qmail Digest 12 Feb 1999 11:00:16 -0000 Issue 549
Topics (messages 21818 through 21880):
SMTP Authentication
21818 by: [EMAIL PROTECTED]
21819 by: Stefan Paletta <[EMAIL PROTECTED]>
21824 by: "Petr Novotny" <[EMAIL PROTECTED]>
21828 by: Pedro Melo <[EMAIL PROTECTED]>
21831 by: Russ Allbery <[EMAIL PROTECTED]>
SMTP AUTENTICATION
21820 by: [EMAIL PROTECTED]
21850 by: Christian Asmussen <[EMAIL PROTECTED]>
vacation
21821 by: [EMAIL PROTECTED]
21830 by: "Chris Garrigues" <[EMAIL PROTECTED]>
21835 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
21875 by: "Peter Samuel" <[EMAIL PROTECTED]>
21876 by: "Peter Samuel" <[EMAIL PROTECTED]>
snapshot of qmail�s health
21822 by: Mark Delany <[EMAIL PROTECTED]>
21842 by: "Eric Dahnke" <[EMAIL PROTECTED]>
Which domain name to put where?
21823 by: [EMAIL PROTECTED]
21827 by: [EMAIL PROTECTED] (Lorens Kockum)
Qmail, Majordomo, and virtual domains
21825 by: Chuck Milam <[EMAIL PROTECTED]>
21837 by: Mate Wierdl <[EMAIL PROTECTED]>
21841 by: Mate Wierdl <[EMAIL PROTECTED]>
21844 by: Peter Gradwell <[EMAIL PROTECTED]>
21847 by: "Fred Lindberg" <[EMAIL PROTECTED]>
21849 by: Chuck Milam <[EMAIL PROTECTED]>
21852 by: "Fred Lindberg" <[EMAIL PROTECTED]>
Tarpitting
21826 by: Chris Johnson <[EMAIL PROTECTED]>
21848 by: "Joe Garcia" <[EMAIL PROTECTED]>
masq. all except local users ?
21829 by: "Len Budney" <[EMAIL PROTECTED]>
21846 by: Dirk Vleugels <[EMAIL PROTECTED]>
maillog "status"
21832 by: Joergen Persson <[EMAIL PROTECTED]>
21839 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
slow delivery
21833 by: Franky Van Liedekerke <[EMAIL PROTECTED]>
21838 by: Mark Delany <[EMAIL PROTECTED]>
21843 by: Franky Van Liedekerke <[EMAIL PROTECTED]>
21856 by: Mark Delany <[EMAIL PROTECTED]>
To: line
21834 by: Mate Wierdl <[EMAIL PROTECTED]>
Need help: Qmail-SMTPD freezes
21836 by: Stephan Mueller <[EMAIL PROTECTED]>
Patch to disable .qmail support for ordinary users
21840 by: "Niall R. Murphy" <[EMAIL PROTECTED]>
21858 by: Mark Delany <[EMAIL PROTECTED]>
100,000 mailing lists
21845 by: Peter Gradwell <[EMAIL PROTECTED]>
21855 by: Mark Delany <[EMAIL PROTECTED]>
unable to switch to queue
21851 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
Popmail to one particular user does not work but "mail" does!
21853 by: "Philip Rhoades" <[EMAIL PROTECTED]>
concurrencyremote limit
21854 by: Mark Delany <[EMAIL PROTECTED]>
environmental variables in .qmail?
21857 by: Duncan <[EMAIL PROTECTED]>
Am I being exceedingly silly?
21859 by: Chris Green <[EMAIL PROTECTED]>
21860 by: [EMAIL PROTECTED]
21861 by: "Eric Dahnke" <[EMAIL PROTECTED]>
21862 by: [EMAIL PROTECTED]
21863 by: "Eric Dahnke" <[EMAIL PROTECTED]>
21864 by: "Eric Dahnke" <[EMAIL PROTECTED]>
21865 by: Vince Vielhaber <[EMAIL PROTECTED]>
21866 by: [EMAIL PROTECTED]
21867 by: James Smallacombe <[EMAIL PROTECTED]>
21868 by: "Peter C. Norton" <[EMAIL PROTECTED]>
21869 by: Richard Letts <[EMAIL PROTECTED]>
21870 by: "Sam" <[EMAIL PROTECTED]>
21871 by: Scott Schwartz <[EMAIL PROTECTED]>
binding qmail-smtpd|qmail-ofmipd to different IP address
21872 by: Robin Bowes <[EMAIL PROTECTED]>
21873 by: Mark Delany <[EMAIL PROTECTED]>
Helping a guy out with qmail
21874 by: Bill Parker <[EMAIL PROTECTED]>
Am I being exceedingly silly - thanks for answers!
21877 by: Chris Green <[EMAIL PROTECTED]>
21878 by: "Petr Novotny" <[EMAIL PROTECTED]>
automatic notify upon delivery?
21879 by: Franky Van Liedekerke <[EMAIL PROTECTED]>
Am I being exceedingly silly - yes!
21880 by: Chris Green <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi folks,
since we do global dialin roaming, I need to come up with a method to
allow
relaying from unknown IP adresses while preventing spam.
Does anyone know of qmail patches AND clients to implement
draft-myers-smtp-auth-12.txt ?
(found e.g. on ftp://ftp.isi.edu/internet-drafts)
If not, has anyone tried implementing the AUTH=LOGIN scheme available in
latest
Netscape Communicator?
It's described in
http://help.netscape.com/products/server/messaging/3x/info/smtpauth.html.
Thanks
Markus
begin:vcard
n:Storm;Markus
tel;fax:++49 +5241 80-67867
x-mozilla-html:FALSE
org:mediaWays GmbH;NTM-T
adr:;;;G�tersloh;;33311;Germany
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;-18624
fn:Markus Storm
end:vcard
[EMAIL PROTECTED] wrote/schrieb/scribsit:
> I need to come up with a method to allow
> relaying from unknown IP adresses while preventing spam.
Good! :-)
> Does anyone know of qmail patches AND clients to implement
> draft-myers-smtp-auth-12.txt ?
> If not, has anyone tried implementing the AUTH=LOGIN scheme available in
> latest Netscape Communicator?
The only authtication method I know to be working with qmail and
probably any MUA out there is smtp-after-pop. There is a very much
complete package at www.qmail.org from Russell Nelson.
GMX btw. does this.
Stefan
> > Does anyone know of qmail patches AND clients to implement
> > draft-myers-smtp-auth-12.txt ?
> > If not, has anyone tried implementing the AUTH=LOGIN scheme
> > available in latest Netscape Communicator?
>
> The only authtication method I know to be working with qmail and
> probably any MUA out there is smtp-after-pop. There is a very much
> complete package at www.qmail.org from Russell Nelson. GMX btw. does
> this.
Well, there must be around one million ways to do that... The morale
is: as soon as qmail-smtpd gets to receiving the message, RELAYCLIENT
has to be set to "". There are two basic approaches:
1. Something happens before you connect to port 25. (It might be
successful POP3 login, but it might be anything else.) This action
triggers a program which updates tcp.smtp (whatever it's called) by
adding remote IP:allow,RELAYCLIENT="" line and rebuilds the cdb
(tcprules). (You then have to remove this line after some time - like
ten minutes.)
2. You have a wrapper around qmail-smtpd which listens to the first
part of communication and if it sees something special, it invokes
qmail-smtpd with updated environment (adding RELAYCLIENT=""); if it
doesn't, it invokes it without modified environment.
The only implementation now available (AFAIK) is smtp-after-pop; but
it's quite simple to write another one to suit your needs.
If you want to know how SMTP authentization works, you should read
the corresponding RFC (hey gurus, what's the corresponding RFC?).
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
On 11-Feb-99 Russ Allbery wrote:
> Petr Novotny <[EMAIL PROTECTED]> writes:
>
>> If you want to know how SMTP authentization works, you should read
>> the corresponding RFC (hey gurus, what's the corresponding RFC?).
