qmail Digest 10 Aug 1999 10:00:00 -0000 Issue 724
Topics (messages 28734 through 28787):
Qmail newbie POP problem..
28734 by: "Thomas M. Sasala" <[EMAIL PROTECTED]>
28737 by: Russell Nelson <[EMAIL PROTECTED]>
28743 by: "Thomas M. Sasala" <[EMAIL PROTECTED]>
28744 by: "Petr Novotny" <[EMAIL PROTECTED]>
28745 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
28747 by: "Thomas M. Sasala" <[EMAIL PROTECTED]>
28749 by: Russell Nelson <[EMAIL PROTECTED]>
28765 by: Robbie Walker <[EMAIL PROTECTED]>
Need quick help with qmail and tcpserver!!!
28735 by: "S.Veckes" <[EMAIL PROTECTED]>
Selective POP3 redirection ?
28736 by: Russell Nelson <[EMAIL PROTECTED]>
Sendmail
28738 by: Mirko Zeibig <[EMAIL PROTECTED]>
Web Mail on Qmail.
28739 by: Amit Vadehra <[EMAIL PROTECTED]>
28740 by: "Thomas M. Sasala" <[EMAIL PROTECTED]>
28741 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
28742 by: Adam H <[EMAIL PROTECTED]>
28746 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
28757 by: Adam H <[EMAIL PROTECTED]>
28759 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
28761 by: Juan Carlos Castro y Castro <[EMAIL PROTECTED]>
28775 by: "Sam" <[EMAIL PROTECTED]>
28777 by: Russ Allbery <[EMAIL PROTECTED]>
28784 by: "David Harris" <[EMAIL PROTECTED]>
28785 by: "Sam" <[EMAIL PROTECTED]>
a stupid little pop3 question
28748 by: "Maria Zevenhoven" <[EMAIL PROTECTED]>
28752 by: Tomasz Papszun <[EMAIL PROTECTED]>
28753 by: "Thomas M. Sasala" <[EMAIL PROTECTED]>
28758 by: Russell Nelson <[EMAIL PROTECTED]>
28767 by: Tomasz Papszun <[EMAIL PROTECTED]>
benchmarking
28750 by: "Cris Daniluk" <[EMAIL PROTECTED]>
28751 by: Andre Oppermann <[EMAIL PROTECTED]>
28754 by: Tomasz Papszun <[EMAIL PROTECTED]>
28756 by: Russell Nelson <[EMAIL PROTECTED]>
Checkpoppasswd and daemontools
28755 by: Eric Davis <[EMAIL PROTECTED]>
qmail/sshd question
28760 by: "K. Brant Niggemyer" <[EMAIL PROTECTED]>
28766 by: "steve j. kondik" <[EMAIL PROTECTED]>
Secure pop
28762 by: "K. Brant Niggemyer" <[EMAIL PROTECTED]>
28770 by: "K. Brant Niggemyer" <[EMAIL PROTECTED]>
28772 by: "Adam D . McKenna" <[EMAIL PROTECTED]>
28773 by: "Scott Ellis" <[EMAIL PROTECTED]>
Qmail Problems
28763 by: Robbie Walker <[EMAIL PROTECTED]>
Qmail Options
28764 by: Robbie Walker <[EMAIL PROTECTED]>
Yet another question :)
28768 by: "Cris Daniluk" <[EMAIL PROTECTED]>
28769 by: David Villeger <[EMAIL PROTECTED]>
28771 by: Cris Daniluk <[EMAIL PROTECTED]>
28774 by: <[EMAIL PROTECTED]>
28780 by: "Peter Samuel" <[EMAIL PROTECTED]>
28782 by: "Peter C. Norton" <[EMAIL PROTECTED]>
Qmail "stops"
28776 by: Cris Daniluk <[EMAIL PROTECTED]>
28778 by: Cris Daniluk <[EMAIL PROTECTED]>
28779 by: <[EMAIL PROTECTED]>
28781 by: "Peter Samuel" <[EMAIL PROTECTED]>
20,000 mailboxes...
28783 by: "Marc-Adrian Napoli" <[EMAIL PROTECTED]>
28786 by: Robbie Walker <[EMAIL PROTECTED]>
Mail Queue & Alias
28787 by: "Waterfront Internet Service" <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hawke,
I had to set suid to get checkpassword to work on
my system (chmod u+s /bin/checkpassword). Use the example
in INSTALL to see if it works.
-Tom
Hawke Robinson wrote:
>
> Sure could use a hint as to what's hanging me up on this,any suggestions are
> appreciated:
> I am running Linux 2.2.5-15 (RH6) and qmail 1.03 and daemontools 0.53 and
> checkpassword 0.81.
> I can send email fine (smtp is ok), and my server is getting the emails and
> holding them for me (I can read my emails if I ssh (or telnet) into the
> server with my account and type "mail" and do what I wish with it. but if I
> start up netscape on that server and try to get email I get "ERR-
> authorization failed" error. (of course it does the same remotely as well).
> One concern I have is the server doesn't seem to be putting my email into
> the maildir(S) (As I thought I had configured, but must have done wrong
> somewhere?), it just puts it in the mailbox instead (I think?). But even
> though that may be wrong, wouldn't I still be able to check pop3 without an
> error? I just wouldn't actually\get any emai right? I thought maybe I had
> screwed up the checkpassword somehow (simple though it may be), so
> reinstalled it, but made no difference. If i test checkpassword run as su
> (or root) root I can test the user and pass just fine, (but of course if I'm
> running as a regular user and run the test steps it doens't matter which
> user I pass to it, I get the ERR- authentication failed). Probably one
> simple piece I missed, I appreeciate any insight.
> Thanks
>
> -Hawke Robinson
> CNA, MCP+I, MCSE, ASin CS, more on the way...
> Sun Solaris Admin, Java Programmer, CCNA.
--
+-------------------------------------------------------------------+
+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
+ MRJ Technology Solutions http://www.mrj.com +
+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
+ Oakton, VA 22124 (F)(703)277-1702 +
+-------------------------------------------------------------------+
Thomas M. Sasala writes:
> Hawke,
> I had to set suid to get checkpassword to work on
> my system (chmod u+s /bin/checkpassword). Use the example
> in INSTALL to see if it works.
Hmmm.... That's now how checkpassword is designed to work. It's not
a good idea to run random programs suid, because they weren't
necessarily designed to work that way. You should be running
qmail-popup as root, and also have ``chmod 700 /bin/checkpassword''.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
Russell Nelson wrote:
>
> Hmmm.... That's now how checkpassword is designed to work. It's not
> a good idea to run random programs suid, because they weren't
> necessarily designed to work that way. You should be running
> qmail-popup as root, and also have ``chmod 700 /bin/checkpassword''.
