qmail Digest 19 Mar 2000 11:00:01 -0000 Issue 945
Topics (messages 38748 through 38779):
Re: Maildir Scalability Question
38748 by: Uwe Ohse
38750 by: andy huhn
38751 by: Uwe Ohse
38761 by: Rogerio Brito
Re: We come in Peace; or BREEDING, FEEDING, GIVING and TAKING (was: Qmail Relay
Question)
38749 by: Russell Nelson
postal
38752 by: Russell Nelson
38755 by: petervd.vuurwerk.nl
Re: Bounce Loops?
38753 by: Bob Rogers
Re: Qmail Relay Question; A Newbie Speaks
38754 by: Stephen Bosch
38756 by: iv0
38757 by: Magnus Bodin
38774 by: Russ Allbery
A very simple question
38758 by: David E. Weekly
38768 by: Paul Schinder
38773 by: Russ Allbery
qmail smtp
38759 by: wilke
38765 by: Chris Johnson
qmail spawn
38760 by: Spades
38763 by: Spades
38764 by: Chris Johnson
problem resolved.. hopefully
38762 by: J.M. Roth
Re: FreeBSD 4 and alternate MTAs
38766 by: Chris Johnson
Spam getting through despite closed relay; or even with no qmail-smtp running !
38767 by: chas
38769 by: Racer X
38770 by: Andy Bradford
38771 by: Andy Bradford
38776 by: chas
qmail attachments
38772 by: Michael Slade
38778 by: Magnus Bodin
2 servers and 1 domain with qmail ?
38775 by: PsabsŪ
Update - solved problem. Re: Spam getting through despite closed relay; or even with
no qmail-smtp running !
38777 by: chas
QMAIL Spam and queue handling
38779 by: Christophe Lesur
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
On Sat, Mar 18, 2000 at 02:06:11AM -0800, David E. Weekly wrote:
> my Maildir has 5086 messages in it to be precise. Recently (i.e., in the
> last 500 messages or so) retreiving mail has become *painfully* slow.
> Looking at "top," I find that imapd is choking the CPU, taking 97% of the
> CPU just to open a mail message. Huh?
> Wasn't a Maildir supposed to solve this?
No. Maildir solved other problems which i consider far worse.
Maildir is the way to receive messages ("inbox"), not the way to
store them.
> Or is this a fundamental filesysem problem (I'm using ext2fs)? What
this is an ext2fs problem. Well, ext2 shares it with many other file
systems, but modern filesystems are smarter.
Every access to a file in ext2 has to scan about 50% of the directory -
it's a linear search. (O(n^2))
Regards, Uwe
I thought linear was O(n)? What are some more modern file systems
that speed this up, and how do they do it? Do they use a hash for
the structure of the directory?
Regards,
Andy Huhn
http://www.stormwarn.com
> -----Original Message-----
> From: Uwe Ohse [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, March 18, 2000 5:41 AM
> To: David E. Weekly
> Cc: [EMAIL PROTECTED]
> Subject: Re: Maildir Scalability Question
>
>
> On Sat, Mar 18, 2000 at 02:06:11AM -0800, David E. Weekly wrote:
>
> > my Maildir has 5086 messages in it to be precise. Recently (i.e., in the
> > last 500 messages or so) retreiving mail has become *painfully* slow.
> > Looking at "top," I find that imapd is choking the CPU, taking
> 97% of the
> > CPU just to open a mail message. Huh?
>
> > Wasn't a Maildir supposed to solve this?
>
> No. Maildir solved other problems which i consider far worse.
>
> Maildir is the way to receive messages ("inbox"), not the way to
> store them.
>
> > Or is this a fundamental filesysem problem (I'm using ext2fs)? What
>
> this is an ext2fs problem. Well, ext2 shares it with many other file
> systems, but modern filesystems are smarter.
> Every access to a file in ext2 has to scan about 50% of the directory -
> it's a linear search. (O(n^2))
>
> Regards, Uwe
>
On Sat, Mar 18, 2000 at 11:59:39AM -0500, andy huhn wrote:
> I thought linear was O(n)? What are some more modern file systems
linear is O(n).
But the programs are not reading the directories once, they open
every file once - n*(n/2).
> that speed this up, and how do they do it? Do they use a hash for
> the structure of the directory?
usually they use binary searching. HPFS from OS/2 was a well-known
example. Reiserfs for linux uses another tree structure (i don't
know exactly what method they use).
Note that reiserfs isn't generally considered to be of production
quality at this time.
Regards, Uwe (who'd like ext3 + binary searches)
On Mar 18 2000, andy huhn wrote:
> I thought linear was O(n)?
Indeed it is. But I think Uwe was referring to n searches,
each O(n).
