qmail Digest 21 Nov 1999 11:00:02 -0000 Issue 826
Topics (messages 33405 through 33412):
Re: virtual users
33405 by: Edward Castillo-Jakosalem
33407 by: Marcin Jaskowiak
33408 by: Edward Castillo-Jakosalem
33411 by: Marcin Jaskowiak
[A]: qmail's timezone ( can't/shouldn't be changed )
33406 by: mabrown.securepipe.com
OT: Re: sniffing / crypto: Cobain quote
33409 by: Robbie Walker
relaymailfrom
33410 by: Andres Mendez
33412 by: Chris Johnson
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Hi again!
I don't get it. I still can't send to a virtual user with email address
separated by ".".
> > I have first.last@<vdomain>:ecj in my /var/qmail/control/virtualdomains
> > file.
> > I have vdomain in my rcpthosts file.
> > I also have .qmail-first-last in ~ecj which contains /var/spool/mail/ecj.
> > ( the "." should be replaced by "-" right?)
>
> No, replace '.' with ':'
I already did this but got the same error. :-(
Is this format correct?
In my virtualdomains file: unknown:user@vdomain:wala
In ~wala, I have .qmail-unknown-user
I can send email to users at this vdomain that has one word for their email
usernames. But with ".", I get an error regarding MX.
What am I doing wrong here? Please help!
On Sat, 20 Nov 1999, Edward Castillo-Jakosalem wrote:
> I already did this but got the same error. :-(
> Is this format correct?
> In my virtualdomains file: unknown:user@vdomain:wala
> In ~wala, I have .qmail-unknown-user
So maybe you should try .qmail-unknown:user in ~wala? ;)
> I can send email to users at this vdomain that has one word for their email
> usernames. But with ".", I get an error regarding MX.
>
> What am I doing wrong here? Please help!
Greetings,
Marcin Jaskowiak
"It's better to burn out than to fade away..."
- Kurt Cobain
Marcin Jaskowiak wrote:
> On Sat, 20 Nov 1999, Edward Castillo-Jakosalem wrote:
>
> > I already did this but got the same error. :-(
> > Is this format correct?
> > In my virtualdomains file: unknown:user@vdomain:wala
> > In ~wala, I have .qmail-unknown-user
>
> So maybe you should try .qmail-unknown:user in ~wala? ;)
> I have tried that also. See the real email address is unknown.user@vdomain. And
> I understand that "." is not acceptable in the virtualdomains file so I changed
> that to unknown:user@vdomain while in ~wala, I have .qmail-unknown-user.
> > I can send email to users at this vdomain that has one word for their email
> > usernames. But with ".", I get an error regarding MX.
> >
> > What am I doing wrong here? Please help!
>
> Greetings,
> Marcin Jaskowiak
>
> "It's better to burn out than to fade away..."
> - Kurt Cobain
On Sat, 20 Nov 1999, Edward Castillo-Jakosalem wrote:
> [...]
> > So maybe you should try .qmail-unknown:user in ~wala? ;)
>
> > I have tried that also. See the real email address is unknown.user@vdomain. And
> > I understand that "." is not acceptable in the virtualdomains file so I changed
> > that to unknown:user@vdomain while in ~wala, I have .qmail-unknown-user.
"." isn't also acceptable in .qmail-* alias file(s), so please change it
and make this thread it's end ;)
"Come as you are..."
- The same old friend
Edward,
Generally speaking, SMTP mailservers will timestamp the messages they
receive with Greenwich Mean Time (roughly UTC -0000). This is to avoid
confusion with local time zones which change worldwide, since a message
often travels across several time zones. This is not faultless,
because some machines don't agree on what time of day UTC is (i.e.,
they may be minutes or hours off), but it is a convention that mail is
stamped "Received: " in UTC.
If you reall had to have the time stamps /look/ local, you could
always adjust the time on the machine so the UTC time looked local, but
that really is cheating... :-)
The MTA (pine, Netscape, Outlook, balsa, tkrat, Pegasus...) usually
stamps the "Date: " header on the message in localtime, so this is
probably what you'll need to refer to if you don't wish to muck about
with UTC.
Good luck,
-Martin
On 20 Nov, Edward Castillo-Jakosalem wrote:
:
: Hi to all!
: I have two questions.
:
: 1. How can we change the timezone that qmail is using? I would like to
: change it to our localtime.
:
: 2. Does anyone use qmail with digital unix? If so, is there any problem or
: incompatibility observed?