>
> Is there an RFC for SMTP AUTH? A quick scan of the index doesn't reveal
> one, or any Internet draft apart from draft-newman-auth-resp-00.txt for
> authentication responses.
No RFC as far as I know, but the draft is here:
http://www.ietf.org/internet-drafts/draft-myers-smtp-auth-12.txt
Melo
---
Pedro Melo [EMAIL PROTECTED]
IP - Engenharia http://ip.pt/
Tel: +351-1-3166740 Av. Duque de Avila, 23
Fax: +351-1-3166701 1049-071 LISBOA - PORTUGAL
Linux: up 21 days and 18:16, 6 users, load average: 1.16, 0.81, 0.60
Petr Novotny <[EMAIL PROTECTED]> writes:
> If you want to know how SMTP authentization works, you should read
> the corresponding RFC (hey gurus, what's the corresponding RFC?).
Is there an RFC for SMTP AUTH? A quick scan of the index doesn't reveal
one, or any Internet draft apart from draft-newman-auth-resp-00.txt for
authentication responses.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Thanks for all of you trying to help, but this is not what I was asking
for.
I didn't want to start another thread about how to restrict relaying
(tcpserver, smtp-after-pop, ...).
Someone recently mentioned this thread starts about once a month.
I just want to know whether someone out there has already implemented
the authentication method described in draft-myers-smtp-auth-12.txt OR
the
subset described in
http://help.netscape.com/products/server/messaging/3x/info/smtpauth.html.
Markus
Christian Asmussen wrote:
>
> Hey I have been asking that for a while. What I got till now was:
>
> run tcpserver ...
>
> If you really find out how to do it, PLEASE let me know!!!!???
>
> thanx a lot!
>
> --------------------------------------------
> |/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\|
> --------------------------------------------
> Chrisitan Willy Asmussen
> [EMAIL PROTECTED]
> http://www.kriconet.com.br/~krico
> ICQ# 1572199
begin:vcard
n:Storm;Markus
tel;fax:++49 +5241 80-67867
x-mozilla-html:FALSE
org:mediaWays GmbH;NTM-T
adr:;;;G�tersloh;;33311;Germany
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;-18624
fn:Markus Storm
end:vcard
Hey I have been asking that for a while. What I got till now was:
run tcpserver ...
If you really find out how to do it, PLEASE let me know!!!!???
thanx a lot!
--------------------------------------------
|/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\|
--------------------------------------------
Chrisitan Willy Asmussen
[EMAIL PROTECTED]
http://www.kriconet.com.br/~krico
ICQ# 1572199
Hello!
I have a little problem with qmail 1.03 on Solaris 2.6
with /var/mail as spool directory.
Everything works fine except the vacation program!!!
I used the used the vacation program from Solaris (sendmail).
But the vacation works only the first time when it's enabled.
The first time it sends back the vacation message as expected,
but then never again.
Then I tried the vacation program from Peter Samuel ......
the same thing ... one time and never again.
But the mail is in the users mailbox.
Does anyone have a solution for this???
Thanx,
Herbert
-----------------------------------------------------------------------
Herbert Zaunmair
Institute of Applied Computer Science
Department of Information Systems
University of Linz Tel: +43(732)2468 ext 9830
Altenbergerstr. 69 Fax: +43(732)2468 ext 9511
A-4040 Linz, Austria Email: [EMAIL PROTECTED]
-----------------------------------------------------------------------
hey, I've got a different question about the vacation program.
It doesn't seem to be on any of my RedHat Linux boxes. What RPM do I need to
get it?
Chris
--
Chris Garrigues Deep Eddy Internet Consulting
+1 512 432 4046 609 Deep Eddy Avenue O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78703-4513
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
- [EMAIL PROTECTED]:
| But the vacation works only the first time when it's enabled.
| The first time it sends back the vacation message as expected,
| but then never again.
Isn't that how the vacation program is supposed to work? Only one
message to each address. If someone else sends a message, they'll get
one too, but never more than once per week. The vacation program here
has an option -r to set the time interval.
- Harald
On 11 Feb 1999 [EMAIL PROTECTED] wrote:
>
>
> Hello!
>
> I have a little problem with qmail 1.03 on Solaris 2.6
> with /var/mail as spool directory.
> Everything works fine except the vacation program!!!
>
> I used the used the vacation program from Solaris (sendmail).
> But the vacation works only the first time when it's enabled.
> The first time it sends back the vacation message as expected,
> but then never again.
>
> Then I tried the vacation program from Peter Samuel ......
> the same thing ... one time and never again.
>
> But the mail is in the users mailbox.
>
> Does anyone have a solution for this???
The solution is in the man page :) By default vacation will only reply
once. Subsequent mails from the same person are checked against the
timstamp recorded in the dbm file. If the time between replies is less
than one week, vacation will not reply. This is the standard sun
vacation behaviour, it is also the behaviuor in Larry Wall's original
perl implementation and hence its the standard behaviour in my
implementation (based on Larry's).
You can change the timeout setting using the -t option
-tN Change the interval between repeat replies to the same
sender. The default is 1 week. A trailing s, m, h, d, or
w scales the number N to seconds, minutes, hours,
days or weeks respectively. For example, to set the
interval value to 3 days you would specify -t3d.
There should be no spaces between the -t and N. This
option is only useful when specified in the ~/.qmail
file.
So to use a timeout of 1 second, your .qmail file would look like
this
| /usr/local/bin/vacation -t1s psamuel
/home/psamuel/Mailbox
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
On Thu, 11 Feb 1999, Chris Garrigues wrote:
>
> hey, I've got a different question about the vacation program.
>
> It doesn't seem to be on any of my RedHat Linux boxes. What RPM do I need to
> get it?
It doesn't ship as an rpm. It ships as source code and you have to
build it yourself. This is a trivial task as all you need to do is
modify the Makefile and tell it where you want to install it and where
perl lives.
ftp://ftp.uniq.com.au/pub/tools/qmail/qmail-vacation-1.3.tar.gz
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
Uniq Professional Services, [EMAIL PROTECTED]
a division of X-Direct Pty Ltd
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
At 05:38 AM 2/11/99 PST, Eric Dahnke wrote:
>Hi,
>
>What is the best way to get a snapshot of qmail�s current health.
>
>Currently I use ps and top and a perl script to see the size of the
>queue. But there has got to be a better way.
Correct. There are *lots* of ways and they all boil down to one thing. Any
system reaches a resource limit. Which resource depends on the nature of the
system, but conceptually you need to monitor the resource that is next to
be exceeded.
In the qmail case, assuming concurrency levels have been set commensurate
with system resources, you need to monitor how often your system sits at the
concurrency limits.
One way of doing this is to monitor the log entries of qmail and tcpserver
and track how often the system is at the concurrency[local|remote] limits and
how often it reaches the tcpserver -c limits. This is pretty triv with a
simple awk/perl script - any decent programmer you hire should be able to do
this.
The other aspect that's not immediately apparent is the qmail-stat output
and the number of todo entries. If this is large and increasing be, very,
very worried.
>I looked at the archives, web site, and FAQ but didn�t see anything.
>
>What the hell is concurrency remote?
Erum, man qmail-control should give you a hint. But the bottom line is, if
you don't know what this means you need to do a fair amount of homework to
get up to speed.
Regards.
Hi,
What is the best way to get a snapshot of qmail�s current health.
Currently I use ps and top and a perl script to see the size of the
queue. But there has got to be a better way.
I looked at the archives, web site, and FAQ but didn�t see anything.
What the hell is concurrency remote?
Thx - eric
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
>A class A is xxx.*.*.*
>A class B is xxx.xxx.*.*
>A class C is xxx.xxx.xxx.*
>
>BUT THE REVERSE IS NOT TRUE.
