http://www.qmailwiki.org/Simscan/Guide) >> The allows vpopmail user options so individual users can set their own >> perferences. >> >> I can't find this configure option anywhere, but would like to consider it. >> >> Does anyone have any information on this? > > The document you reference tells you what you need to know as far as > simscan is concerned. If you want more info about per-user config in > spamassassin using sql, check here: > http://wiki.apache.org/spamassassin/UsingSQL Excuse the newbie questions, but I've been reading for two solid days now, and I need to start asking some questions before I fall over dead... Does the per-user config require that I switch my qmail+vpopmail authorization from cdb to sql, or is this a separate issue? How are you planning on making per-user options available to individual users for editing? I thought I had read something about using SqWebmail for this but I can not find the message now and can find no other confirmation, and the SqWebmail info does not seem to mention any support for spamassasin. Looking forward to having this feature rolled into 5.4. Thanks. -Kurt Bigler
Re: [vchkpw] Spamassin configuration
on 2/28/05 7:06 AM, Ken Jones <[EMAIL PROTECTED]> wrote: > On Sunday 27 February 2005 2:42 am, Kurt Bigler wrote: >> How are you planning on making per-user options available to individual >> users for editing? I thought I had read something about using SqWebmail >> for this but I can not find the message now and can find no other >> confirmation, and the SqWebmail info does not seem to mention any support >> for spamassasin. > > We are almost ready to release a new php web interface that talks to the > vpopmail daemon where we planned on adding support for this spamassassin > stuff. You mention "vpopmail daemon". The only vpopmail daemon I have running is vchkpw, used with qmail-pop3d. I was thinking that vpopmail would only be used to provide the domain/user organization, and a hierarchy in which preferences could be stored. It is my hope that these per-user settings would (if desired) influence rejection by qmail-smtpd (i.e. via $QMAILQUEUE patch) rather than being limited to filtering that can be set up in .qmail files. I'm not sure if that's what you're referring to since I don't yet understand exactly at what levels this functionality interfaces with vpopmail. I'm also wondering about redundancy between this and chkuser, in terms of the need for qmail-smtpd to have access to vpopmail info at the domain/user level. I also haven't installed chkuser yet and don't know how it interfaces with vpopmail. Lacking intimate familiarity it's very hard work to assimilate all this information and so it is vastly helpful to be able to ask these questions. Thanks in advance. > Hopefully we can release the new code tomorrow. Wow. Is what you are working on general enough to be used for per-user preferences that outside the spamassassin realm? In other words, if you are solving the problem of authenticating to gain access to per-user preferences, and putting up an interface for that, can you use hooks up front that are general enough to allow extension for other purposes? In my case, I'd like individual users to be able to enable any of several other other custom filtering rules having nothing to do with spamassassin. I don't want users to have to go in more than once place, especially more than one login to achieve this. In other words, I'm looking at a set of simple checkboxes for this purpose, not a general-purpose rule-entry paradigm. I'm sure there will be many others besides me that will want this, sooner or later. >> Looking forward to having this feature rolled into 5.4. > Me too. And we have time over here to work on it. That's great. I can possibly help test. I would serve well as a "dummy" tester, as long as things are not too rough. -Kurt
Re: [vchkpw] Spamassin configuration
on 2/28/05 5:02 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > on 2/28/05 7:06 AM, Ken Jones <[EMAIL PROTECTED]> wrote: > >> We are almost ready to release a new php web interface that talks to the >> vpopmail daemon where we planned on adding support for this spamassassin >> stuff. > > You mention "vpopmail daemon". The only vpopmail daemon I have running is > vchkpw, used with qmail-pop3d. What I should have said was that my ps listing shows nothing that I recognize as a vpopmail daemon. I didn't think vdelivermail was a daemon, but that may be my ignorance of what a daemon is. So you could clarify "vpopmail daemon"? And can someone confirm that SA with per-user preferences means that if I configure SA to interact with qmail-smtpd that this can result in SMTP rejections based on individual user prefs? And is there some redundancy in thie smtpd-time access to vpopmail information between this and chkuser that might be a performance concern? Thanks, Kurt
Re: [vchkpw] Spamassin configuration
on 3/3/05 8:54 AM, Nick Harring <[EMAIL PROTECTED]> wrote: >>> Simscan isn't replacing qmail-smtpd, so this isn't strictly an smtp >>> limitation. Perhaps I'm just not getting it, but why wouldn't the >>> following work: >>> Email comes in for users A, B and C. A and B have an SA threshold of > 5, >>> C has a threshold of 9. The message scores at 7. Delete A and B from > the >>> recipient list when queueing the message, and tell qmail-smtpd to > accept >>> the message since at least one recipient will be receiving the > message. >>> Since the other two users consider it spam, they don't really care > what >>> the remote side thinks. Other scenarios are just as easy to work > through >>> in a way that'd work. >> >> that would require queueing multiple messages from the same SMTP >> conversation. >> >> what happens if on the 49th recipient of a 50 recipient message, the >> queueing >> fails? Your 'solution' is ugly, and simply will not work. >> > No, it wouldn't require this. It would require that you edit the > recipient list prior to queueing. There's nothing 'ugly' that I can see > about that process. If I'm understanding you, I see one real problem with your suggestion. Tom said it clearly: on 3/2/05 4:12 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > One of the benefits of simscan is that it rejects the spam. So, if a > legitimate message gets tagged as spam for some reason, the sender will > get the rejection notice and know that it wasn't received. If I understand your suggestion, a legitimate sender in your example scenario gets no notification that users A and B did not receive the message. -Kurt
Re: [vchkpw] Spamassin configuration
on 3/3/05 12:03 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 3, 2005, at 8:54 AM, Nick Harring wrote: >> No, it wouldn't require this. It would require that you edit the >> recipient list prior to queueing. There's nothing 'ugly' that I can see >> about that process. > > I think Nick's method would work for those who want to block anything > that scores as spam but not modify message headers. > > For others, like myself, who want to block at 10+ but tag as spam > anything with 5+, it will not work. In my case, each user would need > their own, custom copy of the email with the headers (and possible > rewritten message) based on their personal scoring configuration. > > I kind of like my original idea though, but would want to collect some > stats before implementing it. My idea is pretty simple -- for > non-relay hosts, after the first RCPT TO is accepted, reply to all > additional RCPT TO requests with a 4xx result. > > How many messages come into a server for multiple recipients in the > same domain? Practically all spam coming to my server comes to multiple recipients. For non-spam messages this is much less frequent. > I guess if someone was mailing multiple people at the > same company, it would happen. But with most mailing lists using > custom bounce messages for each recipient, they wouldn't be affected. > > How about the spammers who email 100's of random usernames in a domain, > hoping to hit valid addresses? The 4xx response would at least slow > them down (and even stop them if their spam programs don't retry 4xx > responses). > > The biggest downside I can see is if someone sends a large email (say > with a file attached) to multiple people in one domain, then sending > server will have to push it through multiple times. Here is another possibility that comes to mind as a "transparent" solution. I don't know whether the scanner can be configured to work this way: Scan the incoming message based on each of the multiple recipients' settings. If *all* users agree to reject, then reject it at the SMTP level. In any other case mark the mail with a provisional spam status header line which indicates that scanning must be deferred until delivery time. Messages without the provisional status line are not scanned at delivery time. -Kurt
Re: [vchkpw] vhostadmin
on 3/13/05 10:18 AM, YaP <[EMAIL PROTECTED]> wrote: > I saw this new package on the website but i can't find vpopmaild daemon, > there's just the file in the cvs. Is cvs the only way to obtain it? > > Thanks in advance This was covered in the recent thread "vhostadmin development release". The following message answers your question (but you probably want to look through the archives for other useful information): on 3/8/05 12:38 PM, Ken Jones <[EMAIL PROTECTED]> wrote: > On Tuesday 08 March 2005 1:57 pm, Dave Goodrich wrote: >> Ken Jones wrote: > >> >> Someone not familiar with LAMP might follow the install doc and stop there, >> >> http://myserver.com/include/global.incopens the cookie jar. >> >> Where does one find the vpopmail daemon? I downloaded a fresh copy of >> 5.4.9 and the 5.5.0-devel and didn't see it. Checked in the contrib dir >> also. > > Here is a link to a working vpopmaild tar ball untill we get the > current devel release working. > > http://www.inter7.com/vhostadmin/vpopmail-5.5.3.tar.gz -Kurt
[vchkpw] safe dot-qmail editing under vpopmail
The qmail documentation (man pages) seem to be centered around the assumption that users have local unix login accounts, suggesting for example the use of chmod +t $HOME to allow safe editing of .qmail files. For vpopmail use, its not clear to me what directory I am supposed to chmod +t in order to make it safe for me to edit .qmail files by hand. My best guess is that for $HOME I should substitute: the directory containing the .qmail file in question and a single empirical test seems to confirm this. Is this correct as a general rule? Thanks, Kurt Bigler
[vchkpw] local delivery reentrancy issues?
