[xmail] Question on suitability of XMail

2003-03-04 Thread Steven Peck 

Greetings,

I found Xmail a couple days ago and am currently poking through the =
Readme.
It looks like it will work for my requirements, but I figured I'd ask =
while
setting up my test server.

Current environments (2 separate sites actually, but similar enough) all
Windows (Linux not an option).

Multiple incoming email domain relayed through an SMTP server to =
internal
Exchange servers and acting as a Smart Host for outbound email from =
Exchange.
Message traffic varies from 7,000-50,000/day depending on the site.
On one site, the SMTP relay is Sendmail for NT (ick).  The other is NAI
Webshield SMTP (ick) =20

The RBL is a serious bonus (WebShield bites in that department) for the
sites.

While it appears that Xmail would work as a replacement for the above
products by using SMTPGW.TAB or SMTPFWD.TAB, I just wanted to make sure =
that
it could actually do the above before I spent to much time in testing
configurations.

Thanks,
-sp

ref:  Yes, I know about the vulnerability for Sendmail for NT (If I can =
proof
of concept on mine, then I can get the organization to standardize on =
the
other gateways.)
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

there were a few factors I think, I telnet'ed on the offending computer u=
sing=20
an account which I knew worked and got a sucessfull result, I reset the=20
particular user's password on the server, then deleted/added the account=20
again with a full username and making sure none of the SSL options were=20
checked and it all seemed to work - it was just a coincidence (because on=
 one=20
computer - the problem was "fixed" by OL XP) that led me to believe the=20
problem was with OL 2000, just stupid coincidences, sorry.

But, now my office is running using Oulook and xmail - with the users sto=
ring=20
their data on their personal computers as opposed to Microsoft Exchange. =
 I'm=20
not sure how many people here have had to deal with Exchange in their lif=
e -=20
but I found it to be a total pain in the arse - services stopped working =
with=20
generic error messages like "General NT Error" - then the database got=20
corrupted...  I found several increadibly usefull tools that can be used =
to=20
restore emails from an offline Exchange database (corrupt or not) -=20
unfortunatally they cost over 1.5 grand in Australian currency to buy.  A=
lso=20
- of course we can't upgrade the server because that would mean forking o=
ut=20
over 2 grand for NT Server 2000.  So instead of using the expensive a=
nd=20
pathetic MS Proxy and Email services - we now use iptables and xmail :D -=
=20
it's free and a damn sight more relyable (with real error messages when=20
somthing goes wrong which is a refreshing change).  And the best part - t=
he=20
users of the system are completally clueless ;)  .  So again, thanks.

Cheers,

Will.

On Wednesday 05 March 2003 11:45, you wrote:
> Don't keep us in suspense.  After such a long thread, I wan't to know w=
hat
> needed to be changed.
>
> Rob  :-)  
>
> __
> Censorship can't eliminate evil; it can only kill freedom.
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of William Denniss
> > Sent: Wednesday, 5 March 2003 12:26 PM
> > To: [EMAIL PROTECTED]
> > Subject: [xmail] Re: POP3 Authentication error for Outlook 2000
> >
> > On Wednesday 05 March 2003 10:40, you wrote:
> > > Are you sure it's an outlook issue and not just a general networkin=
g
> > > is=3D
> >
> > sue?
> >
> > > Can those machines telnet to the mail server over port 110 using th=
e
> > > sa=3D
> >
> > me
> >
> > > hostname as specified in the pop3 server settings of outlook?
> > >
> > > use these commands:
> > > TELNET hostname.com 110
> > > USER username
> > > PASS password
> > > STAT
> > > QUIT
> > >
> > > that should log you in to the pop server, then show you the numger =
of
> > > messages and total byte count for that user.
> > >
> > > -Seth
> >
> > It appears you were right using telnet to test, I managed to fix it u=
p -
> > =3D we=3D20
> > are all working fine now.
> >
> > Thanks Seth, Andrew and Davide for your help.
> >
> > Keep up the fine work on this program!
> >
> > Cheers,
> >
> > Will.
> > -

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread Rob Arends 

Don't keep us in suspense.  After such a long thread, I wan't to know what
needed to be changed.

Rob  :-)  

__
Censorship can't eliminate evil; it can only kill freedom.


> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of William Denniss
> Sent: Wednesday, 5 March 2003 12:26 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: POP3 Authentication error for Outlook 2000
>
>
>
> On Wednesday 05 March 2003 10:40, you wrote:
> > Are you sure it's an outlook issue and not just a general networking is=
> sue?
> >
> > Can those machines telnet to the mail server over port 110 using the sa=
> me
> > hostname as specified in the pop3 server settings of outlook?
> >
> > use these commands:
> > TELNET hostname.com 110
> > USER username
> > PASS password
> > STAT
> > QUIT
> >
> > that should log you in to the pop server, then show you the numger of
> > messages and total byte count for that user.
> >
> > -Seth
>
> It appears you were right using telnet to test, I managed to fix it up - =
> we=20
> are all working fine now.
>
> Thanks Seth, Andrew and Davide for your help.
>
> Keep up the fine work on this program!
>
> Cheers,
>
> Will.
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

On Wednesday 05 March 2003 10:40, you wrote:
> Are you sure it's an outlook issue and not just a general networking is=
sue?
>
> Can those machines telnet to the mail server over port 110 using the sa=
me
> hostname as specified in the pop3 server settings of outlook?
>
> use these commands:
> TELNET hostname.com 110
> USER username
> PASS password
> STAT
> QUIT
>
> that should log you in to the pop server, then show you the numger of
> messages and total byte count for that user.
>
> -Seth

It appears you were right using telnet to test, I managed to fix it up - =
we=20
are all working fine now.

Thanks Seth, Andrew and Davide for your help.

Keep up the fine work on this program!

Cheers,

Will.
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread Seth A. Munroe 

Are you sure it's an outlook issue and not just a general networking issue?

