[xmail] Re: xmail v1.20 troubles
Am Don, den 02.09.2004 schrieb Spyros Tsiolis um 10:05: > >Did you check the logs, spool, frozen messages ? > > I don't know how to check logs. If you have logging enabled (commandline: -Pl -Sl ... all the -.l stuff) you should see the logs in $MAILROOT/logs > As for frozen messages, there's loads but I > don't > know how to access them. I can only see they exist. cd $MAILROOT/spool find . -type f |grep froz > >again, maybe DNS doesn't work. > > Again, I ping mail servers on the outside world (or anything else for that > reason) and > it comes back with their respective IP addresses. No packets, but that's > logical since > xmail sits behind a linux iptables firewall in the DMZ. ??? maybe I'm a bit slow today ... you do 'ping www.xmailserver.org' and get what ? [EMAIL PROTECTED]:~# ping www.xmailserver.org PING www.xmailserver.org (69.30.125.51): 56 octets data 64 octets from 69.30.125.51: icmp_seq=0 ttl=36 time=197.8 ms 64 octets from 69.30.125.51: icmp_seq=1 ttl=36 time=190.8 ms If you get the IP, DNS works. If you don't get ICMP echo reply packets, adjust your firewall ! Several services rely on ICMP replys. Routing for instance. You get ICMP messages when you try to contact a host that is not there ... etc ... > > HTH again ;-) Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQTbgNeEKFiIqAG4fAQIXWggAxkyBdEa5LD1K3mWC95udJ/eD5EBfkUlZ p6dCnXmm0DeAuOVK0sO5HNbAy6fI+GH4sreY7HRJkos4SXabWN18xb4semn3YpTb vUJOBO2nknMPBsRPhXtZH0IGR9462EjCrToRQFL3de61GS1hNwP0AsyS04alp6Tp mtn0GzWiGy1EUJdnaf/YTwezF4CPLkJjPnhKDZKLBMtjADpkr7IdkevbJ+q74zCF TTGUwCdjgfb5kbHlX/O5T0BtIUQyNW+CiRsiW3k9hEUEhyIDX/bc2a04I4ojWzBq q8TWW6TvbsPb6AfMSOFl99T0n201r1NhYR7MKDV76Ruel9CRx88x3w== =y1D5 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: xmail v1.20 troubles
Am Don, den 02.09.2004 schrieb Spyros Tsiolis um 9:27: > However, there is one little thing bugging me; If I try to send to anyone in > the world > (from the inside to the outside), it never gets delivered. Not even > postmaster message > (message undelivered, will keep trying etc.). Does DNS work on your box ? > Mail server works fine for incoming messages but outgoing messages don't get > delivered. > Now, I've been hunting this beast for the last two days. I've called my ISP > (they are > very security aware and do weird things with their networks), but to no > avail. If they cut the SMTP connections, xmail would complain. > Would anyone have any ideas on this ? Did you check the logs, spool, frozen messages ? > Oh ! BTW, if I telnet to the other smtp server directly from the xmail box > (shell) > and write a message (telnet mail.blah.com 25 , MAIL FROM: <> RCPT TO:<> > etc.), > the message gets delivered. So, I think it _must_ be sometihng on my > mailserver side. again, maybe DNS doesn't work. HTH Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQTbQZ+EKFiIqAG4fAQIMWwgAowSqTdhGPer3KjyQi4IIBwB95kdKR6G7 NNv7NNDV0wQSY+8K1YhJiIirP3U9YOZ5FKoCyZLtUA6mNvzVbpkNcNtTc7S9hAS4 ZO9KqVMUUZUn3JcL8VsNRyJQxeyJHTCq0EjAWpuOMd2s/glEEg8kf4jQAfG/CQ/7 T8iUlgc/f/+bKfXOMILbmh98AG6TfyeAviL4sXJQORBkWxOC5jXti8wLjE2n6/zl u4KgC2TTA8tLau2a3XEthOpzlDWqc/XwrN4KQQI/hz9GI8Yhyi0F05gzESMA1Uw3 2F64t0Z0eGAsxJgxY941mW0hiHLQOYnaVkXwnfnAt/c7yOjb/jJUbg== =sRRP -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: test - please ignore
not much of a traffic - huh ... :-) Am Mon, den 16.08.2004 schrieb Rob Arends um 9:53: > > _ > Note To Self: Remember to put something witty here later... > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQSCD3uEKFiIqAG4fAQKeIggAw4OGaa2U2vlYgAwe5cZ78DKhDmcek9Lc PNpZmRLpmnh3b5P6Z0VcJRvq1t3YmNDRC/G3wVuwDw3zEZJ4B0NuXg4rtBje7ZyF X5GXQsd9vc07l/YycF4xVObLegISw9jYo9x4fl7pEyGjgYcB5YGBS8qnNhwVWdde 5jB5jwgBGILNxwT9Qlfdl/MwnHDU6en+syEGPsPAVDHHU+NXByFMGI02IOvx/ydy 9DoEeNuAkEVcc/I9vqSyGqJpdHZbzIWa12w/Cxjw1UGF9SC4c0gLTIZXzK0nTv7e ZJQjCmGkAq40TAdulVI3u37UiCrKO0RCaki1d9rE0lUzFhz9ozHhdg== =ANZ1 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMLE Patch Feedback
Am Mit, den 11.08.2004 schrieb Mike Harrington um 1:09: > Hi everyone, > > For those of you that have installed the patch, can you tell me if this has > solved your problems or if problems are continuing to happen. Sorry ! I applied the patch at our Win2k Testbox and get the same error selecting the production domain (running XMail 1.20 on Linux, 110 users, 18 aliases, 12 mailinglists, _zero_ doubles) As soon as I doubleclick the domain, I get the old 'runtime error 457 ...' The testdomain on the same server (just no official DNS domain and only 5 mailboxes, 1 list an a few aliases) runs as expected. Goesta OT: status of the wine experiment has not yet changed. too much else to do :-( -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQRneUeEKFiIqAG4fAQLe6gf+MlaidkHaFTFs4Uf4Z0QspmaVK6hz3xjD SX/0zzBD1NkD5RjmDZBjE4lx5JXH2rGV5yN03oNHGdBrs+x9aqKi4rEKf3TlY7uo s4a94Pzj6meN1wfc8KmNj+Fxpc2ZeWdaOyhdayuPy4HNT2/tSCYEN7K3EkFiJRqN basw8bXQqXWqUj6Z+Km8DP0q9vN9hLhDe0m7WrXCBq6QcsFcQi9/yGz/8TNWncky XPg+VlARsfpAheXml+ajL4svxtNRJsioAQKqqguWPXsAY03XHhLzdb1ePPRfryA5 pK299jdZtIf1g5A2G9Td851XAUemqFaAhIqQgV0B2fVc18XsN8nUzA== =iw59 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail Manager LE Beta 1 Released
Dear Mike, dear List, this is a first shot for XMail Manager LE under Wine/Linux: (short version: took some work, didn't work ;-) ) my system: Debian-testing, Linux kernel 2.6.6-1-k7 (from Debian), AMD Athlon(tm) XP 2400+, 256 MB RAM (sorry for the '(tm)', just copy/pasted from /proc/cpuinfo ;-) ) wine: libwine 0.0.20040615-1 Windows Emulator (Library) libwine-cil 0.3-3 WINE bindings for Mono libwine-print 0.0.20040615-1 Windows Emulator (Printing Module) wine 0.0.20040615-1 Windows Emulator (Binary Emulator) wine-utils 0.0.20040615-1 Windows Emulator (Utilities) winesetuptk 0.7-1 Windows Emulator (Configuration and Setup To Installer did not work: after checking Windows version and other stuff, a window showed up telling me: '1155: File C:\Temp\INSTMSIA.EXE not found' and wine failed with return code 130 I tried to install the software on a WinNT 4.0 SP6a test machine, setup worked. Starting the app did not.(yes, I _did_ read the sysreq) So I took the content of the dir 'Alouria\XMail Manager LE', stuffed it into a .zip and unpacked it in the wine dir. Firing up XmailMgrLE.exe directly did not work because of some missing ..dlls: MSVBVM60.DLL was missing, I downloaded it from www.dll-files.com and put it in wine's 'C:\Windows\System' VB6DE.DLL from http://msdn.microsoft.com/vbasic/downloads/tools/IPDK5down.aspx aka 'Microsoft Visual Basic 6.0 International Package and Deployment Kit (IPDK)' http://download.microsoft.com/download/vb60ent/ipdkeng/6.0/W9XNT4/EN-US/ipdk.exe after a funky error message, it created a directory 'IPDK' in the wine root directory (as Windows would call it: 'C:\') containing some further dirs for some languages. From there I copied all .dlls to wine's 'C:\Windows\System' directory. OLEAUT32.DLL resides in wine's 'Windows\System' but was searched for in 'C:\Program Files\Alouria\XMail Manager LE' so I copied that there. after all that done, 'Wine exited with a successful status' but no window :-( just as on the NT machine ... Installing Windows Installer in wine fails due to some funky permission problems that are not realy there according to the filesystem ... I'm working on it ... BTW: It seems to be written in VB. I am neither programmer, nor Windows expert, but could it be ported to mono (http://www.mono-project.com/about/index.html) ? So it would be platform independent, just like XMail :-) Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQRNKJ+EKFiIqAG4fAQKnpgf+Oib6yUArG0ix+QyWaDlPU6ed1xBaCrk3 ZTRCYKxfwJdXQ4vg5I7lG66PR7laj4I1eCLQOBSNvVtv5pMBRObtjISSKXzxZG8h 13EhNm+w2obA5geCYGtChcBw5orncLvoFrhDh1ogohoH4MycurUTE2TFFhc5UqPf 6i/Ve8AfVZXQOkBBl3WsWhOALbMmss0Hxqyl6ARGzFxXvF7iVKEWL8uonI6/Ajuy M1X6OeFlQrSk26t5N/XCfUeQi7OscYUH3VVHe7hqyK0/kQX01Llz7WboTLu1vXaZ hgvXr3HbEbizPCT1X9DVelcrlwCC1DaBc3aUYqGoaXzSRIR/jlK+7A== =dMqm -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Special character problem?
