Re: [vchkpw] Re: Problem with qmail-scanner
At 06/02/04 18:38 (), Peter Palmreuther wrote: Hello Devendra, On Friday, February 6, 2004 at 11:34:34 AM you wrote (at least in part): [QMAILUEUE & RELAYCLIENT] > In my Case I am using smtp-auth patch from > http://www.fehcom.de/qmail/smtpauth.html Don't know which version you're using, as I don't know when this site first listed 0.4.2. If you're using 0.31 it does not set RELAYCLIENT for authenticated users, 0.4.2 should do set it. > and it is calling spamassassin for the authenticated users sending > out mails. Perhaps the RELAYCLIENT is not set for authenticated > users. Quite easy to check: 'strings /var/qmail/bin/qmail-smtpd |less' and search for 'RELAYCLIENT='. -- Best regards Peter Palmreuther How do you tell when you run out of invisible ink? Dear Peter, Thanks for the clue. I tried searching the string 'RELAYCLIENT=' into /var/qmail/bin/qmail-smtpd. I was able to find a 'RELAYCLIENT' but not "RELAYCLIENT=". I was using the Spamcontrol patch spamcontrol-209_tgz.bin instead of the latest spamcontrol-225_tgz.bin. I think this should solve the issue. I would try it out ASAP. Thanks. Devendra Singh
Re: [vchkpw] Re: Problem with qmail-scanner
At 16:04 06.02.04 +0530, Devendra Singh wrote: >At 03/02/04 22:20 (), Peter Palmreuther wrote: > >>Hello Andrea, >> >>On Tuesday, February 3, 2004 at 4:06:55 PM you wrote (at least in >>part): >> >> >> An easier solution should be to add the following to your >> >> qmail-smtpd/run file: >> >> >> >> export QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" >> >> >> >> And then restart qmail-smtpd. >> >>First: Make the above 'QMAILQUEUE="..."', without the underscore. >> >> > In this case, I apply the qmail-scanner-queue for the emails from LAN or >> > loopback (127.). I wouldn't, better I could not would that. >> >>Insert >> >>127.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-queue" >>129.168.1.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-queue" >> >>to your 'tcp.smtp' file that is merged with 'open-smtp' >>(the 127. should already be there, so simply modify it). >> >>Ain't that hard, isn't it? >> >> > Mine patch works only with open-smtp connections, not at all. >> >>What what are most of your connections? >>"foreigners from out there" and "open-smtp" users? And don't you want >>exactly their mails to be run through qmail-scanner? >>So create a few rules for "the exceptions" (connections from 127. and >>LAN) and "hit" the rest by a 'export QMAILQUEUE' DEFAULT. >> >> > Why is better the qmail-smtpd/run change? >> >>The "I patch vpopmail as little as necessary to achieve something I can >>do without patching". Simply because it is easily preserved across >>vpopmail updates, while the other one requires repatching every time a >>new vpopmail is released (and requires the original author to adjust >>the patch maybe every time a new version is released). >>-- >>Best regards >>Peter Palmreuther >> >>This message is already too long - no tagline pleas > >In my Case I am using smtp-auth patch from >http://www.fehcom.de/qmail/smtpauth.html and it is calling spamassassin for >the authenticated users sending out mails. Perhaps the RELAYCLIENT is not >set for authenticated users. No. In case of valid SMTP Authentication, the $RELAYCLIENT environment variable is set (but empty). See man qmail-smtpd (at the end). >Is anyone has clues to stop passing the control to spamc in case of >authenticated users. I am using: > >QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" export QMAILQUEUE > >in /var/qmail/supervise/qmail-smtpd/run script. regards. --eh. Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/ Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24
Re: [vchkpw] Re: Problem with qmail-scanner
At 03/02/04 22:20 (), Peter Palmreuther wrote: Hello Andrea, On Tuesday, February 3, 2004 at 4:06:55 PM you wrote (at least in part): >> An easier solution should be to add the following to your >> qmail-smtpd/run file: >> >> export QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" >> >> And then restart qmail-smtpd. First: Make the above 'QMAILQUEUE="..."', without the underscore. > In this case, I apply the qmail-scanner-queue for the emails from LAN or > loopback (127.). I wouldn't, better I could not would that. Insert 127.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-queue" 129.168.1.