I'm intending to do some custom filtering via .qmail | command lines, and I'm wondering whether I need to worry about reentrancy issues. I don't remember people talking about this in discussions of spam filtering for example, but I want to make sure I'm not missing something. The qmail doc says: > qmail-lspawn invokes qmail-local asynchronously, so the > results may not be in the same order as the commands. and this might seem to have the implication that commands in .qmail files might end up being executed in parallel. I would wish this was not so, and that I could execute commands freely in various .qmail files without having to worry about using locks. Is there any kind of implicit protection against such issues? Thanks. I realize this is more of a qmail question than a vpopmail question, but I'd appreciate any responses. -Kurt Bigler
Re: [vchkpw] local delivery reentrancy issues?
on 3/28/05 5:53 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 28, 2005, at 4:26 PM, Kurt Bigler wrote: >> The qmail doc says: >>> qmail-lspawn invokes qmail-local asynchronously, so the >>> results may not be in the same order as the commands. >> >> and this might seem to have the implication that commands in .qmail >> files >> might end up being executed in parallel. I would wish this was not >> so, and >> that I could execute commands freely in various .qmail files without >> having >> to worry about using locks. > > The programs in a .qmail file will run in order, one at a time. It has > to work this way, since any program can exit in a way to prevent > further execution of the .qmail file. > > I think the qmail-lspawn doc is saying that messages might be processed > out of order (I send you messages A, B and C, and qmail-local procceses > them as B, C, then A). It also implies that your scripts could be > processing multiple messages simultaneously, so if you use temp files, > be sure to generate unique names. Ah, that's what I was concerned about. Temp files aren't the issue, but rather shared files that are updated as side-effects of the messages going through. Darn! Thanks, Kurt
[vchkpw] delivery loop prevention inconsistency
qmail + vpopmail 5.3.12 + qmailadmin 1.0.6 With the following pop accounts already set up: [EMAIL PROTECTED] [EMAIL PROTECTED] I used QmailAdmin to create the following aliases in the domain breathsense.com: kurt => kurt, test test => test Since QmailAdmin does not permit creating a pop account with the same name as an existing alias, I'm not sure whether doing the reverse like this is well-advised, even though QmailAdmin permits it. Any opinions? Perhaps a newer version of vpopmail or QmailAdmin even prevents this. In any case I've found this very useful for testing some filtering in the test account, by providing it a stream of real mail from the kurt account (via the kurt => test alias). The "test" alias provides the .qmail-test file in which I can hack in the mail filtering scheme that I am testing. In the course of doing this I discovered a problem caused by qmail's loop-prevention rule. Quoting from the qmail-local man page: > If exactly the same Delivered-To: [EMAIL PROTECTED] already appears in the > header, > qmail-local bounces the message, to prevent mail forwarding loops. The problem is that if I resend a message from [EMAIL PROTECTED] to the same account (an occasionally useful thing to do) it bounces due to the looping rule: > Hi. This is the qmail-send program at vps.breathsense.com. > I'm afraid I wasn't able to deliver your message to the following addresses. > This is a permanent error; I've given up. Sorry it didn't work out. > > <[EMAIL PROTECTED]>: > This message is looping: it already has my Delivered-To line. (#5.4.6) > > --- Below this line is a copy of the message. > > Return-Path: <[EMAIL PROTECTED]> > Received: (qmail 23011 invoked from network); 31 Mar 2005 07:41:30 - > Received: from unknown (HELO ?192.168.1.67?) (24.5.192.77) > by vps.breathsense.com with SMTP; 31 Mar 2005 07:41:30 - > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 94328 invoked from network); 30 Mar 2005 23:30:44 - > Received: from unknown (HELO cnmat.berkeley.edu) (128.32.122.12) > by vps.breathsense.com with SMTP; 30 Mar 2005 23:30:44 - On the other hand I can do the same thing all day using the [EMAIL PROTECTED] account, as the double-stacked "Delivered-To: [EMAIL PROTECTED]" here confirms: > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 23869 invoked from network); 31 Mar 2005 07:52:10 - > Received: from unknown (HELO ?192.168.1.67?) (24.5.192.77) > by vps.breathsense.com with SMTP; 31 Mar 2005 07:52:10 - > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: (qmail 23818 invoked from network); 31 Mar 2005 07:51:25 - > Received: from unknown (HELO ?192.168.1.67?) (24.5.192.77) > by vps.breathsense.com with SMTP; 31 Mar 2005 07:51:25 - This suggests that the looping rule in the man page is described incompletely. It seems obvious that the difference between the behavior for kurt and for kkb has to do with the alias structure I created. I assume it depends in some specific way on how the message hits what kind of dot-qmail files. Does anyone understand this? The reason I care so much is that I am creating a spam filter that is end-user-trainable via pop access, and the training interface depends on being able to resend-to-self. Meanwhile enabling the filter for account blah will probably depend on having a .qmail-blah file in order to run the filter, and I want to know now if I am in big trouble here because blah resend to blah will be rejected due to the looping rule. Thanks for any help. -Kurt Bigler
[vchkpw] how to do simple vpopmail delivery with filtering
This is a vpopmail/qmailadmin question but I thought the emphasis was more on vpopmail, so I'm asking here. The qmailadmin INSTALL file has this to say about mail filtering: > *MODIFY SPAM: If you want spam detection available to the end-user: > --enable-modify-spam=Y > (default spam command is > "|preline /usr/local/bin/maildrop /etc/mailfilter" > If you wnat something else, use > --enable-spam-command="|spamcommand" > NOTE: This command must deliver the mail) Particularly the last line is of interest. Apparently maildrop and procmail satisfy the requirement of delivering the mail, and apparently these are the two options that most everyone uses. However they both provide a lot of functionality I have no use for so I'd like to avoid using them. I do not need any kind of sorting of mail inter multiple directories, for example. All I need is to satisfy that requirement that the command must deliver the mail. I want it delivered exactly as vdelivermail would have delivered it, but I want to pipe it through my filter on the way out. I have been able to prototype my filtering functionality in a .qmail-user file in one of my domain directories as follows: | myfilter | /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox I have been testing this for several days and this approach is working fine. However, it is a hack (and doesn't play well with qmailadmin), and what I really want to do is to be able to use something like this in the user/.qmail file instead: | preline myfilter | simple_vpopmail_final_delivery Or if simple_vpopmail_final_delivery already does the prelining, then even better: | myfilter | simple_vpopmail_final_delivery My assumption is that what I am calling simple_vpopmail_final_delivery is in fact the last stage of what vdelivermail does, and if so I'm wondering if there is any architectural reason why this piece of functionality could not be made available as a separate command, perhaps even as vdelivermail with another command-line option to suppress prelinining and other functionality associated with the user/.qmail file. In the mean time, what is the best (simplest, most reliable) way to achieve this simplistic delivery functionality? Thanks in advance. -Kurt Bigler