Indeed, and I understand that. Just was confused about 192.168.N.0,
where N was non-zero. Thanks for the clarifications, y'all!
tq vm, (burley)
On the qmail list [EMAIL PROTECTED] wrote:
>>The address ranges reserved for private network addressing are listed in
>>RFC 1918 as:
>>
>>A 10.0.0.0 - 10.255.255.255
>>B 172.16.0.0 - 172.31.255.255
>>B 192.168.0.0 - 192.168.255.255
No, that *is* a C on that last line.
>Thanks for correcting me. Somehow I got confused, perhaps by something
>I read, that the 192.168.0.0 was a class C, not B, space reserved
>for unconnected networks. (Maybe that used to be the case and I was
>looking at old docs, but never mind!)
No, it is class C namespace, but it is not *a* class C.
192.168.0.* is a class C, 192.168.13.* is a class C, and
192.168.*.* is 256 class C networks.
A class A is xxx.*.*.*
A class B is xxx.xxx.*.*
A class C is xxx.xxx.xxx.*
BUT THE REVERSE IS NOT TRUE.
If you don't understand, don't worry too much, today you almost
never have to make a distinction between classes A, B, and C.
Just don't mention them, and talk of /8, /16, and /24, which
represent any network having an address space respectively like
a class A, B, and C.
If you are interested, read the original RFCs on IP numbers.
--
#include <std_disclaim.h> Lorens Kockum
On Wed, 10 Feb 1999, Russ Allbery wrote:
> Does Majordomo get the entire virtual domain?
Unfortunatey, no. That's what makes it a little tougher.
> If not, there are a few ways to do it. One way is to put the
> individual users that Majordomo needs (LIST, LIST-owner, LIST-request,
> and LIST-approval) directly into control/virtualdomains and map them
> to the Majordomo user.
Hmm...I hadn't thought about trying it that way. Thanks. I think I'll
give that a shot with a test list.
> The other way is to piggyback on whatever you're currently using to
> control disposition of the mail to a given virtual domain.
I'm using qmail with at least one virtual domain controled by a user,
i.e.: all mail for domain xxx.domain.yyy is controlled by a non-root user
using .qmail files in his home directory.
Other domains will remain under administrative control, the "root.dude"
will be responsible for them.
> What do you mean by "appear as"? If you mean that the Received lines
> have to match, you'll have a problem there, because qmail-remote
> doesn't have a way of binding to a specific IP address without
> patches.
Not the "Recieved" lines, but messages originating from a
Majordomo installation working at domain.xxx should appear to come from
[EMAIL PROTECTED] and list postings through that Majordomo should come
from [EMAIL PROTECTED], not domain.yyy. Most likely, I'm guessing this
will involve pointing to different majordomo.cf files, and probably
modifing a copy of majordomo-inject and majordomo-dispatch for each
virtual domain.
----------------------------------------------------------
Chuck Milam I.T. Division - Academic Computing
[EMAIL PROTECTED] University of Wisconsin at Oshkosh
Adam D McKenna <[EMAIL PROTECTED]> writes:
> The cool thing about ezmlm is that you don't need to "know" it. You
> just use it. There are no problems, no annoying bounces, etc. It just
> works.
This is simply not true. How do you subscribe to an ezmlm list? How do
you unsubscribe? How do you close an ezmlm list to non-subscriber
messages? How do you remotely get a listing of who's on the list? How do
you configure the intro message? How do you make the list moderated? I
know the answers to all of those questions, or at least solutions for
them, and they're all different than the answers for Majordomo.
I think Adam just meant that with ezmlm-idx, these are all trivial to
set up (often with just flags to exmlm-make); he did not mean to
compare the methods used under Majordomo. Is not there Majordomo
emulation under ezmlm-idx?
Mate
Adam D McKenna <[EMAIL PROTECTED]> writes:
> As an administrator, getting to know ezmlm took around an hour. As a
> user, it took about five minutes.
Do you have shell access to the ezmlm directories for all of the lists
that you manage? ezmlm is very easy to work with if you do and understand
standard Unix commands and files. But list owners don't normally have
that kind of access at nearly all list hosting sites that I'm aware of.
Again, with ezmlm-idx, there is remote administration...
Mate
At 8:08 am -0600 11/2/99, Chuck Milam wrote:
>On Thu, 11 Feb 1999, Chuck Milam wrote:
>
>> > Does Majordomo get the entire virtual domain?
>>
>> Unfortunatey, no. That's what makes it a little tougher.
>
>I've convinced the users to take a compromise. Instead of trying to
>maintain [EMAIL PROTECTED] and [EMAIL PROTECTED], I'm
>just going to create [EMAIL PROTECTED] and
>[EMAIL PROTECTED] Problem solved...well, problem looks
>easier now, anyway. Now, on to the implementation.
you could of course alias [EMAIL PROTECTED] to username@virtdomain
peter.
--
gradwell dot com ltd - writing the bits of the web you don't see
online @ http://www.gradwell.com/ mailto:[EMAIL PROTECTED]
"To look back all the time is boring. Excitement lies in tomorrow"
On Thu, 11 Feb 1999 07:45:56 -0600, Mate Wierdl wrote:
>compare the methods used under Majordomo. Is not there Majordomo
>emulation under ezmlm-idx?
Yes. ezmlm-request can do that and the ezmlm-idx package has some
support scripts to set it up (see FAQ). It works on top of ezmlm, so it
just translates the requests to command messages. It does LISTS and
WHICH, which are direct and more global commands, but only if the
(unix) permissions allow it access to the lists' subscriber databases.
Differences from majordomo:
-Only 1 command per message.
-Also translates from many listserv/listproc/smartlist commands.
-Also can service non-local lists.
-Some "list name completion"
-This is just a hack to make life easier for subscribers used to
majordomo. Thus, there is no "set password", etc, etc.
-Add ezmlm commands are supported, i.e. the program makes a command
message from anything you throw at it (with address restrictions)
automatically supporting new commands that you might have added to your
list, "faq list", etc. This is also a reason for the one command per
message restriction.
Mail [EMAIL PROTECTED] with e.g. "lists" or "subscribe djb-ezmlm"
as the first line of the message body. The config file is outdated, so
it still has the old names of Dan's lists.
This is in reply to a cross-posted message. I'll send it back to both
lists, but it sounds like a discussion for [EMAIL PROTECTED]
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
On Thu, 11 Feb 1999, Chuck Milam wrote:
> > Does Majordomo get the entire virtual domain?
>
> Unfortunatey, no. That's what makes it a little tougher.
I've convinced the users to take a compromise. Instead of trying to
maintain [EMAIL PROTECTED] and [EMAIL PROTECTED], I'm
just going to create [EMAIL PROTECTED] and
[EMAIL PROTECTED] Problem solved...well, problem looks
easier now, anyway. Now, on to the implementation.
Thanks for sharing your insight, folks.
----------------------------------------------------------
Chuck Milam I.T. Division - Academic Computing
[EMAIL PROTECTED] University of Wisconsin at Oshkosh
On Thu, 11 Feb 1999 08:08:22 -0600 (EST), Chuck Milam wrote:
>ust going to create [EMAIL PROTECTED] and
>[EMAIL PROTECTED] Problem solved...well, problem looks
>easier now, anyway. Now, on to the implementation.
I know you want majordomo, but for others: this is the way to do it
when you want to emulate majordomo, because all the lists are owned (in
the unix sense) by the same user. Thus, e.g. "which" works out of the
box. You still get to configure the emulation as to whether or not to
support "lists" for any given list.
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
There was some discussion a while back about tarpitting. If you don't know what
that is (I didn't when it first came up), it's the process of inserting a small
sleep in an SMTP session for each RCPT TO after some set number of RCPT TOs.
The idea is to thwart spammers who would hand your SMTP server a single message
with a long list of RCPT TOs.
The subject originally came up in a discussion of ways to run an open relay
safely (I didn't suggest it, and I don't do that kind of thing), but it could
also be useful in keeping your own dial-up customers from using you as a spam
relay.
