data.
W. Richard Stevens did that benchmark in _Advanced Unix Programming_ quite
a while back; as I recall, the difference between single-character writes
and buffered writes in his data was an order of magnitude or two.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
(something that it's rather good at), which is why the errors are
going away when you stop qmail. If I'm right, it was coincidence (or
maybe touching some part of the disk that hadn't been touched before) that
it coincided with the daemontools installation.
--
Russ Allbery ([EMAIL PROTECTED
server.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
need it at all; just use the t action in multilog.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Jeremy Hansen [EMAIL PROTECTED] writes:
I now have time stamps, so really all I need to do is call tai64nfrac
through matchup, right?
Works For Me (tm). :)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
, and therefore may very well be able to do things with NT or Win2K
that the rest of us couldn't.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Frederik Lindberg [EMAIL PROTECTED] writes:
What do you do with fd5 (man matchup)?
if [ -s qlog.deferred ] ; then
cat qlog.deferred "$1" | tai64nfrac | matchup qlog 5 qlog.deferred
else
tai64nfrac "$1" | matchup qlog 5 qlog.deferred
fi
--
Russ Allbe
d probably be extended to handle the more general case.
You can get it from ftp://ftp.eyrie.org/pub/software/majordomo/mjinject.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Jeremy Hansen [EMAIL PROTECTED] writes:
Ok, this part I don't understand. I'm using the t option, yet in my
long I see no timestamp at all. Tmp is just a sample output from
multilog.
What does your multilog command line look like? Order of actions is
significant.
--
Russ Allbery ([EMAIL
that aren't open relays; this is one of them
(to my knowledge Network Solutions isn't actually relaying, only spamming
their customer base on a depressingly regular basis).
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
.qmail-ext-owner and .qmail-ext-owner-default both exist, it uses
local-owner-@domain-@[] as the envelope sender. This will cause a
recipient recip@reciphost to see an envelope sender of
local-owner-recip=reciphost@domain.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Roy Kerwood [EMAIL PROTECTED] writes:
Hi is there a script based administration interface that takes some of
the drudgery out of setting up new users on Qmail?
What all are you doing to set up a new user? For the default
installation, I don't believe you have to do anything at all.
--
Russ
petervd [EMAIL PROTECTED] writes:
On Wed, Feb 09, 2000 at 11:57:22AM -0800, Russ Allbery wrote:
I think he was saying that they were on ORBS instead, wasn't he? There
are lots of things on ORBS that aren't open relays; this is one of them
(to my knowledge Network Solutions isn't actually
petervd [EMAIL PROTECTED] writes:
On Wed, Feb 09, 2000 at 02:20:37PM -0800, Russ Allbery wrote:
petervd [EMAIL PROTECTED] writes:
I have seen false positives on ORBS, but only due to cluelessness:
ORBSing the insertion point of a relay-abusable setup instead of the
machine that actually
n being started from a directory
that, down the line, some other program running with different permissions
can't read. It's usually good to always start daemons with a current
directory of / to avoid this sort of problem.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
patches to not relay. The default qmail configuration
doesn't relay.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
my followup message. Even taking that into account doesn't
explain how incredibly slow syslogd is.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
AILUSER");
if (!mailuser) mailuser = env_get("MAILUSER");
if (!mailuser) mailuser = env_get("USER");
if (!mailuser) mailuser = env_get("LOGNAME");
if (!mailuser) mailuser = "anonymous";
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
mode instead.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
. If the socket weren't set nonblocking, I'm not sure if the
read would block or not; it might.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
about every hour, hour and a half. The default multilog log size
is way too small for even a marginally busy server.)
The new daemontools is *much* nicer, although there are a few other
features I'd like to see. I need to write that up and mail it to the
relevant mailing list.
--
Russ Allbery
could see the argument that
cyclog didn't know anything about time, but that isn't true of multilog
with the t instruction.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
@400038987c193915ab9c end msg 26694
Why isn't the message send? The domain fup.de is listed in the rcpthost.
I normally see that behavior from qmail when the message doesn't have any
recipients. My immediate suspicion would be that the message being fed to
qmail is malformed.
--
Russ
Russ Allbery [EMAIL PROTECTED] writes:
To be fair, some of this is caused by the fact that qmail is
considerably more verbose in its logging than what syslog really expects
(and what programs like sendmail do).
But, to follow up to myself and give some more firm numbers, here's an
example
straightforward; the only
person who would be able to run the script is root on the mail server.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
format going to change sufficiently that I shouldn't put a lot of time
into approving log analysis for 1.03?