Am Mon, den 02.08.2004 schrieb Wim Verveen um 9:55: > From: = > =3D?WINDOWS-1252?Q?=3D22user=3D2C_L=3D2E_=3D28L=3DE9on=3D29=3D22?=3D=20 > <[EMAIL PROTECTED]> > > This seems like a very strange from field, but is this caused by xmail = > or 'the other end' ? Indeed, strange it is. A violation of RFCs most likely too. But the message headers' 'From:' field is fed by the mail client. SMTP servers only touch the message envelope (MAIL FROM:<...>) and don't care about what those freaky apps put into the message header. Untill another more or less freaky app takes that field's content and tries to send a message to it. Then it becomes the content of an envelope field (RCPT TO:<...>) and trouble is ahead ... So quite frankly I would advise the person sending such messages to look for a _decent_ mail client ;-) HTH Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQQ37QOEKFiIqAG4fAQLCHQf+MDUDcdNsJV6+HihvxQWdxZiRa5554tlt yqkU34AtGxBRAQV967tb0WQy6utCbtoHzwn3v1u0axx/jiHfU0VdxKtFcsnofsKE oaT2dzjW591CCGYtC7HMvYxImB8bzegvOfe49XqiLsnXahpDsO41mtTLyI9osNCD FUmFalHCi2zmNub2evcMS3rwhX92Wut2hCqkrp0QhC5ybjJsWPG5F5oKbMKE4VOm AP2d0nRm1fWALBeez4CRvI14LZzbtUOKTDfn7RDfUsjRikXtGCkvRYdGNqkwA6Nm AqxjoifFUr947pS0XmAj5VUg2RHrr6qvRXL0YSJpMD7E9c/pAeHT8Q== =OOt3 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] LDAP <-> XMail
Hi folks, I am aware that Davides holiday is a bad time for proposals (we all know where his mail goes when he is back ;-) ) but I am curious ... My plan is to connect XMail to LDAP. Authentication should be no problem, thanks to 'External Authentication' (although the second part of the doc makes me a bit dizzy ...). BUT what about the mailbox management. I.e. a new user is set up in LDAP with all the stuff needed for mailing (adress, pwd etc.) ... how will she/he get her/his maildir ? The answer will most probably be 'scripting'. So: did anybody do something like that ? Any experiences yet ? If not, I am willing to pioneer ;-) regards, Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQQihDOEKFiIqAG4fAQK/RAgAvwj+5uDc8j5FRQjVESQLehXlLIMtTNqA FOiZ8H274PV9Bx2l4Xl6Td2BLG9ymNU8g87v0NfzIWzasDluFNypoo1f2xNceFLR i9mePA6Gb+wx49tDQUdDMXlvRiAjJnW2Db8lvXMaVFeFM47/gCmIovioIeOoJQao 8woNO0+sUksSSApR5zSzGL7QO4mutUvxOgRXX31NNaJMfXpHLU5gIBYrklFxEJEG HzUSqCatc4knm9sYMWqIR4DcR1ssHFJixDQp7ysE4CfZ7jBAhDAeoXX8a3a/MWYJ EXiAw5RrhCFIVPYmi3KY1/tf4n7VLI4ui8hdoZzA6RRHOVfcnneOQw== =R//1 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: AW: Re: XMail 1.20 Smtp slow
Am Die, den 27.07.2004 schrieb Harald Schneider um 15:33: > If you guys have installed the .rpm, then pls try a built from the = > source > tar ball. ..rpm on a slackware system ? not me ! ;-) > Any differences ? I won't try to install the .rpm just to see if this does any more harm ;-) Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQQZgL+EKFiIqAG4fAQJfuAgAoSFOOWQ5oje8PHm+s7xHdSyfoZBSz7FN Z7KUFmfZU7l2Aab9qDbFNVLuZeRKLQGea5CtvsI6oY2OzxD6l8P9/zg/ZSOMS4EG XXp2hCePQnY0bVQgQoGz+GZY5sNz3naNJJkpAOaeebkB+TaLCoam5rKqxhesNeYm 4RPMwzoxOlDWV/sYm911On9fOv66OePZ2smlI0q9WaTJ0QTLCZTeBMlSWEG0YbwI XnRy1+r+zP3Nao15hATW7OwUeYWymAp0BuxbWb8fy71DQkuBdkT5UoMWkAEPVge3 qzfotZu2C3wr9q/iNvbOYUBeG/OgdkhRTdBZf8GqqWoHYgXtkyCuqg== =PAUo -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail 1.20 Smtp slow
Sorry to say: this is a 'me too' posting ! (I posted before in April, but nothing realy helpful showed up) my setup is: Xmail 1.20 (was 1.18 in April, update didn't solve) Slackware Linux 8.0.0 gcc 2.95.3 Linux 2.4.9 LD_ASSUME_KERNEL=2.4.1 no filters at SMTP level, and RSS of XMail processec after 35 days of uptime is 9184 (!) Connections just end during SMTP DATA transmission. So if there are attachments involved, it is more likely for the session to fail. The clients report some TCP/IP problem which neither helps users, nor me ;-) For us, too, the 'solution' is to wait a bit and try again. But the problem doesn't seem to be related to system load, network load or anything else to be monitored by top, sar, netstat :-P Both local and remote connections seem to be affected, since a lot of mail comes in via our backup MX which is run by our ISP. I am glad (ironically) there is somebody else with this problem, I started to think I'm nuts ... -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: Dies ist ein digital signierter Nachrichtenteil -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iQEVAwUAQQZVLOEKFiIqAG4fAQIOAggAjNU1RTVnrUMAqNvd7co4Xwd7tphOTjbC WLJxecilhEonLatKsX0nTg1PxZcGHcPJDAOoAlF4gMFKSgjgtpydrFNCF/mbttLu XlDQPGszElyX5cxfGDuqOh3z1DlmJslmo/e1fzuPBVAo52ITAgep7n1m0u4A5lVS 81nr8PJ7Dww5VA5FYhZHAAkxZeAjQ7VYUtbCk437xk493J97OFUTxQRB2eGrxM+V IqN0/TLNzjN2FjDhl5CpY8OlMPV/r/7/2cMSBGp+h4Ya9pSMbLuPIYQFftoJTaCm fMAR7svNJwNvyl/oDT++XeeLjdAc5ZCMAU8YQIaoXvICjN+5bpE3sA== =gDVn -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Can't send emails
On Fre, 23.07.2004 Josep wrote at 1:49: > I have installed XMail 1.20 on a Gentoo 1.4 box. > Everything is up-to-date. > The box is running its own DNS server, which, AFAIK, is working properly. > > I can receive email and retrieve it via POP3. > The problem occurs when I try to send emails. [snip] > SMTP-Error =3D "417 Temporary delivery error" > SMTP-Server =3D "smtp.clix.pt." [snip] Well, obviously the '417' is not too well documented in RFC 2821 :-/ but as all of the 4xy codes it _should_ be temporary. So, do you get it _all_the_time_ ? > Anyone has experienced this problem before? Is there any solution? > Thanks for any hint you may offer. Sorry to say, I see it frequently. Most of the times it is related to DNS problems. (like non existent TLD ... users suck some times ;-) ) But strange enough, I see this for mails from _and_ to our domain (aka internal mails) too. But this is rather rare. Anyway I don't bother much, since people don't complain and we get ~1300 Mails through per day. So, if I get 417 the other day, I just shrug ;-) HTH Goesta -- Wiener Hilfswerk - IT Staff we are a NPO offering social services locally in Vienna A-1072 Vienna, AUSTRIA, Schottenfeldgasse 29 Phone: ++43 1 512 36 61 DW 407 / Fax ++43 1 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: (nearly) got the handle !?
On [Wed, 16.06. 13:54], Goesta Smekal wrote: > > Actually I'm about to write a filter checking if the HELO domain exists. Hints > from Davide are welcome :-) ( for example, wyh doesn't xmail do this in the > first place ? ) > > stay tuned ... ... well, some nightly hacking and coding and my filter is (almost) there. Works as follows: * pre-data filter * take the first field from the 'Info Data' line of @@FILE. This is where the HELO part goes * check if the domain is valid (tricky) * if not, return '3' and exit Now the tricky part: looking up a host is near trivial, with a domain, things get a little more complicated. My first guess was 'whois'. But the answers you get from the different whois servers differs a lot in both format and contents, especially when the domain is _not_ existing. :-P Next came 'dig'. Works better, but sometimes when I dig a registered domain there is no 'answer' section in the response ?!?!? ~:-/ So dig for MX of the domain. Well some smtp daemons send their hostname instead of the domain name here. And, do all domains have an MX ? RFC 821 says: HELLO (HELO) This command is used to identify the sender-SMTP to the receiver-SMTP. The argument field contains the host name of the sender-SMTP. (This is at page 19, just in case anybody cares) Now I'm in trouble. I'll try and cut the first part off the name in case there is no MX for the whole thing and check again (a bit more simple than in my blacklisting thingy). Let's see ... For the curious, the script is at: http://korda.smekal.at/xmailtools/MailScan/helo.pl BUT BE WARNED AGAIN: this IS buggy and not working yet. IF YOU TRY THIS AT A PRODUCTION MAILSERVER YOU MAY LOSE MAILS (and I warned you, so don't blame me) Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQNE9ueEKFiIqAG4fAQJrDgf/YIeFJd0LVix8ODfbffstYrX/hi8yTEyn N7XJk84MzjmbeIjxsdb9S9HZP4WOx7k5KF+DKZ3l3HU47po6LLMNU3xAuKeUKlkk rVg5avIAfEOKONEWuFFSZUjbssBOzEALvgkOi0o+an6hunes0uObT5y7xA3kNGuH WUUuGPGimnwiU5NSApoybIyuht4rXgs1gwalP+oZkI4Q2RszwR7iVZWMe/RisrSv DnkGnxMtYwqJJ432Z47w1DTMO1tPxSsmjMNGQ5oJExL0bhWe4NfB8qbPRkiYzH0E rFdrD/DDss9qeuJhHkWq5ZFhh/LNWxvSn1sITI8t5n1LCqCsNAN6wQ== =T5Ar -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: get a handle on Sober.H spam ?
On [Wed, 16.06. 13:12], Achim Schmidt wrote: > Hi Goesta, > > if you are running Spamassassin, some rulesets for stopping those mails > are described right here: > > http://www.heise.de/newsticker/foren/go.shtml?read=1&msg_id=5832097&forum_id=57381 > This is exactly the way I _don't_ want to do it. Why ? Because tomorrows junk contains different words an I end up spending hours of my time typing racist phrases into SA rules finally ommitting german communication at all. Actually I'm about to write a filter checking if the HELO domain exists. Hints from Davide are welcome :-) ( for example, wyh doesn't xmail do this in the first place ? ) stay tuned ... Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQNA06OEKFiIqAG4fAQJdYgf/Z4vsrSDdjmMlrp3e6x008dhPS26ixsFY Di3YqKXCA5QLYXKXKrMmqzm5D9cOszz5U2BOQEQlWEyfnyxUWTbd5msHeH9CidV4 mOPNaZlhkIXJTGppEcUyyLdXd36jJroiOBMpnZP/pWD6WHhEB6npr64irdJQfisP YSKlX76uhLFZBqQMbYpLnbhlNpJQkR14EeHP8O7ERJpnf4/yBjeTjS4T+/4AXKes Gq6gQFDO/+iqZx6+Y667eebsPGrsQOF7q+Q1eDyHxwiF5jznd/GaMqF3QsebZ8OH Y8u9ihVzeR5UXAZiYHTRvG9SQzA3vWpqDFvAmYQIwqP65XvDtgPAFw== =QS4e -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: get a handle on Sober.H spam ?
On [Wed, 16.06. 11:41], Goesta Smekal wrote: > > *) why does RDNS not check ? > > *) where can we put a filter to do so ? pre-data sounds promising > I just read RFC 822 (again) and the HELO command should pass the domain. So, Davide, is it the contents of this HELO string that ends up as senderdomain in the SMTP logs ? And if 'yes', why is it not RDNS checked ? And ca I do it with pre-data filtering ? (can't wait to start a new filter project again ;-) ) Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQNAZOuEKFiIqAG4fAQJevAf/Z/WHq8Upr6a7ER+m/CyyKCsh54/GJlS3 JD5NjQmKItgDnc/G0hGxY65ZWgRqP9ofph8cQbfEgWUqD5t5s9Ms5+S8Zu/6VYPb q8enFHO/UETCaIx9INulZ/+tuIGnzzYpQdOICLOa+f4t8EKX6Pkxr7O/upGxjE+S +0B86xDNDFm0qnlLvCEJR7ZgjVqXubqBAhukIBs+5mX2D3tBXCVIA641DpH/YaK+ plpKHCeMsf7E9nfNLHAfdp+mHGPBTx8qFcup5oKXeiO9PzZIMMIYuseE1cW87lsb yCHFxxLk6KRLG5HnGsM9nxDHlE3ickJ1MVu/tK8YCdieoX87GHv5Iw== =YDWp -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] get a handle on Sober.H spam ?