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/5/05 6:28 AM, Kyle Wheeler <[EMAIL PROTECTED]> wrote: > On Tuesday, April 5 at 01:24 AM, quoth Kurt Bigler: >> >> I have been able to prototype my filtering functionality in a .qmail-user >> file in one of my domain directories as follows: >> >> | myfilter | /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox >> >> I have been testing this for several days and this approach is working fine. > > Yes, however, this approach will not work as the QmailAdmin > spam-command. It will create a loop (i.e. vdelivermail sends it to your > filter, which pipes it to vdelivermail, which sends it to...). Right, that's why I can't use this .qmail-user approach in the user/.qmail file. > What you *want* is this: > > | preline yourfilter | maildir $vpophome/$domain/$user/Maildir/ > > (maildir is from the safecat package) > > However, vpopmail steadfastly refuses to set up the environment for it's > .qmail processing in a convenient way (or even a qmail-compatible way), > so what you can do is approximate it like this (all on one line): > > | preline yourfilter | maildir /path/to/vpopdomains/`echo $USER | tr A-Z > a-z`/`echo $EXT | tr A-Z a-z`/Maildir/ Thanks, that's great. >> My assumption is that what I am calling simple_vpopmail_final_delivery >> is in fact the last stage of what vdelivermail does, and if so I'm >> wondering if there is any architectural reason why this piece of >> functionality could not be made available as a separate command, >> perhaps even as vdelivermail with another command-line option to >> suppress prelinining and other functionality associated with the >> user/.qmail file. > > It would HAVE to ignore the .qmail file, Yes, that's exactly what I was suggesting. > otherwise you passing mail to > it from within the .qmail file would create a loop. That, or to prevent > people from destroying their own mail servers, it would have to have > it's own loop detection. To be clear what I was saying, it appears vdelivermail has several stages of processing. It looks like vdelivermail gets you into the user directory, applies the .qmail file stuff, and then does the simple delivery I was referring to. I was suggesting that this last phase of what vdelivermail does could be isolated into a separate command, or else the earlier vdelivermail phases could be suppressed via a command-line option. There is already an option to suppress prelining, I think (which you don't want to do twice, either). >> In the mean time, what is the best (simplest, most reliable) way to >> achieve >> this simplistic delivery functionality? > > I think "maildir" (or "safecat") is what you want to use. If you think > the environment manipulation is a bit much, I agree, but them's the > breaks, at the moment. Ok, but that's not too bad. It just bugs me to have to install yet another package, just to do what vpopmail already knows how to do. But thanks, that's what I needed to know! But I have a question to the vpopmail developers: If I were to implement this, as a option to vdelivermail, say: -d Deliver only. Do not preline and skip all .qmail processing would you find this to be something worth integrating? I'm not sure that I'd have time now, but it seems worth asking the question. -Kurt
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/6/05 6:04 AM, Kyle Wheeler <[EMAIL PROTECTED]> wrote:
> On Wednesday, April 6 at 02:50 AM, quoth danielcm:
>>
>> I don't think it needs to be that complicated, all I have is:
>> | preline yourfilter | /usr/local/bin/maildir.sh ./Maildir/
>>
>> My maildir.sh file is:
>> exec /usr/bin/safecat "$1"/tmp "$1"/new
>>
>> works for me since the .qmail file is in the users home directory.
>
> Really? When I check out the environment from one of those .qmail files
> (e.g. by creating a qmail file containing:
>
> | printenv > /tmp/env
>
> That file contains the line:
>
> PWD=/var/lib/vpopmail/domains/memoryhole.net
I had confirmed the behavior he was indicating by doing something like:
| (pwd; env) > /tmp/info
in the user/.qmail file and it confirmed that indeed the working directory
was set to the user directory, the one containing the ".qmail" file being
executed by vdelivermail.
The env output for me did not include any PWD variable. I wonder who sets
the PWD variable on your system, and whether it can be relied on to match
what chdir sets. Maybe this depends on which *nix you are using.
> Indicating that if I directed it to ./Maildir/ it would deliver to
> /var/lib/vpopmail/domains/memoryhole.net/Maildir/ which of course
> doesn't exist.
>
> Just because the .qmail file is in the user's home directory doesn't
> mean it's PWD is the user's home directory.
Yes, "home directory" is not at all pertinent here, not for virtual domains.
> If vpopmail actually does
> deliver to /var/lib/vpopmail/domains/memoryhole.net/user/Maildir/ when I
> put ./Maildir/ into my user's .qmail file, then it's behaving
> incorrectly. The environment SHOULD be set identically to if the virtual
> user was a real user and qmail was doing the delivery.
The .qmail-whatever files in the domain directory are different. For them
pwd shows the domain directory as the working directory. But for the .qmail
file inside the user directory, vdelivermail is taking care of it, and the
vdelivermail.c code reveals that a chdir is done prior to reading the .qmail
file. In fact it is opened simply via
fs = fopen(".qmail","r")
The current directory in effect before opening the .qmail file appears to
remain in effect while the file is processed.
-Kurt
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/5/05 5:41 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote:
> on 4/5/05 6:28 AM, Kyle Wheeler <[EMAIL PROTECTED]> wrote:
>
>> | preline yourfilter | maildir /path/to/vpopdomains/`echo $USER | tr A-Z
>> a-z`/`echo $EXT | tr A-Z a-z`/Maildir/
>
> Thanks, that's great.