Can those machines telnet to the mail server over port 110 using the same
hostname as specified in the pop3 server settings of outlook?

use these commands:
TELNET hostname.com 110
USER username
PASS password
STAT
QUIT

that should log you in to the pop server, then show you the numger of
messages and total byte count for that user.

-Seth

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of William Denniss
Sent: Tuesday, March 04, 2003 4:26 PM
To: [EMAIL PROTECTED]
Subject: [xmail] Re: POP3 Authentication error for Outlook 2000



1) - I try both full email and just username, neither works.
   the username only works fine in OL XP and Kmail...

2) This check is not enabled.

3) I agree.  but alas you have to give the people what they want.. :(

The exact error message is: "There was a problem logging onto your
mail server. Your User Name or Password was rejected.  Server Responce:
'-ERR Invalid auth or access denied'.

I am assuming people have gotten OL 2000 to work with xmail before?

Thanks,

Will.

On Wednesday 05 March 2003 10:21, Davide Libenzi wrote:
> On Wed, 5 Mar 2003, William Denniss wrote:
> > But our problem is with POP authentication not SMTP - the latter is=3D=
20
> > working very well, would that matter?.
>
> Two things are possible here :
>
> 1) You are not using the full email address
>
> 2) You enabled the SSL check
>
> And, if you want :
>
> 3) Outlook *kind of suck*
>
>
>
> - Davide
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

1) - I try both full email and just username, neither works.
   the username only works fine in OL XP and Kmail...

2) This check is not enabled.

3) I agree.  but alas you have to give the people what they want.. :(

The exact error message is: "There was a problem logging onto your
mail server. Your User Name or Password was rejected.  Server Responce:
'-ERR Invalid auth or access denied'.

I am assuming people have gotten OL 2000 to work with xmail before?

Thanks,

Will.

On Wednesday 05 March 2003 10:21, Davide Libenzi wrote:
> On Wed, 5 Mar 2003, William Denniss wrote:
> > But our problem is with POP authentication not SMTP - the latter is=3D=
20
> > working very well, would that matter?.
>
> Two things are possible here :
>
> 1) You are not using the full email address
>
> 2) You enabled the SSL check
>
> And, if you want :
>
> 3) Outlook *kind of suck*
>
>
>
> - Davide
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

On Wednesday 05 March 2003 09:59, Andrew Joakimsen wrote:
> In server.tab do you have
>
> "EnableAuthSMTP-POP3""1"

yes

Will.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: Squid

2003-03-04 Thread Mircea Ciocan 

Lame self-reply after research: I'll be damned, squid it CAN proxy SMTP 
also, wow, no they can go aminaked.com AND send "buy herbal viagra" in 
the same time !!!

Mircea C.



Mircea Ciocan wrote:
>   Nope, you are listed as an open http proxy ( a thing that can be used 
> to view aminaked.com ) not as an open mail relay ( a thing that can used 
> to send "get herbal viagra and make $$$ fast"). Different kind of open.
> 
>   Mircea C.
> 
> 
> Andrew Joakimsen wrote:
> 
>>Squid can be used to proxy SMTP!!?? I was playing around with it the other
>>day and now my server is blacklisted somewhere
>>
>>http://njabl.org/cgi-bin/lookup.cgi?query=65.19.129.24
>>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: Squid

2003-03-04 Thread Andrew Joakimsen 

Well look @ that URL

65.19.129.24:hc:3128: HTTP request successeful (200)
65.19.129.24:hc:3128: << 220 rt.njabl.org ESMTP Sendmail 8.11.6/8.11.6; Fri,
28 Feb 2
65.19.129.24:hc:3128: << 003 13:30:29 -0500\r\n

ESMTP and an HTTP request? Why would that block email then?

-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
nombre de Mircea Ciocan
Enviado el: Tuesday, March 04, 2003 7:02 PM
Para: [EMAIL PROTECTED]
Asunto: [xmail] Re: Squid



Nope, you are listed as an open http proxy ( a thing that can be used
to view aminaked.com ) not as an open mail relay ( a thing that can used
to send "get herbal viagra and make $$$ fast"). Different kind of open.

Mircea C.


Andrew Joakimsen wrote:
> Squid can be used to proxy SMTP!!?? I was playing around with it the other
> day and now my server is blacklisted somewhere
>
> http://njabl.org/cgi-bin/lookup.cgi?query=65.19.129.24
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: Squid

2003-03-04 Thread Mircea Ciocan 

Nope, you are listed as an open http proxy ( a thing that can be used 
to view aminaked.com ) not as an open mail relay ( a thing that can used 
to send "get herbal viagra and make $$$ fast"). Different kind of open.

Mircea C.


Andrew Joakimsen wrote:
> Squid can be used to proxy SMTP!!?? I was playing around with it the other
> day and now my server is blacklisted somewhere
> 
> http://njabl.org/cgi-bin/lookup.cgi?query=65.19.129.24
> 

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread Andrew Joakimsen 

In server.tab do you have

"EnableAuthSMTP-POP3""1"

-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
nombre de William Denniss
Enviado el: Tuesday, March 04, 2003 6:56 PM
Para: [EMAIL PROTECTED]
Asunto: [xmail] Re: POP3 Authentication error for Outlook 2000



But our problem is with POP authentication not SMTP - the latter is=20
working very well, would that matter?.

Will.


On Wednesday 05 March 2003 09:40, Andrew Joakimsen wrote:
> The option you want to enable is on the 2nd tab of the account config "=
my
> outgoing server requires authenticaion" (something like that, I have th=
e
> Spanish version of Office 2000. The option is NOT secure password
> authentication. You need not click the options button next to this opti=
on,
> the default action is to use the same username and password as the POP3
> account.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

But our problem is with POP authentication not SMTP - the latter is=20
working very well, would that matter?.

Will.