>
Do you mean 'not' designed to work? I understand why it is a
bad idea to suid and I thought it was very odd that is had to be
given the overriding concerns about security within qmail.
The only way I could get it to run as someone other
than root was to set it as -rwsr-xr-x (owner=root, group=qmail).
I changed it to -r-xr-sr-x and it still didn't work.
-Tom
--
+-------------------------------------------------------------------+
+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
+ MRJ Technology Solutions http://www.mrj.com +
+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
+ Oakton, VA 22124 (F)(703)277-1702 +
+-------------------------------------------------------------------+
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[about checkpassword]
> The only way I could get it to run as someone other
> than root was to set it as -rwsr-xr-x (owner=root, group=qmail).
> I changed it to -r-xr-sr-x and it still didn't work.
Why on Earth do you need anyone else then root to run
checkpassword? The way it is designed to work is:
1. tcpserver - qmail-popup running as root accept the connection,
read the user name and password
2. checkpassword - still as root - verifies the password and then
drops root, switches to the context of the verified user and chdir()s
into his home directory
3. qmail-pop3d as the user picks up the mail.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBN67pRlMwP8g7qbw/EQIBmACfRXFRAuc5B7ejkBkvpajkOQ1kEcUAnRmm
zFiWTby0xqFMiLNWt3eCiDA7
=+I6T
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
I will ask Russ' question again. What user is qmail-popup running as? It
MUST be run as root and /bin/checkpassword should be chmod 700 with NO
suid or sgid bits set. From the sounds of it you are NOT running
qmail-popup as root!
On Mon, 9 Aug 1999, Thomas M. Sasala wrote:
> Russell Nelson wrote:
> >
> > Hmmm.... That's now how checkpassword is designed to work. It's not
> > a good idea to run random programs suid, because they weren't
> > necessarily designed to work that way. You should be running
> > qmail-popup as root, and also have ``chmod 700 /bin/checkpassword''.
> >
>
> Do you mean 'not' designed to work? I understand why it is a
> bad idea to suid and I thought it was very odd that is had to be
> given the overriding concerns about security within qmail.
>
> The only way I could get it to run as someone other
> than root was to set it as -rwsr-xr-x (owner=root, group=qmail).
> I changed it to -r-xr-sr-x and it still didn't work.
>
> -Tom
>
> --
> +-------------------------------------------------------------------+
> + Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
> + MRJ Technology Solutions http://www.mrj.com +
> + 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
> + Oakton, VA 22124 (F)(703)277-1702 +
> +-------------------------------------------------------------------+
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
checkpassword is being run as root (from inetd for testing
purposes). As it turns out, the problem I was having was all
related to atdot, not checkpassword. However, testing checkpassword
per the INSTALL instructions does not work unless you are root (duh).
I guess it should say that in the instructions for brain dead people
like me (it was Friday and I wanted to go home :)).
-T
p.s.,
This still does not solve the original poster's problem.
"Timothy L. Mayo" wrote:
>
> I will ask Russ' question again. What user is qmail-popup running as? It
> MUST be run as root and /bin/checkpassword should be chmod 700 with NO
> suid or sgid bits set. From the sounds of it you are NOT running
> qmail-popup as root!
>
> The National Business Network Inc. http://www.nb.net/
> One Monroeville Center, Suite 850
> Monroeville, PA 15146
> (412) 810-8888 Phone
> (412) 810-8886 Fax
hehe, 20 miles from my parents house :)
--
+-------------------------------------------------------------------+
+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
+ MRJ Technology Solutions http://www.mrj.com +
+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
+ Oakton, VA 22124 (F)(703)277-1702 +
+-------------------------------------------------------------------+
Thomas M. Sasala writes:
> Russell Nelson wrote:
> >
> > Hmmm.... That's now how checkpassword is designed to work. It's not
> > a good idea to run random programs suid, because they weren't
> > necessarily designed to work that way. You should be running
> > qmail-popup as root, and also have ``chmod 700 /bin/checkpassword''.
>
> Do you mean 'not' designed to work?
Yes, I sometimes concatenate words (not + how == now), in a similar
manner to the GNU Emacs travesty generator. *I* knew what I was
writing, anyway. :)
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
if you notice, DJB is VERY careful about where he uses the # prompt and $
prompt in the documentation for this reason. I agree that many don't pay
any attention to which prompt he's using in the documentation when they go
to repeat it, so maybe it should be annotated, or maybe they should learn
to read the documentation carefully with an eye to the idiosyncrasies (sp?)
of unix.
At 10:07 AM 8/9/99 , you wrote:
>
> checkpassword is being run as root (from inetd for testing
>purposes). As it turns out, the problem I was having was all
>related to atdot, not checkpassword. However, testing checkpassword
>per the INSTALL instructions does not work unless you are root (duh).
>I guess it should say that in the instructions for brain dead people
>like me (it was Friday and I wanted to go home :)).
>
> -T
>
>p.s.,
> This still does not solve the original poster's problem.
>
>
>"Timothy L. Mayo" wrote:
>>
>> I will ask Russ' question again. What user is qmail-popup running as? It
>> MUST be run as root and /bin/checkpassword should be chmod 700 with NO
>> suid or sgid bits set. From the sounds of it you are NOT running
>> qmail-popup as root!
>>
>> The National Business Network Inc. http://www.nb.net/
>> One Monroeville Center, Suite 850
>> Monroeville, PA 15146
>> (412) 810-8888 Phone
>> (412) 810-8886 Fax
>
> hehe, 20 miles from my parents house :)
>
>--
>+-------------------------------------------------------------------+
>+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
>+ MRJ Technology Solutions http://www.mrj.com +
>+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
>+ Oakton, VA 22124 (F)(703)277-1702 +
>+-------------------------------------------------------------------+
______________________
NovaMetrix Development
Robbie Walker, AMWL
P.O. Box 635 or 910-653-4006
106-B S. Main St 800-773-5647
Tabor City, NC 28463 910-653-2052 FAX
Hi everybody,
I'm using qmail with 'tcpserver and all seems working well except one thing:
My customers cannot connect to the Mailserver, because 'tcpserver' is
running 20
copies of 'qmail-smtpd' (if I set '-c40' he will run 40 copies). And when
customers
or me try to connect to the 'smtp port' we get a timeout.
Whats wrong, most of the 'qmail-smtpd' processes are sleeping!
Thank you for any Tips
Bye
Sven
Rich Aldridge writes:
> The "rationale" for doing this is that if I have to migrate from one
> server to another, I want to be able to provide a transparant service to
> users, whilst moving mailboxes.
Probably not worth it. What I've done, with much success, is to move
the users to the new server, empty maildir and all, and then move
the mail over with tar cf - /home/*/Maildir |rsh newhost tar xf -C /home
The most that they (can) notice is that mail arrives out of order if
they check their mail during the mailbox transfer process.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
On Mon, Aug 09, 1999 at 03:57:35AM +1000, Deb wrote:
> Once Qmail is installed and running okay can I remove the var/spool/mail
> directory and the sendmail directory?
