qmail Digest 19 Jan 1999 11:00:08 -0000 Issue 525
Topics (messages 20566 through 20653):
qmail bandwidth usage versus other MTAs
20566 by: "Brian S. Craigie" <[EMAIL PROTECTED]>
20618 by: [EMAIL PROTECTED]
Three solutions for spam
20567 by: [EMAIL PROTECTED]
20568 by: [EMAIL PROTECTED]
20570 by: Pedro Melo <[EMAIL PROTECTED]>
20572 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
20574 by: "Len Budney" <[EMAIL PROTECTED]>
20575 by: Mate Wierdl <[EMAIL PROTECTED]>
20576 by: Russell Nelson <[EMAIL PROTECTED]>
20578 by: "Len Budney" <[EMAIL PROTECTED]>
20581 by: Russell Nelson <[EMAIL PROTECTED]>
20582 by: Russell Nelson <[EMAIL PROTECTED]>
20584 by: "Len Budney" <[EMAIL PROTECTED]>
20585 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
20586 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
20588 by: "Edward S. Marshall" <[EMAIL PROTECTED]>
20589 by: [EMAIL PROTECTED]
20594 by: [EMAIL PROTECTED]
20595 by: Russell Nelson <[EMAIL PROTECTED]>
20596 by: "Racer X" <[EMAIL PROTECTED]>
20597 by: [EMAIL PROTECTED]
20598 by: "Soffen, Matthew" <[EMAIL PROTECTED]>
20600 by: [EMAIL PROTECTED] (Lorens Kockum)
20601 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
20602 by: "Luca Olivetti" <[EMAIL PROTECTED]>
20603 by: "Luca Olivetti" <[EMAIL PROTECTED]>
20605 by: Russell Nelson <[EMAIL PROTECTED]>
20606 by: Russell Nelson <[EMAIL PROTECTED]>
20608 by: [EMAIL PROTECTED] (John R. Levine)
20609 by: "Soffen, Matthew" <[EMAIL PROTECTED]>
20615 by: "Soffen, Matthew" <[EMAIL PROTECTED]>
20616 by: [EMAIL PROTECTED] (Lorens Kockum)
20622 by: "Racer X" <[EMAIL PROTECTED]>
20623 by: "Racer X" <[EMAIL PROTECTED]>
20626 by: Peter van Dijk <[EMAIL PROTECTED]>
20636 by: Russ Allbery <[EMAIL PROTECTED]>
20637 by: Russ Allbery <[EMAIL PROTECTED]>
20638 by: Russ Allbery <[EMAIL PROTECTED]>
20639 by: Russ Allbery <[EMAIL PROTECTED]>
20640 by: "Edward S. Marshall" <[EMAIL PROTECTED]>
20641 by: Russ Allbery <[EMAIL PROTECTED]>
problems switching to maildir
20569 by: Chris Johnson <[EMAIL PROTECTED]>
Monitoring and accounting
20571 by: Peter Gradwell <[EMAIL PROTECTED]>
20573 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
How do I filter outgoing mail based on Sender ?
20577 by: "Len Budney" <[EMAIL PROTECTED]>
20590 by: Russell Nelson <[EMAIL PROTECTED]>
20607 by: Jose Luis Painceira <[EMAIL PROTECTED]>
20653 by: Thomas Andrews <[EMAIL PROTECTED]>
memphis problems
20579 by: Mate Wierdl <[EMAIL PROTECTED]>
20625 by: Kevin Waterson <[EMAIL PROTECTED]>
20629 by: Chris Johnson <[EMAIL PROTECTED]>
Pine 4.
20580 by: Balazs Nagy <[EMAIL PROTECTED]>
20628 by: Peter van Dijk <[EMAIL PROTECTED]>
PAMified checkpassword-0.81 diff
20583 by: Balazs Nagy <[EMAIL PROTECTED]>
hosts.allow - tcpServer&inetD + ezmlm
20587 by: [EMAIL PROTECTED]
Cucipop vs qpopper
20591 by: Krzysztof Dabrowski <[EMAIL PROTECTED]>
ezmlm archive.
20592 by: Krzysztof Dabrowski <[EMAIL PROTECTED]>
anti-spam feature request (Was: Re: Three solutions for spam)
20593 by: "Sam" <[EMAIL PROTECTED]>
Need help setting up a user w/vchkpw
20599 by: Robert Metcalf <[EMAIL PROTECTED]>
Hmmm..... moving from locals to virtualdomains
20604 by: Russell Nelson <[EMAIL PROTECTED]>
remember this?
20610 by: [EMAIL PROTECTED]
20614 by: Vern Hart <[EMAIL PROTECTED]>
20627 by: Peter van Dijk <[EMAIL PROTECTED]>
20648 by: Vern Hart <[EMAIL PROTECTED]>
control/me
20611 by: Darcy Buskermolen <[EMAIL PROTECTED]>
20612 by: Mark Delany <[EMAIL PROTECTED]>
20613 by: Russell Nelson <[EMAIL PROTECTED]>
qmail mailing list speed
20617 by: [EMAIL PROTECTED]
Relaying.
20619 by: "Johan Mj�nes" <[EMAIL PROTECTED]>
20621 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
20632 by: Mike Meyer <[EMAIL PROTECTED]>
Age of Phone Lines
20620 by: Kai MacTane <[EMAIL PROTECTED]>
Maildir webmail CGI.
20624 by: "Sam" <[EMAIL PROTECTED]>
Possible Anti-spam solution (was Re: Example of the anti-fax effect)
20630 by: Paul Gregg <[EMAIL PROTECTED]>
20631 by: Mark Delany <[EMAIL PROTECTED]>
20633 by: Paul Gregg <[EMAIL PROTECTED]>
20634 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
20635 by: Mark Delany <[EMAIL PROTECTED]>
20644 by: "Len Budney" <[EMAIL PROTECTED]>
20645 by: "Len Budney" <[EMAIL PROTECTED]>
Mailbox altered by pine?
20642 by: Mate Wierdl <[EMAIL PROTECTED]>
20643 by: "Sam" <[EMAIL PROTECTED]>
20646 by: Rogerio Brito <[EMAIL PROTECTED]>
20647 by: Mate Wierdl <[EMAIL PROTECTED]>
20650 by: Ludwig Pummer <[EMAIL PROTECTED]>
Local delivery and host masquerading
20649 by: Niels Jensen <[EMAIL PROTECTED]>
20651 by: Vern Hart <[EMAIL PROTECTED]>
20652 by: Thomas Andrews <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
On 15-Jan-99 [EMAIL PROTECTED] wrote:
> > we could, for example, let it do multiple RCPT's for normal messages, and
> > single RCPT's for VERP-ed list messages.
>
> You people aren't thinking this through. It's necessary to look over
> the set of messages in the queue and organize them by place they'll be
> delivered to first, before you can start this simple-sounding bundling
> operation you talk aobut. That's a major conceptual change, AND it's
> very expensive.
Dear David, I don't think you understood what some of us were trying to say.
For a single message to multiple recipients:-
The mail client sends ONE message with multiple recipients to [qmail's]
sendmail which sends it as ONE message to qmail inject which submits ONE
message to the queue. Qmail-send then sends qmail-remote a messages for EACH
recipient for this ONE message from the queue, hence multiplying the size of
the message by the number of recipients. So, if qmail-send were to optionally
be able to call qmail-remote with multiple RCPTs this would solve a great
bandwidth problem for everyone with a smarthost, as one message would then be
sent to the smarthost.
:-)
> --
> David Dyer-Bennet [EMAIL PROTECTED]
> http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
> http://ouroboros.demesne.com/ The Ouroboros Bookworms
> Join the 20th century before it's too late!
Cheers!
Brian
Russell Nelson <[EMAIL PROTECTED]> writes on 15 January 1999 at 20:12:19 -0000
> [EMAIL PROTECTED] writes:
> > You people aren't thinking this through. It's necessary to look over
> > the set of messages in the queue and organize them by place they'll be
> > delivered to first, before you can start this simple-sounding bundling
> > operation you talk aobut. That's a major conceptual change, AND it's
> > very expensive.
>
> We've been through this before. You can do a textual sort on domain
> name. It's not necessary to look up MX records to achieve substantial
> savings.
Right, and I eventually got there, with a little help :-)
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
On 17 Jan 1999, Russ Allbery wrote:
> > The more you boast about that, the quicker RN will be telling us to
> > block anything from *.se
>
> I hate to tell you this, but Russ Nelson is downright conservative about
> what he's willing to block compared to some folks. Spam blocking is all
> about a numbers game. People try to find a big hunk of bathwater that
> doesn't have any babies in it and throw it out, then try really hard not
> to think about whether there really were any babies in there. There
> basically isn't any legit mail coming from the large US dialup farms. So
> people have now caught on to "dialup farms" as a useful hunk of bathwater,
> and there it goes out the door.
It seems to me, that if with this process, they have prevented 8 out
10 spam messages & 100 legitimate messages, they are quite happy with it,
since they _have_ stopped 80% of spam. *sigh*
--
Tiago Pascoal ([EMAIL PROTECTED]) FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.
On Sun, 17 Jan 1999, Edward S. Marshall wrote:
> > I *do* realize that a lot of spam is generated by dial-up
> > accounts, but I cannot see how this justifies refusing
> > mail from *any* dial-up account.
>
> I *do* realize that its "way cool" to want to directly control end
> delivery of your mail, but I cannot see how this justifies *anyone* with a
> dialup account to start injecting messages into my system without having
> some way for me to redeliver mail back to them.
Ah but that's where u are wrong. U departed from a totally wrong premise :
"If i send mail directly thru my dial-up, there is no valid return
address"
What would be the use of that? (except from spamming)
Now, check my mail address host, does it not has a MX record? does it not
receive mail 24/7 ?
The answer is yes. The answer to the question, do i deliver mail directly
from dial-up is also yes.
> *shrug* I reject mail based on whether the MAIL FROM: address has domain
> with an A or MX record associated with it too. Another one of those
> "arbitrary criteria" I have every right to apply to my own mail system.
Correct, and if your customers start complaining they can't receive
legitimate mail, maybe u start seeing things differently.
> test mode, I definitely didn't filter anything worth worrying about. The
> 1% is a fudge factor; I'll assume, for the sake of argument, that there
> probably -was- some "babies" I threw out with that "bathwater".
I'm not a lawyer, but that seems as a disservice to your clients.
Discarding their legitimate mail. Specially in the states where people
about everything and nothing. (and win too)
> I'm not going to cry over 1%. Sorry. I don't think many ISPs using this
> scheme will either.
The question is not ISP's, it's their customer ones.
> > You show as little concern for the rights and feelings of others
> > as spammers do.
>
> Invalid assumption; you do not have the "right" to send me mail. You -may-
> be able to send me mail if you pass my "arbitrary criteria".
Do you warn your customers, that they may never receive legitimate mail?
--
Tiago Pascoal ([EMAIL PROTECTED]) FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.
On 18-Jan-99 Mark Delany wrote:
>>2) open relays. Keep a table of hosts, where each host is marked
>
> Hmm. That's something like 36% of the current (legitimate) smtp servers on
> the planet (according to http://www.imc.org/ube-relay.html).
>
> crynwr.com might be able to get away with it because you are judge and jury,
> but can AOL.COM or IBM.NET or any reasonably sized mail institution? I'd be
> surprised.
One ideia is to send the open-relay's found to RBL. After they show up in RBL,
remove them from your local list.
Does RBL has a automatic procedure to test open relays?
---
Pedro Melo [EMAIL PROTECTED]
IP - Engenharia http://ip.pt/
Tel: +351-1-3166740 Av. Duque de Avila, 23
Fax: +351-1-3166701 1049-071 LISBOA - PORTUGAL
12:30pm up 2 days, 4 min, 9 users, load average: 0.29, 0.38, 0.43
- Pedro Melo <[EMAIL PROTECTED]>:
| One ideia is to send the open-relay's found to RBL. After they show
| up in RBL, remove them from your local list.
Reporting a site to the RBL team is a quite consuming affair (check
out <URL:http://maps.vix.com/rbl/reporting.html>), which is why I have
never reported anyone to them.
| Does RBL has a automatic procedure to test open relays?