>
>>> In the mean time, what is the best (simplest, most reliable) way to
>>> achieve this simplistic delivery functionality?
>>
>> I think "maildir" (or "safecat") is what you want to use. If you think
>> the environment manipulation is a bit much, I agree, but them's the
>> breaks, at the moment.
>
> Ok, but that's not too bad. It just bugs me to have to install yet another
> package, just to do what vpopmail already knows how to do.
>
> But thanks, that's what I needed to know!
>
> But I have a question to the vpopmail developers:
>
> If I were to implement this, as a option to vdelivermail, say:
>
> -d Deliver only. Do not preline and skip all .qmail processing
>
> would you find this to be something worth integrating? I'm not sure that
> I'd have time now, but it seems worth asking the question.
I actually implemented this in my copy of vdelivermail.c. It was actually
easier than I thought, and there were fewer issues, apparently, although I'm
not intimately familiar enough to know that I haven't missed something.
Here's what I did:
I tentatively reclaimed the unused there-for-compatibility command-line
argument 1. If that argument equals '-d', intended to mean "Deliver Only"
(but could also mean Disable .qmail processing), then processing proceeds as
if the .qmail file did not exist, which I guess is just what Kyle Wheeler
was suggesting. That appears to be all there is do it.
This change allows you do basic filtering in your .qmail files without
needing any of:
procmail
maildrop
maildir/safecat
In my book this is a very good thing. It not only avoids the need for
dependencies on extra packages, but offers all the advantages that
vdelivermail already provides, including quota checking. As README.quotas
says:
> NOTE: Non-system domain quotas are only enforcable when vdelivermail is the
> local delivery agent. If you pipe your mail into anything else, like
> maildrop, then the non-system domain quota will be ignored.
So with this change, you can now have the following line in your user/.qmail
file:
| myfilter | vdelivermail -d bounce-no-mailbox
and it will not result in infinite vdelivermail recursion. And so you can
have a pure-vpopmail solution for your QmailAdmin-enabled Spam Detection
option.
Here are the changes to vdelivermail.c in vpopmail-5.4.10 needed to
implement this:
==
--- vdelivermail.orig.c Wed Apr 6 05:07:36 2005
+++ vdelivermail.c Wed Apr 6 05:15:06 2005
@@ -52,6 +52,7 @@
struct vqpasswd *vpw;
off_t message_size = 0;
char bounce[AUTH_SIZE];
+char option[AUTH_SIZE];/*kkb*/
int CurrentQuotaSizeFd;
#ifdef QMAIL_EXT
@@ -177,6 +178,11 @@
vexit(111);
}
+ /*kkb begin*/
+ /* get the obsolete/option argument */
+strncpy(option, argv[1], sizeof(option));
+ /*kkb end*/
+
/* get the last parameter in the .qmail-default file */
strncpy(bounce, argv[2], sizeof(bounce));
@@ -733,6 +739,14 @@
int deliver_err;
chdir(dir);
+
+ /*kkb begin*/
+if ( strcmp(option, "-d") == 0 ) {
+
+/* feature disabled, so just return */
+return(-1);
+ }
+ /*kkb end*/
/* format the file name */
if ( (fs = fopen(".qmail","r")) == NULL ) {
==
It was probably eaiser for me to do that than it would have been to download
and make procmail, maildrop, or safecat!
If there's not something wrong with this that I'm missing, I'd love to see
this (or something similar) get integrated into vpopmail.
-Kurt
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/6/05 10:41 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > So with this change, you can now have the following line in your user/.qmail > file: > > | myfilter | vdelivermail -d bounce-no-mailbox Well, not quite. You have to wrap this in a simple command, e.g. | mywrapper where mywrapper contains: #!/bin/sh myfilter | vdelivermail -d bounce-no-mailbox -Kurt
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/6/05 11:30 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > on 4/6/05 10:41 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > >> So with this change, you can now have the following line in your user/.qmail >> file: >> >> | myfilter | vdelivermail -d bounce-no-mailbox > > Well, not quite. You have to wrap this in a simple command, e.g. > > | mywrapper > > where mywrapper contains: > > #!/bin/sh > myfilter | vdelivermail -d bounce-no-mailbox Never mind. I guess what I originally wrote was correct. Sorry. -Kurt
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/8/05 9:31 AM, James Whitt <[EMAIL PROTECTED]> wrote: > Thanks for this, I was in middle of implementing something like this > when I read the post and realized it would work. It did raise a > question for me though. If I'm using the valias with mysql, how > would I enable those accounts to be check for viruses since > vdelivermail would need to be called to have it forward it according > to the mysql table? I've never used valias, and I can't speak to that feature, but I'm kind of assuming the following logic applies regardless. So bear with this... > I can't use a .qmail- file that sends it > to the script which then sends it to vdelivermail for the reason you > had mentioned. Hmm. Well Tom says its not good to do that (to call vdelivermail anywhere besides in .qmail-default), but prior to hearing him say that, I was calling vdelivermail from .qmail- files all over the place. This is how I prototyped my filtering awaiting a better way to do it. I saw it as problematic because QmailAdmin didn't know what to do with it, mainly, but also because it would have bo be done per-alias and thus doesn't guarantee consistent behavior for a particular user destination. But it strikes me that if a .qmail- file contains for example exactly the same thing as .qmail-default, this would not hurt system behavior at all. Qmail looks for a .qmail- file first and if it finds one it does not look at .qmail-default. So there is no issue of .qmail-default recursion in that case. The recursion problem only comes up in the ".qmail" files (which are really vpopmail files, not seen by QMail) inside user directories. These files are called *from* vdelivermail. In any case if you can put your filter hook inside the user directory in the file called ".qmail" you get a much cleaner solution which remains compatible with whatever aliases you use elsewhere to point to that user, and does not require any filtering at the alias level. I'd think that would be true whether you use .qmail-alias or valias, because both mechanisms work at a level that occurs prior to what happens inside the user directory. > On Apr 7, 2005 12:41 AM, Kurt Bigler <[EMAIL PROTECTED]> wrote: >>> If I were to implement this, as a option to vdelivermail, say: >>> -d Deliver only. Do not preline and skip all .qmail processing >>> would you find this to be something worth integrating? I'm not sure that >>> I'd have time now, but it seems worth asking the question. >> >> I actually implemented this in my copy of vdelivermail.c. It was actually >> easier than I thought, and there were fewer issues, apparently, although I'm >> not intimately familiar enough to know that I haven't missed something. >> >> Here's what I did: >> I tentatively reclaimed the unused there-for-compatibility command-line >> argument 1. If that argument equals '-d', intended to mean "Deliver Only" >> (but could also mean Disable .qmail processing), then processing proceeds as >> if the .qmail file did not exist, which I guess is just what Kyle Wheeler >> was suggesting. That appears to be all there is do it. >> >> This change allows you do basic filtering in your .qmail files without >> needing any of: >> procmail >> maildrop >> maildir/safecat >> >> In my book this is a very good thing. It not only avoids the need for >> dependencies on extra packages, but offers all the advantages that >> vdelivermail already provides, including quota checking. As README.quotas >> says: >>> NOTE: Non-system domain quotas are only enforcable when vdelivermail is the >>> local delivery agent. If you pipe your mail into anything else, like >>> maildrop, then the non-system domain quota will be ignored. >> So with this change, you can now have the following line in your user/.qmail >> file: >> >> | myfilter | vdelivermail -d bounce-no-mailbox >> >> and it will not result in infinite vdelivermail recursion. And so you can >> have a pure-vpopmail solution for your QmailAdmin-enabled Spam Detection >> option.
