qmail Digest 18 Apr 2000 10:00:01 -0000 Issue 975
Topics (messages 40170 through 40268):
Move qmail and directories to new system - how...?
40170 by: Anthony White
40180 by: Chris Hardie
40185 by: Peter van Dijk
qmail-pop3d
40171 by: John P. Looney
40172 by: James Raftery
40173 by: John P. Looney
log/spam/smpt/pop
40174 by: octave klaba
qmail startup problems help
40175 by: Madhav
40176 by: Patrick Ohiomoba
Qmailqueue patch?!?
40177 by: Jesper Ekberg
help for documentation?
40178 by: cdowns
qmail startup help
40179 by: Madhav
40186 by: Dave Sill
Re: 2 questions?
40181 by: Dave Sill
Re: Qmail does not start at system start up
40182 by: Dave Sill
Re: Problem when starting qmail with the script
40183 by: Dave Sill
40187 by: Patrick Ohiomoba
Re: Start Qmail
40184 by: Dave Sill
newbie question
40188 by: Les Higger
40189 by: Patrick Ohiomoba
Re: Need someone to contract for qmail/ezmlm -> db integration
40190 by: Florian G. Pflug
Qmail on FreeBSD 4.0
40191 by: Gabriel Ambuehl
40192 by: Chris Johnson
40193 by: Soffen, Matthew
40195 by: Patrick Bihan-Faou
40200 by: Ben Beuchler
40201 by: S.P. Hoeke
40202 by: Patrick Bihan-Faou
40204 by: Patrick Bihan-Faou
40210 by: Delanet Administration
40211 by: Mike
40213 by: Vince Vielhaber
40220 by: Patrick Bihan-Faou
40221 by: Peter van Dijk
40224 by: Gabriel Ambuehl
40225 by: Peter van Dijk
Re: qmail, ucsi-tcp & inetd
40194 by: "Pr�spero, Esteban"
qmail as secondary MX.
40196 by: Mario Rafael
40197 by: Dave Sill
40198 by: Russell Nelson
Newbie.....
40199 by: Eduardo Moor
40228 by: Markus Fischer
40230 by: John Gonzalez/netMDC admin
next release
40203 by: S.P. Hoeke
40205 by: Dave Sill
greeting message
40206 by: quanta
smtpgreeting
40207 by: quanta
40215 by: Dave Sill
Maildir format
40208 by: quanta
40212 by: Paul Schinder
40214 by: Steve Wolfe
40216 by: Dave Sill
40217 by: lluisma
vpopmail with ipop3d
40209 by: Mario Rafael
Read and Delivery Receipts
40218 by: Scott Wilson
40219 by: Gabriel Ambuehl
40223 by: Peter van Dijk
mailbox not found
40222 by: Joel Dudley
mail-abuse.org
40226 by: Luis Bezerra
40229 by: Soffen, Matthew
40231 by: Bruce
40232 by: Peter van Dijk
40233 by: Peter van Dijk
40235 by: Bruce
40237 by: Peter van Dijk
40238 by: Luis Bezerra
40239 by: Adam McKenna
40240 by: Peter van Dijk
40241 by: Len Budney
40243 by: Peter van Dijk
Re: SPAMCONTROL not work properly
40227 by: Erwin Hoffmann
pop3 greeting message
40234 by: quanta
Re: softhome.net qmail smtp server error
40236 by: rogers-qmail.h0050da615e79.ne.mediaone.net
uscpi / deamontools
40242 by: Mike Alexander Sauvain
40244 by: Peter van Dijk
Outlook + UW IMAP + mbox + qmail
40245 by: Eric M. Johnston
40246 by: Peter van Dijk
40247 by: Eric M. Johnston
40263 by: Peter van Dijk
Compile Error
40248 by: Nathaniel L. Keeling III
40257 by: Kristina
Can you help me install Qmail?
40249 by: Jeff Dilcher
40255 by: chuck
40256 by: Anthony White
Qmail failing ORBS test :-(
40250 by: Mark Tippetts
40251 by: Russ Allbery
40252 by: Mark Tippetts
40253 by: Russell Nelson
40254 by: Russ Allbery
40261 by: Petr Novotny
40265 by: Peter van Dijk
supervise question
40258 by: lluisma
backup mail server
40259 by: TAG
40266 by: Peter van Dijk
qmail says #5.7.1
40260 by: Max B. Khudik
40262 by: S.P. Hoeke
Non-root IMAP server possible?