On Wednesday 05 March 2003 09:40, Andrew Joakimsen wrote:
> The option you want to enable is on the 2nd tab of the account config "=
my
> outgoing server requires authenticaion" (something like that, I have th=
e
> Spanish version of Office 2000. The option is NOT secure password
> authentication. You need not click the options button next to this opti=
on,
> the default action is to use the same username and password as the POP3
> account.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

Yeah Steven, when I originally first "did up" the xmail server, I had not
cleared out the smtprelay.tab, but then I cleared it out, so chances are I
probably got into those list during that time.  I should be ok now, with
your guys' help.

Thanks!

Benny
- Original Message -
From: "Steven Peck" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:51 PM
Subject: [xmail] Re: open relay


>
>
>
> > -Original Message-
> > From: Davide Libenzi [mailto:[EMAIL PROTECTED]
> >=20
> > On Tue, 4 Mar 2003, Steven Peck wrote:
> >=20
> > >
> > > That IP Address is listed in two open relay databases.
> > > http://www.dnsstuff.com/tools/ip4r.ch?ip=3D24.94.213.208
> >=20
> > It does not look like that to me. The form result clean. And=20
> > even so, if
> > the guy did change the configuration lately, maps usually=20
> > takes time to
> > refresh. A time that might be infinite if you do not manually=20
> > trigger an
> > update.
> >=20
> It's entirely posible that they server is not an open relay, but the IP
> address is still (rightly or wrongly) listed in two databases.  Once he
> clears up the configuration issue, he can go through what ever process =
> he
> needs to to get off the lists.
>
> I couldn't get an SMTP header when I tried to do a manual relay test.  =
> The
> connection just timed out and closed.
>
> I meant to have more information in my first post but got distracted and =
> hit
> send accidently :/
>
> -sp
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Steven Peck 



> -Original Message-
> From: Davide Libenzi [mailto:[EMAIL PROTECTED]
>=20
> On Tue, 4 Mar 2003, Steven Peck wrote:
>=20
> >
> > That IP Address is listed in two open relay databases.
> > http://www.dnsstuff.com/tools/ip4r.ch?ip=3D24.94.213.208
>=20
> It does not look like that to me. The form result clean. And=20
> even so, if
> the guy did change the configuration lately, maps usually=20
> takes time to
> refresh. A time that might be infinite if you do not manually=20
> trigger an
> update.
>=20
It's entirely posible that they server is not an open relay, but the IP
address is still (rightly or wrongly) listed in two databases.  Once he
clears up the configuration issue, he can go through what ever process =
he
needs to to get off the lists.

I couldn't get an SMTP header when I tried to do a manual relay test.  =
The
connection just timed out and closed.

I meant to have more information in my first post but got distracted and =
hit
send accidently :/

-sp
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Squid

2003-03-04 Thread Andrew Joakimsen 

Squid can be used to proxy SMTP!!?? I was playing around with it the other
day and now my server is blacklisted somewhere

http://njabl.org/cgi-bin/lookup.cgi?query=65.19.129.24


-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

Alright thanks everyone for seeing my dumb mistakes :) And thanks for the
clarification on that Seth.

 I appreciate the help.

benny

- Original Message -
From: "Seth A. Munroe" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:38 PM
Subject: [xmail] Re: open relay


>
> Well what's really happening is this:
> when you have:
> "EnableAuthSMTP-POP3""1"
> then smtp opens for a brief period whenever the pop is logged into (i seem
> to remember .9 seconds being the default - 9 tenths of a second).
>
> when you have:
> "EnableAuthSMTP-POP3""0"
> smtp is never opened and must always be authenticated (unless the ip is in
> your smtprelay.tab file)
>
> -Seth
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Benny
> Sent: Tuesday, March 04, 2003 3:24 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: open relay
>
>
>
> You are right Seth,  and of course that makes sense.  But am I correct in
> having:
>
> "EnableAuthSMTP-POP3""0"
>
> or should it be
>
> "EnableAuthSMTP-POP3""1"
>
> because if it is set to 1, then my client doesn't have to authenticate,
but
> if at 0, then it does.  And I want it to do smtp-auth.
>
> benny
>
> - Original Message -
> From: "Seth A. Munroe" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 5:22 PM
> Subject: [xmail] Re: open relay
>
>
> >
> > When you perform the test, you have to tell the test email to send to an
> > email address that is NOT handled by the server you are testing.
> >
> > If you register at abuse.net, there is a check box i think to have them
> > generate an email address to use for the test. it will still send the
> > results to the address you specify.
> >
> > The reason the server looked like an open relay is that it accepted the
> test
> > mail, but it accepted the test mail because it was addressed to a domain
> > handled by the server.
> >
> > -Seth
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of Benny
> > Sent: Tuesday, March 04, 2003 3:11 PM
> > To: [EMAIL PROTECTED]
> > Subject: [xmail] Re: open relay
> >
> >
> >
> > Here is the email I get from the test site http://abuse.net
> >
>
> --
> --
> > -
> > This is a test of third-party mail relay, generated via the
> > Network Abuse Clearinghouse at http://www.abuse.net.
> >
> > Target host = thedaily.tv [24.94.213.208]
> > Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
> >
> > A well-configured mail server should NOT relay third-party email.
> > Otherwise, the server is subject to abuse by vandals and spammers,
> > and probable blacklisting by recipients of the unwanted third-party
> > e-mail.
> >
> > For information on how to secure a mail server against third-party
> > relay, visit http://www.mail-abuse.org/tsi/>.
>
> --
> --
> > --
> >
> > benny
> >
> > - Original Message -
> > From: "Davide Libenzi" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, March 04, 2003 5:10 PM
> > Subject: [xmail] Re: open relay
> >
> >
> > >
> > > On Tue, 4 Mar 2003, Benny wrote:
> > >
> > > > Ok,
> > > >
> > > > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > > > "0" in server.tab.  I set my mail client for smtp auth and
everything
> > > > works, and if I dont have smtp auth set it doesn't work(i get an
auth
> > > > error).  So in that aspect everything works, but how come when I do
an
> > > > open relay test, my server acts like an open relay and sends through
> the
> > > > email?  I have tried several online open relay tests and all seem to
> > > > show my server as open relay.
> > >
> > > If your hipotesis are true, I strongly doubt about it. Is your server
> > > public on the net ? Which test did you use ?
> > >
> > >
> > >
> > > - Davide
> > >
> > > -
> > > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > > the body of a message to [EMAIL PROTECTED]
> > > For general help: send the line "help" in the body of a message to
> > > [EMAIL PROTECTED]
> > >
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
> >
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a mess