There is the test at <URL:http://maps.vix.com/tsi/ar-test.html>, but I
don't think that is what you are asking?
- Harald
"Edward S. Marshall" <[EMAIL PROTECTED]> wrote:
> I'm not going to cry over 1%. Sorry. I don't think many ISPs using this
> scheme will either.
That's too bad. My palm pilot has its own MTA, and I just sent you a
job offer via dialup. It bounced, so I'll just hire another 100K/y
mail admin. Too bad--you seem quite knowledgeable.
;=)
Len.
--
If a ruler hearken to lies, all his servants are wicked.
--Proverbs 29:12
On Mon, Jan 18, 1999 at 12:22:44AM +0100, Stefaan A Eeckels wrote:
> You show as little concern for the rights and feelings of others
> as spammers do.
Compuserve is about $15/mo in Hungary, and then comes the phonebill (no
unlimited service exists). A University's professor salary is about
$250-300/mo.
But: I think Russ was just suggesting things, and I am sure in light of
European and 3rd world statistics, the proposals will be modified.
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Len Budney writes:
> "Edward S. Marshall" <[EMAIL PROTECTED]> wrote:
> > I'm not going to cry over 1%. Sorry. I don't think many ISPs using this
> > scheme will either.
>
> That's too bad. My palm pilot has its own MTA, and I just sent you a
> job offer via dialup. It bounced, so I'll just hire another 100K/y
> mail admin. Too bad--you seem quite knowledgeable.
On the other hand, would I *want* to work for someone who sends mail
direct from a dialup?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
(Not to flog a dead horse, here, but...)
Russell Nelson <[EMAIL PROTECTED]> wrote:
> Len Budney writes:
> > That's too bad. My palm pilot has its own MTA, and I just sent you a
> > job offer via dialup. It bounced, so I'll just hire another 100K/y
> > mail admin. Too bad--you seem quite knowledgeable.
>
> On the other hand, would I *want* to work for someone who sends mail
> direct from a dialup?
?
In my limited time out of school, all of my companies involved
extensive travel...DC for grant talks, Midwest steel mills for onsite
work, etc.
It was quite standard at each company to send email direct through
dialup, w/valid return address of company email, to save phone costs
and company bandwidth.
Are you suggesting there is something wrong with this?
Len.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Len Budney | Designing a cipher takes only a
Maya Design Group | few minutes. The only problem is
[EMAIL PROTECTED] | that almost all designs are junk.
| -- Prof. Dan Bernstein
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mate Wierdl writes:
> On Mon, Jan 18, 1999 at 12:22:44AM +0100, Stefaan A Eeckels wrote:
> > You show as little concern for the rights and feelings of others
> > as spammers do.
>
> Compuserve is about $15/mo in Hungary, and then comes the phonebill (no
> unlimited service exists). A University's professor salary is about
> $250-300/mo.
>
> But: I think Russ was just suggesting things, and I am sure in light of
> European and 3rd world statistics, the proposals will be modified.
No, I expect that in view of the costs, spam wouldn't be a problem, so
that providers of high-cost dialup service would just insert an MX
record for all of their dialups. Remember, the criteria is "ISP
trusts the host", not "host is a dialup".
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Len Budney writes:
> It was quite standard at each company to send email direct through
> dialup, w/valid return address of company email, to save phone costs
> and company bandwidth.
>
> Are you suggesting there is something wrong with this?
Sure. It's a false economy. What if the mail doesn't go through?
What if the destination host blocks mail from dialups? I wouldn't
even begin to consider sending mail directly from any national
provider of dialup service (which is what I presume you're using,
since you indicate that you're not making a long-distance call).
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson <[EMAIL PROTECTED]> wrote:
> Len Budney writes:
> > It was quite standard at each company to send email direct through
> > dialup, w/valid return address of company email, to save phone costs
> > and company bandwidth.
> >
> > Are you suggesting there is something wrong with this?
>
> Sure. It's a false economy.
That could be--after all: profile, don't speculate :)
> What if the mail doesn't go through? What if the destination host
> blocks mail from dialups?
In the first case, shouldn't a bounce go to the envelope sender?
The second case is the topic of this thread--it results in mails sitting
in the queue, on the laptop/handheld, and bouncing to the sender after
3 days. That gratuitous annoyance sparked my original jest about lost
job offers.
> I wouldn't even begin to consider sending mail directly from any
> national provider of dialup service (which is what I presume you're
> using, since you indicate that you're not making a long-distance
> call).
Correct. Sadly, I've surrendered your point already--I always let my
ISP relay my personal mails. Luckily, they've converted to qmail!
Len.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Len Budney | Reliability means never having to say
Maya Design Group | you're sorry.
[EMAIL PROTECTED] | -- Prof. Dan Bernstein
| Author of qmail
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: Len Budney <[EMAIL PROTECTED]>
:That's too bad. My palm pilot has its own MTA, and I just sent you a
:job offer via dialup. It bounced, so I'll just hire another 100K/y
:mail admin. Too bad--you seem quite knowledgeable.
:Len.
From: Len Budney <[EMAIL PROTECTED]>
:That's too bad. My palm pilot has its own MTA, and I just sent you a
:job offer via dialup. It bounced, so I'll just hire another 100K/y
:mail admin. Too bad--you seem quite knowledgeable.
That's a good idea, maybe your new mail admin can set your e-mail program up
properly, and you won't have any more problems bouncing mail.
:Len.
--Adam
On Mon, 18 Jan 1999, Len Budney wrote:
> "Edward S. Marshall" <[EMAIL PROTECTED]> wrote:
> > I'm not going to cry over 1%. Sorry. I don't think many ISPs using this
> > scheme will either.
>
> That's too bad. My palm pilot has its own MTA, and I just sent you a
> job offer via dialup. It bounced, so I'll just hire another 100K/y
> mail admin. Too bad--you seem quite knowledgeable.
Thanks, but no loss; I'm gainfully employed already. ;-)
And if your Palm Pilot has an MTA, then it can almost certainly use your
ISP as a relay, no?
> ;=)
:-)
--
Edward S. Marshall <[EMAIL PROTECTED]> [ What goes up, must come down. ]
http://www.logic.net/~emarshal/ [ Ask any system administrator. ]
Linux labyrinth 2.2.0-pre7-ac6+devfs+int #2 Sun Jan 17 14:41:45 CST 1999 i586 unknown
9:20am up 17:55, 0 users, load average: 0.00, 0.00, 0.00
On Mon, Jan 18, 1999 at 02:55:12PM -0000, Russell Nelson wrote:
> Len Budney writes:
> > It was quite standard at each company to send email direct through
> > dialup, w/valid return address of company email, to save phone costs
> > and company bandwidth.
> >
> > Are you suggesting there is something wrong with this?
>
> Sure. It's a false economy. What if the mail doesn't go through?
Uh, it should bounce to the envelope sender, no?
> What if the destination host blocks mail from dialups?
Then I call the person I'm sending email to and tell them to complain
to their ISP. Legit mail from a legit return-address being blocked
by bogus methods.
> I wouldn't even begin to consider sending mail directly from any national
> provider of dialup service (which is what I presume you're using,
> since you indicate that you're not making a long-distance call).
I do it quite often.
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
On 18 Jan 1999, Russell Nelson wrote:
> Mate Wierdl writes:
> > On Mon, Jan 18, 1999 at 12:22:44AM +0100, Stefaan A Eeckels wrote:
> > > You show as little concern for the rights and feelings of others
> > > as spammers do.
> >
> > Compuserve is about $15/mo in Hungary, and then comes the phonebill (no
> > unlimited service exists). A University's professor salary is about
> > $250-300/mo.
> >
> > But: I think Russ was just suggesting things, and I am sure in light of
> > European and 3rd world statistics, the proposals will be modified.
>
> No, I expect that in view of the costs, spam wouldn't be a problem, so
> that providers of high-cost dialup service would just insert an MX
> record for all of their dialups. Remember, the criteria is "ISP
> trusts the host", not "host is a dialup".
I find that quite questionable, why would anyone want to receive
mail for (suppose, which are _dynamic_ addresses)
pppN.host.domain ?
Specially when, in different calls you would get a different N.
--
Tiago Pascoal ([EMAIL PROTECTED]) FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.
[EMAIL PROTECTED] writes:
> On 18 Jan 1999, Russell Nelson wrote:
>
> > Mate Wierdl writes:
> > > On Mon, Jan 18, 1999 at 12:22:44AM +0100, Stefaan A Eeckels wrote:
> > > > You show as little concern for the rights and feelings of others
> > > > as spammers do.
> > >
> > > Compuserve is about $15/mo in Hungary, and then comes the phonebill (no
> > > unlimited service exists). A University's professor salary is about
> > > $250-300/mo.
> > >
> > > But: I think Russ was just suggesting things, and I am sure in light of
> > > European and 3rd world statistics, the proposals will be modified.
> >
> > No, I expect that in view of the costs, spam wouldn't be a problem, so
> > that providers of high-cost dialup service would just insert an MX
> > record for all of their dialups. Remember, the criteria is "ISP
> > trusts the host", not "host is a dialup".
>
> I find that quite questionable, why would anyone want to receive
> mail for (suppose, which are _dynamic_ addresses)
>
> pppN.host.domain ?
Nobody would look up the the MX record to send mail. It would only be
used for the anti-spam step #3 I laid out earlier: Get the host's name
from a PTR record, and look up an MX record for it. If it has an MX
record, then the ISP is delegating it's trust to that dialup. So if
you trust the ISP to send you mail, then you trust it's dialup to send
you mail.
Very likely, all the people complaining would have no problem because
their ISP would insert an MX record for their dialups.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>Sure. It's a false economy. What if the mail doesn't go through?
>What if the destination host blocks mail from dialups? I wouldn't
>even begin to consider sending mail directly from any national
>provider of dialup service (which is what I presume you're using,
>since you indicate that you're not making a long-distance call).
One thing that hasn't been considered - what if you're dialing up through
a responsible ISP who doesn't let their users send mail directly out, by
blocking outbound SMTP connections from dialups?
We did this about 3 months ago after some recurrent and vicious spammers.
Since then, we've had exactly 2 complaints about the procedure, both of
which were resolved after we informed the customer that we did this as an
anti-spam measure.
I had my reservations about this policy at first, but given the problems
it's solved so far, I must say it's been a good move. It forces spammers
to go directly through our mail server, where we can keep an eye out for
behavior that looks like spam.
shag
On 18 Jan 1999, Russell Nelson wrote:
> [EMAIL PROTECTED] writes:
> > On 18 Jan 1999, Russell Nelson wrote:
> >
> > > Mate Wierdl writes:
> > > > On Mon, Jan 18, 1999 at 12:22:44AM +0100, Stefaan A Eeckels wrote:
> > > > > You show as little concern for the rights and feelings of others
> > > > > as spammers do.
> > > >
> > > > Compuserve is about $15/mo in Hungary, and then comes the phonebill (no
> > > > unlimited service exists). A University's professor salary is about
> > > > $250-300/mo.
> > > >
> > > > But: I think Russ was just suggesting things, and I am sure in light of
> > > > European and 3rd world statistics, the proposals will be modified.
> > >
> > > No, I expect that in view of the costs, spam wouldn't be a problem, so
> > > that providers of high-cost dialup service would just insert an MX
> > > record for all of their dialups. Remember, the criteria is "ISP
> > > trusts the host", not "host is a dialup".
> >
> > I find that quite questionable, why would anyone want to receive
> > mail for (suppose, which are _dynamic_ addresses)
> >
> > pppN.host.domain ?
>
> Nobody would look up the the MX record to send mail. It would only be
> used for the anti-spam step #3 I laid out earlier: Get the host's name
> from a PTR record, and look up an MX record for it. If it has an MX
> record, then the ISP is delegating it's trust to that dialup. So if
> you trust the ISP to send you mail, then you trust it's dialup to send
> you mail.
I find that quite, well, stupid. If i trusted the ISP in the first place,
we wouldn't be having this conversation. (there are other reasons besides
no trusting, like extra control over the delivery process)
> Very likely, all the people complaining would have no problem because
> their ISP would insert an MX record for their dialups.
