qmail Digest 7 Mar 2000 11:00:01 -0000 Issue 933
Topics (messages 38244 through 38288):
MTA
38244 by: nsaravanan.md.in.dsqsoft.com
Re: Strange problems with tcpserver
38245 by: H�ffelin Holger
rblsmtpd + multiple listings
38246 by: Mark E. Drummond
38250 by: Russell Nelson
38259 by: Mark E. Drummond
Slightly OT: Bcc - who is repsonsible
38247 by: Markus Stumpf
38248 by: petervd.vuurwerk.nl
38249 by: Timothy L. Mayo
38251 by: dusan
38253 by: Anand Buddhdev
38254 by: Russ Allbery
38258 by: Bruno Wolff III
38261 by: petervd.vuurwerk.nl
38263 by: Chris Garrigues
38264 by: Bruno Wolff III
38283 by: Bob Rogers
Re: problems with qmail-pop3d
38252 by: Mate Wierdl
38255 by: Mate Wierdl
38279 by: Vincent Danen
38280 by: Vincent Danen
Re: Slow SMTP
38256 by: Bruno Wolff III
qmail delivery problems
38257 by: John P. Looney
Re: Effective anti spamming
38260 by: Mark E. Drummond
Scan4Virus SegFault
38262 by: Mark E. Drummond
38273 by: Jason Haar
Another error Was: Re: Scan4Virus SegFault
38265 by: Mark E. Drummond
Rewriting subject line
38266 by: Derek Watson
38270 by: Magnus Bodin
MX go boom!
38267 by: Mark E. Drummond
38269 by: Charles Cazabon
38285 by: Anand Buddhdev
stupid question
38268 by: Joel Dudley
Problem with qmail-remote
38271 by: Patrick Bihan-Faou
qmail ok but don't deliver mail, stay in queue
38272 by: dukedavide.libero.it
qmail woes
38274 by: Joel Dudley
qmail and procmail
38275 by: clifford thurber
question
38276 by: Joel Dudley
38277 by: petervd.vuurwerk.nl
38278 by: Stephen Mills
moving from mbox to maildir.
38281 by: Eric Lalonde
38282 by: Russell P. Sutherland
trouble getting mail
38284 by: Eric Lalonde
Forwarding of mails for POP accounts
38286 by: ruchandra.hss.hns.com
38288 by: Ruben van der Leij
Re: SPAMCONTROL patch ??? OPEN RELAY ???
38287 by: Erwin Hoffmann
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Dear all
I need some information for configuring qmail as MTA. The setup is
qmail will be configured to run qmail-smtpd in Machine A
apart from that I have 2 systems MachineB- Domain1
MachineC-
Domain2
I want qmail systems to accept mails for MachineB and Machine C. This can be
done by putting Domain1 and domain2 in rcpthosts. But i want to forward all the
mails for Domain1 to Machine B and Domain2 to Machine C from Machine A. Both
machine B and C are using Lotus notes.
How do i do that?
Please help me
Thanks in advance
N.Saravanan
Systems Administrator
DSQ Software Limited
Chennai
INDIA
> > Hi there!
> >
> > I have a setup with qmail and tcpserver. I defined some
> ip-numbers allowed
> > to relay in tcp.smtp, and the rest should be denied. In
> most cases, this
> > filter works, but from customers I got the note that
> sometimes (not always
> > reproducable) they can relay over this server. Is this a
> bug in tcpserver???
> > The problem is, that the relayclient variable is also set,
> so that the
> > rcpthosts doesn't work.
>
> You should provide more information. Show us the contents of your
> tcp.smtp file. What does your control/rcpthosts file contain?
> Give us an
> example of a relayed message. Only then can someone give you
> an answer.
The rcpthosts just contains a list of domains, one per line. The tcp.smtp
file has a format like:
127.0.0.1:allow,RELAYCLIENT=""
195.245.48.:allow,RELAYCLIENT=""
...
:deny
If I put allow into the last line, the RELAYCLIENT variable is set correctly
(depending on IP) and qmail looks at rcpthosts depending on this variable.
The qmail part works fine. My problem is that some ip-numbers like
212.7.136.244 (dhcp-pool of another provider) can sometimes relay without
any problem. This ip-number is _not_ in tcp.smtp. I do not understand this
behaviour. Sometimes you get a message like "The server answered: 0" and the
connection is closed without sending a mail. Even if I try a telnet on port
25 it sometimes works, sometimes it doesn't.
CU,
Holger
I am a bit confused ... I am looking at Aaron Nabil's patch to allow rblsmtpd
to use multiple listing services ... but does rblsmtpd not already support
multiple services? Of course it does, I'm using the rbl and relays.mail-abuse
right now. Why the patch?
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
Mark E. Drummond writes:
> I am a bit confused ... I am looking at Aaron Nabil's patch to allow rblsmtpd
> to use multiple listing services ... but does rblsmtpd not already support
> multiple services? Of course it does, I'm using the rbl and relays.mail-abuse
> right now. Why the patch?
rblsmtpd lets you invoke multiple instances of itself. Aaron's patch
allows you to avoid an extra exec() of the same program.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
On Mon, Mar 06, 2000 at 09:39:41AM -0500, Russell Nelson wrote:
>
> rblsmtpd lets you invoke multiple instances of itself. Aaron's patch
> allows you to avoid an extra exec() of the same program.
Ah! I see. I guess I'll keep an eye on the load and see what happens as I add
other listings. My MX is currently pretty lightly taxed ... a dual Sun E250
with 1GB of RAM running qmail+scan4virus(one virus scanner only)+rbl+relays and
currently only handling incoming mail for ~2300 people. Load is always < 0.3.
