[xmail] FreeBSD 7 and lc_r

2008-03-20 Thread Jeff Buehler
Hi All -

There appears to be a build problem with FreeBSD 7 and XMail, at least 
on the two non-64 bit systems I have updated so far - the build fails on 
the -lc_r flag.  I am uncertain as to the specifics of the lc_r flag - 
it appears to be a directive to link against libc_r for threading - but 
at any rate, that flag is no longer recognized (or valid?) under FreeBSD 
7.  I removed it from the Makefile and kept -pthread, and so far 
everything seems OK with the XMail binaries.

I am guessing that FreeBSD 7 has changed the way it handles threads, 
probably a good thing, and this is the root of the build problem.  If 
so, does anyone know if simply passing -pthreads is adequate?  I haven't 
been able to find much info about lc_r so far...

Thanks,
Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD 7 and lc_r

2008-03-20 Thread Jeff Buehler
OK - I found a small amount of info that seems to indicate that the 
correct flag is simply -pthread without -lc_r, and this is also true for 
FreeBSD 6, although the only problem I ran into with FreeBSD 6 was a 
show stopping 64 bit compile issue.  Once I compiled 32 bit I had no 
problems.

Anyway, if you are running FreeBSD 7 and have trouble compiling the 
binaries, remove -lc_r from the makefile - that seems to be working so 
far for me quite well.  From what I read, you should remove it 
regardless and just keep -pthread, but then I try not to believe 
everything I read!

Jeff

Jeff Buehler wrote:
 Hi All -

 There appears to be a build problem with FreeBSD 7 and XMail, at least 
 on the two non-64 bit systems I have updated so far - the build fails on 
 the -lc_r flag.  I am uncertain as to the specifics of the lc_r flag - 
 it appears to be a directive to link against libc_r for threading - but 
 at any rate, that flag is no longer recognized (or valid?) under FreeBSD 
 7.  I removed it from the Makefile and kept -pthread, and so far 
 everything seems OK with the XMail binaries.

 I am guessing that FreeBSD 7 has changed the way it handles threads, 
 probably a good thing, and this is the root of the build problem.  If 
 so, does anyone know if simply passing -pthreads is adequate?  I haven't 
 been able to find much info about lc_r so far...

 Thanks,
 Jeff
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-23 Thread Jeff Buehler
Hi Rob -

That is more or less what is happening, but I'm not clear about the 
specifics.  I'm finding it a bit of a mystery -  the firewall does NAT, 
but the external DNS server trying to contact the internal server does 
so in the case of many other domains, so the firewall is properly 
configured for external queries - also, a dig dns1.buehlertech.net 
+trace works properly from the server (as does dns2.buehlertech.net 
which is on another public IP and behind a different router running 
PFSense) so dns1.buehlertech.com (and dns2.buehlertech.com) must be 
visible without difficulty to the external dns server.  The server 
shouldn't really be trying to communicate with it's own public IP 
(itself), but rather the external dns server which then should simply 
return the public IP of the server doing the query, or so I would think, 
but I guess dig +trace has to literally dig all the way back to itself?  
Even then, why is the secondary dns, which works and is on an entirely 
separate network, not stepping in?  Also, if I do a dig trikorausa.com 
+trace from my secondary server (dns2.buehlertech.net) it works fine.  
Perhaps the PFSense router is handling the query and NAT properly and 
the m0n0wall router is not?

At this point to me it is some sort of voodoo dns issue (and here I am 
without any animal sacrifice to offer it), but it isn't causing me any 
real headaches since SmartDns works.  I will look more closely at NAT, 
though, as I suspect you are right that it is at the center of the issue 
somehow - it simply redirect inbound requests to port 53 of the server 
in question, nothing complex.  I still need to look at the other 
external cases, but I have a feeling that there will be some 
misconfigured DNS or other problems in those cases.

It also does not sound like an XMail issue anymore either, so my 
apologies for continuing on here.  I will post a final time if I find 
out what is going on simply for the sake of posterity!

Thanks,
Jeff

Rob Arends wrote:
 This will be a fault where the world uses you public IP to access your zone
 hosted on your server, but when your server tries to resolve
 dns1.buehlertech.net it is not contactable (probably because of NAT on a
 firewall) and so tries dns2.buehlertech.net, but it is also not contactable.
 Then it goes back to the root to try again, but of course there is no way
 you can talk to yourself via a public IP.

 I may have got a little bit of the process wrong, but in essence it is
 correct.
 If anyone can talk to you, but you can't talk to you, then it will be NAT.

 Try BIND views, or hosting on a different server, or allowing dns resolution
 from 127.0.0.1, then pointing resolv.conf to 127.0.0.1


 Rob :-)
  
 _
 It might look like I'm doing nothing, but on a cellular level, I'm quite
 busy.

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
 Behalf Of Jeff Buehler
 Sent: Saturday, February 23, 2008 11:36 AM
 To: xmail@xmailserver.org
 Subject: [xmail] Re: FreeBSD problem (similar to NetBSD problem report ed
 earlier?)

 Hi Davide -

 Sorry about the delay on this - I was in away yesterday and today...

 Here is a sample of the dig + trace - I copied only the last two entries 
 - basically this pattern is repeated until the too many lookups 
 result.  The other domains this server is authoritative for produce the 
 same result except for buehlertech.net and buehlertech.com which work 
 fine.  The only differences I can think of is the reverse points to 
 buehlertech.net and the domain is buehlertech.net in resolv.conf and in 
 the hosts file (but why would buehlertech.com work?).

 ;; Received 117 bytes from 192.5.6.30#53(a.gtld-servers.net) in 126 ms

 com.21365   IN  NS  e.gtld-servers.net.
 com.21365   IN  NS  f.gtld-servers.net.
 com.21365   IN  NS  g.gtld-servers.net.
 com.21365   IN  NS  h.gtld-servers.net.
 com.21365   IN  NS  i.gtld-servers.net.
 com.21365   IN  NS  j.gtld-servers.net.
 com.21365   IN  NS  k.gtld-servers.net.
 com.21365   IN  NS  l.gtld-servers.net.
 com.21365   IN  NS  m.gtld-servers.net.
 com.21365   IN  NS  a.gtld-servers.net.
 com.21365   IN  NS  b.gtld-servers.net.
 com.21365   IN  NS  c.gtld-servers.net.
 com.21365   IN  NS  d.gtld-servers.net.
 ;; Received 504 bytes from 67.102.108.82#53(dns1.buehlertech.net) in 68 ms

 trikorausa.com. 172800  IN  NS  dns1.buehlertech.net.
 trikorausa.com. 172800  IN  NS  dns2.buehlertech.net.
 ;; Received 117 bytes from 192.12.94.30#53(e.gtld-servers.net) in 93 ms

 com.21365   IN  NS

[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-21 Thread Jeff Buehler
I should also clarify, as you mention users, that none of this has 
anything to do with users on a LAN.  This is a hosting server providing 
web services and email, along with some other functionality.  The issue 
at question is how this particular server sees domains that are external 
to it.  It has no way of knowing about yahoo.com or hotmail.com without 
a name server that provides recursive lookups, so I have assigned it a 
name server that does.  It just so happens that in the case of this one 
domain (trikorausa.com) this server provides the authoritative DNS (A 
records, MX records, etc.).  There is no way (that I know about) for me 
to have it query itself just for domains it knows about, then query 
external dns for everything else.

Thanks again,
Jeff

Jeff Buehler wrote:
 Hi Clement -

 Perhaps I am using the wrong semantics, or perhaps I am not completely 
 understanding you, or possibly I am doing something wrong (even thought 
 I have been doing it this way more or less for about 10 years!).  This 
 server provides (what I understand to be) true authoritative name 
 resolution for about 60 domains and ONLY those 60 domains, but provides 
 no recursive lookups nor any caching - no systems on the LAN query it, 
 or any other server I provide locally, for DNS resolution.  It is simply 
 queried by external caching DNS servers on the net for name resolution 
 of a small number of domains.  I do provide complete zone content for 
 these domains, but not for other domains such as yahoo.com (obviously) 
 which need to be queried elsewhere as no caching is being done.

 My understanding is that a DNS server generally should not provide 
 recursive lookups and caching while also providing authoritative 
 resolution of domains for security reasons.  This at least is a 
 recommendation made by Dan Bernstein (author of Tiny DNS) and makes 
 sense to me - Bind and MS systems allow it, but it is probably not a 
 good idea.

 Am I missing something?  Thanks for your input ...

 Jeff

 CLEMENT Francis wrote:
   
 As an autoritive dns, why do you want your internal network to go to =
 the
 'external' dns servers 
 An autoritive dns server for a zone is ONLY one of the NS listed, and =
 theses
 NS roles suppose they have a full copy of the zone content.
 As many election algorythms will sort the ns entries to place the =
 'locals'
 (network point of vue) as the preferred to ask first, your 'internal
 autoritive' that does not have all of the zone will surely be elected !

 Then, the local computer electing to use you 'false autoritive server', =
 that
 is online and response to dns queries even if not the desirable good
 responses from user point of vue, but a 'good' response at dns protocol
 point of vue, why do you want them to 'change' and switch to the =
 'external
 true autoritive servers' ?
 A tcpdump for dns traffic on your local network could show that for DOM
 domain almost all the queries are send to you 'false autoritive =
 server'.

 Best way to resolve this issue :
 - Don't use any 'internal dns server' for this zone at all
 or
 - Give your internal dns server the complete zone content to become a =
 true
 autoritive dns server for the zone :)
 (Notice that doing so if your local dns is behind a nat server, you =
 could
 face a commom 'nat firewall' loopback issue. I can explain if you want)

 Francis


 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] la part de Jeff Buehler
 Envoy=E9 : mercredi 20 f=E9vrier 2008 20:35
 =C0 : xmail@xmailserver.org
 Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report =
 ed
 earlier?)


 Hi Davide -

 Yes, it works from an external line, but not from the server itself.  I =

 am trying to figure out why providing the authoritative DNS for that=20
 domain (pointing to another server on the net which provides everything =

 else for the domain) causes the failure - it seems to be looping, which =

 might be expected behavior, but I'm not certain.  At this point since =
 it=20
 works with SmartDNS it is mostly curiosity.

 Jeff

 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
 
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-21 Thread Jeff Buehler
Hi Clement -

Perhaps I am using the wrong semantics, or perhaps I am not completely 
understanding you, or possibly I am doing something wrong (even thought 
I have been doing it this way more or less for about 10 years!).  This 
server provides (what I understand to be) true authoritative name 
resolution for about 60 domains and ONLY those 60 domains, but provides 
no recursive lookups nor any caching - no systems on the LAN query it, 
or any other server I provide locally, for DNS resolution.  It is simply 
queried by external caching DNS servers on the net for name resolution 
of a small number of domains.  I do provide complete zone content for 
these domains, but not for other domains such as yahoo.com (obviously) 
which need to be queried elsewhere as no caching is being done.

My understanding is that a DNS server generally should not provide 
recursive lookups and caching while also providing authoritative 
resolution of domains for security reasons.  This at least is a 
recommendation made by Dan Bernstein (author of Tiny DNS) and makes 
sense to me - Bind and MS systems allow it, but it is probably not a 
good idea.

Am I missing something?  Thanks for your input ...

Jeff

CLEMENT Francis wrote:
 As an autoritive dns, why do you want your internal network to go to =
 the
 'external' dns servers 
 An autoritive dns server for a zone is ONLY one of the NS listed, and =
 theses
 NS roles suppose they have a full copy of the zone content.
 As many election algorythms will sort the ns entries to place the =
 'locals'
 (network point of vue) as the preferred to ask first, your 'internal
 autoritive' that does not have all of the zone will surely be elected !

 Then, the local computer electing to use you 'false autoritive server', =
 that
 is online and response to dns queries even if not the desirable good
 responses from user point of vue, but a 'good' response at dns protocol
 point of vue, why do you want them to 'change' and switch to the =
 'external
 true autoritive servers' ?
 A tcpdump for dns traffic on your local network could show that for DOM
 domain almost all the queries are send to you 'false autoritive =
 server'.

 Best way to resolve this issue :
 - Don't use any 'internal dns server' for this zone at all
 or
 - Give your internal dns server the complete zone content to become a =
 true
 autoritive dns server for the zone :)
 (Notice that doing so if your local dns is behind a nat server, you =
 could
 face a commom 'nat firewall' loopback issue. I can explain if you want)

 Francis


 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] la part de Jeff Buehler
 Envoy=E9 : mercredi 20 f=E9vrier 2008 20:35
 =C0 : xmail@xmailserver.org
 Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report =
 ed
 earlier?)


 Hi Davide -

 Yes, it works from an external line, but not from the server itself.  I =

 am trying to figure out why providing the authoritative DNS for that=20
 domain (pointing to another server on the net which provides everything =

 else for the domain) causes the failure - it seems to be looping, which =

 might be expected behavior, but I'm not certain.  At this point since =
 it=20
 works with SmartDNS it is mostly curiosity.

 Jeff

 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-21 Thread Jeff Buehler
By the way, the trace does, and always has, produced the correct name 
servers (dns1.buehlertech.net and dns2.buehlertech.net), it just 
continues to trace after that result.

Jeff

Jeff Buehler wrote:
 Hi Clement -

 Yes - that is the setup, and the m0n0wall provides NAT to the servers 
 services.

 dig @localhost (or serving LAN ip) triokorausa.com +trace produces the 
 same dig: too many lookups error as does the dig @external-dns 
 trikorausa.com +trace.  Which also seems odd to me, but I have a strange 
 feeling that it is the correct (to be expected) behavior, even if it is 
 undesirable in this case.  Or perhaps a recent update to FreeBSD is 
 causing a problem?

 Jeff

 CLEMENT Francis wrote:
   
 Hey Jeff

 Seams I did not understood all of your dns server setup.
 I thinked you dns only returned a list of NS for the domains it is
 autoritive.
 Sorry :)

 Another possibility :) :
 Just in case there is a problem with natted loop-back at monowall =
 router

 I suppose you have this physical hardware setup (correct if wrong) :

 Internet - MonoWall - 'autoritive only' dns server ;) / xmail =
 server

 Is it this ?

 Does the interface between Monowall and dns/xmail server do NAT ?

 If NATTED servers :

 What does a dig from the dns/xmail server to itself using its internal =
 ip
 address ?
  dig @internal-dns-server-ip-address trikorausa.com +trace

 And a dig from the xmail server using the External ip address of the =
 dns
 server (so the Monowall external ip) ?
  dig @monowall-external-internet-ip trikorausa.com +trace

 Francis




 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] la part de Jeff Buehler
 Envoy=E9 : jeudi 21 f=E9vrier 2008 17:12
 =C0 : xmail@xmailserver.org
 Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report =
 ed
 earlier?)


 I should also clarify, as you mention users, that none of this has=20
 anything to do with users on a LAN.  This is a hosting server providing =

 web services and email, along with some other functionality.  The issue =

 at question is how this particular server sees domains that are =
 external=20
 to it.  It has no way of knowing about yahoo.com or hotmail.com without =

 a name server that provides recursive lookups, so I have assigned it a=20
 name server that does.  It just so happens that in the case of this one =

 domain (trikorausa.com) this server provides the authoritative DNS (A=20
 records, MX records, etc.).  There is no way (that I know about) for me =

 to have it query itself just for domains it knows about, then query=20
 external dns for everything else.

 Thanks again,
 Jeff

 Jeff Buehler wrote:
   
 
 Hi Clement -

 Perhaps I am using the wrong semantics, or perhaps I am not =
 
   
 completely=20
   
 
 understanding you, or possibly I am doing something wrong (even =
 
   
 thought=20
   
 
 I have been doing it this way more or less for about 10 years!).  =
 
   
 This=20
   
 
 server provides (what I understand to be) true authoritative name=20
 resolution for about 60 domains and ONLY those 60 domains, but =
 
   
 provides=20
   
 
 no recursive lookups nor any caching - no systems on the LAN query =
 
   
 it,=20
   
 
 or any other server I provide locally, for DNS resolution.  It is =
 
   
 simply=20
   
 
 queried by external caching DNS servers on the net for name =
 
   
 resolution=20
   
 
 of a small number of domains.  I do provide complete zone content for =
 
   
   
 
 these domains, but not for other domains such as yahoo.com =
 
   
 (obviously)=20
   
 
 which need to be queried elsewhere as no caching is being done.

 My understanding is that a DNS server generally should not provide=20
 recursive lookups and caching while also providing authoritative=20
 resolution of domains for security reasons.  This at least is a=20
 recommendation made by Dan Bernstein (author of Tiny DNS) and makes=20
 sense to me - Bind and MS systems allow it, but it is probably not a=20
 good idea.

 Am I missing something?  Thanks for your input ...

 Jeff

 
   
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
 
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-21 Thread Jeff Buehler
Hi Clement -

Yes - that is the setup, and the m0n0wall provides NAT to the servers 
services.

dig @localhost (or serving LAN ip) triokorausa.com +trace produces the 
same dig: too many lookups error as does the dig @external-dns 
trikorausa.com +trace.  Which also seems odd to me, but I have a strange 
feeling that it is the correct (to be expected) behavior, even if it is 
undesirable in this case.  Or perhaps a recent update to FreeBSD is 
causing a problem?

Jeff

CLEMENT Francis wrote:
 Hey Jeff

 Seams I did not understood all of your dns server setup.
 I thinked you dns only returned a list of NS for the domains it is
 autoritive.
 Sorry :)

 Another possibility :) :
 Just in case there is a problem with natted loop-back at monowall =
 router

 I suppose you have this physical hardware setup (correct if wrong) :

 Internet - MonoWall - 'autoritive only' dns server ;) / xmail =
 server

 Is it this ?

 Does the interface between Monowall and dns/xmail server do NAT ?

 If NATTED servers :

 What does a dig from the dns/xmail server to itself using its internal =
 ip
 address ?
  dig @internal-dns-server-ip-address trikorausa.com +trace

 And a dig from the xmail server using the External ip address of the =
 dns
 server (so the Monowall external ip) ?
  dig @monowall-external-internet-ip trikorausa.com +trace

 Francis




 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] la part de Jeff Buehler
 Envoy=E9 : jeudi 21 f=E9vrier 2008 17:12
 =C0 : xmail@xmailserver.org
 Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem report =
 ed
 earlier?)


 I should also clarify, as you mention users, that none of this has=20
 anything to do with users on a LAN.  This is a hosting server providing =

 web services and email, along with some other functionality.  The issue =

 at question is how this particular server sees domains that are =
 external=20
 to it.  It has no way of knowing about yahoo.com or hotmail.com without =

 a name server that provides recursive lookups, so I have assigned it a=20
 name server that does.  It just so happens that in the case of this one =

 domain (trikorausa.com) this server provides the authoritative DNS (A=20
 records, MX records, etc.).  There is no way (that I know about) for me =

 to have it query itself just for domains it knows about, then query=20
 external dns for everything else.

 Thanks again,
 Jeff

 Jeff Buehler wrote:
   
 Hi Clement -

 Perhaps I am using the wrong semantics, or perhaps I am not =
 
 completely=20
   
 understanding you, or possibly I am doing something wrong (even =
 
 thought=20
   
 I have been doing it this way more or less for about 10 years!).  =
 
 This=20
   
 server provides (what I understand to be) true authoritative name=20
 resolution for about 60 domains and ONLY those 60 domains, but =
 
 provides=20
   
 no recursive lookups nor any caching - no systems on the LAN query =
 
 it,=20
   
 or any other server I provide locally, for DNS resolution.  It is =
 
 simply=20
   
 queried by external caching DNS servers on the net for name =
 
 resolution=20
   
 of a small number of domains.  I do provide complete zone content for =
 

   
 these domains, but not for other domains such as yahoo.com =
 
 (obviously)=20
   
 which need to be queried elsewhere as no caching is being done.

 My understanding is that a DNS server generally should not provide=20
 recursive lookups and caching while also providing authoritative=20
 resolution of domains for security reasons.  This at least is a=20
 recommendation made by Dan Bernstein (author of Tiny DNS) and makes=20
 sense to me - Bind and MS systems allow it, but it is probably not a=20
 good idea.

 Am I missing something?  Thanks for your input ...

 Jeff

 
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-20 Thread Jeff Buehler
OK, just to add to my confusion, here is part of what is going on - this 
server also provides the authoritative DNS for trikorausa.com (but not 
local DNS queries or caching!).  It does not provide any other services 
for trikorausa.com (no email etc.) - the records point to an outside 
address.  If I do a dig @an-external-dns-server trikorausa.com +trace 
I still get a dig: Too many lookups error. Does that make sense - is 
it looping?  It seems like it should work - the external primary DNS 
knows the server doing the dig provides the authoritative DNS, shouldn't 
it simply trace back to it and stop?  Essentially the server is simply 
doing a trace from an external DNS server back to itself.  If I do a dig 
using ANY dns server from the server that provides the authoritative DNS 
for this domain I get the same result.  As Davide reported if I do a dig 
to trikorausa.com from an outside line the trace is fine and does not fail.

Also I don't know what the story is with the other domains - I only have 
client reports at this point about unexpected failures.  Also, three 
weeks ago I was able to send email to trikorausa.com without the 
nxdomain error.

Jeff



CLEMENT Francis wrote:
 Hello Davide

 Recently I asked you how SMARTDnshost variable affected xmail internal
 resolver, and you said that when using SmartDnsHost, xmail only ask for =
 the
 'final' request (directly the mx lookup without trying first soa, ns, =
 . )

 I asked this because I had the same problem as Jeff but was not at this =
 time
 able to find the reason about xmail resolver without smartdnshost =
 setting
 able or not to find the mx records for domains that was ok with dig =
 and/or
 nslookups at xmail server side (so using os resolver) and that the same
 xmail server with smartdnshost applied was able to find without =
 problems
 (with all involved dns servers caches cleaned that don't use smart =
 hosts
 themself)

 I didn't have time to trace dns queries w/wo SmarDnshost usage (to see
 timings, ...) but it seems that in some cases of long latencies on the =
 wire
 (temporarly high bandwidth usages, ...) xmail 'timeouts' quicker for =
 dns
 queries than then it use 'classic' resolvers (SmartDnsHost setting in
 effect).
 The problem could be after this timeout : how xmail handle this ? retry
 later ? and on persistent 'no response from dns server', flag the =
 domain
 with an 'nxdomain' internal error without having any valid 'nxdomain'
 responses ?
 Could any of these be possible ?
 Any way to test xmail resolver by changing xmail internal dns 'timeout'
 value ?

 Francis


 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] la part de Davide Libenzi
 Envoy=E9 : mardi 19 f=E9vrier 2008 21:33
 =C0 : XMail mailing list
 Objet : [xmail] Re: FreeBSD problem (similar to NetBSD problem reported
 earlier?)


 On Tue, 19 Feb 2008, Jeff Buehler wrote:

   
 Hi Davide -
 =20
 Everything works when I use SmartDNS host to point to the same =
 
 resolver=20
   
 as the server uses (a m0n0wall router).
 If I do not use SmartDNS host, I get the error to domains that can=20
 receive email from other sources.
 =20
 One example domain is trikorausa.com, although I am getting reports =
 
 of=20
   
 the error from clients with about 5 other domains that mail can be =
 
 sent=20
   
 to from other sources (like Hotmail).  The results of a dig=20
 trikorausa.com mx +trace actually result in a dig: too many lookups =
 

   
 failure - apparently the last time I did it a inadvertently did a =
 
 dig=20
   
 trikorausa.com mx + trace with a space between the + and the trace =
 
 and=20
   
 didn't notice that it hadn't performed a trace - sorry about that...
 =20
 I will research why would I might get a too many lookups failure =
 
 (the=20
   
 domain is fine and has valid MX records) and try to determine what  =
 
 may=20
   
 have changed recently (and if XMail is even involved) - I send to =
 
 this=20
   
 domain all of the time and this seems to have started about when I=20
 upgraded to 1.25.  However, there were a number of changes around =
 
 that=20
   
 time (including a FreeBSD update) so I will continue trying to =
 
 isolate=20
   
 what is up and post back if I can find the problem.
 