Attached is a small program based on tai64nlocal that will convert from
tai64n format to what qmailanalog expects.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle
ell rather than /bin/sh.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
?
There is not a security issue that I can think of, but querying
/etc/passwd can require network traffic to query a remote NIS server.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
more than call the syslog() function in
libc. And there are several syslog packages (Solaris is notable here)
whose configuration file parsing is so picky and buggy that even people
aware of and expecting the pickiness often have trouble getting it to work
right.
--
Russ Allbery ([EMAIL PROTECTED
was deemed in some of the discussions to require less processing.
*shrug* Maybe I'm missing the obvious advantages of this sort of
approach, but it struck me extremely wrong and I'm not sure I'll want to
use anything they come up with if they stick to that same approach.
--
Russ Allbery ([EMAIL PROTECTED
of the parameters associated with a particular MAIL FROM or RCPT TO
command, it will return code 555.
I'll pass that back.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
; as long as open-smtp generates a tcpserver rules database,
tcpserver won't accept connections from anyone that you don't want to
allow unlimited relaying to and ofmipd's behavior is pretty much exactly
what you want.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
, before anyone asks, having changes in the LDAP directory be
immediately reflected in changes in the user mail forwarding is a
requirement so I can't just dump LDAP into something fastforward can use.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ue. Hence
two deliveries.
Why would you choose to do it that way rather than running ofmipd for the
clients that require rewriting?
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
tax
errors in parameters of a command:
501 Syntax error in parameters or arguments
draft-ietf-drums-smtpupd-10.txt seems to agree. Shouldn't qmail-smtpd use
501 as the status code in this case?
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
to that sort of setup. You have
to front-end either one with something that checks whether to allow
relaying. What control mechanism are you using? SMTP after POP is pretty
easy, and I think there's stuff already on the qmail web site implementing
it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http
post it.
This is the entire raison d'ĂȘtre of ofmipd, and it already supports tons
of useful address rewriting rules, and also in the same package from djb
(mess822) is a replacement qmail-inject that supports the same address
rewriting mechanisms
--
Russ Allbery ([EMAIL PROTECTED
part of the leased line
of a client.
Add in CPU fans as more likely to fail than anything else. PC
manufacturers don't use decent CPU fans. If you use non-PC hardware, you
much more rarely have that problem, but the hardware's a lot more
expensive.
--
Russ Allbery ([EMAIL PROTECTED
tried
to deliver mail into AFS. I believe nearly everyone who was doing that
has now given up on it as being far, far too slow.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
about the security of the server). We use Kerberos, for example, and I
know other folks tunnel POP through ssh or use SSL.
Tunneling is nice if you can do it, since you can set it up fairly
transparently. But PCs and Macs generally can't handle tunneling that
well.
--
Russ Allbery ([EMAIL
ntent-Type: text/plain; charset="ISO-2022-JP"
Other than that, the message certainly looks fully standards-compliant to
me.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
multipart/alternative messages
if you wish.)
On a qmail note, Gnus can also read directly from maildirs natively, and
has built-in support for qmail to the degree of calling qmail-inject
directly for sending mail rather than going through the sendmail
compatibility interface.
--
Russ Allbery ([EMAIL
t in order to use
the computer program in the manner it was intended to be used, you don't
have a right to do it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
/pubsw/lib/gcc-lib/sparc-sun-solaris2.6/2.95.1/specs
gcc version 2.95.1 19990816 (release)
Older gcc's didn't know that exit doesn't return, and therefore would warn
about main without a return with warnings enabled, but that's been fixed.
I'm not even sure how long ago.
--
Russ Allbery ([EMAIL
.
Which does not include the right to make derivative works, even if you
don't redistribute them, by my reading of the actual U.S. copyright
statute. Anyone in the U.S. who's curious should really read the actual
law on URL:http://www.loc.gov/copyright/.
--
Russ Allbery ([EMAIL PROTECTED
unterminated address group.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
some time.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
rather not widely
advertise what I look like to any random person, but that's just my
personal hang-up.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
particular instance. Better to get into the habit:
| qmail-remote ms-mail.eoc.org.uk "$SENDER" "$EXT@$HOST"
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
phil [EMAIL PROTECTED] writes:
Well, OK, 20 it is.
What specific number would you recommend, without trying to go beyond the
imginable cases?