[xmail] Re: open relay

2003-03-04 Thread Andrew Joakimsen 

0 is the correct setting. Notice how on the relay test it says:

>>> RCPT TO:<[EMAIL PROTECTED]>

The server should always accept messages for your domain! Relay meaning that
the server accepts messages that should arrive at a server other than your
own. The only case you want that to happen is if your users need to send
email via SMTP from your server, in which case they use their password

EnableAuthSMTP-POP3 means that if they checked mail with POP3 there is a
window of time where they can send messages (based on IP?) withouth having
to auth.

-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
nombre de Benny
Enviado el: Tuesday, March 04, 2003 6:24 PM
Para: [EMAIL PROTECTED]
Asunto: [xmail] Re: open relay



You are right Seth,  and of course that makes sense.  But am I correct in
having:

"EnableAuthSMTP-POP3""0"

or should it be

"EnableAuthSMTP-POP3""1"

because if it is set to 1, then my client doesn't have to authenticate, but
if at 0, then it does.  And I want it to do smtp-auth.

benny

- Original Message -
From: "Seth A. Munroe" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:22 PM
Subject: [xmail] Re: open relay


>
> When you perform the test, you have to tell the test email to send to an
> email address that is NOT handled by the server you are testing.
>
> If you register at abuse.net, there is a check box i think to have them
> generate an email address to use for the test. it will still send the
> results to the address you specify.
>
> The reason the server looked like an open relay is that it accepted the
test
> mail, but it accepted the test mail because it was addressed to a domain
> handled by the server.
>
> -Seth
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Benny
> Sent: Tuesday, March 04, 2003 3:11 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: open relay
>
>
>
> Here is the email I get from the test site http://abuse.net
>
> --
--
> -
> This is a test of third-party mail relay, generated via the
> Network Abuse Clearinghouse at http://www.abuse.net.
>
> Target host = thedaily.tv [24.94.213.208]
> Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
>
> A well-configured mail server should NOT relay third-party email.
> Otherwise, the server is subject to abuse by vandals and spammers,
> and probable blacklisting by recipients of the unwanted third-party
> e-mail.
>
> For information on how to secure a mail server against third-party
> relay, visit http://www.mail-abuse.org/tsi/>.
> --
--
> --
>
> benny
>
> - Original Message -
> From: "Davide Libenzi" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 5:10 PM
> Subject: [xmail] Re: open relay
>
>
> >
> > On Tue, 4 Mar 2003, Benny wrote:
> >
> > > Ok,
> > >
> > > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > > "0" in server.tab.  I set my mail client for smtp auth and everything
> > > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > > error).  So in that aspect everything works, but how come when I do an
> > > open relay test, my server acts like an open relay and sends through
the
> > > email?  I have tried several online open relay tests and all seem to
> > > show my server as open relay.
> >
> > If your hipotesis are true, I strongly doubt about it. Is your server
> > public on the net ? Which test did you use ?
> >
> >
> >
> > - Davide
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread Andrew Joakimsen 

The option you want to enable is on the 2nd tab of the account config "my
outgoing server requires authenticaion" (something like that, I have the
Spanish version of Office 2000. The option is NOT secure password
authentication. You need not click the options button next to this option,
the default action is to use the same username and password as the POP3
account.

-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
nombre de Seth A. Munroe
Enviado el: Tuesday, March 04, 2003 6:27 PM
Para: [EMAIL PROTECTED]
Asunto: [xmail] Re: POP3 Authentication error for Outlook 2000



Try unchecking the option to "login using Secure Password Authentication".

I believe OL XP supports APOP, but OL 2000 does not.

If that doesn't help, try specifying the full email address for the user
name: [EMAIL PROTECTED]

I don't see why that one would be different between 2000 and XP, so I think
it's probably the SPA setting.

-Seth

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of William Denniss
Sent: Tuesday, March 04, 2003 3:19 PM
To: [EMAIL PROTECTED]
Subject: [xmail] POP3 Authentication error for Outlook 2000



Hi,

I have just recentally installed XMail on our office linux box, and it is=
=20
doing it's job nicly (as an SMPT server, inhouse emails, and connecting t=
o=20
our offsite internet server using POP syncronisation).  However for some=20
reason Outlook 2000 clients are unable to connect - the error returned is=
 a=20
password authentication one.  It works perfectally with Outlook XP - but =
alas=20
we have some '95 computers here which can't run Outlook XP.  Is this a=20
general problem? is there some fix?

Thanks for the software though, so far it has been very impressive.

Cheers,

Will.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

Thanks Seth for your suggestions, unfortunatally it still fails with that=
=20
option is unchecked and when using the full email address.

It is bizzare - but on one computer I setup the account in OL 2000 - then=
=20
upgraded it to OL XP and setup the account again.  The account setup in O=
L XP=20
worked fine - but the one previously setup in OL 2000 then exported to OL=
 XP=20
automatically still didn't work !?!  Outlook Express also fails (I am=20
assuming it uses the same mail checking as OL 2000)

I have had luck in other non-MS mail readers such as KMail which I use - =
but=20
alas of course they want their Outlook.  For the record there are about 8=
=20
inboxes setup on the network, and we previously used MS Exhcange server w=
hich=20
I found to be very unrelyable so we are switching from that.

Cheers,

Will.