Hi list, anybody else annoyed by right-wing political spam produced by hosts infected by Sober.G ? (well it maybe a local problem to german speaking users ... anyway it might spread) We are facing a dramatic increase of SMTP traffic due to that. Since there is no attachment AV doesn't get it. Since there is no 'normal' sign of spam (like multiple recipients, junk characters etc.) spamfilters are unlikely to get it either. So my blacklisting logic (discribed earlier here) has no chance to stop those hosts from sending us mail. They _do_ have valid hostnames, so RDNS doesn't either. The only thing I found is, that in the logs at pos. 5 'senderdomain' I find bogus. Now: *) why does RDNS not check ? *) where can we put a filter to do so ? pre-data sounds promising Any comments ? I will try to put up a filter for that as soon as I find some time ... Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQNAV0+EKFiIqAG4fAQISbgf7BOHpt512LB51uGs+f+gzUOqkgg4FrXGt t2MndZ/MZKGvoCvvKP5Hle1mmrLXPePFUosOsK9Co34Vh2ox+QX02JcwpdwyrkLg FfaR9Kp4kZRDAm9Mykc1Lpb8j/JRbpumMjo3tmYWBCbAwOSO3YPK6OOGmrCIIm4k mHZIp0KEePrT3X3n9O4G2GioQ/QRKQbN+Oo+rMgulrPkoT4ujD35Iqnhv506HCYD RaVwe4zcTm9pW7+bfYahOxo3xD3g1v31b6CBE+JO+HqllrePBb/zWb99r4DXo55a wxmla/DBBdbUbI9CGiCsJFZxsVcsWMG0zAMUEkIEE5aMsD5xHkZzUg== =RF+6 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: virus database
On [Fri, 11.06. 12:03], Liron Newman wrote: > > Goesta Smekal wrote: > > >I do a similar thing for two months : Every mail reportet to be infected gets a > >second treatment: > > > >* look for originating IP (of SMTP envelope, _not_ headers) > >* resolve its domain > >* get the MX for that domain > >* if the IPs are not equal, block the host, since it is an infected, non MX > >host. > > > >This approach works _very_ fine (not a single complain ever since, opposed to > >three complaints due to RDNS check, which started the same time) the SMTP load > >actually is _reduced_ and the "SNDRIP=EIPSPAM" is constantly rising :-) and > >of course the virus/day rate is sinking. > > > >Since hosts that send you a virus nowadays are very likely sending you the same > >stuff again soon, blacklisting (IMHO) is a valid option combined with scanning. > > > > > > > Actually a great idea, because 99.999% of the people who would have a > legitimate use for sending you SMTP directly (Running a mailserver or > whatever) are computer-literate enough to avoid getting hit by all that > virus junk.. So the chances of blocking anyone who's running a > mailserver at home (Like me, and yes, my ISP allows that) are slim to > none, and if he's blocked, he deserves it.. > > Care to share that filter? Since you asked for it: http://korda.smekal.at/xmailtools/MailScan/ _but beware_ this is my subversion repository, not an official release, which I intended to post here when I did some streamlinig and code beautification. So the docs are a bit outdated and the code may be a bit hard to read ... but it does work (obviously WITHOUT ANY WARRANTY ! IT MAY EAT UP ALL YOUR HARDDISKS WITHOUT NOTICE ! If you plan to use this, YOU ARE ON YOUR OWN !) your milage may vary ;-) Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQM1OdOEKFiIqAG4fAQKGywgAoQABS3yKhVn8U6mqkiUzBQ+I+4KPE4E9 4P87eyvfTeImcZr5qAxhUO+pUoyLfGB6vr6DHAaguYJH42HR1WRninllPCQI410q zxGBaGEVZHYbYdVJJRdn1rjHida30EVxbyljNq1i3EPvO6eiNodHCYN2BWGH8J1E CY6WogH3244ecsPf7wQhp1CHZkJl8S4/YrrcJc9PP+2EpfdO+CcPtH6k75bg+mHq Ndr3xxutz4xzakbMiC7gWkO41jf7ddKwUjDDyw1jn0UA/6Ku6DuhKBuDbjXVUM3C dUunS5UCfn4vpZK/z2OJYIdvtUFBCUQzSXji8W8OcHd+x11aiuuInA== =2Ea2 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: virus database
On [Fri, 11.06. 08:56], Tracy wrote: > At 03:09 6/11/2004, Goesta Smekal wrote: > >I do a similar thing for two months : Every mail reportet to be infected > >gets a > >second treatment: > > > >* look for originating IP (of SMTP envelope, _not_ headers) > >* resolve its domain > >* get the MX for that domain > >* if the IPs are not equal, block the host, since it is an infected, non MX > >host. > > > >This approach works _very_ fine (not a single complain ever since, opposed to > >three complaints due to RDNS check, which started the same time) the SMTP load > >actually is _reduced_ and the "SNDRIP=EIPSPAM" is constantly rising :-) > > and > >of course the virus/day rate is sinking. > > This will break rather spectacularly on some larger ISP traffic, since many > larger ISPs (AOL, RoadRunner, Comcast, a number of others) do not send > their mail from the same machines which receive it. MX records are for > machines that receive mail - while a *lot* of places also send mail from > the same machines, a lot of places (especially high volume sources of mail) > do not. Well, actually you are right in a technical point of view and , sure, it is NOT RFC what I do. But from the more pragmatic approach I must say it works well, without a complaint (as I stated in my initial posting) at all. (we get about 1000 mails a day) Why ? Because those, sending mails out via unlisted servers are either infected ;-) or running public mail services and are either virus protected or the default SMTP gateway for people and thus _don't_ get used by todays malware. Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQM1MRuEKFiIqAG4fAQKv6wf/Twu5YuvufyW+DHqk3BxT6bH6H91mdndu ui5lpNgzrvWUyb0JySam3aSxWEBoA1Qpd+AAPOzLFsygxSEB0w5y4qb1girdG207 xGqusQ5UBGTzgTHE1G7IpWYWp4cT0AVEsBBMmQm3vRsNL9K8zlQYLMTWkYYw5vN0 2Ve6Egxr1aFqOAIhv9sCE5Hpcv+TwTz+Evm5ODHVTm5oB8oR8sshERfCt55kZOVR gLX6H90hLHjTYS6zZKKrKDM8R0D3HpvPU0O8TF0wRSIkhc1nPTFuxnTnJlul2Or4 7F1JPnGRdOO6kZm5gvwFHqs3P6ruaZY61UILV5TEu3eRmnglszeP8w== =7OmD -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: virus database
On [Mon, 07.06. 08:05], alex wrote: > > On Jun 7, 2004, at 12:24 AM, Wim Verveen wrote: > > > I am actually trying this out. It doesn't catch a lot until now. Maybe > > the database needs to grow or more 'points of measurement' are needed? > > > I think they need more points of measurement, the database doesnt > really grow because > they are only scanning mails on their own mailserver, and they drop > ip's after 24h. > The main problem of a central database on infected hosts is, that today's malware has a strong local spreading character. let me put it another way to become clear: as far as I can tell about 95% of virus senders come from the same TLD (in our case .at). This is a consequence of the way e-Mail addresses are collected. So such a Blacklist automatically gets a strong local bias an can never possibly contain a reasonable amount of worldwide scum hosts. Except someone puts up a central DB fed by people all 'round the Net. Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQMlePuEKFiIqAG4fAQL9KQgAqJO3+8vLwiBiD7rS53xEB1JUlXL274Uz jfTkMil8nYJ76HRdEpVR/m0tkXCiD/8/cz1gmgdIb3GpOeaT8Ltm5hPpD22mKags h/bDEDs0pi9flk60bOGdpDc4qyv9yq1Ada/AZmD1/yCwHFoVlOgI2114ypOu6gQj CADKCJsYwZA6rcdFQqhJ0c/AYC32JnBaR5F4rDimJsnwIq47ussGUlVQAJ0KsMVx 7bChcTeiG9buziBr7oiwkGQCe70L4/R4uzJxXApNmw1DkgOKxJp+db8+++6Zinq0 HnGVMCmP+yXGYSs40DbM3cbym8reVsMUlDf+iyyy3oNMDs6BrZyqlg== =90It -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: virus database
On [Thu, 03.06. 14:43], alex wrote: > Tracy wrote: > > > At 08:22 6/3/2004, you wrote: > > > > > >>This is a CRAZY idea ! > >>In a few time you have banned 50% or more of internet traffic ! > >>alex wrote: > > > > > > > > It's actually not a crazy idea, because a very large percentage of the > > virus traffic on the Internet originates from end-user boxes (machines that > > were never intended to be mail servers, nor to deliver mail directly to > > MTAs). A lot of places are already blocking dynamic address machines anyway > > (I block by RDNS on patterns that tend to indicate end user machines, such > > as "adsl-99-25-74-211.dsl.blvloh.ameritech.net"). Since these kinds of > > machines are 1) not intended to deliver mail, and 2) prohibited by their > > ISP's Terms Of Service or Acceptable Use Policies from running mail > > servers, there is no reason not to block them. And since these machines > > That's not entirely true, my isp allows me to setup my own mailserver though > our hostnames are something like adsl-111.111.111.111.xs4all.nl :) > > But I agree with you that it is a very useful filter. Folks, just ignore me if you think I'm riding a dead cow ... I do a similar thing for two months : Every mail reportet to be infected gets a second treatment: * look for originating IP (of SMTP envelope, _not_ headers) * resolve its domain * get the MX for that domain * if the IPs are not equal, block the host, since it is an infected, non MX host. This approach works _very_ fine (not a single complain ever since, opposed to three complaints due to RDNS check, which started the same time) the SMTP load actually is _reduced_ and the "SNDRIP=EIPSPAM" is constantly rising :-) and of course the virus/day rate is sinking. Since hosts that send you a virus nowadays are very likely sending you the same stuff again soon, blacklisting (IMHO) is a valid option combined with scanning. just my two cents Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQMlaweEKFiIqAG4fAQIlZQf/bmyazXfi+J61B36FPG+oGS2upnF/4Z8r S8gfduo0o5eUh6uWJD42HtPfYebjdJqqUEXSFRUcECujTDAD3Xsiobi3AjauTjIX L1v82EbGRnoV6khBBdbTLkOThQb3Uifaf6OcO8yPmvPWJgWMO+palNqgTJes8jTs l8jY+qpnQ4+LNlLjvb4/7rnO6ep1J5+cys1R5NxcbNyn41RqeVht6QN4dhiBOvtX PkmVeaxj7nZ5xgA5jiooZSEbFCXwS0YQpZwoGtDmVojr/EQauxHvfnK6Sa6kXgqZ cGVJcVeh1z0H8Imxw5mxQIa43ZGggnRQ59bH5fl72as25wjjL2LEjQ== =ngu/ -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail 1.18 (sometimes) doesn't accept (local) SMTP connections
On [Tue, 27.04. 08:32], Davide Libenzi wrote:
> On Tue, 27 Apr 2004, Goesta Smekal wrote:
>
> > Hello list,
> > I'm puzzled. Since I updated from XMail 1.9 to 1.18 (for obvious reasons ;-)
> > there are strange things going on:
> >
> > Local users complain about SMTP timeout messages from their MUAs at no
> > apperant reason. When they try to send the same message a little later it
> > works ok.
> >
> > Server is idle most of the time (system load about 0.06). (I also watched
> > during SMTP connection errors) Those connections don't show up in the logs.
> >
> > We have 100 users and about 1500 messages per day. Attachments are checked by
> > my MailScan script, which also did the same before the trouble started (so: NO!
> > my script is not to blame).
>
> There's a difference though. If you're using the filter as SMTP one, it is
> on-line during the SMTP transaction. While before it was not. Are you sure
> guys that all those filters are reentrant?
>
I'm afraid, one of us is missing something here. As for me, I am not sure, what
you mean by 'reentrant' filters.
My filter is in place for about two years now with great results (350 viri
per day nowadays). And I did notice the changes in v1.14, 1.16 and changed my
code accordingly. Let me explain what it does (in brief):
(note, syntax is _not_ strict ;-) )
$Status=0
open (FH, @@FILE)
while (){
parse message and save base64 encoded files
}
if ($files) { invoke AV }
if ($virus) {
re-read message and wirte all except for infected attachment to tempfile
$Status=7
mv tempfile @@FILE
}
exit $Status
Well, this stuff works pretty nice even after updating to v1.18. One point
I might have mistaken is, that I put the filter in _both_ filters.in.tab and
filters.out.tab. But on second thought, if I don't want local folks send
stuff to the Net this seems quite ok. (?)
Again, weather client SMTP connections are accepted or not doesn't seem to
depend upon my script being actve at the same time or not. I even started 15
SMTP threads to cover this. Didn't help either. Mx commandline lokks like:
XMAIL_CMD_LINE="-PX 10 -SX 15 -Qn 10 -Ln 5 -Mr 24 -Pl -Sl -Ll -Fl -Cl -Ql"
I will try to get a clue if the TCP handshake takes place at all but this is
a bit tricky since I can't reproduce the problem as I like. It just seems to
occure frequently enough to annoy users :-P ...
I'll kepp you up to date if something changes ... till then, any help is
very welcome
Thanks so far !