And how would ISP set the MX records, all dialups users? selectively?
I would dare to speculate, that at some point, the ISP's would simply set
MX records, for *ALL* dialups address, and your measures would simple go
off to the drain.
--
Tiago Pascoal ([EMAIL PROTECTED]) FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.
I have a MAJOR problem with this. I have my own mailhost and I do work
for a specific domain (UItimateTV.com). When I am on my primary ISP,
all is well. I send mail to the appropriate mailhost for whatever
domain the mail is from.
When I am on my backup ISP, I am unable to send out ANY mail because it
blocks out all the port 25 accesses. I had given my inlaws an email
account on our server/domain and we allowed them (will full
knowledge/permission of the ISP) to use our backup account since we were
paying for it and not using it. When the ISP instituted this policy, it
screwed them over. We finally go them an email account at the backup
ISP.
Is this legitimate ? I mean, I am trying to use a mail host for which I
am fully allowed to (Hell! I am in charge of the other mailers) and am
being blocked. When my primary internet account was down, I was unable
to send mail for 3 days !!!
To me the blocking of port 25 is more of a CYA for the ISP. Nothing
more, it benefits no one but the ISP. I can understand why an ISP would
do it, but there must be better mechanisms for blocking spam ....
Matt Soffen
Webmaster - http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
> ----------
> From: Racer X[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, January 18, 1999 12:44 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Three solutions for spam
>
> >Sure. It's a false economy. What if the mail doesn't go through?
> >What if the destination host blocks mail from dialups? I wouldn't
> >even begin to consider sending mail directly from any national
> >provider of dialup service (which is what I presume you're using,
> >since you indicate that you're not making a long-distance call).
>
> One thing that hasn't been considered - what if you're dialing up
> through
> a responsible ISP who doesn't let their users send mail directly out,
> by
> blocking outbound SMTP connections from dialups?
>
> We did this about 3 months ago after some recurrent and vicious
> spammers.
> Since then, we've had exactly 2 complaints about the procedure, both
> of
> which were resolved after we informed the customer that we did this as
> an
> anti-spam measure.
>
> I had my reservations about this policy at first, but given the
> problems
> it's solved so far, I must say it's been a good move. It forces
> spammers
> to go directly through our mail server, where we can keep an eye out
> for
> behavior that looks like spam.
>
> shag
>
>
On the qmail list [EMAIL PROTECTED] wrote:
>
>When I am on my backup ISP, I am unable to send out ANY mail because it
>blocks out all the port 25 accesses.
ALL? I doubt it. I'm willing to bet they have a mailserver
that accepts port 25 connections from the dialups, and
relays the mail.
>When my primary internet account was down, I was unable
>to send mail for 3 days !!!
Why ? Tell your MTA that today you have a smarthost such'n'such,
and roll out your mail.
If your primary ISP did that too, you'd just have to change the
smarthost in your startup scripts.
>To me the blocking of port 25 is more of a CYA for the ISP. Nothing
>more, it benefits no one but the ISP.
Wrong. It stops the whackamole spammers, responsible for a great
deal of the spam today (I'd guess between 40 and 90%, mrsam
surely has some stats to share), and the most difficult to stop.
>but there must be better mechanisms for blocking spam ....
It is an essential part for an ISP.
If you are a polite client as well as being responsible and
willing to sign a paper or two, an ISP will probably make an
exception for you.
I would consider that blocking port 25 is a positive thing when
choosing an ISP; I see that 1) the ISP is anti-spam, and I won't
find myself on some block-list somewhere, and 2) that they are
capable of running round-the-clock servers reliably.
Of course, if their mailserver falls down, that will be a
negative impression. But since they take my incoming mail too,
they'd better have functioning mailservers anyway, right?
--
#include <std_disclaim.h> Lorens Kockum
From: Soffen, Matthew <[EMAIL PROTECTED]>
:To me the blocking of port 25 is more of a CYA for the ISP. Nothing
:more, it benefits no one but the ISP. I can understand why an ISP would
:do it, but there must be better mechanisms for blocking spam ....
There is no reason that an ISP cannot block port 25 by default and then
enable it for any customer that complains.
:Matt Soffen
--Adam
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Very likely, all the people complaining would have no problem because
> their ISP would insert an MX record for their dialups.
not really
$ host 62.81.19.165
Name: BE-165-BARC-X28.red.retevision.es
Address: 62.81.19.165
Aliases:
$ nslookup -type=mx BE-165-BARC-X28.red.retevision.es
Server: luca.ddns.org
Address: 0.0.0.0
Authoritative answers can be found from:
red.retevision.es
origin = ramblas.red.retevision.es
mail addr = hostmaster.red.retevision.es
serial = 1999011800
refresh = 28800 (8 hours)
retry = 14400 (4 hours)
expire = 3600000 (41 days 16 hours)
minimum ttl = 86400 (1 day)
Never mind I will only send mail from this dialup with sender domain
"luca.ddns.org" or "olivetti.dhis.org", both with primary and backup MX.
- --
Luca Olivetti | Tarifa Plana ya! http://tarifaplana.home.ml.org/
http://www.luca.ddns.org/ | FAQ http://www.luca.ddns.org/ptp-faq.html
- ----------------------------------------------------------------------------
UNETE A LA ASOCIACION DE INTERNAUTAS: HTTP://WWW.INTERNAUTAS.ORG
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE2o4UeCQPXTRx9NmQRAjdiAKC6Bit1KDP6oWk00GMRGqBC5OczBwCePbYR
COywga+NDOn6gtRCiqSS+2g=
=H3oG
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> And how would ISP set the MX records, all dialups users? selectively?
Knowing them it will be like this:
- - standard account $20/mo
- - "special" account, with an MX record for your dialup, in order to survive
the severe test enforced by Russel Nelson, $100/mo
;-)
Hell, if they were clueful enough to know who Russel Nelson is, I'd surely
trust their SMTP relay :-)
- --
Luca Olivetti | Tarifa Plana ya! http://tarifaplana.home.ml.org/
http://www.luca.ddns.org/ | FAQ http://www.luca.ddns.org/ptp-faq.html
- ----------------------------------------------------------------------------
UNETE A LA ASOCIACION DE INTERNAUTAS: HTTP://WWW.INTERNAUTAS.ORG
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE2o4kECQPXTRx9NmQRAhc7AKC+BrxdrAonnC+L2r6t7co+lTKc5wCdE5vJ
z2rtijW8XAQHgxxcRaZt278=
=jlas
-----END PGP SIGNATURE-----
Luca Olivetti writes:
> > Very likely, all the people complaining would have no problem because
> > their ISP would insert an MX record for their dialups.
>
> not really
Language barrier: "would insert" is in the future tense. I wouldn't
expect them to have an MX record there now.
> Never mind I will only send mail from this dialup with sender domain
> "luca.ddns.org" or "olivetti.dhis.org", both with primary and backup MX.
The sender domain would not be consulted, nor would it need to be
consulted, under the regime I propose.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
[EMAIL PROTECTED] writes:
> I would dare to speculate, that at some point, the ISP's would simply set
> MX records, for *ALL* dialups address, and your measures would simple go
> off to the drain.
That might happen, but note that action would be required to restore
the current status quo. This is as opposed to the measure someone
else spoke of, which was to block SMTP traffic. This requires action
to stop dialup mail.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
>It was quite standard at each company to send email direct through
>dialup, w/valid return address of company email, to save phone costs
>and company bandwidth.
>
>Are you suggesting there is something wrong with this?
Yes, in today's environment, you'll lose a lot of mail. Dialup
filtering is already here. ISPs all over the place do it.
I can think of a couple of sensible approaches for travelling users:
* Relay the mail host of the ISP you're dialed into. That's what I do.
* Set up a tunnel back to headquarters (easy now that there's a
standard albeit not very secure tunnel package provided with Windows)
and be a host on your home network.
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl,
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
Wouldn't that require the ISP to have the ability to change their
packet filters on the fly (since it is an ISP where I get a random IP) ?
Matt Soffen
Webmaster - http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
> ----------
> From: Adam D. McKenna[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, January 18, 1999 2:00 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Three solutions for spam
>
> From: Soffen, Matthew <[EMAIL PROTECTED]>
>
>
> :To me the blocking of port 25 is more of a CYA for the ISP. Nothing
> :more, it benefits no one but the ISP. I can understand why an ISP
> would
> :do it, but there must be better mechanisms for blocking spam ....
>
> There is no reason that an ISP cannot block port 25 by default and
> then
> enable it for any customer that complains.
>
> :Matt Soffen
>
> --Adam
>
>
----------
From:
[EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]]
Sent: Monday, January 18, 1999 1:45 PM
To: [EMAIL PROTECTED]
Subject: Re: Three solutions for spam
On the qmail list [EMAIL PROTECTED] wrote:
>
>When I am on my backup ISP, I am unable to send out ANY mail
because it
>blocks out all the port 25 accesses.
ALL? I doubt it. I'm willing to bet they have a mailserver
that accepts port 25 connections from the dialups, and
relays the mail.
Right. But you can't access any other mail servers. Only theirs. I
don't want to send out mail for my personal domain or the site I consult
for through a different server.
>When my primary internet account was down, I was unable
>to send mail for 3 days !!!
Why ? Tell your MTA that today you have a smarthost such'n'such,
and roll out your mail.
If your primary ISP did that too, you'd just have to change the
smarthost in your startup scripts.
I run my own mail server it sits underneath my printer and contains my
modem (its the gateway for my home network). I do not use anyone's mail
server (Other than one I do consulting for, and that only handles mail
"from" their domain..
>To me the blocking of port 25 is more of a CYA for the ISP.
Nothing
>more, it benefits no one but the ISP.
Wrong. It stops the whackamole spammers, responsible for a great
deal of the spam today (I'd guess between 40 and 90%, mrsam
surely has some stats to share), and the most difficult to stop.
Really ? Why not get your mailserver configured to not relay ? I would
think that by doing some checks:
1) mail is to a domain served by this mailhost
2) mail is from an account on this ISP (and it is on a valid
dialup line.)
3) mail is from a trusted host (known host).
>but there must be better mechanisms for blocking spam ....
It is an essential part for an ISP.
Really ? To me the only thing it accomplishes is showing the ISP's
customers that they aren't trusted - "You might send out spam, therefore
no one can use other mail servers". I mean, the only thing that
blocking port 25 from the paying ISP customers does is keep them from
sending out email of any sort, legitimate or not, from some other mail
server..
If you are a polite client as well as being responsible and
willing to sign a paper or two, an ISP will probably make an
exception for you.
I would consider that blocking port 25 is a positive thing when
choosing an ISP; I see that 1) the ISP is anti-spam, and I won't
No.. They are anti "SOURCE" of spam. As I said, they don't want to
originate it. This shows me that they don't trust the clients to not
send out spam.
find myself on some block-list somewhere, and 2) that they are
capable of running round-the-clock servers reliably.
How does blocking port 25 indicate they can run round the clock servers
? I handle 5 machines and non of them have any relaying on their email
and run reliably.
Of course, if their mailserver falls down, that will be a
negative impression. But since they take my incoming mail too,
they'd better have functioning mailservers anyway, right?
Thats just it, they DON'T handle my incoming email. They are a backup
ISP, they do NOT handle any mail for my domains only for the email
account at their domain (which I don't use).
Matt Soffen
Webmaster - http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
On the qmail list [EMAIL PROTECTED] wrote:
>
> ALL? I doubt it. I'm willing to bet they have a mailserver
> that accepts port 25 connections from the dialups, and
> relays the mail.
>
>Right. But you can't access any other mail servers. Only theirs. I
>don't want to send out mail for my personal domain or the site I consult
>for through a different server.
s/ for my personal domain/ from my personal domain/
Privacy, is that it?
> Wrong. It stops the whackamole spammers, responsible for a great
> deal of the spam today (I'd guess between 40 and 90%, mrsam
> surely has some stats to share), and the most difficult to stop.
>
>Really ? Why not get your mailserver configured to not relay ?