 There's some configuration problem inside your network. The command =
 is=20
 with +trace (w/out space), and from here is working fine.
 So it must be something internal to your net.



 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body

[xmail] Re: FreeBSD problem (similar to NetBSD problem report ed earlier?)

2008-02-20 Thread Jeff Buehler
Hi Davide -

Yes, it works from an external line, but not from the server itself.  I 
am trying to figure out why providing the authoritative DNS for that 
domain (pointing to another server on the net which provides everything 
else for the domain) causes the failure - it seems to be looping, which 
might be expected behavior, but I'm not certain.  At this point since it 
works with SmartDNS it is mostly curiosity.

Jeff

Davide Libenzi wrote:
 On Wed, 20 Feb 2008, Jeff Buehler wrote:

   
 OK, just to add to my confusion, here is part of what is going on - this 
 server also provides the authoritative DNS for trikorausa.com (but not 
 local DNS queries or caching!).  It does not provide any other services 
 for trikorausa.com (no email etc.) - the records point to an outside 
 address.  If I do a dig @an-external-dns-server trikorausa.com +trace 
 I still get a dig: Too many lookups error. Does that make sense - is 
 it looping?  It seems like it should work - the external primary DNS 
 knows the server doing the dig provides the authoritative DNS, shouldn't 
 it simply trace back to it and stop?  Essentially the server is simply 
 doing a trace from an external DNS server back to itself.  If I do a dig 
 using ANY dns server from the server that provides the authoritative DNS 
 for this domain I get the same result.  As Davide reported if I do a dig 
 to trikorausa.com from an outside line the trace is fine and does not fail.

 Also I don't know what the story is with the other domains - I only have 
 client reports at this point about unexpected failures.  Also, three 
 weeks ago I was able to send email to trikorausa.com without the 
 nxdomain error.
 

 From here it works just fine:


 [EMAIL PROTECTED]:~$ dig trikorausa.com mx +trace

 ;  DiG 9.4.2  trikorausa.com mx +trace
 ;; global options:  printcmd
 ...   324708  IN  NS  J.ROOT-SERVERS.NET.
 ...   324708  IN  NS  K.ROOT-SERVERS.NET.
 ...   324708  IN  NS  L.ROOT-SERVERS.NET.
 ...   324708  IN  NS  M.ROOT-SERVERS.NET.
 ...   324708  IN  NS  A.ROOT-SERVERS.NET.
 ...   324708  IN  NS  B.ROOT-SERVERS.NET.
 ...   324708  IN  NS  C.ROOT-SERVERS.NET.
 ...   324708  IN  NS  D.ROOT-SERVERS.NET.
 ...   324708  IN  NS  E.ROOT-SERVERS.NET.
 ...   324708  IN  NS  F.ROOT-SERVERS.NET.
 ...   324708  IN  NS  G.ROOT-SERVERS.NET.
 ...   324708  IN  NS  H.ROOT-SERVERS.NET.
 ...   324708  IN  NS  I.ROOT-SERVERS.NET.
 ;; Received 428 bytes from 10.107.17.218#53(10.107.17.218) in 0 ms

 com.172800  IN  NS  D.GTLD-SERVERS.NET.
 com.172800  IN  NS  F.GTLD-SERVERS.NET.
 com.172800  IN  NS  B.GTLD-SERVERS.NET.
 com.172800  IN  NS  E.GTLD-SERVERS.NET.
 com.172800  IN  NS  H.GTLD-SERVERS.NET.
 com.172800  IN  NS  M.GTLD-SERVERS.NET.
 com.172800  IN  NS  K.GTLD-SERVERS.NET.
 com.172800  IN  NS  C.GTLD-SERVERS.NET.
 com.172800  IN  NS  I.GTLD-SERVERS.NET.
 com.172800  IN  NS  J.GTLD-SERVERS.NET.
 com.172800  IN  NS  L.GTLD-SERVERS.NET.
 com.172800  IN  NS  A.GTLD-SERVERS.NET.
 com.172800  IN  NS  G.GTLD-SERVERS.NET.
 ;; Received 492 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 127 ms

 trikorausa.com. 172800  IN  NS  dns1.buehlertech.net.
 trikorausa.com. 172800  IN  NS  dns2.buehlertech.net.
 ;; Received 117 bytes from 192.43.172.30#53(I.GTLD-SERVERS.NET) in 197 ms

 trikorausa.com. 43200   IN  MX  10 mail.trikorausa.com.
 trikorausa.com. 43200   IN  NS  dns1.buehlertech.net.
 trikorausa.com. 43200   IN  NS  dns2.buehlertech.net.
 ;; Received 154 bytes from 69.12.155.168#53(dns2.buehlertech.net) in 35 ms




 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)

2008-02-19 Thread Jeff Buehler
Hi David -

I think I have finally solved this mysterious problem, and of course it 
was an element I had not even considered (as it often is).  The line 
provider (Covad) for this server had a problem several weeks ago with 
this line, about the time I was updating xmail to 1.25.  When they were 
running tests on the line, they had slowed it down (from 5.4mb down/700k 
up to 300k down/60k up) and they managed to leave it that way. By some 
miracle the people using this server didn't notice (nor did I), aside 
from this problem, as it also provides web services - it does explain a 
lot of strange behavior I have been seeing, though! 

This slowdown seems to have been causing a time out on the DNS query for 
certain domains, so the common denominator may have been (just guessing) 
a high latency on the response time for these particular domains coupled 
with the very slow line speed of my servers connection, causing the fore 
mentioned error (NXDOMAIN).  Now that the circuit is operating at its 
proper speeds, the problem has gone away.

I don't know if this is a reflection on any particular package (Bind 
under *BSD, XMail, etc.) in terms of low speed testing, but it might be 
worth noting for someone that at very low speeds something is failing 
intermittently.

Thanks for your help and input!

Jeff

David Lord wrote:
 On 18 Feb 2008, at 12:27, Jeff Buehler wrote:

   
 Hi all -

 Sorry to be late to the game with this - in an earlier list email that I 
 inadvertently deleted (thinking I had no helpful input, of course!)  
 titled Problem with XMail on NetBSD-4 there was a discussion about the 
 error:

 Recipient domain .com does not exist (or it has a misconfigured DNS)

 I am also getting this error regularly with FreeBSD 6 and XMail 1.25.  I 
 mention it in the XMail forums as well, and read about a number of other 
 recent occurrences, but nothing has been resolved specifically.  As I 
 mention in the forums, I have verified the domains are valid and 
 properly configured in some of the cases, but the errors are consistent 
 with specific domains.  In my case, one example is trikorausa.com 
 which I can send email from any server other than my active XMail server 
 under FreeBSD, adn which looks properly configured via dnstools.com (I 
 configured it, so I believe it is correct...)

 Davide responded:

 I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) from your DNS 
 server. When that's happening, XMail does not even try to fall back to the 
 A record delivery.

 and I think seems like it may be correct, but I am uncertain how to test 
 this.  The server does not provide DNS queries for itself (although it 
 provides DNS for the domains it is authoritative on) but queries a 
 m0n0wall router on the LAN, which queries my ISPs DNS servers.  The 
 server is able to resolve a dig as well as dig+trace to the MX record to 
 trikorausa.com (and other domains) without incident.  This would suggest 
 that something else might be going on, since the domain does have a 
 functional and valid MX record, so there should be no need to fall back 
 to an A record.
 

 Davide's reply was in response to my problems with NetBSD-3.1 and 
 NetBSD-4.0. I'd been using SmartDNSHost pointing to my local dns as 
 that was also configured for private ips on the lan and at some point 
 this had become replaced by a malformed version (I'd commented out it 
 out  for some reason and afterwards un-commented the wrong line). The 
 only thing this broke was local mail delivery which I didn't notice 
 until testing new server which used cloned configuration of current 
 server.

   
 This seems to be a new problem, but I updated XMail to 1.25, FreeBSD 
 (minor update) and the m0n0wall router (minor update) all around the 
 same time.  I am not using SmartDNSHost, nor have I ever, although I've 
 been running XMail for 6 or more years... should I test setting it to my 
 ISP DNS servers rather than the local m0n0wall router (which queries the 
 ISP servers anyway successfully with other services on the same server)?

 Does anyone have any ideas or recommendations about how to test where 
 the problem might be?
 

 I'd suggest trying with SmartDNSHost set to the router then again 
 with it set to the ISP.

 What servers do you have set in resolv.conf?

 David


   
 Thanks,
 Jeff
 

 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)

2008-02-19 Thread Jeff Buehler
 Hi David -
I spoke too soon!  The problem has reappeared, and consistently.  So it was
NOT the line speed issue.
I will test SmartDNS settings and post the results.  Presently
/etc/resolv.conf is set to the m0n0wall router on the LAN.

Jeff

Jeff Buehler wrote: Hi David - I think I have finally solved this mysterious
problem, and of course it was an element I had not even considered (as it
often is). The line provider (Covad) for this server had a problem several
weeks ago with this line, about the time I was updating xmail to 1.25. When
they were running tests on the line, they had slowed it down (from 5.4mb
down/700k up to 300k down/60k up) and they managed to leave it that way. By
some miracle the people using this server didn't notice (nor did I), aside
from this problem, as it also provides web services - it does explain a lot
of strange behavior I have been seeing, though! This slowdown seems to
havebeen causing a time out on the DNS query for certain domains, so the
common denominator may have been (just guessing) a high latency on the
response time for these particular domains coupled with the very slow line
speed of my servers connection, causing the fore mentioned error (NXDOMAIN).
Now that the circuit is operating at its proper speeds, the problem has gone
away. I don't know if this is a reflection on any particular package (Bind
under *BSD, XMail, etc.) in terms of low speed testing, but it might be
worthnoting for someone that at very low speeds something is failing
intermittently. Thanks for your help and input! Jeff David Lord wrote: On 18
Feb 2008, at 12:27, Jeff Buehler wrote: Hi all - Sorry to be late to the
gamewith this - in an earlier list email that I inadvertently deleted
(thinking I had no helpful input, of course!) titled Problem with XMail on
NetBSD-4 there was a discussion about the error: Recipient domain
.comdoes not exist (or it has a misconfigured DNS) I am also getting
this error regularly with FreeBSD 6 and XMail 1.25. I mention it in the
XMailforums as well, and read about a number of other recent occurrences,
butnothing has been resolved specifically. As I mention in the forums, I
haveverified the domains are valid and properly configured in some of the
cases, but the errors are consistent with specific domains. In my case, one
example is trikorausa.com which I can send email from any server other
thanmy active XMail server under FreeBSD, adn which looks properly
configuredvia dnstools.com (I configured it, so I believe it is correct...)
Davide responded: I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN)
fromyour DNS server. When that's happening, XMail does not even try to fall
back to the A record delivery. and I think seems like it may be correct, but
I am uncertain how to test this. The server does not provide DNS queries for
itself (although it provides DNS for the domains it is authoritative on) but
queries a m0n0wall router on the LAN, which queries my ISPs DNS servers. The
server is able to resolve a dig as well as dig+trace to the MX record to
trikorausa.com (and other domains) without incident. This would suggest that
something else might be going on, since the domain does have a functional
andvalid MX record, so there should be no need to fall back to an A record.
Davide's reply was in response to my problems with NetBSD-3.1 and
NetBSD-4.0.I'd been using SmartDNSHost pointing to my local dns as that was
also configured for private ips on the lan and at some point this had become
replaced by a malformed version (I'd commented out it out for some reason
andafterwards un-commented the wrong line). The only thing this broke was
local mail delivery which I didn't notice until testing new server which
usedcloned configuration of current server. This seems to be a new problem,
but I updated XMail to 1.25, FreeBSD (minor update) and the m0n0wall router
(minor update) all around the same time. I am not using SmartDNSHost, nor
have I ever, although I've been running XMail for 6 or more years... should
Itest setting it to my ISP DNS servers rather than the local m0n0wall router
(which queries the ISP servers anyway successfully with other services on
thesame server)? Does anyone have any ideas or recommendations about how to
test where the problem might be? I'd suggest trying with SmartDNSHost set to
the router then again with it set to the ISP. What servers do you have set
inresolv.conf? David Thanks, Jeff - To unsubscribe from this list: send the
line unsubscribe xmail in the body of a message to
[EMAIL PROTECTED] general help: send the line help in the body
of a message to [EMAIL PROTECTED] - To unsubscribe from this list:
send the line unsubscribe xmail in the body of a message to
[EMAIL PROTECTED] For general help: send the line help in the
bodyof a message to [EMAIL PROTECTED] 

--- Links ---
   1 mailto:[EMAIL PROTECTED]
   2 mailto:[EMAIL PROTECTED]
   3 mailto:[EMAIL PROTECTED]
   4 mailto:[EMAIL PROTECTED]
-
To unsubscribe from this list: send

[xmail] Re: FreeBSD problem (similar to NetBSD problem reported earlier?)

2008-02-19 Thread Jeff Buehler
Hi Davide -

Everything works when I use SmartDNS host to point to the same resolver 
as the server uses (a m0n0wall router).
If I do not use SmartDNS host, I get the error to domains that can 
receive email from other sources.

One example domain is trikorausa.com, although I am getting reports of 
the error from clients with about 5 other domains that mail can be sent 
to from other sources (like Hotmail).  The results of a dig 
trikorausa.com mx +trace actually result in a dig: too many lookups 
failure - apparently the last time I did it a inadvertently did a dig 
trikorausa.com mx + trace with a space between the + and the trace and 
didn't notice that it hadn't performed a trace - sorry about that...

I will research why would I might get a too many lookups failure (the 
domain is fine and has valid MX records) and try to determine what  may 
have changed recently (and if XMail is even involved) - I send to this 
domain all of the time and this seems to have started about when I 
upgraded to 1.25.  However, there were a number of changes around that 
time (including a FreeBSD update) so I will continue trying to isolate 
what is up and post back if I can find the problem.

Thanks,
Jeff



Davide Libenzi wrote:
 On Tue, 19 Feb 2008, Jeff Buehler wrote:

   
  Hi David -
 I spoke too soon!  The problem has reappeared, and consistently.  So it was
 NOT the line speed issue.
 I will test SmartDNS settings and post the results.  Presently
 /etc/resolv.conf is set to the m0n0wall router on the LAN.
 

 Are you using SmartDNSHost or not?
 If yes, the DNS server configured in the SmartDNSHost returns a nary 
 answer.
 If not, which domain is failing for you?
 If domain XXX is failing, go in your XMail box, issue this command and 
 post here:

 $ dig XXX mx +trace




 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] FreeBSD problem (similar to NetBSD problem reported earlier?)

2008-02-18 Thread Jeff Buehler
Hi all -

Sorry to be late to the game with this - in an earlier list email that I 
inadvertently deleted (thinking I had no helpful input, of course!)  
titled Problem with XMail on NetBSD-4 there was a discussion about the 
error:

Recipient domain .com does not exist (or it has a misconfigured DNS)

I am also getting this error regularly with FreeBSD 6 and XMail 1.25.  I 
mention it in the XMail forums as well, and read about a number of other 
recent occurrences, but nothing has been resolved specifically.  As I 
mention in the forums, I have verified the domains are valid and 
properly configured in some of the cases, but the errors are consistent 
with specific domains.  In my case, one example is trikorausa.com 
which I can send email from any server other than my active XMail server 
under FreeBSD, adn which looks properly configured via dnstools.com (I 
configured it, so I believe it is correct...)

Davide responded:

I think XMail is getting a ERR_DNS_NXDOMAIN (NXDOMAIN) from your DNS 
server. When that's happening, XMail does not even try to fall back to the 
A record delivery.

and I think seems like it may be correct, but I am uncertain how to test 
this.  The server does not provide DNS queries for itself (although it 
provides DNS for the domains it is authoritative on) but queries a 
m0n0wall router on the LAN, which queries my ISPs DNS servers.  The 
server is able to resolve a dig as well as dig+trace to the MX record to 
trikorausa.com (and other domains) without incident.  This would suggest 
that something else might be going on, since the domain does have a 
functional and valid MX record, so there should be no need to fall back 
to an A record.

This seems to be a new problem, but I updated XMail to 1.25, FreeBSD 
(minor update) and the m0n0wall router (minor update) all around the 
same time.  I am not using SmartDNSHost, nor have I ever, although I've 
been running XMail for 6 or more years... should I test setting it to my 
ISP DNS servers rather than the local m0n0wall router (which queries the 
ISP servers anyway successfully with other services on the same server)?

Does anyone have any ideas or recommendations about how to test where 
the problem might be?

Thanks,
Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Relocate .pid file on *BSD

2007-05-27 Thread Jeff Buehler
 
Hi Harald -

You are right - I just tested it and had assumed that pidfile= set the
location.  It's seems strange that it would be hard coded in any application
rather than parameterized.  It sounds like the variable mentioned by Tjeerd
might be the way to go.

Jeff

Harald Schneider wrote: Hi Jeff, as far as I can see this just assigns the
standard path to the .pid to a variable which is used for the Kill command.
It does not SET the -pid file's location - right ? IMHO it needs to be
modified in the source. Any hints Davide ? -- Harald Jeff Buehler wrote: Hi
Harald - It's all about the startup script on *BSD. There is no standard
package for Xmail (something I have thought about setting up numerous times)
in FreeBSD, so modifying a default template is not an issue. I place my
custom startup script in /usr/local/etc/rc.d - I believe this is at least
somewhat similar in the other *BSDs. It specifiers the location of the .pid
file - here is the script I use, pidfile being declared explicitly:
#!/bin/sh# # $FreeBSD: XMail - non-standard port # # PROVIDE: xmail # # Add
the fellowing line to /etc/rc.conf.local or /etc/rc.conf # to enable xmail #
# xmail_enable (bool): Set it to YES to enable ... /etc/rc.subr
MAIL_ROOT=/server/MailRoot export MAIL_ROOT name=xmail rcvar=`set_rcvar`
command=${MAIL_ROOT}/bin/XMail command_args=-B- -W- -X- -F- -Ms
/server/MailRoot -MM -Qr 50 -Ql -Pl -Sl -SI 127.0.0.1:25 -Ll -Mr 240 -Sr
300pidfile=/var/run/XMail.pid sig_stop=-kill $pidfile # read
configurationand set defaults load_rc_config $name : ${xmail_enable=NO}
run_rc_command $1 I hope that helps! Jeff Harald Schneider wrote: Hi, is
there a way to relocate the XMail.pid file from /var/run to another location
? This would allow to use XMail as e.g. a proxy with user rights only,
startable from a simple script - all files in a single folder. -- Harald -
Tounsubscribe from this list: send the line unsubscribe xmail in the body
of a message to [EMAIL PROTECTED] For general help: send the line
help in the body of a message to [EMAIL PROTECTED] - To
unsubscribe from this list: send the line unsubscribe xmail in the body of
a message to [EMAIL PROTECTED] For general help: send the line
help in the body of a message to [EMAIL PROTECTED] 


--- Links ---
   1 mailto:[EMAIL PROTECTED]
   2 mailto:[EMAIL PROTECTED]
   3 mailto:[EMAIL PROTECTED]
   4 mailto:[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Relocate .pid file on *BSD

2007-05-25 Thread Jeff Buehler
Hi Harald -

It's all about the startup script on *BSD. There is no standard package 
for Xmail (something I have thought about setting up numerous times) in 
FreeBSD, so modifying a default template is not an issue.  I place my 
custom startup script in /usr/local/etc/rc.d - I believe this is at 
least somewhat similar in the other *BSDs.  It specifiers the location 
of the .pid file - here is the script I use, pidfile being declared 
explicitly:

#!/bin/sh
#
# $FreeBSD: XMail - non-standard port
#
# PROVIDE: xmail
#
# Add the fellowing line to /etc/rc.conf.local or /etc/rc.conf
# to enable xmail
#
# xmail_enable (bool):Set it to YES to enable

.. /etc/rc.subr

MAIL_ROOT=/server/MailRoot
export MAIL_ROOT
name=xmail
rcvar=`set_rcvar`

command=${MAIL_ROOT}/bin/XMail
command_args=-B- -W- -X- -F- -Ms /server/MailRoot -MM -Qr 50 -Ql -Pl 
-Sl -SI 127.0.0.1:25 -Ll -Mr 240 -Sr 300
pidfile=/var/run/XMail.pid
sig_stop=-kill $pidfile

# read configuration and set defaults
load_rc_config $name
: ${xmail_enable=NO}

run_rc_command $1

I hope that helps!

Jeff

Harald Schneider wrote:
 Hi,

 is there a way to relocate the XMail.pid file from /var/run to another 
 location ?

 This would allow to use XMail as e.g. a proxy with user rights only, 
 startable from a simple script - all files in a single folder.

 -- Harald

 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] freebsd 6 problems?

2007-03-12 Thread Jeff Buehler
I have been running XMail using daemontools under Freebsd 5/6 32 and 
64 bit for about a year or so.  I have decided to discontinue using 
daemontools, and I only now notice than when I try to run XMail from a 
standard rc.d script under Freebsd (64 bit), it crashes UNLESS I run it 
in debug (-Md) mode, which is the mode I (I think) needed to use to run 
it under daemontools which doesn't want things running in the background.

If I run xmail locally without the -Md parameter (for example, 
/MailRoot/bin/XMail with MAIL_ROOT set properly) after a fresh 
compile it simply dies (signal 11) with almost no info.  Under the 32 
bit version of an otherwise identical OS it is fine and launches.

So, does anyone have info about XMail failing under FreeBSD 6 64 bit?  
It appears to simply fail...

A version compiled on a 32 bit platform appears to run on my 64 bit 
platforms although I haven't actually tested it.

Thanks for any info about this!

Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: xmail 1.24 smtp timeouts

2007-02-14 Thread Jeff Buehler
Hi Davide -

Using top, XMailis the active process using CPU. However, perhaps it would 
display that way if the fault was with OpenSSL, which I am using.  However, 
I am using the FreeBSD 6.2 standard port and having no problems with other 
SSl uses on thisd system.  Also, I beleive (unhless I am doing something 
incorrectly) that I have discabled the use of SSL completely - does XMail 
still make calls to OpenSSL even if SSL is unused?

I am setting in server.tab:
SSLWantVerify0
SSLWantCert0
SSLAllowSelfSigned1
SSLUseCertsFile0
SSLUseCertsDir0
EnableSMTP-TLS0

Thanks,
Jeff
- Original Message - 
From: Davide Libenzi davidel@xmailserver.org
To: Xmail Mailing List xmail@xmailserver.org
Sent: Tuesday, February 13, 2007 12:52 PM
Subject: [xmail] Re: xmail 1.24 smtp timeouts


 On Mon, 12 Feb 2007, Jeff Buehler wrote:

 Hi Everyone -

 I have been getting XMail timeouts, along with CPU use going up to
 something like 98%, after upgrading to 1.24.  I am not 100% certain that
 the upgrade is what is causing this, so I am looking for ideas.  I did
 not have any problems with 1.23, and I don't think that I am seeing any
 more traffic than I did when using 1.23.

 I am running FreeBSD 6.2, and saw this with 1.24 under 6.1 also.  My
 configuration is a bit unusual.  ASSP is receiving socket 25/587 -
 ClamSMTP - Xmail, but XMail is the executable that seems to be getting
 overwhelmed.

 One thing that I googled time ago that was making openssl for have large
 delays, was related to the lack of a good source of entropy. But if you're
 not using openssl, that's never get triggered.
 Also, are you sure it's XMail sucking CPU?



 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]

 

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: ClamAV usage with XMail

2007-02-13 Thread Jeff Buehler
I use ASSP withlut ClamAV, then the email is scanned by ClamSMTP WITH
ClamAV.  ASSP's implementation is less complete than ClamSMTP which
does a deep scan.  Then XMail gets the email for delivery.  This has
worked great up until XMail 1.24, but now I seem to be having time out
problems with XMail. My guess is that 1.24 is slower with the SSL
addition (even not using SSL) than 1.23 and that is cuaing it to hang.