I've made a simple patch to qmail-smtpd to allow it to do tarpitting. There are
two control files involved: control/tarpitcount and control/tarpitdelay.
tarpitcount is the number of RCPT TOs you accept before you start tarpitting,
and tarpitdelay is the number of seconds of delay to introduce after each
message. tarpitcount defaults to 0 (which means no tarpitting), and tarpitdelay
defaults to 5. If NOTARPIT is set in the environment (perhaps by tcpserver)
then no tarpitting is done. (I had considered doing this the other way
around--no tarpitting would be done unless TARPIT was set, irrespective of
control/tarpitcount. Any suggestions on this point?)
If anyone is interested, it's at http://www.palomine.net/qmail/tarpit.patch.
I'm not vouching for the effectiveness of doing tarpitting or whether it's a
good thing to do to your customers, but there was some interest in it, so there
it is.
Chris
I just finished one last week, I have to get my bosses approval to relase it
though.
Joe
> -----Original Message-----
> From: Chris Johnson [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 11, 1999 10:33 AM
> To: [EMAIL PROTECTED]
> Subject: Tarpitting
>
>
> There was some discussion a while back about tarpitting. If you
> don't know what
> that is (I didn't when it first came up), it's the process of
> inserting a small
> sleep in an SMTP session for each RCPT TO after some set number
> of RCPT TOs.
> The idea is to thwart spammers who would hand your SMTP server a
> single message
> with a long list of RCPT TOs.
>
> The subject originally came up in a discussion of ways to run an
> open relay
> safely (I didn't suggest it, and I don't do that kind of thing),
> but it could
> also be useful in keeping your own dial-up customers from using
> you as a spam
> relay.
>
> I've made a simple patch to qmail-smtpd to allow it to do
> tarpitting. There are
> two control files involved: control/tarpitcount and control/tarpitdelay.
> tarpitcount is the number of RCPT TOs you accept before you start
> tarpitting,
> and tarpitdelay is the number of seconds of delay to introduce after each
> message. tarpitcount defaults to 0 (which means no tarpitting),
> and tarpitdelay
> defaults to 5. If NOTARPIT is set in the environment (perhaps by
> tcpserver)
> then no tarpitting is done. (I had considered doing this the other way
> around--no tarpitting would be done unless TARPIT was set, irrespective of
> control/tarpitcount. Any suggestions on this point?)
>
> If anyone is interested, it's at
> http://www.palomine.net/qmail/tarpit.patch.
> I'm not vouching for
> the effectiveness of doing tarpitting or whether it's a
> good thing to do to your customers, but there was some interest
> in it, so there
> it is.
>
> Chris
>
Dirk Vleugels <[EMAIL PROTECTED]> wrote:
> i try to masq. all outgoing mail as coming from @domain.com.
^^^
You probably don't mean _all_. As you noticed, root mails really
should not be masqueraded. Cron jobs and other administrative tasks
generate mails which should be strictly local. Using "defaulthost" for
your masquerading has terrible side-effects, as you've discovered.
> Putting domain.com into control/defaulthosts works fine, but
> now all local root mails leave the system (via maildirsmtp)
> as [EMAIL PROTECTED], despite a local ~alias/.qmail-root pointing
> to a local user.
That's because any task which runs a command like "mail root" will be
sending to the defaulthost--which you've set to "domain.com". I
wouldn't do that (even though it's suggested in FAQ 1.1).
Instead, you can apply FAQ 1.2 and FAQ 5.5 from the qmail FAQ.
Note that you only need 5.5 if some clients on host.domain.com use
SMTP directly, like for example Netscape. You might consider,
instead, disabling SMTP on host.domain.com and forcing people to use
domain.com as the SMTP server.
Alternatively, you might set up a mini-qmail installation on
host.domain.com, as per
<ftp://koobera.math.uic.edu/www/qmail/mini.html>.
Hope this helps,
Len.
--
69. If two contend together take not the part of either unconstrained;
and be not obstinate in your own Opinion, in Things indiferent be of
the Major Side.
-- George Washington, "Rules of Civility & Decent Behaviour"
Hello,
i try to masq. all outgoing mail as coming from @domain.com.
Putting domain.com into control/defaulthosts works fine, but
now all local root mails leave the system (via maildirsmtp)
as [EMAIL PROTECTED], despite a local ~alias/.qmail-root pointing
to a local user. I have a .qmail-default file containing:
| forward "$LOCAL"@domain.com
which shouldn't be needed anymore?!? Anyways (with or without
.qmail-default), mail to root leaves the system.
Removing defaulthost (but leaving .qmail-default alone) does
put [EMAIL PROTECTED] in the delivered-to header line, but all
adresses in (from, to, cc, return-path) look still like
this: [EMAIL PROTECTED]
I wan't to archieve that _all_ outgoing mails contain adresses
of the form [EMAIL PROTECTED], but _all_ possible local
deliveries (including root), won't leave the system.
Is this possible at all?
Puzzled,
Dirk
Hi
I'm about to write a script to parse the maillog (to trace errors among
other things - haven't found such). I have one question though, what does
the status line stand for (open connections and deliveries?).
---
Feb 7 11:11:59 gyllenborst qmail: 918382319.243386 status: local 3/10
remote 4/20
---
Sincerely
---
Joergen Persson
Sysadmin TLTH
- Joergen Persson <[EMAIL PROTECTED]>:
| I'm about to write a script to parse the maillog (to trace errors
| among other things - haven't found such).
Did you look at DJB's qmailanalog?
| I have one question though, what does the status line stand for
| (open connections and deliveries?).
It tells you the number of currently active delivery attempts.
The number after the slashes are the concurrencylocal and
concurrencyremote parameters.
- Harald
A small corrections: there are also a number of mails for local delivery (and
forwarding).
I witness the following behaviour:
the first x mails go through without any problems (no problem with the
concurrency: the number of remote processes is always less then 30).
Then, at a sudden point, I see for all newly queued mails (the rest of the
3000) in the logfiles:
918738205.279362 delivery 14284: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
This goes on for all queued emails, and after that newly arrived emails go
through again without problems...
The same if I send an alarm to qmail-send.
Am I hitting the concurrencylocal limit here? Do I need to reload or restart
qmail for this parameter to take effect?
Mark Delany wrote:
> At 10:47 AM 2/11/99 +0100, Franky Van Liedekerke wrote:
> >Hi,
> >
> >I have a list of approx. 3000 addresses, and I need to send a mail to
> >them. What I do now is plit this list in pieces of 50 addresses ech, and
> >then send the mail via talking to smtp port 25 directly.
>
> I wouldn't bother. Send that lot as one submission via qmail-inject.
>
> >Now, the time between sending and delivery (all remote addresses) can be
> >up to 13 hours! This is kind of slow, isn't it?
>
> Is that on the first attempt or final delivery?
>
> >Can I configure some parameters?
> >I now have
> ># tcp connections=150
> >concurrencylocal=40
> >concurrencyremote=40
>
> We need to know what your log files are saying. Is the system at full
> concurrencyremote for hours at a time? If so, increase this until you hit a
> system resource limit.
>
> >Do I need to change these, and or some of the timeout parameters?
> >Anybody has a suggestion on how they did this?
>
> Yes. Assess why the delay is there and whether you have spare system
> resources to reduce that delay. Only you have the info to do that
> assessment, only you have the info to determine whether you have spare
> resources. We can only guess unless you disclose all of that info.
>
> Regards.
At 02:31 PM 2/11/99 +0100, Franky Van Liedekerke wrote:
>A small corrections: there are also a number of mails for local delivery (and
>forwarding).
>
>I witness the following behaviour:
>
>the first x mails go through without any problems (no problem with the
>concurrency: the number of remote processes is always less then 30).