Re: [vchkpw] how to do simple vpopmail delivery with filtering
on 4/8/05 10:38 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Apr 8, 2005, at 6:31 PM, Kurt Bigler wrote: >> But it strikes me that if a .qmail- file contains for example >> exactly >> the same thing as .qmail-default, this would not hurt system behavior >> at >> all. Qmail looks for a .qmail- file first and if it finds one >> it >> does not look at .qmail-default. So there is no issue of >> .qmail-default >> recursion in that case. The recursion problem only comes up in the >> ".qmail" >> files (which are really vpopmail files, not seen by QMail) inside user >> directories. These files are called *from* vdelivermail. > > This is true. > > I only mention it, because in the past there have been people who > thought that > > vdelivermail '' /home/vpopmail/domain.com/user/Maildir > > Would simply deliver the message to that Maildir. It will only do that > if the message doesn't match any valid user. > > If I can get vdelivermail to set the environment variables properly, > you guys should be able to use the safecat (or maildir?) programs in > your .qmail files. > > Are safecat and/or maildir quota-aware? I don't know. But have you looked at my vdelivermail.c patch? Don't you think it would be cool to have this functionality available without requiring another package? There's a bunch of features in vdelivermail.c and as it develops further no one is really keeping track of what they might lose by going with an outside-of-vpopmail solution. This makes me want to stick inside the vpopmail code, which I trust. It also guarantees uniformity of treatment for my filtered and unfiltered mail delivery. You can't beat the simplicity of it. -Kurt
[vchkpw] courier-authlib best practices for use with vchkpw auth
I installed courier-authlib because sqwebmail now requires it. This is a pure vchkpw auth situation. The courier-authlib install provides these two options for its ./configure --with-mailuser=userid, --with-mailgroup=groupid I decided to omit these options because of the following statement in the courier-authlib INSTALL file: > "userid" is a reserved system username, "groupid" is a reserved system > groupname. These two options should be used before installing Courier for the > first time. These options are not required before installing Courier-IMAP or > SqWebMail. This works fine for sqwebmail login, but password changing via sqwebmail is failing as per this maillog entry: sqwebmaild: authdaemon: s_connect() failed: Permission denied However, using either sqwebpasswd or authtest from the command line (as root) allows passwords to be changed successfully. So it seems clear that permissions is the only problem. Searching the sqwebmail archives for the above maillog error reveals this advice from Sam: > Presuming that you"re using the latest versions of all packages: verify the > ownership and the permissions of the sqwebpasswd wrapper. It should have > the setgid bit set, and owned by whatever userid and groupid was assigned to > courier-authlib. My sqwebpasswd seems to meet this requirement as these two directory listings show: -rwxr-sr-x 1 root wheel3752 Apr 11 20:23 sqwebpasswd -rwxr-xr-x 1 root wheel 51860 Apr 11 00:29 authdaemond* assuming authdaemond's ownership is a correct reference for the "userid and groupid was assigned to courier-authlib". But I was a little surprised to see the root/wheel ownership, and this also contradicts what the courier-authlib INSTALL file says will happen if the above two options are not set and there is no previous Courier install: > The userid is the first userid from the following list which exists in the > system: courier, daemon, adm, bin, root; and the groupid is the first groupid > from the following list which exists in the system: courier, daemon, adm, > sys, root because I do have daemon both as a user-id and a group-id on my system. (That is apparently a bug in courier-authlib configure process and I will report it on an appropriate list.) However, this made me wonder if there are any opinions here about "best practices" for courier-authlib ownership in a primarily-vpopmail situation. The possibility of using vpopmail/vchkpw comes to mind immediately, but maybe courier-authlib is a wrapper that makes this irrelevant, so that creating a "courier" user and group would be just as good. I'd also like to do things in a way that wouldn't get me in trouble if I later add Courier IMAP to my system. Thanks in advance for any suggestions, or even a solution to my password-changing problem. -Kurt configuration: vpopmail 5.4.10 courier-authlib-0.55.20050407 sqwebmail-5.0.1
Re: [vchkpw] courier-authlib best practices for use with vchkpw auth
on 4/11/05 11:23 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > password changing via sqwebmail is failing as per this maillog entry: > > sqwebmaild: authdaemon: s_connect() failed: Permission denied > > Searching the sqwebmail archives for the above maillog error reveals this > advice from Sam: > >> Presuming that you"re using the latest versions of all packages: verify the >> ownership and the permissions of the sqwebpasswd wrapper. It should have >> the setgid bit set, and owned by whatever userid and groupid was assigned to >> courier-authlib. > > My sqwebpasswd seems to meet this requirement as these two directory > listings show: > -rwxr-sr-x 1 root wheel3752 Apr 11 20:23 sqwebpasswd > -rwxr-xr-x 1 root wheel 51860 Apr 11 00:29 authdaemond* > assuming authdaemond's ownership is a correct reference for the "userid and > groupid was assigned to courier-authlib". > > But I was a little surprised to see the root/wheel ownership, and this also > contradicts what the courier-authlib INSTALL file says will happen if the > above two options are not set and there is no previous Courier install: >> The userid is the first userid from the following list which exists in the >> system: courier, daemon, adm, bin, root; and the groupid is the first >> groupid >> from the following list which exists in the system: courier, daemon, adm, >> sys, root > because I do have daemon both as a user-id and a group-id on my system. Apparently the authdaemond is irrelevant in determining the courier-authlib ownership. In fact the ownership was daemon/daemon exactly as specified by the INSTALL file, and changing the sqwebpasswd to be owned likewise resolved the problem of not being able to change passwords from sqwebmail. However, I'd still appreciate advice regarding a good choice for the user/group, as I was saying > However, this made me wonder if there are any opinions here about "best > practices" for courier-authlib ownership in a primarily-vpopmail situation. > The possibility of using vpopmail/vchkpw comes to mind immediately, but > maybe courier-authlib is a wrapper that makes this irrelevant, so that > creating a "courier" user and group would be just as good. > > I'd also like to do things in a way that wouldn't get me in trouble if I > later add Courier IMAP to my system. -Kurt
Re: [vchkpw] Upgrading from qmail to qmail+vpopmail.