:
: Thanks once again and more power!
:
:
:
:
: Regards,
:
: Edward Castillo Jakosalem
:
--
Martin A. Brown --- SecurePipe Communications --- [EMAIL PROTECTED]
Def Leppard...
Also quoted in "Highlander" by the Kurgan
I wonder where they got it?
Def Leppard isn't known for the magnitude of their intellect.
Robbie " I want my MTV " Walker
At 01:14 AM 11/20/99 , you wrote:
>If you are worried about sniffing, nothing that isn't fully encypted
>is safe. POP, SMTP, telnet, etc. ad nauseum. Talk like "you can only
>sniff if you are root" is silly. I don't know where these people
>work, but everybody here has root for their machine, and certainly
>all the techies at your ISP do for theirs... And about those routers
>on the way...
>
>If you want security, HARD ENCRYPT YOUR CONTENT. And public key
>crypto is NOT hard. (comments from our distinguished author..?)
>Jeesh, people expect MI5 level security from 20 year old public
>protocols.
>
>
>BTW, Cobain stole that quote. I'll leave it as an exercise for the
>reader to figure out from who.
>
>
>
>On Sat, 20 Nov 1999, dd wrote:
>
>> [...]
>> AFAIK one of the documents related to qmail mentioned the insecurity of
>> POP3 protocol and said that in an insecure network the passwords could
>> easily be stolen. today i tried one of the sniffers for linux and got the
>> pass of my friend (of course, i told him that i did so). errm, if i can do
>> this, any other user can do the same too.
>
>And so more, you could even monitor a telnet connection ;)
>Of course if you are a superuser (e.g. root) and users of your subnet are
>too lazy to use ssh.
>
>> hmm, does qmail-pop3d support
>> any kind of encryption of the passwords ? so that i can guarantee the
>> security of the accounts of my users?
>
>There might be several posibilities for that.
>The most common and portable way is propably to use SSL encryption wrapper
>with actual POP, IMAP or any other protocol.
>
>If you want to check this out, go directly to a stunnel web page at
>http://mike.daewoo.com.pl/computer/stunnel, and don't forget to install
>latest OpenSSL or SSLeay code.
>
>Eventualy check my latest downloads at
>ftp://hal.umcs.lublin.pl/pub/security.
>
>> [...]
>> thx, peace and the other good things like haribo,
>> dd
>
>Sincerely,
>Marcin Jaskowiak
>
>"It's better to burn out than to fade away..."
> - Kurt Cobain
Hello.
I've installed the relaymailfrom patch.
I want to deny any relay except for the domains listed in
control/relaymailfrom.
I'm using the tcpserver. How do I do this?
I have read this :
----------------
To give a client relay access, add an entry to /etc/tcp.smtp like:
IP address of client:allow,RELAYCLIENT=""
Then rebuild the SMTP access database by doing:
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp*
----------------
But I want to stop all relaying except for the ones listed in relaymailfrom.
Can I do what I want using this?
--------------------
*:allow,RELAYBYADDRESS=""
:deny
---------------------
On Sat, Nov 20, 1999 at 10:19:18PM +0100, Andres Mendez wrote:
> Hello.
>
> I've installed the relaymailfrom patch.
>
> I want to deny any relay except for the domains listed in
> control/relaymailfrom.
>
> I'm using the tcpserver. How do I do this?
This question should really have gone to me, not to the list. It's not likely
that many people use this patch.
> I have read this :
> ----------------
> To give a client relay access, add an entry to /etc/tcp.smtp like:
>
> IP address of client:allow,RELAYCLIENT=""
>
> Then rebuild the SMTP access database by doing:
>
> tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
> chmod 644 /etc/tcp.smtp*
> ----------------
>
> But I want to stop all relaying except for the ones listed in relaymailfrom.
What does this mean?
> Can I do what I want using this?
> --------------------
> *:allow,RELAYBYADDRESS=""
> :deny
> ---------------------
No. You never want a deny line in there, because then nobody could connect to
your SMTP port from the outside world to deliver you mail. And * has no meaning
as a wildcard to tcprules. Even if you fixed these two things, it still
wouldn't do what you want it to do (and I have no idea what you do want it to
do).
The relaymailfrom patch is pretty simple, and I don't know how the short bit of
documentation that comes in the patch file could be any clearer.
Could you be clearer about what you're trying to accomplish? Chances are that
you don't need this patch anyway.
Chris
