Re: [vchkpw] logging capabilities
shane and rick, thanks for your hints, will check it out soon. regards, stephan Quoting Rick Macdougall ri...@ummm-beer.com: d...@stean.ch wrote: hello rick, yes i have two points why i dont use bounce-no-mailbox. one is dictionary based spamming, meaning that if one tries out hard enough, he will, by scanning with lots of recipients, find out what valid user accounts exist on my server. the other one is the problem called backscatter, sending spam by bouncing back. although there seems to be a patch in the wild for the latter. however, if the patch you mention would deny the communication, instead of reject the email, i would certainly use it. The patch in question rejects at the smtp communication level. It does not cause backscatter. It's rejects the email with a 551 User unknown response. It does not stop the dictionary attack scenario but it can be set to reject any email address after a configurable bad recipient limit has been reached. I'd recommend at least taking a look at everything it can do. It can be found at http://www.interazioni.it/opensource/chkuser/ and is incorporated into many qmail/vpopmail toaster scripts. Regards, Rick !DSPAM:49f89c2532681044684452!
Re: [vchkpw] logging capabilities
d...@stean.ch wrote: hello there, i am using vpopmail 5.4.17 with cdb backend and i would like to know if there are some real logging capabilities for it. i have a rather big tool chain installed on the server around qmail and i need to have an overview of what happens with all the e-mails. this includes the path they took through that chain until they land inside the users maildir, or the reason and location they got rejected (spam,...). now, using for example vdelivermail with the option delete, qmail will log in either way that the delivery was successful, however, for the overall statistics i get a wrong result, because delete mail (wrong recipient) is not the same than a mail delivered to an existing account. as far as i know vdelivermail does not log anything? any plans for this ? You should really have the chkuser qmail patch installed and use bounce-no-mailbox instead of delete. Is there a reason why you are using delete rather than rejecting unknown users in the smtp conversation ? Regards, Rick !DSPAM:49f5b57f32684979047480!
Re: [vchkpw] logging capabilities
hello rick, yes i have two points why i dont use bounce-no-mailbox. one is dictionary based spamming, meaning that if one tries out hard enough, he will, by scanning with lots of recipients, find out what valid user accounts exist on my server. the other one is the problem called backscatter, sending spam by bouncing back. although there seems to be a patch in the wild for the latter. however, if the patch you mention would deny the communication, instead of reject the email, i would certainly use it. regards, stephan Quoting Rick Macdougall ri...@ummm-beer.com: d...@stean.ch wrote: hello there, i am using vpopmail 5.4.17 with cdb backend and i would like to know if there are some real logging capabilities for it. i have a rather big tool chain installed on the server around qmail and i need to have an overview of what happens with all the e-mails. this includes the path they took through that chain until they land inside the users maildir, or the reason and location they got rejected (spam,...). now, using for example vdelivermail with the option delete, qmail will log in either way that the delivery was successful, however, for the overall statistics i get a wrong result, because delete mail (wrong recipient) is not the same than a mail delivered to an existing account. as far as i know vdelivermail does not log anything? any plans for this ? You should really have the chkuser qmail patch installed and use bounce-no-mailbox instead of delete. Is there a reason why you are using delete rather than rejecting unknown users in the smtp conversation ? Regards, Rick !DSPAM:49f5c5c432681607416261!
Re: [vchkpw] logging capabilities
d...@stean.ch wrote: Backscatter exists only if you first accept the email and then later bounce it. By using bounce-no-mailbox, you tell the sending server during the smtp conversation that you are not going to accept email for that account as it does not exist, therefor you dont send backscatter, the other server however might. The chkusr patch is a very useful utility. You can configure how many invalid recipients to allow before ignoring the remaining smtp conversation. So if you set it to say 3, once the sending server gets 3 no such user hits, the rest of the addresses that are tried are ignored as being over threshold and circumventing the dictionary attack to a great extent. Deleting the spam, you are essentially saying that every single address to every single domain exists on your server. Shane hello rick, yes i have two points why i dont use bounce-no-mailbox. one is dictionary based spamming, meaning that if one tries out hard enough, he will, by scanning with lots of recipients, find out what valid user accounts exist on my server. the other one is the problem called backscatter, sending spam by bouncing back. although there seems to be a patch in the wild for the latter. however, if the patch you mention would deny the communication, instead of reject the email, i would certainly use it. regards, stephan Quoting Rick Macdougall ri...@ummm-beer.com: d...@stean.ch wrote: hello there, i am using vpopmail 5.4.17 with cdb backend and i would like to know if there are some real logging capabilities for it. i have a rather big tool chain installed on the server around qmail and i need to have an overview of what happens with all the e-mails. this includes the path they took through that chain until they land inside the users maildir, or the reason and location they got rejected (spam,...). now, using for example vdelivermail with the option delete, qmail will log in either way that the delivery was successful, however, for the overall statistics i get a wrong result, because delete mail (wrong recipient) is not the same than a mail delivered to an existing account. as far as i know vdelivermail does not log anything? any plans for this ? You should really have the chkuser qmail patch installed and use bounce-no-mailbox instead of delete. Is there a reason why you are using delete rather than rejecting unknown users in the smtp conversation ? Regards, Rick !DSPAM:49f5ccbf32682103613815!
Re: [vchkpw] logging capabilities
d...@stean.ch wrote: hello rick, yes i have two points why i dont use bounce-no-mailbox. one is dictionary based spamming, meaning that if one tries out hard enough, he will, by scanning with lots of recipients, find out what valid user accounts exist on my server. the other one is the problem called backscatter, sending spam by bouncing back. although there seems to be a patch in the wild for the latter. however, if the patch you mention would deny the communication, instead of reject the email, i would certainly use it. The patch in question rejects at the smtp communication level. It does not cause backscatter. It's rejects the email with a 551 User unknown response. It does not stop the dictionary attack scenario but it can be set to reject any email address after a configurable bad recipient limit has been reached. I'd recommend at least taking a look at everything it can do. It can be found at http://www.interazioni.it/opensource/chkuser/ and is incorporated into many qmail/vpopmail toaster scripts. Regards, Rick !DSPAM:49f532687681187851!