Using ClamAV with ClamSMTP I have only had one virus in over three years
get through, and that due to a failed update the night before.

Jeff

On 2/13/2007, David Lord [EMAIL PROTECTED] wrote:

On 12 Feb 2007, at 20:28, Brian wrote:

 Any opinions on using ClamAV with XMail?
 How good is ClamAV and is it secure / stable?

I installed both fprot and clamav on NetBSD with intention of using
whichever I managed to get working first which turned out to be
fprot. I've no reason to suspect clamav is any less useful than fprot
and it might even be more configurable.

I suspect glst prevents the server seeing many viruses and so far
fprot hasn't let any through to my users (me).

David

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] xmail 1.24 smtp timeouts

2007-02-12 Thread Jeff Buehler
Hi Everyone -

I have been getting XMail timeouts, along with CPU use going up to 
something like 98%, after upgrading to 1.24.  I am not 100% certain that 
the upgrade is what is causing this, so I am looking for ideas.  I did 
not have any problems with 1.23, and I don't think that I am seeing any 
more traffic than I did when using 1.23.

I am running FreeBSD 6.2, and saw this with 1.24 under 6.1 also.  My 
configuration is a bit unusual.  ASSP is receiving socket 25/587 - 
ClamSMTP - Xmail, but XMail is the executable that seems to be getting 
overwhelmed.

Reducing SMTP connections via ASSP seems to help some, as does reducing 
allowed file sizes, but I haven't verified this completely.  The 
timeouts are intermittent, but always there seems to be a large number 
of connections via netstat.

Here are the enabled server.tab entries of any interest:

NotifyTryPattern0
MaxMTAOps16
ReceivedHdrType1
FetchHdrTags+X-Deliver-To,+Received,To,Cc
SmtpMsgIPBanSpammers550 Denied due inclusion of your IP in our 
spam lists
SmtpMsgIPBanSpamAddress550 Denied due inclusion of your email 
address in our spam lists
SmtpMsgIPBanMaps550 Denied due inclusion of your IP in the 
following map
SMTP-MaxErrors3
MaxMessageSize62000
EnableAuthSMTP-POP31
AllowNullSender1
DefaultSmtpPermsMRVZ
SSLWantVerify0
SSLWantCert0
SSLAllowSelfSigned1
SSLUseCertsFile0
SSLUseCertsDir0
EnableSMTP-TLS0

Any help would be greatly appreciated!  I am about to downgrade to 1.23...

Thanks,
Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Advices

2007-01-26 Thread Jeff Buehler
ASSP is great.  I sue it with ClamSMTP rather than using ASSP's virus 
filtering.  I have been running ASSP - ClamSMTP - XMail for several 
years now with literally no problems (other than the occasional 
misconfiguration issue :)), however I am using FreeBSD 6 (not Windows).

Jeff

Emmanuel Gonzalez wrote:
Hi,
  

 We're using Xmail servers for long.

 We have migrate on a Win 2K3 server and it's working fine. 

  

 My question : 

 -  does anyone knows an antivirus working fine with xmail (on
 Windows 2003 server) and working with xmail filters.

 -  Can someone advise me to find a spam tool working on windows 2003
 server 

  

 Again, I won't change my Xmail Server ! You did a fabulous work Davide.

  

 Thanks for your help 

  

 Emmanuel Gonzalez

  



 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]


   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Poll ...

2006-10-30 Thread Jeff Buehler

I don't need it right now, but I think it's an excellent idea to add it 
if it isn't a crazy amount of work.  I can easily see needing it in the 
future...

Thanks,
Jeff

Davide Libenzi wrote:
 How many would appreciate per-RCPT SMTP filter capabilities?



 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]



   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Problems installing Xmail

2006-10-01 Thread Jeff Buehler

I haven't read the rest of this post (sorry) but in case it helps I 
recall it does attempt a chroot and port forward/redirect, which was a 
bit of a problem for me as I do this myself using ASSAP and ClamSMTP - I 
finally just installed XMail manually and ignored the port, which worked 
well.

Jeff

Davide Libenzi wrote:
 On Sun, 1 Oct 2006, Simon Zarate wrote:

   
 While trying to install, fail and reply with this error.
 

 Hmm, something fishy is going on with the gentoo portage. Either their 
 package ir b0rken, or they're trying to run XMail in a chroot by doing 
 port forwarding.



 - Davide


 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]


   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Reducing spam

2006-10-01 Thread Jeff Buehler

Look into ASSP (Anti Spam Server Proxy).  This is my favorite solution 
for a number of reasons.  XMail has a number of tools to help with SPAM, 
and they work well, but I found ASSP to be significantly ahead of any 
specific XMail integration solutions I was able to come up with or 
implement after about 6 years of using it, so that's my advice.

Jeff


Clive Lansink wrote:
 Hi list.  Spam seems to be getting to rediculous levels so I'm trying to 
 reduce the number of spam messages I am receiving in my xmail server.

 I started by uncommenting the line in server.tab:
 CustMapsList
 list.dsbl.org.:1,blackholes.mail-abuse.org.:1,dialups.mail-abuse.org.:0

 First, is there any way to tell if Xmail is correctly contacting the hosts in 
 the maps list?  It would be nice to know that it is.

 Also, what is the best system to use for this purpose?  I've heard of 
 something called Sorbs but I don't know much about it and whether it would be 
 better to put that into the CustMapsList.

 Here is a random sample of a message I can expect to receive.  The log entry 
 looks like this:

 lansink.co.nz   lansink.co.nz 63.163.14.58  2006-10-02 00:09:00   
 smtp.secureserver.net lansink.co.nz [EMAIL PROTECTED] [EMAIL 
 PROTECTED] S7C56 RCPT=OK 0 

 It is addressed to [EMAIL PROTECTED], which is actually wrong but I have my 
 domain set up so I receive all messages for the domain other than those for 
 other specific mailboxes.  

 I take it then that the mail-from was [EMAIL PROTECTED], and the IP address 
 that this message came from was 63.163.14.58.  I could possibly keep that 
 IP address in my own list of spamming IP addresses, but I really don't want 
 to have to maintain my own list.  I'd rather rely on one of these public 
 organisations to do that, but I would still want a simple way to report an 
 offending IP address to people better able to deal with it.

 Is there a tool I can add to xmail that could reply to the sender of a 
 message with a chalenge so they must respond in a specific way to authorise 
 the message?  I am thinking that this could be relatively simple to do by 
 adding a tool to xmail if it is not already done.  It would rely on having a 
 list of senders that are known to be acceptable, and some rules for other 
 messages such as for email lists that are also acceptable.  But any other 
 incoming message would be chalenged.  Just an idea.  

 I'm reluctant to go back to a system in which my ISP filters spam for me 
 because they are often too agressive and can filter out messages that I 
 really need to see.  I'm not happy with anti-spam systems that do some sort 
 of analysis on the message to determine if it is spam or genuine mail.  But I 
 do agree with coming down hard on people who misbehave and I'd like to do 
 what I can to stop spam at its source.

 Since we're all using xmail on this list, I would really appreciate a 
 discussion on how to reduce spam.  Ultimately it would be good to update the 
 manual to make it easier for others to get to grips with this, and I'd be 
 happy to write something depending on what results from this discussion.


 Clive Lansink
 Email: [EMAIL PROTECTED]
 Phone: +64 9 520-4242
 Mobile: +64 21 663-999
 Fax: +64 21 789-150
 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]


   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Problems in receiving mail from hotmail

2006-10-01 Thread Jeff Buehler

It sounds like a filter added on to XMail or something... unless you 
mean XMail is hanging on emails from Hotmail.  I don't really understand 
the statement mails from Hotmail are regularly caught as bad html - I 
don't think XMail would do that unless you are talking about it actually 
crashing with Hotmail HTML  email or something... can you clarify?

Jeff

Prakash wrote:
 Hi All

 i am  fresh to linux admin.

 In our concern we are using  X-Mailserver running on Debian 2.6 Linux.

 mails from hotmail is regularly caught as badhtml and there need to manual 
 release of those mail

 Help me in this concern

 Regards
 Prakash 

 -
 To unsubscribe from this list: send the line unsubscribe xmail in
 the body of a message to [EMAIL PROTECTED]
 For general help: send the line help in the body of a message to
 [EMAIL PROTECTED]


   

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Spammers - How to block them.

2006-02-14 Thread Jeff Buehler

Hi Henri -

I suspect this makes little difference, but just in case you aren't 
aware of this, you can run ASSP on a different computer - it doesn't 
have to be the same system, and so Perl also does not need to be on your 
XMail system.  I'm not certain why you have feelings about running 
something in front of XMail if it will simply reduce the burden on your 
server (significantly) but we all have our reasons, I suppose!

If you aren't processing much email, then I can't understand why you are 
getting the server too busy errors you mentioned in your first email.  
Something doesn't sound quite right.  Frankly, even before I was running 
ASSP, I was processing quite a bit of email (thousands a day, sometimes 
more, and thousands more a day of SPAM) and I never received an error 
like that on send.

I understood you to say that you were getting SMTP connect errors 
because XMail was taking too long to refuse invalid users.   Logically, 
if you are receiving server too busy errors simply from refusing emails 
to non-valid users (as I read your first email to be saying), which 
would require an incredible volume of invalid email (or a very, very 
slow server), then the only way to prevent server overload would be to 
put something in front of XMail, since XMail is already refusing those 
emails that are causing the problem.  But I must have misunderstood 
given the direction the rest of this thread has taken.

If it is simply an issue of SPAM in general, and you need to block it, 
and you don't want to use something like ASSP (for reasons of purity?), 
then your best bet is greylisting (as Rob Arends covers well), RBL 
blocking, and perhaps something like you mention with an automated 
addition to the spammers list as a last addition.

Jeff

Henri van Riel wrote:

Hi Jeff,

  

You can run ASSP on a different server than XMail.  Also, you can
use it simply to verify that the address being sent to is a valid
one - it does not need to perform Bayesian -filter based SPAM
blocking unless you want it to (you could open up the ruleset, or
you can have it simply tag the email that goes through with
something if it thinks it's SPAM).  If what you need is to be able
to close sessions to invalid addresses quickly, that is the only way
I know how to do it.



I'll certainly look into it but I don't like the idea of having to run
something in front of XMail... Also, I'd need to install Perl on my
mailserver which is *strictly* a mailserver.

  

What you suggest might work, but spammers domains and addresses
change very rapidly, so I'm not certain you would actually cut down
the volume much, and you would end up having to process all of that
email.  ASSP will simply terminate the session more or less
immediately if it doesn't like the email, the sender, or the
address, or any combination of those things.



I don't have to process that much email though. First of all, my new
CustMapsList filters out a lot of spam. If the sender seems ok, XMail
first checks if the recipient is known. If not, it redirects it to my
catch-all account. While it is doing that, the filters.pre-data.tab
filter kicks in *before* the data command, only the headers have
arrived so far. Next, my script will get the ip address from those
headers and exits with code 3 which makes XMail to terminate the
connection. Mail with a valid recipient will still go through the
filter but that's not a problem.

Sounds to me that it could work! ;)

  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Spammers - How to block them.

2006-02-14 Thread Jeff Buehler

Hi Henri -

That's odd. How many smtp threads were you running? I've set the
maximum to 16 now where 4 should be enough to handle all incoming mail
(easily!).
  

Whatever the default is (is it MaxMTAOps? - that is set to 16 on my 
system).  Running on FreeBSD on a Athlon XP running at 2 GHz, 1 gig of 
RAM, fast SCSI hard drive.  Nothing too fancy.  Right now running ASSP 
- clamsmtp - XMail (in this case on the same system) this handily 
processes 4500 (or so) valid emails per day and refuses about the same 
number of additional SPAMs.  Without the CLAMsmtp and ASSP this same 
system processed almost that much email without me ever seeing the 
problem you describe.

It's not the spam per se, I know how to get rid of that. It's because
99.5% of all incoming mail is for non-existent recipients. I don't
want to check them all to see if it's spam or not cause I already
*know* it's spam. I don't want to waste server resources and internet
bandwidth for something I already know I don't want. I just want to
get rid of those attempts from spammers to deliver spam to my server
as quickly and as easily as possible. 

  

Again, if the problem is email to invalid users, I don't see how any of 
the other options you mentioned in XMail will necessarily help.  Perhaps 
they will by using a different mechanism, like RBL check, that is faster 
than XMails own determination of an invalid address, but that seems a 
stretch to me.  ASSP is designed to close the SMTP session immediately 
if it doesn't like an email for any reason specified by the admin, such 
as an invalid address, so it directly addresses the problem you are having.

However, as also mentioned, it seems very strange to me that XMail would 
be so slow on refusing invalid connections as to cause connection 
failures from valid senders if you have a low volume of email - I don't 
know XMail's mechanism behind this (perhaps someone else can clarify) 
but I have never run into that problem, or heard of anyone else running 
into that problem, unless they were getting a HUGE volume of SPAM (and 
not specifically to invalid users).  So it might be worth looking into 
WHY your installation is behaving this way, since it sounds fishy to 
me.  Maybe 4 threads was too low?

Jeff


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Spammers - How to block them.

2006-02-13 Thread Jeff Buehler

ASSP with XMail is an excellent solution for this - it is robust and 
reasonably lightweight.  ASSP checks the first number of K that you 
specify to determine if an email is SPAM, then closes the session if it 
is.  You can specify valid user accounts in a text file or using LDAP.  
If the email is invalid, it simply closes the session.  Then you can 
forward the email to XMail for final processing.

Jeff

Henri van Riel wrote:

Hi all,

I've got a peculiar problem. My domain (a sub-domain of my ISP)
receives a lot of (spam) email. I'm talking more than 15,000 emails
per day (about 10mb/hour). All these emails are for recipients *not*
defined on my domain. Someone has simply generated thousands of fake
email addresses and put them on a cd and sells that (probably).

I've set up XMail so that it only accepts mail for known users, so I
don't really receive these emails. The problem is that my smtp threads
are always *busy*. When I try to send email from outside my LAN
through my mailserver at home I always get the message `server too
busy, retry later...` because all my SMTP threads are handling
mail from these spammers...

What I would like is that XMail *immediately* drops the connection
with the spammer's mailserver but it doesn't seem to do that.
Connections stay open for a while because this server has dozens of
emails to deliver to my server (all for users that don't exist!).

Is there a way to immediately drop the connection with the server that
tries to deliver mail to an unknown user and also ban this particular
mail server for at least a day? That would decrease the number of
random emails significantly and save me a lot on bandwidth.

Any help would be appreciated.

Thanks.

  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Spammers - How to block them.

2006-02-13 Thread Jeff Buehler

Hi Henri -

You can run ASSP on a different server than XMail.  Also, you can use it 
simply to verify that the address being sent to is a valid one - it does 
not need to perform Bayesian -filter based SPAM blocking unless you want 
it to (you could open up the ruleset, or you can have it simply tag the 
email that goes through with something if it thinks it's SPAM).  If what 
you need is to be able to close sessions to invalid addresses quickly, 
that is the only way I know how to do it.

What you suggest might work, but spammers domains and addresses change 
very rapidly, so I'm not certain you would actually cut down the volume 
much, and you would end up having to process all of that email.  ASSP 
will simply terminate the session more or less immediately if it doesn't 
like the email, the sender, or the address, or any combination of those 
things.

Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-25 Thread Jeff Buehler

Leanardo:  Interesting find about the errors appearing not to be XMail 
generated - I will have to look into that in more detail by going over 
the logs when I can get the time.
Clement: I use an IP in the cmdalias.  The FQDN of the Exchange server 
resolves only to one IP.  Xmail connects to the Exchange server through 
a M0n0wall firewall/NAT device that is NAT'ing the Exchange server.  I 
don't recall seeing multiple times the same same bounce before upgrading 
to 1.22 (and now that you brought it up, M0n0wall is a recent addition 
to the network there as well).  I will have to go over the logs as soon 
as I can to answer your other question about whether or not the bounce 
is seen on the Exchange side.

It sounds like I will need to spend some more time with the logs and 
testing on this one - I will let you know what I find - thanks for all 
of your input!

Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-23 Thread Jeff Buehler

Hmmm - ok, let me look at this a little deeper (and thanks for your input!).

In answer to your questions:

Exchange has its own domain, but only handles internal email (so 
outbound  is Exchange - ASSP - (clamSMTP) - Xmail - INTERNET or 
inbound is INTERNET-ASSP - (clamSMTP) - XMail - Exchange).  Xmail 
does forward the error messages to Exchange by using smtprelay in 
cmdalias - it does not actually have a mail account for the Exchange 
user, it just relays.  Postmaster does receive errors as well, but they 
seem inconsistent with the others - I need to research this point a bit 
more and see if I am receiving more than 1 error to this account as 
well, but I don't think I am.

It appears that I am not getting one email for each failure - rather, it 
appears to be some random number of bounce emails (sometimes 3, 
sometimes 5, and so on).

Two complete examples (from the same failure) follow:

From: buehlertech.net PostMaster [EMAIL PROTECTED]
Sent: Friday, January 20, 2006 1:03 PM
To: Jeff Buehler
Subject: Error sending message
[1137780666750.135234560.3ee.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number 
of delivery attempts has been reached]


[01] Error sending message 
[1137780666750.135234560.3ee.banshee.buehlertech.net] from 
[buehlertech.net].

ID:S75A16
Mail From: [EMAIL PROTECTED]
Rcpt To:   [EMAIL PROTECTED]
Server:delmone.com [delmone.com]


[02] The reason of the delivery failure was:

The maximum number of delivery attempts has been reached


[05] Here is listed the initial part of the message:

Received: from BuehlerTechAntiSpam ([127.0.0.1]:58144)
by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP 
Server]
id S75A16 for [EMAIL PROTECTED] from [EMAIL PROTECTED];
Fri, 20 Jan 2006 10:11:04 -0800
Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) 
by BuehlerTechAntiSpam ; 20 Jan 06 18:11:02 -
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=_=_NextPart_001_01C61DEC.DE69A4EC
Subject: test4
Content-class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Fri, 20 Jan 2006 10:11:00 -0800
Message-ID: [EMAIL PROTECTED]
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test4
Thread-Index: AcYd7N33dm49C2YAQOGUDPl2HKf/bg==
From: Jeff Buehler [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP

-

From: buehlertech.net PostMaster [EMAIL PROTECTED]
Sent: Friday, January 20, 2006 12:22 PM
To: Jeff Buehler
Subject: Error sending message
[1137775892511.135234560.250.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number 
of delivery attempts has been reached]


[01] Error sending message 
[1137775892511.135234560.250.banshee.buehlertech.net] from 
[buehlertech.net].

ID:S758C4
Mail From: [EMAIL PROTECTED]
Rcpt To:   [EMAIL PROTECTED]
Server:delmone.com [delmone.com]


[02] The reason of the delivery failure was:

The maximum number of delivery attempts has been reached


[05] Here is listed the initial part of the message:

Received: from BuehlerTechAntiSpam ([127.0.0.1]:54200)
by antispam.buehlertech.net ([127.0.0.1]:25) with [XMail 1.22 ESMTP 
Server]
id S758C4 for [EMAIL PROTECTED] from [EMAIL PROTECTED];
Fri, 20 Jan 2006 08:51:32 -0800
Received: from 71.134.90.35 ([71.134.90.35] helo=mail.interoceanss.com) 
by BuehlerTechAntiSpam ; 20 Jan 06 16:51:31 -
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=_=_NextPart_001_01C61DE1.C3D28DF8
Subject: test3
Content-class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Fri, 20 Jan 2006 08:51:17 -0800
Message-ID: [EMAIL PROTECTED]
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test3
Thread-Index: AcYd4buU0P6OtpNtTT+mAMHshLq35g==
From: Jeff Buehler [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Virus-Scanned: Buehler Technologies Anti-virus ClamSMTP




Thanks,
Jeff

Leonardo Fogel wrote:

--- Jeff Buehler wrote :

  

Right now I have XMail set to
try 10 times, so there 
seem to be 10 emails that are sent to notify the
sender of the failure.  

(...)
Exchange users that have this problem - XMail is
running on FreeBSD, but 
a number of Exchange users send through it as shown:

Exchange - ASSP (anti-spam proxy) -XMail -
Internet - the problem 
definitely happens with this flow




Some thoughts:
As far as I know from XMail, a bounce (error) message
is like any other message, i.e., XMail will try to
deliver them the same way and it will make the same
number of tries if it needs. So, if you configure
XMail to make N tries to send a message and it fails
(and the sender's domain is not handled by XMail), it
will also make at most N tries to send (forward) the
error message.

Questions: does Exchange handle a domain of its own?
Does XMail have to forward the error messages to
Exchange

[xmail] Re: Error messages returned to sender replicated

2006-01-23 Thread Jeff Buehler

Thats what I thought should happen, but my Exchange users are verifiably 
getting multiple (it seems to be random) bounces back.  Only my Exchange 
users seem to be affected - users accessing from a standard email client 
are getting the correct (single bounce) behavior).

Jeff

Davide Libenzi wrote:

On Sat, 21 Jan 2006, Jeff Buehler wrote:

  

I see.  Any thoughts on what my be causing the repeat error bounces?
Has anyone else run into this problem?
If not, I would guess it has to do with the Exchange/ASSP/XMail
relationship somehow since that is the only distinct thing about my
configuration from a standard one...
Davide, can you think of anything that may have changed between
1.20/1.21 and 1.22 that might affect this?



The one below is a standard bounce message that happen (only once per 
message - maximum) if the maximum number of delivery attempts is reached.


  

Ah ... I was unaware of that setting.  It's commented out, which
according to the documentation would seem to suggest that the errors
aren't (or shouldn't be) coming from XMail at all.  However, the headers
indicate (to me, anyway!) that they are - here is an abbreviated example:

From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 17, 2006 6:31 AM
To: Jens Jensen
Subject: Error sending message
[1137452256244.135361536.4d65.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number
of delivery attempts has been reached]





- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-23 Thread Jeff Buehler

Yes - I despise Exchange, personally.  However, talking the people 
holding the money out of using Exchange and going with LDAP/IMAP is like 
telling them that their father is a moron.  They look dumbfounded and 
then proceed as if nothing was said.  I host entirely on FreeBSD and I 
am just doing SPAM/AntiVirus filtering for this particular client.

At any rate, the strange part is that each of the messages I sent IS 
from the same email.  So, XMail is seeing two different messages (as you 
pointed out) but it is actually from the SAME send, so it must be 
getting duplicated by one of the other applications(?).  So, as you 
mention, there is obviously something in the configuration that is 
causing the trouble.

I will keep looking into it and report what I find for posteritys sake!

Thanks,
Jeff


Davide Libenzi wrote:

On Mon, 23 Jan 2006, Jeff Buehler wrote:

  

Hmmm - ok, let me look at this a little deeper (and thanks for your input!).

In answer to your questions:

Exchange has its own domain, but only handles internal email (so
outbound  is Exchange - ASSP - (clamSMTP) - Xmail - INTERNET or
inbound is INTERNET-ASSP - (clamSMTP) - XMail - Exchange).  Xmail
does forward the error messages to Exchange by using smtprelay in
cmdalias - it does not actually have a mail account for the Exchange
user, it just relays.  Postmaster does receive errors as well, but they
seem inconsistent with the others - I need to research this point a bit
more and see if I am receiving more than 1 error to this account as
well, but I don't think I am.

It appears that I am not getting one email for each failure - rather, it
appears to be some random number of bounce emails (sometimes 3,
sometimes 5, and so on).

Two complete examples (from the same failure) follow:



Those refer to two different messages ...