Goesta
--
Wiener Hilfswerk - EDV
1072 Wien, Schottenfeldgasse 29
Tel: 512 36 61 DW 407 / Fax 512 36 61 33
-- Attached file included as plaintext by Ecartis --
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQI9IJ+EKFiIqAG4fAQJ/ewf+JyBmne+Zj6bGEb0UOADPfHv+/dyt7j8W
I19bc3iH37yZYtpHQzhb8I9YUIJW6THvw+KtMo+5bqXlXvlsbP2XLnPpkCZr1WBe
ngeXX6vziDMgrBYKJGeOI+KwBYogyypuGMeDY0p+3pHqcKEhBqGGy433CdcciFg2
b/GKPUc2HJphoGUv50Bdxv+tn8RDykAgGmArRKXwCvU7X4nVszrU1ONIzP5h3EST
lxIZGJGseeqF5DpM9WfyYMpxXjaw3rGdtOCoRAZJRaiRDMdbW8s7t1uqXiV+Qg9c
2BrbF87jhtrjAbyV52kDGoiDrLXXRiBoigG8fY+6h/LjeEW7F3w8xA==
=21Ks
-END PGP SIGNATURE-
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]
[xmail] XMail 1.18 (sometimes) doesn't accept (local) SMTP connections
Hello list, I'm puzzled. Since I updated from XMail 1.9 to 1.18 (for obvious reasons ;-) there are strange things going on: Local users complain about SMTP timeout messages from their MUAs at no apperant reason. When they try to send the same message a little later it works ok. Server is idle most of the time (system load about 0.06). (I also watched during SMTP connection errors) Those connections don't show up in the logs. We have 100 users and about 1500 messages per day. Attachments are checked by my MailScan script, which also did the same before the trouble started (so: NO! my script is not to blame). Here is my setup: Slackware Linux 8.0.0 Kernel 2.4.9 (I know this is old) glibc 2.2.3 gcc 2.95.3 XMail 1.18 Filters: MailFilter (Perl script invoking SOPHOS) I also noticed a slight growth in memory. When I restart XMail RSS value is about 1300, slowly growing to 1900 and more. I can not yet give any info about long term use. And I tried the 'LD_ASSUME_KERNEL=2.4.1' hack described earlier in this list ... no effect. Any ideas anybody ? Thanks in advance, Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQI56GuEKFiIqAG4fAQJvagf9Fp+r6vn1RGc920iuNGhSRCCKbYH6cDrb 56a6U0Y7vxoNnEsd1s5IzeLLPYZElMFlpevGaHON6BFfMNK5yIhqAkhlKwucs8JW GfD66vSvASmuR/5CRjr4WiXX1qle354arjZokDmlgjut/LCfwX06+gQXwnpzK0Vv sHo2xKgd+rY4J7Zfy92Kbpp7nSu9P6LDB+7h2ccNR+QZSdC+VNPkm+nia7ptGHCp a/LOtVqBf4L/d3DmXXlnD+qxGJYNReu1b8bfDb6god4h2hDO1CIoYlSENlzzhaZk 56aJeKz0OALbDKhrOaphTUTU9NvTSbqxzsvIJX9Hl+6SsnT4+cNGug== =tHRy -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Mail loop detected?
On [Tue, 27.04. 23:20], RaveRod wrote: > 5 emails I just received (from the XMail Discussion group) are in a Mail > loop. > > > This may seems a stupid question but how do I fix this? YOU can't fix it. Since the loop was built by someone else. It seems we all get those :-P -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQI5gzeEKFiIqAG4fAQJw9QgAg6UTl9cvS4HOxy3WnhZL3YGY8LnDWoj8 wQYBvVaDOuvMhaTuJe6FYbwDTLJhycMoTzGHo+BJUSTIwloIpTN6jxCRDZEf+23P MEMDVpU55NVB4gwI/6/vPhEQFBI7nmXyGCFoekHaaN1CpVL3jm7DevGoI0eG8v7g It4i+seSnS8bLUIjex4GMzViBPU07X4unNhaBMv2Bp4DvcTVC1ST5Q4wzz2HKzgs HCDq99IP6bj6b7sBFwF9voug8NNfWJVh7l+Etny5qai2FT6GjRYwsh6Qn+7oLDd0 lSsxICwyvjaohkFgmv7dZniBeapeuzmsXz4dJV300U5PMdA7JI9Qyg== =xoQ8 -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: forward a copy of a message
Bummer ! This was another RTFM ;-) I obviously didn't think of combining the two ... Thanks ! On [Wed, 07.04. 15:45], Achim Schmidt wrote: > i would suggest to be a's mailproc.tab like that > > "redirect""[EMAIL PROTECTED]" > "mailbox" > > - achim > > > Am Mi, 2004-04-07 um 15.24 schrieb Goesta Smekal: > > Hi folks, > > maybe I missed something, but AFAIK with the means of XMail (i.e. no filter > > magic) it is only possible to _redirect_ messages entirely. So if I set a > > 'redirect' in MAILPROC.TAB for user '[EMAIL PROTECTED]' to '[EMAIL PROTECTED]' the > > mails will > > never enter a's mailbox. > > > > I would like to send copies of mails coming in for 'a' to 'b', so they both > > get the message into their inbox. Since this is for vacation purposes, aliases > > or mailinglists won't do the job. > > > > Any ideas ? > > > > Goesta > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQHQSVuEKFiIqAG4fAQJbZggAifEmI7TdIm2UmEYOFyA77QYYjJUVI0te iuBEx5/iEAyoUgvVd0EBf8gfgKR0fywbuBVk/QRDRRw2tNqhsWPEhyXeGg1rG3Wp 88SP+GiwbOmoeVSO6JcMe8xeP4Clgazz0PkfaYftaJKYdxsABJ5fANnsEnV3x7bw gIs9m+1C0UI9dhMv2W02xz6NisuE/Trd4JlMHrMEptHGexnXa7rmhK2OidnuFdt9 FX1WVHkex/23qplWsTZl4O67sFSNw3gt19EtuXt2dQRZ2BTI79Ui3U1sTef5cDPP 9kBM9l4EwA6hxP0MFTWsYX1vQ7AE4f+n81swtRQfMuacCvEhWgFzDA== =i1xh -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] forward a copy of a message
Hi folks, maybe I missed something, but AFAIK with the means of XMail (i.e. no filter magic) it is only possible to _redirect_ messages entirely. So if I set a 'redirect' in MAILPROC.TAB for user '[EMAIL PROTECTED]' to '[EMAIL PROTECTED]' the mails will never enter a's mailbox. I would like to send copies of mails coming in for 'a' to 'b', so they both get the message into their inbox. Since this is for vacation purposes, aliases or mailinglists won't do the job. Any ideas ? Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQHQBKOEKFiIqAG4fAQKaHAf/dJgJUl58NGBNpMpjgp8GGsur3xY5JKWY 2OFU7BGspDiLk/GopQyobdaujXcGhsj7KmHnCCcogs6o6P+bX7NSTUTI/h1x5IOk ZKKoOTpxLzAf/HXypbv0DQMuiFWxm1n+SxytRfvL8TLe/PGP+pl0qDorAqJRj3y1 ZlZEYzHUrA5hB3UJfsvuuDCrEshniFL8QyXDHJT4A4Pje5fUXnqq6+Y33JUGNkD5 FxHQwuvAgVL94GA405rmgyE3ZKHjC+lh0RdrAM03+RGNw8R2bhb0nGeuThymG5+m 1eMxfPnfkrFLUgBJANsWuFn6TCMt9G0oLOacrSjngUZIMyrOefauWQ== =8v5V -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Default Open Relay
On [Tue, 30.03. 23:02], Davide Libenzi wrote: > > http://www.xmailserver.org/Readme.html#configuration > > In particular the step that says 'THIS IS IMPORTANT'. The difference, > giving for granted that user do not read the documentation, is that if I > close the relay I will receive tons of email saying (subjects in random > order): > > I cannot send message through XMail ... > What does relay denied means ... > My server does not work, can you configure it for me ... > > So basically I have to decide who pays. Myself being personally annoied > with those cr*p, or ppl that does not read the doc and gets open relay. > I'd better stick my the current setup, what do you think? As administrators of mailservers should be security aware it would be better someone _not_ knowing what he/she is doing has to read the docs _before_ anything works. About 1/3 of the mails we recieve nowadays are viri, I do not use a spam filter, so any assumption I make here must be wrong. But I think it must be in the same magnitude. As maintainer of the XMail project I am afraid it is your duty to make it a 'safe' server by default. The fact that '70% of the folks don't read docs' only encourages a change in the defaults. Make it a closed relay. Set up mailfilters for your inbox, deleting any mail with the subjects lines you mentioned above ;-) And the Net will get less open relays per day. just my opinion Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQGpyNeEKFiIqAG4fAQKoUAf/VewHepjITCKIipFmgrVVygRkHnkrS3mN jR/EqVbIPRid4W5lzZDkk+4VFKSaC/hiuwYNrXHxUx7X/fcJtHf2Uv6Uf3TLxcUN PnYAI2PT5i7Jx2xgg/eo0JVqqHWXSONnbgGFHX69I+8fkuHzuE+u4/VcaFziQ6I3 oCP/PVErt5ux4aJJoU0RmpnE0QRbUVGd/J+BV8WrpaCTaZshSFgjusToExkMYvoN A/ZGteDg10EXHaMdgWcrMg8iZJxPEDNgrE0pyW8AspIECS/SQw8aLkOdanNyEdpV 0dNYJJMOECwlPwtJS0NkGGZEhXy49a+jKxFxrPV3d0YphV1GaKSzoA== =/6qJ -END PGP SIGNATURE- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Take a little more care in what you post !