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
Hoi folx,
just had a discussion with a support person. Their MUA is not deleting
Bcc: Lines from the header.
They claim it's within the repsonsibility of the MTA to look at the
headers and "do the right thing".
IMHO this is wrong. However all I could find about it was RFC1123
section 5.2.1, which says the MUA should construct envelope fields for
the SMTP protocol.
Who's right? Any references?
Thanks,
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
On Mon, Mar 06, 2000 at 03:29:06PM +0100, Markus Stumpf wrote:
> Hoi folx,
>
> just had a discussion with a support person. Their MUA is not deleting
> Bcc: Lines from the header.
> They claim it's within the repsonsibility of the MTA to look at the
> headers and "do the right thing".
>
> IMHO this is wrong. However all I could find about it was RFC1123
> section 5.2.1, which says the MUA should construct envelope fields for
> the SMTP protocol.
>
> Who's right? Any references?
Any MTA that touches headers (apart from adding Received: and Delivered-To:
lines and the like - ON TOP!) is broken.
Therefore, you are right :)
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
The Bcc header should be removed by the MUA prior to sending. Anything
else means it is NOT a Bcc!
On Mon, 6 Mar 2000, Markus Stumpf wrote:
> Hoi folx,
>
> just had a discussion with a support person. Their MUA is not deleting
> Bcc: Lines from the header.
> They claim it's within the repsonsibility of the MTA to look at the
> headers and "do the right thing".
>
> IMHO this is wrong. However all I could find about it was RFC1123
> section 5.2.1, which says the MUA should construct envelope fields for
> the SMTP protocol.
>
> Who's right? Any references?
>
> Thanks,
>
> \Maex
>
> --
> SpaceNet GmbH | http://www.Space.Net/ | Stress is when you wake
> Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
> Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
> D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Administrator
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
man qmail-header?
On Mon, Mar 06, 2000 at 03:29:06PM +0100, Markus Stumpf wrote:
> Hoi folx,
>
> just had a discussion with a support person. Their MUA is not deleting
> Bcc: Lines from the header.
Then it's the villain.
> They claim it's within the repsonsibility of the MTA to look at the
> headers and "do the right thing".
Only if the MTA is being used as an MUA. This is the case with sendmail
and exim, for example, where the same binary serves as the daemon as
well as the command line MUA. If the MTA is invoked on the command line
with the -t option, it should strip the Bcc: header. Otherwise, if it
receives the message via SMTP, it should not.
> IMHO this is wrong. However all I could find about it was RFC1123
> section 5.2.1, which says the MUA should construct envelope fields for
> the SMTP protocol.
You can use the logic in this to deduce who is responsible for what.
1. An SMTP server is supposed to use the MAIL FROM: as the sender
address and the RCPT TO:'s as the recipients. It's _not_ supposed to
look in the headers for any sender/recipient info.
2. In that case then, if the SMTP server is not going to look at the
headers, it should not be bothered about stripping any Bcc: fields.
3. Therefore, it is up to the MUA to strip the Bcc: field, and use its
contents in its SMTP dialogue with the mail server to supply the RCPT
fields.
There is some description of how the Bcc: field is to be handled in RFC
822, but it's very ambigious. Here's the relevant section:
4.5.3. BCC / RESENT-BCC
This field contains the identity of additional recipients of
the message. The contents of this field are not included in
copies of the message sent to the primary and secondary reci-
pients. Some systems may choose to include the text of the
"Bcc" field only in the author(s)'s copy, while others may
also include it in the text sent to all those indicated in the
"Bcc" list.
At the end of the day, Bcc: is a feature of the mail client, and the MTA
does not need to bother with it. Take for example, the case where an MUA
sends a message to other users on a system by directly writing messages
in the other users' mailboxes (eg. Pegasus running in Netware). No MTA
is involved there, and if the MUA doesn't strip the Bcc:, it has only
itself to blame.
--
See complete headers for more info
Timothy L Mayo <[EMAIL PROTECTED]> writes:
> The Bcc header should be removed by the MUA prior to sending. Anything
> else means it is NOT a Bcc!
Every Unix mail client I'm aware of that uses /usr/lib/sendmail or the
equivalent as the mail sending interface passes Bcc to it and expects it
to deal with it. qmail-header(5) says:
Every message must contain at least one To or Cc or Bcc.
qmail-inject deletes any Bcc field.
So it's not quite true that *all* MUAs must concern themselves with this.
Of course, the original question probably concerned an MUA that thought it
could speak SMTP to a mail server when it actually wasn't speaking SMTP at
all (it probably also expects unqualified addresses to work). The
solution may be to run ofmipd for such clients, from the mess822 package.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
On Mon, Mar 06, 2000 at 03:29:06PM +0100,
Markus Stumpf <[EMAIL PROTECTED]> wrote:
> Hoi folx,
>
> just had a discussion with a support person. Their MUA is not deleting
> Bcc: Lines from the header.
> They claim it's within the repsonsibility of the MTA to look at the
> headers and "do the right thing".
>
> IMHO this is wrong. However all I could find about it was RFC1123
> section 5.2.1, which says the MUA should construct envelope fields for
> the SMTP protocol.
>
> Who's right? Any references?
I think it is useful to consider there as being three types of mail programs
instead of just two. There MTAs, MUAs and injection programs. I believe it
is the injection programs' responsibility to strip bcc headers. The issue
is a bit confused by sendmail, becuase the same binary runs in different
modes as both an MTA and an injection program.