> What are some more modern file systems that speed this up, and how
> do they do it? Do they use a hash for the structure of the
> directory?
Modern file systems arrange file contents (and not only the
directory lists) as trees. One of such filesystem is ReiserFS
which seems to work very well (and, if you're using Linux, it
can be faster than ext2 for some operations and not only
processing directories with loads of files). But be warned: it
is still under development.
You can get ReiserFS patches (distributed under the GPL, for
instance) from http://devlinux.net/namesys/
It is also a journalling filesystem.
[]s, Roger...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rogerio Brito - [EMAIL PROTECTED] - http://www.ime.usp.br/~rbrito/
Nectar homepage: http://www.linux.ime.usp.br/~rbrito/opeth/
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Magnus Bodin writes:
> We sure answer a lot of simple questions every week. But when often pointing out
> existing documentation we're NOT BEING RUDE AT ALL.
Obviously Dan needs to add another answer to his FAQ, which answers
the question "How come you guys are always telling people to RTFM
instead of answering their question?"
And then, when people ask us that question, we could tell them to RTFM. :)
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
I saw this program announced on Freshmeat today:
http://www.coker.com.au/postal/
This suite currently consists of two programs, Postal and
Rabid. Postal (the mad postman) is a program that will deliver mail as
fast as possible via the SMTP protocol to test mail server
performance. Rabid (the mad Biff) will eat mail via the POP protocol
as fast as possible and measure POP server performance. All messages
sent via Postal have MD5 checksums appended, and Rabid will check the
MD5 to ensure that the messages are not being corrupted.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
On Sat, Mar 18, 2000 at 12:33:04PM -0500, Russell Nelson wrote:
> I saw this program announced on Freshmeat today:
>
> http://www.coker.com.au/postal/
I intend to use this set of programs to do benchmarking of qmail with and
without some patches (like the big-todo patch, and SuSE 16-bit concurrency
patch), on Linux and FreeBSD (to see which scales better) over the next 2
months.
I will try to get some meaningful results to post to y'all.
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
From: Bruno Wolff III <[EMAIL PROTECTED]>
Date: Thu, 16 Mar 2000 13:16:57 -0600
. . . It is debatable whether or not adding an alias for
MAILER-DAEMON is useful. Double bounce replies shouldn't be sent back
to MAILER-DAEMON and humans should send requests to the postmaster if
the problem is something a postmaster can help with.
Users reply to the damnedest things. If an MTA is configured to
generate mail from "rumpelstiltskin", then it ought to be configured to
accept mail for "rumpelstiltskin" as well.
-- Bob Rogers
> I have been watching this list for a few weeks now. And the people on
> here are the most un-helpful people I have seen. Your typical answer to a
> question is man this or man that.
Hmn. Perhaps we need a mailing list on how to submit to mailing lists.
Just so you all know, I've only been running Linux for three months, and
q-mail for about one month. I am a newbie in every sense of the word. Here
is my
PRIMER ON HOW TO GET A DECENT RESPONSE ON THE QMAIL LIST
*for the lost and confused*
1. At the very least, read the q-mail man pages, and the FAQ. Have look at
what's on www.qmail.org, because it will point towards many other useful
resources. If you don't understand how to unpack the q-mail archive, it's
questionable whether you should be administering a mail server, but okay:
read the man pages for "tar", that should get you started. Failing that, the
man pages are availabe in HTML on-line.
2. Make a reasonable attempt now to follow the aforementioned documentation.
Countless people have mentioned "Life with qmail" which is an excellent
primer -- but there are others.
3. Here's the part where you get stuck. First and foremost, RECORD THE ERROR
OUTPUT - you'll want to put this (preferably UNEDITED) in your e-mail to the
list. So few people understand how important this is it staggers me. Nothing
is more useless than questions like "I did this, that, and the other thing,
and now my qmail installation doesn't work. What's wrong?" How are *we*
supposed to know? Shall we come over to your office in person? Sure -- I'm
getting in my car. See you in 32 hours.
4. In addition to the error output, you should collect copies of things that
may be peripherally relevant to the problem, for example, if you are having
errors related to tcpserver, include your rules file (the uncompiled text
version); perhaps your /var/qmail/control/locals and your
/var/qmail/control/rcpthosts, for example (I use these since many problems
that people have seem to be related to these).
5. Give a clear explanation of *what* you are trying to accomplish.
Follow these five (I should add - EASY) steps, and you WILL get a useful,
very often verbose response from the many talented people who frequent this
mailing list. I did.
NOW - thought you were going to get away, huh? I have a question:
First, I've done a bit of looking but it's not immediately obvious to me
where qmail puts its logs -- in fact, I don't even know where to find the
system logs. Would somebody kindly point me in the right direction?