On Wednesday 05 March 2003 09:27, you wrote:
> Try unchecking the option to "login using Secure Password Authenticatio=
n".
>
> I believe OL XP supports APOP, but OL 2000 does not.
>
> If that doesn't help, try specifying the full email address for the use=
r
> name: [EMAIL PROTECTED]
>
> I don't see why that one would be different between 2000 and XP, so I t=
hink
> it's probably the SPA setting.
>
> -Seth
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of William Denniss
> Sent: Tuesday, March 04, 2003 3:19 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] POP3 Authentication error for Outlook 2000
>
>
>
> Hi,
>
> I have just recentally installed XMail on our office linux box, and it =
is=3D
> =3D20
> doing it's job nicly (as an SMPT server, inhouse emails, and connecting=
 t=3D
> o=3D20
> our offsite internet server using POP syncronisation).  However for som=
e=3D20
> reason Outlook 2000 clients are unable to connect - the error returned =
is=3D
>  a=3D20
> password authentication one.  It works perfectally with Outlook XP - bu=
t =3D
> alas=3D20
> we have some '95 computers here which can't run Outlook XP.  Is this a=3D=
20
> general problem? is there some fix?
>
> Thanks for the software though, so far it has been very impressive.
>
> Cheers,
>
> Will.
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Seth A. Munroe 

Well what's really happening is this:
when you have:
"EnableAuthSMTP-POP3""1"
then smtp opens for a brief period whenever the pop is logged into (i seem
to remember .9 seconds being the default - 9 tenths of a second).

when you have:
"EnableAuthSMTP-POP3""0"
smtp is never opened and must always be authenticated (unless the ip is in
your smtprelay.tab file)

-Seth

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Benny
Sent: Tuesday, March 04, 2003 3:24 PM
To: [EMAIL PROTECTED]
Subject: [xmail] Re: open relay



You are right Seth,  and of course that makes sense.  But am I correct in
having:

"EnableAuthSMTP-POP3""0"

or should it be

"EnableAuthSMTP-POP3""1"

because if it is set to 1, then my client doesn't have to authenticate, but
if at 0, then it does.  And I want it to do smtp-auth.

benny

- Original Message -
From: "Seth A. Munroe" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:22 PM
Subject: [xmail] Re: open relay


>
> When you perform the test, you have to tell the test email to send to an
> email address that is NOT handled by the server you are testing.
>
> If you register at abuse.net, there is a check box i think to have them
> generate an email address to use for the test. it will still send the
> results to the address you specify.
>
> The reason the server looked like an open relay is that it accepted the
test
> mail, but it accepted the test mail because it was addressed to a domain
> handled by the server.
>
> -Seth
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Benny
> Sent: Tuesday, March 04, 2003 3:11 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: open relay
>
>
>
> Here is the email I get from the test site http://abuse.net
>
> --
--
> -
> This is a test of third-party mail relay, generated via the
> Network Abuse Clearinghouse at http://www.abuse.net.
>
> Target host = thedaily.tv [24.94.213.208]
> Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
>
> A well-configured mail server should NOT relay third-party email.
> Otherwise, the server is subject to abuse by vandals and spammers,
> and probable blacklisting by recipients of the unwanted third-party
> e-mail.
>
> For information on how to secure a mail server against third-party
> relay, visit http://www.mail-abuse.org/tsi/>.
> --
--
> --
>
> benny
>
> - Original Message -
> From: "Davide Libenzi" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 5:10 PM
> Subject: [xmail] Re: open relay
>
>
> >
> > On Tue, 4 Mar 2003, Benny wrote:
> >
> > > Ok,
> > >
> > > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > > "0" in server.tab.  I set my mail client for smtp auth and everything
> > > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > > error).  So in that aspect everything works, but how come when I do an
> > > open relay test, my server acts like an open relay and sends through
the
> > > email?  I have tried several online open relay tests and all seem to
> > > show my server as open relay.
> >
> > If your hipotesis are true, I strongly doubt about it. Is your server
> > public on the net ? Which test did you use ?
> >
> >
> >
> > - Davide
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

You are right Seth,  and of course that makes sense.  But am I correct in
having:

"EnableAuthSMTP-POP3""0"

or should it be

"EnableAuthSMTP-POP3""1"

because if it is set to 1, then my client doesn't have to authenticate, but
if at 0, then it does.  And I want it to do smtp-auth.

benny

- Original Message -
From: "Seth A. Munroe" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:22 PM
Subject: [xmail] Re: open relay


>
> When you perform the test, you have to tell the test email to send to an
> email address that is NOT handled by the server you are testing.
>
> If you register at abuse.net, there is a check box i think to have them
> generate an email address to use for the test. it will still send the
> results to the address you specify.
>
> The reason the server looked like an open relay is that it accepted the
test
> mail, but it accepted the test mail because it was addressed to a domain
> handled by the server.
>
> -Seth
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Benny
> Sent: Tuesday, March 04, 2003 3:11 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: open relay
>
>
>
> Here is the email I get from the test site http://abuse.net
>
> --
--
> -
> This is a test of third-party mail relay, generated via the
> Network Abuse Clearinghouse at http://www.abuse.net.
>
> Target host = thedaily.tv [24.94.213.208]
> Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
>
> A well-configured mail server should NOT relay third-party email.
> Otherwise, the server is subject to abuse by vandals and spammers,
> and probable blacklisting by recipients of the unwanted third-party
> e-mail.
>
> For information on how to secure a mail server against third-party
> relay, visit http://www.mail-abuse.org/tsi/>.
> --
--
> --
>
> benny
>
> - Original Message -
> From: "Davide Libenzi" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 5:10 PM
> Subject: [xmail] Re: open relay
>
>
> >
> > On Tue, 4 Mar 2003, Benny wrote:
> >
> > > Ok,
> > >
> > > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > > "0" in server.tab.  I set my mail client for smtp auth and everything
> > > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > > error).  So in that aspect everything works, but how come when I do an
> > > open relay test, my server acts like an open relay and sends through
the
> > > email?  I have tried several online open relay tests and all seem to
> > > show my server as open relay.
> >
> > If your hipotesis are true, I strongly doubt about it. Is your server
> > public on the net ? Which test did you use ?
> >
> >
> >
> > - Davide
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: POP3 Authentication error for Outlook 2000

2003-03-04 Thread Seth A. Munroe 

Try unchecking the option to "login using Secure Password Authentication".