>Then, at a sudden point, I see for all newly queued mails (the rest of the
>3000) in the logfiles:
>
>918738205.279362 delivery 14284: deferral:
>qmail-spawn_unable_to_create_pipe._(#4.3.0)/
>
>This goes on for all queued emails, and after that newly arrived emails go
>through again without problems...
>The same if I send an alarm to qmail-send.
>Am I hitting the concurrencylocal limit here? Do I need to reload or restart
>qmail for this parameter to take effect?
Nope. This is a classic problem. You have hit a resource limit imposed on
qmail by your startup script.
All it is saying is that qmail wants to fork another qmail-remote, but the
fork is failing due to exceeding a ulimit.
We need to know your OS, but in any event you need to increase the number of
child processess in the start-up script. Eg, with solaris, I go:
ulimit -n 256
prior to running qmail-start.
Obviously setting this limit is dependent on your OS.
Regards.
It's solaris 2.6, and when I do ulimit -a as a normal user I get:
core file size (blocks) unlimited
data seg size (kbytes) 2097148
file size (blocks) unlimited
open files 64 ---------> this I'll change using your
suggestion!!
pipe size (512 bytes) 10
stack size (kbytes) 8192
cpu time (seconds) unlimited
max user processes 7957
virtual memory (kbytes) unlimited
Mark Delany wrote:
> At 02:31 PM 2/11/99 +0100, Franky Van Liedekerke wrote:
> >A small corrections: there are also a number of mails for local delivery (and
> >forwarding).
> >
> >I witness the following behaviour:
> >
> >the first x mails go through without any problems (no problem with the
> >concurrency: the number of remote processes is always less then 30).
> >Then, at a sudden point, I see for all newly queued mails (the rest of the
> >3000) in the logfiles:
> >
> >918738205.279362 delivery 14284: deferral:
> >qmail-spawn_unable_to_create_pipe._(#4.3.0)/
> >
> >This goes on for all queued emails, and after that newly arrived emails go
> >through again without problems...
> >The same if I send an alarm to qmail-send.
> >Am I hitting the concurrencylocal limit here? Do I need to reload or restart
> >qmail for this parameter to take effect?
>
> Nope. This is a classic problem. You have hit a resource limit imposed on
> qmail by your startup script.
>
> All it is saying is that qmail wants to fork another qmail-remote, but the
> fork is failing due to exceeding a ulimit.
>
> We need to know your OS, but in any event you need to increase the number of
> child processess in the start-up script. Eg, with solaris, I go:
>
> ulimit -n 256
>
> prior to running qmail-start.
>
> Obviously setting this limit is dependent on your OS.
>
> Regards.
At 10:47 AM 2/11/99 +0100, Franky Van Liedekerke wrote:
>Hi,
>
>I have a list of approx. 3000 addresses, and I need to send a mail to
>them. What I do now is plit this list in pieces of 50 addresses ech, and
>then send the mail via talking to smtp port 25 directly.
I wouldn't bother. Send that lot as one submission via qmail-inject.
>Now, the time between sending and delivery (all remote addresses) can be
>up to 13 hours! This is kind of slow, isn't it?
Is that on the first attempt or final delivery?
>Can I configure some parameters?
>I now have
># tcp connections=150
>concurrencylocal=40
>concurrencyremote=40
We need to know what your log files are saying. Is the system at full
concurrencyremote for hours at a time? If so, increase this until you hit a
system resource limit.
>Do I need to change these, and or some of the timeout parameters?
>Anybody has a suggestion on how they did this?
Yes. Assess why the delay is there and whether you have spare system
resources to reduce that delay. Only you have the info to do that
assessment, only you have the info to determine whether you have spare
resources. We can only guess unless you disclose all of that info.
Regards.
Sam,
Your reply is almost aggressively terse. Perhaps you could explain, for
the benefit of those of us less knowledgeable than yourself, exactly *how*
the To: line is broken and how it might be fixed. What should it look
like? And how does it reflect on section 3.4.6 of RFC822? Is that
section correct, incorrect or merely being taken out of context?
The original post simply asked if the proposed To line rfc compliant
or not, and just asked for the appropriate rfc.
In any case, the used To line is completely incorrect. It has nothing
to do with even the above section 3.4.6 rfc822; how do you want to
want to interpret [SMTP:[EMAIL PROTECTED]] a domain literal? What more
Sam can explain? It is not his job to explain rfc822.
BTWY, section 6.2.3 explains what a domain literal is, and there is
also a paragraph on the recommendation on using them(not):
Domain-literals which refer to domains within the ARPA Inter-
net specify 32-bit Internet addresses, in four 8-bit fields
noted in decimal, as described in Request for Comments #820,
"Assigned Numbers." For example:
[10.0.3.19]
Note: THE USE OF DOMAIN-LITERALS IS STRONGLY DISCOURAGED. It
is permitted only as a means of bypassing temporary
system limitations, such as name tables which are not
complete.
Mate
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Hi there,
if I send an email (locally and remotely) througt Qmail-SMTPD, it often
freezes during processing of larger mails (mostly larger than 50 kb).
E.g. Netscape stops delivering that mail (even after killing Netscape or
other mail programs, qmail-smtpd is still in the process list). The
process list shows a sleeping qmail-smtpd and a sleeping qmail-queue
(they can only be removed by invoking kill). A minute later (after doing
anything) qmail-queue becomes a Zombie.
I tried invoking qmail-smtpd via tcpserver and via xinetd (as discribed
in FAQs). There is no difference.
I use the latest programs of qmail and Linux 2.2.1 (in prior kernel
versions I did not recognized that problem, but at that time I did not
tried delivering a large mail).
Can anybody help me ?
Thanks a lot for answering
--
___________________________
Stephan M�ller, Dresden
mailto:[EMAIL PROTECTED]
http://www.chronox.de
I'm wondering if anyone out there has had experience with qmail and disabling
dot-file support.
As a medium-size ISP we're considering switching to qmail for delivery purposes,
but because of various spam attacks we'd prefer not to allow ordinary users to
be able to use .qmail files. Of course 'alias' still has to be able to control
arbitrary usernames such as 'postmaster' and 'mailer-daemon'.
What I came up with is the patch below -- crufty or what! -- which
is the best I could come up with after two days at staring at Dan's tight,
efficient and extremely sparsely commented code in qmail-local.
I have tested this on non-production systems and it appears to operate as
specified, but perhaps some of you who are thinking about using qmail in
a production system and have a concern about .qmail files would like
to try it out first (and tell me your results).
Note that it introduces a dependency on getpwnam which may not be appropriate
for qmail-local. Suggestions gratefully received.
Niall Murphy
*** qmail-local.c.orig Mon Jun 15 11:53:16 1998
- --- qmail-local.c Thu Feb 4 16:45:06 1999
***************
*** 29,34 ****
- --- 29,39 ----
#include "gfrom.h"
#include "auto_patrn.h"
+ #include "auto_uids.h"
+ #include <pwd.h>
+ #include <sys/types.h>
+ #include "auto_qmail.h"
+
void usage() { strerr_die1x(100,"qmail-local: usage: qmail-local [ -nN ]
user homedir local dash ext domain sender aliasempty"); }
void temp_nomem() { strerr_die1x(111,"Out of memory. (#4.3.0)"); }
***************
*** 381,391 ****
int *cutable;
{
int i;
if (!stralloc_copys(&qme,".qmail")) temp_nomem();
if (!stralloc_cats(&qme,dash)) temp_nomem();
if (!stralloc_cat(&qme,&safeext)) temp_nomem();
! if (qmeexists(fd,cutable)) {
if (safeext.len >= 7) {
i = safeext.len - 7;
if (!byte_diff("default",7,safeext.s + i))
- --- 386,413 ----
int *cutable;
{
int i;
+ struct passwd *dataonuser;
+ uid_t uidofrecipient;
+
+ printf("Entered qmesearch with user = %s\n",user);
+ if ((dataonuser = getpwnam(user)) == NULL) {
+ /* We could have failed for two reasons.