Thanks,
Stephen Bosch
Stephen Bosch wrote:
>
> PRIMER ON HOW TO GET A DECENT RESPONSE ON THE QMAIL LIST
> *for the lost and confused*
<snip>
Very nice primer.
>
> NOW - thought you were going to get away, huh? I have a question:
>
> First, I've done a bit of looking but it's not immediately obvious to me
> where qmail puts its logs -- in fact, I don't even know where to find the
> system logs. Would somebody kindly point me in the right direction?
I will assume you are talking about the main qmail programs, as opposed
to smtp or pop servers. If so, qmail sends it's log information to
standard out. So it depends on how you start qmail.
There are four possiblities:
1) you dump the output: 2>&1 > /dev/null
2) you send the output to syslog by using splogger.
syslog is controled by /etc/syslog.conf
it's a good chance the logs are going to either messages or maillog
The location depends on the operating system. linux puts them in
/var/log
3) you send the output to cyclog
4) you send the output to multilog
Ken Jones
www.inter7.com
On Sat, Mar 18, 2000 at 11:20:00AM -0700, Stephen Bosch wrote:
[lots of good advice torn away]
> NOW - thought you were going to get away, huh? I have a question:
>
> First, I've done a bit of looking but it's not immediately obvious to me
> where qmail puts its logs -- in fact, I don't even know where to find the
> system logs. Would somebody kindly point me in the right direction?
It depends how you set up things.
Look into http://Web.InfoAve.Net/~dsill/lwq.html#troubleshooting
under 5.6.2. Logs. It describes where logs go.
Look also in the sysvinit script in LWQ.
What do you have in /var/qmail/rc? is it an "splogger qmail" maybe? Then
take a look in one of these
/var/log/syslog
/var/adm/SYSLOG
/var/log/maillog
/var/adm/messages
/var/log/messages
/magnus
--
http://x42.com/
iv0 <[EMAIL PROTECTED]> writes:
> 1) you dump the output: 2>&1 > /dev/null
In the interest of random correction... this is a common shell output
redirection mistake. The above does not send stdout and stderr to
/dev/null; it sends stdout to /dev/null and stderr to wherever stdout was
going before it was redirected.
The reason why is that redirections are parsed from left to right, and
2>&1 *dups* file descriptor 1 and sends 2 there. So later changes to the
disposition of file descriptor 1 have no effect on 2.
Observe:
$ echo "this goes to stderr" >&2
this goes to stderr
$ ( echo "this goes to stderr" >&2 ) > /dev/null 2>&1
$ ( echo "this goes to stderr" >&2 ) 2>&1 > /dev/null
this goes to stderr
Order is significant in Bourne shell I/O redirection.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Uwe,
Okay. Fair enough. So I have a very, very trivial question for the list.
(BTW, ext2fs gave me a kernel Oops this morning: something I haven't seen
for 4.5 years!) I think that it is an appropriate one.
I have a Linux server with a good amount of storage, a decent amount of
RAM, a fast processor, and a blazing fast network connection.
I want to use it as my mail server (for JUST ME!) and be able to check my
email efficiently from multiple locations. I happen to have a lot of mail
(>5000 messages, ~200/day), so I'd also like to be able to filter my
messages.
The answer so far has been to use qmail w/IMAP patched for Maildir. But now
that it seems that my underlying filesystem is unhappy enough about this
idea to crash my kernel, it's not seeming like such a hot notion.
Previously, I had used qmail with an mbox file. This worked until my mbox
grew to about 50Mb, at which point my system choked, since every five
minutes when my client would duck in to see if it had any mail, the entire
mbox file would be loaded in from disk, parsed, and stored in memory,
causing my disk to thrash not only due to constantly reading in such big
files, but also from the paging generated from having a 50Mb process in
memory.
I have not found a trivial way to use filtering with the two above
scenarios. (A pointer to a FAQ and/or an answer would be great: I'm more
than happy to RTFM when I know where the FM is.)
So right now, as a single user on a powerful system, I have no good way to
handle email. This seems pretty pathetic. Anyone care to lend (well, okay,
give) a few words of advice?
-david
----- Original Message -----
From: Uwe Ohse <[EMAIL PROTECTED]>
To: David E. Weekly <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, March 18, 2000 2:41 AM
Subject: Re: Maildir Scalability Question
> On Sat, Mar 18, 2000 at 02:06:11AM -0800, David E. Weekly wrote:
>
> > my Maildir has 5086 messages in it to be precise. Recently (i.e., in
the
> > last 500 messages or so) retreiving mail has become *painfully* slow.
> > Looking at "top," I find that imapd is choking the CPU, taking 97% of
the
> > CPU just to open a mail message. Huh?
>
> > Wasn't a Maildir supposed to solve this?