On Mon, Mar 06, 2000 at 09:15:22AM -0600, Bruno Wolff III wrote:
> On Mon, Mar 06, 2000 at 03:29:06PM +0100,
> Markus Stumpf <[EMAIL PROTECTED]> wrote:
> > Hoi folx,
> >
> > just had a discussion with a support person. Their MUA is not deleting
> > Bcc: Lines from the header.
> > They claim it's within the repsonsibility of the MTA to look at the
> > headers and "do the right thing".
> >
> > IMHO this is wrong. However all I could find about it was RFC1123
> > section 5.2.1, which says the MUA should construct envelope fields for
> > the SMTP protocol.
> >
> > Who's right? Any references?
>
> I think it is useful to consider there as being three types of mail programs
> instead of just two. There MTAs, MUAs and injection programs. I believe it
> is the injection programs' responsibility to strip bcc headers. The issue
> is a bit confused by sendmail, becuase the same binary runs in different
> modes as both an MTA and an injection program.
I agree, this changes my original stand a little bit in that indeed
_injection_ programs should strip Bcc's.
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
> From: [EMAIL PROTECTED]
> Date: Mon, 6 Mar 2000 16:46:09 +0100
>
> On Mon, Mar 06, 2000 at 09:15:22AM -0600, Bruno Wolff III wrote:
> >
> > I think it is useful to consider there as being three types of mail programs
> > instead of just two. There MTAs, MUAs and injection programs. I believe it
> > is the injection programs' responsibility to strip bcc headers. The issue
> > is a bit confused by sendmail, becuase the same binary runs in different
> > modes as both an MTA and an injection program.
>
> I agree, this changes my original stand a little bit in that indeed
> _injection_ programs should strip Bcc's.
Back in the 80's, when I was a Lisp Machine administrator, the Symbolics email
system would send bcc'd mail *with* the bcc header to those who were on the
BCC list and without it to those who weren't. This was kinda nice because you
never had to wonder why you got a message that you were bcc'd to. Also you
knew who else was on the bcc.
Maybe not everybody thinks this functionality is a good thing, but if injection
programs strip BCC, then it becomes impossible to provide.
Chris
--
Chris Garrigues virCIO
http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com
+1 512 432 4046 +1 512 374 0500
4314 Avenue C
O- Austin, TX 78751-3709
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
On Mon, Mar 06, 2000 at 10:03:33AM -0600,
Chris Garrigues <[EMAIL PROTECTED]> wrote:
>
> Back in the 80's, when I was a Lisp Machine administrator, the Symbolics email
> system would send bcc'd mail *with* the bcc header to those who were on the
> BCC list and without it to those who weren't. This was kinda nice because you
> never had to wonder why you got a message that you were bcc'd to. Also you
> knew who else was on the bcc.
>
> Maybe not everybody thinks this functionality is a good thing, but if injection
> programs strip BCC, then it becomes impossible to provide.
If you want to have this feature, it can be implemented in the injection
program.
From: Anand Buddhdev <[EMAIL PROTECTED]>
Date: Mon, 6 Mar 2000 17:59:43 +0300
. . .
There is some description of how the Bcc: field is to be handled in RFC
822, but it's very ambigious. Here's the relevant section:
4.5.3. BCC / RESENT-BCC
This field contains the identity of additional recipients of
the message. The contents of this field are not included in
copies of the message sent to the primary and secondary reci-
pients. Some systems may choose to include the text of the
"Bcc" field only in the author(s)'s copy, while others may
also include it in the text sent to all those indicated in the
"Bcc" list.
At the end of the day, Bcc: is a feature of the mail client, and the MTA
does not need to bother with it . . .
The way I read this, the MTA is enjoined *not* to bother with it.
Here's my reasoning:
1. Realistically, only the MUA can document the behavior of mail
header fields such as BCC to the user, because the MUA is the only place
where the user gets to exert control over message delivery.
2. Therefore, only the MUA can make the choice describe above.
3. So "some systems" must mean the MUAs. (Or possibly the
"injector" used by the MUA, but with the same degree of user control.)
4. Therefore, and especially since the MTA may be somewhere in the
middle of a long chain of relays from sender to recipient, the MTA
cannot arbitrary change this choice by dropping a BCC header.
This seems to be the consensus of the list -- that headers are
untouchable after "injection" -- but I wanted to point out how RFC822
supports this.
-- Bob Rogers
You are probably not on the net directly, or your DNS is messed up.
In the qmail-pop3d.init script, change the HOST line to
HOST=your.host
If you tell me what your host's name is, I can find out what could be
wrong.
Mate
Did you run maildirmake as the user, or as root? maildirmake has to
be run as the user. Also, if you want qmail to deliver to maildir,
not only you need to change defauldelivery, but you need to restart
qmail (not qmail-smtpd).
Since you seem to have installed qmail from the Memphis rpm,
changinging /var/qmail/rc makes no difference, because it is not
used. The README for the rpm does tell you what to do:
cp /var/qmail/defauldelivery/mdir /var/qmail/defauldelivery/rc
Mate
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
On Mon, 6 Mar 2000, Mate Wierdl wrote:
> You are probably not on the net directly, or your DNS is messed up.
> In the qmail-pop3d.init script, change the HOST line to
>
> HOST=your.host
Did that and it works perfectly now. Got rid of the hard error that was
coming up each time as well.
> If you tell me what your host's name is, I can find out what could be
> wrong.
It's freezer-burn.org but qmail might be using titan.freezer-burn.org
since titan is the machine name.