+ A) Out of memory
+ B) User not found.
+ If B has occured then it could be an alias not in the password file
+ that we may nevertheless want to respond to. Therefore we can't bomb
+ out with temp_nomem, we must assign the uid == alias user and
continue on.
+ [EMAIL PROTECTED] Feb 99 */
+ uidofrecipient = auto_uida;
+ } else {
+ uidofrecipient = dataonuser->pw_uid;
+ }
if (!stralloc_copys(&qme,".qmail")) temp_nomem();
if (!stralloc_cats(&qme,dash)) temp_nomem();
if (!stralloc_cat(&qme,&safeext)) temp_nomem();
! if (((unsigned long) auto_uida == uidofrecipient) &&
qmeexists(fd,cutable)) {
! /* if (qmeexists(fd,cutable)) { [EMAIL PROTECTED] feb 98 */
if (safeext.len >= 7) {
i = safeext.len - 7;
if (!byte_diff("default",7,safeext.s + i))
- --
At 03:21 PM 2/11/99 +0000, Niall R. Murphy wrote:
>
>I'm wondering if anyone out there has had experience with qmail and disabling
>dot-file support.
>
>As a medium-size ISP we're considering switching to qmail for delivery purposes,
>but because of various spam attacks we'd prefer not to allow ordinary users to
>be able to use .qmail files. Of course 'alias' still has to be able to control
>arbitrary usernames such as 'postmaster' and 'mailer-daemon'.
>
>What I came up with is the patch below -- crufty or what! -- which
I'm not sure what your patch does exactly, but what I've done in the past
is, rather then turn off .qmail support, I've created a corresponding
"mailhome" for each user and placed the .qmail files in there.
These mailhome directories are not accessable to users directly.
In this way you can still use the .qmail mechanism when needed, but users
don't have the ability to change it directly.
It requires patches to qmail-getpw and checkpassword which you'll need to
make yourself and it also means you have to create and remove their mailhome
as users are created and deleted.
Regards.
At 11:45 pm -0800 10/2/99, Dongping Deng wrote:
>Let's consider a hypothetical situation: a machine needs to host 100,000
>mailing lists, each list has subscribers, say, less than 15; and the
>traffic for each list is less than 3 a day. Will ezmlm be more suitable
>for such situation?
one would assume so, I mean, isn't that what egroups (www....com) use?
ezmlm doesn't seem to care about how much it has to do, just give it memory and
bandwidth and off
it goes.
This is probably better on the ezmlm list though..
Peter
--
gradwell dot com ltd - writing the bits of the web you don't see
online @ http://www.gradwell.com/ mailto:[EMAIL PROTECTED]
"To look back all the time is boring. Excitement lies in tomorrow"
At 11:45 PM 2/10/99 -0800, Dongping Deng wrote:
>Let's consider a hypothetical situation: a machine needs to host 100,000
>mailing lists, each list has subscribers, say, less than 15; and the
>traffic for each list is less than 3 a day.
Lemme see. 100,000 * 15 * 3 = 4.5million deliveries a day.
>Will ezmlm be more suitable for such situation?
It's probably more appropriate to ask whether your underlying qmail system
can deliver 4.5M messages a day. It's within the realms of possibility, but
a standard single spindle system probably wont hack it.
ezmlm won't be fussed if you create a user for each list and manage it that
way, so long as your OS copes with 100K users comfortably.
Regards.
- "D. Carlos Knowlton" <[EMAIL PROTECTED]>:
| [date][hostname] qmail: 91850531.791142 alert: cannot start: unable to
| switch to queue directory
That means exactly what it says. qmail-send, running as user qmails
and group qmail, cannot chdir("queue") from /var/qmail/. Either the
directory doesn't exist, or some permissions have been screwed up.
"make check" will probably tell you what's wrong, and "make setup"
will fix it.
- Harald
qmail People,
- I have a private network with a number of Linux and Windows machines
(192.168.0.x).
- The linux machines all use qmail to send mail to the main server
192.168.0.100.
- Four users I have setup so far can use Eudora to send/retrieve mail from
the main server but can't send mail to one particular user - chris (although
Eudora appears to deliver the mail OK).
- However people can use the UNIX "mail" program on any of the UNIX machines
to send mail to chris quite successfully.
- /usr/qmail/defaultdelivery/rc: ./Maildir/
- ~chris/Maildir/... all set up properly with correct perms etc
- As far as can see this user has no real setup differences to the others
users that work.
Can anyone think of something that would cause this result?
There are no logs to look at for debugging - having a "-d" switch on
qmail-pop3d would be nice.
Thanks,
Phil.
Philip Rhoades
Pricom Pty Limited (ACN 003 252 275)
GPO Box 3411
Sydney NSW 2001
Australia
Mobile: +61:0411-185-652
Fax: +61:2:9959-4909
E-mail: [EMAIL PROTECTED]
At 06:37 PM 2/11/99 +0800, Marlon Anthony Abao wrote:
>hello,
>
> with the release of the new linux kernel, the limit of concurrent
>processes is now raised. according to conf-spawn we cannot raise the qmail
>concurrency limit past 256. is there any reason for this?
>
> i know raising this limit would break some unix boxes. is there a
>theoretical reason to limit it just to 256? a heavily built linux box with
>more than ample memory, processing power, and bandwidth with no load except
>mail deliveries would benefit by raising this limit to something even
>higher than 256.
>
> during a recent changeover of mail servers, my linux box was comfortably
>serving a continuous 240 concurrent remote connections over a period of 2
>days.
The short answer is that a single instance of qmail does not support a
concurrency of more than 255. The author acknowledges this limit in TODO.
The long answer is that there is nothing stopping you from having multiple
instances of qmail each with a concurrency limit of 255. /var/qmail1,
/var/qmail2, /var/qmail3, etc.
The only trick is arranging for your mail to be injected into all the queues
you run. I've done this with a randomized sendmail and qmail-inject wrapper.
I'm sure others will suggest equally good ways of using multiple instances.
Regards.
Hello all,
I have tons of virtualdomains setup. I have web-pages off these
domains that send various kinds of mail. Is there a way I can push the
QMAILHOST,QMAILNAME,QMAILUSER and QMAILINJECT env vars into .qmail so
that envelope info overrides the default localdomain settings? I know i
could have these in the cgi itself or in the httpd.conf per domain, but
would love to know of a way I can do this on a user / dotfile level
rather than hardcoding this info elsewhere.
Thanks for pondering.....
--Mike Duncan
It's late and I'm probably being silly, but......
I have qmail running on my Linux system at home, this has a dial-up
connection to my ISP. It sends and receives mail quite happily from
the Linux system. It also allows other users on the home network to
receive mail using POP3 from the qmail POP3 server on the Linux box.
BUT, how are users on other oomputers on the home ntwork meant to send
mail? They connect to the qmail SMTP server, try and send mail and it
says:-
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
So how is it supposed to work? How can other computers on my SoHO
network send mail???? Help????
Maybe I've just had too much to drink tonight!
--
Chris Green ([EMAIL PROTECTED])
Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
WWW: http://www.isbd.co.uk/
Chris Green <[EMAIL PROTECTED]> writes on 11 February 1999 at 22:11:00 +0000
> It's late and I'm probably being silly, but......
>
> I have qmail running on my Linux system at home, this has a dial-up
> connection to my ISP. It sends and receives mail quite happily from
> the Linux system. It also allows other users on the home network to
> receive mail using POP3 from the qmail POP3 server on the Linux box.
>
> BUT, how are users on other oomputers on the home ntwork meant to send
> mail? They connect to the qmail SMTP server, try and send mail and it
> says:-
>
> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>
> So how is it supposed to work? How can other computers on my SoHO
> network send mail???? Help????
>
> Maybe I've just had too much to drink tonight!
You're almost there. The step you need to take now is to enable
*selective* relaying for only the other systems on your soho network.