I believe OL XP supports APOP, but OL 2000 does not.

If that doesn't help, try specifying the full email address for the user
name: [EMAIL PROTECTED]

I don't see why that one would be different between 2000 and XP, so I think
it's probably the SPA setting.

-Seth

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of William Denniss
Sent: Tuesday, March 04, 2003 3:19 PM
To: [EMAIL PROTECTED]
Subject: [xmail] POP3 Authentication error for Outlook 2000



Hi,

I have just recentally installed XMail on our office linux box, and it is=
=20
doing it's job nicly (as an SMPT server, inhouse emails, and connecting t=
o=20
our offsite internet server using POP syncronisation).  However for some=20
reason Outlook 2000 clients are unable to connect - the error returned is=
 a=20
password authentication one.  It works perfectally with Outlook XP - but =
alas=20
we have some '95 computers here which can't run Outlook XP.  Is this a=20
general problem? is there some fix?

Thanks for the software though, so far it has been very impressive.

Cheers,

Will.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

No, the email is a result of the test below from http://abuse.net.
---
Mail relay testing
Mail relay testing
Connecting to thedaily.tv for registered user test ...
<<< 220 <[EMAIL PROTECTED]> [XMail 1.12 (Linux/Ix86) ESMTP
Server]
service ready; Tue, 04 Mar 2003 17:13:00 -0600
>>> HELO www.abuse.net
<<< 250 thedaily.tv


Relay test 1
>>> RSET
<<< 250 OK
>>> MAIL FROM:<[EMAIL PROTECTED]>
<<< 250 OK
>>> RCPT TO:<[EMAIL PROTECTED]>
<<< 250 OK
>>> DATA
<<< 354 Start mail input; end with .
>>> (message body)
<<< 250 OK 

Relay test result
Hmmn, at first glance, host appeared to accept a message for relay.
THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY.
Some systems appear to accept relay mail, but then reject messages
internally
rather than delivering them, but you cannot tell at this point whether the
message will be relayed or not.
If it is really an open relay, the test message will be delivered to you. If
you
do not receive the test message in your e-mail in the next few hours, it IS
NOT
an open relay.

---

So it shows it as being an open relay.



benny



- Original Message -
From: "Davide Libenzi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:26 PM
Subject: [xmail] Re: open relay


>
> On Tue, 4 Mar 2003, Benny wrote:
>
> >
> > Here is the email I get from the test site http://abuse.net
> >
>
> --
--
> > -
> > This is a test of third-party mail relay, generated via the
> > Network Abuse Clearinghouse at http://www.abuse.net.
> >
> > Target host = thedaily.tv [24.94.213.208]
> > Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
> >
> > A well-configured mail server should NOT relay third-party email.
> > Otherwise, the server is subject to abuse by vandals and spammers,
> > and probable blacklisting by recipients of the unwanted third-party
> > e-mail.
> >
> > For information on how to secure a mail server against third-party
> > relay, visit http://www.mail-abuse.org/tsi/>.
>
> --
--
> > --
>
> So ? Your IP is not an open relay.
>
>
>
> - Davide
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Seth A. Munroe 

When you perform the test, you have to tell the test email to send to an
email address that is NOT handled by the server you are testing.

If you register at abuse.net, there is a check box i think to have them
generate an email address to use for the test. it will still send the
results to the address you specify.

The reason the server looked like an open relay is that it accepted the test
mail, but it accepted the test mail because it was addressed to a domain
handled by the server.

-Seth

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Benny
Sent: Tuesday, March 04, 2003 3:11 PM
To: [EMAIL PROTECTED]
Subject: [xmail] Re: open relay



Here is the email I get from the test site http://abuse.net


-
This is a test of third-party mail relay, generated via the
Network Abuse Clearinghouse at http://www.abuse.net.

Target host = thedaily.tv [24.94.213.208]
Test performed by <[EMAIL PROTECTED]> from 24.94.213.208

A well-configured mail server should NOT relay third-party email.
Otherwise, the server is subject to abuse by vandals and spammers,
and probable blacklisting by recipients of the unwanted third-party
e-mail.

For information on how to secure a mail server against third-party
relay, visit http://www.mail-abuse.org/tsi/>.

--

benny

- Original Message -
From: "Davide Libenzi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:10 PM
Subject: [xmail] Re: open relay


>
> On Tue, 4 Mar 2003, Benny wrote:
>
> > Ok,
> >
> > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > "0" in server.tab.  I set my mail client for smtp auth and everything
> > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > error).  So in that aspect everything works, but how come when I do an
> > open relay test, my server acts like an open relay and sends through the
> > email?  I have tried several online open relay tests and all seem to
> > show my server as open relay.
>
> If your hipotesis are true, I strongly doubt about it. Is your server
> public on the net ? Which test did you use ?
>
>
>
> - Davide
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Steven Peck 

That IP Address is listed in two open relay databases.
http://www.dnsstuff.com/tools/ip4r.ch?ip=3D24.94.213.208



> -Original Message-
> From: Benny [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 04, 2003 3:11 PM
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: open relay
>=20
>=20
>=20
> Here is the email I get from the test site http://abuse.net
>=20
> --
> --
> -
> This is a test of third-party mail relay, generated via the
> Network Abuse Clearinghouse at http://www.abuse.net.
>=20
> Target host =3D thedaily.tv [24.94.213.208]
> Test performed by <[EMAIL PROTECTED]> from 24.94.213.208
>=20
> A well-configured mail server should NOT relay third-party email.
> Otherwise, the server is subject to abuse by vandals and spammers,
> and probable blacklisting by recipients of the unwanted third-party
> e-mail.
>=20
> For information on how to secure a mail server against third-party
> relay, visit http://www.mail-abuse.org/tsi/>.
> --
> --
> --
>=20
> benny
>=20
> - Original Message -
> From: "Davide Libenzi" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 5:10 PM
> Subject: [xmail] Re: open relay
>=20
>=20
> >
> > On Tue, 4 Mar 2003, Benny wrote:
> >
> > > Ok,
> > >
> > > I have my smtprelay.tab file blank, and I have=20
> "EnableAuthSMTP-POP3"
> > > "0" in server.tab.  I set my mail client for smtp auth=20
> and everything
> > > works, and if I dont have smtp auth set it doesn't work(i=20
> get an auth
> > > error).  So in that aspect everything works, but how come=20
> when I do an
> > > open relay test, my server acts like an open relay and=20
> sends through the
> > > email?  I have tried several online open relay tests and=20
> all seem to
> > > show my server as open relay.
> >
> > If your hipotesis are true, I strongly doubt about it. Is=20
> your server
> > public on the net ? Which test did you use ?
> >
> >
> >
> > - Davide
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>=20
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>=20
>=20
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] POP3 Authentication error for Outlook 2000