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
Freezer Burn BBS: telnet://bbs.freezer-burn.org . ICQ: 54924721
Webmaster for the Linux Portal Site Freezer Burn: http://www.freezer-burn.org
On Mon, 6 Mar 2000, Mate Wierdl wrote:
> Did you run maildirmake as the user, or as root? maildirmake has to
> be run as the user. Also, if you want qmail to deliver to maildir,
> not only you need to change defauldelivery, but you need to restart
> qmail (not qmail-smtpd).
Yup, did this.
> Since you seem to have installed qmail from the Memphis rpm,
> changinging /var/qmail/rc makes no difference, because it is not
> used. The README for the rpm does tell you what to do:
>
> cp /var/qmail/defauldelivery/mdir /var/qmail/defauldelivery/rc
Hmmm... didn't do this before but did it now. Thanks for the tip. It's
working properly so hopefully this makes it work even better... =)
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
Freezer Burn BBS: telnet://bbs.freezer-burn.org . ICQ: 54924721
Webmaster for the Linux Portal Site Freezer Burn: http://www.freezer-burn.org
On Mon, Mar 06, 2000 at 04:41:44AM +0100,
Markus Stumpf <[EMAIL PROTECTED]> wrote:
> On Sun, Mar 05, 2000 at 10:17:22PM -0500, andy huhn wrote:
> > What is the difference between ident-lookups and DNS? And why would
> > either one affect incoming mail?
>
> Ident lookups try to gather information about the userid at the other
> end of an TCP connection using the (unreliable information of) ident protocol.
>
> If the ident port is e.g. filtered by a firewall and this firewall is
> set up incorrectly (as most are) and just drops the packets without
> sending proper ICMP response messages you'll have to wait till the
> connection times out (usually 60 seconds with tcpserver).
> Thus SMTP connection to your SMTP-server will be delayed.
Even if you send back icmp host reachable packets instead of just ignoring
the packets, there can still be delays. I noticed this with our local
Tru64 Unix boxes which treat host unreachable as a temporary refailure
and retry the connection.
A better way to handle this is to send back a RST reply to the connection
request. This is what rfc 793 says to do.
In my case since I was using IPchains for doing my port blocking, I didn't
have the option (though I sent a request to the IPchains list to add this
as a destination). However I was hiding a local ident server so I changed
my rules to let syn packets through to the auth port and drop nonsyn
packets to that port. That took care of the problem for me.
I've hacked qmail-getpw to get Maildir locations from an external
database. It worked fine for a while, but recently it's stopped delivery,
giving 5.1.1 errors.
It's still calling the qmail-getpw program, as I've changed it to print
out debug messages, and it's returning sucess (and the correct output, and
the maildirectory is owned by the right people etc).
root@willow:/var/qmail/queue# id mailuser
uid=143(mailuser) gid=143(mailuser) groups=143(mailuser)
root@willow:/var/qmail/queue# qmail-getpw jplooney
jplooney143143/home/0000/00/7c
root@willow:/var/qmail/queue# ls -l /home/0000/00/7c
total 8
drwx------ 7 mailuser mailuser 4096 Mar 3 17:20 Maildir
drwxr-x--- 2 mailuser mailuser 4096 Feb 28 16:04 lists
root@willow:/var/qmail/queue# ls -l /home/0000/00/7c/Maildir/
total 16
-rw-r--r-- 1 mailuser mailuser 15 Mar 6 14:22 courierimapuiddb
drwx------ 2 mailuser mailuser 4096 Mar 6 14:22 cur
drwx------ 2 mailuser mailuser 4096 Mar 6 14:20 new
drwx------ 2 mailuser mailuser 4096 Mar 6 14:34 tmp
What else can cause qmail-lspawn to get confused ?
Kate
--
"The fool must be beaten with a stick, for an intelligent person
the merest hint is sufficient" -- Zen Master Greg
On Wed, Mar 01, 2000 at 01:21:43PM -0800, Aaron L. Meehan wrote:
>
> RSS has blocked 2294 smtp connections.
> DUL has blocked 306 smtp connections.
> RBL has blocked 3767 smtp connections.
>
Using just rbl+rss since Feb 29 16:50:
rbl has blocked 415 connections.
rss has blocked 14894 connections. (!!)
I've just added DUL to my list.
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
I have this in my logs:
952357783.899146 Segmentation Fault - core dumped
952357783.902286 X-Scan4Virus: corrupt scanner/resource problems - exit status
35584
Mail seems to be working fine nonetheless. I've even nabbed 4-5 virus/trojan
ladden(sp) emails.
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
On Mon, Mar 06, 2000 at 11:00:44AM -0500, Mark E. Drummond wrote:
> I have this in my logs:
>
> 952357783.899146 Segmentation Fault - core dumped
> 952357783.902286 X-Scan4Virus: corrupt scanner/resource problems - exit status
> 35584
>
> Mail seems to be working fine nonetheless. I've even nabbed 4-5 virus/trojan
> ladden(sp) emails.
>
Well for one thing, you could try asking on the scan4virus mailing-list
instead ;-) [[EMAIL PROTECTED]]
Hey Mark - you're not on it!! Naughty :-)
(Try: [EMAIL PROTECTED])
Anyway - core dumped - nasty. You'll need to do some work there. For some
reason something scan4virus is calling is dumping core - probably the
MacAfee's virus scanner. Are you sure you don't have corrupt DAT files/etc?
Under the "autoupdaters" subdir of my package is some scripts for
auto-downloading DAT files for the appropriate virus scanner. Are you using
something like that which attempts to check that what you have just
downloaded is kosher and not corrupt (which is know to happen with these
darn things...). Could it be a resource issue? Do you set reasonable ulimits
in your RC scripts for starting qmail-smtpd so that Qmail can actually call
scan4virus - don't forget a virus scanner has much larger resource
requirements than a pure Qmail-1.03 system...