This is described in FAQ 5.4.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
Remove the file rcpthosts from /var/qmail/control
Qmail will then accept mail destined for whereever.
Tah - eric
>
>It's late and I'm probably being silly, but......
>
>I have qmail running on my Linux system at home, this has a dial-up
>connection to my ISP. It sends and receives mail quite happily from
>the Linux system. It also allows other users on the home network to
>receive mail using POP3 from the qmail POP3 server on the Linux box.
>
>BUT, how are users on other oomputers on the home ntwork meant to send
>mail? They connect to the qmail SMTP server, try and send mail and it
>says:-
>
>553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>
>So how is it supposed to work? How can other computers on my SoHO
>network send mail???? Help????
>
>Maybe I've just had too much to drink tonight!
>
>--
>Chris Green ([EMAIL PROTECTED])
> Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
> WWW: http://www.isbd.co.uk/
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
DO NOT do this, you will get blacklisted in one qucik hurry.
Quoting Eric Dahnke ([EMAIL PROTECTED]):
> Remove the file rcpthosts from /var/qmail/control
>
> Qmail will then accept mail destined for whereever.
>
> Tah - eric
>
>
> >
> >It's late and I'm probably being silly, but......
> >
> >I have qmail running on my Linux system at home, this has a dial-up
> >connection to my ISP. It sends and receives mail quite happily from
> >the Linux system. It also allows other users on the home network to
> >receive mail using POP3 from the qmail POP3 server on the Linux box.
> >
> >BUT, how are users on other oomputers on the home ntwork meant to send
> >mail? They connect to the qmail SMTP server, try and send mail and it
> >says:-
> >
> >553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
> >
> >So how is it supposed to work? How can other computers on my SoHO
> >network send mail???? Help????
> >
> >Maybe I've just had too much to drink tonight!
> >
> >--
> >Chris Green ([EMAIL PROTECTED])
> > Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
> > WWW: http://www.isbd.co.uk/
>
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
If his machine is on a home network behind a dial-up conection what the
hell does it matter.
- eric
>
>DO NOT do this, you will get blacklisted in one qucik hurry.
>
>
>Quoting Eric Dahnke ([EMAIL PROTECTED]):
>> Remove the file rcpthosts from /var/qmail/control
>>
>> Qmail will then accept mail destined for whereever.
>>
>> Tah - eric
>>
>>
>> >
>> >It's late and I'm probably being silly, but......
>> >
>> >I have qmail running on my Linux system at home, this has a dial-up
>> >connection to my ISP. It sends and receives mail quite happily from
>> >the Linux system. It also allows other users on the home network to
>> >receive mail using POP3 from the qmail POP3 server on the Linux box.
>> >
>> >BUT, how are users on other oomputers on the home ntwork meant to
send
>> >mail? They connect to the qmail SMTP server, try and send mail and
it
>> >says:-
>> >
>> >553 sorry, that domain isn't in my list of allowed rcpthosts
(#5.7.1)
>> >
>> >So how is it supposed to work? How can other computers on my SoHO
>> >network send mail???? Help????
>> >
>> >Maybe I've just had too much to drink tonight!
>> >
>> >--
>> >Chris Green ([EMAIL PROTECTED])
>> > Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
>> > WWW: http://www.isbd.co.uk/
>>
>>
>> ______________________________________________________
>> Get Your Private, Free Email at http://www.hotmail.com
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
If his machine is on a home network behind a dial-up conection what the
hell does it matter.
- eric
>
>DO NOT do this, you will get blacklisted in one qucik hurry.
>
>
>Quoting Eric Dahnke ([EMAIL PROTECTED]):
>> Remove the file rcpthosts from /var/qmail/control
>>
>> Qmail will then accept mail destined for whereever.
>>
>> Tah - eric
>>
>>
>> >
>> >It's late and I'm probably being silly, but......
>> >
>> >I have qmail running on my Linux system at home, this has a dial-up
>> >connection to my ISP. It sends and receives mail quite happily from
>> >the Linux system. It also allows other users on the home network to
>> >receive mail using POP3 from the qmail POP3 server on the Linux box.
>> >
>> >BUT, how are users on other oomputers on the home ntwork meant to
send
>> >mail? They connect to the qmail SMTP server, try and send mail and
it
>> >says:-
>> >
>> >553 sorry, that domain isn't in my list of allowed rcpthosts
(#5.7.1)
>> >
>> >So how is it supposed to work? How can other computers on my SoHO
>> >network send mail???? Help????
>> >
>> >Maybe I've just had too much to drink tonight!
>> >
>> >--
>> >Chris Green ([EMAIL PROTECTED])
>> > Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
>> > WWW: http://www.isbd.co.uk/
>>
>>
>> ______________________________________________________
>> Get Your Private, Free Email at http://www.hotmail.com
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
On 11-Feb-99 Eric Dahnke wrote:
> If his machine is on a home network behind a dial-up conection what the
> hell does it matter.
For one thing, many areas are getting wired with adsl and cable. One day
he switches to that and forgets he's wide open..... Ain't it best to do
it right the first time? Famous last words: "It'll never happen to me"
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
If its up and not behind a firewall it matters. Though granted it will not
necessarily get him black listed but it could get his isp blacklisted. This
type of stuff is exactly what the long discussion about blocking dialups was
caused by.
Davidm
Quoting Eric Dahnke ([EMAIL PROTECTED]):
> If his machine is on a home network behind a dial-up conection what the
> hell does it matter.
>
> - eric
>
> >
> >DO NOT do this, you will get blacklisted in one qucik hurry.
> >
> >
> >Quoting Eric Dahnke ([EMAIL PROTECTED]):
> >> Remove the file rcpthosts from /var/qmail/control
> >>
> >> Qmail will then accept mail destined for whereever.
> >>
> >> Tah - eric
> >>
> >>
> >> >
> >> >It's late and I'm probably being silly, but......
> >> >
> >> >I have qmail running on my Linux system at home, this has a dial-up
> >> >connection to my ISP. It sends and receives mail quite happily from
> >> >the Linux system. It also allows other users on the home network to
> >> >receive mail using POP3 from the qmail POP3 server on the Linux box.
> >> >
> >> >BUT, how are users on other oomputers on the home ntwork meant to
> send
> >> >mail? They connect to the qmail SMTP server, try and send mail and
> it
> >> >says:-
> >> >
> >> >553 sorry, that domain isn't in my list of allowed rcpthosts
> (#5.7.1)
> >> >
> >> >So how is it supposed to work? How can other computers on my SoHO
> >> >network send mail???? Help????
> >> >
> >> >Maybe I've just had too much to drink tonight!
> >> >
> >> >--
> >> >Chris Green ([EMAIL PROTECTED])
> >> > Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
> >> > WWW: http://www.isbd.co.uk/
> >>
> >>
> >> ______________________________________________________
> >> Get Your Private, Free Email at http://www.hotmail.com
> >
>
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
On Thu, 11 Feb 1999, Eric Dahnke wrote:
> If his machine is on a home network behind a dial-up conection what the
> hell does it matter.
I had a dedicated dialup ppp customer get his NT box relayed off of...not
sure exactly how many mails the guy got off, though. If this is a static
IP, it would be a very good idea to close relaying anyway.
> >DO NOT do this, you will get blacklisted in one qucik hurry.
> >
> >
> >Quoting Eric Dahnke ([EMAIL PROTECTED]):
> >> Remove the file rcpthosts from /var/qmail/control
> >>
> >> Qmail will then accept mail destined for whereever.
> >>
> >> Tah - eric
> >>
> >>
> >> >
> >> >It's late and I'm probably being silly, but......
> >> >
> >> >I have qmail running on my Linux system at home, this has a dial-up
> >> >connection to my ISP. It sends and receives mail quite happily from
> >> >the Linux system. It also allows other users on the home network to
> >> >receive mail using POP3 from the qmail POP3 server on the Linux box.