40264 by: Chris Green
40267 by: Peter van Dijk
Re: Help with SPAM
40268 by: Abdul Rehman Gani
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
I have a quick question about moving a complete working qmail setup to a new disk drive. My server has outgrown itself and now needs to be put on larger drives. Are there any problem moving ./Maildir/ directories in the users home dirs to a new drive? Are there any issues moving qmail itself? I plan to move from my RedHat system from 2 2.1G drives to 2 9.1G drives that will be running in RAID 1 configuration. Anthony
On Mon, 17 Apr 2000, Anthony White wrote: > My server has outgrown itself and now needs to be put on larger > drives. > > Are there any problem moving ./Maildir/ directories > in the users home dirs to a new drive? > > Are there any issues moving qmail itself? > > I plan to move from my RedHat system from > 2 2.1G drives to 2 9.1G drives that will > be running in RAID 1 configuration. I once had to move the qmail queue to another device/disk drive, and wrote the below step-by-step. It could probably use some reviewing, and makes some assumptions that might not be true (that you're using inetd, that you can wait until all the messages in your queue have been delivered, etc). In short, it's very rough, but might be of help: -------------------------------------------------------- Wait till late at night Make sure there are no messages in the queue /var/qmail/bin/qmail-qread If there are, wait until they are delivered! Very important. Modify /etc/inetd.conf to stop incoming mail (comment out smptd) Kill -HUP inetd Kill -KILL qmail-send backup the queue, probably the whole qmail directory for that matter. Create a symbolic link from /var/qmail/queue to the new directory cd /usr/src/qmail-1.03 Remake the queue structure (you should not do this by hand, puny mortal): # make setup check Startup qmail /var/qmail/rc Re-allow incoming connections through inetd TEST IT OUT! ---------------------------------------------------------- I also used the below script (don't have the original author info, sorry - anyone want to own up to it?) to readjust the queue directory after the move. qmail names the files in the queue directory based on the file's inode number, so this script moves the old files in ./queue.old/ (which is on the old device) to ./queue/ (which is on the new device) with the proper names. Again, use at your own risk, and could probably use some refining: ------------------------------------------------------------ #!/bin/sh -x cd /var/qmail || exit 1 find queue.old/mess -type f -printf '%f %i\n' | awk '{print $1, $1%23, $2, $2%23}' | while read oldi oldd newi newd; do mv queue.old/mess/$oldd/$oldi queue/mess/$newd/$newi mv queue.old/info/$oldd/$oldi queue/info/$newd/$newi test -f queue.old/local/$oldd/$oldi && mv queue.old/local/$oldd/$oldi queue/local/$newd/$newi test -f queue.old/remote/$oldd/$oldi && mv queue.old/remote/$oldd/$oldi queue/remote/$newd/$newi test -f queue.old/bounce/$oldi && mv queue.old/bounce/$oldi queue/bounce/$newi test -f queue.old/todo/$oldi && mv queue.old/todo/$oldi queue/todo/$newi done ------------------------------------------------------------ I'm not sure about the Maildir directories. I believe they too have some sort of inode number dependency built in - anyone have advice for Anthony on moving these? Hope this helps, Chris -- Chris Hardie ----------------------------- ----- mailto:[EMAIL PROTECTED] ---------- -------- http://www.summersault.com/chris/ --
On Mon, Apr 17, 2000 at 09:50:04AM -0500, Chris Hardie wrote: > > On Mon, 17 Apr 2000, Anthony White wrote: > [snip] > > I once had to move the qmail queue to another device/disk drive, and wrote > the below step-by-step. It could probably use some reviewing, and makes > some assumptions that might not be true (that you're using inetd, that you > can wait until all the messages in your queue have been delivered, > etc). In short, it's very rough, but might be of help: > > -------------------------------------------------------- > Wait till late at night > Make sure there are no messages in the queue > /var/qmail/bin/qmail-qread > If there are, wait until they are delivered! Very important. > Modify /etc/inetd.conf to stop incoming mail (comment out smptd) > Kill -HUP inetd > Kill -KILL qmail-send First do these kills, _then_ wait until the queue is empty. > I'm not sure about the Maildir directories. I believe they too have some > sort of inode number dependency built in - anyone have advice for Anthony > on moving these? No, no inode number dependency. You can safely move those around, just be sure to keep ownership and file permissions (and directory structure :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