>
> No. Maildir solved other problems which i consider far worse.
>
> Maildir is the way to receive messages ("inbox"), not the way to
> store them.
>
> > Or is this a fundamental filesysem problem (I'm using ext2fs)? What
>
> this is an ext2fs problem. Well, ext2 shares it with many other file
> systems, but modern filesystems are smarter.
> Every access to a file in ext2 has to scan about 50% of the directory -
> it's a linear search. (O(n^2))
>
> Regards, Uwe
>
At 11:24 AM -0800 3/18/00, David E. Weekly wrote:
>Uwe,
>
>Okay. Fair enough. So I have a very, very trivial question for the list.
>(BTW, ext2fs gave me a kernel Oops this morning: something I haven't seen
>for 4.5 years!) I think that it is an appropriate one.
>
>I have a Linux server with a good amount of storage, a decent amount of
>RAM, a fast processor, and a blazing fast network connection.
>
>I want to use it as my mail server (for JUST ME!) and be able to check my
>email efficiently from multiple locations. I happen to have a lot of mail
>(>5000 messages, ~200/day), so I'd also like to be able to filter my
>messages.
>
>The answer so far has been to use qmail w/IMAP patched for Maildir. But now
>that it seems that my underlying filesystem is unhappy enough about this
>idea to crash my kernel, it's not seeming like such a hot notion.
>Previously, I had used qmail with an mbox file. This worked until my mbox
>grew to about 50Mb, at which point my system choked, since every five
>minutes when my client would duck in to see if it had any mail, the entire
>mbox file would be loaded in from disk, parsed, and stored in memory,
>causing my disk to thrash not only due to constantly reading in such big
>files, but also from the paging generated from having a 50Mb process in
>memory.
>
>I have not found a trivial way to use filtering with the two above
>scenarios. (A pointer to a FAQ and/or an answer would be great: I'm more
>than happy to RTFM when I know where the FM is.)
>
>So right now, as a single user on a powerful system, I have no good way to
>handle email. This seems pretty pathetic. Anyone care to lend (well, okay,
>give) a few words of advice?
Sounds to me like you need two things, a better IMAP server and a
better mail client. You don't say which client you're using, but I'd
suggest giving mutt a try. mutt can handle both maildirs and
mailboxes natively, and also do IMAP. You should also give Sam's
courier-imap a try, which is written for Maildirs and is also likely
to be far more efficient than imapd. (I go only by the reputation of
imapd, since I've never used it (and, with its CERT record, never
would). courier-imap I do use, and it works well.) Sam's maildrop
does filtering, and also understands Maildir, and there are procmail
patches for Maildir if you want to use procmail for filtering.
I get around 200 messages a day myself, but very little of that gets
saved. I find filtering with maildrop, using courier-imap and Eudora
or mutt as clients to be a good solution for that kind of volume.
Sounds to me like you're saving a lot, and you might want to look
into saving into a database for long term storage.
>
> -david
>
--
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]
Paul Schinder <[EMAIL PROTECTED]> writes:
> I get around 200 messages a day myself, but very little of that gets
> saved. I find filtering with maildrop, using courier-imap and Eudora or
> mutt as clients to be a good solution for that kind of volume. Sounds
> to me like you're saving a lot, and you might want to look into saving
> into a database for long term storage.
Or more to the point, just make more aggressive use of IMAP's built-in
capabilities to have multiple different folders. Each one should be a
separate directory, and then you won't have lots of messages in the same
directory.
I have somewhere in the range of a couple hundred incoming folders
(actually nnml groups in Gnus), one for each mailing list, role address,
or personal mailbox I have, and only keep in those inboxes things that I
actively need to respond to; other stuff gets moved off to long-term
storage mailboxes.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
|
How can i configure the qmail smtp daemon???
I found in qmail directory, some files " qmail-smtpd" to change and
configure smtp, but they donīt make any changes in
system....
Thankīs.
Wilke Murakami
|
On Sat, Mar 18, 2000 at 04:46:03PM -0300, wilke wrote:
> How can i configure the qmail smtp daemon??? I found in qmail directory,
> some files " qmail-smtpd" to change and configure smtp, but they donīt make
> any changes in system....
FAQ 5.1.
Chris
Hi,
How do i change and restart this to use ./Maildir?
I have changed all users' dir to have /Maildir
(current)
247 ?? I 0:09.34 qmail-lspawn ./Mailbox
Lee
----
I keep getting this error: Unable_to_chdir_to_maildir.
I have a Maildir in my home folder.