Relay-rape spammers and whackamole spammers are not the same
thing. In fact, in something probaly approaching 100% of relay
rape spam, a whackamole spammer is involved. Between them they
probably account for much more than 90% of internet e-mail spam.
>Really ? To me the only thing it accomplishes is showing the ISP's
>customers that they aren't trusted - "You might send out spam, therefore
>no one can use other mail servers".
That's what it means, yes, but it also accomplishes something
else, which is stopping spam at the source, before it does any
damage.
>I mean, the only thing that
>blocking port 25 from the paying ISP customers does is keep them from
>sending out email of any sort, legitimate or not, from some other mail
>server..
No. What blocking port 25 from the paying ISP customers does is
keep them from sending out email of any sort, legitimate or not,
without relaying through the ISP mailserver.
I don't understand what "from some other mail server" means in
your sentence. If "other" means "outside the ISP", the the ISP
has nothing to do with it. If "other" means "ISP dialup", then
of course you can use it. Only that mailserver has to use the
ISP mailserver.
>
> If you are a polite client as well as being responsible and
> willing to sign a paper or two, an ISP will probably make an
> exception for you.
No reaction? (I wrote the above)
> I would consider that blocking port 25 is a positive thing when
> choosing an ISP; I see that 1) the ISP is anti-spam, and I won't
>
>No.. They are anti "SOURCE" of spam. As I said, they don't want to
>originate it.
That's being a responsible net citizen, IMNSHO.
> This shows me that they don't trust the clients to not
>send out spam.
Correct.
>How does blocking port 25 indicate they can run round the clock servers
Because otherwise their clients would get angry when the
mailserver fell over.
>? I handle 5 machines and non of them have any relaying on their email
>and run reliably.
Wonderful. Good for you. What has relaying to do with it?
>Thats just it, they DON'T handle my incoming email. They are a backup
>ISP, they do NOT handle any mail for my domains only for the email
>account at their domain (which I don't use).
I suppose they have other clients ... Well, basically, you don't
trust them, is that it? At least not enough to relay through
them when your primary ISP is not giving you net access. Why
not?
--
#include <std_disclaim.h> Lorens Kockum
>Is this legitimate ? I mean, I am trying to use a mail host for which I
>am fully allowed to (Hell! I am in charge of the other mailers) and am
>being blocked. When my primary internet account was down, I was unable
>to send mail for 3 days !!!
Then you've chosen the wrong ISP as your "backup". Either get a more
reliable primary ISP or find a backup that allows you to use the mail
sending methods you use. As someone else mentioned, it's generally not
hard to get an exception if you really need it (we've done this for
customers on DSL and static dialups).
>To me the blocking of port 25 is more of a CYA for the ISP. Nothing
>more, it benefits no one but the ISP. I can understand why an ISP would
>do it, but there must be better mechanisms for blocking spam ....
Not true. Blocking port 25 benefits the customer as well:
* It makes it far less likely that your dialup pool (or, for that matter,
your whole net block) will end up in a blackhole list somewhere.
* It takes a lot less time and effort to figure out when someone is
spamming and who they are, since everything is occurring on your mail
server.
* It allows the ISP to take a pro-active role in spam prevention. It's
fairly simple to write a shell script that checks the mail queue every
few minutes, or sees how many connections occurred, and send an alert
based on that.
All of these measures benefit the customers as much as the admins, in
terms of the savings in time and resources needed to deal with spam.
Customers and business partners also will look more favorably upon an ISP
that takes an active role in maintenance and spam prevention. I can
speak from experience on this one.
shag
>Wouldn't that require the ISP to have the ability to change their
>packet filters on the fly (since it is an ISP where I get a random IP) ?
Not if you do your authentication via Radius, which can send back
attributes and sometimes filters on a per-user basis. It does, however,
depend on your network equipment. I know Ascend and USR dialup equipment
can do this; dunno about anything else.
shag
On Mon, Jan 18, 1999 at 09:44:58AM -0800, Racer X wrote:
> >Sure. It's a false economy. What if the mail doesn't go through?
> >What if the destination host blocks mail from dialups? I wouldn't
> >even begin to consider sending mail directly from any national
> >provider of dialup service (which is what I presume you're using,
> >since you indicate that you're not making a long-distance call).
>
> One thing that hasn't been considered - what if you're dialing up through
> a responsible ISP who doesn't let their users send mail directly out, by
> blocking outbound SMTP connections from dialups?
>
> We did this about 3 months ago after some recurrent and vicious spammers.
> Since then, we've had exactly 2 complaints about the procedure, both of
> which were resolved after we informed the customer that we did this as an
> anti-spam measure.
Here in The Netherlands, this is prohibited by the NLIP (assocation of ISPs).
One member is currently in violation, but I don't expect them to last as a
member for long. The policy over here is to filter nothing _except_ at user's
request or at least with user's permission.
> I had my reservations about this policy at first, but given the problems
> it's solved so far, I must say it's been a good move. It forces spammers
> to go directly through our mail server, where we can keep an eye out for
> behavior that looks like spam.
The provider I mentioned that _does_ block port 25 is also the most popular
with spammers over here. They have fast relays :)
Greetz, Peter.
--
<squeezer> AND I AM GONNA KILL MIKE | Peter van Dijk
<squeezer> hardbeat, als je nog nuchter bent: | [EMAIL PROTECTED]
<squeezer> @date = localtime(time); | realtime security d00d
<squeezer> $date[5] += 2000 if ($date[5] < 37); |
<squeezer> $date[5] += 1900 if ($date[5] < 99); | * blah *
Russell Nelson <[EMAIL PROTECTED]> writes:
> Sure. It's a false economy. What if the mail doesn't go through?
Less than 1% of the mail I send doesn't go through immediately. 50% of
the mail that's deferred still goes through within five minutes or so.
(Both rough estimates, but I'm pretty sure the ballpark is accurate.)
This way, you know immediately about all of the rest rather than being at
the mercy and whim of your ISP's retry schedule; maybe, if it's going to
take a day to deliver the mail, you don't *want* to send mail there.
Maybe you want to call instead, or use an alternate address.
> What if the destination host blocks mail from dialups?
How stupid of them, in a rational world. :)
> I wouldn't even begin to consider sending mail directly from any
> national provider of dialup service (which is what I presume you're
> using, since you indicate that you're not making a long-distance call).
Now think back before spam became the number one issue people worry about
when running mail systems. Some people have been doing this for a while.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Russell Nelson <[EMAIL PROTECTED]> writes:
> Nobody would look up the the MX record to send mail. It would only be
> used for the anti-spam step #3 I laid out earlier: Get the host's name
> from a PTR record, and look up an MX record for it.
You're overloading a protocol and using it to provide information that was
never part of the protocol definition. That seems unwise to me. Now,
unless you add all of those weird hosts to rcpthosts, people get unhelpful
configuration error bounces rather than straightforward bounces if they
send mail to one of those addresses (and people *will* try, believe me).
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Adam D McKenna <[EMAIL PROTECTED]> writes:
> From: Soffen, Matthew <[EMAIL PROTECTED]>
>> To me the blocking of port 25 is more of a CYA for the ISP. Nothing
>> more, it benefits no one but the ISP. I can understand why an ISP
>> would do it, but there must be better mechanisms for blocking spam ....
> There is no reason that an ISP cannot block port 25 by default and then
> enable it for any customer that complains.
Of course there is. Blocking port 25 for all their dialup lines is a
simple router configuration. Re-enabling it on a customer-by-customer
basis on dynamic dialups requires software to interact with the terminal
authentication server that they'd probably have to write themselves.
Lots of people scream loudly at an overworked ISP about spam from their
dialups. ISP could (a) improve their tracking and reporting measures and
their abuse staff and cancel spammer accounts faster, (b) spend lots of
time implementing a scheme where they can give their good customers the
same service as they had before, or (c) just do something fast and quick
that reduces service for everyone in a way that 95% of their customers
won't care about and that will get the anti-spam folks off their backs.
Which one do you think they chose?
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Soffen, Matthew <[EMAIL PROTECTED]> writes:
> Right. But you can't access any other mail servers. Only theirs. I
> don't want to send out mail for my personal domain or the site I consult
> for through a different server.
So sorry. Your wishes are abnormal, so you'll therefore have to pay extra
for this privilege and possibly go to a bunch of hassle to get it set up,
plagued in the meantime by tons of people telling you you're stupid to
want to do this and must be a spammer.
But in theory you'll get lots less spam in your mailbox. That makes it
all worth it, right?
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
On Mon, 18 Jan 1999 [EMAIL PROTECTED] wrote:
> > Invalid assumption; you do not have the "right" to send me mail. You -may-
> > be able to send me mail if you pass my "arbitrary criteria".
>
> Do you warn your customers, that they may never receive legitimate mail?
Of course. Anything else would be a disservice to them, and a legal
liability to me.
--
Edward S. Marshall <[EMAIL PROTECTED]> [ What goes up, must come down. ]
http://www.logic.net/~emarshal/ [ Ask any system administrator. ]
Linux labyrinth 2.2.0-pre7-ac6 #2 Sun Jan 17 14:41:45 CST 1999 i586 unknown
9:30pm up 1 day, 6:05, 5 users, load average: 0.07, 0.03, 0.00
Racer X <[EMAIL PROTECTED]> writes:
> Not true. Blocking port 25 benefits the customer as well:
> * It makes it far less likely that your dialup pool (or, for that
> matter, your whole net block) will end up in a blackhole list somewhere.
This is not a benefit to the customer who doesn't want to send out mail
themselves, since if they're not sending out mail directly, what do they
care whether people drop mail from that dialup pool? So you're increasing
the chances that they can send mail from the dialup pool by eliminating
their ability to send mail from the dialup pool.
I don't see the benefit. Maybe you're talking about people who blackhole
netblocks for all traffic just because they're getting e-mail spam from
it? I suppose that there's some marginal benefit in increasing your
customer's ability to contact stupid people.
> * It takes a lot less time and effort to figure out when someone is
> spamming and who they are, since everything is occurring on your mail
> server.
This is not a benefit to the customer.
> * It allows the ISP to take a pro-active role in spam prevention. It's
> fairly simple to write a shell script that checks the mail queue every
> few minutes, or sees how many connections occurred, and send an alert
> based on that.
This is not a benefit to the customer.
> All of these measures benefit the customers as much as the admins, in
> terms of the savings in time and resources needed to deal with spam.
No, they don't. They benefit the admins in the amount of time and energy
they have to spend dealing with outgoing spam, something that in a
well-run ISP the legitimate customers of the ISP should never notice.
Don't fool yourself. The benefit to the customer in blocking port 25
outbound is basically nonexistent; it's entirely about administrative
resources devoted to keeping one's site from abusing the Internet. It may
be necessary, but you can't sell it as a feature.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
On Mon, Jan 18, 1999 at 10:41:10AM +0100, Udo Seidel wrote:
>
>
> > qmail won't deliver to root, this is a security feature. You need to
> > make a ~alias/.qmail-root entry pointing to where you want the mail to
> > go.
> >
>
> There are no problems to deliver mail to root using the Mailbox-format.
> This works fine. Is it possible to deliver mail to root using
> Maildir-format?
You can't deliver to root no matter what mailbox format you're using:
qmail-lspawn will never run qmail-local with a UID of zero. That's why the
install docs have you create a ~alias/.qmail-root file.
Chris
Hi,
I would like to keep track of bandwidth usage for my users and domains. I
have qmail hosting multiple domains, and doing all sorts of things with
lists and redirects etc.
I'd basically like a list at the end of each week that says for each
domain, this is how much mail in megabytes was transfered for each user in
the domain.
Is there any way I can get this sort of information. Even if I have to do
some bits of perl to aggregate the results, a log of every message qmail
handles, who it was to, who it was from and how big it was would be great.
pointers welcome.
Thanks
Peter.
--
gradwell dot com ltd - writing the bits of the web you don't see
online @ http://www.gradwell.com/ mailto:[EMAIL PROTECTED]
"To look back all the time is boring. Excitement lies in tomorrow"
- Peter Gradwell <[EMAIL PROTECTED]>:
| I would like to keep track of bandwidth usage for my users and
| domains.