on 4/12/05 11:22 AM, Aran Clary Deltac <[EMAIL PROTECTED]> wrote: > I've been running a dedicated gentoo server for about a year now. All > e-mail has been handled by qmail and delivered to local user accounts. I > have the possibility of hosting a client that requires 10k+ e-mail > accounts. I really don't want to make system accoutns for each e-mail > account, so I found vpopmail. > > I just want to make sure I am not doing something dumb. Here's the > configure I am useing: (vpopmail 5.4.10) > > ./configure > --enable-roaming-users > --enable-auth-module=mysql > --enable-sql-logging > --enable-mysql-limits > --enable-valias > --enable-many-domains > --enable-domainquotas > > I enabled all these extra ones because most of them seemed like > interesting features that I _might_ want at some point. > > Running 'make' looks good. > > Now, I have no clue if running 'make install-strip' will blow up my > current production qmail. I'd like to install vpopmail and migrate my > settings to it without loosing mail in the process. Off-hand, I'd think that nothing will really change until you start the daemon processes that bring vpopmail into the picture. Do I understand that you have not had any virtual email domains until now? And that local users are currently having mail delivered to their home directories and do not require outside pop access? If so I think it might be an easy transition. I think the most difficult part would be to transition existing virtual domains. I think there are also options to transition your local users accounts to be under vpopmail control, but you might not be forced to do that immediately. Another trouble spot might be transitioning existing pop service. You will be using vchkpw for pop authorization. For example my ps listing for the pop service shows this command: > tcpserver -v -H -R -lvps.breathsense.com -c200 0 110 > /var/qmail/bin/qmail-popup vps.breathsense.com /var/vpopmail/bin/vchkpw > /var/qmail/bin/qmail-pop3d Maildir If you are already using qmail-popup on the same port you will be using for virtual domains, perhaps vchkpw also supports local account authorization support, via the "default domain" or whatever, but I don't know the ins and outs of this. Delivery to virtual domain Maildir's will be handled by vdelivermail, through the .qmail-default hook for each virtual domain. This shouldn't get in the way of existing functionality at all. The smtp side should work exactly like before, except you will be accepting mail for additional domains. The changes to qmail settings gets taken care of automatically when you create your virtual domains using vpopmail. Until you create the domain nothing happens. When it is created the qmail data structures are updated. Presumably existing qmail functionality is not damaged by this but if you have any doubts you can backup the appropriate qmail files before adding your first virtual domain. Support for roaming users is probably not something you need to act on immediately. But you will want to transition your smtp daemon. Again taken from my ps listing my smtp command looks like this: > tcpserver -v -H -R -lvps.breathsense.com -x /var/vpopmail/etc/tcp.smtp.cdb > -c200 -u1003 -g1001 0 25 fixcrio /var/qmail/bin/qmail-smtpd You need to make sure that /var/vpopmail/etc/tcp.smtp.cdb is set up correctly to allow your existing smtp connections to be accepted. There are comments around that clarify this. Then when you are ready you can get the roaming part working and that is not too difficult. You might want to look at using qmailadmin, which is quite a convenience. I use qmailadmin for most things, and use the command line only to create new domains using vadddomain. The rest of the vpopmail setup commands (e.g. adding users) are taken care of qmailadmin. That's all that comes to mind. I'm not an old-timer expert, so maybe some others can chime in, but probably that can get you started. -Kurt
Re: [vchkpw] Change default domain admin
on 4/15/05 11:55 AM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Apr 15, 2005, at 1:30 PM, Jeremy Kitchen wrote: >> RFC requires that you have postmaster and abuse addresses. >> >> http://rfc-ignorant.org/policy-postmaster.php >> http://rfc-ignorant.org/policy-abuse.php > > Should we make some updates to vadddomain to automatically create an > alias from abuse to postmaster? We could make that the default and > have an option to override it with a particular address... Please don't. Many of us chose to ignore certain RFC's for what we consider reasonable reasons. (For small domains with little exposure, every standard address that works is simply a spam trap. Each such spam trap address can individually generate mail volume that exceeds *real* usage for the entire domain by a considerable factor. I'm also thinking of removing webmaster from many small-time domains for this reason.) -Kurt
[vchkpw] Re: [qmailadmin] Spam filtering and forward revisited
Reviving a thread fromt the qmailadmin list a couple months back. Looks like this particular topic really belongs on the vchkpw list... on 7/19/05 10:34 PM, Kurt Bigler <[EMAIL PROTECTED]> wrote: > on 7/19/05 9:20 AM, Tom Collins <[EMAIL PROTECTED]> wrote: > >> An external delivery program could use >> vuserinfo to see which flags are set, and act accordingly. We could >> even modify vdelivermail to set environment variables with those names, >> in addition to setting all of the typical environment variables >> typically set by qmail-local. > > Yes, I'd love to see an environment variable. Tom mentioned (above) the possibility of modifying vdelivermail to make the 4 user flags available via environment variables. Is this something that has any possibility of becoming a current priority? I took a quick look at the 5.4.10 source to see if I could make any sense out of it, in case I can help with this. Please check the following to see if I'm on target in my thinking. It looks like vdelivermail currently does not do any manipulation of the enviornment, but just lets what qmail set up be passed on to the commands it invokes in its own .qmail files. It looks like the flag info is readily available via the pw_flags field of the vpw global. So I think it is just a matter of calling putenv based on the flag info from vpw. I'm guessing this should be done after the fork and prior to the execv in run_command. A protocol would need to be decided on regarding the use of environment variable(s) for this. Should anything besides the user flags be included in this? Should there be separate environment variables for each flag? Should each flag be detected by the presence of the variable, or by a 0/1 value? Or should a single environment variable be used for the entire pw_flags value? I don't know if I'll have time to work on this, but I'd like to get the thinking started in any case. Maybe Tom or someone has already thought through this. Thanks, Kurt Bigler
Re: [vchkpw] chkuser vpopmail and catch alls
on 9/13/05 12:51 AM, Jimmy <[EMAIL PROTECTED]> wrote: > Hello, > > Ken Jones wrote: >> Jimmy wrote: >> >>> Hello, >>> >>> I have several servers installed with vpopmail, chkuser and the >>> shupp.org toaster patches. Until now I have never had to setup a catch >>> all account for a customer. I have today had to setup a catch all and i >>> am unable to send emails to that domain. I am authenticating from a >>> MySQL databaes and the .qmail files are all ok. >>> >>> Is there a way to make it so that all email accounts are ok in the >>> valias table of the MySQL or in the vpopmail table? >>> >>> I am interested to know how to overcome this issue. >> >> >> What does your .qmail-default file look like after you >> setup the catchall? >> >> It should look something like (all on one line) >> | /home/vpopmail/bin/vdelivermail '' >> /home/vpopmail/domains/example.com/user > Here is my .qmail-default file. > > cat .qmail-default > | /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/domain.com/admin What do you mean by "unable to send emails to that domain"? You get bounce messages? Or messages just disappear? Or the messages are not there when you try to pop them? -Kurt Bigler
