column, since
qpsmtpd can use any lookup and auth method that
sendmail can.
Just what does sendmail exclusively have, and show
me its realtime smtp protocol filtering. I know, you
are touting the efficiency of a vacuum, of a lack of
protocol filtering?! Must be.
-Bob
mimedefang itself
through qpsmtpd's milter interface which might not be
difficult if someone has time to try it.
While the only point to be made, since mimedefang and
milters belong to qpsmtpd equally as to sendmail, is that
qpsmtpd does dynamic, realtime protocol evaluation.
-Bob
-qp-connection-remote_ip,
$relay_client,
$auth_method,
$auth_user
);
I need message ID.
-Bob
Ask Bjørn Hansen wrote:
Unless something comes up we'll put out 0.32 next thursday -- that
gives you a week to test this one.
Download:
http://smtpd.develooper.com/files/qpsmtpd-0.32rc1.tar.gz
SVN co (for svn switch)
http://svn.perl.org/qpsmtpd/tags/0.32rc1/
Changes:
of any studies to consult.
You would have a log of the [EMAIL PROTECTED] phish, if
you denied on spf fail. That's one spf benefit I'm logging
http://perlq.org/ and I'm not even running any lists which
would bump up the stats for spf.
-Bob
as marked as spam, dspam rates it .9997 confidence
of not being spam.
-Bob
Ask Bjørn Hansen wrote:
On Jan 18, 2006, at 12:30 AM, Ulrich Stärk wrote:
Hi Ulrich,
Thanks for contributing your plugin; it or something like it would
make a good addition I think. (Like many other modules posted to the
list for that matter :-) ...).
I didn't know how likely those
. initial queue/smtpd-forward and backup
queue/qmail-queue).
HTH
John
Net::QMQP
-Bob
Andy Colson wrote:
On 1/18/06, via RT Ask Bjoern Hansen
[EMAIL PROTECTED] wrote:
# New Ticket Created by Ask Bjoern Hansen
# Please include the string: [perl #38268]
# in the subject line of all future correspondence about this issue.
# URL:
Andy Colson wrote:
On 1/18/06, via RT Ask Bjoern Hansen
[EMAIL PROTECTED] wrote:
# New Ticket Created by Ask Bjoern Hansen
# Please include the string: [perl #38268]
# in the subject line of all future correspondence about this issue.
# URL:
require_resolvable_fromhost
6064 no such user
0dspam
2miss
2/14449 = potential benefit of require_message_id plugin.
It could not run before many of the others listed above
so as to save that overhead.
Needs to check ucase and lcase, Message-I[dD]
-Bob
as marked as spam, dspam rates it .9997 confidence
of not being spam.
-Bob
them another way.
The ./config/IP file can contain merely 0 to say that qpsmtpd
should take over all interfaces(outward, localhost, and 192.*).
That means the IP file is not available to tell you what your
IP is. You might have 3 IP's or more, as many as your interfaces.
-Bob
condition like
another server is not up yet or your plugin died on a disk
or path problem.
-Bob
at an earlier hook. That's what you want, though, if
you want post_data plugins to check for the note and then
DECLINE for relay clients. You could want that to bypass
very early, to bypass dns checks and blacklisting and such.
-Bob
difference between you ./run and
svscan ./run.
-Bob
.
In theory, queues are like a plate of spaghetti. Maybe the ends
are stuck together, maybe they're just parallel, but who can tell.
-Bob
that the message was spam and to
deliver it to dspam's quarantine. Then a user could go to the
dspam web interface, examine the message, do various things
with it.
If a windows user has a virus that infects outgoing mail, the
content could be worth quarantining.
-Bob
.
They open the door.
-Bob
=head1 NAME
check_helofqdn - Check a HELO message delivered from a connecting host.
=head1 DESCRIPTION
Check a HELO message delivered from a connecting host. Reject any
that are not a Fully Qualified
uw -A, read readproctitle error message.
I'm not complaining. I think multilog is a great tool.
-Bob
to find the run file or see into it.