Check out the qmailanalog package. You can find it at DJB's FTP site
(there is a link from the qmail page).
- Harald
Thomas Andrews <[EMAIL PROTECTED]> wrote:
> Does anyone know how I can configure Qmail to only pass mail onto the
> SerialMail ppp queue on condition that the sender is local ?
I've been thinking about the same fetchmail problem, and I think the
correct solution has two parts:
1. A normal serialmail solution for outgoing mail.
2. A way to configure qmail to _deliver_ a message only to local
_recipients_, for "fetched" mail.
The second rule differs from your request; it doesn't care who the
sender is--it just filters out all remote mail. Sadly, I don't know
how to do this in an elegant way. I'm trying not to run a separate
qmail just for incoming mail.
I will post my clunky solution to number 2 if there is interest.
> I use Fetchmail to retrieve mail from my POP server at work, and Qmail &
> SerialMail for distributing it locally (yes - it's a maildrop for my
> entire domain)
Are you using one account as the maildrop? Is your ISP set up for
this, or are you doing it in some clever way?
Basically, if the ISP does not record the envelope sender and
recipient(s) in the email headers, it is _fundamentally_ impossible to
identify the recipients (if they were BCC:-d), or the sender (if a
"From:" header does not equal the envelope sender). This is discussed
in the fetchmail manpage under "Header vs. Envelope addresses".
Len.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Len Budney | Security problems are _not
Maya Design Group | acceptable_. Reliability problems are
[EMAIL PROTECTED] | _not acceptable_.
| -- Prof. Dan Bernstein
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thomas Andrews writes:
> Hi All,
>
> Does anyone know how I can configure Qmail to only pass mail onto the
> SerialMail ppp queue on condition that the sender is local ?
>
> I use Fetchmail to retrieve mail from my POP server at work, and Qmail &
> SerialMail for distributing it locally (yes - it's a maildrop for my
> entire domain)
>
> The cause of the problem : If a message (retrieved by fetchmail) is
> addressed to me *and* someone else, qmail tries to deliver it to both
> parties (quite correctly). The result : the other recipient get's two
> copies - one delivered by the POP server at work, and one from me.
Sounds like somebody is trying to parse the RFC822 headers again (but
not clear who that is). This is not right. Once you've got an
envelope address, you preserve it forever. Is fetchmail parsing the
message? How are you getting the recipient information when the mail
is pulled from your POP server?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Mon, 18 Jan 1999, Len Budney wrote:
> Are you using one account as the maildrop? Is your ISP set up for
> this, or are you doing it in some clever way?
>
> Basically, if the ISP does not record the envelope sender and
> recipient(s) in the email headers, it is _fundamentally_ impossible to
> identify the recipients (if they were BCC:-d), or the sender (if a
> "From:" header does not equal the envelope sender). This is discussed
> in the fetchmail manpage under "Header vs. Envelope addresses".
not at all. I've a subdomain in hypermart (they provide them free).
Hypermart is usign Qmail. So, when a message goes to
[EMAIL PROTECTED], it gets delivered to [EMAIL PROTECTED]
Then, my computer fetches the mail from my POP3 account with fetchmail.
Fetchmail has a tiny shell script configured as MTA, that wraps the msg
and
if /^Delivered-To: alias-mydomainhypermartnet-(user)/ then USER=$1
else USER=jose (my account as default)
and qmail-inject $USER...
Of course you are limited to hosting on sites that uses qmail, but that's
more a benefit that a limitation :)
--
Saludos,
Jose Luis Painceira.
Russell Nelson wrote:
>
> Sounds like somebody is trying to parse the RFC822 headers again (but
> not clear who that is). This is not right. Once you've got an
> envelope address, you preserve it forever. Is fetchmail parsing the
> message? How are you getting the recipient information when the mail
> is pulled from your POP server?
>
All I want to do is find out if the originator of the message is local.
I really don't know how to do this, and would appreciate any help. I
just want to stop qmail from relaying messages which did not originate
on the local network.
My setup is working 100% except for the 'glitch' in question. Locally
and Remotely generated mail is all getting routed & delivered correctly.
The only problem is that when FetchMail delivers mail to port 25, qmail
"interprets" this as if someone local were sending the mail. This is
normally not a problem, because generally the mail retrieved is only
addressed to local recipients, and therefore gets delivered fine.
The problem comes when an email is addressed to _two_ or more people.
One of those people is local, but more often than not the other(s) are
not. Qmail delivers a copy to the local address, and another copy into
the outgoing ppp maildir for each non-local addressee ....
The only way I can see out of this is for qmail to inspect who's sending
the mail, and turf it if it's not a local user. This would mean
inspecting the "From:" field, or somehow finding out if FetchMail was
the one delivering the mail. Unfortunately I don't have a clue as to how
this would be done....
Am I on the right track ?
Regards,
Thomas
On Mon, Jan 18, 1999 at 12:37:47PM +1100, Kevin Waterson wrote:
> I am running qmail on several machines (all using Redhat 5.2) and have
> had no problems
> till now with the memphis rpm's
>
> When I do
> rpm --rebuild daemontools-0.53-15.src.rpm
>
> I get the following error
>
>
> -rw-r--r-- root/other 76 1997-08-05 18:32
> daemontools-0.53/slurpclose.h
> -rw-r--r-- root/other 404 1997-08-05 18:32
> daemontools-0.53/slurpclose.c
> + STATUS=0
> + [ 0 -ne 0 ]
> + cd daemontools-0.53
> + chown -R root .
> + chgrp -R root .
> + chmod -R a+rX,g-w,o-w .
> + exit 0
> Executing: %build
> + umask 022
> + cd /usr/src/redhat/BUILD
> + cd daemontools-0.53
> + make
> /var/tmp/rpm-tmp.80366: make: command not found
> Bad exit status from /var/tmp/rpm-tmp.80366 (%build)
>
First of all, that is not the laest daemontools rpm. Second: you do not
have make installed.
What does
rpm -q make
say?
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
In light of the first problem, No make was not installed.
Installed make, and various headers and installed (all via telnet) ok
Mate - also used daemontools-0.53-16.src.rpm which was the latest I
could find.
All seemed to install ok and when I do
echo to:kevin | /var/qmail/bin/qmail-inject
It leaves a message in /home/kevin/Maildir/new
but when I try to collect the mail I get
<[EMAIL PROTECTED]>:
Sorry. Although I'm listed as a best-preference MX or A for that host,
it isn't in my control/locals file, so I don't treat it as local.
(#5.4.6)
in control locals I have
.portmacquarie.com
portmacquarie.com
portmacquarie.com being the domain name
All ideas greatfully accepted
Kevin
--
Kevin Waterson
Oceania Computer Services
On Tue, Jan 19, 1999 at 11:02:35AM +1100, Kevin Waterson wrote:
> In light of the first problem, No make was not installed.
> Installed make, and various headers and installed (all via telnet) ok
> Mate - also used daemontools-0.53-16.src.rpm which was the latest I
> could find.
>
> All seemed to install ok and when I do
> echo to:kevin | /var/qmail/bin/qmail-inject
>
> It leaves a message in /home/kevin/Maildir/new
It left a message in your mailbox: a bounce message.
> but when I try to collect the mail I get
> <[EMAIL PROTECTED]>:
> Sorry. Although I'm listed as a best-preference MX or A for that host,
> it isn't in my control/locals file, so I don't treat it as local.
> (#5.4.6)
>
> in control locals I have
> .portmacquarie.com
> portmacquarie.com
If the domain is in control/locals and you're getting bounce messages like the
above, then qmail-send doesn't think it's in control/locals. If you HUP
qmail-send, it'll reread locals (and virtualdomains) and you should be in
business.
Chris
On Mon, 18 Jan 1999, Chris Johnson wrote:
> On Mon, Jan 18, 1999 at 04:52:38AM +0000, Sam wrote:
> > Ok, what's the easiest thing to do:
> >
> > A. Patch Pine 4.04 for Maildir support. Where can I get the patch?
>
> There's a patch for 4.02 at http://www.freeit.com/mta. I haven't tried to apply
> it to the 4.04 source tree. I've got a patched version of 4.02 in RPM format if
> you're interested.
I have downloaded a maildir-capable pine 4.04 from David Summers' ftp site
(ftp://summersoft.fay.ar.us/pub). BTW the actual patch is
--- pine4.00/imap/src/osdep/unix/maildir.c 1998/07/18 22:00:43 1.1
+++ pine4.00/imap/src/osdep/unix/maildir.c 1998/07/18 22:01:11
@@ -58,13 +58,13 @@
/* CONFIGURABLE OPTIONS - PLEASE CHECK THESE OUT */
-#define NO_MAILDIR_FIDDLE /* disallow Maildir with Maildir in the
+#undef NO_MAILDIR_FIDDLE /* disallow Maildir with Maildir in the
name. This is useful in an ISP setup
using the IMAP daemon. #undef it if you
are running a normal pine and know what
you are doing */
-#define NO_ABSOLUTE_PATHS /* if you define this, all paths
+#undef NO_ABSOLUTE_PATHS /* if you define this, all paths
use your HOMEDIR is the root instead
of the actual root of the machine. This
is also useful in an ISP setup with
Regards: Jul
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
On Mon, Jan 18, 1999 at 10:13:05AM +0100, Mirko Zeibig wrote:
> On Mon, Jan 18, 1999 at 04:52:38AM +0000, Sam wrote:
> > B. Switch to mutt. Does mutt natively support PGP?
> I'd suggest switching to mutt, really fast! As far as I can see from the
> man-page, mutt does support PGP. Of course you have to set PGPPATH and some
> special keys in your .muttrc to let this work.
mutt has _terrific_ PGP support.
In my .muttrc I just put 'set pgp_replyencrypt', and some hooks to automatically
encrypt messages to certain recipients. The PGP support itself needed no
options, not even at compiletime. Just ./configure :)
Greetz, Peter.
--
<squeezer> AND I AM GONNA KILL MIKE | Peter van Dijk
<squeezer> hardbeat, als je nog nuchter bent: | [EMAIL PROTECTED]
<squeezer> @date = localtime(time); | realtime security d00d
<squeezer> $date[5] += 2000 if ($date[5] < 37); |
<squeezer> $date[5] += 1900 if ($date[5] < 99); | * blah *
Hiyas,
I have downloaded the latest (0.81) checkpassword and a PAM patch for it. I
had to work with it but here's the latest patch.
Please try it in a non-PAM system too (to see if the dependencies work).