The other option is there's a bug in MacAfee's virus scanner for Solaris...
[anything but a bug in my code of course ;-]
Anyway, this is CC'ed to the appropriate group, I'd suggest replies go
there...
--
Cheers
Jason Haar
Unix/Network Specialist, Trimble NZ
Phone: +64 3 3391 377 Fax: +64 3 3391 417
Here is another one:
2000-03-03 11:56:51.986824 X-Scan4Virus: Unable to close pipe to
/var/qmail/bin/qmail-queue (#4.3.0) -
2000-03-03 11:56:52.083784 X-Scan4Virus: Unable to queue message (28416).
(#4.3.0) - Illegal seek
Any ideas?
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
Here's what I'm trying to achieve -
When an email gets sent to [EMAIL PROTECTED], the message gets processed
by it's .qmail file, and gets forwarded to a short list of addresses within
that file. That works fine, and it was really easy to do. What I would
like is to rewrite the subject line of the message before delivery to
prepend a [maillist] tag before the message.. . so that a message coming in
like
---
From: [EMAIL PROTECTED]
Subject: test message
---
gets delivered like
---
From: [EMAIL PROTECTED]
Subject: [maillist] test message
---
I'm sure you all know what I mean. I have experimented with "preline". ..
but I think I'm on the wrong track. My current .qmail file looks like this:
|preline /usr/bin/mailfilter [maillist]
[EMAIL PROTECTED]
"Mailfilter" is a simple perl program I wrote to take standard-in and add
argument 1 to the subject line. But preline only passes the email OUT, it
doesn't take it back IN for further processing. So, short of letting my
lame mailfilter program do the rest of the delivery, I'm SOL.
Am I going about this all wrong? Someone please help, I know I sound new,
but I couldn't find any good docs on this anywhere. . .
Derek
On Mon, Mar 06, 2000 at 12:50:38PM -0500, Derek Watson wrote:
> Here's what I'm trying to achieve -
>
> When an email gets sent to [EMAIL PROTECTED], the message gets processed
> by it's .qmail file, and gets forwarded to a short list of addresses within
> that file. That works fine, and it was really easy to do. What I would
> like is to rewrite the subject line of the message before delivery to
> prepend a [maillist] tag before the message.. . so that a message coming in
> like
> ---
> From: [EMAIL PROTECTED]
> Subject: test message
> ---
> gets delivered like
>
> ---
> From: [EMAIL PROTECTED]
> Subject: [maillist] test message
> ---
>
> I'm sure you all know what I mean. I have experimented with "preline". ..
> but I think I'm on the wrong track. My current .qmail file looks like this:
Do it like this: (generic script to tag mail included)
.qmail file:
-----
| /usr/local/bin/tagmail.pl "[maillist]" | forward [EMAIL PROTECTED]
-----
tagmail.pl
-----
#!/usr/bin/perl
# tagmail.pl; 1999-02-18; [EMAIL PROTECTED]
use strict;
# read mail and split into hdr and body
my ($hdr, $body);
while (<STDIN>) { last if /^[\r\n]*$/; $hdr .= $_; }
$body = join '',<STDIN>;
# Fix subject-line
$hdr =~ s/^(subject:\s*)(.*)$/$1 $ARGV[0] $2/mi;
# print mail
print "$hdr\n$body";
-------
/magnus
--
http://x42.com/
Hi all. Last Friday my MX choked and I am trying to determine why (so I can
defend qmail because I am sure it will get blamed). I am a big qmail fan, but
my boss is not. Not that he does _not_ like qmail, just that he prefers to go
with the old standby's like sendmail, or commercial products like Netscape MS,
which we use internally on our mail hub. But he did allow me to go with qmail
when we got our new MX server in.
So anyway, my MX is a Sun E250, dual 300MHz UltraSPARC II's, 256MB of RAM (not
the 1GB I reported in another mailing, I was confusing my MX and my mail hub),
running qmail. At that time, it was scanning incoming mail for viruses using
Scan4Virus+Mcafee's uvscan, and was referencing both the RBL and RSS.
I was working from home last Friday when my boss sent me an email
telling me that the MX had run out of swap (256MB physical swap) and needed to
be rebooted. So I have gone searching my logs for telltale information but I
have found next to nothing. I noticed that "status" messages in my smtpd log
were up around 17/40 around the time of the reboot, but that is nothing
phenominal I don't think. It has been stable ever since (and was stable for the
87 days before that, but I only added Scan4Virus and RSS checking in the past
week or two).
OT: I have seen the occasional 40/40 ... should I be increasing some parameter
here? Any wild guesses about how many connections I should/could allow on this
hardware (with virus scanning + checking RSS, DUL and RBL)? Actully, since
March 1st 00:00 I have hit 40/40 14 times, with all those occuring in 2
distinct blocks.
--
______________________________________________________
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
Gang Warily|http://signals.rmc.ca/
Kingston Linux Users Group|http://signals.rmc.ca/klug/
Mark E. Drummond <[EMAIL PROTECTED]> wrote:
>
> So anyway, my MX is a Sun E250, dual 300MHz UltraSPARC II's, 256MB of RAM
[snip]
> OT: I have seen the occasional 40/40 ... should I be increasing some parameter
> here? Any wild guesses about how many connections I should/could allow on this
> hardware (with virus scanning + checking RSS, DUL and RBL)? Actully, since
> March 1st 00:00 I have hit 40/40 14 times, with all those occuring in 2
> distinct blocks.