-Bob
Michael D. Baldwin wrote:
To Bob:
I can't send email from [EMAIL PROTECTED] mailto:[EMAIL PROTECTED], as thats
the lan/mailserver in question.. so I'm going to stick to the list,
just incase others have inputs from what is discussed.
qmail-smtpd/run
. Such as the names of the cert and key files, too,
last time I looked.
VIA's new C7 chip will be nice for us.
-Bob
=./main
[ -d $LOGDIR ] || mkdir -p $LOGDIR
exec setuidgid qmaill multilog t s100 n200 \
!./qp_log_s $LOGDIR
-Bob
and deletes). There can be a
web forms interface for self signup and self
alias and self unsubscribe, interfacing to
openldap or mysql. No, there isn't any default
in qpsmtpd for that.
-Bob
. Encryption cards and servers can't
compete, nor just using the cpu(although if one cpu is
six times as fast...pretty good alright muddle through).
-Bob
, which only verifies
the @domain.
-Bob
put the svc -t in, so I
can't be sure that's the end of the problem. If a child's child
can send TERM to it's grand-parent, everything ought to be
OK.
-Bob
this option for servers on TCP
ports 53 and 113.
* -t /n/: Give up on the $TCPREMOTEINFO connection attempt after /n/
seconds. Default: 26.
64-bit for real gig-e and gigbps on pci bus, too. Cool.
-Bob
Elliot Foster wrote:
Bob Dodds wrote:
Eye candy. http://perlq.org/filter.png
check_earlytalker and require_resolvable_from_host
and spf, and qpsmtpd in general, are doing a fine job.
Thanks to Matt Sergeant for recommending a longer
check_earlytalker wait time.
-Bob
Which leads me to ask
Eye candy. http://perlq.org/filter.png
check_earlytalker and require_resolvable_from_host
and spf, and qpsmtpd in general, are doing a fine job.
Thanks to Matt Sergeant for recommending a longer
check_earlytalker wait time.
-Bob
-bcc as innocent, your outgoing,
and selected incoming, to the honeypot dspam user,
because honeypot user needs to train on notspam,
too.
-Bob
dlmtp perl api
Communicate with dspam daemon from a different pc, and use any
dspam options you want, not just one set of options in dspam.conf
reasonable.
- ask
Yes, it's just a temp failure and try again later. Good
option, can't be a bad option to have.
-Bob
have no idea what you're trying to do
Make things look nice, or leave them looking nice like $sender-user
but I need to make that ugly to avoid making the log file ugly. I can't
grep an ugly log file with DECLINED in queue.
Bob Dodds wrote:
Real world example:
$address = '[EMAIL PROTECTED
of hook_queue, then test
there if exe_filter issued the deny, print exe_filter's log
error instead of a body. You can search this list archive
to learn more about the deny hook so you can learn how
to do the test for exe_filter deny and to find its error log.
-Bob
Bob Dodds wrote:
Oscar Retana wrote:
Hello.
Let's say a plugin finds something really bad inside an email (an exe
attachment). I want to DENY that email, but I also want to notify the
recipient[*]. I was thinking of creating a new e-mail from scratch
and send it to the recipients
in kind or defending
its resources.
-Bob
;
$lmtp-dataend ;
$lmtp-quit ;
}
-Bob D
about the two commas(,ident,pmode), do they turn into
spaces?
-Bob
dspam 3.5.2 client.c
int client_authenticate(THREAD_CTX *TTX, const char *mode) {
char *ident = _ds_read_attribute(agent_config, ClientIdent);
char buf[1024], err[128];
char *ptr;
char pmode[1024];
ESCOB
pmode[0] = 0
awk won't handle
spaces in localpart.
-Bob
and using other people's resources--
would they also like to find open relays?! I should
thank them for showing me the weakness.
-Bob
either in rcpt or queue hook plugin.
Then wouldn't any remaining access rules be enforced by
using postfix AFTER qpsmtpd, or do you mean user prefs for
content filtering, as well as access rules? If you mean custom
user prefs, you might have some hacking to do in a plugin.
-Bob
hair day, bad in what sense(sent to
non-existent address, or bad protocol).
-Bob
dynamic html method to browse logs.
-Bob
/this/* simply when there is more than one
file.