For some reason, qmail-pop3d has stopped work for us. One of the other admins rebuilt the /home disk, and that's about all I can think of, that changed. We are also running courier-imap and UW-IMAP, and they both work fine. When I run: qmail-popup checkpassword qmail-pop3d Maildir To test what's happening, it keeps saying -ERR this user has no $HOME/Maildir I stuck a simple 'system("pwd");' into the die_nomaildir function, and it prints that it's trying to run it from whereever the tcpserver program is started from. Should it not try and chdir into the directory owned by the username it's just gotten the password from, before looking for the Maildir ? Kate -- "The fool must be beaten with a stick, for an intelligent person the merest hint is sufficient" -- Zen Master Greg
PGP signature
On Mon, Apr 17, 2000 at 12:04:30PM +0100, John P. Looney wrote: > For some reason, qmail-pop3d has stopped work for us. > > One of the other admins rebuilt the /home disk, and that's about all I > can think of, that changed. We are also running courier-imap and UW-IMAP, > and they both work fine. > > When I run: > > qmail-popup checkpassword qmail-pop3d Maildir > > To test what's happening, it keeps saying > > -ERR this user has no $HOME/Maildir The hostname on the command line is missing. e.g. qmail-popup pop3.ucd.ie checkpassword qmail-pop3d Maildir james -- James Raftery (JBR54) - Programmer Hostmaster - IE TLD Hostmaster IE Domain Registry - www.domainregistry.ie - (+353 1) 706 2375 "Managing 4000 customer domains with BIND has been a lot like herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
On Mon, Apr 17, 2000 at 12:07:53PM +0100, James Raftery mentioned: > On Mon, Apr 17, 2000 at 12:04:30PM +0100, John P. Looney wrote: > > For some reason, qmail-pop3d has stopped work for us. > > > > One of the other admins rebuilt the /home disk, and that's about all I > > can think of, that changed. We are also running courier-imap and UW-IMAP, > > and they both work fine. > > > > When I run: > > > > qmail-popup checkpassword qmail-pop3d Maildir > > > > To test what's happening, it keeps saying > > > > -ERR this user has no $HOME/Maildir > > The hostname on the command line is missing. > e.g. qmail-popup pop3.ucd.ie checkpassword qmail-pop3d Maildir ? Hmm. "/var/qmail/bin/dnsfq servername" doesn't work. "nslookup servername" doesn't work. GAAAAAAAAH! Someone changed my /etc/resolve.conf and broke it. What an obscure error - DNS is broken, and qmail-pop3d reports that the user's Maildir is missing ;) Kate -- "The fool must be beaten with a stick, for an intelligent person the merest hint is sufficient" -- Zen Master Greg
Hi, I have the vpopmail-check-relay system on qmail (have to check the pop to be allowed to use smtp). A customer spams thought and I can not find out him :/ How to see the logs the vpopmail and see how is using the smtp relay ? How to make 4 kinds of logs: - an email --> pop/ml - ml -> send - smtp relay - check pop How to change the log files to have more that 10 files of 100Ko ? thanks octave Amicalement, Octave >>>>> no swap allowed <<<<<
Hi all, We have installed qmail step by step till starting qmail as given in the qmail-HOWTO. I created sysm. links to /var/qmail/supervise/* in /var/run/svscan. But when we start qmail using "/etc/rc.d/init.d/svscan start", the qmail processes (qmail-send, qmail-lspawn, qmail-rspawn and qmail-clean) are starting as given in the HOWTO. But It keeps on throwing the message "multilog: fatal: unable to lock directory /var/log/qmail :temporary failure". Why is this message coming? Also if the machine is rebooted, do I need to create the above symlinks again? because they are not persistent. I am using redhat 6.1 linux with qmail 1.03. Thanks in advance, Madhav