Mar 19 04:41:43 i-shell qmail: 953440903.948277 delivery 60: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
Mar 19 04:41:43 i-shell qmail: 953440903.948528 status: local 0/10 remote 0/20
Mar 19 04:42:27 i-shell qmail: 953440947.958308 starting delivery 63: msg
23761 to local [EMAIL PROTECTED]
Mar 19 04:42:27 i-shell qmail: 953440947.959184 status: local 1/10 remote 0/20
Mar 19 04:42:27 i-shell qmail: 953440947.966301 delivery 63: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
Mar 19 04:42:27 i-shell qmail: 953440947.966605 status: local 0/10 remote 0/20
On Sun, Mar 19, 2000 at 04:14:02AM +0800, Spades wrote:
> How do i change and restart this to use ./Maildir?
> I have changed all users' dir to have /Maildir
>
>
> (current)
> 247 ?? I 0:09.34 qmail-lspawn ./Mailbox
Change ./Mailbox to ./Maildir/ (note the trailing slash) in your qmail
startup script. Then kill qmail-send and run your new startup script.
Chris
|
Hello.
I finally found the solution to the "bad_last_line"
problem.
I have a script in .qmail-default that checks for
certain incoming domain names:
| if [ "$HOST" = "intelip.com" ]; then
/home/vpopmail/bin/vdelivermail '' bounce -no-mailbox; else
/home/vpopmail/bin/vdelivermail ''
/home/vpopmail/domains/intelligent.lu/postmaster; fi
The problem seems to have been: the tailing "; fi"
was missing until now. But: until now it did work!
Thanks anyway for any thoughts you may have made
about this.
-- jmr
|
FreeBSD 4 is starting to play nice with alternate MTAs. Maybe other systems
have had this feature for hundreds of years, but FreeBSD has a new thing that
lets you define your MTA and related programs in /etc/mail/mailer.conf; it no
longer assumes that everyone uses sendmail. /usr/sbin/sendmail, /usr/bin/mailq,
et al are all symlinks to /usr/bin/mailwrapper, which runs the programs you
define in /etc/mail/mailer.conf. It's very nice, and does away with the ugly
symlinks.
Chris
I screwed up : I left my box open for a few days and
already somebody found it and started to send spam.
So, I installed ucspi-tcp and allowed selective relaying
as described in the excellent document by Chris Johnson.
"Selective relaying with tcpserver and qmail-smtpd"
http://www.palomine.net/qmail/selectiverelay.html
And I've tested this from the network as well as from
http://www.abuse.net/relay.html and it would appear that
relaying is not allowed.
I just rebooted the machine and have not yet started
tcpserver and qmail-smtp, and suddenly I find dozens
of qmail-remote processes running. (see below)
Could somebody pls tell me what is going on here ?
Have these been queued ? (I couldn't find them in
/var/qmail/queue or any of its subdirectories)
How can they still be getting through to my box
if qmail-smtp is not even running yet ? (telneting
to port 25 won't even get you a connection). And how
can I get rid of them ?
(Oh, and if anybody knows the [EMAIL PROTECTED], pls
break his kneecaps)
Thanks for any help b/c this is obviously not
a good thing - I'm just killing qmail-remote.
chas
qmailr 10836 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 257@cra
qmailr 10853 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 274@cra
qmailr 10859 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 280@cra
qmailr 10863 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 284@cra
qmailr 10869 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 290@cra
qmailr 10875 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 296@cra
qmailr 10877 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 298@cra
qmailr 10880 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 300@cra
qmailr 10881 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 301@cra
qmailr 10882 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 302@cra
qmailr 10883 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 303@cra
qmailr 10884 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 304@cra
qmailr 10885 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 305@cra
qmailr 10886 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 306@cra
qmailr 10887 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 307@cra
qmailr 10888 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 308@cra
qmailr 10889 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 309@cra
qmailr 10890 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 311@cra
qmailr 10891 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 312@cra
qmailr 10892 0.0 0.1 788 428 p0 S 5:49AM 0:00.00 qmail-remote
crazy.ucs.com.tw [EMAIL PROTECTED] 313@cr
All those qmail remote processes are sending out that spam mail you
thought you got rid of. My guess is that the stuff is still in your
local queue, so use qmail-qstat/qread to check and see.
qmail-smtpd/tcpserver do not need to be running for outgoing mail to be
sent.
What you probably want to do in this case is kill qmail as quickly and
safely as possible, clean up the queue, and then restart qmail. I've
had to do this a couple of times when I missed a relay rule or
something, so here's my step-by-step list of stuff to do. Smarter
people than me can feel free to correct it :)
1) If possible, unplug the box from the network, or ifconfig down the
public interface.
2) Kill qmail-smtpd.
3) Send qmail-send a TERM signal, which will make it exit ASAP.
4) kill -9 all the qmail-remote processes that you see.
5) At this point qmail should be completely stopped and you can clean
out the queue.