Some plugins use other dirs like ./var and ./certs ./ssl
var for work files like db's. Perhaps ssl and certs
belong in ./config/ssl/CA/certs like /etc/ssl/CA/certs
because that is what they correspond to.
-Bob
?page=3
-Bob Dodds
. How many
are trojaned, too, and which is more common, loaning
or pc's getting trojaned or logins stolen through
viruses(through another mta of course).
-Bob
Bob Dodds wrote:
John Peacock wrote:
Bob Dodds wrote:
Mail readers really encourage a default login
for multiple senders(accounts). I
to some address.
-Bob
,
and in their source, To: undisclosed recipients
and no bcc list visible, without any effort to
do anything with bcc/cc in my queue plugin. I know
perl Net::LMTP does not remove anything. You
probably don't need to worry about those, just
use $transaction-recipients.
-Bob
sources
that just put them all in a list. I tried to pare them down
and got to a 100% effective list that was about 50%
false positive ;-).
-Bob
that version.
my $auth_user = $self-qp-auth_user ;
-Bob
-address.t too :-)
Yes, I need hand-holding. I see the point of sorting
recipients into per domain lists but I need examples
to learn how to implement it. Donne moi du t/*.t
help me.
-Bob
-header-get( 'From' ) ;
( $from ) = ( $from =~ /^[^]*([^]+).*$/ ) ;
chomp $from ;
my $sender = $transaction-header-get( 'Sender' ) ;
if ( $sender ) {
( $sender ) = ( $sender =~ /^[^]*([^]+).*$/ ) ;
chomp $sender ;
$from = $sender ? $sender : $from ;
}
return lc $from ;
}
-Bob
Ask Bjørn Hansen wrote:
On Oct 25, 2005, at 15:04 , Bob Dodds wrote:
[...]
If you need to take some recipients out of
$transaction-recipients before qmail-queue, how
do you do that?
You can modify the list and set it again with $transactions-
recipients([EMAIL PROTECTED
=~ /^srs[01]/i ) {
( $verp , $localpart , $domain )
= ( $address =~ /([EMAIL PROTECTED]@=-])(.*)\@(.*$)/i ) ;
}
else {
( $verp , $localpart , $domain )
= ( $address =~ /([EMAIL PROTECTED]@=-]|^)(.*)\@(.*$)/ ) ;
}
return lc $localpart . $domain ;
}
-Bob Dodds
. And several other things,
like at least another harmless why-not garbage filter
for rcpt ldap/sql lookups.
Bob Dodds wrote:
Not selling verp. I just want to point out that another
mta may verp its mail to here. That makes recipients
appear to be different usernames. qmail and ldap and
sql lookups
I don't want to talk to users or peeved ezmlm admins and
moderators! They don't want to talk to me, either.
grep ezmlm in the Mailing-List header--
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
--in incoming non-bounce messages. Then make sure that
domain is in the skip list file. Then
.
-Bob
with saslauthd.
-Bob
$|-moderators$|-owner$// ;
-Bob
All virus plugins now hook_data_post. Does that mean
they only scan a message once when there are multiple
recipients?
-Bob
( 'divert@' . $self-qp-config( me ) . '' ) ;
-Bob
such a value be used? Queue? There
are more than two routing possibilities in some
queues.
-Bob
Elliot Foster wrote:
Hanno Hecker wrote:
Hi,
while setting up a new system with qpsmtpd and LDAP I took rcpt_ok and
auth/auth_ldap_bind, mixed it a bit and this is the result ;-) It uses
the same
by
$rcpt-address(Qpsmtpd::Address-new(''.$address.''));
$rcpt-address(Qpsmtpd::Address-new($local_part,$host));
since John has decided to leave that method available.
Do we need this option?
$rcpt-address($local_part,$host);
-Bob
without doing any work of my
own. Also that is close to self-documenting
or transparently obvious for the three
setups.
-Bob
of thing is proof that the
witch-hunt hysteria and lynch mob mentality is a
dead-end. The law and order mob has to be put in
its $3.50/hr place before we see another Blackwater
FEMA evacuation of all email boxes in New Orleans.
