http://www.mail-archive.com/spamdyke-users@spamdyke.org/msg00978.html Try this at your smtp_psa
Can you paste a more detailed log? Thanks Nightduke 2008/5/19, Stefan Pausch <[EMAIL PROTECTED]>: > > Ø Stefan can you paste your spamdyke.conf > > > > That is the first thing i did, just scroll down J > > > > Ø Have you seen the log? An error appears out of memory. > > > > Yes. The out of memory error has nothing to do with plain text > authorisation (i guess / hope) – but i will check this error in detail later > … > > > > Ø Do you have a lot of spam at your server? Your server is not available > for everywhere? open relay? > > > > Define „a lot" :P – No open relay. Wonder what this hast to do with my > issue. > > > > Ø Also do a cat of the file /etc/xinetd/smtp_psa > > > > I use inetd – i have already posted the configuration (just scroll down) > > > > --Stefan > > > > *Von:* [EMAIL PROTECTED] [mailto: > [EMAIL PROTECTED] *Im Auftrag von *nightduke > *Gesendet:* Montag, 19. Mai 2008 13:50 > *An:* spamdyke users > *Betreff:* Re: [spamdyke-users] SMTP auth and spamhaus issues with "The > Bat" > > > > Stefan can you paste your spamdyke.conf > > > > Have you seen the log? An error appears out of memory. > > Do you have a lot of spam at your server? Your server is not available for > everywhere? open relay? > > > > Also do a cat of the file /etc/xinetd/smtp_psa > > > > Nightduke > > > > > > 2008/5/19, Stefan Pausch <[EMAIL PROTECTED]>: > > I will send you a full log later this day. > > - QMail was originally installed by Plesk (8.0) > - I recompiled QMail a few months ago with a greylist patch, which worked > flawless (but not as good as spamdyke) > - I month ago i switched to Spamdyke and manually Reinstalled Qmail - maybe > something went terrible wrong there? :) ( I will have a deeper look into > the > authentication stuff later this day ... maybe something isn't configured > correctly) > > --Stefan > > > -----Ursprüngliche Nachricht----- > > Von: [EMAIL PROTECTED] [mailto:spamdyke-users- > > [EMAIL PROTECTED] Im Auftrag von Sam Clippinger > > Gesendet: Montag, 19. Mai 2008 05:27 > > An: spamdyke users > > Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with "The > > Bat" > > > > I don't understand either. Could you enable full logging in spamdyke > > (with "full-log-dir") and send a log file from one of these connections > > to me? > > > > Also, out of curiosity, how did you install qmail? Did you use > > qmailrocks, LifeWithQmail or some other tutorial/distribution? > > > > -- Sam Clippinger > > > > Stefan Pausch wrote: > > > I changed the configuration with no effect. I remembered the log > > window in > > > "The Bat" and had a look: > > > > > > 18.05.2008, 22:30:35: SEND - sending mail message(s) - 1 message(s) > > in > > > queue > > > 18.05.2008, 22:30:35: SEND - connected to SMTP server > > > 18.05.2008, 22:30:35: SEND - authenticating (software CRAM-MD5)... > > > 18.05.2008, 22:30:35: SEND - Server reports error. The response is: > > out of > > > memory (#4.3.0) > > > 18.05.2008, 22:30:35: SEND - authenticating (plain)... > > > 18.05.2008, 22:30:37: SEND - Server reports error. The response is: > > auth > > > failure > > > 18.05.2008, 22:30:37: SEND - authenticating (login)... > > > 18.05.2008, 22:30:37: SEND - WARNING: authentication failed > > > 18.05.2008, 22:30:37: SEND - sending message to [EMAIL PROTECTED] > > > !18.05.2008, 22:30:37: SEND - Server reports error. The response is: > > > http://www.spamhaus.org/query/bl?ip=91.1.194.50 See: > > > http://stefanpausch.com/greylist.php > > > !18.05.2008, 22:30:37: SEND - Server reports error. The response is: > > > http://www.spamhaus.org/query/bl?ip=91.1.194.50 See: > > > http://stefanpausch.com/greylist.php > > > 18.05.2008, 22:30:37: SEND - connection finished - 0 message(s) > > sent > > > 18.05.2008, 22:30:37: SEND - Some messages were not sent - check > > the log > > > for details > > > > > > Looks like "plain" authentication fails. I