Depends. If you want to use POP and not qmail-pop3d, it's best to link
/var/spool/mail/$USER to /home/$USER/Mailbox.
Same is true for unpatched versions of imapd.
Regards
Mirko
HI,
Please let me know if there are any sites on the internet that will
offer free code for web mail.
I need to run web mail like hotmail on my Qmail Box. How do i go about
it. I would not like to use IMAP 4 for it. Is there another way in which
i can program so that my web mail works on POP3. I have seen some
programs that do so but they seem to be slow.
Please send some sites that might have code in Perl or C++ that will
give this feature.
I know that hotmail itself runs on qmail . Essetially i would like to
have a code like that
Amit Vadehra
http://www.atdot.org/
There are many more for $$.
Amit Vadehra wrote:
>
> HI,
> Please let me know if there are any sites on the internet that will
> offer free code for web mail.
> I need to run web mail like hotmail on my Qmail Box. How do i go about
> it. I would not like to use IMAP 4 for it. Is there another way in which
> i can program so that my web mail works on POP3. I have seen some
> programs that do so but they seem to be slow.
> Please send some sites that might have code in Perl or C++ that will
> give this feature.
>
> I know that hotmail itself runs on qmail . Essetially i would like to
> have a code like that
>
> Amit Vadehra
--
+-------------------------------------------------------------------+
+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
+ MRJ Technology Solutions http://www.mrj.com +
+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
+ Oakton, VA 22124 (F)(703)277-1702 +
+-------------------------------------------------------------------+
Here are my links (Atdot seems easy enough, but still a little buggy, good
to try out. I like cwebmail a lot, with a little adjustments to handle cc
and bcc and stuff):
Hope this helps,
Franky
http://www.comnex.net/cWebMail
http://webmail.woanders.de
http://www.netbula.com/anyemail
http://www.cgi-resources.com/Programs_and_Scripts/Perl/Web_Based_E_Mail/
http://www.geocities.com/EnchantedForest/Glade/6391/email.htm
http://www.astray.com/acmemail/
http://www.atdot.org/
Franky
> ----------
> From: Amit Vadehra[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, August 09, 1999 3:16 PM
> To: Qmail Mailing List
> Subject: Web Mail on Qmail.
>
> HI,
> Please let me know if there are any sites on the internet that will
> offer free code for web mail.
> I need to run web mail like hotmail on my Qmail Box. How do i go about
> it. I would not like to use IMAP 4 for it. Is there another way in which
> i can program so that my web mail works on POP3. I have seen some
> programs that do so but they seem to be slow.
> Please send some sites that might have code in Perl or C++ that will
> give this feature.
>
> I know that hotmail itself runs on qmail . Essetially i would like to
> have a code like that
>
> Amit Vadehra
>
What about SQWebMail
www.inter7.com/sqwebmail
works spectacular with qmail.. talks with Maildir directly.
On Mon, 9 Aug 1999, Amit Vadehra wrote:
> HI,
> Please let me know if there are any sites on the internet that will
> offer free code for web mail.
> I need to run web mail like hotmail on my Qmail Box. How do i go about
> it. I would not like to use IMAP 4 for it. Is there another way in which
> i can program so that my web mail works on POP3. I have seen some
> programs that do so but they seem to be slow.
> Please send some sites that might have code in Perl or C++ that will
> give this feature.
>
> I know that hotmail itself runs on qmail . Essetially i would like to
> have a code like that
>
> Amit Vadehra
>
>
SQWebMail needs to run on your popserver, that's not always what you want...
Franky
> ----------
> From: Adam H[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, August 09, 1999 3:34 PM
> To: Amit Vadehra
> Cc: Qmail Mailing List
> Subject: Re: Web Mail on Qmail.
>
> What about SQWebMail
> www.inter7.com/sqwebmail
>
> works spectacular with qmail.. talks with Maildir directly.
>
>
> On Mon, 9 Aug 1999, Amit Vadehra wrote:
>
> > HI,
> > Please let me know if there are any sites on the internet that will
> > offer free code for web mail.
> > I need to run web mail like hotmail on my Qmail Box. How do i go about
> > it. I would not like to use IMAP 4 for it. Is there another way in which
> > i can program so that my web mail works on POP3. I have seen some
> > programs that do so but they seem to be slow.
> > Please send some sites that might have code in Perl or C++ that will
> > give this feature.
> >
> > I know that hotmail itself runs on qmail . Essetially i would like to
> > have a code like that
> >
> > Amit Vadehra
> >
> >
>
Sqwebmail doesnt use pop. the CGI reads and writes from the user's
Maildir's directly.
On Mon, 9 Aug 1999, Van Liedekerke Franky wrote:
> SQWebMail needs to run on your popserver, that's not always what you want...
>
> Franky
>
> > ----------
> > From: Adam H[SMTP:[EMAIL PROTECTED]]
> > Sent: Monday, August 09, 1999 3:34 PM
> > To: Amit Vadehra
> > Cc: Qmail Mailing List
> > Subject: Re: Web Mail on Qmail.
> >
> > What about SQWebMail
> > www.inter7.com/sqwebmail
> >
> > works spectacular with qmail.. talks with Maildir directly.
> >
> >
> > On Mon, 9 Aug 1999, Amit Vadehra wrote:
> >
> > > HI,
> > > Please let me know if there are any sites on the internet that will
> > > offer free code for web mail.
> > > I need to run web mail like hotmail on my Qmail Box. How do i go about
> > > it. I would not like to use IMAP 4 for it. Is there another way in which
> > > i can program so that my web mail works on POP3. I have seen some
> > > programs that do so but they seem to be slow.
> > > Please send some sites that might have code in Perl or C++ that will
> > > give this feature.
> > >
> > > I know that hotmail itself runs on qmail . Essetially i would like to
> > > have a code like that
> > >
> > > Amit Vadehra
> > >
> > >
> >
>
Yeah, I know, that's why it needs to run on the same machine where the
mailboxes are stored, and this is usually your popserver (unless you use
nfs).
Franky
> ----------
> From: Adam H[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, August 09, 1999 5:25 PM
> To: Van Liedekerke Franky
> Cc: [EMAIL PROTECTED]
> Subject: RE: Web Mail on Qmail.
>
> Sqwebmail doesnt use pop. the CGI reads and writes from the user's
> Maildir's directly.
>
>
> On Mon, 9 Aug 1999, Van Liedekerke Franky wrote:
>
> > SQWebMail needs to run on your popserver, that's not always what you
> want...