I don't know how much additional load the virus checking & RSS, DUL, and RBL
checking adds, but that hardware can handle a much higher local & remote
concurrency than 40. We've got a 133MHz Pentium that regularly hits its
limit of 60, and we could go higher if we wanted.
Charles
--
----------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
Any opinions expressed are just that -- my opinions.
----------------------------------------------------
On Mon, Mar 06, 2000 at 01:06:23PM -0500, Mark E. Drummond wrote:
> I was working from home last Friday when my boss sent me an email
> telling me that the MX had run out of swap (256MB physical swap) and needed to
> be rebooted. So I have gone searching my logs for telltale information but I
> have found next to nothing. I noticed that "status" messages in my smtpd log
> were up around 17/40 around the time of the reboot, but that is nothing
> phenominal I don't think. It has been stable ever since (and was stable for the
> 87 days before that, but I only added Scan4Virus and RSS checking in the past
> week or two).
When qmail-smtpd runs, it allocates as much memory as required to
store the SMTP commands. If you connect to qmail-smtpd, and send
lots and lots of RCPTs for example, it will go on allocating memory
until the memory usage on your machine goes really high.
The solution to this problem is to limit the memory usage of
qmail-smtpd, by using the shell's ulimit feature. If you limit each
qmail-smtpd to say, 2 MB, and you allow up 40 connections, then at
worst, the lot of them would use up 80 MB of RAM. Since you have
256 MB RAM, you would probably be fine with this setting. If you
don't limit the memory use, even a single qmail-smtpd can use up
lots of memory and cause the machine to swap.
I don't know if this is your problem, but its worth investigating.
--
See complete headers for more info
Ok, well I set up qmail according to the LWQ guide
and it seems to be working as I successfully sent a message through it. My
installation of qmailadmin went fine. However, I have one dumb
problem. I cant log in!!! Who is the postmaster!! I thought I
set myself up as the postmaster but my user name and password wont
authenticate. I have checked the obvious, qmail is running, I just cant
log into my qmail admin. Can anyone remedy my silly predicament?
Thanks in advance for helping a newbie.
- Joel
|
Hi,
I am having quite a fight with qmail right now. I looked through the archive
for a possible solution, but I did not find anything. If this has been
addressed before, please feel free to flame me personally as long as you
include a pointer to where I could find the answer, thanks!
I use qmail as a SMTP relay on our server. It is configured to relay only
local clients, and this much works properly.
My problem is that instead of the sender's email address, qmail-remote puts
<........lo0.......> in the initial MAIL FROM: command when it forwards an
email.
The net result of this is that most SMTP server will reject this and we are
unable to send any message because of that.
Here is a sample bounce message generated by qmail (locally):
----------
Hi. This is the qmail-send program at xyz.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
Connected to 1.2.3.4 but sender was rejected.
Remote host said: 553 <... Unbalanced '<'
--- Below this line is a copy of the message.
Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 78837 invoked by uid 0); 6 Mar 2000 18:00:15 -0000
Date: 6 Mar 2000 18:00:15 -0000
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: sdf
sdf
/.
./
----------
Here is what is logged with syslog:
----------
Mar 6 14:18:57 jacuzzi qmail: 952370337.320111 new msg 1777777
Mar 6 14:18:57 jacuzzi qmail: 952370337.322243 info msg 1777777: bytes 261
from <[EMAIL PROTECTED]> qp 81726 uid 0
Mar 6 14:18:57 jacuzzi qmail: 952370337.384976 starting delivery 65: msg
1777777 to remote [EMAIL PROTECTED]
Mar 6 14:18:57 jacuzzi qmail: 952370337.386023 status: local 0/10 remote
1/20
Mar 6 14:19:10 jacuzzi qmail: 952370350.335286 delivery 65: failure:
Connected_to_1.2.3.4_but_sender_was_rejected./Remote_host_said:_553_<..._Unb
alanced_'<'/
Mar 6 14:19:10 jacuzzi qmail: 952370350.339818 status: local 0/10 remote
0/20
Mar 6 14:19:10 jacuzzi qmail: 952370350.357106 bounce msg 1777777 qp 81729
Mar 6 14:19:10 jacuzzi qmail: 952370350.374765 end msg 1777777
Mar 6 14:19:10 jacuzzi qmail: 952370350.393388 new msg 1777778
Mar 6 14:19:10 jacuzzi qmail: 952370350.394587 info msg 1777778: bytes 851
from <> qp 81729 uid 87
Mar 6 14:19:10 jacuzzi qmail: 952370350.453256 starting delivery 66: msg
1777778 to local [EMAIL PROTECTED]
Mar 6 14:19:10 jacuzzi qmail: 952370350.455154 status: local 1/10 remote
0/20
Mar 6 14:19:10 jacuzzi qmail: 952370350.481800 delivery 66: success:
did_1+0+0/
Mar 6 14:19:10 jacuzzi qmail: 952370350.502240 status: local 0/10 remote
0/20
Mar 6 14:19:10 jacuzzi qmail: 952370350.503784 end msg 1777778
----------
Here is what I saw with tcpdump/tcpshow:
---------------------------------------------------------------------------
Packet 7
TIME: 10:34:11.819549 (0.000381)
LINK: 00:50:BA:AB:66:0B -> 00:90:2B:39:80:8C type=IP
IP: XXXXXXXXXXX -> 1.2.3.4 hlen=20 TOS=00 dgramlen=74 id=1FCE
MF/DF=0/1 frag=0 TTL=64 proto=TCP cksum=D99E
TCP: port 4345 -> smtp seq=0378815384 ack=0111320541
hlen=20 (data=34) UAPRSF=011000 wnd=17520 cksum=C385 urg=0
DATA: MAIL FROM:<........lo0.........>.