> >> >
> >> >BUT, how are users on other oomputers on the home ntwork meant to
> send
> >> >mail? They connect to the qmail SMTP server, try and send mail and
> it
> >> >says:-
> >> >
> >> >553 sorry, that domain isn't in my list of allowed rcpthosts
> (#5.7.1)
> >> >
> >> >So how is it supposed to work? How can other computers on my SoHO
> >> >network send mail???? Help????
> >> >
> >> >Maybe I've just had too much to drink tonight!
> >> >
> >> >--
> >> >Chris Green ([EMAIL PROTECTED])
> >> > Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
> >> > WWW: http://www.isbd.co.uk/
> >>
> >>
> >> ______________________________________________________
> >> Get Your Private, Free Email at http://www.hotmail.com
> >
>
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
>
James Smallacombe Internet Access for The Delaware
[EMAIL PROTECTED] Valley in PA, NJ and DE
PlantageNet Internet Ltd. http://www.pil.net
=====================================================================
ISPF 2.0b, The Forum for ISPs by ISPs. San Diego, CA, March 8-10 '99
Three days of clues, news, and views from the industry's best and
brightest. http://www.ispf.com for information and registration.
=====================================================================
On Thu, Feb 11, 1999 at 02:45:36PM -0800, Eric Dahnke wrote:
> If his machine is on a home network behind a dial-up conection what the
> hell does it matter.
Justifications like this for shoddy work will always bite back
eventually.
Why set up relay prevention in what is currently a protected
environment? Because it'll teach him how to. Because if anything bad
ever happens to this system he'll be protected. Because it's so much
easier to do this now and never worry about any problems in the
future. Because for the (minor) protection it offers now and the
(major) protection it offers in the ISDN/xDSL/Cable
modem/whatever-to-the-home technology of tomorrow, it has no
significant cost.
-Peter
On Thu, 11 Feb 1999, Eric Dahnke wrote:
> If his machine is on a home network behind a dial-up conection what the
> hell does it matter.
given the number of hacking attempts I see against this machine when I'm
online, and the ammount of mail some people try a and relay though me yes,
it does matter!
Richard
[EMAIL PROTECTED] writes:
> If its up and not behind a firewall it matters. Though granted it will not
> necessarily get him black listed but it could get his isp blacklisted. This
> type of stuff is exactly what the long discussion about blocking dialups was
> caused by.
To that, I say a big phhhhhhhbbbbbbbbllllllllltttttttttttt.
One of my Qmail boxes does a dynamic IP dialup, and may occasionally send
mail.
I can assure you that my ISP is not blacklisted, and is not likely to be
blacklisted in any near future.
I've only encountered one major ISP that implements dynamic IP dialup
blocks. Several smaller corporate entities also.
For the scant few domains that I have a need to regularly exchange mail
with, I use smtproutes to smarthost for those domains only.
For the remaining domains, they are the ones who actually end up being
blacklisted, with a short and polite message informing the sender to try
again from an ISP that won't block my replies.
--
Sam
"Eric Dahnke" <[EMAIL PROTECTED]> writes:
| Remove the file rcpthosts from /var/qmail/control
Well Dan, are you convinced yet to remove this Pro-Spam misfeature from
the next release?
I'm experimenting with running both qmail-smtpd and qmail-ofmipd on the
same box but on different IP addresses.
I've added a second IP address to my ethernet interface:
grafter:/ $ ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:4491 errors:0 dropped:0 overruns:0 frame:0
TX packets:4491 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
eth0 Link encap:Ethernet HWaddr 00:20:AF:0B:6A:6A
inet addr:192.168.0.5 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:102847 errors:15 dropped:0 overruns:11 frame:15
TX packets:63815 errors:0 dropped:0 overruns:0 carrier:0
collisions:3
Interrupt:10 Base address:0x300
eth0:0 Link encap:Ethernet HWaddr 00:20:AF:0B:6A:6A
inet addr:192.168.0.6 Mask:255.255.255.0
UP RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
How do I go about binding ofmipd to listen on the alias IP address
rather than the primary?
Thanks,
R.
--
Two rules to success in life:
1. Don't tell people everything you know.
-- Sassan Tat
At 00:52 12/02/99 +0000, Robin Bowes wrote:
>I'm experimenting with running both qmail-smtpd and qmail-ofmipd on the
>same box but on different IP addresses.
>
>I've added a second IP address to my ethernet interface:
>How do I go about binding ofmipd to listen on the alias IP address
>rather than the primary?
Easy. Nominate the specific address on the tcpserver command line.
Regards.
Hello all,
I am trying to give a guy some assistance with qmail, he is running a
linux box which is on a private network (i.e. the FQDN is NOT known to the
internet)...now when he sends mail with Outlook Express (on his lan to the
Linux box) he gets the following:
heres the error (i think, im look in /var/log/qmail)
918783025.254361 info msg 147722: bytes 2293 from <#@[]> qp 31505 uid 86
918783025.331852 starting delivery 9: msg 147722 to remote postmaster@
918783025.334195 status: local 0/10 remote 1/20
918783025.875727 delivery 9: failure:
Sorry,_I_couldn't_find_any_host_named_._(#5.1.2)/
918783025.879945 status: local 0/10 remote 0/20
918783025.884383 triple bounce: discarding bounce/147722
918783025.885949 end msg 147722
but outlook express said it sent the mail...
Can you give me some hints here...also, how is the Qmail book coming along,
if it is by ORA, i wanna copy the moment it comes off the presses...
-Bill
Thanks everyone for the answer to my query about allowing other
machines on my SoHo network to send mail.
While I *may* remove rcpthosts as an emergency measure to get mail out
I think I will do it properly for a number of reasons:-
1 - I have an ISDN connection so it pops up at the drop of a hat
and may be up at times that I don't notice.
2 - I have a static IP address.
3 - The connection is often up for several hours at a time.
Is it possible to wild card the 'allowed' IP addresses? I could then
allow 192.168.13.* and it wouldn't matter if I change the addresses of
machines on my network, add new ones, etc.
As an aside, if qmail allows relaying by any 'real' IP address isn't
it then possible for a spammer to discover this address and use the
relay by forging his IP address? The 'private' ranges of IP addresses
presumably wouldn't be susceptible to this as they shouldn't be
propagated across the internet.
--
Chris Green ([EMAIL PROTECTED])
Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
WWW: http://www.isbd.co.uk/
> Is it possible to wild card the 'allowed' IP addresses? I could
> then allow 192.168.13.* and it wouldn't matter if I change the
> addresses of machines on my network, add new ones, etc.
192.168.13.:allow,RELAYCLIENT=""
> As an aside, if qmail allows relaying by any 'real' IP address isn't
> it then possible for a spammer to discover this address and use the
> relay by forging his IP address?
That should be protected by the router. qmail has no way to tell if
the IP is forget, but the router certainly knows on which side
the internal net (and its IPs) lays.
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
Hi,
in Netscape mail client, there's an option called "notify me on delivery
on server" that sends the sender a mail back when his mail has been
received by the remote server. Can this be done with qmail as well?
Franky
I have just realised that I obviously was a bit the worse for wear
last night.
Re: my question about other boxes on the local network relaying via
the qmail host.
Since the Linux box running qmail *receives* mail for the other boxes
their addresses need to be in rcpthosts. In reality of course my
situation is not quite like this but I *can* put their addresses in
rcpthots without any ill effects and this will presumably allow them
to send mail.
It's another quirk of a SoHo dial-up LAN as my machines don't have
'real' addresses and I just invented a domain name for my convenience.
To the outside world everyone on my network is [EMAIL PROTECTED] so
I need isbd.demon.co.uk in rcpthosts. I also put server2.isbd.mynet
in rcpthosts as that's my 'local' name for the qmail server machine.
What I need to do is add the other machines' 'local' names to
rcpthosts, which is not obvious at first glance.
--
Chris Green ([EMAIL PROTECTED])
Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED]
WWW: http://www.isbd.co.uk/