Dear fellows, speaking of secure systems and all the evil that is lurking out there, it occured to me that some of you post vital server info right out into the list. Whatever you post ( 'ps auxw' was recently seen, with _all_ processes, even database backends, gui and so on, partly with the hostname and program version included) goes out to whoever subscribed the list. Fortunately the list is not (yet) archived somewhere in the web (at least I did not find any postings in Google) but you never can tell. So, folks, if you post debug output or process info into the list, 'xxx'-out all system specific parts like IPs, hostnames _and_ processes running, that are definitely _not_ XMail related. Just a thought of a paranoid ;-) Goesta Smekal -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: W32/Bagle.K@mm
Good news ! Even though I don't know why, my combination of MailFilter ( http://members.chello.at/goesta.smekal/code/ ) and Sophos ( http://www.sophos.com ) got one yesterday. Following the long thread on securityfocus's list I can hardly imagine how, but it seems to work. finally found the clue: Sophos detects all encrypted versions of Bagle as 'Win32/Bagle.zip' ... don't ask me how they do it, but your favourite AV vendor will certainly do the same soon. Goesta On Thu, Mar 04, 2004 at 09:13:00AM +0100, Roman Dusek wrote: > Hi all, > > has anyone any XMail antivirus filter that is able to catch W32/[EMAIL PROTECTED] > virus (spreading since yesterday)? As virus .exe file is inside > password-protected zip, my f-prot for dos isn't able to detect it. > > Roman > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Query re. delivery failures
On Thu, Feb 12, 2004 at 10:26:23AM +0800, Adrian Hicks wrote: > As postmaster I occasionally get "The maximum number of delivery attempts > has been reached" messages. I usually test for an MX record for the > domain, & almost always there's no MX record returned. Me too. And nearly everytime the problem started 'before the keyboard'. I.e. people try to send mail to '[EMAIL PROTECTED]' or so. Most common errors (at our site) are misspelled domains or nonexistent users in adresses. > Is this common? I'm assuming that such a delivery error would be the same > no matter what MTA is used. Yes, at least what I discribed above is common to all MTAs. Where no domain exists, no MTA can send mail to :-) hope that helps Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: accept mail from real MX
On Mon, Feb 02, 2004 at 12:20:15PM -0600, Shiloh Jennings wrote: [snip ... 'LRW' means 'LinuxRoadWarrior', far from home, own SMTP aboard] > The LRW would use SMTP AUTH to send email through his ISP's email server. This is a non standard approach. But on second thought, we all know where the standard approach brought us to :-) Talking about the usual UN*X way of Mail i've got fetchmail/procmail/MUA/MTA on my local machine and only the POP3 mailbox has to be at some host permanently connected to the Net. I have to check whether mutt (for instance) is capeable of SMTP-auth ... > If port 25 is blocked, the other option would be port 587 as proposed by > SPF. This solution does not stop the LRW from sending email. Nobody is > avocating requiring home users to set up VPN tunnels. Home users use their [EMAIL PROTECTED] e-Mail address and 'smtp.home.isp' should know their IP so all is well. Whith or whithout RMX. The roaming user is the interesting one. > > Imagine the RMX sets of FreeMailers (GMX, HotMail et al) ... or do you > > plan to ban them anyway ? > > I don't need to imagine them. If they choose to publish their RMX sets in > their DNS, then my email servers will use that info when deciding whether or > not to accept the email. If they do not publish their RMX information, then > my email servers treat the email the same way it is treated today. Nobody > is avocating blocking free email services. So maybe I#ve got you wrong. Speaking of the perfect RMX world, I could _not_ do the following (which I do today sometimes): I've got a free mail acount at GMX. But rather then using their boring and slow web front end, I have configured a MUA (Mozilla Mail) to read an send mail as that user. POP3 server is 'pop.gmx.at' and SMTP host is 'smtp.my.isp', which is _not_ GMX. My ISP's SMTP accepts the mesages because they come from my host, which is in his IP range, _not_ because it is from his domain (which it is definitely not). If GMX had to deal with this situation via RMX they had to know from somewhere (/dev/crystal_ball perhaps ;-) ) if my IP 'belongs' to that e-Mail address ... so ho would they do that ? > > BTW: ever thought about your sending SMTP server signing mail headers from > > known senders (i.e. [EMAIL PROTECTED] from within the company LAN) digitally > ? [snip] > Post a URL that details this proposal. I'd be interested in reading about > anything that will help us reduce the spam burden. At a glance, this sounds > like something that would not work, because the spammers could simply forge > the sig. But maybe there is more to it than what you have already posted, > and I'd like to read the entire proposal before judging it. I have heard > similar proposals already where the sig data was copyrighted, so the domain > owner could sue the spamer for copyright infringement if the spammer pasted > the sig into any spam. Maybe the proposal you are talking about has > provisions like that in it. There is no URL to post, the idea occured to me once I recieved 45 mails an hour, claiming I sent some worm to some people behind some of those stupid virus defense systems that reply to the 'From:' field in the mail header, not knowing it is forged. I had posted the idea once in this list. I thought of signing the entire message then. But that would mean, the server takes responsibility for the content too, which is clearly impossible and also should not be done. What I propose is to let our company MTA sign the headers of messages coming out of our LAN and from an address within our domain, using a public-key/private-key system (GnuPG comes in mind). It could attach the signature as a seperate MIME part at the end of the message. So users need not read it (unless they like reading massage hashes). Other users or MTAs could verify the signature against the message header they recieve and check if it is valid. Forging the signature would only be possible having the private key of the server. (except for breaking the key, which would be very 'expensive' for a spammer just to get his mails through) Flaws of this concept are: Where to put the public key ? Webpages are a bad place to recieve them automatically, DNS text fields look better (like the keys for FreeSWAN's 'opportunistic encryption'). How could MTAs/MUAs check the sig whithout too much effort ? I mainly think of software adaptions needed. It is easy whith XMail, procmail, but ... Maybe ther is some RFC out there dealing whith a similar topic, I just did not check yet. But something tells me this will become more relevant in the future, so i will pursue the idea anyway ... regards, Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: accept mail from real MX
On Sun, Feb 01, 2004 at 05:03:52PM -0600, Shiloh Jennings wrote: > > > Don't see that IP in there do you Fails the test Not good. > > > > I agree. De-queued. > > Ah ! great to hear that ! Imagine a 'Linux road warrior' (LRW for short) pluging into the Net far from home, but using his e-Mail address [EMAIL PROTECTED] ... he will use his sendmail/postfix/whatever on the local machine to send mail ... guess how close his IP will be to the MX at home ? > Understandable. What about implementing support for RMX? That is something > a lot of email servers will be moving toward in the near future, and it does > not cause any problems like the idea about simply using the MX. I will try to be as little cynical as possible, but: When was the date we all switched to IPv6 ? Yes, right, we all do 'trusted computing' allready and wasn't it the same guy saying 'There will be no spam whithin 18 month from now' in Davos, who also said '640kB of RAM are enough for everybody' ? Maybe I'm in this Biz too long to believe in miracles introduced by new technologies. There are major flaws in that proposal (link below) too. First to mention our LRW. Does he really have to build a VPN tunnel to his homeLAN just to be able to send mail ? Imagine the RMX sets of FreeMailers (GMX, HotMail et al) ... or do you plan to ban them anyway ? I'm sorry to say that, but I'm afraid we have a long way to go before we get rid of spam. BTW: ever thought about your sending SMTP server signing mail headers from known senders (i.e. [EMAIL PROTECTED] from within the company LAN) digitally ? So the recieving MUA can check the Sig against the public key of the server and if unmatched, slip the message to the 'not good' folder. Yes, this is also the proosal of a kind of a new standard, but it works without changing all the DNS/SMTP servers out there ... just a thought, Goesta > The > following link explains RMX. > http://www.danisch.de/work/security/txt/draft-danisch-dns-rr-smtp-00.txt -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Proposal: a way out of the VeriSign desaster ?
Dear list, thinking about the 'great improvements for using the internet' Verif..k has made yesterday a possible solution for the spam dilemma occured to me: Use WHOIS instead of DNS. 'whois kissverisigngoodbye.com' still results in 'No match for ""' (besides a lot of legal mumbo jumbo). So it is still possible to check the existance of a .com/.net domain. BTW I still disagree with Verif...'s way of handling DNS ... just a thought Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Clam AV?
On 28 Aug 2003 at 14:12, Toby Reiter wrote: > So I'd like to use Clam Av (unless anyone has any other open source > anti-virus ideas for Linux). As others said before: use it with caution ! We used it for a while but after the Klez.H outbreak I switched to Sophos. If you do serious business I think it's worth investing in a commercial scanner (I never thought I would say that since I'm a free software junkie) > I think I can probably use the existing > virus filters without too much hassle, but I wanted to get feedback > from other users on whether they've tried Clam AV, and what they > thought about it. Also info on any open source anti-virus setups > successfully installed on Linux would be appreciated. You can download my filter script (perl) tailored for ClamAV from http://members.chello.at/goesta.smekal/code/ I have got an updated version in productive use (with Sophos) which I will post if there is any kind of interest out there ... hope that helps, Goesta P.S.: sorry, Toby, you get this double, since I seem to forget to post answers to the list instead of the author lately ... -- Goesta Smekal (IT Systems Administrator) Wiener Hilfswerk Schottenfeldgasse 29 A-1072 Vienna - AUSTRIA Phone: ++431-512 36 61-407 Fax: ++431-512 36 61-33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: newbie request
On 6 Aug 2003 at 7:56, S=F6nke Ruempler wrote: > > btw guys, what about a faq system for xmail?? ;-) > Jeah ! Great idea ! I'm recieving enough mails anyway ;-) I'm with you ! I'll start browsing my personal list archive for repeating subjects and topics ... Maybe we could start a temporary list for coordinating our work. I could host one if Davide has better things to do ;-) anybody else ? greetings, Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Email Survyes?
Set up a special account i.e. '[EMAIL PROTECTED]' and write a nifty filter script that parses the message. Suggestions: *) Poll topic as subject line ?) How to deal with allowed options ??? Maybe you start the whole thing off an HTML page and create a 'mailto:' links for each option, inserting the choice into the subject line as well. (would contradict the previous point ;-) ) *) stuff the results into a DB or some ASCII file that gets evaluated sometimes ... BTW: good idea ! Never thought of doing polls that way. Why not ?!? On 5 Jun 2003 at 13:27, Pablo Pedernera wrote: > Anyone have an idea of how to implement surveys via email, using > xmail? > > Pablo Pedernera > Coordinador Centro de Capacitacion > Sindicato de Trabajadores Municipales de Rosario > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.483 / Virus Database: 279 - Release Date: 19/05/03 > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] For general help: > send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Push notification to mail clients
second thought: this should be taken care of by the client. My client (Pegasus Mail) checks for new mail every 10 min. There are small apps just for checking mail. Xbiff in X-Window, but I heard, there are M$-Win solutions too ... On 12 Mar 2003 at 15:57, EDV - WHW (Goesta Smekal) wrote: > > We are talking about SMTP/POP3 here, not MAPI. How should the server > possibly know where the clients connect from ? (unless they are > connected, which usually lasts a second or so ...) > > On 12 Mar 2003 at 9:52, Steen Rab=F8l wrote: > > > > > Hi > > > > Is it possible to make Xmail send a notification like Exchange > > server, when a mail arrives? > > > > Best > > Steen > > > > - > > To unsubscribe from this list: send the line "unsubscribe xmail" in > > the body of a message to [EMAIL PROTECTED] For general help: > > send the line "help" in the body of a message to > > [EMAIL PROTECTED] > > > > -- > Wiener Hilfswerk - EDV > 1072 Wien, Schottenfeldgasse 29 > Tel: 512 36 61 DW 407 / Fax 512 36 61 33 > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] For general help: > send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Push notification to mail clients
We are talking about SMTP/POP3 here, not MAPI. How should the server possibly know where the clients connect from ? (unless they are connected, which usually lasts a second or so ...) On 12 Mar 2003 at 9:52, Steen Rab=F8l wrote: > > Hi > > Is it possible to make Xmail send a notification like Exchange server, > when a mail arrives? > > Best > Steen > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] For general help: > send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: strange performance problems
On 14 Nov 2002 at 9:45, Davide Libenzi wrote: > > On Thu, 14 Nov 2002, EDV - WHW (Goesta Smekal) wrote: > > > So, I must be suffering some strange kind of blindness ! [snip] I did (suffer blindness) ! The problem is found and eliminated. Our server room has no windows (except two NT ;-) ) so we use air condition during summer to keep the eight machines cool. In winter we let the heat circulate through the ventilation system. That used to be enough until last winter. This summer I changed a few things (internet access to be precice) and two hubs found their way into the room. One of them did not stand the missing air condition and overheatd. Just as simple as that. No hub, no traffic. > Just be carefull with tcpdump, yesterday they found a trojan in some > versions of tcpdump and libpcap :) Thanks, I read that too, but my version is way older ;-) Sometimes it pays to bother and download every tool you use in source and from the original site ! have a nice day, Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Fw: Re: web-interface for userdetails
On 8 Nov 2002 at 16:36, Newsmirror wrote: > > Try 'XMail PHP Administration Interface' or 'XMail Web Frontend' just > > to name the first two I found within 5 seconds search. > > I explicitly stated that didn't look for a full administration > interface, which I know there are a few of around. > > The reason I asked this question here, was that I couldn't find > anything in the tools-list that matched my needs. I simple app > enabling users to log in and change their own userdetails. With 'phpxmail' you can do both. Log in as postmaster of some domain and you can create/modify users, pop3links, lists, aliases ... you name it. Log in as user and you are bound to your stats. I use v0.33 which has some bugs in sections I don't need (should look for a fix anyway) and it works fine for domain administration tasks. I did not yet log in as user however, give it a try ! regards, Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: strange performance problems
On 13 Nov 2002 at 9:56, Davide Libenzi wrote: > > On Wed, 13 Nov 2002, EDV - WHW (Goesta Smekal) wrote: > [quite large posting chopped down to essential part] > > I tried to push data across the router in front of the mailserver > > by copying a large file via scp from my destop PC to the mailserver: > > transfer rate was close to the theoretical maximum of the network > > segments used (10 MBit Ethernet hub between the router and the > > mailserver) and system load at the router (also Linux but a Pentium > > MMX 233) was about 0.25. > > It should be pretty much clear that the router _is_ your problem. > So, I must be suffering some strange kind of blindness ! Well actually your point seems obvious, but: I had a very close eye on the router during all my testing. Sysload is no problem, nor is memory or diskspace. Firewall configuration was not altered within months. I had a look at the router with 'netwatch', observing the router stats and there are traffic bursts of as much as 5000 kbps (!) across the router. That should be enough for POP ... since our leased line is 2 Mbit. I will take this thread to some place it fits better, since I am quite convinced I do not suffer an XMail problem. If any of you folks could point me to some good source of network debugging info ... 'till then I'll read Andy Tannenbaum all over again ;-) thank you anyway ! Goesta -- Composed with Pegasus Mail v4.01 - the /dev/null for worms take a look: http://www.pmail.com - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] strange performance problems