I am having the same problem with non-persistant links... I placed the command for creating links in rc.local and everything works fine, but I'd like to know why the created links aren't persistant. Using RH 6.2. Patrick On Mon, 17 Apr 2000, Madhav wrote: > Hi all, > We have installed qmail step by step till starting qmail as given in the > qmail-HOWTO. I created sysm. links to /var/qmail/supervise/* in > /var/run/svscan. > But when we start qmail using "/etc/rc.d/init.d/svscan start", the qmail > processes > (qmail-send, > qmail-lspawn, > qmail-rspawn and > qmail-clean) are starting as given in the HOWTO. > But It keeps on throwing the message "multilog: fatal: unable to lock > directory /var/log/qmail :temporary failure". Why is this message > coming? > Also if the machine is rebooted, do I need to create the above symlinks > again? because they are not persistent. I am using redhat 6.1 linux with > qmail 1.03. > > Thanks in advance, > Madhav > > > >
Hi!! I have tried to install the qmailqueue patch a couple of times. But when I try to send mail through SMTP I keep getting "qq internal bug" all the time. I have done the following things: 1. Applied the qmailqueue patch to qmail-1.03 source. (no error messages) 2. Recompiled and reinstalled qmail 1.03 3. edited the /etc/tcp.smtp and added QMAILQUEUE="/var/qmail/bin/qmail-qftest". 4. recompiled /etc/tcp.smtp to /etc/tcp.smtp.cdb 5. edited the /var/qmail/bin/qmail-qftest and added qmail-qfilter as a command. 6. Downloaded, edited and compiled qmail-qfilter. 7. restarted server. When I rename qmail-qftest to something else I get "qq exec error", so the qmailqueue patch should be alright. The system is a debian linux with kernel 2.2.1 Does anyone have any idea on what could be wrong?? Regards, Jesper Ekberg
can anyone steer me to a good howto? this is what im trying to do: i all ready have qmail and ezmlm-idx running but i need the cgi interface for configuration.
Hi all, I have got impersistent symlinks problem resolved thanls to Patrick. I am trying to test the setup. I sent a mail as suggested in TEST.deliver (echo to : root | /var/qmail/bin/qmail-inject). To see whether it came or not, I was trying to telnet to 127.0.0.1 port 110 without any success. What may be the problem? (I am using checkpassword ). Thanks in advance, Madhav
"Madhav" <[EMAIL PROTECTED]> wrote: >I have got impersistent symlinks problem resolved thanls to Patrick. I am >trying to test the setup. I sent a mail as suggested in TEST.deliver (echo >to : root | /var/qmail/bin/qmail-inject). To see whether it came or not, I >was trying to telnet to 127.0.0.1 port 110 without any success. What may be >the problem? (I am using checkpassword ). 1. qmail doesn't deliver to "root". See: http://Web.InfoAve.Net/~dsill/lwq.html#root-delivery 2. Port 110 is POP3. Your POP3 server might not be correctly configured. -Dave
cdowns <[EMAIL PROTECTED]> wrote: >1: to create a list with the likes of [EMAIL PROTECTED] instead of the >normal [EMAIL PROTECTED] what needs to be done to do this? Put the list under the control of the user "alias". -Dave
Scott Wilson <[EMAIL PROTECTED]> wrote: >I'm running Red Hat 6.1 and qmail 1.03. I have followed LWQ step by step. >However, I am unable to get qmail to start when the system starts. I have >done all of the rcX.d links just as LWQ specifies and I have no problem >running the "qmail start" command from the command line. LWQ says: The intricacies of the startup directory tree are beyond the scope of this document, so if these simplified instructions don't suffice, consult your system documentation. The links LWQ "specifies" are just examples. Did you try: find RCDIR -name "*sendmail" -print like LWQ suggests? >What I did try was adding >"ln -s ../init.d/qmail /etc/rc.d/rc3.d/S80qmail" . When I did this qmail >started when the system was rebooted. This is not in LWQ and I was wondering >if it might cause a problem? Nope, that's fine. -Dave