---------------------------------------------------------------------------
This happens also when I try to send mail from the relay host itself. It is
not related to the email client I am using.
I am completely lost here, and I would appreciate any help!
Patrick.
Hi all
I'm running Qmail latest version on a Linux Red Hat 6.0 (installed
from tarball), all seems to be ok but when i send a mail it doesn't
arrive to the destinatary, it stay in queue.
How can i solve the problem?
Thanks
|
Ok, I have qmail admin loging me into my
domain. However, when I create a new pop user in qmailadmin it doesnt
completely work. The folders and directory are created in the vpopmail
directory under the correct domain. However, I cant successfully send any
mail to this user. They just get sent to the postamster of the domain
saying they were undeliverable. Also, is qmailadmin supposed to put new
pop users in the /var/qmail/users/assign file??? The postmaster and the
domain is there but not the new user I set up through admin. Thanks
everyone.
- Joel
|
Hello,
I have a procmail filter setup for a qmail alias that we use. In the
.qmail-alias file I have the following:
|/var/qmail/bin/preline /opt/procmail/bin/procmail -m -p
/var/qmail/alias/procma
ilrcs/myalias.rc
[EMAIL PROTECTED]
The permission on /opt/procmail/bin/procmail are 655.
I keep getting the following error message from MAILERDAEMON:
preline: fatal: unable to run /opt/procmail/bin/procmail: access denied
I would appreciate any feedback on this. Does qmail have some quirks about
filtering an alias?
Thanks in advance
Clifford Thurber
Web Systems Administrator
LiveUniverse.com
[EMAIL PROTECTED]
565 5th Ave. 29th Fl.
New York, NY 10017
Ph:212 883 6940 (131)
Fax:212 856 9134
What does a text mean when it is referring to dot-qmail processing? What
are dot-qmail files and what is in them??? Thanks.
- Joel
On Mon, Mar 06, 2000 at 03:38:37PM -0700, Joel Dudley wrote:
> What does a text mean when it is referring to dot-qmail processing? What
> are dot-qmail files and what is in them??? Thanks.
man dot-qmail
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
Hi Joel
Refer to the source code for documentation on this
/usr/src/qmail-1.03/INSTALL.alias
Regards,
Stephen
-----Original Message-----
From: Joel Dudley [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 07, 2000 9:39 AM
To: Qmail Mailing List
Subject: question
What does a text mean when it is referring to dot-qmail processing? What
are dot-qmail files and what is in them??? Thanks.
- Joel
my users currently get email in mbox format in /var/spool/mail, and i want
to switch to /Maildir/ format. i know there are three subdirectories under
the user's Maildir, but where do i copy currently unchecked email in
/var/spool/mail, so that this mail will be listed under Maildir as
'unchecked' email?
thanks
eric
* Eric Lalonde ([EMAIL PROTECTED]) [ 6 Mar 2000 22:09]:
> my users currently get email in mbox format in /var/spool/mail, and i want
> to switch to /Maildir/ format. i know there are three subdirectories under
> the user's Maildir, but where do i copy currently unchecked email in
> /var/spool/mail, so that this mail will be listed under Maildir as
> 'unchecked' email?
See for example:
http://madhaus.utcs.utoronto.ca/qmail/mbox2maildir
for a perl script written by Ivan Kohler.
--
Quist Consulting Email: [EMAIL PROTECTED]
219 Donlea Drive Voice: +1.416.696.7600
Toronto ON M4G 2N1 Fax: +1.416.978.6620
CANADA WWW: http://www.quist.on.ca
having trouble getting mail for my virtual domain. settings are as follows:
daylightfading.org:daylightfading.org in virtualdomains
daylightfading.org in rcpthosts
=daylightfading.org-tom:popuser:523:100:/var/qmail/popboxes/daylightfading.o
rg/tom:::
in users/assign
tom:(encrypted pw):popuser:/var/qmail/popboxes/daylightfading.org/tom
in users/poppasswd
and I did a maildirmake on
/var/qmail/popboxes/daylightfading.org/tom/Maildir
when i send email to [EMAIL PROTECTED], the following is logged in
maillog:
ar 6 22:55:52 damacles qmail: 952401352.668677 new msg 40217
Mar 6 22:55:52 damacles qmail: 952401352.669061 info msg 40217: bytes 850
from <[EMAIL PROTECTED]> qp 8652 uid 505
Mar 6 22:55:52 damacles qmail: 952401352.672047 starting delivery 114: msg
40217 to local [EMAIL PROTECTED]
Mar 6 22:55:52 damacles qmail: 952401352.672176 status: local 1/10 remote
0/20
Mar 6 22:55:52 damacles qmail: 952401352.697808 delivery 114: success:
did_0+0+1/
Mar 6 22:55:52 damacles qmail: 952401352.698088 status: local 0/10 remote
0/20
Mar 6 22:55:52 damacles qmail: 952401352.698169 end msg 40217
the following is my startup script:
/usr/local/bin/tcpserver 0 110 /var/qmail/bin/qmail-popup daylightfading.org
\
/var/qmail/users/checkpoppasswd /var/qmail/bin/qmail-pop3d Maildir &
But when I login via pop with user tom and his pass, and check the mail, it
says there is no mail. I've waited quite a while, and still it is not
delivered. I've sent repeated messages to user tom, still it says there is
no mail. using outlook express.
Any ideas?
Eric
I have a small questions.
Few of my POP mail users want their mails to be auto forwarded to a
different address.
Kindly suggest how can i do it on QMAIL.