[vchkpw] nasty bug: vpopmail 5.4.10 vdeldomain on alias destroys original domain
[was: How do I list alias domains, and remove alias domains?] on 10/18/05 10:35 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Oct 18, 2005, at 6:45 PM, Jeff Salisbury wrote: >> FYI, I am using version 5.3.5 of the vpopmail tools... > > Try upgrading to something in the 5.4 series. vdeldomain in 5.4 will > correctly delete just the alias, and won't touch the real domain behind > it. Incorrect. Very nasty bug: I'm using vpopmail 5.4.10 and just did vdeldomain to delete an alias domain. It deleted the original domain and left the alias domain untouched (but useless). Lost everything in that domain, I guess, including all users emails. Fortunately there weren't many users on that domain, and possibly no mail since most users are forwarded elsewhere. -Kurt
Re: [vchkpw] nasty bug: vpopmail 5.4.10 vdeldomain on alias destroys original domain
on 3/23/06 9:40 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 23, 2006, at 7:09 PM, Kurt Bigler wrote: >> on 10/18/05 10:35 PM, Tom Collins <[EMAIL PROTECTED]> wrote: >>> On Oct 18, 2005, at 6:45 PM, Jeff Salisbury wrote: >>>> FYI, I am using version 5.3.5 of the vpopmail tools... >>> >>> Try upgrading to something in the 5.4 series. vdeldomain in 5.4 will >>> correctly delete just the alias, and won't touch the real domain >>> behind >>> it. >> >> Incorrect. Very nasty bug: >> >> I'm using vpopmail 5.4.10 and just did vdeldomain to delete an alias >> domain. >> It deleted the original domain and left the alias domain untouched (but >> useless). >> >> Lost everything in that domain, I guess, including all users emails. >> Fortunately there weren't many users on that domain, and possibly no >> mail >> since most users are forwarded elsewhere. > > Are you sure you were deleting the alias? I'm sure. I triple checked. I have a text file of the shell session. I've attached a contiguous unedited excerpt from the shell session. I left things in the state they were in after the delete, haven't recreated anything yet. If there's anything on my disk you want me to look for, let me know. Also, I can try to replicate it after recreating the domain. But I'd rather not upgrade right now if at all possible. > I deleted an alias domain > last week and it was fine. I just tried on a development server, and > it was fine as well. > > I think that Rick had been working on changed to vdeldomain where it > would warn you if you were deleting a domain that still had aliases, > but I'm not sure where that code is... Did you catch that I'm using 5.4.10? Since posting I noticed Jeremy Kister's post in the recent "delete" thread in which he said 5.4.10 is "broken". Thanks. -Kurt vps# cd domains vps# ls .dir-controlcarolroghair.com middendorfbreath.org breathalive.net greenmanalive.com middendorfbreathwork.com breathcenter.orgmiddendorfatem.com relevantlearning.com breathexperience.commiddendorfatem.org thenaturalbreath.com breathhost.net middendorfatemarbeit.comtwomarthas.com breathsense.com middendorfatemarbeit.org breathspan.com middendorfbreath.com vps# ll domains ls: domains: No such file or directory vps# ll total 13 -rw--- 1 vpopmail vchkpw34 Dec 18 21:09 .dir-control drwx-- 4 vpopmail vchkpw 512 Mar 15 21:17 breathalive.net drwx-- 3 vpopmail vchkpw 1024 Sep 25 18:28 breathcenter.org drwx-- 5 vpopmail vchkpw 1024 Mar 15 21:15 breathexperience.com drwx-- 5 vpopmail vchkpw 512 Nov 19 22:34 breathhost.net drwx-- 23 vpopmail vchkpw 1024 Mar 15 21:03 breathsense.com drwx-- 5 vpopmail vchkpw 512 Jun 30 2003 breathspan.com drwx-- 4 vpopmail vchkpw 512 Dec 15 2004 carolroghair.com drwx-- 4 vpopmail vchkpw 512 Apr 6 2005 greenmanalive.com lrwxr-xr-x 1 root vchkpw42 Oct 10 2001 middendorfatem.com -> /var/vpopmail/domains/middendorfbreath.com lrwxr-xr-x 1 root vchkpw40 Oct 10 2001 middendorfatem.org -> /var/vpopmail/domains/middendorfatem.com lrwxr-xr-x 1 root vchkpw40 Oct 10 2001 middendorfatemarbeit.com -> /var/vpopmail/domains/middendorfatem.com lrwxr-xr-x 1 root vchkpw46 Oct 10 2001 middendorfatemarbeit.org -> /var/vpopmail/domains/middendorfatemarbeit.com drwx-- 5 vpopmail vchkpw 512 May 17 2005 middendorfbreath.com lrwxr-xr-x 1 root vchkpw42 Oct 10 2001 middendorfbreath.org -> /var/vpopmail/domains/middendorfbreath.com lrwxr-xr-x 1 root vchkpw42 Sep 22 2001 middendorfbreathwork.com -> /var/vpopmail/domains/middendorfbreath.com drwx-- 3 vpopmail vchkpw 512 Jan 21 2003 relevantlearning.com drwx-- 3 vpopmail vchkpw 512 Sep 25 2001 thenaturalbreath.com drwx-- 4 vpopmail vchkpw 512 Dec 18 21:26 twomarthas.com vps# ll total 13 -rw--- 1 vpopmail vchkpw34 Dec 18 21:09 .dir-control drwx-- 4 vpopmail vchkpw 512 Mar 15 21:17 breathalive.net drwx-- 3 vpopmail vchkpw 1024 Sep 25 18:28 breathcenter.org drwx-- 5 vpopmail vchkpw 1024 Mar 15 21:15 breathexperience.com drwx-- 5 vpopmail vchkpw 512 Nov 19 22:34 breathhost.net drwx-- 23 vpopmail vchkpw 1024 Mar 15 21:03 breathsense.com drwx-- 5 vpopmail vchkpw 512 Jun 30 2003 breathspan.com drwx-- 4 vpopmail vchkpw 512 Dec 15 2004 carolroghair.com drwx-- 4 vpopmail vchkpw 512 Apr 6 2005 greenmanalive.com lrwxr-xr-x 1 root vchkpw42
Re: [vchkpw] nasty bug: vpopmail 5.4.10 vdeldomain on alias destroys original domain
on 3/27/06 11:45 AM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 24, 2006, at 4:01 PM, Kurt Bigler wrote: >> I'm sure. I triple checked. I have a text file of the shell session. >> I've >> attached a contiguous unedited excerpt from the shell session. > > I'm not familiar with how versions of vpopmail prior to the 5.4 series > handled alias domains, but the directory structure in the shell session > you posted doesn't match the way alias domains are handled now. > > When you run vdeldomain, it looks in /var/qmail/users/assign to find > the domain. If it's an alias (the first two columns don't match), it > just deletes the domain from the /var/qmail/control/* and > /var/qmail/users/assign files. It looks like for my old alias domains, the first two columns do match, but the pathname column doesn't: +middendorfbreath.org-:middendorfbreath.org:89:89:/var/vpopmail/domains/midd endorfbreath.com:-:: which is curious since there is no reference to the directory symlink. > If the old way of handling alias domains was to create unique entries > in users/assign and then use links to map the directories, I could see > how vdeldomain could end up deleting the underlying directory. I'll > make a note to look at vdeldomain and have it act differently if the > domain directory is a link to another directory. Yes, I created those alias domains long ago. I don't think there was any utility to run to do a conversion of domain aliases? I'm pretty sure I read the readme pretty carefully whenever I did an upgrade. Did I miss something? So what *should* I do now with all my old-style domain aliases? Do I have to mess with the qmail config files by hand? I'm happy to just delete the old domain aliases and recreate them the new way. Should I just: delete the lines from /var/qmail/users/assign remove the directory symlinks or if there something else in the qmail configuration that I need to change somewhere. I've really always depended on vpopmail to do these things so I don't know my way around qmail. Is there anyone who remembers enough about how things were done that many years back? Thanks. -Kurt
Re: [vchkpw] converting old-style domain aliases to the new style