I've had reasonably good luck with 30.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
seen anything in DJB's code that would make me think it would
break embedded Perl. Bear in mind though that qmail is a bunch of small
programs and embedded Perl tends to be large, so it's easy to seriously
hurt performance.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
the right to modify
software that you own, believe it or not. Please don't take my word for
it; check it yourself. You can download a copy of the law from the
Library of Congress copyright page.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
not as straightforward as many other licences are.
Yup. Exactly.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Petr Novotny [EMAIL PROTECTED] writes:
BTW, how's that really with the licence to Postfix? Are you allowed to
distribute your patches?
Yes.
Patched postfix?
Yes.
In binary form?
Yes.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
imary interest, IIRC.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Mirko Zeibig [EMAIL PROTECTED] writes:
On Wed, Sep 15, 1999 at 05:01:06PM -0700, Russ Allbery wrote:
If that's how it works in the United States, that's probably also how
it works in other countries. If that's not how it works in other
countries, that's probably not how it works
mounted without -noexec. And make sure that they can't execute any
interpretor, since you can execute interpreted programs even from a
-noexec file system. And... um... they'd better not have shell access
then. And
This isn't an easy thing to do.
--
Russ Allbery ([EMAIL PROTECTED
listener is running unprivileged is going to have
the same problem unless you want to periodically build a database of valid
addresses or require that all information necessary to determine whether a
given address is valid be world-readable on the system.
--
Russ Allbery ([EMAIL PROTECTED
Fred Backman [EMAIL PROTECTED] writes:
Does qmail (1.00) execute any code on the stack?
Not on Solaris, at least. I've been running qmail for quite some time
with executable stack turned off and haven't seen any trouble.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org
conveniently happens to
always be the first header of the encapsulated message. Works quite well
for a lot of different weird bounce formats.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
is now a bug. Like any other bug, it's always
possible that there's some new way to exploit it that people haven't
thought of yet, so it's nearly impossible to *prove* that a host is
protected against it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
this
(mostly spam), but it's slowing a lot.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
://www.pobox.com/~djb/softwarelaw.html and note also
URL:http://www.pobox.com/~djb/qmail/dist.html.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
if you're a
Solaris-only shop or a low-to-mid-range PC running *BSD or Linux otherwise
(preferrably also with SCSI disk) and you'll probably see much better
performance.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
() calls and you're using Solaris, link them directly against
libbind if you have a local name server. Otherwise, they'll still query
through nscd, which on versions of Solaris prior to 7 is single-threaded
for DNS queries.)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org
g/cartoons/archives/99aug/19990801.html
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
root root18360 Jan 8 1998 /usr/bin/su*
Of course, I can do this because we're using a distributed authentication
system (no local passwords except root) and because there's a replacement
for su:
windlord:~ dir /usr/bin/ksu
-rws--x--x 1 root root 62112 Mar 19 1998
to exploit such a server.
Note that wuftpd also doesn't do a full chroot because it writes to a log
file outside its chroot jail. It also doesn't fully drop permissions, and
there are potential problems with its signal handlers still running with
elevated privs.
--
Russ Allbery ([EMAIL PROTECTED
that can leverage off the same library of tests.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Russell Nelson [EMAIL PROTECTED] writes:
Anybody written a Perl module for Qmail::Queue?
For talking to qmail-queue? Not quite, but it would be almost trivial to
turn my mjinject code into one.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
of conf-* files.
All of these are, of course, fixable in Dan's approach with work. And
what you'd end up with after you fixed them all is something that looked
quite a bit like autoconf.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
tle program, compile it,
and see what happens. So he's actually using precisely those "child's
babblings" that you're dismissing, and using them in a similar way; he
just hasn't surrounded them with m4 macros.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
but I dare any of them
to honestly try to say that 3 different ISPs are going to have similar
qmail installs.
I dare them to honestly say they're going to have similar sendmail or
Postfix or Exim installs. :)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
don't need locking. Historically, this is a really good thing,
since locking is quite frequently a zoo. Practically, if you're in
complete control of every process that writes to the mailbox and it's
stored on local disk (which is true of the typical IMAP server), locking
works fine.
--
Russ
ing things isn't
helpful; it just interferes with us learning from each other.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
installed using the RPM and I cannot perform the
command su alias because the alias user has no shell specified, I don't
know why it was set that way.
Because alias is a special user and probably shouldn't own any files or
have a valid shell. There's no reason for it to.