  

From: buehlertech.net PostMaster [EMAIL PROTECTED]
Sent: Friday, January 20, 2006 1:03 PM
To: Jeff Buehler
Subject: Error sending message
[1137780666750.135234560.3ee.banshee.buehlertech.net] from


^^^


and


  

From: buehlertech.net PostMaster [EMAIL PROTECTED]
Sent: Friday, January 20, 2006 12:22 PM
To: Jeff Buehler
Subject: Error sending message
[1137775892511.135234560.250.banshee.buehlertech.net] from


^^^

Something funky is going on with your setup. I don't know what, but a wild 
guess is that removing MS Exchange will have a 98% probability of fixing it :)



- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-21 Thread Jeff Buehler

I see.  Any thoughts on what my be causing the repeat error bounces?  
Has anyone else run into this problem? 
If not, I would guess it has to do with the Exchange/ASSP/XMail 
relationship somehow since that is the only distinct thing about my 
configuration from a standard one...
Davide, can you think of anything that may have changed between 
1.20/1.21 and 1.22 that might affect this?

Jeff

Davide Libenzi wrote:

On Fri, 20 Jan 2006, Jeff Buehler wrote:

  

Ah ... I was unaware of that setting.  It's commented out, which
according to the documentation would seem to suggest that the errors
aren't (or shouldn't be) coming from XMail at all.  However, the headers
indicate (to me, anyway!) that they are - here is an abbreviated example:

From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 17, 2006 6:31 AM
To: Jens Jensen
Subject: Error sending message
[1137452256244.135361536.4d65.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number
of delivery attempts has been reached]



The NotifyTryPattern variable does not affect final/definitive bounces, 
only intermediate ones.



- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Error messages returned to sender replicated

2006-01-20 Thread Jeff Buehler

Hi everyone -

Running XMail 1.22 my users have been reporting that No server found 
errors are coming back in duplicate.  The mails all come in after The 
maximum number of delivery attempts has been reached and the user 
receives a separate email for each failed delivery attempt, rather than 
one email containing all of the failures (which is the expected 
behavior, right?).  Right now I have XMail set to try 10 times, so there 
seem to be 10 emails that are sent to notify the sender of the failure.  
It was set to 40, and in that case the user was receiving 40 (or so) 
emails.  I have not verified that the number of returns is always 
exactly the same as the retry setting, but it is at least somewhat close.

Has anyone seen this behavior?  I am trying to verify if it is only my 
Exchange users that have this problem - XMail is running on FreeBSD, but 
a number of Exchange users send through it as shown:

Exchange - ASSP (anti-spam proxy) -XMail - Internet - the problem 
definitely happens with this flow

or

Email client - ASSP - XMail - Internet - the problem has not been 
verified yet with this flow

Thanks,
Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-20 Thread Jeff Buehler

Ah ... I was unaware of that setting.  It's commented out, which 
according to the documentation would seem to suggest that the errors 
aren't (or shouldn't be) coming from XMail at all.  However, the headers 
indicate (to me, anyway!) that they are - here is an abbreviated example:

From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, January 17, 2006 6:31 AM
To: Jens Jensen
Subject: Error sending message
[1137452256244.135361536.4d65.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number
of delivery attempts has been reached]

Jeff

Davide Libenzi wrote:

On Fri, 20 Jan 2006, Jeff Buehler wrote:

  

Hi everyone -

Running XMail 1.22 my users have been reporting that No server found
errors are coming back in duplicate.  The mails all come in after The
maximum number of delivery attempts has been reached and the user
receives a separate email for each failed delivery attempt, rather than
one email containing all of the failures (which is the expected
behavior, right?).  Right now I have XMail set to try 10 times, so there
seem to be 10 emails that are sent to notify the sender of the failure.
It was set to 40, and in that case the user was receiving 40 (or so)
emails.  I have not verified that the number of returns is always
exactly the same as the retry setting, but it is at least somewhat close.



How's your NotifyTryPattern set inside the server.tab?



- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Error messages returned to sender replicated

2006-01-20 Thread Jeff Buehler

By the way, I had no indications of this happening using 1.21 or 
earlier.  This does not mean that it didn't for certain, but I am pretty 
certain that it would have come up (I was running 1.21 and maybe 1.20 
from the time they were made available until the newer versions with 
this configuration - exchange - assp - xmail - internet).  It is 
possible that I may have made some seemingly insignificant change to any 
of the players involved, though, most suspect being ASSP.

I have verified that I (seem) get only one failure message back to the 
sender when the configuration does not involve exchange, that being 
email client - assp - xmail - internet.  Unless I am misreading the 
documentation, I think this is also not the right behavior since 
NotifyTryPattern is set to the default, but I prefer it to a whole bunch 
of messages!

Here is an example of the header for that:

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number of delivery 
attempts has been reached]

[01] Error sending message 
[1137796073865.135234560.61c.banshee.buehlertech.net] from [buehlertech.net].

ID:S75D07
Mail From: [EMAIL PROTECTED]
Rcpt To:   [EMAIL PROTECTED]
Server:bogusdomain.com [bogusdomain.com]

[02] The reason of the delivery failure was:


The maximum number of delivery attempts has been reached


Thanks again for any thoughts or ideas...

Jeff

Jeff Buehler wrote:

Ah ... I was unaware of that setting.  It's commented out, which 
according to the documentation would seem to suggest that the errors 
aren't (or shouldn't be) coming from XMail at all.  However, the headers 
indicate (to me, anyway!) that they are - here is an abbreviated example:

From: buehlertech.net PostMaster [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, January 17, 2006 6:31 AM
To: Jens Jensen
Subject: Error sending message
[1137452256244.135361536.4d65.banshee.buehlertech.net] from
[buehlertech.net]

[00] XMail bounce: [EMAIL PROTECTED];Error=[The maximum number
of delivery attempts has been reached]

Jeff

Davide Libenzi wrote:

  

On Fri, 20 Jan 2006, Jeff Buehler wrote:

 



Hi everyone -

Running XMail 1.22 my users have been reporting that No server found
errors are coming back in duplicate.  The mails all come in after The
maximum number of delivery attempts has been reached and the user
receives a separate email for each failed delivery attempt, rather than
one email containing all of the failures (which is the expected
behavior, right?).  Right now I have XMail set to try 10 times, so there
seem to be 10 emails that are sent to notify the sender of the failure.
It was set to 40, and in that case the user was receiving 40 (or so)
emails.  I have not verified that the number of returns is always
exactly the same as the retry setting, but it is at least somewhat close.
   

  

How's your NotifyTryPattern set inside the server.tab?



- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


 





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Backup

2006-01-18 Thread Jeff Buehler

I prefer rsync of the entire MailRoot directory to another system, but 
you could as easily rsync to an alternate media source on the same 
system.  By using rsync, you can run it often since rsync operates 
incrementally (only the portions of files that have changed are 
replicated).  I run it every 5 minutes staggered to two different 
systems, so changes are up to date about every 2.5 minutes.  In order to 
do a restore you can simply rsync in the reverse direction, which might 
take 10 seconds or less to complete.  This method can also be used for 
primitive but effective failover to alternate systems.

Jeff

Chad Fleenor wrote:

I always just tar up /var/MailRoot every night.  I have had to restore 
this file before because someone deleted a domain.  It took me less than 
5 minutes to have the domain back up and operational, no one knew that 
anything had happened.

Thanks

Kay Seljeseth wrote:

  

Is a full directory backup of the mailroot the best way to make a backup of
the xmailserver config?

May the message files under the mailbox directories be excluded if not
needing a backup of the messages, but still wanting a full config backup?

(did not find any info about this in the readme file?)

Thanks!

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]

 





  



-- 





Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - [EMAIL PROTECTED]




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: hidden copy - recent supreme court decision

2005-12-15 Thread Jeff Buehler

Who cares about the law?  What about your own sense of moral 
culpability?  Sure, it's your job, and it's hard to tell your paycheck 
to f-off, but spying on people is spying on people.  Life is short and 
there are a lot of ways to make money - the one thing you can keep to 
the grave is your belief that you have done what is intrinsically right 
(as long as you have stood up for that!).  I don't think it's worth 
being the conduit for something that you may not be comfortable with.  
If you are, then fine, go for it.  I wouldn't be, but we all come from 
different places!

Jeff

Leonardo Fogel wrote:

--- Helio Cavichiolo Jr wrote:


  

That's a great idea, but perhaps not enough. Here in
Brazil, as in France, the 
law don't allow mail violation.



News about the topic:
The decision of the TST [brazilian supreme court of
labour] was favourable to HSBC, under the
argumentation that 'the enterprise can track all
eletronic addresses, because there is not any privacy
to be preserved, since the e-mail could not be used
for private ends'. Security Review, year I, number 4.



   



   
   
___ 
Yahoo! doce lar. Faça do Yahoo! sua homepage. 
http://br.yahoo.com/homepageset.html 

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: hidden copy - recent supreme court decision

2005-12-15 Thread Jeff Buehler

Yeah, sorry about the soapbox (I had just woken up when I wrote that so 
I was on a bit of a soapbox - my apologies!)  Issues like the one you 
are in are always quite complicated to resolve, and nothing is ever 
black and white...

Right now in the U.S. these sorts of issues are really in my face all of 
the time.  For example, one of my favorites right now, the Patriot Act!  
What a giant freedom sucking black hole piece of crap that is.  As if 
taking away our toenail clippers on the plane is going to stop a 
determined martyr/terrorist/whatever, or high-tech invasion of privacy 
is going to actually protect us from some of the terrible things we have 
perpetrated on global affairs (I would make a list but it would reduce 
me to grinding my teeth).

Anyway, here I am ranting again... sorry.  You could always 
accidentally have an email forwarded to a given user that mentions a 
mail has been forwarded to the boss, and apologize later saying that it 
was a preconfigured behavior you were unaware of or some nonsense.  By 
the time the boss found out, everyone involved might be a little steamed...

Good luck with however it works out (and sorry to use this mail list for 
non-technical ranting yet again!)

Jeff

Vidmantas wrote:

Jeff,

I understand moral situation quite enough and I'm not looking positive 
to the things like spying on people's
letters. I'm asked to make possibility to realize such things, not to 
start spying right now.
Boss will make decision. Since I'm just IT engineer, not boss or 
similar, I don't know the exact reason of making copies.
But I know it is related to spreading (selling?) commercial information.
Anyway, I don't think the illegal copies are best way to fight it. I'm 
feeling really uncomfortable.
But my job is to make programs...


Jeff Buehler wrote:
  

Who cares about the law?  What about your own sense of moral 
culpability?  Sure, it's your job, and it's hard to tell your paycheck 
to f-off, but spying on people is spying on people.  Life is short and 
there are a lot of ways to make money - the one thing you can keep to 
the grave is your belief that you have done what is intrinsically right 
(as long as you have stood up for that!).  I don't think it's worth 
being the conduit for something that you may not be comfortable with.  
If you are, then fine, go for it.  I wouldn't be, but we all come from 
different places!

Jeff

Leonardo Fogel wrote:

  


--- Helio Cavichiolo Jr wrote:


 


  

That's a great idea, but perhaps not enough. Here in
Brazil, as in France, the 
law don't allow mail violation.
   

  


News about the topic:
The decision of the TST [brazilian supreme court of
labour] was favourable to HSBC, under the
argumentation that 'the enterprise can track all
eletronic addresses, because there is not any privacy
to be preserved, since the e-mail could not be used
for private ends'. Security Review, year I, number 4.



 



 
 
___ 
Yahoo! doce lar. Faça do Yahoo! sua homepage. 
http://br.yahoo.com/homepageset.html 

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


 


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


__ NOD32 1.1325 (20051215) Information __

This message was checked by NOD32 antivirus system.
http://www.eset.com


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: smtp authentication to external server via cmdaliases

2005-11-23 Thread Jeff Buehler

Sönke, thanks again!  That will do the trick ...

Jeff

Sönke Ruempler wrote:

Hi Jeff,

[EMAIL PROTECTED]  wrote on Wednesday, November 23, 2005 8:09
AM:

  

I am using the cmdaliases functionality to forward certain
emails to an
Exchange 2003 Server.  I would like to disable general SMTP for the
Exchange server and force authentication.  Does anyone know
of a way to
authenticate the SMTP session when forwarding an email via a cmdalias?



Not per user - but per domain:

http://www.xmailserver.org/Readme.html#smtp_client_authentication

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] smtp authentication to external server via cmdaliases

2005-11-22 Thread Jeff Buehler

Hi all -

I am using the cmdaliases functionality to forward certain emails to an 
Exchange 2003 Server.  I would like to disable general SMTP for the 
Exchange server and force authentication.  Does anyone know of a way to 
authenticate the SMTP session when forwarding an email via a cmdalias?

Thanks for any input!
Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: still on clamav and xmail...

2005-10-21 Thread Jeff Buehler

Also, check out clamsmtp if you aren't running Windows - I'm not certain 
if it is faster than the available XMail filters (which I have had mixed 
luck with over the years), but it is easy to setup and works well for 
me... it is very lightweight and written in C.

Jeff

jonn ah wrote:


hi all,

Can anybody tell me which av filters (clamav) works on
xmail?  I followed chris franklin's  directions on his
av filter with xmail but it doesnt detect eicar's test
virus when i send it thru xmail...


thanks! 


   
   
__ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] earthlink modified

2005-10-15 Thread Jeff Buehler

Hi all -

Let me try that last question without the other info: Does anyone know 
if XMail 1.22 queries A records when MX queries for a domain have 
failed?  I realize this has been covered, but I'm not clear on the 
specific outcome of this ...

Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: earthlink modified

2005-10-15 Thread Jeff Buehler

Thanks, Davide. 

I am the worst with RFC's - many of them seem to contradict each other, 
so this is just a question (not an attack or even a recommendation - I 
am very happy with XMail!)

I assume that querying the A record query is by design, based on your 
response, so I am wondering if there is a way to change that in the 
configuration.  The Earthlink problem I am seeing is probably almost 
certainly related to this A record query.   I printed this (and the RFC) 
earlier, but just for clarity:  Earthlink says The earthlink.net A 
record forwards port 25 connections to our outbound SMTP servers. Unless 
the mail server attempting the transaction maintains IP connectivity 
through the Earthlink network, delivery attempts through the A record 
will consequently fail and the above quoted error message will be 
returned. and that this is the fault of the MTA for being non-compliant 
with RFC 2821 (partially) shown below:

RFC 2821, Address Resolution and Mail Handling:

If one or more MX RRs are found for a given name, SMTP systems MUST NOT
utilize any A RRs associated with that name unless they are located
using the MX RRs; the implicit MX rule above applies only if there are
no MX records present. If MX records are present, but none of them are
usable, this situation MUST be reported as an error.

So, any suggestions?  Is there a way to prevent the A record query, or 
is there another sound reason not to prevent this?

Thanks,
Jeff


Davide Libenzi wrote:

On Sat, 15 Oct 2005, Jeff Buehler wrote:

  

Let me try that last question without the other info: Does anyone know
if XMail 1.22 queries A records when MX queries for a domain have
failed?  I realize this has been covered, but I'm not clear on the
specific outcome of this ...



Yes, of course it does. It is supposed to try the A record if MX 
resolution fails. Note that XMail does not try to send to the A record if 
MX records exist, but a failure happened in the delivery to such records.


- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: earthlink modified

2005-10-15 Thread Jeff Buehler

Davide, sorry - I just reread you previous email and I now realize that 
you clarified already that XMail does not try an A record if MX records 
exist, but I am a bit confused.  Are you saying that it will try the A 
record if the MX records exist but fail, or that it won't try the A 
record at all if any MX records exist even if sends to them fail?  
Earthlink seems to be failing because after all MX records fail, if the 
A record is then attempted the send is terminated completely, rather 
than XMail continuing to try the MX records as it should later.  Or am I 
not clearly understanding the mechanism here...

Thanks again for your input on this!

Jeff

Davide Libenzi wrote:

On Sat, 15 Oct 2005, Jeff Buehler wrote:

  

Let me try that last question without the other info: Does anyone know
if XMail 1.22 queries A records when MX queries for a domain have
failed?  I realize this has been covered, but I'm not clear on the
specific outcome of this ...



Yes, of course it does. It is supposed to try the A record if MX 
resolution fails. Note that XMail does not try to send to the A record if 
MX records exist, but a failure happened in the delivery to such records.


- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] earthlink

2005-10-14 Thread Jeff Buehler

Hi All -

it seems to me that this may have been covered, but I wasn't able to 
find any XMail specific references to it:

Sending to Earthlink, my customers are getting a number of seemingly 
intermittent errros as follows:

550-EarthLink does not recognize your computer (67.102.229.138) as
connecting from an EarthLink connection.  If this is in error, please
contact technical support.
550 relaying to [EMAIL PROTECTED] prohibited by administrator


It would seem, after some research, that this is because of a DNS 
problem in which the following occurs (according to Earthlink):

 are due to an improper MTA configuration with the host that is 
responsible for delivering outbound mail on your network. In a nutshell, 
the mail server which attempted to deliver mail to the earthlink.net 
e-mail address was initially unable to successfully deliver the mail to 
the earthlink.net MX (more than likely due to high load on our end, no 
Earthlink MX host was available to accept the transaction at the moment 
of the delivery attempt), and so the Earthlink A record was attempted by 
the sending mail server. The earthlink.net A record, however, forwards 
port 25 connections to our outbound SMTP servers. Unless the mail server 
attempting the transaction maintains IP connectivity through the 
Earthlink network, delivery attempts through the A record will 
consequently fail and the above quoted error message will be returned.


on the same site where I found the most helpful information on this 
(http://forums.smartertools.com/ShowPost.aspx?PostID=3872) this is also 
mentioned:


The behavior exhibited by the sending mail server, in this case, is not 
standard. According to RFC 2821, Address Resolution and Mail Handling:

If one or more MX RRs are found for a given name, SMTP systems MUST NOT 
utilize any A RRs associated with that name unless they are located 
using the MX RRs; the implicit MX rule above applies only if there are 
no MX records present. If MX records are present, but none of them are 
usable, this situation MUST be reported as an error.

http://www.faqs.org/rfcs/rfc2821.html

Does anyone have any recommendations or suggestions about this?  Does 
version 1.23 correct the attempt to send to an A record, or is that is 
even what may be happening?  I recall a lot of commentary recently on 
the DNS/A record issue, but I can't recall (and I have not kept) the 
email thread about that.  Is anyone else having this problem?

Thanks,

Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Build/Smoke test request ...

2005-10-13 Thread Jeff Buehler

Here is another verification that it builds fine on FreeBSD 5.4.  I 
haven't tried running it yet.

Jeff


Davide Libenzi wrote:

I might have found the reason for the XMail erratic behaviour on some BSDs 
versions. I need Solaris and *BSD users to try to build and run the 
following version:

http://www.xmailserver.org/xmail-1.23-pre01.tar.gz

Thank you!


- Davide


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: mail problem

2005-09-21 Thread Jeff Buehler

Hi Charlie -

Well, I'm uncertain what to tell you.  My suspicion, since I have heard 
of no one having this particular sort of problem (there is a large XMail 
user base running 1.21 on Linux) is that there is something being 
overlooked.  I would double check your findings as scientifically as 
possible, and make absolutely certain that what you think you are seeing 
is really what you are seeing.  Make certain that the addresses you are 
using are all valid, that the logs are definately not reporting anything 
strange, your XMail server.tab settings look right, and so on.

If you are certain about your findings, then I would start looking at 
other apps that may be interfering or trying to bind to the ports, such 
as Sendmail (which should be disabled, or at least XMail and Sendmail 
should be binding to different ports).  If that all looks good, I would 
test your connection to make certain that packets aren't dropping or 
something.  make certain your MTU setting is correct (if you are 
connecting via DSL PPP then it is likely less than the default of 1500 
as I recall).  I have had incorrect MTU settings cause intermittent 
failures that can be difficult to pin down.

Without at least one or two other people verifying the findings or 
seeing the behavior, it probably indicates to an misconfiguration (of 
some sort) or an anomaly on your system.  Did you try searching the 
forums for any similar user experiences?

Jeff



Charlie Qualls wrote:

Hey there Jeff,

I forgot, this also happens if listing several people in the to
address field. I don't know how many before it balks though.


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: mail problem

2005-09-21 Thread Jeff Buehler

The forum is an excellent resource, if sometimes challenging to get 
through (lots of info and search doesn't always cut it)...
http://xmailforum.homelinux.net/


Charlie Qualls wrote:

Hey there Jeff,

Thanks for your thinking this out for me. I'll see what else I can
find. I know that large organizations use the program and I think it's
a wonderful program, I'm a small operation with less then 30 users not
counting the users I created to try to figure out the problem. Thanks
again for some guidence on where else to look and places to look for a
answer.
In answer to you question about looking in the forums, no I didn't try
searching that. I do know that for as long as I have been reading this
group(about 2yrs) I have never seen a problem like this.


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: mail problem

2005-09-20 Thread Jeff Buehler

So,  when you receive mail some email is lost - the logs say that mail 
came in correctly but it is not in the Domains  - MailDir - new folder 
and when you send email some mail is lost - the logs say that it was 
sent correctly, but it never arrives at the recipient email account -  
and this happens ONLY with mail groups that you are aware of?  Is that 
the gist of it?

Jeff

Charlie Qualls wrote:

Hello Group,

   I'm using 1.21 on a redhat server running just mail. I'm having a
   issue of mail delivery. The logs say the mail was received ok but
   if I go look in the mailbox, it's not there. This happens
   internally and externally. I set up 30 bogus accounts and using the
   bat as a client set it up to mail to groups or list. I mail 4
   test messages to the list of the bogus accounts. Checking each
   account, some made it and some did not. There was no rhythm or
   reason to which made it and which did not.
   Again this is also happening to mail sent outside of our system.
   Oh I also tried this with Thunderbird and had the same results but
   no pattern to what was delivered and what wasn't.

   Mostly I hope I explained the problem well enough that you all
   understand my problem.

  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

The risk of someone bothering to parse packets and retrieve your 
passwords in order to gain access to user email is, I think, extremely 
small unless you have information that people really want to read, in 
which case it is easy to do.

In other words, almost anyone can get a password from plain text email, 
but almost no one in most cases of standard email would bother wasting 
their time.  On the other hand, if you have email or email accounts that 
need to be secure for specific reasons then it is mandatory that you use 
some form of encryption (such as SSL, etc.) because the email is easily 
read, and the passwords if passed in plain text are easy to retrieve.

I hope that helps...

Jeff

Ross Gohlke wrote:

I have tried to install the patch linked from the XMail homepage:
http://mail.godeltech.com/xmail/

My specs:
FreeBSD 5.3
openssl-0.9.7d

I downloaded the patch and applied it to my preexisting XMail 1.2.1
source. I did not use the binary for FreeBSD 4.8.

gmake -f Makefile-SSL.bsd
outputs this:

%gmake -f Makefile-SSL.bsd
../bin/MkMachDep  SysMachine.h
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SSLSupport.cpp
SSLSupport.cpp:161:8: warning: extra tokens at end of #endif directive g++
 -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c BuffSock.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c MailSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Svr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Utils.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILUtils.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPUtils.cpp
g++ -o bin/XMail SSLSupport.o BuffSock.o CTRLSvr.o DynDNS.o DNS.o
DNSCache.o Errors.o ExtAliases.o FINGSvr.o MailConfig.o MailSvr.o
Maildir.o MailDomains.o MD5.o MiscUtils.o LMAILSvr.o AliasDomain.o
POP3GwLink.o POP3Svr.o POP3Utils.o PSYNCSvr.o ResLocks.o SList.o
SMAILSvr.o TabIndex.o SMAILUtils.o SMTPSvr.o SMTPUtils.o ShBlocks.o
StrUtils.o MessQueue.o QueueUtils.o SvrUtils.o SysDep.o UsrMailList.o
UsrAuth.o UsrUtils.o Main.o Base64Enc.o Filter.o -lkvm -lcrypt -pthread
-lc_r  -lssl -lcrypto
SSLSupport.o(.text+0x388): In function `SSLMakeSession(int, int, int)': :
undefined reference to `SysSetSockNoDelay(int, int)'
POP3Utils.o(.text+0xe08): In function
`UPopSessionSendMsg(POP3_HANDLE_struct*, int, BSOCK_HANDLE_struct*)': :
undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*,
unsigned long, unsigned long, int)'
SMTPUtils.o(.text+0x28b6): In function
`USmtpSendMail(SMTPCH_HANDLE_struct*, char const*, char const*,
FileSection const*, SMTPError*)':
: undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*,
unsigned long, unsigned long, int)'
gmake: *** [bin/XMail] Error 1

Is anybody else interested in SSL-encrypted SMTP authentication? Is
anybody else using this patch? On FreeBSD 5.3?