on 3/27/06 1:36 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 27, 2006, at 12:51 PM, Kurt Bigler wrote: >> So what *should* I do now with all my old-style domain aliases? Do I >> have >> to mess with the qmail config files by hand? > > Edit the users/assign file as follows. Change lines like this: > >> +middendorfbreath.org-:middendorfbreath.org:89:89:/var/vpopmail/ >> domains/middendorfbreath.com:-:: > To: >> +middendorfbreath.org-:middendorfbreath.com:89:89:/var/vpopmail/ >> domains/middendorfbreath.com:-:: > > i.e., get the second entry to match the directory name (the "real" > domain for the alias). This assumes that domains/middendorfbreath.com > is the "real" directory that the various symlinks point to. > > Run /var/qmail/bin/qmail-newu to recreate the users/cdb file from > users/assign. > > Check the vpasswd files for the alias domains and see what they're > using for the Maildir paths. If they're using the "real" directory, > you can safely remove the symlinks in ~vpopmail/domains. Thanks a bunch. Looks like I've got everything conforming to the modern ways now. -Kurt
[vchkpw] vpopmail-to-vpopmail migration plan and questions
I'm migrating my vpopmail server to a new machine. The DNS zones fortunately do not have to be moved. My tentative plan for how to achieve the transition is as follows. (1) set up the new server with identical vpopmail domain/user structure (2) have the new server ready to receive SMTP for these domains, but with no MX pointing to it yet (3) set up the old server to route ALL outgoing SMTP through the new server At that point everything is basically set up for a transition, but nothing has really changed yet except how outgoing SMTP is being routed. (4) On the old server, delete all domains currently delivered locally there, but still accept incoming messages for those domains. (Also retain maildirs and contents for later copying. So I can't just vdeldomain.) The idea is that incoming messages still go through the old server, but as soon as the local domains are gone they get passed on to the new server with all other outgoing SMTP. (5) Copy all residual POP directory contents left on the old server to the new server. (6) Re-point the MX to the new server. Actually this is probably just an A record change since the MX hostname will remain the same. (7) Update all other relevant A records that end-users have entered into their MUA configurations. I'm not sure of a couple things in the above plan. (a) Basically how do I achieve step (4) above? Do I manually empty the assign file and/or virtualdomains files since I need to retain the POP directories and so can't use vdeldomain? (b) On the new server, is there any advantage (or necessity) to accepting delivery for the domains but deferring the actual local delivery until the old POP contents are copied over first? Thanks for any thoughts. -Kurt Bigler
Re: [vchkpw] vpopmail-to-vpopmail migration plan and questions
My uplevel talked me into using an even simpler approach (more like yours), making my original question partly moot. The two servers (freebsd jail vps's actually) are binary-compatible so we just rsync'd the entire server (vps). We will do a final rsync for the real transition after doing some testing first. However your step 5 concerns me. I'm assuming in the scenario I just described that your step 5 isn't necessary, and please correct me if I'm wrong. The uid/gid's should be identical, and I confirmed that vpopmail gets 89:89 on both servers. Qmailadmin seems to think the domains and users were transferred ok. Pop and smtp access seems to work. My originally described approach was intended to be more "conservative" and even permit me to migrate one domain at a time in a leisurely and careful way, and would avoid shutting down qmail until the entire transition is complete. From a message on the toaster list I gleaned that I would need to hand-empty the virtualdomains file on the old server to implement my original step 5. Thanks for your detailed info, which confirmed my uplevel's suggested strategy, and which I'll file for future use, and is a good piece for the archives. -Kurt on 8/13/06 9:31 PM, Austin Jorden <[EMAIL PROTECTED]> wrote: > I've worked with your exact setup before nearly. > > The best thing you can do is.. > > 1) Do nothing on your old vpopmail machine yet. > 2) Install vpopmail on your new machine > 3) DO-NOT create your domains or anything on your new machine yet. > 4) Use Rsync through SSH to copy your vpopmail directory from your old > server to your new one. I know the exact command if you want it. should > be /home/vpopmail > 5) Create your domains on your new machine, you'll get a warning "Domain > already exists" however it will create anyways and all of your users will > be automatically created, and your domains will get the correct UID and > GID's. > 6) When you're sure it'll work for you (which I'm 99.9% positive it > will), simply use rsync to recopy your old vpopmail directory to your new > one on the new server. RSync will only copy the new files, so it doesn't > recopy anything, therefore you don't have any missed e-mails. > 7) Repoint your DNS and you have a complete transfer. > > on your old machine, > do this.. > > rsync -av -e ssh /home/vpopmail 0.0.0.0:/home > > Replace the 0's with the destination IP address, it'll prompt you for the > new servers root password, enter it in and it'll build file list and > transfer everything over. > > You may get some warnings and/or errors from rsync saying "Some files > could not be transfered" that's because some files your trying to > transfer are currently being used, etc. To stop that, simply cutoff the > connections and then transfer (possible right before you transfer > everything to make the new server active) > > If you have any questions, let me know. > > - Austin Jorden > > On Sun, August 13, 2006 8:35 pm, Kurt Bigler wrote: >> I'm migrating my vpopmail server to a new machine. The DNS zones >> fortunately do not have to be moved. >> >> My tentative plan for how to achieve the transition is as follows. >> >> (1) set up the new server with identical vpopmail domain/user structure >> (2) have the new server ready to receive SMTP for these domains, but with >> no >> MX pointing to it yet >> (3) set up the old server to route ALL outgoing SMTP through the new >> server >> >> At that point everything is basically set up for a transition, but nothing >> has really changed yet except how outgoing SMTP is being routed. >> >> (4) On the old server, delete all domains currently delivered locally >> there, >> but still accept incoming messages for those domains. (Also retain >> maildirs >> and contents for later copying. So I can't just vdeldomain.) The idea is >> that incoming messages still go through the old server, but as soon as the >> local domains are gone they get passed on to the new server with all other >> outgoing SMTP. >> (5) Copy all residual POP directory contents left on the old server to the >> new server. >> >> (6) Re-point the MX to the new server. Actually this is probably just an >> A >> record change since the MX hostname will remain the same. >> (7) Update all other relevant A records that end-users have entered into >> their MUA configurations. >> >> >> I'm not sure of a couple things in the above plan. >> >> >> (a) Basically how do I achieve step (4) above? Do I manually empty the >> assign file and/or virtualdomains files since I need to retain the POP >> directories and so can't use vdeldomain? >> >> (b) On the new server, is there any advantage (or necessity) to accepting >> delivery for the domains but deferring the actual local delivery until the >> old POP contents are copied over first? >> >> >> Thanks for any thoughts. >> >> -Kurt Bigler >> >> >> >> > > >