> >
> > Franky
> >
> > > ----------
> > > From: Adam H[SMTP:[EMAIL PROTECTED]]
> > > Sent: Monday, August 09, 1999 3:34 PM
> > > To: Amit Vadehra
> > > Cc: Qmail Mailing List
> > > Subject: Re: Web Mail on Qmail.
> > >
> > > What about SQWebMail
> > > www.inter7.com/sqwebmail
> > >
> > > works spectacular with qmail.. talks with Maildir directly.
> > >
> > >
> > > On Mon, 9 Aug 1999, Amit Vadehra wrote:
> > >
> > > > HI,
> > > > Please let me know if there are any sites on the internet that
> will
> > > > offer free code for web mail.
> > > > I need to run web mail like hotmail on my Qmail Box. How do i go
> about
> > > > it. I would not like to use IMAP 4 for it. Is there another way in
> which
> > > > i can program so that my web mail works on POP3. I have seen some
> > > > programs that do so but they seem to be slow.
> > > > Please send some sites that might have code in Perl or C++ that will
> > > > give this feature.
> > > >
> > > > I know that hotmail itself runs on qmail . Essetially i would like
> to
> > > > have a code like that
> > > >
> > > > Amit Vadehra
> > > >
> > > >
> > >
> >
>
Sqwebmail's CGI executable has to be run as setuid root, which is against good
security behavior. It'd be better if it used a daemon to read/write the Maildirs
and, say, named pipes to do the communication. Of course, then it could use
sockets just as easily and read Maildirs from different machines. Maybe I'm just
reinventing POP. Or not?
Adam H wrote:
> Sqwebmail doesnt use pop. the CGI reads and writes from the user's
> Maildir's directly.
>
> On Mon, 9 Aug 1999, Van Liedekerke Franky wrote:
>
> > SQWebMail needs to run on your popserver, that's not always what you want...
> >
> > Franky
> >
> > > From: Adam H[SMTP:[EMAIL PROTECTED]]
> > >
> > > What about SQWebMail
> > > www.inter7.com/sqwebmail
> > >
> > > works spectacular with qmail.. talks with Maildir directly.
> > >
> > > On Mon, 9 Aug 1999, Amit Vadehra wrote:
> > >
> > > > HI,
> > > > Please let me know if there are any sites on the internet that will
> > > > offer free code for web mail.
> > > > I need to run web mail like hotmail on my Qmail Box. How do i go about
> > > > it. I would not like to use IMAP 4 for it. Is there another way in which
> > > > i can program so that my web mail works on POP3. I have seen some
> > > > programs that do so but they seem to be slow.
> > > > Please send some sites that might have code in Perl or C++ that will
> > > > give this feature.
> > > >
> > > > I know that hotmail itself runs on qmail . Essetially i would like to
> > > > have a code like that
begin:vcard
n:Castro;Juan
tel;work:540-9100 Ramal 46
x-mozilla-html:FALSE
url:http://www.appi.com.br/jcastro
org:APPI Informática;Desenvolvimento
adr:;;Av. Ataulfo de Paiva, 135/1410 - Leblon;Rio de Janeiro;RJ;22499-900;Brasil
version:2.1
email;internet:[EMAIL PROTECTED]
title:Consultor
note;quoted-printable:One man alone cannot fight the future. USE LINUX!=0D=0A=0D=0A -- The X Racer=0D=0A=0D=0APGP Key ID 0xAAE4050C=0D=0A
fn:Juan Carlos Castro y Castro
end:vcard
Juan Carlos Castro y Castro writes:
> Sqwebmail's CGI executable has to be run as setuid root, which is against good
> security behavior.
In that case, I presume that you have removed the "login", "passwd", and
"su" commands from your UNIX box, because they're setuid root, and they
obviously violate "good security behavior". If you have procmail
installed, you better remove that too, if you have it setuid root.
--
Sam
Sam <[EMAIL PROTECTED]> writes:
> In that case, I presume that you have removed the "login", "passwd", and
> "su" commands from your UNIX box, because they're setuid root, and they
> obviously violate "good security behavior".
Well, login has no business being setuid root (if you want to change to
another user, log out and let them log in).
windlord:~> dir /usr/bin/login /usr/bin/passwd /usr/bin/su
-r-xr-xr-x 1 root root 104288 Jul 30 1998 /usr/bin/login*
-r-x------ 1 root root 96392 Jan 19 1999 /usr/bin/passwd*
-r-x------ 1 root root 18360 Jan 8 1998 /usr/bin/su*
Of course, I can do this because we're using a distributed authentication
system (no local passwords except root) and because there's a replacement
for su:
windlord:~> dir /usr/bin/ksu
-rws--x--x 1 root root 62112 Mar 19 1998 /usr/bin/ksu*
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Sam [mailto:[EMAIL PROTECTED]] wrote:
> In that case, I presume that you have removed the "login", "passwd", and
> "su" commands from your UNIX box, because they're setuid root, and they
> obviously violate "good security behavior". If you have procmail
> installed, you better remove that too, if you have it setuid root.
I'm sure that the "su", "login", and "passwd" commands that came with my system
have just a _tad_ more security auditing then an Sqwebmail which is alpha right
now.
- David Harris
Principal Engineer, DRH Internet Services
David Harris writes:
>
> Sam [mailto:[EMAIL PROTECTED]] wrote:
> > In that case, I presume that you have removed the "login", "passwd", and
> > "su" commands from your UNIX box, because they're setuid root, and they
> > obviously violate "good security behavior". If you have procmail
> > installed, you better remove that too, if you have it setuid root.
>
> I'm sure that the "su", "login", and "passwd" commands that came with my system
> have just a _tad_ more security auditing then an Sqwebmail which is alpha right
> now.
I presume then you leave your telnet port open on your servers because,
after all, it is secure.
--
Sam
[root@eof bin]# ./qmail-pop3d
-ERR this user has no $HOME/Maildir
this is what I get when trying to start pop3d...
what user is this thing talking about? alias? root?
-Maria
On Mon, 09 Aug 1999 at 17:17:48 +0200, Maria Zevenhoven wrote:
> [root@eof bin]# ./qmail-pop3d
> -ERR this user has no $HOME/Maildir
Maria,
according to 'man qmail-pop3d', it requires maildirname as the argument.
And I'm not sure why you try to run qmail-pop3d from command line...
qmail-pop3d is usually invoked from inetd, with a line like this:
pop3 stream tcp nowait root /usr/sbin/qmail-popup qmail-popup
your.server.name /usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir
(all in _one_ line).
> this is what I get when trying to start pop3d...
> what user is this thing talking about? alias? root?
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
Doesn't it depend on who you where when you
ran the command? Also, the user must own the maildir
and the user can not be root.
-Tom
Maria Zevenhoven wrote:
>
> [root@eof bin]# ./qmail-pop3d
> -ERR this user has no $HOME/Maildir
>
> this is what I get when trying to start pop3d...