2003-03-04 Thread William Denniss 

Hi,

I have just recentally installed XMail on our office linux box, and it is=
=20
doing it's job nicly (as an SMPT server, inhouse emails, and connecting t=
o=20
our offsite internet server using POP syncronisation).  However for some=20
reason Outlook 2000 clients are unable to connect - the error returned is=
 a=20
password authentication one.  It works perfectally with Outlook XP - but =
alas=20
we have some '95 computers here which can't run Outlook XP.  Is this a=20
general problem? is there some fix?

Thanks for the software though, so far it has been very impressive.

Cheers,

Will.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

Here is the email I get from the test site http://abuse.net


-
This is a test of third-party mail relay, generated via the
Network Abuse Clearinghouse at http://www.abuse.net.

Target host = thedaily.tv [24.94.213.208]
Test performed by <[EMAIL PROTECTED]> from 24.94.213.208

A well-configured mail server should NOT relay third-party email.
Otherwise, the server is subject to abuse by vandals and spammers,
and probable blacklisting by recipients of the unwanted third-party
e-mail.

For information on how to secure a mail server against third-party
relay, visit http://www.mail-abuse.org/tsi/>.

--

benny

- Original Message -
From: "Davide Libenzi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:10 PM
Subject: [xmail] Re: open relay


>
> On Tue, 4 Mar 2003, Benny wrote:
>
> > Ok,
> >
> > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > "0" in server.tab.  I set my mail client for smtp auth and everything
> > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > error).  So in that aspect everything works, but how come when I do an
> > open relay test, my server acts like an open relay and sends through the
> > email?  I have tried several online open relay tests and all seem to
> > show my server as open relay.
>
> If your hipotesis are true, I strongly doubt about it. Is your server
> public on the net ? Which test did you use ?
>
>
>
> - Davide
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

I have used the test sites below:

http://abuse.net/relay.html
http://members.iinet.net.au/~remmie/relay/
http://www.paladincorp.com.au/unix/spam/spamlart/

Those are just some I tested.  And the last one comes back with several
errors and it looks like my server is not an open relay, but the other tests
come back as open relay.

benny
- Original Message -
From: "Davide Libenzi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:10 PM
Subject: [xmail] Re: open relay


>
> On Tue, 4 Mar 2003, Benny wrote:
>
> > Ok,
> >
> > I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> > "0" in server.tab.  I set my mail client for smtp auth and everything
> > works, and if I dont have smtp auth set it doesn't work(i get an auth
> > error).  So in that aspect everything works, but how come when I do an
> > open relay test, my server acts like an open relay and sends through the
> > email?  I have tried several online open relay tests and all seem to
> > show my server as open relay.
>
> If your hipotesis are true, I strongly doubt about it. Is your server
> public on the net ? Which test did you use ?
>
>
>
> - Davide
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Benny 

Yeah I thought and tried that too... But then it doesnt care if my client
even does smtp-auth.  In fact I have turned off smtp-auth on my client(OE)
and I set :

"EnableAuthSMTP-POP3""1"

And this message will go through without smtp-auth.

benny
- Original Message -
From: "Gustavo Galvan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 5:00 PM
Subject: [xmail] Re: open relay


>
> You have:
> "EnableAuthSMTP-POP3"   "0"
>  and must be:
> "EnableAuthSMTP-POP3"   "1"
>
>
> Gustavo
>
>
> - Original Message -
> From: "Benny" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 04, 2003 7:52 PM
> Subject: [xmail] open relay
>
>
> > Ok,
> >
> >   I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
> "0" in server.tab.  I set my mail client for smtp auth and everything
works,
> and if I dont have smtp auth set it doesn't work(i get an auth error).  So
> in that aspect everything works, but how come when I do an open relay
test,
> my server acts like an open relay and sends through the email?  I have
tried
> several online open relay tests and all seem to show my server as open
> relay.
> >
> > benny
> > -
> > To unsubscribe from this list: send the line "unsubscribe xmail" in
> > the body of a message to [EMAIL PROTECTED]
> > For general help: send the line "help" in the body of a message to
> > [EMAIL PROTECTED]
> >
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.459 / Virus Database: 258 - Release Date: 25/02/2003
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: open relay

2003-03-04 Thread Gustavo Galvan 

You have:
"EnableAuthSMTP-POP3"   "0"
 and must be:
"EnableAuthSMTP-POP3"   "1"


Gustavo


- Original Message -
From: "Benny" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 04, 2003 7:52 PM
Subject: [xmail] open relay


> Ok,
>
>   I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"
"0" in server.tab.  I set my mail client for smtp auth and everything works,
and if I dont have smtp auth set it doesn't work(i get an auth error).  So
in that aspect everything works, but how come when I do an open relay test,
my server acts like an open relay and sends through the email?  I have tried
several online open relay tests and all seem to show my server as open
relay.
>
> benny
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.459 / Virus Database: 258 - Release Date: 25/02/2003

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] open relay

2003-03-04 Thread Benny 
Ok,

  I have my smtprelay.tab file blank, and I have "EnableAuthSMTP-POP3"   "0" in 
server.tab.  I set my mail client for smtp auth and everything works, and if I dont 
have smtp auth set it doesn't work(i get an auth error).  So in that aspect everything 
works, but how come when I do an open relay test, my server acts like an open relay 
and sends through the email?  I have tried several online open relay tests and all 
seem to show my server as open relay.

benny
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: sniffing

2003-03-04 Thread Sönke Ruempler 

> You could also force CRAM-MD5 auth to be used for pop3 :)

unfortunately the most popular MUA OE does not support APOP ;-(
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: sniffing

2003-03-04 Thread Sönke Ruempler 

> If i put a sniffer i can get all the passwds when people get their
e-mails.

a "hacker" could only sniff passwords with a man-in-the-middle-attack, eg on
a router.