wonder why. I used > > > "/var/qmail/bin/qmail-smtpd /var/qmail/bin/true" instead of > > > "/var/qmail/bin/qmail-smtp", because without "/var/qmail/bin/true" i > > > couldn't auth at all - didn't fully test this, just saw a weird error > > > message in the log files: > > > > > > smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net > > [91.1.194.50] > > > smtp_auth: smtp_auth: exit 2 at point 9 > > > smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net > > [91.1.194.50] > > > smtp_auth: smtp_auth: exit 2 at point 9 > > > > > > Any other ideas what could be the cause? > > > > > > Just for completion my /etc/inetd.conf ... maybe something is wrong > > there: > > > > > > poppassd stream tcp nowait/1000 root /usr/sbin/tcpd > > > /opt/psa/admin/bin/poppassd > > > smtp stream tcp nowait.1000 root /var/qmail/bin/tcp-env tcp-env -Rt0 > > > /usr/bin/env SMTPAUTH=1 POPLOCK_TIME=20 END=1 > > /var/qmail/bin/relaylock > > > /usr/local/bin/spamdyke -f /etc/spamdyke.conf /var/qmail/bin/qmail- > > smtpd > > > /var/qmail/bin/smtp_auth /var/qmail/bin/true > > > smtps stream tcp nowait.1000 root /var/qmail/bin/tcp-env tcp-env -Rt0 > > > /usr/bin/env SMTPAUTH=1 POPLOCK_TIME=20 END=1 > > /var/qmail/bin/relaylock > > > /usr/local/bin/spamdyke -f /etc/spamdyke.conf /var/qmail/bin/qmail- > > smtpd > > > /var/qmail/bin/smtp_auth /var/qmail/bin/true > > > > > > Thanks alot for the help. > > > > > > --Stefan > > > > > > > > >> -----Ursprüngliche Nachricht----- > > >> Von: [EMAIL PROTECTED] [mailto:spamdyke-users- > > >> [EMAIL PROTECTED] Im Auftrag von Sam Clippinger > > >> Gesendet: Sonntag, 18. Mai 2008 22:20 > > >> An: spamdyke users > > >> Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with > > "The > > >> Bat" > > >> > > >> My best guess is that your qmail is advertising an encrypted > > >> authentication protocol (probably CRAM-MD5) that it doesn't actually > > >> support, perhaps because your passwords are not stored in an > > >> unencrypted > > >> format. My theory is supported by your discovery of the > > >> "mail.smtpserver.default.trySecAuth" setting in Thunderbird -- that > > >> value probably controls whether Thunderbird uses encrypted > > protocols. > > >> When the clients try to authenticate with the encrypted protocol, > > they > > >> fail. > > >> > > >> Try this: edit your "run" file where spamdyke's and qmail's command > > >> lines are found. At the end of the line, you'll probably see this: > > >> /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth > > >> /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true > > >> Edit that portion to just this: > > >> /var/qmail/bin/qmail-smtpd > > >> Restart qmail so the change will take effect. > > >> > > >> This change _should_ prevent qmail from advertising SMTP AUTH, > > >> including > > >> the encrypted protocols it doesn't support. However, because > > >> spamdyke's > > >> configuration file includes the "smtp-auth-command" lines, spamdyke > > >> will > > >> advertise unencrypted SMTP AUTH on qmail's behalf. It will process > > the > > >> authentications and disable its filters. If my theory is correct, > > this > > >> change should solve your problem. > > >> > > >> -- Sam Clippinger > > >> > > >> Stefan Pausch wrote: > > >> > > >>> Thanks for the response. I will go more into detail : > > >>> > > >>> - i won't strip the IP or eMails from the logs. Enjoy my data :P > > >>> - I guess i have an issue with non-plaintext SMTP-Authentication > > with > > >>> > > >> QMail > > >> > > >>> (Plesk 8.4 installation). Maybe i have to patch the basic qmail > > >>> installation? > > >>> - Outlook works fine. No issues here. > > >>> - Log entrys for Outlook and patched thunderbird2: > > >>> > > >>> spamdyke[25426]: INFO: found A record for p5b01c232.dip.t- > > dialin.net: > > >>> 91.1.194.50 > > >>> smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net > > >>> > > >> [91.1.194.50] > > >> > > >>> smtp_auth: smtp_auth: SMTP user : logged in from > > >>> (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > > >>> smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net > > >>> > > >> [91.1.194.50] > > >> > > >>> smtp_auth: smtp_auth: SMTP user : logged in from > > >>> (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > > >>> spamdyke[25426]: ALLOWED from: [EMAIL PROTECTED] to: > > >>> > > >> [EMAIL PROTECTED] > > >> > > >>> origin_ip: 91.1.194.50 origin_rdns: p5b01c232.dip.t-dialin.net > > auth: > > >>> [EMAIL PROTECTED] > > >>> > > >>> - Thunderbird and "The Bat" show following log entries with SMTP- > > Auth > > >>> enabled, Non secure connection and correct password (pop3 auth > > >>> > > >> works!): > > >> > > >>> spamdyke[22736]: INFO: found A record for p5b01c232.dip.t- > > dialin.net: > > >>> 91.1.194.50 > > >>> spamdyke[22736]: INFO: found TXT record for > > >>> > > >> 50.194.1.91.zen.spamhaus.org: > > >> > > >>> http://www.spamhaus.org/query/bl?ip=91.1.194.50 > > >>> ... > > >>> smtp_auth: smtp_auth: FAILED: - password incorrect () from > > >>> (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > > >>> spamdyke[24578]: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: > > >>> [EMAIL PROTECTED] origin_ip: 91.1.194.50 origin_rdns: > > >>> p5b01c232.dip.t-dialin.net auth: (unknown) > > >>> (dont worry about the spamdyke ids ... i just dont find the correct > > >>> > > >> lines > > >> > > >>> anymore, but the the output is exat the same, besides the ids) > > >>> > > >>> - If i change the about:config "mail.smtpserver.default.trySecAuth" > > >>> > > >> value in > > >> > > >>> Thunderbird 2 from "true" to "false" thunderbird users can send > > >>> > > >> emails > > >> > > >>> - Is this a issue with spamdyke ( i guess not ) or directly with > > >>> qmail-smtp-auth which doesn't understand a crypted smtp-auth query? > > - > > >>> > > >> Is > > >> > > >>> there an easy way to fix, or do i really have to recompile qmail > > >>> > > >> (again.. > > >> > > >>> sigh)? > > >>> > > >>> --Stefan > > >>> > > >>> > > >>> > > >>> > > >>> > > >>>> -----Ursprüngliche Nachricht----- > > >>>> Von: [EMAIL PROTECTED] [mailto:spamdyke-users- > > >>>> [EMAIL PROTECTED] Im Auftrag von Sam Clippinger > > >>>> Gesendet: Sonntag, 18. Mai 2008 18:28 > > >>>> An: spamdyke users > > >>>> Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with > > >>>> > > >> "The > > >> > > >>>> Bat" > > >>>> > > >>>> I use Thunderbird myself and I've never had any problems. I'm not > > >>>> > > >> sure > > >> > > >>>> what you mean by "wrong authentication type". > > >>>> > > >>>> Could you enable full logging and send me a log from a connection > > >>>> > > >> that > > >> > > >>>> authenticates and is still blocked? > > >>>> > > >>>> -- Sam Clippinger > > >>>> > > >>>> Stefan Pausch wrote: > > >>>> > > >>>> > > >>>>> I just ran into a DENIED_RBL_MATCH issue with "The Bat" > > >>>>> (http://ritlabs.com/) users. The user uses the latest version of > > >>>>> > > >> "The > > >> > > >>>> Bat" > > >>>> > > >>>> > > >>>>> with SMTP Auth and no SSL Authentifications on and gets denied > > due > > >>>>> > > >>>>> > > >>>> the > > >>>> > > >>>> > > >>>>> spamhaus listing . > > >>>>> > > >>>>> I guess it is the same issue as with thunderbird, which uses a > > >>>>> > > >>>>> > > >>>> "wrong" > > >>>> > > >>>> > > >>>>> authentication type. I tested "The bat with several settings" and > > >>>>> > > >>>>> > > >>>> couldn't > > >>>> > > >>>> > > >>>>> find a solution for the error > > >>>>> > > >>>>> Has any of you a solution for ths smtp-auth misbehavior? > > >>>>> > > >>>>> System: Debian, qmail, spamdyke > > >>>>> > > >>>>> Spamdyke.conf: > > >>>>> > > >>>>> 1 log-level=2 > > >>>>> 2 log-target=1 > > >>>>> 3 local-domains-file=/var/qmail/control/rcpthosts > > >>>>> 4 idle-timeout-secs=300 > > >>>>> 5 graylist-dir=/var/qmail/spamdyke/greylist > > >>>>> 6 graylist-min-secs=300 > > >>>>> 7 graylist-max-secs=4814400 > > >>>>> 8 policy-url=http://stefanpausch.com/greylist.php > > >>>>> 9 sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders > > >>>>> 10 recipient-blacklist- > > >>>>> > > >> file=/var/qmail/spamdyke/blacklist_recipients > > >> > > >>>>> 11 ip-in-rdns-keyword- > > file=/var/qmail/spamdyke/blacklist_keywords > > >>>>> 12 ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip > > >>>>> 13 rdns-blacklist-dir=/var/qmail/spamdyke/blacklist_rdns.d > > >>>>> 14 rdns-whitelist-file=/var/qmail/spamdyke/whitelist_rdns > > >>>>> 15 ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip > > >>>>> 16 sender-whitelist-file=/var/qmail/spamdyke/whitelist_sender > > >>>>> 17 greeting-delay-secs=3 > > >>>>> 18 tls-certificate-file=/var/qmail/control/servercert.pem > > >>>>> 19 local-domains-file=/var/qmail/control/rcpthosts > > >>>>> 20 smtp-auth-command=/var/qmail/bin/smtp_auth > > /var/qmail/bin/true > > >>>>> 21 smtp-auth-command=/var/qmail/bin/cmd5checkpw > > >>>>> > > >> /var/qmail/bin/true > > >> > > >>>>> 22 check-dnsrbl=ix.dnsbl.manitu.net > > >>>>> 23 #check-dnsrbl=zen.spamhaus.org > > >>>>> 24 check-dnsrbl=list.dsbl.org > > >>>>> 25 check-dnsrbl=zombie.dnsbl.sorbs.net > > >>>>> 26 check-dnsrbl=dul.dnsbl.sorbs.net > > >>>>> 27 check-dnsrbl=bogons.cymru.com > > >>>>> 28 reject-missing-sender-mx > > >>>>> 29 reject-empty-rdns > > >>>>> 30 reject-unresolvable-rdns > > >>>>> 31 tls-certificate-file=/var/qmail/control/servercert.pem > > >>>>> 32 hostname-file=/var/qmail/control/me > > >>>>> > > >>>>> > > >>>>> __________ Information from ESET NOD32 Antivirus, version of > > virus > > >>>>> > > >>>>> > > >>>> signature > > >>>> > > >>>> > > >>>>> database 3106 (20080516) __________ > > >>>>> > > >>>>> The message was checked by ESET NOD32 Antivirus. > > >>>>> > > >>>>> http://www.eset.com > > >>>>> > > >>>>> > > >>>>> _______________________________________________ > > >>>>> spamdyke-users mailing list > > >>>>> spamdyke-users@spamdyke.org > > >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > >>>>> > > >>>>> > > >>>>> > > >>>> _______________________________________________ > > >>>> spamdyke-users mailing list > > >>>> spamdyke-users@spamdyke.org > > >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > >>>> > > >>>> __________ Information from ESET NOD32 Antivirus, version of virus > > >>>> signature database 3106 (20080516) __________ > > >>>> > > >>>> The message was checked by ESET NOD32 Antivirus. > > >>>> > > >>>> http://www.eset.com > > >>>> > > >>>> > > >>> > > >>> __________ Information from ESET NOD32 Antivirus, version of virus > > >>> > > >> signature > > >> > > >>> database 3106 (20080516) __________ > > >>> > > >>> The message was checked by ESET NOD32 Antivirus. > > >>> > > >>> http://www.eset.com > > >>> > > >>> > > >>> _______________________________________________ > > >>> spamdyke-users mailing list > > >>> spamdyke-users@spamdyke.org > > >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > >>> > > >>> > > >> _______________________________________________ > > >> spamdyke-users mailing list > > >> spamdyke-users@spamdyke.org > > >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > >> > > >> __________ Information from ESET NOD32 Antivirus, version of virus > > >> signature database 3106 (20080516) __________ > > >> > > >> The message was checked by ESET NOD32 Antivirus. > > >> > > >> http://www.eset.com > > >> > > > > > > > > > _______________________________________________ > > > spamdyke-users mailing list > > > spamdyke-users@spamdyke.org > > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > > _______________________________________________ > > spamdyke-users mailing list > > spamdyke-users@spamdyke.org > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > __________ Information from ESET NOD32 Antivirus, version of virus > > signature database 3108 (20080519) __________ > > > > The message was checked by ESET NOD32 Antivirus. > > > > http://www.eset.com > > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users