First I have to apollogize that this posting is not 100% XMail related. Having said that, my problem is as follows: We run XMail v1.9 on an Intel PIII 900MHz with 256MB RAM, using Slackware Linux 8.0 Kernel 2.4.9 for about half a year now with one domain and about 70 users. Traffic is about 30 MB of mail per day (sorry, since I do no logging I have no Idea of messages per day) ranging from 15 to 70 MB/day. So what's the problem ? Simply performance. But not allways. For months the system worked _very_ fine, responses where fast and transfer rate only limited by the connection's bandwith. And then, slowly the throughput eroded, sometimes coming to a grinding halt. Well what happens ? If users try to download mails, their client starts loading messages at a _realy_ low speed (a minute or two for some plain text message containing 20 lines pf text or so) and eventually times out. At the same time the load at the XMail box is about 0.01 and there is no network congestion as far as I can see. If they try half an hour later, everything is fine, or not, you never can tell. I tried to push data across the router in front of the mailserver by copying a large file via scp from my destop PC to the mailserver: transfer rate was close to the theoretical maximum of the network segments used (10 MBit Ethernet hub between the router and the mailserver) and system load at the router (also Linux but a Pentium MMX 233) was about 0.25. So, the machines and the network are capable of far more than I need, where could the bottleneck hide ? Last Friday I found estematedly 30 frozen messages, which I deleted after a very brief review (they all suffered misstyped domain or usernames) and users reported an improved situation on monday. But today there are just 3 frozen messages and we are back at snail mail again ;-) Does anybody of you have any bright idea what to do about this situation ? I can supply some further observations: * System uptime is 120 days now (but that usually is no problem in the UN*X world and I never saw Linux boxes suffering from long uptimes, unlike ... no, I will not start a new flame on that ;-) ). * Sometimes, when I dig around in the system via ssh from the company lan (so only the router between me and the mailserver) I can watch the characters I just typed in appear on the screen one after the other, quite slowly (again something I am NOT used to) * I use my own perl virus filter script together with ClamAV - so sometimes, when some stupid sends a 5MB attachment to all users (about 70) the system gets quite busy. System load 16 (!) for an hour, scanning the same file 70 times, simultaneously. But it keeps responsive all the time ... slowly, but you still can mail and work on the box (great, those UN*X systems, aren't they ?) ... by the way, this is definitely NOT the problem I described above, because it only happens every now and then (users are not that silly ;-) ) * I watched with 'netstat -cteo' ... I see two to six simultaneous connections at best ... when someone has the 'timeout problem' the 'Send-Q' column in the output of netstat goes up to about 15000 which looks quite normal, compared to my scp-performance tests. * DNS works great ! All client connections resolve within a moment's notice, local as well as remote. I am quite puzzled. Any help _very_ welcome ! Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Fw: Re: web-interface for userdetails
Did you ever think of looking at the tools in the 'XMail Tools' section of the XMailk homepage (www.xmailserver.org, in case you never visited ;-) ) ? Try 'XMail PHP Administration Interface' or 'XMail Web Frontend' just to name the first two I found within 5 seconds search. good luck, Goesta P.S.: sorry for being a little rude, but why is there a homepage and documentation if nobody bothers reading ? On 8 Nov 2002 at 12:58, Newsmirror wrote: > > > > > > - Original Message - > > From: "Michal Altair Valasek" <[EMAIL PROTECTED]> > > Newsgroups: saltstorm.xmail > > Sent: Friday, November 08, 2002 12:38 PM > > Subject: [xmail] Re: web-interface for userdetails > > > > > > > > > > | Anyone outhere who knows if there exists any web-based > > > | apps where a user can log in and change his/hers > > > | XMail useraccount details (user.tab stuff) ?? > > > | > > > | Not a fullblown server administration thingie, just a > > > | lean and mean interface for Joe User. > > > > > > It can be done using XMail-WAI > > > (http://www.altair2000.net/software/xmail-wai/), but it's full > > > administration interface. > > > > > > But it's open source program, so if you know something about ASP, you > > > can cut only the requested part. > > I would rather prefer a PHP solution as its gonna be hosted on a nix-box > However, If I have to knock this piece up myself, I might go have a look > the related WAI code for inspiration. > Is there any WAI-demo up and running, I don't have IIS around here. > > /thomas. > > > > > > > > > > > > > > -- Michal 'Altair' Valasek > > >They use the Internet. We live there. > > > > > > Altair Software Production: http://www.altair2000.net > > > Personal home page: http://www.rider.cz > > > Prvni a nejvetsi cesky server o sadomasochismu: http://www.bdsm.cz > > > Vse o Microsoft technologiich pro Internet: http://www.aspnetwork.cz > > > > > > - > > > To unsubscribe from this list: send the line "unsubscribe xmail" in > > > the body of a message to [EMAIL PROTECTED] > > > For general help: send the line "help" in the body of a message to > > > [EMAIL PROTECTED] > > > > > > > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: 572 relay not allowed...
Another comment from the RFC nerd ;-) According to RFC 1893 (i can not enough encourage you to read RFCs 821, 822, 1893, 2045-2047, it is _great_ if you have problems falling asleep) it is a list problem: (quoted from RFC) X.7.2 Mailing list expansion prohibited The sender is not authorized to send a message to the intended mailing list. This is useful only as a permanent error. (end of quote) The leading '5' indicates a permanent error. On 5 Nov 2002 at 9:26, Davide Libenzi wrote: > > On Tue, 5 Nov 2002, [ISO-8859-1] SIN Stefan St=E4nz wrote: > > > > > hi all, > > > > another newbie question... see error message below, why could that be? > > > > thanks for your hints and answers! > > > > cheers, > > stefan > > > > > > > > From: drahtlos.ch PostMaster <[EMAIL PROTECTED]> > > Date: Tue, 05 Nov 2002 11:57:25 +0100 > > To: [EMAIL PROTECTED] > > Subject: Error sending message [1036493841136.750619.linux1] from > > [drahtlos.ch] > > > > [<00>] XMail bounce: Rcpt=3D[[EMAIL PROTECTED]];Error=3D[572 Relay not auth= > orized] > > > > > > [<01>] Error sending message [1036493841136.750619.linux1] from > > [drahtlos.ch]. > > > > ID: > > Mail From: <[EMAIL PROTECTED]> > > Rcpt To: <[EMAIL PROTECTED]> > > > > > > [<02>] The reason of the delivery failure was: > > > > 572 Relay not authorized > > It should be an MX problem. Either XMail cannot find the MX and try to > send to the A record "drahtlos.ch", that reject it or the MX record for > such domain is acting wierd. > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Rename?
Did you ever think of the power of aliases ? If you want olduser@domain be accessible as newuser@domain just add an alias to olduser@domain. There are several advantages over simply renaming an account: 1.) there is a CtrlClient command for it :-) 2.) you don't need to copy any settings or mail 3.) the Net never forgets (a second similarity to elephants, besides the size ;-) ). If an e-Mail address once was known to more than the person owning it, mail will come to it for years (months at least, sorry for exagerating). Especially if some 'functional' account in a company/organization changes it is a bad idea to just wipe out the old adress. Mail will bounce and your customers/partners/whatever will be confused. If the mail gets through anyway, the recipient can inform people of the new address. 4.) ... can't think of any more ... but sure there are plenty !! On 5 Nov 2002 at 23:10, Orion Productions wrote: > > Hm, I don't know :-p > > But my idea was the following: I'm creating a web-based administration > interface for XMail in .NET, and there is a textbox to enter the account > name, so if someone would edit the properties of a user, it would be nice to > be able to change the username over there. > That's why I was asking for a CtrlClient command :-) > > And actually, I can think of situations where a rename functionality would > be very handy, for example when someone is replaced in a company by a new > employee, who takes over his task, so the messages and other stuff doesn't > get lost... > > - Original Message - > From: "Davide Libenzi" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, November 05, 2002 5:34 AM > Subject: [xmail] Re: Rename? > > > > > > On Tue, 5 Nov 2002, Orion Productions wrote: > > > > > > > > Just a quick question: > > > > > > Is it possible to RENAME an XMail User Account ? > > > > > > I know I could just delete the old mailbox and create a new one, but > then I > > > would lose all the messages that could be still in it (or I had to > manually > > > move them), all specific user settings etc. So it would be very usefull > to > > > do a rename with a CtrlClient command! > > > > > > Solution??? > > > > How many time it'll happen in the next 12 months ? > > > > > > > > - Davide > > > > > > - > > To unsubscribe from this list: send the line "unsubscribe xmail" in > > the body of a message to [EMAIL PROTECTED] > > For general help: send the line "help" in the body of a message to > > [EMAIL PROTECTED] > > > > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: number of process ??
On 22 Oct 2002 at 11:40, Guillaume Devoyon wrote: > > Hello, > i'm looking my mail server and i can see there is many process running for > Xmail.. > Is it possible to reduce this number ?? > Actually my server is running for 10 people As I just mailed Spyros, use the command line switches ... part 19 in the doc (I don't repost it now) -SX sets the number of SMTP threads, and -PX does so for POP3 ... regards, Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Enabling Logging and then some....
On 22 Oct 2002 at 9:33, Spyros Tsiolis wrote: > > Hello list, > > Does anyone know how to enable logging on an xmail box? (linux version). Use the command line switches ... did you ever think of reading the docs ? ;-) Part 19 Command line Most of XMail configuration settings are command line tunables. These are command line switches organized by server. [XMAIL] -Ms pathname= Mail root path also settable with MAIL_ROOT environment -Md = Activate debug ( verbose ) mode -Mr hours = Set log rotate hours step -Mx split-level = Set the queue split level. The value You set here is rounded to the lower prime number higher or equal than the value You've set -MR bytes = Set the size of the socket's receive buffer in bytes ( rounded up to 1024 ) -MS bytes = Set the size of the socket's send buffer in bytes ( rounded up to 1024 ) -MM = Setup XMail to use "Maildir" delivery ( default on Unix ) -Mm = Setup XMail to use "mailbox" delivery ( default on Windows ) [POP3] -Pp port= Set POP3 server port ( if You change this You must know what You're doing ) -Pt timeout = Set POP3 session timeout ( seconds ) after which the server will close the connection if not receive any commands -Pl = Enable POP3 logging -Pw timeout = Set the delay timeout in response to a bad POP3 login. Such time will be doubled at the next bad login -Ph = Hang the connection in bad login response -PI ip[:port] = Bind server to the specified ip address and ( optional ) port ( can be multiple ) -PX nthreads= Set the maximum number of threads for POP3 server [SMTP] -Sp port= Set SMTP server port ( if You change this You must know what You're doing ) -St timeout = Set SMTP session timeout ( seconds ) after which the server will close the connection if not receive any commands -Sl = Enable SMTP logging -SI ip[:port] = Bind server to the specified ip address and ( optional ) port ( can be multiple ) -SX nthreads= Set the maximum number of threads for SMTP server -Sr maxrcpts= Set the maximu number of recipients for a single SMTP message ( default 100 ) -Se nsecs = Set the expire timeout for a POP3 authentication IP ( default 900 ) [SMAIL] -Qn nthreads= Set the number of mailer threads -Qt timeout = Set the timeout to be waited for a next try after send failure. Default 480 -Qi ratio = Set the increment ratio of the reschedule time in sending a messages. At every failure in delivery a message, reschedule time T is incremented by ( T / ratio ), therefore T(i) = T(i-1) + T(i- 1)/ratio. If You set this ratio to zero, T remain unchanged over delivery tentatives. Default 16 -Qr nretries= Set the maximum number of times to try to send the message. Default 32 -Ql = Enable SMAIL logging [PSYNC] -Yi interval= Set external POP3 accounts sync interval. Default 120 -Yt nthreads= Set the number of POP3 sync threads [FINGER] -Fp port= Set FINGER server port ( if You change this You must know what You're doing ) -Fl = Enable FINGER logging -FI ip[:port] = Bind server to the specified ip address and ( optional ) port ( can be multiple ) [CTRL] -Cp port= Set CTRL server port ( if You change this You must know what You're doing ) -Ct timeout = Set CTRL session timeout ( seconds ) after which the server will close the connection if not receive any commands -Cl = Enable CTRL logging -CI ip[:port] = Bind server to the specified ip address and ( optional ) port ( can be multiple ) -CX nthreads= Set the maximum number of threads for CTRL server [LMAIL] -Ln nthreads= Set the number of local mailer threads -Lt timeout = Set the sleep timeout for LMAIL threads ( in seconds, default 2 ) -Ll = Enable local mail logging -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Extra period
On 1 Oct 2002 at 14:44, EDV - WHW (Goesta Smekal) wrote: > > if I filter the spool file, and that is creating some problems for me = > > since > > I load it into a JMail message that think that is already done. > > Sorry, your assumption is invalid, unless the message file is found > within a user's maildir. Sorry again, my assumption was wrong too ! Only the fetching POP client removes the leading dots. They remain even in the MailDir on the server. Sometimes a packet sniffer can be your best friend ;-) Goesta -- Composed with Pegasus Mail v4.01 - the /dev/null for worms take a look: http://www.pmail.com - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Extra period
On 1 Oct 2002 at 14:28, Lindell Jorgen wrote: > > OK, I found it. > RFC821 / 4.5.2. TRANSPARENCY good ;-) > > Where it says that its the sending-SMPT should double periods in = > beginning > of lines and > recieving-SMTP should remove them again. > > Is this really happening in XMail SMTP? If I send a mail with Outlook > Express to XMail > and then look at the mailbox file, the periods are doubled, and so they = > are since your MUA talks SMTP to XMail it (your client) is supposed to add a 'period' to any line beginning with a 'period', otherwise it would violate RFC 821, which we all love so much :-) > if I filter the spool file, and that is creating some problems for me = > since > I load it into a JMail message that think that is already done. Sorry, your assumption is invalid, unless the message file is found within a user's maildir. > Shouldn't Xmail remove the doubles in the process of recieving the = > file, > before spooling? Nope. The next step of delivery might be sending the message on to another MX (the mailserver of the message's recipient) and that would be done via SMTP, which requires compliance with part 4.5.2 ... > Davide, aren't you compliant to rfc821? :-) XMail need not care about it. If the MUA did it wrong, it is too late to bother since the message would allready hane been truncated. Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: Extra period
On 1 Oct 2002 at 8:42, Lindell Jorgen wrote: > > Hi, > > I have a strange problem wehre periods (.) gets atted to the message = > body. It's not a bug, it's a feature ! SMTP Messages end in the sequence . but if the message composed by the user contains a line homing only a single period (.) the recieving host would think the message ends and discard the remaining part. So the sending host must add a period character to every message line starting with a period to 'escape' this EOT sequence. (compare RFC 821 Part 4.5.2) -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: SMTP Error messages...