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-queue" to your 'tcp.smtp' file that is merged with 'open-smtp' (the 127. should already be there, so simply modify it). Ain't that hard, isn't it? > Mine patch works only with open-smtp connections, not at all. What what are most of your connections? "foreigners from out there" and "open-smtp" users? And don't you want exactly their mails to be run through qmail-scanner? So create a few rules for "the exceptions" (connections from 127. and LAN) and "hit" the rest by a 'export QMAILQUEUE' DEFAULT. > Why is better the qmail-smtpd/run change? The "I patch vpopmail as little as necessary to achieve something I can do without patching". Simply because it is easily preserved across vpopmail updates, while the other one requires repatching every time a new vpopmail is released (and requires the original author to adjust the patch maybe every time a new version is released). -- Best regards Peter Palmreuther This message is already too long - no tagline pleas In my Case I am using smtp-auth patch from http://www.fehcom.de/qmail/smtpauth.html and it is calling spamassassin for the authenticated users sending out mails. Perhaps the RELAYCLIENT is not set for authenticated users. Is anyone has clues to stop passing the control to spamc in case of authenticated users. I am using: QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" export QMAILQUEUE in /var/qmail/supervise/qmail-smtpd/run script. Devendra Singh
Re: [vchkpw] Re: Problem with qmail-scanner
On Feb 3, 2004, at 8:06 AM, Andrea Riela wrote: In this case, I apply the qmail-scanner-queue for the emails from LAN or loopback (127.). I wouldn't, better I could not would that. Mine patch works only with open-smtp connections, not at all. Why is better the qmail-smtpd/run change? The qmail-smtpd/run change results in all email going through qmail-scanner-queue. Roaming users (pop before SMTP) will have RELAYCLIENT set by the opensmtp file, and qmail-scanner will skip the SpamAssassin scanning and only scan for viruses. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [vchkpw] Re: Problem with qmail-scanner
- Original Message - From: "Trey Nolen" <[EMAIL PROTECTED]> > > > > > An easier solution should be to add the following to your > > qmail-smtpd/run file: > > > > export QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" > > > > And then restart qmail-smtpd. > > While this is easier, it doesn't allow you to realize the full functionality > of qmail-scanner. By passing the variables with tcpserver, you can > configure qmail-scanner not to check any messages that come from localhost, > for instance. We also don't check anything coming from our local LAN for > spam (only for viruses) and check everything else for both. You can't do > that with the method above. You can still achieve what you want to do, you just need to do it in reverse. ie. in the smtp run file set QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" and then for tcp.smtp entries that you dont want scanned, set QMAIL_QUEUE="/var/qmail/bin/qmail-queue" Michael.
Re: [vchkpw] Re: Problem with qmail-scanner
> > > This can be done by a '127.:allow,QMAILQUEUE=".../qmail-queue",...' > rule in .cdb file. That way all messages from localhost are not > inspected by qmail-scanner. But what's your problem with this? > This is what we do. Tcpserver reads the .cdb file. The method mentioned earlier just exported a variable. > You can. And before you try to argue qmail-scanner will not scan for > anything when only RELAYCLIENT is set by a .cdb file rule: it WILL > parse the message through virus scanner! Set 'RELAYCLIENT' only > prevents qmail-scanner from passing message through spamassassin! > Please inspect qmail-scanner sources if you don't trus me. I trust you, because this is exactly what I was talking about. Again, tcpserver uses the .cdb file rule. Just exporting QMAILQUEUE will not allow you this flexibility. Trey Nolen
Re: [vchkpw] Re: Problem with qmail-scanner
> > An easier solution should be to add the following to your > qmail-smtpd/run file: > > export QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" > > And then restart qmail-smtpd. While this is easier, it doesn't allow you to realize the full functionality of qmail-scanner. By passing the variables with tcpserver, you can configure qmail-scanner not to check any messages that come from localhost, for instance. We also don't check anything coming from our local LAN for spam (only for viruses) and check everything else for both. You can't do that with the method above. Trey Nolen
RE: [vchkpw] Re: Problem with qmail-scanner
Tom Collins wrote: > An easier solution should be to add the following to your > qmail-smtpd/run file: > > export QMAIL_QUEUE="/var/qmail/bin/qmail-scanner-queue" > > And then restart qmail-smtpd. In this case, I apply the qmail-scanner-queue for the emails from LAN or loopback (127.). I wouldn't, better I could not would that. Mine patch works only with open-smtp connections, not at all. Why is better the qmail-smtpd/run change? Thanks for your suggestions Andrea