Aled Treharne <[EMAIL PROTECTED]> wrote: >Ok, I've been following the steps in LWQ word by word and editing where >necessary for my system (uname -a: FreeBSD marilyn.cmgww.com 3.4-RELEASE >FreeBSD 3.4-RELEASE #1: Fri Feb 18 17:54:53 EST 2000 >[EMAIL PROTECTED]:/usr/src/sys/compile/MARILYN i386). > >My problem is when I run 'qmail start'. I get a message from multilog : >Fatal error : cannot change to current directory : access denied > >This goes to stderr. I've changed the permissions on /var/log/qmail and >below to a+rwx temporarily and that doesn't help. I've noticed that I don't >have setuidgid on my system. Is there a way I can work around this, or >somehow get it working? Any help would be greatly appreciated. If you followed LWQ carefully, you installed daemontools, which contains setuidgid. Why would want to work around this? None of the LWQ qmail startup stuff will work without daemontools. -Dave
Make sure you're using a version of daemontools greater than 0.53. In daemontools 0.53, what's later known as setuidgid is called setuser. Upgrade to the latest daemontools, daemontools-0.70 for best results. Patrick On Mon, 17 Apr 2000, Dave Sill wrote: > Aled Treharne <[EMAIL PROTECTED]> wrote: > > >Ok, I've been following the steps in LWQ word by word and editing where > >necessary for my system (uname -a: FreeBSD marilyn.cmgww.com 3.4-RELEASE > >FreeBSD 3.4-RELEASE #1: Fri Feb 18 17:54:53 EST 2000 > >[EMAIL PROTECTED]:/usr/src/sys/compile/MARILYN i386). > > > >My problem is when I run 'qmail start'. I get a message from multilog : > >Fatal error : cannot change to current directory : access denied > > > >This goes to stderr. I've changed the permissions on /var/log/qmail and > >below to a+rwx temporarily and that doesn't help. I've noticed that I don't > >have setuidgid on my system. Is there a way I can work around this, or > >somehow get it working? Any help would be greatly appreciated. > > If you followed LWQ carefully, you installed daemontools, which > contains setuidgid. Why would want to work around this? None of the > LWQ qmail startup stuff will work without daemontools. > > -Dave >
"Mike Alexander Sauvain" <[EMAIL PROTECTED]> wrote: >1. isnt possbile to start qmail par inetd ? No. You can run qmail-smtpd and qmail-pop3d from inetd (not recommended), but qmail-start has to be run once when the system starts up. >1a. the smtpd works, but the pop server not ? i saw in the manual > howto put smtpd in the inetd line, but not pop3d or thaths the > other quest: You'll have to show us exactly what you put in inetd.conf. >2. i was installing the tool of > ftp://koobera.math.uic.edu/www/ucspi-tcp.html .... (and the other > deamon tools) the tool works fine, but cant really i find the ONE > qmail manual (surly one of these lot of tons) how to start, "Life with qmail", http://Web.InfoAve.Net/~dsill/lwq.html >3. it's the same file that i use for pop, when i use mysql support >3a. and when, it depends if i use clear text or crypted passwords in > the mysql table ?? Beats me. I've never used the mysql stuff. -Dave
hello one and all... I have been running mercury mail for several years.. it runs on an ol novell puppy. I would like to build a mail server using a linux box. I have 12 linux servers but never ventured into the mail realm. how easy would it be to use qmail ? can it be a pop server ? I only have 80 clients so were a pretty small shop.. mail volume is pretty low.. thanks for any advise ;-) *++++++++++++++++++++++++++++++++++++++* * Les Higger ITAF , * Local Area Network Coord. * [EMAIL PROTECTED] * Francisco Bravo Medical Magnet High School * Los Angeles Unified School District ---> Old men can give flawless advice, for they nolonger can set bad examples <---
Qmail isn't hard to set up, although I recommend having at it a couple of times before you install your production server. Migrating from mercury mail may be more difficult, I don't know enough about mercury mail to give you an idea about how its features might affect migration. Qmail allows many pop options, including its own qmail-pop3d, but also Cyrus, Qpopper, imap-4.5, etc... Other applications such as vpopper and Squebmail allow this flexible mta to serve more functions, like a webmail server. Finally, there's a patch allowing ldap support. On Mon, 17 Apr 2000, Les Higger wrote: > hello one and all... > I have been running mercury mail for several years.. it runs on an ol > novell puppy. I would like to build a mail server using a linux box. > I have 12 linux servers but never ventured into the mail realm. > how easy would it be to use qmail ? can it be a pop server ? I only have > 80 clients so were a pretty small shop.. > mail volume is pretty low.. > > thanks for any advise ;-) > > *++++++++++++++++++++++++++++++++++++++* > * Les Higger ITAF , > * Local Area Network Coord. > * [EMAIL PROTECTED] > * Francisco Bravo Medical Magnet High School > * Los Angeles Unified School District > ---> Old men can give flawless advice, for they nolonger can set bad > examples <--- > > >