--
Russ Allbery ([EMAIL
(URL:http://relays.radparker.com/) and
the person running it certainly seems to be much calmer and more
professional about it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
-specific, so the include
files gcc stashed away from 2.5.1 are going to die miserably on 2.6.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
play games with smtproutes
and virtual domains and redirect and rewrite all of that mail to go to
some other host. I've had to do this before, and was *very* grateful I'd
thought to set up a secondary MX.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ate header normally contains whatever
the person sending the message put into it. qmail will use GMT if no Date
header is provided, but if one has already been generated, I believe it is
preserved.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
space. It's still
relatively easy to make a machine running sendmail fall over under load.
It's harder for qmail primarily because qmail is small and fast, not
because it has any better load management capabilities near the boundary
of what the machine can cope with than sendmail does.
--
Russ
relaying from localhost. Information on how to do
that is in the FAQ.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
Peter C Norton [EMAIL PROTECTED] writes:
On Tue, Mar 30, 1999 at 03:52:31PM -0800, Russ Allbery wrote:
Bruno Wolff [EMAIL PROTECTED] writes:
This isn't the same thing. They don't run commands imbedded in the the
documents.
emacs does.
I had been told that it didn't anymore, unless you
e
a single-user operating system. If you're going to bash single-user
operating systems, at least do it equally; Macintoshes are the same way.
It's hardly a Microsoft-specific disease.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
ddb [EMAIL PROTECTED] writes:
Russ Allbery [EMAIL PROTECTED] writes:
I'd like to back this up, and point out here that too much Microsoft
bashing on this one is misplaced. This particular attack is not
Microsoft-specific in any way other than having happened to be written
against a widely
by virtue of
running a different operating system. The only way it can't happen to you
is if you always *think* before running random programs on stuff you get
via untrusted channels.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
John Conover [EMAIL PROTECTED] writes:
What should be in ~alias/.qmail-default to do that?
If you want to just not send out bounce messages for non-existent
addresses, # will do. (I wouldn't recommend this for any large site, for
obvious reasons.)
--
Russ Allbery ([EMAIL PROTECTED
e is the normal
user and the privileged user, thus making two users. Of course, without
memory protection, this is rather pointless, and with memory protection,
you end up with a real operating system.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
since those can have unexpected things happen when
special characters appear in file names or other strings passed to the
programs they run.
Right. That's sort of my general point. The mailcap bit is probably a
slightly better illustration of it.
--
Russ Allbery ([EMAIL PROTECTED
Sam [EMAIL PROTECTED] writes:
Perhaps, but 8 bit characters should not be used in RFC822 headers.
There's a well defined method for encoding 8 bit characters in the real
name portion of an E-mail address.
Nonetheless, in Europe, 8-bit characters in headers are very widely used.
--
Russ
patches to
a package, right?)
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
quip:
"Those who do not understand Unix are bound to reinvent it, poorly."
I hardly think Eric Allman doesn't understand Unix. :) But he, and
sendmail, come from a very early era of it.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
you tried to do this with Dan's software? I don't believe it works
with his compile script. He doesn't use make to generate the compilation
lines.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
I'm fairly
certain that it in and of itself without additional prompting won't create
this problem.
Check your source document for trailing whitespace and see; I could be
wrong, but it's a good place to start.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
, so you may want to
check URL:http://www.qmail.org/ and see if anything turns up there.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
tcpserver -v -R -u 91 -g 102 0 smtp sh -c 'fixcr | qmail-smtpd' 21 \
| setuser qmaill /usr/local/bin/accustamp \
| setuser qmaill /usr/local/bin/cyclog /var/log/smtp
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
a range of addresses as
it appears tcpclient will?
Yes.
Is one of these solutions generally easier, simpler, more effective,
more efficient, or more generally useful?
Yes. Use tcpserver. It's much more robust and easier to work with once
you have it running.
--
Russ Allbery ([EMAIL PROTECTED
Russ Allbery [EMAIL PROTECTED] writes:
Bill Luckett [EMAIL PROTECTED] writes:
Can anyone point me to some documentation on how to use fixcr. I've
read that "you can simply run sh -c 'fixcr | qmail-smtpd' for your
outgoing mail relay." but where do you put that command? In the start
ying to do?
If not, I don't understand. What does it mean that the header disappears
when the message is replied to? Do you mean that the copy of the message
stored in that person's mailbox is altered so that the header is no longer
present?
--
Russ Allbery ([EMAIL PROTECTED])
Unixes (and not on others).
Any portable Unix code that needs to use crypt() should be able to deal
with the possible need to link with -lcrypt. autoconf makes this pretty
trivial.
--
Russ Allbery ([EMAIL PROTECTED]) URL:http://www.eyrie.org/~eagle/
101 - 200 of 258 matches
Mail list logo