Regards: Jul
--
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
diff -ruN checkpassword-0.81-old/Makefile checkpassword-0.81/Makefile
--- checkpassword-0.81-old/Makefile Sat Nov 21 21:29:52 1998
+++ checkpassword-0.81/Makefile Mon Jan 18 13:34:03 1999
@@ -33,9 +33,10 @@
./instcheck
checkpassword: \
-load checkpassword.o prot.o shadow.lib crypt.lib s.lib
+load log_pam.h haspam.h log_pam.o checkpassword.o prot.o shadow.lib \
+crypt.lib pam.lib s.lib
./load checkpassword prot.o `cat shadow.lib` `cat \
- crypt.lib` `cat s.lib`
+ crypt.lib` `cat pam.lib` `cat s.lib`
checkpassword.0: \
checkpassword.8
@@ -67,6 +68,13 @@
&& echo -lcrypt || exit 0 ) > crypt.lib
rm -f trycrypt.o trycrypt
+pam.lib: \
+trypam.c compile load
+ ( ( ./compile trypam.c && \
+ ./load trypam -lcrypt -lpam -ldl ) >/dev/null 2>&1 \
+ && echo log_pam.o -ldl -lpam || exit 0 ) > pam.lib
+ rm -f trypam.o trypam
+
error.a: \
makelib error.o error_str.o
./makelib error.a error.o error_str.o
@@ -79,6 +87,13 @@
compile error_str.c error.h
./compile error_str.c
+haspam.h: \
+trypam.c compile load
+ ( ( ./compile trypam.c && \
+ ./load trypam -lcrypt -lpam -ldl ) >/dev/null 2>&1 \
+ && echo \#define HAS_PAM || exit 0 ) > haspam.h
+ rm -f trypam.o trypam
+
hasshsgr.h: \
chkshsgr warn-shsgr tryshsgr.c compile load
./chkshsgr || ( cat warn-shsgr; exit 1 )
@@ -137,6 +152,10 @@
'-o "$$main" "$$main".o $${1+"$$@"}' \
) > load
chmod 755 load
+
+log_pam.o: \
+compile log_pam.c haspam.h
+ ./compile log_pam.c
makelib: \
warn-auto.sh systype
diff -ruN checkpassword-0.81-old/SYSDEPS checkpassword-0.81/SYSDEPS
--- checkpassword-0.81-old/SYSDEPS Sat Nov 21 21:29:52 1998
+++ checkpassword-0.81/SYSDEPS Mon Jan 18 13:33:13 1999
@@ -6,3 +6,4 @@
hasspnam.h
hasuserpw.h
hasshsgr.h
+haspam.h
diff -ruN checkpassword-0.81-old/TARGETS checkpassword-0.81/TARGETS
--- checkpassword-0.81-old/TARGETS Sat Nov 21 21:29:52 1998
+++ checkpassword-0.81/TARGETS Mon Jan 18 15:51:10 1999
@@ -12,10 +12,12 @@
prot.o
shadow.lib
crypt.lib
+pam.lib
checkpassword
prog
install.o
hier.o
+log_pam.o
auto-str.o
systype
makelib
diff -ruN checkpassword-0.81-old/checkpassword.c checkpassword-0.81/checkpassword.c
--- checkpassword-0.81-old/checkpassword.c Sat Nov 21 21:29:52 1998
+++ checkpassword-0.81/checkpassword.c Mon Jan 18 15:54:36 1999
@@ -16,6 +16,11 @@
static struct passwd *pw;
static char *stored;
+#include "haspam.h"
+#ifdef HAS_PAM
+#include "log_pam.h"
+#else
+
#include "hasspnam.h"
#ifdef HASGETSPNAM
#include <shadow.h>
@@ -28,6 +33,8 @@
static struct userpw *upw;
#endif
+#endif
+
void doit(login)
char *login;
{
@@ -105,13 +112,22 @@
while (up[i++]) if (i == uplen) _exit(2);
doit(login);
-
+#ifndef HAS_PAM
encrypted = crypt(password,stored);
for (i = 0;i < sizeof(up);++i) up[i] = 0;
+#endif
+#ifdef HAS_PAM
+ if (!pam_pop3_check(login,password)) {
+ for (i = 0;i < sizeof(up);++i) up[i] = 0;
+ _exit(1);
+ }
+ for (i = 0;i < sizeof(up);++i) up[i] = 0;
+#else
if (!*stored || strcmp(encrypted,stored)) _exit(1);
+#endif
if (prot_gid((int) pw->pw_gid) == -1) _exit(1);
if (prot_uid((int) pw->pw_uid) == -1) _exit(1);
if (chdir(pw->pw_dir) == -1) _exit(111);
diff -ruN checkpassword-0.81-old/hier.c checkpassword-0.81/hier.c
--- checkpassword-0.81-old/hier.c Sat Nov 21 21:29:52 1998
+++ checkpassword-0.81/hier.c Mon Jan 18 15:50:21 1999
@@ -3,4 +3,6 @@
void hier()
{
c(auto_home,"bin","checkpassword",-1,-1,0700);
+ d(auto_home,"etc/pam.d",-1,-1,0755);
+ c(auto_home,"etc/pam.d","qmail-pop3",-1,-1,0644);
}
diff -ruN checkpassword-0.81-old/log_pam.c checkpassword-0.81/log_pam.c
--- checkpassword-0.81-old/log_pam.c Thu Jan 1 01:00:00 1970
+++ checkpassword-0.81/log_pam.c Mon Jan 18 13:33:13 1999
@@ -0,0 +1,129 @@
+/*
+ * Program: Pluggable Authentication Modules login services
+ *
+ * Author: Michael K. Johnson
+ * Red Hat Software
+ * Internet: [EMAIL PROTECTED]
+ *
+ *
+ */
+/*
+ * This majority of this code was lifted from the src.rpm for imap
+ * in the RedHat-4.2 updates directory
+ * by Kelley Lingerfelt [EMAIL PROTECTED]
+ */
+�
+#include "haspam.h"
+#ifdef HAS_PAM
+#include <stdio.h>
+#include <stdlib.h>
+#include <pwd.h>
+#include <sys/types.h>
+#include <string.h>
+#include <security/pam_misc.h>
+#include <security/pam_appl.h>
+#include <security/pam_modules.h>
+#include <security/pam_filter.h>
+/* Static variables used to communicate between the conversation function
+ * and the server_login function
+ */
+static char *PAM_username;
+static char *PAM_password;
+static int PAM_error = 0;
+
+/* for compability with older pam stuff, before the stupid transposition */
+#ifndef PAM_CRED_ESTABLISH
+#define PAM_CRED_ESTABLISH 0x0002U
+#endif
+
+/* PAM conversation function
+ * Here we assume (for now, at least) that echo on means login name, and
+ * echo off means password.
+ */
+static int PAM_conv (int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void *appdata_ptr) {
+ int count = 0, replies = 0;
+ struct pam_response *reply = NULL;
+ int size = sizeof(struct pam_response);
+
+ #define GET_MEM if (reply) realloc(reply, size); else reply = malloc(size); \
+ if (!reply) return PAM_CONV_ERR; \
+ size += sizeof(struct pam_response)
+ #define COPY_STRING(s) (s) ? strdup(s) : (char *)NULL
+
+ for (count = 0; count < num_msg; count++) {
+ switch (msg[count]->msg_style) {
+ case PAM_PROMPT_ECHO_ON:
+ GET_MEM;
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies++].resp = COPY_STRING(PAM_username);
+ /* PAM frees resp */
+ break;
+ case PAM_PROMPT_ECHO_OFF:
+ GET_MEM;
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies++].resp = COPY_STRING(PAM_password);
+ /* PAM frees resp */
+ break;
+ case PAM_TEXT_INFO:
+ /* ignore it... */
+ break;
+ case PAM_ERROR_MSG:
+ default:
+ /* Must be an error of some sort... */
+ free (reply);
+ PAM_error = 1;
+ return PAM_CONV_ERR;
+ }
+ }
+ if (reply) *resp = reply;
+ return PAM_SUCCESS;
+}
+static struct pam_conv PAM_conversation = {
+ &PAM_conv,
+ NULL
+};
+
+/* Server log in
+ * Accepts: user name string
+ * password string
+ * Returns: T if password validated, NIL otherwise
+ */
+int pam_pop3_check (char *user, char *pass)
+{
+ pam_handle_t *pamh;
+ int pam_error;
+/* char tmp[MAILTMPLEN]; */
+ struct passwd *pw = getpwnam (user);
+
+ /* Now use PAM to do authentication. For now, we won't worry about
+ * session logging, only authentication. Bail out if there are any
+ * errors. Since this is a limited protocol, and an even more limited
+ * function within a server speaking this protocol, we can't be as
+ * verbose as would otherwise make sense. It would be nice if we
+ * could return a string for the server to pass the the client and/or
+ * log, but that doesn't exist right now. If it is ever added, PAM
+ * could make good use of it.
+ * Query: should we be using PAM_SILENT to shut PAM up?
+ */
+ #define PAM_BAIL if (PAM_error || (pam_error != PAM_SUCCESS)) { \
+ pam_end(pamh, 0); return 0; \
+ }
+ PAM_password = pass;
+ PAM_username = user;
+ pam_error = pam_start("qmail-pop3", user, &PAM_conversation, &pamh);
+ PAM_BAIL;
+ pam_error = pam_authenticate(pamh, 0);
+ PAM_BAIL;
+ pam_error = pam_acct_mgmt(pamh, 0);
+ PAM_BAIL;
+ pam_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
+ PAM_BAIL;
+
+ pam_end(pamh, PAM_SUCCESS);
+ /* If this point is reached, the user has been authenticated. */
+ return 1;
+}
+#endif
diff -ruN checkpassword-0.81-old/log_pam.h checkpassword-0.81/log_pam.h
--- checkpassword-0.81-old/log_pam.h Thu Jan 1 01:00:00 1970
+++ checkpassword-0.81/log_pam.h Mon Jan 18 13:33:13 1999
@@ -0,0 +1 @@
+int pam_pop3_check (char *, char *);
diff -ruN checkpassword-0.81-old/qmail-pop3 checkpassword-0.81/qmail-pop3
--- checkpassword-0.81-old/qmail-pop3 Thu Jan 1 01:00:00 1970
+++ checkpassword-0.81/qmail-pop3 Mon Jan 18 13:33:13 1999
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth required /lib/security/pam_listfile.so onerr=fail item=user sense=deny
+file=/etc/no_mail
+auth required /lib/security/pam_pwdb.so shadow nullok
+account required /lib/security/pam_pwdb.so
diff -ruN checkpassword-0.81-old/trypam.c checkpassword-0.81/trypam.c
--- checkpassword-0.81-old/trypam.c Thu Jan 1 01:00:00 1970
+++ checkpassword-0.81/trypam.c Mon Jan 18 13:33:13 1999
@@ -0,0 +1,4 @@
+main()
+{
+ ;
+}
hi,
since now i had an smtp-server started throug the inetD.
Now I want/wanted to set up the same with the tcpserver. But
after installing the server didn't allow the users of
/etc/hosts.allow to relay. This was the setting before:
tcp-env: 209.0.51.4, 10.0.0.0/255.0.0.0 : setenv = RELAYCLIENT
I tryed it out with
tcpserver: 209.[...]
smtpd: 209.[...]
but it didn't work out.
Can you tell me witch string must be the tcp-env of inetD?
Another thing is that I can't think of creating lists with ezmlm.
Is there anywhere a good FAQ about the easy things?
The other one are all written down in the FAQ. This one isn't <eg>.
ThX,
Michael Bracker
Hello.
We are using qmail here for a 8 months now and we are very satisfied with
it. As we don't switch to maildir right now (it has to wait a bit because
we've got few custom tools that needs to be converted).
So i have evaluated the available pop clients.
Standard Redhat poper (comes with imapk dist i supose) was big and too slow
for us so i've chosen qpopper as everybody says it's a good one. Our
mailserver worked great, expect when under heavy pop load. qpoppers tooks a
lot of time and smtp activity suffered.
I've fund cucipop lately. compiled it and instaled here and i must say that
the performance of it is GREAT.
My question is: are there any reasons for not using cucipop? How do you
feel about it? Is it better or worse than qpopper? Are (were) there any
security holes? Why is everybody using qpopper when there is a
smaller/faster/better alternative (not talking about qmail-pop)
Kris
Is there an easy way to convert ezmlm's archive dirs into a standard
mailbox (so i can parse it with mailbox -> html converters)?
Kris
Lorens Kockum writes:
> Rejecting after the MAIL FROM or the RCPT TO is implemented
> (patches?), I haven't looked really closely at it, but it seems
> to work.
Yes, it's been implemented.
[ snip ]
> So, if that failure code could be relayed as the reply to the
> end of the DATA transaction, it would be very nice.
Been there, done that, brought back postcards.
The only difference is that instead of procmail, my patch runs maildrop as
the filtering engine. The patch used to work with procmail too (and, it
actually still does), but I'm not really supporting that anymore. Too many
problems with procmail.
Hi all,
I've been using qmail and vchkpw for a few months and I love it. I'm having
trouble setting up a new user with a period in his name, i.e.,
[EMAIL PROTECTED]
I've entered ./vadduser [EMAIL PROTECTED] and it created the proper
sub-directory and vpasswd entry. When I sent mail to [EMAIL PROTECTED],
qmail processes the .qmail-default file and forwards the email to the
postmaster.
I also tried setting up the same user with a colon instead of a period,
i.e., john:[EMAIL PROTECTED], but that didn't work either.
Any ideas?
Rob.