Any suggestion on what I could try? Would upgrading openssl to
openssl-0.9.7e help?

If not SSL, what is the risk of a plaintext password sent over the
Internet being picked off and abused?

Thanks.

Ross






-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

It would be nice to get SSL working with XMail - if I can get some time 
together today, Ross, I will try compiling the SSL patch for XMail 1.21 
under FreeBSD 5.4, and see if I can get it working.

Jeff

Alexander Hagenah wrote:

Am 9.9.2005 schrieb Sönke Ruempler [EMAIL PROTECTED]:

  

Yes i did, even with XMail some time ago.



I never said, it won't work - I only mentioned, that stunnel causes
often problems.
I also wrote, that he could try it out and then he will see if it works -
or won't.

--
Regards,
Alexander 'xaitax' Hagenah
http://xmail.topconcepts.net
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

Well, that was easy!  It compiled and linked without difficulty on my 
FreeBSD 5.4 platform.  My openssl is version 0.9.7e, however ... try 
upgrading to that and see if you have better luck...

Jeff

Ross Gohlke wrote:

I have tried to install the patch linked from the XMail homepage:
http://mail.godeltech.com/xmail/

My specs:
FreeBSD 5.3
openssl-0.9.7d

I downloaded the patch and applied it to my preexisting XMail 1.2.1
source. I did not use the binary for FreeBSD 4.8.

gmake -f Makefile-SSL.bsd
outputs this:

%gmake -f Makefile-SSL.bsd
../bin/MkMachDep  SysMachine.h
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SSLSupport.cpp
SSLSupport.cpp:161:8: warning: extra tokens at end of #endif directive g++
 -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c BuffSock.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c MailSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Svr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c POP3Utils.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMAILUtils.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPSvr.cpp
g++  -O2 -I. -DUSE_SSL -D__UNIX__ -D__BSD__ -D__FREEBSD__ -D_REENTRANT=1
-D_THREAD_SAFE=1 -DHAS_SYSMACHINE -c SMTPUtils.cpp
g++ -o bin/XMail SSLSupport.o BuffSock.o CTRLSvr.o DynDNS.o DNS.o
DNSCache.o Errors.o ExtAliases.o FINGSvr.o MailConfig.o MailSvr.o
Maildir.o MailDomains.o MD5.o MiscUtils.o LMAILSvr.o AliasDomain.o
POP3GwLink.o POP3Svr.o POP3Utils.o PSYNCSvr.o ResLocks.o SList.o
SMAILSvr.o TabIndex.o SMAILUtils.o SMTPSvr.o SMTPUtils.o ShBlocks.o
StrUtils.o MessQueue.o QueueUtils.o SvrUtils.o SysDep.o UsrMailList.o
UsrAuth.o UsrUtils.o Main.o Base64Enc.o Filter.o -lkvm -lcrypt -pthread
-lc_r  -lssl -lcrypto
SSLSupport.o(.text+0x388): In function `SSLMakeSession(int, int, int)': :
undefined reference to `SysSetSockNoDelay(int, int)'
POP3Utils.o(.text+0xe08): In function
`UPopSessionSendMsg(POP3_HANDLE_struct*, int, BSOCK_HANDLE_struct*)': :
undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*,
unsigned long, unsigned long, int)'
SMTPUtils.o(.text+0x28b6): In function
`USmtpSendMail(SMTPCH_HANDLE_struct*, char const*, char const*,
FileSection const*, SMTPError*)':
: undefined reference to `SysSendFile(BSOCK_HANDLE_struct*, char const*,
unsigned long, unsigned long, int)'
gmake: *** [bin/XMail] Error 1

Is anybody else interested in SSL-encrypted SMTP authentication? Is
anybody else using this patch? On FreeBSD 5.3?

Any suggestion on what I could try? Would upgrading openssl to
openssl-0.9.7e help?

If not SSL, what is the risk of a plaintext password sent over the
Internet being picked off and abused?

Thanks.

Ross






-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

By the way, while it is possible, I think the likelihood of spammers 
going to the effort to retrieve packets to use your server for spamming 
is extremely low.  I have never heard of anyone going to the effort to 
sniff packets simply to spam on commercial servers - none of the big 
commercial servers use SSL for regular email transactions - Comcast, 
SBC, and so on - and they have a lot more at risk than most of us.  
Also, it is a potentially pretty big bust these days since once they use 
an ill-gained password they have stepped over the law, so if they manage 
to cause damage with it they might be tracked down like dogs (with your 
help, of course!)

Lastly, SSL is not very efficient since it takes time to encrypt and 
then decrypt.  Personally I would only use it for transactions that are 
required to be secure, not for daily emailing.

Anyway, if you still want to use it, I would try updating your openssl 
either to the newest version or to 0.9.7e (which I know works on my system).

Jeff

Ross Gohlke wrote:

Alas, I'm on FreeBSD! Is there Linux stunnel?

PGP would protect the mail itself, but is a separate issue from securing 
SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT 
INFORMATION.

Even if it's unlikely that someone would sniff my users' packets, what's 
to stop a spammer from snagging random SMTP username/pass of the Net and 
using that server to send spam? I'm just trying to be consistent.

For anyone running a commercial service for users, such issues must be 
considered.

Thanks for all the feedback.

  

But well, it might work -  give it a try Ross.




ross





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

On FreeBSD there is a port of stunnel:  /usr/ports/security/stunnel

Jeff

Ross Gohlke wrote:

Alas, I'm on FreeBSD! Is there Linux stunnel?

PGP would protect the mail itself, but is a separate issue from securing 
SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT 
INFORMATION.

Even if it's unlikely that someone would sniff my users' packets, what's 
to stop a spammer from snagging random SMTP username/pass of the Net and 
using that server to send spam? I'm just trying to be consistent.

For anyone running a commercial service for users, such issues must be 
considered.

Thanks for all the feedback.

  

But well, it might work -  give it a try Ross.




ross





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail + SSL patch

2005-09-09 Thread Jeff Buehler

You should ALWAYS be able to tell if someone is abusing your system by 
doing a somewhat regular log analysis, at least in my opinion.

If I were to implement SSL, I would do this log analysis regularly 
anyway.  This is the only way I know of that many system attacks can be 
discovered - vigilance on the part of a human and overall 
system-awareness.  Many admins scan the logs only after the fact - I 
think this is inadequate.  So it doesn't seem to me that using SSL in a 
general way would provide any real extra security, just extra processing 
time.  It's best use is to make certain that an email is encrypted so 
that it can't be read by intermediary servers, not to prevent spammers 
from getting a hold of account passwords.  In the case you mention, I 
consider it far more likely that a user would reveal their password 
inadvertently to a would-be hacker/spammer who would then use it to gain 
access, or that a user would use a simple to crack password, or some 
other entry point - SSL of would not help with any of this.

I tell all my users not to send any email they aren't comfortable being 
public knowledge.  SSL would correct this.

It is a good service to offer for those who need it, though!  For those 
who need to send email with industry secrets, credit card numbers, drug 
deals, spy vs. spy, radical anarchist viewpoints, and so on!

I can't tell you what the overhead is exactly for SSL, although on a 
fast system it wouldn't be anywhere near 5 seconds for any but extremely 
large messages.  However, if you are processing a lot of email, and 
especially allowing large attachments and the like, overall you may feel 
the burn!

Jeff


Ross Gohlke wrote:

Jeff Buehler wrote:
  

By the way, while it is possible, I think the likelihood of spammers 


going to the effort to retrieve packets to use your server for spamming 
is extremely low.  I have never heard of anyone going to the effort to 
sniff packets simply to spam on commercial servers - none of the big 
commercial servers use SSL for regular email transactions - Comcast, 
SBC, and so on - and they have a lot more at risk than most of us.  
Also, it is a potentially pretty big bust these days since once they use

  

an ill-gained password they have stepped over the law, so if they manage



  

to cause damage with it they might be tracked down like dogs (with your 


help, of course!)

It's hard to find the balance between paranoid and exposed...

  

Lastly, SSL is not very efficient since it takes time to encrypt and 


then decrypt.  Personally I would only use it for transactions that are 
required to be secure, not for daily emailing.

So if SSL is used, does it encrypt the ENTIRE MESSAGE, not just
authentication? Does it hog the processor or just make the user wait? For
how long? 5 or 50 extra seconds on an average email? What about
attachments?

Encrypted email is definitely a service I want to offer.

I think the stakes for email are only going to get higher, especially if 
SPF or similar takes hold. ISPs will have to get increasingly vigilant 
about how they do email.

Here's a googled list of clients that support SSL.
http://www.uni.edu/its/us/document/unimail/ssl/

  

Anyway, if you still want to use it, I would try updating your openssl 


either to the newest version or to 0.9.7e (which I know works on my
system).

Should I just download the patch from the same place in your website?





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: stopping spam

2005-09-08 Thread Jeff Buehler

How does ASSP flake out - I haven't had any problems with ASSP 
(running on FreeBSD 5.x, anyway).  ASSP is the best solution I have found.

Jeff

Digerati Isabaddass wrote:

I am not sure if this got through the first time so here goes again.


What can I use that will not cost anything to stop spam at the server?

I have tried to work with spamassassin for win32 on win2k and its
installed but how do I hook it to xmail?

I have also used ASSP and it works for a while then flakes out and
will not work properly as a proxy for xmail.
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: stopping spam

2005-09-08 Thread Jeff Buehler

I would look more closely at what is causing the problem with ASSP and 
continue to use that.  I like it much better than Spam Assassin myself, 
at least for use with XMail.  It is far more efficient since it handles 
the SPAM check in the SMTP session then closes it after a specified 
number of bytes, and it has far more options (RBL, filters, domain 
blocking, whitelisting, etc.).

Jeff

Eric Garnice wrote:

On 9/8/2005 5:16 PM Jason J. Ellingson wrote:
  

I have run SpamAssasin on Windows servers (both with ActivePerl and CygWin)
and Linux servers.  Running SpamAssassin on Linux (or other unix) runs much
faster and more reliably than on Windows.

I run XMail on a Windows server and SpamAssassin on a Fedora Core 4 server.
Works like a charm.  I wrote a SpamC filter for Windows XMail Post-Data
filter to use.

If you are really limited to just one box, then you should try to run
SpamAssassin using CygWin so you can make full use of DCC, Pyzor, Razor and
such.  I still have an out-dated (but useful) page hidden on my server that
might help you...

http://www.yourtech.net/documents/cw-sa/

I will (someday) write step by step instructions for install XMail for
Windows, XMail-WAI (webmail and admin) for Windows, and SpamAssassin for
Fedora Core 4.

If you do decide to try Fedora Core 4, use YUM to install SpamAssassin.
It'll give you a startup script for SpamAssassin and install it as a
service.  Also note that SpamAssassin doesn't run under root account...
you'll need to create an account for it to run under... I named mine spamd

Jason J Ellingson



To my knowledge (and I have done some searching in the past), no one has 
developed a decent XMail filter for SpamAssassin in serial mode on Windows.

At work I'm forced to run my XMail relay directly on the Exchange server 
and use Dario's XSpamC to call SpamAssassin on Fedora PPC on a Mac G4. 
It's been flawless for over a year now.

I don't think Digerati is going to find exactly what he's looking for.

- Eric

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: stopping spam

2005-09-08 Thread Jeff Buehler

Ah - I was only referring to a Spam Assassin filter I sued with XMail, 
and in my case as of about a year ago (the last time I set it up and 
used it).  Glad that it has all of those features now - it didn't that I 
was aware of then.  No danger of flame at all - I like dialog about this 
stuff - it helps me clarify my own direction and make changes if better 
options are out there.

However, with respect to efficiency, you mention that to use Spam 
Assassin in these ways requires a significant investment not only time 
to install, but also in hardware.  This is largely what I was referring 
to when I mentioned ASSP - it is robust, easy to install, extremely 
powerful and configurable AND there is no reason to run it on  separate 
platform because it isn't a memory or a CPU hog, and it is fast.

I have yet to try ALL of the Spam Assassin apps you comment on (SpamC, 
SPamD, etc.) - when I ran it under FreeBSD it was simply a perl filter 
in XMail and SpamD running (I vaguely recall RBL through Razor or some 
name like that).  At the time, it was really slow, but there was no SMTP 
session handling, so I'm glad that has been introduced.

In my case, I run ASSP - ClamSMTPD (effective and thorough antivirus) 
- XMail (and for some clients - Exchange).  This has proven to be 
simple, robust and effective, and I know the Windows implementation is 
straightforward from the mail list (even though I don't use Windows 
internally).  It sounds like Spam Assassin is a pain under Windows (I 
find Cygwin to be a bit of a pain myself and try to avoid it - why use 
it at all for a operate platform - just run Linux or *BSD).

So my recommendation still remains ASSP - Digerati has used it, it is 
easy and works well, so all that is required is finding out why it was 
failing on his system, which the ASSP mail list would help with quickly.

Jeff

Jason J. Ellingson wrote:

ASSP is great and I applaud anyone using it...

ASSP is easier to set up and use than SpamAssassin.  I won't argue that.

However, SpamAssassin offers everything ASSP does and more.

In your post:

  

It (ASSP) is far more efficient since it handles the SPAM check in the
  

SMTP session then closes it after a specified number of bytes

 SpamAssassin does the same.  You insert your SpamC filter into Post-SMTP
and it will only check messages smaller than a specified size you can set.
You can also avoid running the filter for authenticated users (!aex).  The
filter as well as SpamD has timeouts and triggers to return spam-identified
messages instantly when it scores high enough to be spam.

  

It (ASSP) has far more options (RBL, filters, domain blocking,
  

whitelisting, etc.)

 So does SpamAssassin.  You can use all the RBLs you like, enable disable
filters to your heart's content, add domains, email addresses, IPs, etc to
blacklists, and whitelists.

Please, I don't mean to start a flame war.  Please read the following which
I think is fair:

ASSP is great!  Simple to install and use - Great for novices and experts
alike!

SpamAssassin is great! Slightly more powerful, but a lot more work to
install and use - Not for novices!

Jason J Ellingson

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Thursday, September 08, 2005 7:12 PM
To: xmail@xmailserver.org
Subject: [xmail] Re: stopping spam


I would look more closely at what is causing the problem with ASSP and 
continue to use that.  I like it much better than Spam Assassin myself, 
at least for use with XMail.  It is far more efficient since it handles 
the SPAM check in the SMTP session then closes it after a specified 
number of bytes, and it has far more options (RBL, filters, domain 
blocking, whitelisting, etc.).

Jeff

Eric Garnice wrote:

  

On 9/8/2005 5:16 PM Jason J. Ellingson wrote:
 



I have run SpamAssasin on Windows servers (both with ActivePerl and
  

CygWin)
  

and Linux servers.  Running SpamAssassin on Linux (or other unix) runs
  

much
  

faster and more reliably than on Windows.

I run XMail on a Windows server and SpamAssassin on a Fedora Core 4
  

server.
  

Works like a charm.  I wrote a SpamC filter for Windows XMail Post-Data
filter to use.

If you are really limited to just one box, then you should try to run
SpamAssassin using CygWin so you can make full use of DCC, Pyzor, Razor
  

and
  

such.  I still have an out-dated (but useful) page hidden on my server
  

that
  

might help you...

http://www.yourtech.net/documents/cw-sa/

I will (someday) write step by step instructions for install XMail for
Windows, XMail-WAI (webmail and admin) for Windows, and SpamAssassin for
Fedora Core 4.

If you do decide to try Fedora Core 4, use YUM to install SpamAssassin.
It'll give you a startup script for SpamAssassin and install it as a
service.  Also note that SpamAssassin doesn't run under root account...
you'll need

[xmail] duplicate email

2005-09-07 Thread Jeff Buehler

Hi all -

I could find no reference to this anywhere - I occasionally have senders 
that send, and the email does not stop sending, like a SPAM bomb, but 
these are valid senders.  I assumed the first couple of times that it 
was something in the remote server configuration causing this, but this 
is the fifth or sixth time it has happened so it looks like my server 
may not be closing the session properly in SOME cases so the remote 
server just keeps sending over and over.

Has anyone seen this behavior?  I have a feeling it may be related to my 
ANTI-SPAM proxy which relays to XMail, but I'm not certain ...

Thanks,

Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: duplicate email

2005-09-07 Thread Jeff Buehler

Just to be clear, the senders in this case are sending to my local 
users.  So, these are emails to my users that continue sending and 
sending until I finally either contact the sending ISP or block the domain.

The SMAIL and SMTP logs simply show the same email being sent over and 
over, and then my users receive the mail over and over every time they 
check their email.  So everything is normal except that the remote 
server keeps resending at regular intervals.

I still suspect the remote servers are at fault since I rarely encounter 
this, but it is happening just enough that I am starting to wonder ...


Sönke Ruempler wrote:

On 07.09.2005 19:57, Jeff Buehler wrote:

  

I could find no reference to this anywhere - I occasionally have senders 
that send, and the email does not stop sending, like a SPAM bomb, but 
these are valid senders.  I assumed the first couple of times that it 
was something in the remote server configuration causing this, but this 
is the fifth or sixth time it has happened so it looks like my server 
may not be closing the session properly in SOME cases so the remote 
server just keeps sending over and over.

Has anyone seen this behavior?  I have a feeling it may be related to my 
ANTI-SPAM proxy which relays to XMail, but I'm not certain ...



What do SMAIL and SMTP logs show in the case that happens?
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-09-04 Thread Jeff Buehler

You may have been right then, Rob - if you recently posted about having 
the exact same config I was thinking that that was Edinilson (I no 
longer have that email - oops) so that would make possibly three with 
this problem.   He posted about this also, so I think I must be mixing 
you two up a bit.

It sounds like what you are doing should help get to the bottom of it ...

As Davide points out, though, it must be something either unrelated (or 
maybe indirectly related) to XMail since so few seem to have it.  My 
suspicion is still that it isWindows specific, possibly Win 2000 
specific, and that it has to do with some interaction between that XMail 
binary and DNS.  But I can't test it easily (it would take a gun to my 
head to get me to set up a Win 2000 server at this point).  Francis and 
Edinilson seem to only have the problem with Hotmail and Yahoo, so that 
is also strange that you have it with many domains rather than just 
those two.

Rob, are you outdide the U.S.?
Edinilson, are you seeing the problem with Windows 2000 also or with 
some other OS?  What is your config since seem to have confused Robs 
with yours?

Jeff

Rob Arends wrote:

Ok, I hadn't noticed anyone other than Francis post they had the same issue
- must have missed it.
I didn't post config, but did say I have *exactly* the same config and
issue. (I think I even emphasised the 'exactly' then too.)

Re the 'Cisco PIX' issue:

quote from http://www.postfix.org/faq.html#timeouts 
Cisco PIX fixup protocol smtp bug
The Cisco PIX firewall has a bug when running software older than version
5.2(4) or 6.0(1). 
/quote

I never have 'fixup protocol smtp' on because it does not support ESMTP and
AUTH, so it kills authenticated SMTP sessions.  Also 6.0.1 is really old,
I'm currently using 6.3.5
Just to put perspective on the PIX issue, I install these thing for a living
and have never had to track down an SMTP issue like this, that ended up
being caused by the PIX. 

Back to the DNS issue:
I have ethereal running 24x7 on my mail server now (25 hrs so far), logging
to file.  I have enough disk space to handle that for a while.  I cleared
the cache on the w2k DNS server (different box) and on the mail server I
'flushed dns', emptied the 'mx'  'ns' cache in xmail and restarted xmail.

I then sent a test email to a user that I know has had problems.  It all
worked as expected on the 'refreshed' environment - the mail was received.
Now I need to wait a few days? - not sure really how long - but eventually
the mails to this user will fail due to the A record being used in place of
the MX record.
At that point I'll collate and analyse the packet dumps and report my
findings.

Note: the SmartDNSHost is inside my PIX firewall, so there is nothing but
LAN between the two servers.

Rob :)


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Sunday, September 04, 2005 12:50 AM
To: xmail@xmailserver.org
Subject: [xmail] Re: messages to yahoo and or hotmail does not get del
ivered


/-- I think you may be meaning me when you say Edlinilson./

No, I meant Edinilson.  He has the same config as Francis, has what appears
to be exactly the same behavior, has verified that MS SMTP works where XMail
fails, and so on.

You may be a third person seeing exactly the same behavior - your previous
two emails that I read discussing greenbaycc.org and intergraonline.com
seemed to be something else completely.  There was another one you sent that
said you were seeing an A record problem as well, but you didn't send any
info about your configuration - type of system, whether or not it was with
everyone (as it sounds like it is) or just Hotmail and Yahoo (which, so far,
seems to be the problem that Francis and Edinilson are specifically having).
Little differences like that can easily mean that it is two entirely
different problems.

You probably mentioned some of this in one of the previous threads, but
neither my memory nor my datastore go back that far, so:

What is your configuration (win 2000, Linux, what DNS, etc.)?  You're
problem sounds like XMail is using A records periodically when it should be
using MX records - this has been verified?  It happens with other domains
periodically or consistently?  Are Hotmail and Yahoo noticeably suspect, or
just as likely to fail as others?

Jeff


Rob Arends wrote:

  

I think you may be meaning me when you say Edlinilson.

Re Point 6, I did mention that I have the problem with other MTAs that 
have an A record for the domain.
aanet.com.au is an example.  So it is not just yahoo/hotmail.
Re point 7, I agree that Xmail is, and should be, very RFC compliant.

I think the question is why is Xmail using the A record when there is a 
good MX record?
I have asked Davide to elaborate on his comment for FireWall 
interference and I'll see what I can do on a packet trace.

Rob :)

-Original Message-
From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Jeff

[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-09-03 Thread Jeff Buehler

/-- I think you may be meaning me when you say Edlinilson./

No, I meant Edinilson.  He has the same config as Francis, has what 
appears to be exactly the same behavior, has verified that MS SMTP works 
where XMail fails, and so on.

You may be a third person seeing exactly the same behavior - your 
previous two emails that I read discussing greenbaycc.org and 
intergraonline.com seemed to be something else completely.  There was 
another one you sent that said you were seeing an A record problem as 
well, but you didn't send any info about your configuration - type of 
system, whether or not it was with everyone (as it sounds like it is) or 
just Hotmail and Yahoo (which, so far, seems to be the problem that 
Francis and Edinilson are specifically having).  Little differences like 
that can easily mean that it is two entirely different problems.

You probably mentioned some of this in one of the previous threads, but 
neither my memory nor my datastore go back that far, so:

What is your configuration (win 2000, Linux, what DNS, etc.)?  You're 
problem sounds like XMail is using A records periodically when it should 
be using MX records - this has been verified?  It happens with other 
domains periodically or consistently?  Are Hotmail and Yahoo noticeably 
suspect, or just as likely to fail as others?

Jeff


Rob Arends wrote:

I think you may be meaning me when you say Edlinilson.

Re Point 6, I did mention that I have the problem with other MTAs that have
an A record for the domain.
aanet.com.au is an example.  So it is not just yahoo/hotmail.
Re point 7, I agree that Xmail is, and should be, very RFC compliant.

I think the question is why is Xmail using the A record when there is a good
MX record?
I have asked Davide to elaborate on his comment for FireWall interference
and I'll see what I can do on a packet trace.

Rob :)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Saturday, September 03, 2005 1:50 AM
To: xmail@xmailserver.org
Subject: [xmail] Re: messages to yahoo and or hotmail does not get del
ivered


Hmmm - so far, you two are the only ones that are verified as having the
exact same problem sending to Yahoo and Hotmail - there may be others, but
we haven't verified that, is that correct?  You both have the same
configuration (exactly, as Edinilson pointed out).  So what do we know so
far?