Step #4 might be a little dangerous. I'm almost certain qmail will
correctly assume the process failed and defer the message normally (this
way you won't lose any legit mail), but I can't seem to find where in
the docs or source this is made clear. But I trust DJB to do the right
thing in this case :)
shag
----- Original Message -----
From: "chas" <[EMAIL PROTECTED]>
To: "qmail list" <[EMAIL PROTECTED]>
Sent: Sat 18 Mar 2000 14:08
Subject: Spam getting through despite closed relay; or even with no
qmail-smtp running !
> I screwed up : I left my box open for a few days and
> already somebody found it and started to send spam.
>
> So, I installed ucspi-tcp and allowed selective relaying
> as described in the excellent document by Chris Johnson.
> "Selective relaying with tcpserver and qmail-smtpd"
> http://www.palomine.net/qmail/selectiverelay.html
>
> And I've tested this from the network as well as from
> http://www.abuse.net/relay.html and it would appear that
> relaying is not allowed.
>
> I just rebooted the machine and have not yet started
> tcpserver and qmail-smtp, and suddenly I find dozens
> of qmail-remote processes running. (see below)
>
> Could somebody pls tell me what is going on here ?
> Have these been queued ? (I couldn't find them in
> /var/qmail/queue or any of its subdirectories)
> How can they still be getting through to my box
> if qmail-smtp is not even running yet ? (telneting
> to port 25 won't even get you a connection). And how
> can I get rid of them ?
>
> (Oh, and if anybody knows the [EMAIL PROTECTED], pls
> break his kneecaps)
>
> Thanks for any help b/c this is obviously not
> a good thing - I'm just killing qmail-remote.
>
> chas
>
>
> qmailr 10836 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 257@cra
> qmailr 10853 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 274@cra
> qmailr 10859 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 280@cra
> qmailr 10863 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 284@cra
> qmailr 10869 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 290@cra
> qmailr 10875 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 296@cra
> qmailr 10877 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 298@cra
> qmailr 10880 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 300@cra
> qmailr 10881 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 301@cra
> qmailr 10882 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 302@cra
> qmailr 10883 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 303@cra
> qmailr 10884 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 304@cra
> qmailr 10885 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 305@cra
> qmailr 10886 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 306@cra
> qmailr 10887 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 307@cra
> qmailr 10888 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 308@cra
> qmailr 10889 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 309@cra
> qmailr 10890 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 311@cra
> qmailr 10891 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 312@cra
> qmailr 10892 0.0 0.1 788 428 p0 S 5:49AM 0:00.00
qmail-remote
> crazy.ucs.com.tw [EMAIL PROTECTED] 313@cr
>
>
Thus said chas on Sun, 19 Mar 2000 06:08:15 +0800:
> I just rebooted the machine and have not yet started
> tcpserver and qmail-smtp, and suddenly I find dozens
> of qmail-remote processes running. (see below)
If you are certain that none of the daemons have been started, then is
it possible that you were also hacked and he has installed a script
that gets launched either via cron or in one of your system startup
scripts which simply sends email once your system is booted?
> /var/qmail/queue or any of its subdirectories)
> How can they still be getting through to my box
> if qmail-smtp is not even running yet ? (telneting
> to port 25 won't even get you a connection). And how
> can I get rid of them ?
You could set control/queuelifetime to 0, disconnect your network for a
minute or so and restart qmail-send.
Remember to change control/queuelifetime again to something reasonable
or simply delete it if the default is fine.
Andy
--
+====== Andy ====== TiK: garbaglio ======+
| Linux is about freedom of choice |
+== http://www.xmission.com/~bradipo/ ===+
PGP signature
Thus said "Racer X" on Sat, 18 Mar 2000 14:41:20 PST:
> All those qmail remote processes are sending out that spam mail you
> thought you got rid of. My guess is that the stuff is still in your
> local queue, so use qmail-qstat/qread to check and see.
> qmail-smtpd/tcpserver do not need to be running for outgoing mail to be
> sent.
Good point, it's not qmail-smtpd at all, but qmail-send that is
responsible. :-)
Andy
--
+====== Andy ====== TiK: garbaglio ======+
| Linux is about freedom of choice |
+== http://www.xmission.com/~bradipo/ ===+
PGP signature
First and foremost, thank you very much
to Andy and Shag for the lightning responses.
Shag wrote :
------------
>All those qmail remote processes are sending out that spam mail you
>thought you got rid of. My guess is that the stuff is still in your
>local queue, so use qmail-qstat/qread to check and see.
>qmail-smtpd/tcpserver do not need to be running for outgoing mail to be
>sent.