> How can i protect the xmail server to make it secure?

xmail is secure, but the protocols are not, you can use ssl tunneling:
www.stunnel.org


-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] sniffing

2003-03-04 Thread GAPGU - Rodrigo Sabroso 

If i put a sniffer i can get all the passwds when people get their e-mails.
How can i protect the xmail server to make it secure?

CIao
Rui

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: unsuscribe

2003-03-04 Thread Sönke Ruempler 

> unsuscribe

maybe you READ THAT TEXT:
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread Sönke Ruempler 

> hope u r right :-)

hmmm but that bug seems to be heavy! our provider called us if he should
upgrade our servers. "no we don't use sendmail, fortunately" :-)

soenke.

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] unsuscribe

2003-03-04 Thread Michal Ostrowski 

unsuscribe

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] unsuscribe xmail

2003-03-04 Thread Michal Ostrowski 

unsuscribe xmail

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

(no subject)

2003-03-04 Thread Michal Ostrowski 

unsuscribe

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread pinhead 

Hello Sönke,

Tuesday, March 4, 2003, 11:55:07 AM, you wrote:


>> This advisory only corresponds to Sendmail MTA. XMail is another
>> MTA that do not contain this vulnerability (i hope :))

SR> i guess frederik knows that - the mail was just FYI and shows us that we are
SR> using the right MTA :-))

hope u r right :-)

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread Nick Rogers 

oops sorry
- Original Message -
From: "Sönke Ruempler" <[EMAIL PROTECTED]>
Newsgroups: saltstorm.xmail
Sent: Tuesday, March 04, 2003 8:55 AM
Subject: [xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in
Sendmail


>
> > This advisory only corresponds to Sendmail MTA. XMail is another
> > MTA that do not contain this vulnerability (i hope :))
>
> i guess frederik knows that - the mail was just FYI and shows us that we
are
> using the right MTA :-))
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> --
> --
--
> XMail::Scope::nntpfwd v1.00  |  2003-03-04 08:49:26Z
> 

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread Nick Rogers 

Im not :-(
- Original Message -
From: "Sönke Ruempler" <[EMAIL PROTECTED]>
Newsgroups: saltstorm.xmail
Sent: Tuesday, March 04, 2003 8:55 AM
Subject: [xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in
Sendmail


>
> > This advisory only corresponds to Sendmail MTA. XMail is another
> > MTA that do not contain this vulnerability (i hope :))
>
> i guess frederik knows that - the mail was just FYI and shows us that we
are
> using the right MTA :-))
>
> -
> To unsubscribe from this list: send the line "unsubscribe xmail" in
> the body of a message to [EMAIL PROTECTED]
> For general help: send the line "help" in the body of a message to
> [EMAIL PROTECTED]
>
>
>
> --
> --
--
> XMail::Scope::nntpfwd v1.00  |  2003-03-04 08:49:26Z
> 

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread Sönke Ruempler 

> This advisory only corresponds to Sendmail MTA. XMail is another
> MTA that do not contain this vulnerability (i hope :))

i guess frederik knows that - the mail was just FYI and shows us that we are
using the right MTA :-))

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread pinhead 

Hello Frederik,

Tuesday, March 4, 2003, 11:28:10 AM, you wrote:


FG> To Whom It May Concern ...

FG> ---
FG> CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

FG>Original release date: March 3, 2003
FG>Last revised: --
FG>Source: CERT/CC

FG>A complete revision history can be found at the end of this file.

FG> Systems Affected

FG>  * Sendmail Pro (all versions)
FG>  * Sendmail Switch 2.1 prior to 2.1.5
FG>  * Sendmail Switch 2.2 prior to 2.2.5
FG>  * Sendmail Switch 3.0 prior to 3.0.3
FG>  * Sendmail for NT 2.X prior to 2.6.2
FG>  * Sendmail for NT 3.0 prior to 3.0.3
FG>  * Systems  running  open-source  sendmail  versions prior to 8.12.8,
FG>including UNIX and Linux systems

FG> Overview

FG>There  is  a vulnerability in sendmail that may allow remote attackers
FG>to gain the privileges of the sendmail daemon, typically root.


This advisory only corresponds to Sendmail MTA. XMail is another
MTA that do not contain this vulnerability (i hope :))


-- 
Best regards,
 pinheadmailto:[EMAIL PROTECTED]

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

[xmail] CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

2003-03-04 Thread Frederik Gallon 

To Whom It May Concern ...

---
CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail

   Original release date: March 3, 2003
   Last revised: --
   Source: CERT/CC

   A complete revision history can be found at the end of this file.

Systems Affected

 * Sendmail Pro (all versions)
 * Sendmail Switch 2.1 prior to 2.1.5
 * Sendmail Switch 2.2 prior to 2.2.5
 * Sendmail Switch 3.0 prior to 3.0.3
 * Sendmail for NT 2.X prior to 2.6.2
 * Sendmail for NT 3.0 prior to 3.0.3
 * Systems  running  open-source  sendmail  versions prior to 8.12.8,
   including UNIX and Linux systems

Overview

   There  is  a vulnerability in sendmail that may allow remote attackers
   to gain the privileges of the sendmail daemon, typically root.

Read on at: http://www.kb.cert.org/vuls/id/398025
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]