1. WIN 2000 service pack 4
2. MS DNS from Win 2000 on a different system than XMail and presently using
SmartDNSHost (Edlinilson pointed out he seemed to have the problem even
without SmartDNSHost) 
3. Neither of you is in the US (does this increase the likelihood of failed
connection attempts (?) or do these providers have systems spread globally
(?)) 
4. XMail 1.21 (but Edinilson pointed out that other versions down to 1.17
behaved the same way)
5. Francis has verified that with this configuration XMail seems to be using
A records on occasion when it should be using MX records 
6. The problem is intermittent and ONLY happens with Hotmail and Yahoo 
7. Edinilson has verified that the problem does not exist when using MS SMTP
to send from the same configuration, so it seems somehow related to XMail.
On this issue I have found XMail to be extremely RFC compliant (I think that
was one of Davides intentions) and it may be that MS SMTP is doing something
extra to overcome some known issue that we have yet to discover with
Hotmail, Yahoo, DNS, or something else.
8. Many or most others running XMail are not having this problem.  It
remains to be seen if others running it on Windows 2000 do or don't.

So here is what I would do if I were you:

1. Try it on Windows 2003 server if you can - 2000 is starting to get a
little grey at the temples anyway.
2. Try it on Linux or *BSD (FreeBSD!  FreeBSD!)

If you still have the same problem with these configurations, then the
problem likely has to do with your infrastructure outside of the OS - some
funky problem that defies imagination, but that IT people are all quite
familiar with!  You know, the kind of problem where you stand there with
your mouth hanging open and mutter: huh? and it never makes any sense, or
a distinction in the way it interacts with XMail that is unusual.

Without being able to replicate the behavior, you have a very limited test
group - you two (so far!)  If I could replicate the behavior, and had any
time left over after typing this email, then I would help, but at the moment
it is up to you!  I don't think anyone is ignoring XMail under Windows, but
finding any possible bug without being able to easily replicate it is
extremely difficult...

Jeff



CLEMENT Francis wrote:

  

 



-Message d'origine-
De : Edinilson J. Santos [mailto:[EMAIL PROTECTED]
Envoyé : vendredi 2 septembre 2005 15:02
À : xmail@xmailserver.org
Objet : [xmail] Re: messages to yahoo and or hotmail does not get
delivered


   

  

..
..
..
 



I'm discarding DNS problems.

Thanks

[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-09-02 Thread Jeff Buehler

Hmmm - so far, you two are the only ones that are verified as having the 
exact same problem sending to Yahoo and Hotmail - there may be others, 
but we haven't verified that, is that correct?  You both have the same 
configuration (exactly, as Edinilson pointed out).  So what do we know 
so far?

1. WIN 2000 service pack 4
2. MS DNS from Win 2000 on a different system than XMail and presently 
using SmartDNSHost (Edlinilson pointed out he seemed to have the problem 
even without SmartDNSHost)
3. Neither of you is in the US (does this increase the likelihood of 
failed connection attempts (?) or do these providers have systems spread 
globally (?))
4. XMail 1.21 (but Edinilson pointed out that other versions down to 
1.17 behaved the same way)
5. Francis has verified that with this configuration XMail seems to be 
using A records on occasion when it should be using MX records
6. The problem is intermittent and ONLY happens with Hotmail and Yahoo
7. Edinilson has verified that the problem does not exist when using MS 
SMTP to send from the same configuration, so it seems somehow related to 
XMail.  On this issue I have found XMail to be extremely RFC compliant 
(I think that was one of Davides intentions) and it may be that MS SMTP 
is doing something extra to overcome some known issue that we have yet 
to discover with Hotmail, Yahoo, DNS, or something else.
8. Many or most others running XMail are not having this problem.  It 
remains to be seen if others running it on Windows 2000 do or don't.

So here is what I would do if I were you:

1. Try it on Windows 2003 server if you can - 2000 is starting to get a 
little grey at the temples anyway.
2. Try it on Linux or *BSD (FreeBSD!  FreeBSD!)

If you still have the same problem with these configurations, then the 
problem likely has to do with your infrastructure outside of the OS - 
some funky problem that defies imagination, but that IT people are all 
quite familiar with!  You know, the kind of problem where you stand 
there with your mouth hanging open and mutter: huh? and it never makes 
any sense, or a distinction in the way it interacts with XMail that is 
unusual.

Without being able to replicate the behavior, you have a very limited 
test group - you two (so far!)  If I could replicate the behavior, and 
had any time left over after typing this email, then I would help, but 
at the moment it is up to you!  I don't think anyone is ignoring XMail 
under Windows, but finding any possible bug without being able to easily 
replicate it is extremely difficult...

Jeff



CLEMENT Francis wrote:


  

-Message d'origine-
De : Edinilson J. Santos [mailto:[EMAIL PROTECTED]
Envoyé : vendredi 2 septembre 2005 15:02
À : xmail@xmailserver.org
Objet : [xmail] Re: messages to yahoo and or hotmail does not get
delivered




..
..
..
  

I'm discarding DNS problems.

Thanks

Edinilson
-
ATINET-Professional Web Hosting
Tel Voz: (0xx11) 4412-0876
http://www.atinet.com.br




Me too ...

Francis
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-09-02 Thread Jeff Buehler

What would you look for in a tcpdump like this?  I am technical (years 
of c/c++/PHP/Perl programming) but I am clueless about tcpdumps... 
pardon my ignorance!

Jeff

Sönke Ruempler wrote:

On 02.09.2005 17:07, Davide Libenzi wrote:

  

In the hotmail case, that sure has DNS configured like it should, the MX 
resolution is not a problem (like you can see from the logs posted). The 
End of stream data error, is something you linked to problem in the link 
between XMail and the remote SMTP server. And the fact that happens on an 
handfull of setups out of many tenths of thousands, shows that is somehow 
related with network setups.



Some tcpdump logs could help ...
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-09-02 Thread Jeff Buehler

It sounds like first the dump of XMail communications running under Win 
2000, to see exactly where the time out or break occurs, and possibly 
also a dump of the FreeBSD firewall might help to see if that is part of 
the problem.  Coordinating them might be a good idea so you can see the 
same XMail communication from both Win 2000 and the FreeBSD firewall 
occurring at the same time.

FreeBSD command  is tcpdump -i (netinterface) -c count -w 
path/to/filename (I was just messing around with it now)

For Windows it looks like this tool might be helpful: 
http://www.winpcap.org/windump/

Sönke, Davide, do you agree with that?

Jeff

Edinilson J. Santos wrote:

Our firewall gateway is a freebsd.
Which level of tcpdump do you want?

I can send you everything that you want, just tell me what.

Edinilson
-
ATINET-Professional Web Hosting
Tel Voz: (0xx11) 4412-0876
http://www.atinet.com.br


- Original Message - 
From: Davide Libenzi davidel@xmailserver.org
To: xmail@xmailserver.org
Sent: Friday, September 02, 2005 1:50 PM
Subject: [xmail] Re: messages to yahoo and or hotmail does not get del 
ivered


On Fri, 2 Sep 2005, Sönke Ruempler wrote:

  

On 02.09.2005 17:07, Davide Libenzi wrote:



In the hotmail case, that sure has DNS configured like it should, the MX
resolution is not a problem (like you can see from the logs posted). The
End of stream data error, is something you linked to problem in the 
link
between XMail and the remote SMTP server. And the fact that happens on an
handfull of setups out of many tenths of thousands, shows that is somehow
related with network setups.
  

Some tcpdump logs could help ...



I asked them. Have you seen them?


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: messages to yahoo and or hotmail does not get del ivered

2005-08-31 Thread Jeff Buehler

Hmmm - thats interesting.  The only aspect of your configuration that I 
have no experience with is SmartDNSHost pointing to another system for 
DNS resolution - I have never used SmartDNSHost.  Have you tried turning 
that off?  Have you tried pointing it to another DNS server, such as one 
provided by your ISP, especially a non-MS DNS solution just to verify it 
has nothing to do with that?

Hotmail and Yahoo are both very busy, and very slow.  I would consider 
latency issues when trying to resolve problems with these domains, 
although using an A record rather than an MX record wouldn't seem to be 
related to that.

Jeff


CLEMENT Francis wrote:


  

-Message d'origine-
De : jonn ah [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 31 août 2005 10:31
À : xmail@xmailserver.org
Objet : [xmail] Re: messages to yahoo and or hotmail does not get
delivered





Hi all,

would downgrading to a previous xmail version solve this 
hotmail/yahoo problem?  if so, is there a repository for 
other rpm versions?

 




Not sure ... As I said, I never encourated this problem with 1.17 but don't
know if 1.18 or 1.19 or 1.20 have the problem.
And as at 1.17 time my server didn't have exactly the same patchs available
for w2k as current setup with xmail 1.21 I'm not  sure this is a xmail
problem ... could be a dns server problem introduced by a os patch ...
But I can't revert back to 1.17 as now I use smtp filters in production 
The 'test' to do is to revert back to 1.17 on a 'up to date' (all patchs) on
a test server, and see if problem occurs. If no, os patchs don't introduce
the problem so next test is to install 1.18 then 1.19 ... until problem
occurs again.
It's time consumming because the problem comes 'randomly'

Francis
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: messages to yahoo and or hotmail does not get delivered

2005-08-30 Thread Jeff Buehler

I remember this topic too.  The only thing I thought strange at the 
time, and still do, is that many users of 1.21 are not affected by this 
problem at all (myself being an example), and so there must be something 
related in the systems of those who do have the problem.  I am not 
saying any of these things are the cause (I have no idea) but I remember 
thinking that many (all?) were running Windows Systems and that many 
were coming from outside the U.S..  Perhaps the problem is with the 
Windows binary, or the way it interacts with Microsoft DNS?  Maybe there 
is something else related?  It seems to me it might be helpful if people 
with this problem published relevant system data so that we can see what 
the commonalities are to isolate the problem... just a thought.

Jeff

Edinilson J. Santos wrote:

I'm using the same solution that Francis described without problems.

Try to search in the list about this topic. I'm the first that related it 
few months ago.

Edinilson
-
ATINET-Professional Web Hosting
Tel Voz: (0xx11) 4412-0876
http://www.atinet.com.br


- Original Message - 
From: CLEMENT Francis [EMAIL PROTECTED]
To: xmail@xmailserver.org
Sent: Tuesday, August 30, 2005 9:22 AM
Subject: [xmail] Re: messages to yahoo and or hotmail does not get delivered




This problem was previously reported on this mailing list.
Seems (but not completly clarified/debugged at this time) 'xmail 1.21' have
some problems with some 'domains' zones setup (hotmail and yahoo in most
cases).
Seems xmail or dns server or tcp stack ? finaly choose the domain A record
and not the MX record for the domain in some cases ! even if a nslookup or
dig get the correct response ...

I had the same problem, and configured xmail to allways use a smtp gateway
(a iis smtp server on another computer using the same dns server for final
delivery !!) to temporary resolve sending to these domains (especialy
hotmail ...)

So, if you isp provide you a smtp gateway, tell xmail to deliver to it and
let the isp smtp server do the job.
Put this line in smtpfwd.tab (replace a.b.c.d with you isp smtp server) :

* a.b.c.d:25

As I said previously I have to get some tcp dumps to help understand the
problem when xmail resolves by itself on these domains but my xmail server
is in 'production' (for customers) and i can't test with it for this
delivery problem so I need to find time to run another server on another
'dummy' domain ...

Francis


  

-Message d'origine-
De : David Lord [mailto:[EMAIL PROTECTED]
Envoyé : mardi 30 août 2005 12:33
À : xmail@xmailserver.org
Objet : [xmail] Re: messages to yahoo and or hotmail does not get
delivered


On 29 Aug 2005, at 3:33, jonn ah wrote:



Hi all,

we're using xmail's pop3 and smtp service but when we try to send
messages to either yahoo or hotmail, the messages does not
  

seem to get


delivered...Is there a default blacklist list that xmail
  

automatically


throws out messages to yahoo or hotmail to /dev/null? using tail -f
/var/log/messages gives me nothing...I can however, send to other
domains without any problems...

any ideas?


thanks!
  

Possibly they both have tighter requirements on sender
authentication, RDNS, SPF etc.

David

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Official 'Powered by XMail Banner' ...

2005-08-27 Thread Jeff Buehler

I like the 3d look myself, so 
http://www.fonsy.com/XMail_IAN88x31.2.jpg; is also my vote.  It's also 
relatively easy to read at a small size, and uses elements of the 
original logo so that brand recognition is maintained.

Jeff

Davide Libenzi wrote:

On Sat, 27 Aug 2005, Rob Arends wrote:

  

Well, I think that settles it.

Davide has spoken!

The winner is: http://www.fonsy.com/XMail_IAN88x31.2.jpg



That's only my preference though. Let's say that my vote count 5 :=)


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Xmail filter with ClamAV

2005-08-04 Thread Jeff Buehler

Hi John -

I use clamSMTP - it is c based proxy that is very lightweight and easy 
to use.  I also use ASSP in front of this for anti-spam (so sender - 
ASSP - clamSMTP - XMail - sendee).  As it turns out, after testing, 
the emails didn't even reach my anti-virus because ASSP blocked all of 
the attachments, but I am reasonably certain that it would have caught 
all of them regardless - I have had great success with clamSMTP.

Jeff

John Kielkopf wrote:

Anyone else scanning mail with ClamAV?

With just telling ClamAV to scan the message file supplied by Xmail, 
It'll miss a number of the test from http://www.webmail.us/testvirus

If I build a new temp file to scan doing the following:
 - Strip MAIL-DATA and everything before
 - Add a Return-Path: xxx header to the top.
 - Detect and fix a bad EOH (no double CRLF before the start of the 
message body)

I can then get ClamAV to pass all of the tests that contain a virus. 
(#24 and #24 get past, but they contain no virus).

Is it possible to get ClamAV to hit the target without all of this?  I'd 
like to avoid the overhead of building a new file every time I want to 
scan it.

Thanks,
--John


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-- 





Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - [EMAIL PROTECTED]




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Xmail filter with ClamAV

2005-08-04 Thread Jeff Buehler

I simply disallow email of greater than 5 mb (that was my cutoff 
exactly!) - email is not ideal for large file transfers for a number of 
reasons, so I discourage it.

However, if you need to allow larger emails, then I'm not certain how 
different your situation is - ASSP does a significant amount of 
filtering (greylisting, etc.) and can actually do virus scanning as well 
and much more efficiently since it only scans the first X number of 
bytes of an email (but not compressed archives).  Any thorough 
anti-virus scan (that I am aware of) will risk time outs for really 
large files that get to them.  ClamSMTP is very thorough (using clamAV 
to do the scanning, including archives and so on) so it needs to be 
carefully configured and has the potential to cause problems.

ASSP is great for anti-spam since it scans the first X bytes (I have 
mine set to 15k) of a mail and then simply refuses it (sending a SPAM 
error to the sender) if it is determined to be SPAM, significantly 
lowering the overhead associated with SPAM scanning.  The accuracy I 
have had once properly configured is exceptional (98-99%) - in ASSP 
whitelisting is very important and automated which helps a lot.  I 
prefer it over Spam Assassin myself.

Jeff



John Kielkopf wrote:

Jeff Buehler wrote:

  

 Hi John -

I use clamSMTP - it is c based proxy that is very lightweight and easy 
to use.  I also use ASSP in front of this for anti-spam (so sender - 
ASSP - clamSMTP - XMail - sendee).  As it turns out, after testing, 
the emails didn't even reach my anti-virus because ASSP blocked all of 
the attachments, but I am reasonably certain that it would have caught 
all of them regardless - I have had great success with clamSMTP.

Jeff



Are you stripping all attachments with ASSP?  If not, how does clamSMTP 
react to large (5MB) attachments?  Does it just not scan them, or does 
it risk a time-out?

I currently use a combination of blacklisting and greylisting (and of 
course some white listing) in a pre-data filter, so actually very few 
viruses do make it to the scanner.  Though some aggressive viruses have 
managed to pound their way through the greylist before they end up on a 
blacklist.

clamSMTP would require me to do all my antispam with something like 
ASSP, as you've suggested, and possibly complicate things like shutting 
off antispam and/or antivirus at a per user level (something we do quite 
often) - but it is something to think about.

Still, the perfectionist in me still wants to get my script working well 
(and fast - many of our users tend to send large attachments via email). 
  Moving AV back to a mailproc.tab filter and scanning off-line may be 
what I have to do.

--John

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-- 





Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - [EMAIL PROTECTED]




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Xmail filter with ClamAV

2005-08-04 Thread Jeff Buehler

As far as I know, it does.  ASSP greylisting is a bit of a mystery to 
me, though, to be honest, so this aspect you should research.  I don't 
think it is using greylisting in the same way as XMail does but I am not 
really certain (there is some sort of a greylist download that occurs 
and is used, rather than the refuse/send mechanism that is the kind of 
greylisting XMail uses).

As far as I know all of the scanning takes place during the SMTP 
session, as I mentioned - 15K (or whatever you specify - many users 
swear by just using 5k) is allowed through then the Bayesian filter 
makes a determination.  I am pretty certain that the greylisting 
mechanism is actually invoked prior to this, so it is more or less the 
first thing that happens.  There is also SPF checking, RBL checking, 
proper header construct verification, verification against an LDAP 
lookup (if desired) and other stuff.

After training ASSP, users have the option to receive SPAM marked (which 
I discourage since the entire mail has to be dealt with then, which is 
inefficient) or to have it refused, or to not have it scanned at all if 
outside corporate policy on that.  Because the whitelisting mechanism is 
so robust, and the Bayesian filter quite solid, I have had almost no 
complaints about false positives.  I presently have about 4000 emails go 
through a day with something like 90 users, all remote - I provide 
filtering for a small corporation and operate as a web/email host as 
well.  Inevitably with this number of users some people want mail from 
Costco and some people don't, so there is no perfect solution.

Jeff



John Kielkopf wrote:

Jeff Buehler wrote:

  

I simply disallow email of greater than 5 mb (that was my cutoff 
exactly!) - email is not ideal for large file transfers for a number of 
reasons, so I discourage it.
 



I agree, however some of my users may say otherwise ;) 

I was thinking about scanning all messages 2MB durring the SMTP 
session, and then scanning the few larger ones off-line at low 
priority.  Currently I just don't scan anything  5MB.

  

The accuracy I 
have had once properly configured is exceptional (98-99%) - in ASSP 
whitelisting is very important and automated which helps a lot.  I 
prefer it over Spam Assassin myself.
 



Do you get many complaints about false positives?  Roughly how many 
users do you have?

I prefer to do most of my antispam in the SMTP envelope, before the DATA 
phase.  It's just a waste of bandwidth otherwise.  Do you know if 
greylisting in ASSP does this?

Thanks,
--John

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-- 





Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - [EMAIL PROTECTED]




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Can't send email from outside of my LAN

2005-07-26 Thread Jeff Buehler

Try telneting to the SMTP port (25)  to make certain it isn't blocked.  
Your ISP may be blocking port 25 (most of them are these days).

i.e. telnet mail.yourdomain.com 25

or by ip

telnet xx.xxx.xxx.xx 25

Jeff

Larry Azlin wrote:

Greetings.

I run Xmail 1.21 on a SUSE 9.0 box to host my personal email
(azlin.com), and all's well if the laptop running my email client
(Thunderbird) is on my LAN.  Recently I've been taking the laptop over
to a friend's house and trying to send email from there, w/o success. 
I can GET email from my Xmail server, I just can't SEND through it.

I've modified smtprelay.tab to include the ip at my friend's house, so
it now looks like:

192.168.0.0[TAB]255.255.0.0
xxx.xxx.xxx.0[TAB]255.255.255.0

And I've verified that smtp.ipmap.tab is correct:

0.0.0.0[TAB]0.0.0.0[TAB]ALLOW[TAB]1

Just to be sure, I've also looked at my pop3 log files and verified
that I've got his ip address correct.  Yet, when I try to send email,
there's a long delay while Thunderbird is trying to send, and I get an
unable to access server type of message.  I'm betting that there's
something simple which I need to do in addition to the above changes
 can anyone point me in the right direction?

TIA,
Larry Azlin

P.S.  I restarted Xmail after these changes.

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Suppress NDRs

2005-07-18 Thread Jeff Buehler

By the way, Sönke, the solution you outlined is working perfectly - thanks!

Jeff

Sönke Ruempler wrote:

Hi Eric,

On 18.07.2005 20:38, Eric Garnice wrote:

  

I have an XMail server in front of an Exchange server solely doing 
SpamAssassin.  A problem arises where missed spam is sent to a bogus user on 
the domain where the from address is a valid distribution group on the same 
domain.  The result is everyone on the distribution group receiving a copy 
of the non-delivery report.  Is there any way to prevent these reports to be 
sent to valid users?



I guess the problem you have is very similar to Jeff Buehler's thread
one day ago and you maybe want to read that ;-)
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] undeliverable message auto delete

2005-07-17 Thread Jeff Buehler

Hi all -

Does anyone know of an existing solution for the auto-deletion of 
undeliverable messages in XMail?  I am running FreeBSD.

Writing something to remove them all periodically would be pretty easy, 
but I would like something that allows a settable time to collect dust 
before removing undeliverables in the FROZ directory, which seems like 
it might be useful to a lot of people.  I guess this wouldn't be too 
difficult to write either - just query the present date against the mail 
creation date.  But it would still be easier to use someone elses 
already working solution, if one exists!

Thanks,

Jeff
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: undeliverable message auto delete

2005-07-17 Thread Jeff Buehler

Thanks, Sönke -

I was hoping to keep them in the queue for awhile, but I am collecting 
500 or more undeliverables a day presently since I am forwarding to a 
domain that is getting heavily spammed.

When spammers send spam to bogus users at the busy Exchange server I am 
forwarding to, it predicatably sends back the user doesn't exist 
message, then xmail correctly attempts to send that back to the spammer 
who, of course, doesn't accept incoming mail, and so the message is 
undelivered.

Are you aeware of a better way to handle this sort of interaction?  I 
could create a user to match every user on the Exchange server and at 
least cut out a hop, but XMail will still then try to send the no user 
by that name reply back to the spammer.  I guess it's important to 
notify valid senders to the domain that a given user doesn't exist, 
though...  Is that an RFC requirement?

In the meantime, I am going to turn on RemoveSpoolErrors as you 
mentioned just so I don't have to go empty out the undeliverable queue 
every three days manually.

Thanks again!

Jeff


Sönke Ruempler wrote:

Hi Jeff,

On 17.07.2005 22:53, Jeff Buehler wrote:

  

Does anyone know of an existing solution for the auto-deletion of 
undeliverable messages in XMail?  I am running FreeBSD.

Writing something to remove them all periodically would be pretty easy, 
but I would like something that allows a settable time to collect dust 
before removing undeliverables in the FROZ directory, which seems like 
it might be useful to a lot of people.  I guess this wouldn't be too 
difficult to write either - just query the present date against the mail 
creation date.  But it would still be easier to use someone elses 
already working solution, if one exists!



The only switch that XMail provides at present is the server.tab variable:

[RemoveSpoolErrors]
Indicate if mail has to be removed or stored in 'froz' directory
after a failure in delivery or filtering.

So errors are removed just in time.
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: undeliverable message auto delete

2005-07-17 Thread Jeff Buehler

Thanks!  I'm doing it right now ...

Jeff

Sönke Ruempler wrote:

Jeff,

On 17.07.2005 23:10, Jeff Buehler wrote:
  

Thanks, Sönke -

I was hoping to keep them in the queue for awhile, but I am collecting 
500 or more undeliverables a day presently since I am forwarding to a 
domain that is getting heavily spammed.

When spammers send spam to bogus users at the busy Exchange server I am 
forwarding to, it predicatably sends back the user doesn't exist 
message, then xmail correctly attempts to send that back to the spammer 
who, of course, doesn't accept incoming mail, and so the message is 
undelivered.