>
>What you probably want to do in this case is kill qmail as quickly and
>safely as possible, clean up the queue, and then restart qmail. I've
>had to do this a couple of times when I missed a relay rule or
>something, so here's my step-by-step list of stuff to do. Smarter
>people than me can feel free to correct it :)
>
>1) If possible, unplug the box from the network, or ifconfig down the
>public interface.
>2) Kill qmail-smtpd.
>3) Send qmail-send a TERM signal, which will make it exit ASAP.
>4) kill -9 all the qmail-remote processes that you see.
>5) At this point qmail should be completely stopped and you can clean
>out the queue.
Thank you, I did precisely this. Although I cleared the queue
by setting the queuelifetime to 0 as mentioned by Andy (below).
(Usually, I'm usually loathe to just delete the files in the
subdirectories of /var/qmail/queue/mess since it's a mess to do
it and also make the changes in /var/qmail/queue/info etc. I
know there's qmHandle to do this for me but I couldn't find it
at the time ... Mick's site is unavailable)
Bottomline : I've cleared the queue and now have 4 messages there.
This is proven by digging through /var/qmail/queue/mess and by
the program /var/qmail/bin/qmail-qstat as below :
# /var/qmail/bin/qmail-qstat
messages in queue: 4
messages in queue but not yet preprocessed: 0
I eventually found an old version of qmHandle (v 0.2.0) and
that also tells me that I have just 4 messages in the queue.
However, /var/qmail/bin/qmail-qread tells a different story :
/var/qmail/bin/qmail-qread | more
17 Mar 2000 17:07:03 GMT #484107 286058 <[EMAIL PROTECTED]>
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
done remote [EMAIL PROTECTED]
... etc etc to thousands !
I've read the man page but I'm just dim, and don't get it.
What's the difference between these 2 queue stats ? And where
are all the above messages stored ? I couldn't find them
anywhere.
Andy wrote :
------------
>> I just rebooted the machine and have not yet started
>> tcpserver and qmail-smtp, and suddenly I find dozens
>> of qmail-remote processes running. (see below)
>
>If you are certain that none of the daemons have been started, then is
>it possible that you were also hacked and he has installed a script
>that gets launched either via cron or in one of your system startup
>scripts which simply sends email once your system is booted?
That's actually one of my worries.
>> /var/qmail/queue or any of its subdirectories)
>> How can they still be getting through to my box
>> if qmail-smtp is not even running yet ? (telneting
>> to port 25 won't even get you a connection). And how
>> can I get rid of them ?
>
>You could set control/queuelifetime to 0, disconnect your network for a
>minute or so and restart qmail-send.
>
>Remember to change control/queuelifetime again to something reasonable
>or simply delete it if the default is fine.
Thanks, this was very useful.
Chas
How can you send an attachment to an email read from standard input into
qmail-inject ?
That is, I have a file I'd like to send as an attachment. Since both the
file and the attachment will be automatically generated, I'd like to insert
them into the qmail mail system, probably via qmail-inject.
However, I don't see any qmail-inject parameters to handle this!
Suggestions?
(We don't have a mail user agent running on this box - mail is normally just
forwarded by qmail using instructions in .qmail files.)
Michael Slade
[EMAIL PROTECTED]
On Sat, Mar 18, 2000 at 07:09:15PM -0500, Michael Slade wrote:
> How can you send an attachment to an email read from standard input into
> qmail-inject ?
>
> That is, I have a file I'd like to send as an attachment. Since both the
> file and the attachment will be automatically generated, I'd like to insert
> them into the qmail mail system, probably via qmail-inject.
>
> However, I don't see any qmail-inject parameters to handle this!
There is none.
> Suggestions?
>
> (We don't have a mail user agent running on this box - mail is normally just
> forwarded by qmail using instructions in .qmail files.)
Use a competent mailclient to encode the attachment.
Example:
mutt -s "backup mail" -a myfile.tgz [EMAIL PROTECTED] < /dev/null
http://www.mutt.org/
/magnus - recycling answers
--
http://x42.com/
I've serv1.test.com (with qmail configured) and serv2.test.com (with
qmail configured) !
I like : if [EMAIL PROTECTED] not in serv1.test.com then send email
to serv2.test.com !
Other example ! AOL ! aol.com have many users ! this users not in 1
server, but in 2 ,3 or more servers !! and users are : [EMAIL PROTECTED] !
if AOL had used qmail, how she would do ??
Thanks !! And sorry my bad english :)
Ah, ok - I deleted those last 4 messages that were in the
queue. I guess they must have had huge bcc's (though I never
saw it in the /var/qmail/queue/mess files) b/c now everything
has disappeared.
chas
>Date: Sun, 19 Mar 2000 12:17:03 +0800
>To: "qmail list" <[EMAIL PROTECTED]>
>From: chas <[EMAIL PROTECTED]>
>Subject: Re: Spam getting through despite closed relay; or even with no
qmail-smtp running !