+-----------------------+---------------------------+
| Robert A. Metcalf | |
| TheInternet.com | To avoid situations in |
| [EMAIL PROTECTED] | which you might make a |
| www.TheInternet.com | mistake may be the |
| 612-630-2800 voice | biggest mistake of all. |
| 612-630-8191 fax | |
+-----------------------+---------------------------+
Hmmm.... The following might be a useful technique. I don't need it
myself, but if someone does, could they report back to me on its
usefulness?
Let's say that you've had a host in control/locals (let's say that
it's "services.net"), and you want to add another address to it
without making that address accessible via all your other locals.
That means that you have to move it to control/virtualdomains. Of
course, you don't know what addresses are actually in use, without
tracking them over a long period of time. Do the following steps:
1) stop qmail
2) remove the host from control/locals
3) add the host to control/virtualdomains (services.net:alias-services)
4) create ~alias/.qmail-services-default with this line in it:
|forward "$LOCAL"
5) put your new alias in a file named ~alias/.qmail-services-NEWADDRESS
This creates a mapping from all the current addresses @services.net to
the same addresses @`cat /var/qmail/control/me`, and adds the new
address which is only @services.net.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Hi my name is Abegail
I'm the Red Head on the website.
Follow this link to see what I look like.
http://xxx-free-pics.net/sexy-girls/abbe/abbe/images/lace2122.jpg
Get my free file to access 300,000 pics & videos!
Check out my hot nasty collection. You want the best � this is the
only source that you will need! Look no further - access the largest
hardcore sex computer system in the world!
Get my free file and download unlimited xxxhardcore pics, hot porn
movies, and hot sex sound files! Plus much more waiting for you! This
is a step above the rest!
http://xxx-free-pics.net/sexy-girls/abbe/instructions.htm
Thanks for Your Time
Abe
This is a one time mailing.
On 17 Jan 1999 [EMAIL PROTECTED] wrote:
>
> Hi my name is Abegail
Looks like it's time for the qmail list to be limited to subscriber-only
posts with non-subscriber posts going to a moderator.
This works quite well to keep spam levels at zero for a couple of lists
I maintain. And, since most posts come from subscribers, discussion
isn't delayed significantly.
I will gladly volunteer my services as moderator if needed.
Vern
--
,+'^'+,
Vern Hart O Creative Design Engineer - The Hungry Programmers
`+,.,+' [EMAIL PROTECTED] http://www.hungry.org
2:03pm up 37 day(s), 4:12, 25 users, load average: 0.35, 0.29, 0.23
On Mon, Jan 18, 1999 at 02:03:48PM -0700, Vern Hart wrote:
> On 17 Jan 1999 [EMAIL PROTECTED] wrote:
> >
> > Hi my name is Abegail
>
> Looks like it's time for the qmail list to be limited to subscriber-only
> posts with non-subscriber posts going to a moderator.
Well, make sure a posting from [EMAIL PROTECTED] (me) then gets approved
automatically since [EMAIL PROTECTED] is on the list. I know that
a few subscribers use this method to filter out mail. Can be done automatically
I guess.
> This works quite well to keep spam levels at zero for a couple of lists
> I maintain. And, since most posts come from subscribers, discussion
> isn't delayed significantly.
Agreed.
> I will gladly volunteer my services as moderator if needed.
Good luck :)
Greetz, Peter.
--
<squeezer> AND I AM GONNA KILL MIKE | Peter van Dijk
<squeezer> hardbeat, als je nog nuchter bent: | [EMAIL PROTECTED]
<squeezer> @date = localtime(time); | realtime security d00d
<squeezer> $date[5] += 2000 if ($date[5] < 37); |
<squeezer> $date[5] += 1900 if ($date[5] < 99); | * blah *
On Tue, 19 Jan 1999, Peter van Dijk wrote:
> >
> > Looks like it's time for the qmail list to be limited to subscriber-only
> > posts with non-subscriber posts going to a moderator.
>
> Well, make sure a posting from [EMAIL PROTECTED] (me) then gets
> approved automatically since [EMAIL PROTECTED] is on the
> list. I know that a few subscribers use this method to filter out
> mail. Can be done automatically I guess.
That's what the subscriber list under DIR/extra is for. And a person
could subscribe their alternate email addresses to it themselves by
emailing [EMAIL PROTECTED]
I think that's an ezmlm-idx'ism and I'm not sure if Dan's running -idx.
> > I will gladly volunteer my services as moderator if needed.
>
> Good luck :)
It shouldn't be that big of a deal. But it's a mute point unless djb
implements it.
Cheers,
Vern
--
,+'^'+,
Vern Hart O Creative Design Engineer - The Hungry Programmers
`+,.,+' [EMAIL PROTECTED] http://www.hungry.org
9:45pm up 37 day(s), 11:54, 21 users, load average: 0.18, 0.16, 0.16
I have a question that may have been covered else ware or maybe even in the
docs but I can't find it.
Is it possible to have qmail-smtp use an environment var as apposed to
control/me for echoing back the "hostname"
ie 220 $ENV{host} ESMTP
instead of
220 control/me ESMTP
??
Thanks
Only by changing the code in qmail-smtpd.c
At 12:39 PM 1/18/99 -0800, Darcy Buskermolen wrote:
>I have a question that may have been covered else ware or maybe even in the
>docs but I can't find it.
>
>Is it possible to have qmail-smtp use an environment var as apposed to
>control/me for echoing back the "hostname"
>ie 220 $ENV{host} ESMTP
> instead of
>220 control/me ESMTP
>
>??
>
>Thanks
>
>
>
>
Darcy Buskermolen writes:
> Is it possible to have qmail-smtp use an environment var as apposed to
> control/me for echoing back the "hostname"
> ie 220 $ENV{host} ESMTP
> instead of
> 220 control/me ESMTP
No, but you could do this:
echo 'Welcome!' >/var/qmail/control/smtpgreeting
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
D. J. Bernstein <[EMAIL PROTECTED]> writes on 17 January 1999 at 04:24:14 -0000
> The qmail mailing list delivers each message to more than 1000 hosts
> within 60-80 seconds after the message is opened.
>
> For example, these five messages were submitted simultaneously, and led
> to nearly 5000 successful deliveries in the first 5 minutes:
>
> > 24354 Dec 19 1998 0:05:07
> > 24353 Dec 19 1998 0:03:50
> > 24352 Dec 19 1998 0:02:43
> > 24351 Dec 19 1998 0:01:37
> > 24350 Dec 19 1998 0:00:35
And I'd call this really excellent performance.
> Of course, all bets are off when there's a network outage:
>
> > 25731 Jan 13 1999 6:11:23
Well, yes :-( .
I started quoting actual round-trip times when I saw several claims of
1-2 *second* turnaround times as being typical (I'm more than willing
to believe that some people see them now and then); that seemed
optimistic, and certainly didn't match my experience.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
Hello, My qmail config is woking now, anyway,
now I'm wondering how I can get my host to relay all users (the faq mentions
selective relaying, but since I don't need the selective part, i thought there
might be an easier way than installing that package).
Regards,
Johan Mjones
Please go back and reread what was said in the FAQ. This is EXACTLY what
you need to do. You do NOT want to relay for anybody in the world. You
want to relay for YOUR users (selective relaying restricts it to YOUR
users).
On Mon, 18 Jan 1999, [iso-8859-1] Johan Mj�nes wrote:
> Hello, My qmail config is woking now, anyway, now I'm wondering how I can get my
>host to relay all users (the faq mentions selective relaying, but since I don't need
>the selective part, i thought there might be an easier way than installing that
>package).
>
> Regards,
>
> Johan Mjones
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Manager
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
In answer to the question, I believe not having a control/rcpthosts
file will cause qmail to act as an open relay. Alternatively, setting
the environment variable RELAYCLIENT to an empty string for the
qmail-smtpd process will have the same effect.
On Mon, 18 Jan 1999, Timothy L. Mayo wrote:
> Please go back and reread what was said in the FAQ. This is EXACTLY what
> you need to do. You do NOT want to relay for anybody in the world. You
> want to relay for YOUR users (selective relaying restricts it to YOUR
> users).
Since there are valid reasons for wanting to run - and use - an open
mail relay, you don't *know* that this person doesn't want to run an
open relay. Sure, spammers will probably find - and abuse -
it. However, there are ways to deal with them, as well. Last time I
looked, ORBS was perfectly happy with you running open relays, so long
as you took one or more of those measures.
<mike
Text written by Luca Olivetti at 12:17 AM 1/18/99 +0100:
>Remember, we are not in the States: we have metered local calls, our data
>lines are 10 times more expensive than yours (due to centuries of state
>monopolies) and our providers are even more clueless and incompetent than
>yours.
<TEASING>
Centuries? You've had phone/data lines around for over 200 years? Wow!
That puts you way the hell ahead of us! Even if you're including telegraph
lines, we've only had those things for about 150 years here in the States.
</teasing>
IIRC, telegraph was invented around 1845 or so, right? And the telephone
around 1875-ish? So, while "over a century" of monopolized data-lines would
be possible (and impressively venerable), "centuries" seems excessive to
me. :)
--Kai MacTane.
My Maildir webmail CGI client has reached a somewhat workable state, and
I'm opening the source code. This is a cgi-bin application that presents a
hotmail.com/usa.net/whatever type of an HTML interface to the contents of
your Maildir mailbox.
For more information, see
http://www.geocities.com/SiliconValley/Peaks/5799/sqwebmail/
If after installing the code you decide to play with it, for a while, don't
forget to subscribe to the mailing list.
This is alpha code. It may not uncompress, compile, install, or work, for
you. Due to the extremely sensitive nature of the application, it may be a
while before it gets to a state that's considered stable and secure enough
for general deployment.
DJB wrote:
> I'm interested in credible plans for eliminating spam: e.g., using the
> legal system to bankrupt spammers, and widely advertising the results;
> or using digital cash to incorporate secure prepayments into Internet
> mail. I'm not interested in security through obscurity.
How about this.
I can't take credit for the ideas - I'm just joining two potential solutions.
1 - We already have the RBL.
2 - We setup a "dummy" address to which when our mail system receives
a spam it records some pattern from that email and matches this pattern
against further emails from that host - any matches are rejected/discarded
or placed somewhere else.
Idea from this originally belongs to Elie Rosenbloom (nyx.net)
So lets design a system where we, as contributing MTAs, register a few
dummy addresses with a central (or distributed) RBL type setup.
We all make up these arbitrary addresses and seed the spammers databases
with them (by posting to usenet or putting them on webpages) and register
these addresses with the "RBL".
If any emails come into these seeded addresses then we register some info
about that email with the RBL.
All incoming emails are checked against this RBL-type database to see if
we should accept or deny this email.
It is likely that we'll need some double level check to happen - probably
a stage 1 check like the real rbl which checks to see if the incoming ip
address may be a problem one. If so then we check the emails headers
against the database to see if this is indeed a spam.
The spammers would never be able to figure out the seeded addresses and the
only real way around this system would be to use different source IPs for
sending emails (not practical) if sending direct to MX. If they use an open
relay then it'll quickly kill off connections from that machine - but we would
need to build in a TTL since the last spam registered from that host (e.g.
12 or 24 hours).
So, Why wouldn't this work?
Paul Gregg
--
Email pgregg at tibus.net | Email pgregg at nyx.net | Eight out of every
Technical Director | System Administrator | five people are math
The Internet Business Ltd | Nyx Public Access Internet | illiterates.
http://www.tibus.net | http://www.nyx.net | - Anon.
>If any emails come into these seeded addresses then we register some info
>about that email with the RBL.
Which info would you record? The forged envelope sender or the unwitting
third-party relay?
>sending emails (not practical) if sending direct to MX. If they use an open
>relay then it'll quickly kill off connections from that machine - but we would
>need to build in a TTL since the last spam registered from that host (e.g.
>12 or 24 hours).
>
>So, Why wouldn't this work?
Because most open relays are not well administered, if at all. All you'd
succeed in doing is RBLing most open relays.
But, we already know who they are (or did with dorkslayers et al) and can
block them without the need for an elaborate scheme.
Probably spamtools is the place for this discussion as the politics of
dealing with open relays is the controvery not the technology and it has
nothing specific to do with qmail.
Regards.
Mark Delany wrote:
>>If any emails come into these seeded addresses then we register some info
>>about that email with the RBL.