> what user is this thing talking about? alias? root?
>
> -Maria
--
+-------------------------------------------------------------------+
+ Thomas M. Sasala, Electrical Engineer [EMAIL PROTECTED] +
+ MRJ Technology Solutions http://www.mrj.com +
+ 10461 White Granite Drive, Suite 102 (W)(703)277-1714 +
+ Oakton, VA 22124 (F)(703)277-1702 +
+-------------------------------------------------------------------+
Thomas M. Sasala writes:
> Doesn't it depend on who you where when you
> ran the command? Also, the user must own the maildir
> and the user can not be root.
Not when you're running qmail-pop3d by hand. As long as you have
access to the Maildir, qmail-pop3d will happily run. qmail-pop3d
presumes that /bin/checkpassword refuses to run anything as root. But
to make the following work, you must run it as "./qmail-pop3d
Maildir", and you must run it from the directory containing the
Maildir.
> > [root@eof bin]# ./qmail-pop3d
> > -ERR this user has no $HOME/Maildir
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
On Mon, 09 Aug 1999 at 16:59:31 +0200, Tomasz Papszun wrote:
> On Mon, 09 Aug 1999 at 17:17:48 +0200, Maria Zevenhoven wrote:
> > [root@eof bin]# ./qmail-pop3d
> > -ERR this user has no $HOME/Maildir
> [...]
> And I'm not sure why you try to run qmail-pop3d from command line...
> qmail-pop3d is usually invoked from inetd...
Or from tcpserver, of course.
See http://Web.InfoAve.Net/~dsill/lwq.html#pop-imap-servers
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
We've been tryin to do some more reliable and dependable benchmarking of
qmail in our experimentation, but it is very difficult. One of the "nice
things" (one of?) about ms smtp server is the fact that nt performance
monitor can keep track of it. We can see how many messages per second are
being sent, how many concurrent connections, etc. While it is easy to
monitor concurrent connections by a good old ps auxww |grep qmail-remote
|wc -l, it is not exactly well represented, nor scientific. Messages per
second can really only be done by monitoring qstat and a stop watch, or by
sending to a pool of ms smtp servers and monitoring them. It would be truly
wonderful if we could get more concrete and scientific results of all of
this, because I think it would be an excellent way to demonstrate the power
of qmail, and I think it would be a wonderful tribute to everyone who has
put their time into the project. They all deserve a lot of credit, and this
seems to be the best way to give them that due credit. Are there any
available benchmarking tools? If not, I think it would be worthwhile to
develop them. If no one is interested in developing them, we may be able to
devote some internal time to doing it, provided we can get some insight into
the inner workins of qmail, etc.
Cris Daniluk
MicroStrategy
Cris Daniluk wrote:
>
> We've been tryin to do some more reliable and dependable benchmarking of
> qmail in our experimentation, but it is very difficult. One of the "nice
> things" (one of?) about ms smtp server is the fact that nt performance
> monitor can keep track of it. We can see how many messages per second are
> being sent, how many concurrent connections, etc. While it is easy to
> monitor concurrent connections by a good old ps auxww |grep qmail-remote
> |wc -l, it is not exactly well represented, nor scientific. Messages per
> second can really only be done by monitoring qstat and a stop watch, or by
> sending to a pool of ms smtp servers and monitoring them. It would be truly
> wonderful if we could get more concrete and scientific results of all of
> this, because I think it would be an excellent way to demonstrate the power
> of qmail, and I think it would be a wonderful tribute to everyone who has
> put their time into the project. They all deserve a lot of credit, and this
> seems to be the best way to give them that due credit. Are there any
> available benchmarking tools? If not, I think it would be worthwhile to
> develop them. If no one is interested in developing them, we may be able to
> devote some internal time to doing it, provided we can get some insight into
> the inner workins of qmail, etc.
Have a look at qmail-analog.
--
Andre
On Mon, 09 Aug 1999 at 10:47:53 -0400, Cris Daniluk wrote:
> We've been tryin to do some more reliable and dependable benchmarking of
> qmail in our experimentation, but it is very difficult. One of the "nice
> things" (one of?) about ms smtp server is the fact that nt performance
> monitor can keep track of it. We can see how many messages per second are
> being sent, how many concurrent connections, etc. While it is easy to
> monitor concurrent connections by a good old ps auxww |grep qmail-remote
> |wc -l, it is not exactly well represented, nor scientific. Messages per
> second can really only be done by monitoring qstat and a stop watch, or by
> sending to a pool of ms smtp servers and monitoring them. It would be truly
> wonderful if we could get more concrete and scientific results of all of
> this, because I think it would be an excellent way to demonstrate the power
> of qmail, and I think it would be a wonderful tribute to everyone who has
> put their time into the project. They all deserve a lot of credit, and this
> seems to be the best way to give them that due credit. Are there any
> available benchmarking tools? If not, I think it would be worthwhile to
Have you tried qmailanalog?
http://pobox.com/~djb/qmailanalog.html
It gives _among others_:
the time spent by a message in the queue,
the latency for a delivery attempt,
latency for a successful delivery to one recipient,
the first pct% of successful deliveries all happened within doneby secs,
the number of messages sent by the sender,
the number of bytes sent by the sender,
the number of bytes successfully received from the sender,
the number of bytes from the sender, weighted by recipient,
the number of delivery attempts (success, failure, deferral)
the number of recipients (success plus failure),
the number of bytes successfully delivered to the recipient,
the number of messages sent to the recipient (success plus failure),
the number of bytes successfully delivered to the given host,
the number of messages sent to the given host (success plus failure)
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
Andre Oppermann writes:
> Cris Daniluk wrote:
> >
> > We've been tryin to do some more reliable and dependable benchmarking of
> > qmail in our experimentation, but it is very difficult.
>
> Have a look at qmail-analog.
There's no dash -- I always make that same mistake. It's qmailanalog,
specifically http://pobox.com/~djb/software/qmailanalog-0.70.tar.gz
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
I have an SGI Challenge server, Irix 6.5 running qmail 1.03 with the AOL
patch and extrn patch installed. The daemontools 0.53 are installed and
used to bring up qmail per. the documentation found on living with
qmail.
(The system was actually installed per. the Living with Qmail
documentation.
I am also running qmail to do virtual domains without using system
accounts
per. Paul Gregg's setup at http://www.tibus.net/pgregg/projects/. I had
no
problem following his directions, and have even had the server already
running
once, without using the daemontools being used, so I know I can do it
and his
directions work.
My problem is that I have everything setup, and I get connected to the
pop3
port on the server. I accepts my user name and password, and the
checkpoppasswd
program validates them and logs them as being good, but for some reason
I am
getting a value returned that says that my username/password were not
accepted.