-Bob
David Nicol wrote:
On 9/1/05, Bob Dodds [EMAIL PROTECTED] wrote:
To implement I want to use IPC::DirQueue.
[...]
It's site-specific spaghetti right now.
IPC::DirQueue uses FIFO, but in e-mail processing we want
to backoff our retries.
I implemented a directory-based queueing system
.
It's site-specific spaghetti right now.
-Bob
not one error logged after install
-B
Devin Carraway wrote:
On Tue, Aug 23, 2005 at 12:17:32AM -0400, Bob Dodds wrote:
A per plugin deb or rpm could install into qpsmtpd with
minimal meddling that way. Maintaining debs rpms for
qpsmtpd installs with a given set of plugins would be
easy to maintain without scripting edits
of plugins would be
easy to maintain without scripting edits of config/plugins.
-Bob
:21PM -0400, Bob Dodds wrote:
If using SRS, recipient not being an SRS alias is fine
unless what?
Recipient not being an SRS alias is fine. Recipient being an SRS
alias is fine unless the SRS rewrite fails. That means either it's
a bogus alias (isn't hashed with your secret), or it's timed
, 2.5.2 cannot verify user but will attempt delivery ) ;
return ( DENYSOFT , 4.7.1 delivery not authorized ) ;
return ( DENYSOFT , 4.4.3 directory server temporarily unavailable )
return ( DENY , 5.2.0. User moved permanently . $msg_id )
-Bob
).
-Bob Dodds
Nick Leverton wrote:
On Thu, Jul 28, 2005 at 08:19:13AM -0400, Bob Dodds wrote:
I was planning to use it only for local recipient addresses
which had already been looked up in ldap at rcpt, but
somebody might use it to write their relays to disk if
some temporary problem existed. They could
keys to
name a few. Or -Mailman-. egroups.
-Bob
or spool all mail. I snipped out
some code from this file, user_maildir, to write dspam
retrain alias messages and listserver messages to
disk.
-Bob
$stop_stalking_me ;
but I may still have to obfuscate $file used in link
to make it mine(adding a my layer or two or three).
Ugly! Making a scene. Curb that nanny!
-Bob
Bob Dodds wrote:
Keith Ivey wrote:
Bob Dodds wrote:
That doesn't help, so it must be the use of '=' instead
of a comma in $transaction-header-add(). perldoc
Mail::Header says to use commas there.
The = is equivalent to a comma in that context. And it has nothing
to do with whatever you're
you're suggesting.
Matt.
My install script soft links qmail's rcpthosts and its
other files into ./config/samenames. What would
happen to qpsmtpd if vpopmail was allowed to
over-write qp's rcpthosts that way?
-Bob
be many. May add a FOURTH queue
method for list managers! It's almost a 10k
plugin now.
-Bob
foreach $to ( to_list ( $self , $transaction ) , @bcc_sent ) {
if ( $to ) {
$to_user = lc substr ( $to , 0 , index ( $to , '@' ) ) ;
$msg_id = _msg_id ( $self , $transaction , $from_host , $MSG_N
sender_permitted_from has a fatal error at line 119,
but look at the previous line--it ends with if ($result);,
precisely the test that will fix the error on the next
line.
Duh.
if ( $result ) {
[test BOTH lines]
}
-Bob
Keith Ivey wrote:
Bob Dodds wrote:
That doesn't help, so it must be the use of '=' instead
of a comma in $transaction-header-add(). perldoc
Mail::Header says to use commas there.
The = is equivalent to a comma in that context. And it has nothing
to do with whatever you're doing
)
while $line = $transaction-body_getline ;
$lmtp-dataend ;
$lmtp-quit ;
undef $lmtp ;
}
# if not local then--
my $qm_msg_id = qmail_relay ( $self , $transaction )
if ( $#Q + 1 ) and $Q[0] ;
-Bob
arrays,
local(lmtp to dspam to cyrus imap) and qmail.
This is reminding me I have to fix where I'm not dealing
with multiple Received headers(it's not a scalar it's a ref,
oops, seen a few refs in the log, ARRAY I guess it was).