> >We have a client who runs a number of mailing lists. Data and >subscription information is kept on our Sybase database server. > >We have another machine (mail server) running qmail + ezmlm + vpopmail. >The setup works great. > >We need a module that we can put into the list-subscribe and >list-unsubscribe stream and have it perform a SQL call or two on our >existing database tables. Right now we have one direction >synchronization.. the website/database server adds/removes people from the >ezmlm subscriber list. We want to close the loop and have the ezmlm >process also update the database tables/website. This may or may not mean >just converting our ezmlm setup to run strictly from the DB but we're >looking for some recommendations. > >If anyone has some experience with this and would like some work, please >drop me a line off-list. Hi First there is an ezmlm list (www.ezmlm.org), which is more appropriate for this question. Do you use ezmlm oder ezmlm-idx? ezmlm-idx supports keeping its subscriber db in an sql-RDBMS - I don't know if sybase is supported at the moment, but adding support should not be hard. Greetings, Florian Pflug
Hello, well, we're currently in the migration from SuSE Linux to FreeBSD (atleast our 'test&nuke' boxes for learning purposes) and during that I saw that the tcpwrapper port is forbidden because the functions have been integrated into FreeBSD itself. Now I'm wondering if I should install ucspi in order to use qmail on FreeBSD 4.0. Any comments would be greatly appreciated. Best regards, Gabriel
On Mon, Apr 17, 2000 at 07:28:08PM +0300, Gabriel Ambuehl wrote: > Now I'm wondering if I should install ucspi in order to use qmail on FreeBSD > 4.0. Any comments would be greatly appreciated. Yes, install it. It works better than inetd, and will always have better support on this list than inetd. Chris
You will be able to get more support running ucspi and qmail (inetd is no longer supported on any platform for qmail). Matt Soffen Web Intranet Developer http://www.iso-ne.com/ ============================================== Boss - "My boss says we need some eunuch programmers." Dilbert - "I think he means UNIX and I already know UNIX." Boss - "Well, if the company nurse comes by, tell her I said never mind." - Dilbert - ============================================== > -----Original Message----- > From: Gabriel Ambuehl [SMTP:[EMAIL PROTECTED]] > Sent: Monday, April 17, 2000 12:28 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Qmail on FreeBSD 4.0 > > Hello, > well, we're currently in the migration from SuSE Linux to FreeBSD > (atleast our 'test&nuke' boxes for learning purposes) and during that > I saw that the tcpwrapper port is forbidden because the functions have > been > integrated into FreeBSD itself. Now I'm wondering if I should install > ucspi in order to use qmail on FreeBSD 4.0. Any comments would be > greatly appreciated. > > > > > Best regards, > Gabriel >
Hi, I am using qmail on FreeBSD with ucspi and daemontools as decribed in LWQ and everything is great... There is one patch you need to implement on the FreeBSD kernel in order to not suffer a buffer overflow in one of the function that qmail uses. This buffer overflow will effectively replace the address for the MAIL FROM command of outgoing smtp session with crap leading in email rejections from remote smtp servers. Note that this bug affects FreeBSD, but may also be present in other BSD based TCP/IP implementations. The file to patch is /usr/src/sys/net/if.c, the attached patch is against the current RELENG_4 version. Have fun with FreeBSD... Patrick.