Since I know the server says that they are good, the log shows it, and I
am
only telneting, not using outlook or anything yet, I am stumped as to
where the
problem is. If anyone can shed any light on it, it will be greatly
appreciated.
-Eric Davis
[EMAIL PROTECTED]
I've wondered the same thing. What did your script do?
----- Original Message -----
From: steve j. kondik <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, August 08, 1999 11:58 PM
Subject: Re: qmail/sshd question
> nevermind, just made a script to do it. ;>
>
> -steve
>
> On 08/08/99 @ 11:03PM, steve j. kondik wrote:
> > thanks for the help with my last question, now i have another simple
> > question.. couldn't find any info about this but im sure its been done
many
> > times. ssh is the only way for users to access my system, now what
would be
> > the best way to have sshd check the users mail upon initial login? it
seems
> > to only want to check /var/spool/mail and im using Maildirs.
> >
> > thanks in advance,
> > -steve
>
easy, i just disabled sshd's mailcheck and made a little script to check the
output of `ls ~/Maildir/new` and called it from /etc/profile. Not very
elegant and not exactly what I wanted, but it works.
if there is a patch for sshd i'd still like to know ;>
-steve
On 08/09/99 @ 11:40AM, K. Brant Niggemyer wrote:
> I've wondered the same thing. What did your script do?
>
>
> ----- Original Message -----
> From: steve j. kondik <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, August 08, 1999 11:58 PM
> Subject: Re: qmail/sshd question
>
>
> > nevermind, just made a script to do it. ;>
> >
> > -steve
> >
> > On 08/08/99 @ 11:03PM, steve j. kondik wrote:
> > > thanks for the help with my last question, now i have another simple
> > > question.. couldn't find any info about this but im sure its been done
> many
> > > times. ssh is the only way for users to access my system, now what
> would be
> > > the best way to have sshd check the users mail upon initial login? it
> seems
> > > to only want to check /var/spool/mail and im using Maildirs.
> > >
> > > thanks in advance,
> > > -steve
> >
>
I am looking for some secure ways to pop. We have vchkpw installed and are
quite happy with it for our virtual domains, but I am still looking for a
way for shell users to get thier mail with encrypted passwords.
I would really like to use spa (secure password authentication) which is
based on ssl. It seems that most mail clients support this in some form or
another. Is there an implementation of this feature for qmail? I could
not find any.
I also saw quite a bit of discussion about APOP in the archives, but it
appears that this is limited support for e-mail clients -- like I couldn't
use outlook or netscape from work.
Any help or hints are greatly appreciated.
Brant Niggemyer
Yes, I am aware that you can do tunneling with ssh, but I am looking for a
way to do this with MS-dumb software, also. I didn't think you could do ssh
forwarding in Windows. That is why I was looking for a way to do ssl.
Brant
-----------
The simplest way is to simply use normal POP, but forwarded over an
encrypted tunnel in an SSH
session. I do that here, and it works quite well, with any POP mail client.
Setting
up the port forwarding on the client is very simple.
Charles
--
----------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
Any opinions expressed are just that -- my opinions.
----------------------------------------------------
You can do tunneling with both of the commerically available SSH packages for
windows. (F-Secure and SecureCRT)
--Adam
On Mon, Aug 09, 1999 at 03:46:39PM -0400, K. Brant Niggemyer wrote:
> Yes, I am aware that you can do tunneling with ssh, but I am looking for a
> way to do this with MS-dumb software, also. I didn't think you could do ssh
> forwarding in Windows. That is why I was looking for a way to do ssl.
>
> Brant
>
> -----------
> The simplest way is to simply use normal POP, but forwarded over an
> encrypted tunnel in an SSH
> session. I do that here, and it works quite well, with any POP mail client.
> Setting
> up the port forwarding on the client is very simple.
>
> Charles
> --
> ----------------------------------------------------
> Charles Cazabon <[EMAIL PROTECTED]>
> Any opinions expressed are just that -- my opinions.
> ----------------------------------------------------
>
>
I've had great success with OpenSSL and stunnel. I run smtps, pop3s, and
imaps this way. Essentually, you tell stunnel to make a tunnel on localhost
from (say) 465 (smtps) to 25 (smtp). Configure Outlook, Outlook Express, or
Netscape Communicator to then use the appropriate secure service, and
connect to the right port (i.e., 465) on your server.
For POP and IMAP, I have blocked the plain-text ports, and only allow secure
connections. ;-)
I'm not sure if stunnel can support client certificates or not, so you'll
still have to use the normal authentication methods for the particular
protocol you wish to tunnel.
OpenSSL information can be found at www.openssl.org. I believe there is a
link to the 'stunnel' program there as well. Both build, install, and work
out of the box on my NetBSD system...they seem pretty portable.
Scott
----- Original Message -----
From: Adam D . McKenna <[EMAIL PROTECTED]>
To: K. Brant Niggemyer <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, August 09, 1999 1:09 PM
Subject: Re: Secure pop
> You can do tunneling with both of the commerically available SSH packages
for
> windows. (F-Secure and SecureCRT)
>
> --Adam
>
> On Mon, Aug 09, 1999 at 03:46:39PM -0400, K. Brant Niggemyer wrote:
> > Yes, I am aware that you can do tunneling with ssh, but I am looking for
a
> > way to do this with MS-dumb software, also. I didn't think you could do
ssh
> > forwarding in Windows. That is why I was looking for a way to do ssl.
> >
> > Brant
> >
> > -----------
> > The simplest way is to simply use normal POP, but forwarded over an
> > encrypted tunnel in an SSH
> > session. I do that here, and it works quite well, with any POP mail
client.
> > Setting
> > up the port forwarding on the client is very simple.
> >
> > Charles
> > --
> > ----------------------------------------------------
> > Charles Cazabon <[EMAIL PROTECTED]>
> > Any opinions expressed are just that -- my opinions.
> > ----------------------------------------------------
> >
> >
>
Read and follow the directions in Life with qmail
http://Web.InfoAve.Net/~dsill/lwq.html
exactly and you shouldn't have any problems.
qmail does not check your maildir, it only receives mail and delivers to it,
you must be talking about your mail client or a pop3/imap client. qmail has a
pop3 daemon that works with maildir very well and we use it at our isp. It's
VERY fast. in fact, qmail in general is faster than other solutions.
At 11:47 AM 8/8/99 , you wrote:
>
> Hi,
>
> I have just tried to setup qmail, unsuccessfully!
>
> I wanted to use Maildir to store the mail which I got working ok, the only
> problem I was having was trying to receive mail and trying to send mail
> outside of my domain.
>
> I could send local mail ok but when I tried to pick it up it said there were
> no new messages. I assume it was accessing the old /var/spool/mail for
> message. Could not work out how to tell qmail to access /Maildir
>
> Trying to send mail outside of my domain resulted in a message saying " .....