-Bob
I would have to de-alias the srs
recipient on the way in, then srs encode the sender
on the way out. There are four things to look
at-- dspam aliases and list server aliases and srs, and
cyrus uses [EMAIL PROTECTED] so I would prefer
to use = as srs sepchar.
-Bob
if $helo =~ m/\Q$denied_host\E$/i
or $from_host =~ m/\Q$denied_host\E$/i ;
}
if ( $spoofus ) {
$self-log( LOGDEBUG , SPooF claim-to-authority
. social-engineering attack ) ;
return ( DENYHARD ) ;
}
}
sub uniq { my %u ; grep { ++$u{ $_ } == 1 and $_ } @_ }
-Bob Dodds
).
-Bob Dodds
___
#!/usr/bin/perl -w
#-w
use strict;
use Benchmark;
sub in_a_not_b {
my ( $ra , $rb , %u , %v ) = ( $_[0] , $_[1] , () , () ) ;
grep { $_ and ! ($u{$_}++) } @$rb ;
grep { $_ and ! ($v{$_}++) and ! $u{$_} } @$ra ;
}
my @list
#Bob,
Hanno,
Just try this... ;-)
I'm trying to get rid of 0, empty, undef, too.
You win for uniq though. I speeded up mine a
little by discovering I didn't need the grep
to delete null and zero and empty items. Can
you make yours do that, too?
#!/usr/bin/perl -w
use strict;
use Benchmark;
#my
Trailing backslash, ./tmp/ , as in the || Qp line?
-Bob
Nick Leverton wrote:
On Tue, Jun 07, 2005 at 07:33:27PM -0400, Bob wrote:
...like to fix...allowing duplicate recipients
sub _uniq {
my %u = () ; for ( @_ ) { $_ and $u{$_} = 1 } ; keys %u if ref \%u ;
}
There's an even neater way to write uniq, which also preserves the order:
my %u
Do I need this? I'm getting six to nine dupes to the
same recipient from a worm, and even though I
can deny that worm at rcpt, I'd like to fix the hole,
wherever it is, that is allowing duplicate recipients
for one message.
sub _uniq {
my %u = () ; for ( @_ ) { $_ and $u{$_} = 1 } ; keys %u if
( honeypot . '@' . $self-qp-config( me ) ) ;
return ( OK , 2.5.2. SPF says you are not me but will attempt
delivery ) ;
}
}
-Bob Dodds
,
then turn -Tw off for speed. What about that? It
might deserve a comment that turning off -Tw is
a speedup. This assumes people usually don't hack
on qpsmtpd and plugins, or if they do, debug them
with -Tw.
-Bob
()
$lmtp-quit ;
-Bob Dodds
. '@' . $d);
dspam would probably use--
$lmtp-recipients($a,$b,$c,$d,$etc);
and avoid multiple scanning of the same message, but is qpsmtpd
currently keeping multiple recipients in $transaction-recipients
or just calling queue hook per recipient?
-Bob Dodds
enforce no export crap, as cyrus docs phrase it--
'SSL_cipher_list' =
'TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!LOW:@STRENGTH'
...it is otherwise possible for a tls connection to be accepted
to use null encryption.
-Bob Dodds
Here's how we could set up arg% server side for qp's
start_tls().
sub start_tls
. Annual (or
more or less often) rebuilding could be accomplished by deleting (or moving)
the cert file.
You could use the maildir style of putting in place, then
renaming it, to avoid collisions. That would not break
ongoing tls conversations.
-Bob Dodds
, and every
different subsystem (Apache, high_perf, tcpserver, etc) does the
connection differently.
Matt.
You'd only have to perl tls for high_perf, and somebody
else for forkserver, if sslserver is a drop-in replacement
for tcpserver, right?
-Bob
watchdog would work. Doesn't forkserver have one?
-Bob Dodds
Bob wrote:
Brian Grossman wrote:
On Tue, 26 Apr 2005 11:55:07 -0400
Matt Sergeant [EMAIL PROTECTED] wrote:
What else would you like to see me add to this?
List of current connections with whatever information about the
connection
is handy, especially time of connect and remote ip. Like ps
1 - 100 of 152 matches
Mail list logo