Re: [vchkpw] which files truly determine relay into a qmail server
Q: ONLY the content of the 'rcpthosts' and 'morercpthosts' (and any special cases in tcp.smtp) defines which domains' incoming mail will be accepted by SMTPd. True or False? FALSE: The contents of rcpthosts and morercpthosts define which domains mail is accepted by SMTP for [that part is right] however this is ONLY IF RELAYCLIENT is not set. If relayclient is set, either by smtp authentication patch,, via the tcp.smtp file, or the environment of tcpserver, this file is completely ignored and everything is accepted. If your 'special cases in tcp.smtp' meant that, then my answer is true. Q: Domains that appear in 'locals' or 'virtualdomains' (for presumed delivery on the local box) but DO NOT appear in rcpthosts/morercpthosts/tcp.smtp (and have no smtphosts controls) CANNOT receive mail directly under normal circumstances. True or False? FALSE: rcpthosts/morercpthosts is a qmail-smtp file. locals/virtualdomains is for qmail-send. The sendmail program wrapper, qmail-inject, and qmail-queue, also allow mail into the queue (through local means) and will use these files to direct them mail once it is in the queue. If your server doesn't use sendmail wrapper/qmail-queue/qmail-inject [such as for cron, local web server, local users], and never uses forwards as described in the next sentence, then smtp is the only entry point. Another entry point is dot-qmail files and other settings that may forward mail once it is in the queue, injecting a new message. While qmail-smtp may not accept mail for the destination of a forward, a forward will re-enter the queue since it's not going through qmail-smtpd, and the virtualhosts and locals files will be used to direct the mail. In summary, domains that appear in local/virtualdomains but do not appear in rcpthosts/etc have a VERY high probability of being misconfigured - with a likely root cause of improper/incomplete deletion of a domain from the system. True or False? (speculative answer, I understand) FALSE: Assuming of course these weren't added manually, configuration settings for alias domains weren't lost in an upgrade or something weird like that, these domains are unlikely to cause many problems ... --- unless they are domains you actually send mail to --- ... That being the key. If hotmail.com is in the locals file, you won't be able to get mail to hotmail at all, as it will treat it as local. Remember, some things are added to rcpthosts depending on the value used in the config of qmail itself (the final command you run to set up the control files with qmail). If you added something strange there, or if it auto-detected something that could be incorrect or misconfigured, then you will likely have some extra things around. The best practice is to clean up the control files and /var/qmail/users/assign to reflect your configuration in any case. In general, I don't see why you're asking if it's a problem, rather than just fixing your control files anyway? -M
[vchkpw] which files truly determine relay into a qmail server
I've been asked to admin an old, jumbled install of qmail/vpopmail (many are local users, many are vpopmail users with .cdb). I'm having a brain cramp because the install has domains splattered all over the following files: /var/qmail/control: locals rctphosts morercpthosts virtualdomains My exercise is to identify ONLY those domains that the server will actually accept delivery for from the Internet so that we can start pruning away the domains that seems to be lingering with no customers/accounts/purpose/etc. My intention/belief was that ONLY 'rcpthosts' and 'morerctphosts' govern which domains the server will accept delivery/relay for from the outside. Thus, I felt that if I built a master list from these two files, any other domains I might find are automatically unused. However this install has a number of domains that are aliases in the 'locals' file to a single local account and the domains only seem to appear in 'locals'. Does 'locals' (or 'virtualdomains') in any way influence the relay decision to accept incoming mail? Or am I right that ONLY 'rcpthosts' and 'morercpthosts' define the permitted domains. Sorry for the long explanation, validation/help is much appreciated! Dave.