> no relay" I checked the FAQ and did what it said, changed the line in
> inetd.conf, edited hosts.allow and added tcp-env: 203.57.50.: setenv =
> RELAYCLIENT but I still couldn't relay.
>
> Help!
>
> Regards,
>
> Steve
______________________
NovaMetrix Development
Robbie Walker, AMWL
P.O. Box 635 or 910-653-4006
106-B S. Main St 800-773-5647
Tabor City, NC 28463 910-653-2052 FAX
qmail doesn't have an options file like sendmail. qmail doesn't work like
sendmail.
qmail uses a modular approach. qmail control files are located in
/var/qmail/control
You really need to spend some time reading Life with qmail
http://Web.InfoAve.Net/~dsill/lwq.html
and all the documentation that comes with qmail especially the INTERNALS file.
Let me reiterate, qmail does not work like you are used to sendmail working.
At 01:37 AM 8/9/99 , you wrote:
>
> Hi,
>
> Just wondering where the options file is for Qmail? I have searched for it
> but can't seem to find one. Sendmail's equilivent is /etc/sendmail.cf
>
> Can anyone help with aliasing? I have tried it with fastforward but I get an
> error in my maillog saying
> /var/qmail/bin/fastforward_-d_/etc/aliases.cdb_file_not_found for every user
> to I try and send an email to as their aliases.
>
> Regards,
>
> Steve
______________________
NovaMetrix Development
Robbie Walker, AMWL
P.O. Box 635 or 910-653-4006
106-B S. Main St 800-773-5647
Tabor City, NC 28463 910-653-2052 FAX
I think this is a good one. Because we'll be generating the messages on
different machines than those that we send from, we have to find the most
efficient way to get them into the queue. That presents us with a variety of
options. Here are the few that we've come up with (some of these are good
options, some are down right horrible... this is just a list):
1. Have the generator write directly to the qmail SMTP server via sockets
2. Open a telnet/rsh/rexec to the machine and use qmail-inject
3. Modify the source to qmail-inject to work on NT and remotely (very little
work) and inject to the queue over a samba/nfs share
4. Send mail to the server via relay, using the Microsoft SMTP servers as
relay and writing to them as we are now (this seems kludgey because the
servers can only send 30 messages per second on the lan).
5. Telepathy?
If anyone has any other options, or just their recommendations on which is
fastest, that'd be great. The qmail queue is still a bit of a mystery to me,
so I'm not quite sure what the fastest way to get something queue'd is.
Cris Daniluk
MicroStrategy
At 02:01 PM 8/9/99 -0400, Cris Daniluk wrote:
>I think this is a good one. Because we'll be generating the messages on
>different machines than those that we send from, we have to find the most
>efficient way to get them into the queue. That presents us with a variety of
>options. Here are the few that we've come up with (some of these are good
>options, some are down right horrible... this is just a list):
>
>1. Have the generator write directly to the qmail SMTP server via sockets
>
>2. Open a telnet/rsh/rexec to the machine and use qmail-inject
>
>3. Modify the source to qmail-inject to work on NT and remotely (very little
>work) and inject to the queue over a samba/nfs share
>
>4. Send mail to the server via relay, using the Microsoft SMTP servers as
>relay and writing to them as we are now (this seems kludgey because the
>servers can only send 30 messages per second on the lan).
>
>5. Telepathy?
Check out qmail-qmqpc and qmail-qmqpd.
David.
______________________________________
David Villeger
(212) 972 2030 x34
http://www.CheetahMail.com
The Internet Email Publishing Solution
[snip]
> Check out qmail-qmqpc and qmail-qmqpd.
This looks like it would do what we need, BUT, there's no documentation at
best :) Where would you find more detailed documentation? The man pages
don't even discuss how to implement it. In fact, they say that qmqpd needs
several environment variables which must be passed by tcp-env, but never
says what! I would imagine this should be a pretty decent priority, as it
doesn't seem to be worth even having a man page if it's going to be that
helpless :)
Cris Daniluk
MicroStrategy
On Mon, 9 Aug 1999, Cris Daniluk wrote:
>
> [snip]
> > Check out qmail-qmqpc and qmail-qmqpd.
>
> This looks like it would do what we need, BUT, there's no documentation at
> best :) Where would you find more detailed documentation? The man pages
> don't even discuss how to implement it. In fact, they say that qmqpd needs
> several environment variables which must be passed by tcp-env, but never
> says what! I would imagine this should be a pretty decent priority, as it
> doesn't seem to be worth even having a man page if it's going to be that
> helpless :)
man 5 tcp-environ gives you the environment variables
so, I'd guess at starting it like you do qmail-smtpd under tcpserver
(which sets the environment variables, and can enforce access control so
only your MS servers can submit using it). obviously, use a different port
than #25
Richard
On Mon, 9 Aug 1999, Cris Daniluk wrote:
>
> [snip]
> > Check out qmail-qmqpc and qmail-qmqpd.
>
> This looks like it would do what we need, BUT, there's no documentation at
> best :) Where would you find more detailed documentation? The man pages
> don't even discuss how to implement it. In fact, they say that qmqpd needs
> several environment variables which must be passed by tcp-env, but never
> says what! I would imagine this should be a pretty decent priority, as it
> doesn't seem to be worth even having a man page if it's going to be that
> helpless :)
On the client side:
mv /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.orig
ln -s /var/qmail/bin/qmail-qmqpc /var/qmail/bin/qmail-queue
cat > /var/qmail/control/qmqpservers << EOF
# List of QMQP servers. This file is used by qmail-qmqpc. To enable
# QMQP, remove qmail-queue and make a symbolic link as follows:
#
# qmail-queue -> qmail-qmqpc
#
# Instead of queueing mail locally, qmail will now make a QMQP
# connection to the first available QMQP server from the list below.
# The QMQP servers must be listed by IP address. If no servers can be
# contacted, mail delivery will fail. Hopefully, one of the QMQP
# servers will be running qmail-qmqpd.
#
# ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING !
# Do NOT put the current host in this list - this will cause an endless
# loop of qmail-qmqpc/qmail-qmqpd connections because qmail-qmqpd wants
# to call qmail-queue to place the incoming message in the queue.
# ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING !
# qmqpservers - listed by IP address ONLY
1.2.3.4
1.2.3.5
EOF
On the server side:
- edit /etc/services and add the line
qmqp 628/tcp mail
- run qmail-qmqpd from inetd (not recommended). Edit
/etc/inetd.conf (all on one line)
qmqp stream tcp nowait qmaild /pkgs/bin/tcpd
/var/qmail/bin/tcp-env /var/qmail/bin/qmail-qmqpd
/pkgs/bin/tcpd is wherever you have tcp_wrappers installed.
Access control is handled by /etc/hosts.allow and
/etc/hosts.deny. tcp-env provides the necessary environment
variables to qmail-qmqpd.