On Mon, Apr 17, 2000 at 01:57:33PM -0400, Patrick Bihan-Faou wrote: > There is one patch you need to implement on the FreeBSD kernel in order > to not suffer a buffer overflow in one of the function that qmail uses. > This buffer overflow will effectively replace the address for the MAIL > FROM command of outgoing smtp session with crap leading in email > rejections from remote smtp servers. > > Note that this bug affects FreeBSD, but may also be present in other BSD > based TCP/IP implementations. > > The file to patch is /usr/src/sys/net/if.c, the attached patch is > against the current RELENG_4 version. Has anyone else encountered this? Is this a major problem? Ben -- "There is no spoon" -- The Matrix
On Mon, Apr 17, 2000 at 01:56:47PM -0500, Ben Beuchler wrote: > On Mon, Apr 17, 2000 at 01:57:33PM -0400, Patrick Bihan-Faou wrote: > > > There is one patch you need to implement on the FreeBSD kernel in order > > to not suffer a buffer overflow in one of the function that qmail uses. [snip] > > Note that this bug affects FreeBSD, but may also be present in other BSD > > based TCP/IP implementations. > > Has anyone else encountered this? Is this a major problem? I've been running qmail on OpenBSD 2.x for about a month now, and haven't had any problems (yet).... > Ben Steffan
Hi, ----- Original Message ----- From: "Gabriel Ambuehl" <[EMAIL PROTECTED]> > > buffer overflow will effectively replace the address for the MAIL FROM > > command of outgoing smtp session with crap leading in email rejections from > > remote smtp servers. > > Hmm that's bad... Well, it's been around forever. I first noticed the bug in FreeBSD 3.4-STABLE. I have sent the patch to the FreeBSD team and code to test if a particular installation is vulnerable. The issue is as much with qmail as with the FreeBSD code. Most application that try to discover the interfaces present on a given system use the same system call as qmail, but with a large buffer (usually around 8k). This buffer is big enough in 99.99% of the case. Qmail on the other hand tries to save a few bytes here and there, so it uses the system call with a very small buffer (256 bytes) and then increases it by a few bytes until it knows that it got all the interfaces. The only advantage of qmail's way is that is save some memory. The main drawbacks are: - it is vulnerable to the BSD socket bug (which is not limited to FreeBSD) - it uses a fairly high number of system calls to do something that should be done in one system call. Qmail can be patched for that problem as well. (here it is) --- ipme.c.orig 2000/04/08 18:49:08 +++ ipme.c 2000/04/09 08:14:11 @@ -48,7 +48,7 @@ if ((s = socket(AF_INET,SOCK_STREAM,0)) == -1) return -1; - len = 256; + len = 8092; /* any value big enough to get all the interfaces in one read is good */ for (;;) { if (!stralloc_ready(&buf,len)) { close(s); return 0; } buf.len = 0; @@ -60,7 +60,7 @@ break; } if (len > 200000) { close(s); return -1; } - len += 100 + (len >> 2); + len *= 2; } x = buf.s; while (x < buf.s + buf.len) { > > > The file to patch is /usr/src/sys/net/if.c, the attached patch is against > > the current RELENG_4 version. > > Do you mean 4.0 Current or 4.0 Release (we'll use the later, if WC > sends us the CDs.. Ordered them since they're scheduled but nothing > yet arrived)? This is for any FreeBSD to date. And as for the CD's we got ours last week, so yours should not be too far away... Patrick.
Hi, ----- Original Message ----- From: "S.P. Hoeke" <[EMAIL PROTECTED]> > > Has anyone else encountered this? Is this a major problem? > I've been running qmail on OpenBSD 2.x for about a month now, and haven't > had any problems (yet).... > Looking quickly at the NetBSD and the FreeBSD code, I would say that they are not affected by that bug. Also solaris 2.5 is clean. I don't know about any of the linux... Patrick.
Running FreeBSD 3.4 stable here..not affected either. 4.0 is still release code and not part of the stable branch, I'd avoid using it for any production servers till it's migrated to the stable tree. -- Stephen Comoletti Systems Administrator Delanet, Inc. http://www.delanet.com ph: (302) 326-5800 fax: (302) 326-5802 Patrick Bihan-Faou wrote: > Hi, > > ----- Original Message ----- > From: "S.P. Hoeke" <[EMAIL PROTECTED]> > > > Has anyone else encountered this? Is this a major problem? > > I've been running qmail on OpenBSD 2.x for about a month now, and haven't > > had any problems (yet).... > > > > Looking quickly at the NetBSD and the FreeBSD code, I would say that they > are not affected by that bug. Also solaris 2.5 is clean. I don't know about > any of the linux... > > Patrick.