Re: [vchkpw] which files truly determine relay into a qmail server
locals: Domains that the server should deliver as local rather than sending off to other people. When you send mail to your own domain, it knows to not deliver it to the MX of that domain by its presence in the locals file rcpthosts / morercpthosts: Domains that the SMTP daemon should receive mail for (allow) without the presence of RELAYCLIENT as set in tcp.smtp or by SMTP authentication. Domains in here will always be accepted, and domains not in here will be rejected unless relaying is allowed. morercpthosts is just a continuation, with your most popular domains to be in rcpthosts, just for speed of lookup. In modern fast systems, it doesn't matter. virtualdomains: A list of the prepended strings by domains, allowing the system to prepend an identifier based on the domain in question. This converts [EMAIL PROTECTED] to [EMAIL PROTECTED] for later processing. smtproutes: A list of domains and their artificial MX server to send mail to. Domains in here should also be in rcpthosts, but not treated as local. Use this if you are delivering mail to another MX for select domains, or if you have a smarthost. For domains that your mail server will accept mail from the Internet, see `cat rcpthosts morercpthosts`. -M - Original Message From: Dave Richardson [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, January 18, 2007 10:39:27 AM Subject: [vchkpw] which files truly determine relay into a qmail server I've been asked to admin an old, jumbled install of qmail/vpopmail (many are local users, many are vpopmail users with .cdb). I'm having a brain cramp because the install has domains splattered all over the following files: /var/qmail/control: locals rctphosts morercpthosts virtualdomains My exercise is to identify ONLY those domains that the server will actually accept delivery for from the Internet so that we can start pruning away the domains that seems to be lingering with no customers/accounts/purpose/etc. My intention/belief was that ONLY 'rcpthosts' and 'morerctphosts' govern which domains the server will accept delivery/relay for from the outside. Thus, I felt that if I built a master list from these two files, any other domains I might find are automatically unused. However this install has a number of domains that are aliases in the 'locals' file to a single local account and the domains only seem to appear in 'locals'. Does 'locals' (or 'virtualdomains') in any way influence the relay decision to accept incoming mail? Or am I right that ONLY 'rcpthosts' and 'morercpthosts' define the permitted domains. Sorry for the long explanation, validation/help is much appreciated! Dave.
Re: [vchkpw] which files truly determine relay into a qmail server
Michael, let me ask a true/false question or two of you/the list based upon your response (which I REALLY appreciate!): Q: ONLY the content of the 'rcpthosts' and 'morercpthosts' (and any special cases in tcp.smtp) defines which domains' incoming mail will be accepted by SMTPd. True or False? Q: Domains that appear in 'locals' or 'virtualdomains' (for presumed delivery on the local box) but DO NOT appear in rcpthosts/morercpthosts/tcp.smtp (and have no smtphosts controls) CANNOT receive mail directly under normal circumstances. True or False? In summary, domains that appear in local/virtualdomains but do not appear in rcpthosts/etc have a VERY high probability of being misconfigured - with a likely root cause of improper/incomplete deletion of a domain from the system. True or False? (speculative answer, I understand) THANKS A TON! Dave. Michael Krieger wrote: locals: Domains that the server should deliver as local rather than sending off to other people. When you send mail to your own domain, it knows to not deliver it to the MX of that domain by its presence in the locals file rcpthosts / morercpthosts: Domains that the SMTP daemon should receive mail for (allow) without the presence of RELAYCLIENT as set in tcp.smtp or by SMTP authentication. Domains in here will always be accepted, and domains not in here will be rejected unless relaying is allowed. morercpthosts is just a continuation, with your most popular domains to be in rcpthosts, just for speed of lookup. In modern fast systems, it doesn't matter. virtualdomains: A list of the prepended strings by domains, allowing the system to prepend an identifier based on the domain in question. This converts [EMAIL PROTECTED] to [EMAIL PROTECTED] for later processing. smtproutes: A list of domains and their artificial MX server to send mail to. Domains in here should also be in rcpthosts, but not treated as local. Use this if you are delivering mail to another MX for select domains, or if you have a smarthost. For domains that your mail server will accept mail from the Internet, see `cat rcpthosts morercpthosts`. -M - Original Message From: Dave Richardson [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, January 18, 2007 10:39:27 AM Subject: [vchkpw] which files truly determine relay into a qmail server I've been asked to admin an old, jumbled install of qmail/vpopmail (many are local users, many are vpopmail users with .cdb). I'm having a brain cramp because the install has domains splattered all over the following files: /var/qmail/control: locals rctphosts morercpthosts virtualdomains My exercise is to identify ONLY those domains that the server will actually accept delivery for from the Internet so that we can start pruning away the domains that seems to be lingering with no customers/accounts/purpose/etc. My intention/belief was that ONLY 'rcpthosts' and 'morerctphosts' govern which domains the server will accept delivery/relay for from the outside. Thus, I felt that if I built a master list from these two files, any other domains I might find are automatically unused. However this install has a number of domains that are aliases in the 'locals' file to a single local account and the domains only seem to appear in 'locals'. Does 'locals' (or 'virtualdomains') in any way influence the relay decision to accept incoming mail? Or am I right that ONLY 'rcpthosts' and 'morercpthosts' define the permitted domains. Sorry for the long explanation, validation/help is much appreciated! Dave.