> Which info would you record? The forged envelope sender or the unwitting
> third-party relay?
1) IP address of the remote host and 2) From / Subject / To ?
The thing spammers are least likely to much with is the subject. But if you
recorded all 3 you could do a reasonably quick "intelli" match on other
emails from that host.
>>sending emails (not practical) if sending direct to MX. If they use an open
>>relay then it'll quickly kill off connections from that machine - but we would
>>need to build in a TTL since the last spam registered from that host (e.g.
>>12 or 24 hours).
>>
>>So, Why wouldn't this work?
> Because most open relays are not well administered, if at all. All you'd
> succeed in doing is RBLing most open relays.
> But, we already know who they are (or did with dorkslayers et al) and can
> block them without the need for an elaborate scheme.
No, I don't think you've grasped the concept. If I received an email to
a seeded address then Qmail-? would immediately update the "RBL" with 1&2
above.
Then when the spammer gets around to spamming mira.net customers your "RBL"
check will kill it mid flight.
It's a co-operative thing where only the first few emails will get through
and 99% of subsequent emails (from this spammer) will be blocked at
the co-operating MTA.
> Probably spamtools is the place for this discussion as the politics of
> dealing with open relays is the controvery not the technology and it has
> nothing specific to do with qmail.
Yes it isn't Qmail specific at all, I was just responding to Dan's suggestion
for something that would work.
Paul.
--
Email pgregg at tibus.net | Email pgregg at nyx.net | Eight out of every
Technical Director | System Administrator | five people are math
The Internet Business Ltd | Nyx Public Access Internet | illiterates.
http://www.tibus.net | http://www.nyx.net | - Anon.
From: Paul Gregg <[EMAIL PROTECTED]>
:1) IP address of the remote host and 2) From / Subject / To ?
:No, I don't think you've grasped the concept. If I received an email to
:a seeded address then Qmail-? would immediately update the "RBL" with 1&2
:above.
This is both
1) Not the job of an MTA
and
2) a DOS attack in the making.
Besides, this would be easy enough to implement with a .qmail file and some
nifty bash scripting.
:Paul.
--Adam
>> Which info would you record? The forged envelope sender or the unwitting
>> third-party relay?
>
>1) IP address of the remote host and 2) From / Subject / To ?
>
>The thing spammers are least likely to much with is the subject. But if you
>recorded all 3 you could do a reasonably quick "intelli" match on other
>emails from that host.
Well, only until you put a tool in place that matches on Subject. How much
code does a spammer have to write to randomize the Subject?
Then what will you match on? The envelope details? How much code does it take
to randomize the envelope details?
Then what will you match on? The content? How much code does it take to
randomize the content?
Then what will you match on?
What you need to do is put yourself in the position of the spammer and ask,
"Can I think of a way around this technique". If so, well, so too can spammers.
>No, I don't think you've grasped the concept.
Well, I think I have actually... Seeded detection of spam is not new. If a
spammer sufficiently randomizes their headers, content and their relay, how
will you detect them reliably?
Answer: you can't.
But I could be wrong. What's say you supply the 'reasonably quick "intelli"
match' and I'll see if I can supply a program that generates spams that get
thru. Let's use perl as the language.
Regards.
Mark Delany <[EMAIL PROTECTED]> wrote:
> Well, only until you put a tool in place that matches on
> Subject. How much code does a spammer have to write to randomize the
> Subject?...Then what will you match on? The content? How much code
> does it take to randomize the content?
At which point spam is virtually undetectable, of course.
Not much code is required--this is fairly well-understood technology.
See <http://www.geocities.com/Tokyo/Towers/5190/complaint.htm> for an
amusing example.
Plenty of others exist, including one which generates post-modernist
essays ready for publication. That demonstrates something about
academia, I'm sure...
Len.
--
It is an abomination to kings to commit wickedness: for the throne is
established by righteousness. --Proverbs 16:12
Paul Gregg <[EMAIL PROTECTED]> wrote:
> DJB wrote:
> > I'm interested in credible plans for eliminating spam...I'm not
> > interested in security through obscurity.
[snip]
> 1 - We already have the RBL.
>
> 2 - We setup a "dummy" address to which when our mail system
> receives spam it records some pattern from that email...
[snip]
> So, Why wouldn't this work?
This suggestion has two parts. First, it is a way to attract spam.
Second, it leads to "pattern matching" as a spam-fighting technique.
I think the first part is fine, if you want to be proactive about
identifying spammers. The second is, I think, what DJB means by
"security through obscurity".
In an earlier post, he observed:
You seem to think that spam is a pattern-recognition problem. It
isn't. You're ignoring the anti-fax effect: anti-spam rules become
useless when enough people start using them. Spammers adapt.
In general, I agree with this observation--in the long run, any
particular pattern-matching approach to stopping spam is doomed; each
pattern will work for some period, and then fail.
Ultimately, spam will evolve into something which perfectly mimics
legitimate email. For example, if an email is 100% 822-compliant, has
exactly one envelope recipient which matches the single "To:"
recipient, and exactly one "From:" address, which matches the envelope
sender and is valid, what pattern-matching by the recipient can be
sure whether it is spam?
Now suppose that this spam is trickled out, just below VMailer's
"mailbomb" threshold, through a non-blacklisted ISP...and remember, a
_valid_ From: address need not be the _sender's_ From: address.
Len.
--
I wasn't talking about sendmail+shell versus sendmail. I said you
would need dozens of subshells to make _qmail_ as slow as sendmail.
-- Prof. Dan Bernstein
Sorry for asking this list, but our news server is down, so I cannot post it
to the pine newsgroup.
I noticed that as soon as my ~/Mailbox has at least one message in it, and I
open pine, the following gets inserted in the top of the Mailbox
--------------
Date: Mon, 18 Jan 1999 21:55:20 -0600 (EST)
From: Mail System Internal Data <[EMAIL PROTECTED]>
Subject: DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
X-IMAP: 0916718116 0000000011
This text is part of the internal format of your mail folder, and is not
a real message. It is created automatically by the mail system software.
If deleted, important folder data will be lost, and it will be re-created
with the data reset to initial values.
--------------------
This is not visible in pine, but it is in mutt, or any other mail reader.
Is this normal with pine 4.04?
Interestingly, one of the spam filtering advice in the O'Reilly book on spam
is to filer out all mail the subject of which contains all capital letters.
Thanks,
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
On Mon, 18 Jan 1999, Mate Wierdl wrote:
> Sorry for asking this list, but our news server is down, so I cannot post it
> to the pine newsgroup.
>
> I noticed that as soon as my ~/Mailbox has at least one message in it, and I
> open pine, the following gets inserted in the top of the Mailbox
> --------------
> Date: Mon, 18 Jan 1999 21:55:20 -0600 (EST)
> From: Mail System Internal Data <[EMAIL PROTECTED]>
> Subject: DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
> X-IMAP: 0916718116 0000000011
[ snip ]
That's some Pine 4 gibberish. You can get rid of it by going into setup,
and checking off "quell-folder-internal-msg".
This message will actually stay there, but, if something gets rid of it,
it won't come back.
On Mon, 18 Jan 1999, Mate Wierdl wrote:
[Text included by Pine on one's email deleted]
> This is not visible in pine, but it is in mutt, or any other mail reader.
> Is this normal with pine 4.04?
Well, I'm using Pine 4.02 right now and it also includes this damn
message. This is the reason why I'll be changing my mail reader to Mutt
very soon.
[]s, Roger...
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rogerio Brito - [EMAIL PROTECTED] - http://www.ime.usp.br/~rbrito
Undergraduate Computer Science Student - "Windows? Linux and X!"
Bootleg/trade page: http://www.ime.usp.br/~rbrito/bootleg.html
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
OK, so it is not like my pine binary got altered by some intruder...
Thx
mate
At 08:09 PM 1/18/99 , Sam wrote:
>On Mon, 18 Jan 1999, Mate Wierdl wrote:
>> Date: Mon, 18 Jan 1999 21:55:20 -0600 (EST)
>> From: Mail System Internal Data <[EMAIL PROTECTED]>
>> Subject: DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
>> X-IMAP: 0916718116 0000000011
>
>That's some Pine 4 gibberish. You can get rid of it by going into setup,
>and checking off "quell-folder-internal-msg".
>
>This message will actually stay there, but, if something gets rid of it,
>it won't come back.
That message also gets put in by the UW-IMAP server.
--Ludwig Pummer ( [EMAIL PROTECTED] )
ICQ UIN: 692441 ( [EMAIL PROTECTED] )
Hi,
I am trying to get qmail working, and need some help...
I have a machine connected to work via ISDN, and it is on the work network.
I also use it to connect to my ISP. I want to use qmail and fetchmail and
diald to manage my (and my wife's) email through the ISP.
When I send mail to anyone local on my machine, I want it to go directly
to them. When I send mail to someone remote, I want it to go through
my ISP, and when they respond, it needs to go back to the ISP, where
fetchmail can bring it to my machine.
So, some of my control files are:
me: f64.work.com
locals: f64.work.com (to define local addresses)
defaultdomain: work.com
defaulthost: sonic.net (my ISP)
plusdomain: work.com
smtproutes: :mail.sonic.net
If I send mail to myself using the local-local test from TEST.deliver,
the mail is delivered remotely to the sonic mailserver, because sonic.net
is added to my username. How do I get qmail to stop doing this?
If I put my full host and domain ([EMAIL PROTECTED]) instead of just
my username, the local delivery works fine.
I have read through the provided docs, and cannot figure it out.
The mailing list archives discuss the recipientmap control file, which is
apparently gone.
Any ideas?
Niels Jensen
On Mon, 18 Jan 1999, Niels Jensen wrote:
>
> So, some of my control files are:
>
> me: f64.work.com
> locals: f64.work.com (to define local addresses)
> defaultdomain: work.com
> defaulthost: sonic.net (my ISP)
> plusdomain: work.com
> smtproutes: :mail.sonic.net
>
> If I send mail to myself using the local-local test from TEST.deliver,
> the mail is delivered remotely to the sonic mailserver, because sonic.net
> is added to my username. How do I get qmail to stop doing this?
That's because your defaulthost is sonic.net. When qmail-inject sends
an email to an address without a host, it adds the default host (see
qmail-inject manpage).
Change it to f64.work.com.
Actually, you should change it to whatever is in control/me because
f64.work.com is obviously not a valid host name.
Cheers,
Vern
-- __ _____ ___ _ _
\ \ / / __| _ \ \| |
Vern Hart \ V /| _|| / .` |
[EMAIL PROTECTED] \_/ |___|_|_\_|\_|
10:38pm up 37 day(s), 12:47, 24 users, load average: 0.13, 0.15, 0.16
Niels, the instructions here...
http://home.earthlink.net/~dougvw/mailqueue.html
worked for me almost 100% I don't have ISDN though - just a normal modem
dialup. Hope this helps.
Niels Jensen wrote:
>
> Hi,
>
> I am trying to get qmail working, and need some help...
>
> I have a machine connected to work via ISDN, and it is on the work network.
> I also use it to connect to my ISP. I want to use qmail and fetchmail and
> diald to manage my (and my wife's) email through the ISP.
>
> When I send mail to anyone local on my machine, I want it to go directly
> to them. When I send mail to someone remote, I want it to go through
> my ISP, and when they respond, it needs to go back to the ISP, where
> fetchmail can bring it to my machine.
>
> So, some of my control files are:
>
> me: f64.work.com
> locals: f64.work.com (to define local addresses)
> defaultdomain: work.com
> defaulthost: sonic.net (my ISP)
> plusdomain: work.com
> smtproutes: :mail.sonic.net
>
> If I send mail to myself using the local-local test from TEST.deliver,
> the mail is delivered remotely to the sonic mailserver, because sonic.net
> is added to my username. How do I get qmail to stop doing this?
>
> If I put my full host and domain ([EMAIL PROTECTED]) instead of just
> my username, the local delivery works fine.
>
> I have read through the provided docs, and cannot figure it out.
> The mailing list archives discuss the recipientmap control file, which is
> apparently gone.
>
> Any ideas?
>
> Niels Jensen