Dear Bob, a comprehensive collection of SMTP error codes (put into a nifty list by categories and really legible ;-) ) can be found in RFC 1893 http://www.ietf.org/rfc/rfc1893.txt On 19 Sep 2002 at 9:42, Bob Hugel wrote: > > All: > > Is there a list of error codes with corresponding explanations along with > which setting controls that message in the server.tab file? -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: antivir
On 18 Sep 2002 at 0:18, Juan Hector Medina wrote:
> I dont have any luck with this..
> i try everything but nothing if delete from line 198 to the EOF the program
> scans the email, write the email and i can download the email without virus
> and problem...
I hope you let the line before EOF in the script, it says:
--$boundary--
and is necessary to enclose the text between two matching MIME part
boundaries. Otherwise your client will get confused on purpose !
Line 195 checks if the message is through until the start of the
first infected attachment, writing its boundary line to the tempfile.
After that line 197ff (the 'else {}' block) is activated and the
replacement text gets written to the file. The 'last' statement at
the end of the 'else' block ends the loop, discarding the rest of the
original message.
So if you remove that line before 'EOF' you start a MIME part with a
header but don'n finish it afterwards. That's not nice ;-)
> I wish i could change the email client program but is the same of all my
> users...
Oh, how well do I know what you mean ;-) If only they all would
switch to a 'real' mail client, we had much less trouble ...
regards,
Goesta
--
This may seem a bit weird, but that's okay, because it is weird.
found on line 89 of 'perldoc perl'
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]
[xmail] Re: antivir
On 17 Sep 2002 at 10:19, Juan Hector Medina wrote: > yes youu have rigth > I telnet directly to the server i got my email: > .. > top 1 20 > +OK message is 2020 bytes > Return-Path: <[EMAIL PROTECTED]> > Delivered-To: [EMAIL PROTECTED] > Received: from dell (200.57.4.170) > by xcien.com with [XMail 1.9 (Linux/Ix86) ESMTP Server] > id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED]>; > Tue, 17 Sep 2002 10:01:55 -0500 nice to hear that ! > can you help me to find where putt the blank line: Yepp ! In mailscan.pl find line #198, it reads as follows: --- code snip START --- print TEMPFILE
[xmail] Re: Help on SMTP Body
On 17 Sep 2002 at 23:36, V=EB=E9r=EAsh Kh=E5n=F6rk=E3r wrote: > > Davide, > > Is there any RFC or any widely accepted methdology, adhering to which > the "From" and "To" tags are built up? Go to http://www.ietf.org/rfc.html and get RFCs: 822 (Standard for the format of ARPA Internet text messages), 1893 (Enhanced mail system status codes), 2045 (Multipurpose Internet Mail Extensions (MIME) Part One), 2046 (MIME Part Two, Media Types), 2047 (MIME Part Three, Message Header Extensions for non ASCII Text) enjoy reading ... :-) Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 13 Sep 2002 at 12:09, Henrik Steffen wrote: > > if you use a ".tab" file with nothing in front of the '.' it will even match >outgoing > mail-domains (but also all local domains, so incoming mails will be filtered, too) Looks astonishingly simple. Why did I not think of that myself ? Sometimes we just think too complicated, don't we ? Thanks for the advice, I'll try right now !! Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: etrn
On 13 Sep 2002 at 11:29, [EMAIL PROTECTED] wrote: [snip] > I noticed > in the user manual that xmail supports etrn, and i was wondering > if anyone had any tips on collecting mail for a domain from xmail > (there are no individual accounts on the remote server, it just > collects all mail for the domain and sorts it locally). Look at 'pop3links.tab' and 'extaliases.tab' description in the doc. I did external POP3 linking a while until I felt secure enough to do the MX at my own machine. Works fine. regards, Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
Finally, we seem to get closer ;-) On 12 Sep 2002 at 10:06, Davide Libenzi wrote: > it is not difficult to prove that a message come from your servers if you > really need, use the Received: trace. Anybody with slight computer skill can do so. But not 99% of the people, using mail. (excuse my low oppinion about the masses out there, but it is based on experience as an admin :-P) Those guys (and gals too) yust pick up the phone / compose a new message, bothering me having sent them Klez/Yaha/you name it ... > usually people wants to make sure > that mail come from a given person/company not from given MTAs. So if I could teach my folks to use GPG/PGP themselves, I would be glad and everything's fine. But I am lucky some of them can even answer mails at all. Since they are employees at the organization I work for, I just can't say 'your problem, I don't care'. > anyway you > can do this with XMail + filters. THIS IS THE INTERESTING PART: as far as I figured out, I just can use filters for messages delivered to domains, handled by _my_ XMail. Did I miss something here ? > ( you don't need to cc my address in these messages, i read the mailing > list ) Of course. Sorry, silly of me ;-) Regards, Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: antivir
On 12 Sep 2002 at 20:07, Juan Hector Medina wrote: > Hi!. > > I installled the CLAMAV and the script from Goesta Smekal > and i send a email with virus to test the program... > and when i try to send and recive email, my email gets lock > I check my Mail directory in the server: > I have one email and open it by terminal and is the mail that wrote the > script saying that is infected.. > but i can't download it > > i need to remove to manually the message to get my inbox work... > any help? Hope I can help ... but I need some info first: What OS/XMail/Perl/ClamAV versions do you use ? Did you check the path settings within the 'mailscan.pl' before you set up your 'filters/*.tab' ? Could you please send me such a blocking message (as attachment) so i can inspect it ? Are non-infected messages delivered correctly ? Do you get log entries ? All you should have to edit in he script are lines 40-43, these contain info about your local setup, and lines 203-209, which are the message replacing the attachment. DO NOT EDIT OTHER LINES unless you are fully understanding how the script works. Especially line 50, containing '$tempdir' again MUST NOT BE CHANGED. That dir gets 'rm -rf'd in the end. You don't want this to happen to your root dir, do you ? For debug purposes I use to compose a message containing a virus and start the script from command line, with the filename as an argument. Within some harmless directory, of course. This way you can read all messages the script returns (if any) and inspect the changed message file. looking forward to solving your problem, Goesta -- Composed with Pegasus Mail v4.01 - the /dev/null for worms take a look: http://www.pmail.com - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 12 Sep 2002 at 9:54, Frederik Gallon wrote: > > Goesta & group, > > Is changing the content of the body of a mailmessage legal??? > Compare it with your postman opening your post and have 'I did deliver it > -your postman-' written on your paycheck f.i. (hehe i can't help it to > start smiling) > Just curious how things are handled in your country? > > Frederik Gallon ROTFL !! This is a good one ! (both, the joke and the point) I did not yet think of legal aspects anyway. But I start now ... done. 1.) not I will sign the message, but a perl script will. Perl, unlike the postman, can hardly understand the text. 2.) If you think your privacy is violated by a script checking outgoing mail, what about incoming ? Do you use a virus scaner on your mail gateway ? Doesn't it read your mail ? So, technically speaking, any mail message can be read, stored or whatever by the postmaster. But does he ? Having the ability to do something does not mean it is done. Our legal system is based on 'in dubio pro re(i?)' (latin speakers (if any are left ;-)) help me, translated it should mean: in doubt, the defendant is considered not guilty). What I mean by this is: Yes, I could copy outgoing mail to my personal mailbox, violating the privacy of my users, BUT I DON'T. And my script will not check the message itself, but only if it is valid (composed by the user's mail client, sent from the user's host with the user's adress in the 'From:' field etc ...). I do very well understand, this is a delicate topic and should be made perfectly clear to the users before implemented. The ice I walk upon is thin, but if I tell people why I do it, I think they can accept it. Signing a message does not necessarily mean 'reading' it in the way of understanding the semantics in it. I would plead 'not guilty' for both, my script and me ! greetings, Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: antivir xmail
On 11 Sep 2002 at 14:30, CR Little wrote: > I'm using f-prot as a virus scanner for xmail, it updates it self > every 12 hours, I am receiving e-mails with viruses attached can > somebody please help? Well, as stated before (by Peter Lindemann) it may depend on you filter script, not the scanner. I wrote such a script (as others did, like Peter Lindemann (again) and Lukas Frey ...) which works fine at our site. Infected messages get though it (on purpose) but with the attachment replaced by a message explaining what was found. This is for building awarenes among users. Since the filter is on, I get about 8 to 12 warnings every day even from our small setup of about 60 users. The script was designed for GNU/Linux with Perl (with MIME::Base64 from CPAN) and Clamav as the scan engine (can easily be replaced by what you prefer) - nothing more needed ! Simple installation along with high accuracy was the goal. You can give it a try at: http://members.chello.at/goesta.smekal/code Whatever you think about it, let me know ! regards, Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 11 Sep 2002 at 15:51, Davide Libenzi wrote: > > On Wed, 11 Sep 2002, EDV - WHW (Goesta Smekal) wrote: > > > Well, technically speaking you are certainly right (you wrote the > > daemon anyway ;-) ) but what I need is an aproach, non-techs can > > easily understand. > > This is _really_ a tech argoument, doing filters is definitely not an > XMail 101 task. You screw up with filters, you lose messages. Sorry, I did not mean _users_ should uderstand how to _build the filters_. They don't even have access to the filters dir, and it is good that way ;-) (besides they don't even have access to the system except POP/SMTP - as it should be with any mailserver, but we are not discussing 'how to secure a server', are we ?) Users (on remote systems, not 'my' users) should easily be able to check the vailidity of the origin of mails that claim to come from my.domain. You can't expect the average user to know how to display mail header fields with his/her MUA, but you can expect them to see the dig-sig at the end. And if they bother me I tell them 'if no sig there, not from me pal'. So until Worm-writers forge my digital signature I am in advantage. And I don't expect this to happen anyway ;-) Personal note: Is my english that bad, or my idea of signing outgoing mail so weird, that it takes four postings to make it clear ? `:-) Thanks for taking the time ... Goesta -- Let's stand together against 'Palladium' ... Link arms, don't make them http://online.securityfocus.com/columnists/96 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 10 Sep 2002 at 9:31, Davide Libenzi wrote: > > On Tue, 10 Sep 2002, EDV - WHW (Goesta Smekal) wrote: > > > > > On 9 Sep 2002 at 9:50, Davide Libenzi wrote: > > > > > > > > On Mon, 9 Sep 2002, Frederik Gallon wrote: > > > X-Auth-User: is already there > > > > Sorry to disagree, but in case of malicious code this doesn't help me > > much. Any header field can be faked. > > No, sorry. If there's a Received: header before X-Auth-User: it means that > it has been faked, otherwise it's real. Just try it ... Well, technically speaking you are certainly right (you wrote the daemon anyway ;-) ) but what I need is an aproach, non-techs can easily understand. My idea was like this: People phone or mail me, claiming user [EMAIL PROTECTED] sent them Klez. I tell them how Klez works and that the sender, as shown by the mail user agent, is no proof anyway, but they don't seem to comprehend. So I thought it would be nice, if the SMTP server would add a digital signature to every message that is valid (again and again, I have some good ideas how to verify this) that is visible with any mailclient. Even if recipients can not deal with GPG signatures (most of them certainly don't) they can still see it. And after some time they get used to seeing those funny character blocks at the end of any message that comes from my.dom. So it will be easy to tell them: 'If it has no character mess below, it's fake'. Did I make my point clear now ? So, Davide, it would be _realy great_ if you could (some time in the not so far future) add a feature, that works exactly like 'Domain message filters', but for outbound traffic. Thank you very much for the great server nevertheless ! Goesta -- This may seem a bit weird, but that's okay, because it is weird. found on line 89 of 'perldoc perl' - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 9 Sep 2002 at 9:50, Davide Libenzi wrote: > > On Mon, 9 Sep 2002, Frederik Gallon wrote: > > > > > Hi group, > > > > Can't we add a custom header so that mail is checked without informing the > > 'average' user, because of this 'hidden' custom header? > > The existance of this header means that this message came from a auth user > > and did pass local SMTP service? > > X-Auth-User: is already there Sorry to disagree, but in case of malicious code this doesn't help me much. Any header field can be faked. The only way to assure a message has passed my server is to have my server sign it digitally with the private GPG key of its postmaster. So anybody can download the corresponding public key and verify the contents (but i assume you all know how PGP or GPG work). And that is exactly what I intend to do. After a local mail user agent handed over the message to XMail, it should be passed on to my script verifying the validity (again, I will have to deal with this very carefully) and signing the message body. Then the message will get delivered via SMTP. I do similar things with incoming messages, as stated before. And if I understood the docs 'Custom domain mail processing' (Part 10) lets me do everything I need, except modify the message body. :-( So I need 'Domain message filters' (Part 13, you see, I _know_ the docs ;-) ) in the reversed direction. Excuse me if I am insisting, but can anyone tell me: can I modify outgoing mail message bodies (from my users to domains not handled by my server) or not ? Thanks for your patience Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: auto sign SMTP traffic
On 9 Sep 2002 at 15:05, S=F6nke Ruempler wrote: > > So, how can I modify the message body and notify the daemon of > > that, which I successfully did with message filtering ? > > Not with custdomains, but with filters (.tab file), then you can change = the > message. > > filters/.tab > [...] (read doc ;-)) ahem ... I know I can change messages using filters, I did so for my self-written virus scanning filter (read my posting, second line in quote above ;-) ). But that works for incoming mail only ! What sense would it make to have mails from strangers signed :-P If I made my point unclear in my initial mail, here's my intention again: To make sure some mail did come from one of my server's users, I want to get it signed by some script, after checking its integrity. So if anybody claims he/she got Klez.H or other nasties from us and the message in question is not signed by postmaster@mydomain I can easily say it didn't come from our server. And the evidence (missing/wrong signature) will be clear, despite of forged header fields. So can I do something similar to 'domain message filtering' (which works for inbound messages) to all outbound messages (SMTP from my users to other domains) ? regards, Goesta Smekal -- Composed with Pegasus Mail v4.01 - the /dev/null for worms take a look: http://www.pmail.com - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] auto sign SMTP traffic
Hi, facing the problems with Klez.H I would like our XMail to sign all valid outgoing mail (see footnote below) with the postmaster's GPG key. Can this be done with 'custdomains/.tab' ? And if 'yes' how ? Since in the doc it reads: @@FILE will be substituted with the message file path ( the external command _must_ only read the file) So, how can I modify the message body and notify the daemon of that, which I successfully did with message filtering ? Any hint welcome ! Goesta Smekal footnote: Yes, I know that I have to figure out some _really bright_ algorithm to verify the message is from an authorized sender, but I am sure, I'll find a way ;-) -- Composed with Pegasus Mail v4.01 - the /dev/null for worms take a look: http://www.pmail.com - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
Re: Xmail Filter not working
Maybe I can help a bit ;-) (veterans know why ...) On Mon, 28 May 2001 14:16:03 +0100 Allan M <[EMAIL PROTECTED]> wrote: > I cannot get Xmail to run any script contained in filters/.tab or > mydomain.tab. Did you put the files into a directory called '/filters/.tab/' ? Because that would be a perfect missunderstanding. If you manage a domain called 'bogus.dom' and want an account for 'foo' filtered by the filterscript 'bar.pl' you would need the following setup: (assuming your resides in '/var/MailRoot') A file called: '[EMAIL PROTECTED]' (remember, while handling the file in the shell, the '@' MUST be escaped, i.e. 'vi foo\@bogus.dom.tab' for creation) In this file a single line is needed, with the following contents: "/var/MailRoot/bin/bar.pl""@@FILE" Where replaces the 'Tab' character (difficult to write in e-mail ;-) ) and "@@FILE" is an optional example for an argument, handed to the script. (read Part 12 of the Doc for details) In this simple example, any mail sent to '[EMAIL PROTECTED]' would be processed by the 'bar.pl' script, which would read the message from . Any questions ? -- Goesta Smekal - EDV Dienstleistungen Rodaunerstr. 49/6/4 1236 Wien Tel: 971 57 34 mobil: 0699 1 971 57 34 Download my PGP public key from: http://www.keyserver.net/en/ , search for "EDV-Smekal"
RE: domain message filtering (again)
On 23 May 2001, at 9:18, Davide Libenzi wrote: > > On 23-May-2001 Goesta Smekal - EDV Dienstleisungen wrote: > > dear folks, ... > > !?!? Is > > XMail case sensitive when matching filter rules ? (IMHO this would be a flaw) > > Yes it is :) > Fixed in 0.71 glad to hear that ! > > /var/MailRoot/spool/*' and (for safety) remove all but one of the filter .tab > > files. > > 0.70 has a bug in MailLoop detection ( fixed in 0.71 ). > Did You create a mail loop ? I think so ... spool dir had a size of 25MB ... -- Goesta Smekal - IT Solutions Rodaunerstr. 49/6/4 AUSTRIA - 1236 Vienna Tel ++431 971 57 34 Download my PGP public key from: http://www.keyserver.net/en/ , search for "EDV-Smekal"
domain message filtering (again)
dear folks, after successful development and testing of my attachment filter (posted earlier in this list and available for download from Lukas Freys site http://www.web4free.ch/xmail) on my testserver (Slackware Linux, XMail 0.70) I happily installed it on one of my production machines (SuSe 7.0 Linux, XMail 0.69). Then something strange happened: We host a mailing list there, say [EMAIL PROTECTED] So I set up the file '[EMAIL PROTECTED]' containing the line '"/var/MailRoot/bin/mailfilter""@@FILE"'. Sending mail to '[EMAIL PROTECTED]' worked fine, filtering out unwanted attachments. BUT '[EMAIL PROTECTED]' was able to circumvent the filter. !?!? Is XMail case sensitive when matching filter rules ? (IMHO this would be a flaw) So I set up some more filters, for 'MailList@...' 'MAILlist@.." etc. you get the point ... Short after that a posting to the list (ironically announcing the new filter) led to desaster. XMail delivered the message multiple times and then died. It did NOT log the sent copies to logs/smtp... . The only way to return to normal operation was 'rm -r /var/MailRoot/spool/*' and (for safety) remove all but one of the filter .tab files. How ? Why ? Why me ?? ;-) any hint welcome Goesta -- Goesta Smekal - IT Solutions Rodaunerstr. 49/6/4 AUSTRIA - 1236 Vienna Tel ++431 971 57 34 Download my PGP public key from: http://www.keyserver.net/en/ , search for "EDV-Smekal"
FYI: filtering attachments - solved
Hi,
thanks to Davide I was able to solve my recently posted problem filtering out
attachments. Now I think it's my turn to contribute:
Just in case someone out there is just working on the same thing, here is my
solution: A simple PERL script does the job for me. Any comments welcome !
script starts here:
#!/usr/bin/perl
#
# -- MAILFILTER ---
#
# Perl filter script, that will find, log and remove attachments from mail
# messages. (for the time being it just tells the mailer, not to forward
# any message containing non-text MIME parts)
#
# v1.0 16.05.2001 (c) Goesta Smekal, [EMAIL PROTECTED]
# please don't hesitate reporting bugs !
#
# The filter is tailored for the XMail daemon, written by Davide Libenzi
# http://www.xmailserver.org
#
# This script is published under the Gnu General Public Licence (GPL)
$Status=0; # default exit status
open (RESULTS, ">>/var/MailRoot/logs/filterlog");
while (<>) {# read lines from STDIN or file
if (m/^From/) { # find the sender
m/[\w,\.,\-]+@[\w,\.]+/;# match e-Mail adress
$From=$&;
}
if (m/(^Received: from)/) { # sending host
m/\d{1,3}[.]\d{1,3}[.]\d{1,3}[.]\d{1,3}/; # matches an IP adr.
$Host=$&;
}
if (m/(^Date: )(\w{3}.+\d{4})/) { # should match RFC 822 Date
$Date=$2;
}
if (m/^MIME-Version:\s+\d{1}\.\d{1}/) { # according to RFC 2045, MIME
# messages _must_ contain a
# line like that
$Mime="1"; # so it is a MIME message
}
if ($Mime) {# now look for attachments
if (m/(^Content-Type:)(\s+)(\w+)(\/)(\w+)/) {
if (($3 ne "text") and ($3 ne "multipart")) {
# non text content !
$Reason=$3; # store type
$Status=99; # set xmail response to stop
}
}
}
}
if ($Reason) { # report MIME messages, containing "illegal" parts
print RESULTS "MIME header found in $ARGV\n";
print RESULTS " Sender was: $From \n";
print RESULTS " from host: $Host \n";
print RESULTS " on: $Date \n";
print RESULTS "Message stopped due to type '$Reason' found.\n";
print RESULTS "\n";
}
exit $Status;
script ended above ;-)
The script should be called by a line like:
"/var/MailRoot/bin/mailfilter""@@FILE"
In a file called something like:
[EMAIL PROTECTED]
I hope, I help somebody sometime ...
Goesta
--
Goesta Smekal - IT Solutions
Rodaunerstr. 49/6/4
AUSTRIA - 1236 Vienna
Tel ++431 971 57 34
Download my PGP public key from:
http://www.keyserver.net/en/ , search for "EDV-Smekal"
domain message filters
dear folks, well, I read the part on "domain message filters" (Part 12) in the current docs for the current version of XMail (0.70 that is). Somehow I can't get it running (on Linux): I've got a bogus domain, "bogus" and an even more bogus user "foo@bogus". Now all I want is, that every time foo gets mail some script should do something interesting. I set up the following: * XMail v0.70 on Slackware Linux i386 platform * MailRoot: /var/MailRoot * Filter file: /var/MailRoot/filters/foo@bogus contains the following line: "/var/MailRoot/bin/fooscript""@@FILE" (the file contains no leading/trailing whitespace and is terminated in good old UNIX style. * Filter script: /var/MailRoot/bin/fooscript permissions: 755 contents: #! /bin/sh touch /var/MailRoot/bin/foofile --file already ended ;-) * PROBLEM: foofile never appears. I can flood foo@bogus with messages but nothing ever happens. foo@bogus gets all the mail and anything else is also working normally, except for my "filter" WHY ? Any hints anybody ? This time I read all the docs ;-) seems I missed something important :-( thanks in advance, Goesta -- Goesta Smekal - EDV Dienstleistungen Wien 23, Rodaunerstr. 49/6/4 (mobil) Tel (06991) 971 57 34 (Fax nach Absprache) Meinen PGP öffentlichen Schlüssel finden Sie unter: http://www.keyserver.net/en/ , Suchbegriff "EDV-Smekal"
deleting all attachments in mailing lists
Hi there, did anybody successfully write a filter/script/... for the following situation: I run a set of mailing lists on xmail. People posting to the lists must not spread nasty things (i.e. BIG attachments, VB Scripts etc.). So they preferably should not be able to distribute attachments via our lists. So I need to set up a filter, finding and erasing all incoming attachments, sent to the mailing list user. HOW ?? regards, Goesta -- Goesta Smekal - EDV Dienstleistungen Wien 23, Rodaunerstr. 49/6/4 (mobil) Tel (06991) 971 57 34 (Fax nach Absprache) Meinen PGP öffentlichen Schlüssel finden Sie unter: http://www.keyserver.net/en/ , Suchbegriff "EDV-Smekal"