- run qmail-qmqpd from tcpsever (highly recommended). In a startup
script run the following
tcpserver -u 7791 -g 2108 -c 40 -v -R -x \
/etc/qmqpdrules.cdb 0 qmqp /var/qmail/bin/qmail-qmqpd 2>&1 \
| accustamp | cyclog -s 1000000 /var/log/qmqp
7791 and 2108 are the uid and gid of the qmaild user and nofiles
group. tcpserver provides the necessary environment variables to
qmail-qmqpd. The -R option stops tcpserver doing identd lookups.
Access control is handled by the cdb file /etc/qmqpdrules.cdb.
This file is generated from /etc/qmqpdrules by running the
command
tcprules /etc/qmqpdrules.cdb /etc/qmqpdrules.tmp < /etc/qmqpdrules
You should also look at wrapping the tcpserver invocation in
supervise (part of Dan's daemontools package)
eval "env - PATH=$PATH supervise -r /etc/qmqpd \
tcpserver -u 7791 -g 2108 -c 40 -v -R -x \
/etc/qmqpdrules.cdb 0 qmqp /var/qmail/bin/qmail-qmqpd 2>&1 \
| accustamp | cyclog -s 1000000 /var/log/qmqp &"
This is how I run it at tansu.
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
eServ. Pty Ltd [EMAIL PROTECTED]
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
On Tue, Aug 10, 1999 at 10:34:22AM +1000, Peter Samuel wrote:
> On the client side:
>
> mv /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.orig
> ln -s /var/qmail/bin/qmail-qmqpc /var/qmail/bin/qmail-queue
>
> cat > /var/qmail/control/qmqpservers << EOF
Additionally I can provide patches that create qmail-qmqpc+env, which
lets you set the ip address of the host you're connection to and the
port you're connecting to as environment variables. This lets you
spread your load between servers (or ports+queues on the same server).
Let me know if you want the patch.
--
The 5 year plan:
In five years we'll make up another plan.
Or just re-use this one.
We hit a pretty serious blow in our testing... qmail appears to just stop
sending mail randomly. It doesn't appear to be bounces or anything, it
just delivers 100 or so messages from the queue, then stops. It won't
start again unless you restart qmail and the logs don't seem to contain
any relevant information. It appears to be around 100, but not exactly
100. What on earth would cause this and how do you prevent it?
Cris Daniluk
MicroStrategy
I found out the problem and its interesting at best. The messages are
being deferred by outgoing mail servers because we're sending mail *too*
fast :) For testing we're only using a select number of servers. Is there
a way to moderate qmail so it only opens X connections to any one server
at any given time? This would alleviate this problem.
Cris Daniluk
MicroStrategy
On Mon, 9 Aug 1999, Cris Daniluk wrote:
> We hit a pretty serious blow in our testing... qmail appears to just stop
> sending mail randomly. It doesn't appear to be bounces or anything, it
> just delivers 100 or so messages from the queue, then stops. It won't
> start again unless you restart qmail and the logs don't seem to contain
> any relevant information. It appears to be around 100, but not exactly
> 100. What on earth would cause this and how do you prevent it?
>
> Cris Daniluk
> MicroStrategy
>
>
>
On Mon, 9 Aug 1999, Cris Daniluk wrote:
> I found out the problem and its interesting at best. The messages are
> being deferred by outgoing mail servers because we're sending mail *too*
> fast :) For testing we're only using a select number of servers. Is there
> a way to moderate qmail so it only opens X connections to any one server
> at any given time? This would alleviate this problem.
no, not very easily. qmail-send doesn't maintain much information about a
message, just a priority queue of messages without any domain name related
information. in order to implement this one would have to change a major
data structure to hold a reference to the domain name, and then allow
out-of-order selection from the priority queue.
RjL
On Mon, 9 Aug 1999, Cris Daniluk wrote:
> I found out the problem and its interesting at best. The messages are
> being deferred by outgoing mail servers because we're sending mail *too*
> fast :) For testing we're only using a select number of servers. Is there
> a way to moderate qmail so it only opens X connections to any one server
> at any given time? This would alleviate this problem.
It's possible that the remote SMTP daemons are being serviced by
inetd. Many inetd implementations have an annoying rate limiting
"feature". If they see the rate of incoming connections is too high,
they'll stop servicing that port for 10 minutes or so.
I've actually swamped an upstream SMTP server from a 14k4 modem. The
upstream server was running qmail-smtpd from inetd. He quickly
switched to tcpserver.
tcpserver doesn't have a rate limit. Rather it has a limit on the
number of simultaneous connections (40 by default).
As you don't have any control over the upstream side, there's not much
you can do. If qmail-remote cannot successfully send a message, it
will back off on a per message basis. (Dave Sill's LWQ pages has a nice
table showing the back off delays. My SAGE tutorial has a nice graph
showing the same as well as the equations on how to calculate the
delays). The bottom line is that qmail will wait 400 seconds for the
first retry, 1200 seconds for retry 2, 2000 seconds for retry 3 etc etc.
You could try to send qmail-send a SIGALRM on a periodic basis. This
will tell it to flush the queue, but this may start a storm of
qmail-remotes that may swamp the upstream sites all over again.
As you'll be dealing with real remote systems you'll have to weight
your test results accordlingly.
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
eServ. Pty Ltd [EMAIL PROTECTED]
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
Hi there,
I was just wondering if anyone is running a qmail server with 20,000 users?
And if so, how does it handle and what hardware are you running?
Any help is most appreciated!
Regards,
Marc-Adrian Napoli
Connect Infobahn Australia
+61 2 92811750
[EMAIL PROTECTED]
Yeah, hotmail.com is running >20,000 [grin]
it seems to work pretty darn well, considering.
At 10:23 PM 8/9/99 , you wrote:
>Hi there,
>
>I was just wondering if anyone is running a qmail server with 20,000 users?
>
>And if so, how does it handle and what hardware are you running?
>
>Any help is most appreciated!
>
>Regards,
>
>Marc-Adrian Napoli
>Connect Infobahn Australia
>+61 2 92811750
>[EMAIL PROTECTED]
>
>
>
______________________
NovaMetrix Development
Robbie Walker, AMWL
P.O. Box 635 or 910-653-4006
106-B S. Main St 800-773-5647
Tabor City, NC 28463 910-653-2052 FAX
Hi,
Is there something that will show me the messages that are in the queue and
what their status is? I have run qmail-qstats and it says I have 50 messages
in the queue.
I was having problems with Aliases. In case anyone wants to know I found the
following;
echo name < /var/qmail/alias/.qmail-aliasname
replace name with the user account name and aliasname with the alias name
you wish to assign to the user account.
This will setup multiple email aliases for your users.
Regards,
Steve