>In-Reply-To: <[EMAIL PROTECTED]>
>References: <Message from chas <[EMAIL PROTECTED]> of "Sun, 19 Mar
2000 06:08:15 +0800."
<[EMAIL PROTECTED]> >
>
>First and foremost, thank you very much
>to Andy and Shag for the lightning responses.
>
>
>Shag wrote :
>------------
>>All those qmail remote processes are sending out that spam mail you
>>thought you got rid of. My guess is that the stuff is still in your
>>local queue, so use qmail-qstat/qread to check and see.
>>qmail-smtpd/tcpserver do not need to be running for outgoing mail to be
>>sent.
>>
>>What you probably want to do in this case is kill qmail as quickly and
>>safely as possible, clean up the queue, and then restart qmail. I've
>>had to do this a couple of times when I missed a relay rule or
>>something, so here's my step-by-step list of stuff to do. Smarter
>>people than me can feel free to correct it :)
>>
>>1) If possible, unplug the box from the network, or ifconfig down the
>>public interface.
>>2) Kill qmail-smtpd.
>>3) Send qmail-send a TERM signal, which will make it exit ASAP.
>>4) kill -9 all the qmail-remote processes that you see.
>>5) At this point qmail should be completely stopped and you can clean
>>out the queue.
>
>Thank you, I did precisely this. Although I cleared the queue
>by setting the queuelifetime to 0 as mentioned by Andy (below).
>(Usually, I'm usually loathe to just delete the files in the
>subdirectories of /var/qmail/queue/mess since it's a mess to do
>it and also make the changes in /var/qmail/queue/info etc. I
>know there's qmHandle to do this for me but I couldn't find it
>at the time ... Mick's site is unavailable)
>
>Bottomline : I've cleared the queue and now have 4 messages there.
>This is proven by digging through /var/qmail/queue/mess and by
>the program /var/qmail/bin/qmail-qstat as below :
>
># /var/qmail/bin/qmail-qstat
>messages in queue: 4
>messages in queue but not yet preprocessed: 0
>
>I eventually found an old version of qmHandle (v 0.2.0) and
>that also tells me that I have just 4 messages in the queue.
>
>However, /var/qmail/bin/qmail-qread tells a different story :
>/var/qmail/bin/qmail-qread | more
>17 Mar 2000 17:07:03 GMT #484107 286058 <[EMAIL PROTECTED]>
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> done remote [EMAIL PROTECTED]
> ... etc etc to thousands !
>
>I've read the man page but I'm just dim, and don't get it.
>What's the difference between these 2 queue stats ? And where
>are all the above messages stored ? I couldn't find them
>anywhere.
>
>
>Andy wrote :
>------------
>>> I just rebooted the machine and have not yet started
>>> tcpserver and qmail-smtp, and suddenly I find dozens
>>> of qmail-remote processes running. (see below)
>>
>>If you are certain that none of the daemons have been started, then is
>>it possible that you were also hacked and he has installed a script
>>that gets launched either via cron or in one of your system startup
>>scripts which simply sends email once your system is booted?
>
>That's actually one of my worries.
>
>>> /var/qmail/queue or any of its subdirectories)
>>> How can they still be getting through to my box
>>> if qmail-smtp is not even running yet ? (telneting
>>> to port 25 won't even get you a connection). And how
>>> can I get rid of them ?
>>
>>You could set control/queuelifetime to 0, disconnect your network for a
>>minute or so and restart qmail-send.
>>
>>Remember to change control/queuelifetime again to something reasonable
>>or simply delete it if the default is fine.
>
>Thanks, this was very useful.
>
>
>Chas
Hi !
This last week, my qmail server was in trouble :
One of my user have misconfigured a computer, so that the computer's
security scanner mail it a report every second... :(((
All was fine because qmail is solid rock software but, the rcpt domain's
relayed by my qmail was unable to handle the 79077 mails in 3 days and
crash with no warning (it's a TFS SMTP 4 on NT server... Beurk).
So qmail start to store all domain's mail (valid and scanner's report).
When the TFS restart, the qmail's queue stored about 7000 mails.
So this is my questions :
HOW TO SELECTIVELY DELETE A LOT OF MESSAGE IN THE QUEUE?
It's impossible to restart the queue from scrach, because i handle 4
domains and the queue store valid and invalid mail.
I have search faq/man/docs, but no informations about this. I have as
try qmHandle... but it's not very usefull.
I solve the problem by restarting every hour the TFS SMTP gateway...
I have also found a solution : 'touch "1 week ago" of the file'... but
what's the good file?
Anyone have already handle this sort of problem?
Regards from France, Christophe.