Are you aeware of a better way to handle this sort of interaction?  I 
could create a user to match every user on the Exchange server and at 
least cut out a hop, but XMail will still then try to send the no user 
by that name reply back to the spammer.  I guess it's important to 
notify valid senders to the domain that a given user doesn't exist, 
though...  Is that an RFC requirement?



My solution is to setup a cmdaliases file for each user that is being
forwarded. So your mail server does not send bogus bounce mails into the
internet. It's quite simple because XMail then sends directly 550 user
not found in the SMTP session. So there is _NO_ bounce mail generated
and your Exchange server gets only these messages that it can handle.

And if there is a non-spam sender that types a wrong mail adress he'll
get a bounce message from the server that tries to send to yours.

I hope you got the advantage of that way.

And note: Some providers are blacklisting servers with high bounce
volumes. So someone  - aware or unaware  - could exploit your mailserver
with wrong sender addresses and wrong rcpt addresses. now your
mailserver weirdly sends out bounces back to the faked sender mailserver
and could get blacklisted.

So it's always a good idea to use forwarding for each user and not for
whole domains. That differs the lame admins from the good ones *SCNR*
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] smtp greeting helodomain

2005-07-15 Thread Jeff Buehler

Hi everyone -

I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, 
although HeloDomain is set (to mail.buehlertech.net and 
mail2.buehlertech.net) my greeting remains, for example, 
[EMAIL PROTECTED].  I assume the prefix is random.

If I remove helodomain, I get the same kind of response, even though I 
have a proper PTR (reverse) record for each of these domains.

Any ideas?

Thanks,
Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: smtp greeting helodomain

2005-07-15 Thread Jeff Buehler

Hi Sönke -

Thanks for your reply -
Presently my [SmtpServerDomain] is set to buehlertech.net, does it 
require the prefix (i.e. mail or mail2.buehlertech.net)?

Jeff



Sönke Ruempler wrote:

On 15.07.2005 21:31, Jeff Buehler wrote:
  

Hi everyone -

I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, 
although HeloDomain is set (to mail.buehlertech.net and 
mail2.buehlertech.net) my greeting remains, for example, 
[EMAIL PROTECTED].  I assume the prefix is random.

If I remove helodomain, I get the same kind of response, even though I 
have a proper PTR (reverse) record for each of these domains.



HeloDomain is what what your server sends if it's connecting to a remote
server.

What you whant is:

[SmtpServerDomain]
If set, forces the domain name XMail uses inside the ESMTP banner
used to support CRAM-MD5 ESMTP authentication.

Try that please.
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: smtp greeting helodomain

2005-07-15 Thread Jeff Buehler

Hi  Sönke -

When I change [SmtpServerDomain] by adding the prefix (mail2) then the 
resulting greeting is:
[EMAIL PROTECTED]
Is that correct?  I wasn't expecting the numeric value before the domain...

Jeff


Jeff Buehler wrote:

Hi Sönke -

Thanks for your reply -
Presently my [SmtpServerDomain] is set to buehlertech.net, does it 
require the prefix (i.e. mail or mail2.buehlertech.net)?

Jeff



Sönke Ruempler wrote:

  

On 15.07.2005 21:31, Jeff Buehler wrote:
 



Hi everyone -

I am running XMail 1.21 on FreeBSD 5.4 - everything runs great. However, 
although HeloDomain is set (to mail.buehlertech.net and 
mail2.buehlertech.net) my greeting remains, for example, 
[EMAIL PROTECTED].  I assume the prefix is random.

If I remove helodomain, I get the same kind of response, even though I 
have a proper PTR (reverse) record for each of these domains.
   

  

HeloDomain is what what your server sends if it's connecting to a remote
server.

What you whant is:

[SmtpServerDomain]
   If set, forces the domain name XMail uses inside the ESMTP banner
used to support CRAM-MD5 ESMTP authentication.

Try that please.
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


 





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-07 Thread Jeff Buehler

At first I thought that was a question I should just go ahead and answer
without bothering to double check my Thunderbird configuration, because
I was certain that it isn't doing SMTP authentication.  As it turns out,
it is - at some point I actually checked the box to do so, and I have no
idea when (obviously I was sleepwalking).

That means that I either have roughly 50 users who can't send mail and
don't seem to care enough to bother letting me know, or by some small
miracle they figured out to get their email clients to do SMTP
authentication, which I have a hard time believing.  But then this week
has been full of strange suprises!

Thanks for snapping me out of yet another misconception...  I can only
assume at this point that Rob was correct in pointing out that I have to
use SMTP authentication now across the board since my SMTP and POP3 are
coming in and going out of different IP:PORT combinations.

Clarity at last... :)

Jeff

Sönke Ruempler wrote:

[EMAIL PROTECTED]  wrote on Thursday, July 07, 2005 2:16
AM:

  

Maybe its some sort of security related bug in Thunderbird
that allows
it to authenticate across 2 different IP's?



Are you sure that TB does not send SMTP auth? What tell the SMTP logs?
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-06 Thread Jeff Buehler

Ah ha!  Thanks, Rob - that makes sense now.  The behavior I am seeing is 
expected.  I'm glad that SMTP authorization works alongside with pop 
before smtp, and as you said, why would anyone want to turn it off.  
I'll start promoting it since it can coexist with the popb4.  I didn't 
promote smtp authorization previously because I already had users using 
the pop b4 smtp already (it is pretty standard with the larger ISP's 
like Comcast or SBC so users are familiar with it) and I wasn't certain 
how it would interact with uebmiau or other web mail apps.  Now I see 
that it can coexist, though, and that is great ...

Thanks,

Jeff

Rob Arends wrote:

Jeff,

Smtp auth is enabled by default, and there does not seem to be a way to turn
it off (why would you?), however I know the EnableAuthSMTP-POP3  1
is configurable and is turned on by default.

*ALL* my users are told to use smtp auth.  It gets them around grey listing
and they can send as whom ever they like.   Because of this I still know who
they are, and that's all that matters.  Never had a problem, but then I've
never actively promoted or tried pop-b4-smtp.

Rob :-)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Wednesday, July 06, 2005 10:33 AM
To: xmail@xmailserver.org
Subject: [xmail] Re: pop before smtp


Yes, the email client (in this case Thunderbird and numerous other 
external email clients) must be doing pop before smtp since I have never 
enabled true SMTP authentication (even though I would like to, but that 
is another story), and none of my testing has included setting password 
authentication for SMTP.

The part that suprised me is that I am not set up to do real SMTP 
authentication (only pop before), but when going through the ASSP proxy 
running on the same system as XMail, SMTP authentication not only works 
with at least some email clietns but is actually required for some.  
Perhaps this is expected behavior, but I thought it was an either/or 
sort of thing.

So, ASSP - Xmail with pop before SMTP works with Thunderbird (at 
least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP 
authentication is required for proper authentication.  This was not the 
case when ASSP was on a seperate IP and a seperate platform - with that 
config, pop before SMTP worked for all these email clients.  Also this 
was not the case when ASSP was not in the picture (so obviously it has 
something to do with ASSP - XMail).

Jeff



Davide Libenzi wrote:

  

On Tue, 5 Jul 2005, Jeff Buehler wrote:

 



Hmmm -

It would appear that if I set the email clients in question to require
SMTP authentication, and use the same username and password as for pop3
authentication, then everything works.  I thought this was an either/or
requirement, but now I have most users doing pop3 before smtp and some
users using smtp authentication, and it works (so far).
   

  

If you use *real* SMTP authentication, then you won't need the POP3 before 
SMTP thing. In order for POP3 before SMTP to work, you need you mail 
clients to actually try a POP3 session before the SMTP session (with the 
account doing the POP3 session being the *same* as the MAIL FROM:  of 
the SMTP session). Is your email client doing so?


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


 




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-06 Thread Jeff Buehler

Nah!  ASSP (anti spam smtp proxy)  is actually a great opensource 
anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD 
and Windows.  It loads a specified number of bytes of a given mail then 
refuses the connection based on a bayesian determination of spam, RBL, 
etc. instead of downloading the whole thing (unless you want it to).  It 
has RBL, whitelisting, greylisting, SPF, web-based interface, limited 
anti-virus (which I don't use),  and its fast and reasonably simple to 
install.  The only thing that would make it better (in my opinion) is if 
it were written in c/c++ instead of Perl.  I like it quite a bit better 
than SpamAssassin myself.

At any rate, it appears I was wrong about the smtp authentication OR 
popb4 and it is actually popb4 AND smtp authentication, which is kool.  
So now I know.  I will instruct my users to start using SMTP 
authentication because, as another use kindly pointed out recently, why not?

Thanks again for your input, Davide!

Jeff



Davide Libenzi wrote:

On Tue, 5 Jul 2005, Jeff Buehler wrote:

  

Yes, the email client (in this case Thunderbird and numerous other
external email clients) must be doing pop before smtp since I have never
enabled true SMTP authentication (even though I would like to, but that
is another story), and none of my testing has included setting password
authentication for SMTP.

The part that suprised me is that I am not set up to do real SMTP
authentication (only pop before), but when going through the ASSP proxy
running on the same system as XMail, SMTP authentication not only works
with at least some email clietns but is actually required for some.
Perhaps this is expected behavior, but I thought it was an either/or
sort of thing.

So, ASSP - Xmail with pop before SMTP works with Thunderbird (at
least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP
authentication is required for proper authentication.  This was not the
case when ASSP was on a seperate IP and a seperate platform - with that
config, pop before SMTP worked for all these email clients.  Also this
was not the case when ASSP was not in the picture (so obviously it has
something to do with ASSP - XMail).



Then remove ASSP (whatever it is)  :=)


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-06 Thread Jeff Buehler

That was my guess too (that ASSP was the culprit), as I mentioned in my 
first mails about it, but I thought I would check and see if anyone had 
any ideas.  The strange part is the timing issue - across a LAN no 
problem, but locally certain email clients fail to do popb4smtp (and 
other ones do not), so it would seem to be an issue of ASSP not waiting 
properly for an authentication response or something.  At any rate, I am 
satisfied with the solution of SMTP authentication now that I know it is 
not abnormal behavior to have it working.

Thanks,
Jeff

Sönke Ruempler wrote:

On 06.07.2005 20:59, Jeff Buehler wrote:
  

Nah!  ASSP (anti spam smtp proxy)  is actually a great opensource 
anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD 
and Windows.  It loads a specified number of bytes of a given mail then 
refuses the connection based on a bayesian determination of spam, RBL, 
etc. instead of downloading the whole thing (unless you want it to).  It 
has RBL, whitelisting, greylisting, SPF, web-based interface, limited 
anti-virus (which I don't use),  and its fast and reasonably simple to 
install.  The only thing that would make it better (in my opinion) is if 
it were written in c/c++ instead of Perl.  I like it quite a bit better 
than SpamAssassin myself.

At any rate, it appears I was wrong about the smtp authentication OR 
popb4 and it is actually popb4 AND smtp authentication, which is kool.  
So now I know.  I will instruct my users to start using SMTP 
authentication because, as another use kindly pointed out recently, why not?



I guess if you encounter this problem again, you should dump the traffic
with tcpdump or whatever. Maybe we can help you then. But IMHO that
sounds not like a XMail problem but a ASSP's.
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-06 Thread Jeff Buehler

Hmmm - that makes sense.  I wonder why Thunderbird has no problem doing 
popb4, though ... it works as before doing popb4.  ASSP does something a 
bit unusual in that it operates as a proxy, so i'm not certain  it is 
technically providing SMTP but might be doing some sort of passthrough.  
XMail is active at 127.0.0.1:25, 192.168.1.13:110 and ASSP at 
192.168.13:25, so your thought  makes sense since XMail is technically 
listening on two different IPs even though one is 25 and the other is 110.

Maybe its some sort of security related bug in Thunderbird that allows 
it to authenticate across 2 different IP's?

Thanks, Rob...

Jeff

Rob Arends wrote:

Jeff, your email below answers it.

How can xmail correlate the popb4smtp, if the smtp is actually ASSP.
POPb4 only works if the same server is running both port 25 and port 110.
In your case xmail will see the smtp connection coming from ASSP, not the
MUA.

Rob :-)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Thursday, July 07, 2005 4:59 AM
To: xmail@xmailserver.org
Subject: [xmail] Re: pop before smtp


Nah!  ASSP (anti spam smtp proxy)  is actually a great opensource 
anti-spam proxy tool that (as it tunrs out) runs under Linux, FreeBSD 
and Windows.  It loads a specified number of bytes of a given mail then 
refuses the connection based on a bayesian determination of spam, RBL, 
etc. instead of downloading the whole thing (unless you want it to).  It 
has RBL, whitelisting, greylisting, SPF, web-based interface, limited 
anti-virus (which I don't use),  and its fast and reasonably simple to 
install.  The only thing that would make it better (in my opinion) is if 
it were written in c/c++ instead of Perl.  I like it quite a bit better 
than SpamAssassin myself.

At any rate, it appears I was wrong about the smtp authentication OR 
popb4 and it is actually popb4 AND smtp authentication, which is kool.  
So now I know.  I will instruct my users to start using SMTP 
authentication because, as another use kindly pointed out recently, why not?

Thanks again for your input, Davide!

Jeff



Davide Libenzi wrote:

  

On Tue, 5 Jul 2005, Jeff Buehler wrote:

 



Yes, the email client (in this case Thunderbird and numerous other
external email clients) must be doing pop before smtp since I have never
enabled true SMTP authentication (even though I would like to, but that
is another story), and none of my testing has included setting password
authentication for SMTP.

The part that suprised me is that I am not set up to do real SMTP
authentication (only pop before), but when going through the ASSP proxy
running on the same system as XMail, SMTP authentication not only works
with at least some email clietns but is actually required for some.
Perhaps this is expected behavior, but I thought it was an either/or
sort of thing.

So, ASSP - Xmail with pop before SMTP works with Thunderbird (at
least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP
authentication is required for proper authentication.  This was not the
case when ASSP was on a seperate IP and a seperate platform - with that
config, pop before SMTP worked for all these email clients.  Also this
was not the case when ASSP was not in the picture (so obviously it has
something to do with ASSP - XMail).
   

  

Then remove ASSP (whatever it is)  :=)


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


 




-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] pop before smtp

2005-07-05 Thread Jeff Buehler

Hi all -

This question may be a bit out of place, but someone here may have a 
recommendation...

Over the years, I have had an occasional problem with different mail 
clietns choking on pop before smtp.  Generally this has been the case on 
Mac (OS 9) mail clients, which thankfully are gone from my user group now.

Recently I put an anti-spam service (ASSP) on the same box and IP as 
XMail which forwards mail to XMail after scanning it.  This mecahnism 
has worked with no problems when I had ASSP on a seperate IP and a 
seperate box from XMail, and it works well now *except* that certain 
mail clients no longer seem to be able to authenticate properly.  
Specifically these are Mac OS X mailtool and Outlook 2003 that I am 
aware of (Thunderbird works fine).

This is obviosly some sort of interaction between ASSP and XMail, and so 
the problem might exist on either side, but I was hoping someone on the 
XMail side might have some ideas ...?

Thanks!

Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-05 Thread Jeff Buehler

Hmmm -

It would appear that if I set the email clients in question to require 
SMTP authentication, and use the same username and password as for pop3 
authentication, then everything works.  I thought this was an either/or 
requirement, but now I have most users doing pop3 before smtp and some 
users using smtp authentication, and it works (so far).

Should I be concerned?  This must be some funky ASSP thing ... but I am 
(pleasantly?) suprised that XMail allows it to verify even when it is 
not set to do smtp authentication (or at least I didn't think that it was!)

Jeff

Jeff Buehler wrote:

Hi all -

This question may be a bit out of place, but someone here may have a 
recommendation...

Over the years, I have had an occasional problem with different mail 
clietns choking on pop before smtp.  Generally this has been the case on 
Mac (OS 9) mail clients, which thankfully are gone from my user group now.

Recently I put an anti-spam service (ASSP) on the same box and IP as 
XMail which forwards mail to XMail after scanning it.  This mecahnism 
has worked with no problems when I had ASSP on a seperate IP and a 
seperate box from XMail, and it works well now *except* that certain 
mail clients no longer seem to be able to authenticate properly.  
Specifically these are Mac OS X mailtool and Outlook 2003 that I am 
aware of (Thunderbird works fine).

This is obviosly some sort of interaction between ASSP and XMail, and so 
the problem might exist on either side, but I was hoping someone on the 
XMail side might have some ideas ...?

Thanks!

Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: pop before smtp

2005-07-05 Thread Jeff Buehler

Yes, the email client (in this case Thunderbird and numerous other 
external email clients) must be doing pop before smtp since I have never 
enabled true SMTP authentication (even though I would like to, but that 
is another story), and none of my testing has included setting password 
authentication for SMTP.

The part that suprised me is that I am not set up to do real SMTP 
authentication (only pop before), but when going through the ASSP proxy 
running on the same system as XMail, SMTP authentication not only works 
with at least some email clietns but is actually required for some.  
Perhaps this is expected behavior, but I thought it was an either/or 
sort of thing.

So, ASSP - Xmail with pop before SMTP works with Thunderbird (at 
least), but in Outlook 2003 and Mac OS X Mailtool (at least) SMTP 
authentication is required for proper authentication.  This was not the 
case when ASSP was on a seperate IP and a seperate platform - with that 
config, pop before SMTP worked for all these email clients.  Also this 
was not the case when ASSP was not in the picture (so obviously it has 
something to do with ASSP - XMail).

Jeff



Davide Libenzi wrote:

On Tue, 5 Jul 2005, Jeff Buehler wrote:

  

Hmmm -

It would appear that if I set the email clients in question to require
SMTP authentication, and use the same username and password as for pop3
authentication, then everything works.  I thought this was an either/or
requirement, but now I have most users doing pop3 before smtp and some
users using smtp authentication, and it works (so far).



If you use *real* SMTP authentication, then you won't need the POP3 before 
SMTP thing. In order for POP3 before SMTP to work, you need you mail 
clients to actually try a POP3 session before the SMTP session (with the 
account doing the POP3 session being the *same* as the MAIL FROM:  of 
the SMTP session). Is your email client doing so?


- Davide

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: sendmail-Xmail non-standard port

2005-07-01 Thread Jeff Buehler

I *may* have answered my own question, but I would still be curious 
about any input on sendmail.  I realized that ASSP is running on port 25 
but is not getting the mail forward from sendmail.  It then occurred to 
me that this was because ASSP is running on the external address at 
ports 25 and 587, and can't support any more IP/PORTs.  So, there was no 
MTA running on 127.0.0.1:25 - I added this to XMail, and now I am 
waiting to see if I start getting some emails from the system!

If not, I will send out another email with info and questions...

Thanks...

Jeff Buehler wrote:

I have a configuration of XMail that requries XMail to run on port 125.  
So ASSP on port 25/587 - XMail port 125.  Previously I had ASSP running 
on another IP range so this was not necessary.  I am running FreeBSD and 
I am not certain how to get sendmail to forward mail through XMail now - 
previously I was using the non-XMail version of Sendmail, and my servers 
local mails were available at [EMAIL PROTECTED]  Now they are 
getting spooled but they are not getting to XMail for the domain, I 
assume because the port is no longer 127.0.0.1:25 but now is 127.0.0.1:125.

Anyone know much about configuring sendmail under FreeBSD to send these 
mails to port 125 (assuming that is the problem as I suspect?)

Thanks!
Jeff

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: sendmail-Xmail non-standard port

2005-07-01 Thread Jeff Buehler

-bd port?  I'm sorry - I don't know what to do with that.  A flag to the 
sendmail daemon, or some other archaic invocation?
You are of course correct about the assumption thing - I can't seem to 
help it.

Thanks,
Jeff

Alexander Hagenah wrote:

[EMAIL PROTECTED] schrieb am Friday, July 01, 2005 4:45 PM:

  

Anyone know much about configuring sendmail under FreeBSD to
send these mails to port 125 (assuming that is the problem as
I suspect?)



..--
| -bd 125
`--

Assuming - it won't solve your problem. :)

--

Regards,
Alexander Hagenah
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: sendmail-Xmail non-standard port

2005-07-01 Thread Jeff Buehler

Hi Alexander -

Sorry - got it now.  I did a man of sendmail, and there it was, three 
lines or so down, -bd to run sendmail deamon with port alternatives.  
Thanks.  I am not certain if this is going to help me with this 
particular problem, because I don't (think I) want sendmail listening on 
a SMTP port (that's XMails job, right?) but simply redirecting local 
mails to XMail.  Also I am under the impresion that the proper mechanism 
under FreeBSD  is to modify the domainname.mc file in /etc/mail to 
instruct sendmail to do what I want it to, but I am a bit confused by 
the different sendmail modes under FreeBSD (/etc/rc.conf  - 
sendmail_enable= yes, no or none - none kills it completely, no allows 
it to do local redirecting to XMail so far until today).

Thanks,

Jeff

Alexander Hagenah wrote:

[EMAIL PROTECTED] schrieb am Friday, July 01, 2005 4:45 PM:

  

Anyone know much about configuring sendmail under FreeBSD to
send these mails to port 125 (assuming that is the problem as
I suspect?)



..--
| -bd 125
`--

Assuming - it won't solve your problem. :)

--

Regards,
Alexander Hagenah
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Help Xscanner

2005-06-23 Thread Jeff Buehler

That, of course, is the clear argument for Windows as a workstation OS, 
and I agree 100% in that sense (Mac OS X is great also).  However, when 
it comes to server management, I prefer people I work with (and myself) 
to be knowledgeable, and I prefer the OS to be as flexible as possible.  
This is just my experience, I am not presenting it as an absolute truth 
for everyone, but I have found that at best the Windows GUI does nothing 
to help understanding or flexibility, and at worst it creates IT people 
who don't understand the internals behind what they are doing and rigid 
GUI behavior that makes it more difficult (or even impossible) to create 
poweful non-commercial or non-standard solutions to complex problems.

So, with a workstation, ease of use is extermely high on my list of 
importance, and with servers ease of use is extremely low on my list of 
importantance.  But that's just me...

And no, I don't know of any Linux solutions as complete as Windows from 
a graphical standpoint - there are a few good starts, though (Red Hat 
seemed pretty good, but not up to the Windows standard). However, I 
won't know about any that do get developed because that doesn't much 
interest me in a server OS - I'll take the road of having to understand 
the internals a bit so that there is no problem fixing it or making it 
work later.

That is what I like about XMail - it is hardly a standard Windows 
application and certainly defies the comprehensive and consistent GUI 
that Windows provides, but it is powerful, rock solid and fast.  I'll 
take it over Exchange (when possible - it doesn't have all the 
functionality) any day, and Apache (or Xitami or a bunch of others) over 
IIS, even when running Windows OS, despite the relative hassle of 
setting them up the same way you might on a UNIX or Linux platform.

Francis, I enjoy the discussion - if you want, please feel free to mail 
me any responses directly so that we don't have to burden others who are 
probably tired of this ancient discussion!  It probably doesn't really 
belong on this mailing list... My email address is [EMAIL PROTECTED]

Jeff



CLEMENT Francis wrote:

Just to say that for me, free os will win the battle, especially 
in small business and finaly at home, only when a comprehensive,
easy to use, complete admin gui will be available for use by
anyone without big knowledge.
This will help a lot ...

Computers must be easy to use.

The big point for windows is that it is easy to use, easy to
manage/configure ...
All tools are gui, all are consistent in use, ...

Is there a complete managment tool for linux ?

Francis

  

-Message d'origine-
De : Jeff Buehler [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 22 juin 2005 19:36
À : xmail@xmailserver.org
Objet : [xmail] Re: Help Xscanner



However, ASSP (nor ClamSMTP nor ClamAV) do not run on Windows.  There 
are, of course, other solutions, but this combination is the 
best I have 
found for the price (or any price, although the high-priced 
commercial 
market is not really my expertise).  I'm honestly trying to help Yann 
come up with an ideal solution for what it sounds like his 
problem may 
be, not push idealogy.