I understand that for a SMTP mail user i can define more than one Alias in
the alias file. This will forward the mails to the listed ids in the alias
file. Kindly suggest if this is right.
cordially
Ruchir
On Tue, Mar 07, 2000 at 02:52:35PM +0530, [EMAIL PROTECTED] wrote:
> Few of my POP mail users want their mails to be auto forwarded to a
> different address.
> Kindly suggest how can i do it on QMAIL.
man dot-qmail:
(3) A forward line begins with an ampersand:
&[EMAIL PROTECTED]
qmail-local takes the rest of the line as a mail
address; it uses qmail-queue to forward the message
to that address. The address must contain a fully
qualified domain name; it must not contain extra
spaces, angle brackets, or comments:
# the following examples are WRONG
&me@new
&<[EMAIL PROTECTED]>
& [EMAIL PROTECTED]
&[EMAIL PROTECTED] (New Address)
If the address begins with a letter or number, you
may leave out the ampersand:
[EMAIL PROTECTED]
Note that qmail-local omits its new Return-Path line
when forwarding messages.
--
Ruben
Hi,
thanks to all who commented my statements and perhaps my SPAMCONTROL patch.
(well, I live in Cologne and today is ... Rosenmontag).
Okay, back to the facts:
A) In the README I am referring a special situation, when QMAIL is used as
a RELAY Internet <==> INTRANET. My comments about Load and SPAM activity
were guided by SMTP implementations of Lotus Notes and Novell's Groupwise
(which are certainly bad, wrt. QMAIIL or even sendmail).
B) Certainly, I was talking about PLAIN QMAIL - without TCPSERVER and without
RBLSMTPD patch.
C) Now the basic question: Is QMAIL an OPEN RELAY by CONSTRUCTION (as I
stated)??
1. Minimal QMAIL installaton (just ./me): QMAIL-SMTPD will accept all
incoming
E-Mail, put em in the input QUEUE.
- Local Mail will be checked for the existence of a valid UNIX
account,
accepted and delivered or otherwise returned.
- Non-local Mail are process thru the output QUEUE.
a) IF you use ./rcpthosts THEN QMAIL will act as a restricting RELAY
b) IF you use ./badmaifrom THEN QMAIL will be turned into a
pseudo-static
partial blocking (Senders/Sites) blocking RELAY.
c) IF you use the RBLSMTPD patch and TCPSERVER (outside the scope of my
discussion) THEN QMAIL will behave as a dynamic, on-demand
blocking RELAY.
==> Disregarding the IFSs and THENs and even if a) to c) are a very,
very rough
description I called this for simplicity: "an OPEN RELAY by
contruction".
2. Thus, it is the responsibilty of the system's owner to care about the
right set up, as written in the man-page of QMAIL.
(Comment by Chris Johnson and Russell Nelson: "If you install qmail as
per the included documentation, you won't be running an open relay".)
==> Sure. NO doubts about that. But this was not my point.
D) About SPAM E-Mail:
1. SPAMMERs may use a MTA with valid SENDER/RECIPIENT addresses outside
the
domains listed in ./rcthosts et al.
==> Configuring QMAIL as stated (restricted relay) will certainly stop
this.
The SPAMCONTROL patch gives in the environment as stated in A) the
ability to define multiple "internal" domains.
2. SPAMMERS may send E-Mails to address within your domain.
==> You may control it (on your personal demand) my means of
./badmailfrom or
- more effective - by the SPAMCONTROL's ./badrcptpatterns.
3. SPAMMERS may use a "trick" to convince your MTA the E-Mail is target
to it.
==> The SPAMCONTROL's canonical filters do most of the job. Actually, they
apply the same patterns as eg. ORBS.
Russel wrote: "It's simply not possible to eliminate spam in the long
term by
filtering on any characteristic of the mail itself.... The more you
filter on
content, the faster that time will come".
==> Well, I am not sure about that. Fingerprints are a solution. E-Mail
authentication is another. SMTP-Relay authentication a third one.
There was some confusion on my statement "to include the canonical SPAM
filters
natively into QMAIL-SMTPD. The information can be grepped via the TCPSERVER
environment...". I was mistaken. What it should tell is, that - as today -
QMAIL-SMTPD receives information (eg. REMOTEIP) from TCPENV, the canonical
filters (LOCALIP, REVDNSNAME) could be included here and the validity of
addresses checked by QMAIL-SMTPD. This is something I would call an
"internal
filter" (which could be activated, e.g. thru a compile-flag).
What are we missing??
The filters in SPAMCONTROL always work as a logical "OR". There is not an
"AND"
logic. "AND" logic means, that filtering is done by means of SENDER and
RECIPIENT. Thus, E-Mails FOR *HOFFMAN* FROM *spam.com* can be rejected.
E) About Return-Codes:
1) Thanks to Vincent Schonau for the hint (RFC 1893) I will incorporate
that
in the next fix of SPAMCONTORL (1.0.5).
2) 5xx vs. 4xx as stated by RFC 2505 is a matter of practicality of the
local site. I will give a more complete description in the next README.
F) Misc:
BTW: We are running a QMAIL site since 3/1997. We are not Blacklisted.
(I almost missed the carneval parade yesterday).
Thanks again to everybody about that discussion.
eh.
+-----------------------------------------------------------------------+
| fff hh Dr. Erwin Hoffmann |
| ff hh |
| ff eee hhhh ccc ooo mm mm mm Wiener Weg 8 |
| fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln |
| ff ee eee hh hh cc oo oo mm mm mm |
| ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 |
| ff eeee hh hh ccc ooo mm mm mm Fax 0221 484 4924 |
+-----------------------------------------------------------------------+