Speaking of idealogy, I think a lot of people choose Windows 
because of 
comfort and familiarity, which are really not the best 
reasons to make 
server based decisions (or arguably most reasonably complex IT 
decisions), but I acknowledge that this is an opinion and not a clear 
fact.  I also run two Windows servers simply because I need them to 
debug IT problems for clients, so I use them as test beds for 
changes I 
intend or need to make to client systems.  I am at a loss as to why 
someone would want a (very) expensive operating system for a 
server when 
free ones are available that perform at least as well (oh, 
wait, I know, 
Exchange and Active Directory - yay!).  Not an argument, just 
an opinion 
from my experience.  Bill certainly doesn't need the income.

Thanks for the reminder not to start any wars!  Certainly never my 
intention - there are enough ridiculous wars around without 
my help (um, 
I hope that doesn't start another discussion!)


Jeff



CLEMENT Francis wrote:



 

  

-Message d'origine-
De : Jeff Buehler [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 22 juin 2005 18:30
À : xmail@xmailserver.org
Objet : [xmail] Re: Help Xscanner


If you have a SPAM problem, I would advise the following 
configuration:

1. Dump windows.  Ubiquitous != good.  Install Linux or FreeeBSD.
   



 

  

this may seem a bit elaborate, but in my opinion Windows is 
really not ideal
(unstable, not too scaleable, not free) for running a mail 
server.  I found
   



My xmail 'windows' server runs good from xmail 0.96 to xmail 
  

1.21 now and


never restarted nor bugged ;-)
(except for standard maintenance)
I have too some FreeBSD running well too ...
Badly configured Linux/FreeBSD/... equal badly configured 
  

windows too

[xmail] Re: Help Xscanner

2005-06-22 Thread Jeff Buehler
 If you have a SPAM problem, I would advise the following configuration:

1. Dump windows.  Ubiquitous != good.  Install Linux or FreeeBSD.
2. Install ASSP - an excellent anti-spam, opensource program
3. Install ClamSMTP and ClamAV.

ASSP - ClamSMTP - XMail.  It works great.  Use the beta 12 or 13 of ASSP,
not the release version.  There is a port for FreeBSD now.

On the other hand, if you are having that much trouble with Spam Assassin,
this may seem a bit elaborate, but in my opinion Windows is really not ideal
(unstable, not too scaleable, not free) for running a mail server.  I found
the above installation and set up reasonably simple, although FreeBSD
handlesinterface issues differently than Windows, of course.

Spam Assassin works well for anti-spam purposes, but it's a little bit CPU
intensive relative to ASSP in my experience.  I'm sorry but I can't help you
with the doList filter, although at first look doList seems to be a pretty
weak anti-spam solution - it's just a filter without Bayesian analysis or
anything.

Jeff


Yann LE ROCH - Agence CHROM wrote: Hello I use
http://software.dolist.net/xscanner.asp[1] on my xmail 1.18 (windows 2000
server) I just want to know if it's possible to send an e.mail notification
to recipient when a e.mail is blocked by xscanner. Spamassassin is too
difficult to install... Thanks Yann - To unsubscribe from this list: send
theline unsubscribe xmail in the body of a message to
[EMAIL PROTECTED] For general help: send the line help in the
bodyof a message to [EMAIL PROTECTED] 
-- 
Buehler Technologies Email Signature






Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - [EMAIL PROTECTED] 




--- Links ---
   1 http://software.dolist.net/xscanner.asp
   2 mailto:[EMAIL PROTECTED]
   3 mailto:[EMAIL PROTECTED]
   4 mailto:[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Help Xscanner

2005-06-22 Thread Jeff Buehler

However, ASSP (nor ClamSMTP nor ClamAV) do not run on Windows.  There 
are, of course, other solutions, but this combination is the best I have 
found for the price (or any price, although the high-priced commercial 
market is not really my expertise).  I'm honestly trying to help Yann 
come up with an ideal solution for what it sounds like his problem may 
be, not push idealogy.

Speaking of idealogy, I think a lot of people choose Windows because of 
comfort and familiarity, which are really not the best reasons to make 
server based decisions (or arguably most reasonably complex IT 
decisions), but I acknowledge that this is an opinion and not a clear 
fact.  I also run two Windows servers simply because I need them to 
debug IT problems for clients, so I use them as test beds for changes I 
intend or need to make to client systems.  I am at a loss as to why 
someone would want a (very) expensive operating system for a server when 
free ones are available that perform at least as well (oh, wait, I know, 
Exchange and Active Directory - yay!).  Not an argument, just an opinion 
from my experience.  Bill certainly doesn't need the income.

Thanks for the reminder not to start any wars!  Certainly never my 
intention - there are enough ridiculous wars around without my help (um, 
I hope that doesn't start another discussion!)


Jeff



CLEMENT Francis wrote:


  

-Message d'origine-
De : Jeff Buehler [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 22 juin 2005 18:30
À : xmail@xmailserver.org
Objet : [xmail] Re: Help Xscanner


 If you have a SPAM problem, I would advise the following 
configuration:

1. Dump windows.  Ubiquitous != good.  Install Linux or FreeeBSD.



  

this may seem a bit elaborate, but in my opinion Windows is 
really not ideal
(unstable, not too scaleable, not free) for running a mail 
server.  I found



My xmail 'windows' server runs good from xmail 0.96 to xmail 1.21 now and
never restarted nor bugged ;-)
(except for standard maintenance)
I have too some FreeBSD running well too ...
Badly configured Linux/FreeBSD/... equal badly configured windows too 

Don't be soo partial ;-) Well configured Windows equals well configured
linux or others
It's not really on these arguments that free software will win ...

So don't start a war again please ...

  

Spam Assassin works well for anti-spam purposes, but it's a 
little bit CPU
intensive relative to ASSP in my experience.  I'm sorry but I 
can't help you
with the doList filter, although at first look doList seems 
to be a pretty
weak anti-spam solution - it's just a filter without Bayesian 
analysis or
anything.

Jeff





My one experience on spam battle :
Run Xmail (one your os of choice, just configure the os correctly ...)
Add it Davide's excellent GLST filter
Add it a good virus scanner (av-filter from Dario, henry.it, with fprot or
nai)

At this time, you eliminate 99% spams without big
cpu/software/harware/config...
This is approximatively the result I found after 2 months with this
configuration
(we are hosters, with a good number of mails coming in every day)

Francis

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Help Xscanner

2005-06-22 Thread Jeff Buehler

Opps - thanks!  That's actually good to know... I actually find that 
most stuff works, or can be made to work, under Windows from the 
UNIX/Linux side pretty easily.  Of course, the opposite isn't always 
true since Microsoft has good reason to keep stuff proprietary.

~J~

Kevin Williams wrote:

Jeff Buehler wrote:
  

However, ASSP (nor ClamSMTP nor ClamAV) do not run on Windows.



FYI -

http://www.clamwin.com/

(Not that I run xmail on Windows, but just to clarify.)
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Help Xscanner

2005-06-22 Thread Jeff Buehler

Ha!  Well, there you go - I'm actually not too suprised, but I didn't 
realize (or didn't remember) that there was an ASSP implementation for 
Windows (nor ClamAV - how about ClamSMTP, I wonder? I guess I could 
always take thirty seconds and look it up...). Thanks for the info - now 
that you mention it, I vaguely recall seeing a bunch of mail from the 
ASSP list about people on Windows having this or that question or 
problem.  Nevermind Linux or FreeBSD then, it would probably work well 
for Yann if he can do ASSP and some other anti-virus solution on a 
Windows machine - why not if it's already up and running?

Yann, since you are on Win 2000, you might want to try that - 
ASSP-Xmail or better ASSP-anti-virus(?)-Xmail.  That combination 
works really well for me, although I have no idea about stability and so 
on under Windows for ASSP or ClamAV.

Jeff


Kroll, David wrote:

I run assp on windows just fine and have for quite some time. 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jeff Buehler
Sent: Wednesday, June 22, 2005 7:04 PM
To: xmail@xmailserver.org
Subject: [xmail] Re: Help Xscanner


Opps - thanks!  That's actually good to know... I actually find that most
stuff works, or can be made to work, under Windows from the UNIX/Linux side
pretty easily.  Of course, the opposite isn't always true since Microsoft
has good reason to keep stuff proprietary.

~J~

Kevin Williams wrote:

  

Jeff Buehler wrote:
 



However, ASSP (nor ClamSMTP nor ClamAV) do not run on Windows.
   

  

FYI -

http://www.clamwin.com/

(Not that I run xmail on Windows, but just to clarify.)
-
To unsubscribe from this list: send the line unsubscribe xmail in the 
body of a message to [EMAIL PROTECTED] For general help: send the 
line help in the body of a message to [EMAIL PROTECTED]


 





-
To unsubscribe from this list: send the line unsubscribe xmail in the body
of a message to [EMAIL PROTECTED] For general help: send the line
help in the body of a message to [EMAIL PROTECTED]


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Socket bind error - finally working

2005-06-19 Thread Jeff Buehler

I have never seen or used mta_start_script= - based on what you sent, 
though, I doubt you are using it properly and I have no idea what the 
side effects of your approach will be.  My scripts in/etc/rc.d and 
/usr/local/etc/rc.d start up fine without it (in 5.3. and 5.4).  If it 
works, though, great - just be careful is isn't doing something 
unexpected, like preventing other necessary services in /etc/rc.conf 
from starting or something.

I find sendmail a bit confusing - it has several modes of operation (you 
can probably find out all about it in it's ridiculously long man page) - 
sendmail_enable=no, sendmail_enable=yes, sendmail_enable=none and 
I recall (but this may be wrong) sendmail_enable=both.  
sendmail_enalbe=no will still allow sendmail to send mail out that it 
gets a hold of, and thos may be what you want for admin messages and the 
like that XMail may not retrieve.  This is actually how I do it.

The process you have running I'm not so certain about - sendmail still 
looks active, but given what you wrote I don't know in what mode.

Jeff



Ross Gohlke wrote:

The good news is, XMail is finally running properly. The bad news is,  I'm
not exactly sure how.

  

To prevent sendmal from runnig under Freebsd, add to /etc/rc.conf the 


following:  sendmail_enable = NONE.  However, I don't know why 
sendmail would interfere with CtrlClnt, or if it would.  You can do a ps

  

-alx | grep sendmail to see if it's running.



I did try to turn off sendmail. When I rebooted, Xmail started up fine, 
and I could use CtrlClnt.

/etc/rc.sendmail
# This script is used by /etc/rc at boot time to start sendmail.  It # is
meant to be sendmail specific and not a generic script for all # MTAs.  It
is only called by /etc/rc if the rc.conf mta_start_script is # set to
/etc/rc.sendmail.  This provides the opportunity for other MTAs # to
provide their own startup script.

/etc/defaults/rc.conf
mta_start_script=/etc/rc.sendmail

SO I ADDED THIS LINE TO /etc/rc.conf ABOVE OTHER SERVICES
mta_start_script=/usr/local/etc/rc.d/xmailserverstart.sh

Then I rebooted.

Funny thing is, NONE of the services defined in /etc/rc.conf (except 
IPFILTER) are starting up on reboot, and ps yields the exact same 
results as reported before for sendmail:

 james# ps -alx | grep sendmail
 0   394   390 164   8  0  1632 1100 wait   I+   con0:00.00
 /bin/sh /usr/sbin/sendmail -L sm-mta -bd -q30m -ODaemonPortOpt
 0   395   394 164 116  0  2772 1804 select I+   con0:00.01
 /usr/sbin/sendmail.xmail -L sm-mta -bd -q30m -ODaemonPortOptio

Here's to happy XMailing!

ross

PS Happy Father's Day to those who code with kids.



-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  

-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Socket bind error

2005-06-19 Thread Jeff Buehler

Your get system panics using the patch?  Are you certain you have the 
right one - I get nothing like that at all.  Perhaps you are running a 
service that uses the function (kqueue_stat in kern_event.c) and doesn't 
like it that I am not running?

Here are the modifications I use that work perfectly in 5.3 and 5.4 so 
far for me:

/* OLD FUNCTION COMMENT OUT*/
/*
static int
kqueue_stat(struct file *fp, struct stat *st, struct ucred *active_cred,
struct thread *td)
{

return (ENXIO);
}
*/

/* NEW FUNCTION ADD */

static int
kqueue_stat(struct file *fp, struct stat *st, struct ucred *active_cred,
struct thread *td)
{
struct kqueue *kq;
int error;
 
if ((error = kqueue_aquire(fp, kq)))
return ENOENT;
KQ_LOCK(kq);
bzero((void *)st, sizeof(*st));
st-st_size = kq-kq_count;
kqueue_release(kq, 1);
KQ_UNLOCK(kq);
st-st_blksize = sizeof(struct kevent);
st-st_mode = S_IFIFO;
return (0);
}


also, I haven't seen these mails...are they in the list and I'm just 
missing them?

I would definately advice trying the patch, Ross - if it causes system 
panics that you didn't get before as it seems to for David, then roll it 
back.  Hopefully the FreeBSD team will fix this bug before too long - 
they have been advised about it, but I don't know it's status...

Jeff



David Lord wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 18 Jun 2005, at 14:08, Ross Gohlke wrote:

  

Which version of XMail?
  

1.21 from source.



What are outputs of:  'lsof | grep -c XMail' and '/sbin/sysctl
kern.openfiles'?
  

james# lsof | grep -c XMail
0
james# /sbin/sysctl kern.openfiles
kern.openfiles: 106



I was getting a gradual increase in open files such that maximum 
allowed would be reached within about two weeks and XMail would stop 
without any message to indicate it had.
 
  

I ran XMail 1.17 on FreeBSD 4.10 for some time without a problem
once 
  

configured. Now with XMail 1.21 on FreeBSD 5.3 as of Feb 6, I've 
never had it stable due to kqueue and possible hardware 
incompatibilities. I'm considering move back to try XMail 1.17 and if
that doesn't work a move to NetBSD 2.0.2.

So should I downgrade to 1.17?
Jeff mentioned a patch. Would this fix my problem? If so, where can I
get it?



If it needs fixing at all, ie you see a build up of open files, then 
it's worth trying the patch. Here the patch worked in that open files 
didn't increase but I would have a system panic within a few days 
whilst now unpatched I'm on 26 days uptime and restarting XMail twice 
a week and open files are only hitting around 700 with maximum set at 
2816. I'm slowly setting up a replacement server.

  

I've had similar errors from CtrlClnt when either command syntax was

  

wrong or had a misconfiguration. I no longer attempt to use CtrlClnt
from a commandline, only from scripts.

Not sure I understand how calling them from scripts would make a
difference.



It's just that it lowers my chances of having mistyped the command. 
Also some of the scripts can take parameters from a list.

David


-BEGIN PGP SIGNATURE-
Version: PGP 7.0.4 -- QDPGP 2.65 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBQrXDNq2RmIodDo7KEQKb/QCZAe8c7iBMmllRvb2dLPaWc2E+MJkAoOND
7zGcFYuYE3e1+r0C0vlkL/9q
=bKej
-END PGP SIGNATURE-
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: Socket bind error

2005-06-18 Thread Jeff Buehler

There is a simple patch (requiring a few lines of code) available for 
the kqueue problem.  I run 1.21 on 5.4 (and for 6 or so months on 5.3) 
and have no problems after modyfying the code for the kqueue problem.  I 
have found it to be incredibly stable (Xmail has never gone down that I 
can recall with this configuration).

Jeff

David Lord wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 17 Jun 2005, at 18:52, Ross Gohlke wrote:


Which version of XMail? 

What are outputs of:  'lsof | grep -c XMail' and '/sbin/sysctl 
kern.openfiles'?

I ran XMail 1.17 on FreeBSD 4.10 for some time without a problem once 
configured. Now with XMail 1.21 on FreeBSD 5.3 as of Feb 6, I've 
never had it stable due to kqueue and possible hardware 
incompatibilities. I'm considering move back to try XMail 1.17 and if 
that doesn't work a move to NetBSD 2.0.2. 

I've had similar errors from CtrlClnt when either command syntax was 
wrong or had a misconfiguration. I no longer attempt to use CtrlClnt 
from a commandline, only from scripts.
 
  

OS: FreeBSD 5.3-RELEASE

XMail seems to be running smoothly, but I cannot seem to access
CtrlClnt. I created one user successfully, then it stopped working. If
I changed something I can't remember what it was, and I've gone
through  all the processes again.

When running a CtrlClnt command such as:
/usr/bin/CtrlClnt -s mydomain.org -u postmaster -p password useradd
mydomain.org newuser newpassword U

where mydomain.org is the RootDomain, the command tries to run for
over  a minute, then gives this error: ErrCode   = -162 ErrString =
End of socket stream data

I also noticed a socket bind error when starting up from command
line:

james# /var/MailRoot/bin/XMail -Md -Pl -Sl -Fl -Cl -Ll
SMAIL thread [00] started
SMAIL thread [01] started
SMAIL thread [02] started
SMAIL thread [03] started
SMAIL thread [04] started
SMAIL thread [05] started
SMAIL thread [06] started
SMAIL thread [07] started
SMAIL thread [08] started
SMAIL thread [09] started
SMAIL thread [10] started
SMAIL thread [11] started
SMAIL thread [12] started
SMAIL thread [13] started
SMAIL thread [14] started
SMAIL thread [15] started
Socket bind error
[XMail 1.21 POP3 Server] started
[XMail 1.21 ESMTP Server] started
[XMail 1.21 PSYNC Server] started
[XMail 1.21 FINGER Server] started
LMAIL thread [00] started
LMAIL thread [01] started
LMAIL thread [02] started

I'm assuming these issues are related.

I found a thread in the archive suggesting I may have some other mail
service running and interfering, but I can't figure it out.

james# netstat
Active Internet connections
Proto Recv-Q Send-Q  Local Address  Foreign Address   
(state) tcp4   0 32  james.ssh  207.65.63.34.62315
ESTABLISHED tcp4   0  0  james.ssh 
64-184-8-187.bb..50415 ESTABLISHED udp6   0  0 
localhost.localh.55733 localhost.localh.55733 Active UNIX domain
sockets Address  Type   Recv-Q Send-QInode Conn Refs 
Nextref Addr c25bf08c stream  0  00 c25c04ec0 
  0 c25c04ec stream  0  00 c25bf08c0  
 0 c25bf578 stream  0  0 c272a210000
/tmp/.s.PGSQL.5432 c25bf7a8 stream  0  00 c25bf834
   00 c25bf834 stream  0  00 c25bf7a80
   0 c25bfec4 stream  0  0 c25f421000 
  0 /var/run/devd.pipe c25c0a64 dgram   0  00 c25bfe38
   0 c25bfc94 c25bfc94 dgram   0  00 c25bfe38 
  00 c25bfe38 dgram   0  0 c25c18400 c25c0a64 
  0 /var/run/log

Could it be sendmail? I followed these instructions for replacing
sendmail:
http://www.ubaight.com/xmail/BeginnersGuide.html#SendmailScript

james# ps aux | grep sendmail
root394  0.0  0.1  1632 1100 con  I+3:14PM   0:00.00 /bin/sh
/usr/sbin/sendmail -L sm-mta -bd -q30m
-ODaemonPortOptions=Addr=localhost root395  0.0  0.2  2772 1804
con  I+3:14PM   0:00.01 /usr/sbin/sendmail.xmail -L sm-mta -bd
-q30m -ODaemonPortOptions=Addr=localhost

I have DBMail installed and running imap, but no other mail software. 
Any ideas? I'd really like to start using XMail!

Ross Gohlke





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED] For general help:
send the line help in the body of a message to
[EMAIL PROTECTED]






-BEGIN PGP SIGNATURE-
Version: PGP 7.0.4 -- QDPGP 2.65 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBQrPswa2RmIodDo7KEQLUygCgx3sm0UM4hxkv4TrykJTzSFhSdF4AoNfh
6y7mVYsw4sL2/VFN5wTveORq
=Tdjk
-END PGP SIGNATURE-
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For 

[xmail] Re: Socket bind error

2005-06-18 Thread Jeff Buehler

I don't see XMail (or the standard POP3/SMTP) ports anywhere (those 
being 110 and 25 or maybe 587).  However, I think port 6017 is the XMail 
CtrlClnt port, so that should (possibly) be working.

The ports you are listening on are:
22 (? - ftp?), 1 (?), 443 (HTTP/SSL), 80 (HTTP), 5432 (?), 514 (?), 
6017(XMail CtrlClnt) -

Maybe you need different command parameters for XMail than you have 
presently - you might try specifying the ports you want XMail to listern 
on for SMTP instead of all ports.

Jeff

Ross Gohlke wrote:

Davide Libenzi wrote:
  

On Fri, 17 Jun 2005, Ross Gohlke wrote:




OS: FreeBSD 5.3-RELEASE
XMail seems to be running smoothly, but I cannot seem to access
CtrlClnt. I created one user successfully, then it stopped working. If I
  

changed something I can't remember what it was, and I've gone through
all
  

the processes again.
When running a CtrlClnt command such as:
/usr/bin/CtrlClnt -s mydomain.org -u postmaster -p password useradd
  

mydomain.org newuser newpassword U
  

where mydomain.org is the RootDomain, the command tries to run for over
  

a
  

minute, then gives this error:
ErrCode   = -162
ErrString = End of socket stream data
  

Try a:

# netstat -t -n -a -p



Thanks, I actually tried that (from another post in the archive):
james# netstat -t -n -a -p
netstat: option requires an argument -- p
usage: netstat [-AaLnSW] [-f protocol_family | -p protocol]
[-M core] [-N system]
netstat -i | -I interface [-abdnt] [-f address_family]
[-M core] [-N system]
netstat -w wait [-I interface] [-d] [-M core] [-N system]
netstat -s [-s] [-z] [-f protocol_family | -p protocol] [-M core]
netstat -i | -I interface -s [-f protocol_family | -p protocol]
[-M core] [-N system]
netstat -m [-c] [-M core] [-N system]
netstat -r [-AenW] [-f address_family] [-M core] [-N system]
netstat -rs [-s] [-M core] [-N system]
netstat -g [-W] [-f address_family] [-M core] [-N system]
netstat -gs [-s] [-f address_family] [-M core] [-N system]

james# netstat -t -n -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address  Foreign Address(state)
tcp4   0 32  65.75.135.140.22   207.65.63.34.62315
ESTABLISHED
tcp4   0  0  *.1*.*LISTEN
tcp4   0  0  *.80   *.*LISTEN
tcp4   0  0  *.443  *.*LISTEN
tcp4   0  0  *.6017 *.*LISTEN
tcp4   0  0  *.5432 *.*LISTEN
tcp6   0  0  *.5432 *.*LISTEN
tcp4   0  0  65.75.135.140.22   64.184.8.187.50415
ESTABLISHED
tcp4   0  0  *.22   *.*LISTEN
tcp6   0  0  *.22   *.*LISTEN
udp4   0  0  *.1*.*
udp6   0  0  ::1.55733  ::1.55733
udp4   0  0  *.514  *.*
udp6   0  0  *.514  *.*
Active UNIX domain sockets
Address  Type   Recv-Q Send-QInode Conn Refs  Nextref Addr
c25bf08c stream  0  00 c25c04ec00
c25c04ec stream  0  00 c25bf08c00
c25bf578 stream  0  0 c272a210000 
/tmp/.s.PGSQL.5432
c25bf7a8 stream  0  00 c25bf83400
c25bf834 stream  0  00 c25bf7a800
c25bfec4 stream  0  0 c25f4210000 
/var/run/devd.pipe
c25c0a64 dgram   0  00 c25bfe380 c25bfc94
c25bfc94 dgram   0  00 c25bfe3800
c25bfe38 dgram   0  0 c25c18400 c25c0a640 
/var/run/log





-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]


  


-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For general help: send the line help in the body of a message to
[EMAIL PROTECTED]



  1   2   >