Patrick Bihan-Faou wrote: > > Hi, > > ----- Original Message ----- > From: "S.P. Hoeke" <[EMAIL PROTECTED]> > > > Has anyone else encountered this? Is this a major problem? > > I've been running qmail on OpenBSD 2.x for about a month now, and haven't > > had any problems (yet).... > > > > Looking quickly at the NetBSD and the FreeBSD code, I would say that they > are not affected by that bug. Also solaris 2.5 is clean. I don't know about > any of the linux... > > Patrick. Well, now that you mention it, does NetBSD also mean OpenBSD by extension? I didn't see any references to a patch in their (OpenBSD) port. -- _ _ _ __ ___ / \/ \ | |/ / / O \ /_/\/\_\o|_|\_\o\___/o M I C H A E L O W E N S
On Mon, 17 Apr 2000, Ben Beuchler wrote: > On Mon, Apr 17, 2000 at 01:57:33PM -0400, Patrick Bihan-Faou wrote: > > > There is one patch you need to implement on the FreeBSD kernel in order > > to not suffer a buffer overflow in one of the function that qmail uses. > > This buffer overflow will effectively replace the address for the MAIL > > FROM command of outgoing smtp session with crap leading in email > > rejections from remote smtp servers. > > > > Note that this bug affects FreeBSD, but may also be present in other BSD > > based TCP/IP implementations. > > > > The file to patch is /usr/src/sys/net/if.c, the attached patch is > > against the current RELENG_4 version. > > Has anyone else encountered this? Is this a major problem? First I've heard of it and I'm running 4.0. Where did that come from? Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ==========================================================================
Hi, ----- Original Message ----- From: "Mike" <[EMAIL PROTECTED]> > Patrick Bihan-Faou wrote: > > Looking quickly at the NetBSD and the FreeBSD code, I would say that they > > are not affected by that bug. Also solaris 2.5 is clean. I don't know about > > any of the linux... > > Well, now that you mention it, does NetBSD also mean OpenBSD by > extension? I didn't see any references to a patch in their (OpenBSD) > port. Oops I meant, NetBSD and OpenBSD are not affected. FreeBSD is for all version (including 3.x). Patrick.
On Mon, Apr 17, 2000 at 03:41:41PM -0400, Delanet Administration wrote: > Running FreeBSD 3.4 stable here..not affected either. 4.0 is still release > code and not part of the stable branch, I'd avoid using it for any production > servers till it's migrated to the stable tree. 4.0 went STABLE a couple of weeks ago. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hello Peter, >> code and not part of the stable branch, I'd avoid using it for any production >> servers till it's migrated to the stable tree. > 4.0 went STABLE a couple of weeks ago. So should I go for 4.0 stable directly instead of 4.0 Release? Best regards, Gabriel
On Mon, Apr 17, 2000 at 10:31:51PM +0300, Gabriel Ambuehl wrote: > Hello Peter, > >> code and not part of the stable branch, I'd avoid using it for any production > >> servers till it's migrated to the stable tree. > > 4.0 went STABLE a couple of weeks ago. > > So should I go for 4.0 stable directly instead of 4.0 Release? You can't. There is no 4.0-STABLE release. That's wat 4.0-RELEASE is called RELEASE for. Get 4.0-RELEASE mfsroot and kern disks, FTP-install 4.0-RELEASE, and then cvsup to 4.0-STABLE and make world and install a new kernel. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
It worked! Thanks!! Esteban Javier Pr�spero -----Original Message----- From: Keith Warno [SMTP:[EMAIL PROTECTED]] Sent: Friday, April 14, 2000 4:50 PM To: [EMAIL PROTECTED] Subject: Re: qmail, ucsi-tcp & inetd On Solaris try something like zcat blah.tar.gz | tar xf - ----- Original Message ----- From: "Pr�spero, Esteban" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 14, 2000 10:22 AM Subject: RE: qmail, ucsi-tcp & inetd What is the z option for? my Solaris tar doesn't understand it... Esteban Javier Pr�spero
Hi, I am trying to configure qmail as a secondary MX for severeal domains I am responsible for, the DNS es configured okey, what I need to know is HOW do I tell qmail that the mail it is receiving is not local, that is has to be sent to the primary MX. I thought that the domains could be configured as virtualdomains.... an instead of sending the mail to a user sending it to a host, but HOW?, any help would be appreciated ;). Thanks in advance. :) Mario Rafael e-Mail : [EMAIL PROTECTED]
Mario Rafael <[EMAIL PROTECTED]> wrote: > Hi, I am trying to configure qmail as a secondary MX for >severeal domains I am responsible for, the DNS es configured okey, >what I need to know is HOW do I tell qmail that the mail it is >receiving is not local, that is has to be sent to the primary MX. Put the domains in control/rcpthosts, but *not* in control/locals. That's all there is to it. -Dave
Mario Rafael writes: > Hi, I am trying to configure qmail as a secondary MX for severeal domains > I am responsible for, the DNS es configured okey, what I need to know is > HOW do I tell qmail that the mail it is receiving is not local, that is has > to be sent to the primary MX. Es no problemo: solamente put the domain in neither locals nor virtualdomains, but instead just in rcpthosts. -- -russ nelson <[EMAIL PROTECTED]> http://russnelson.com Crynwr sells support for free software | PGPok | "Ask not what your country 521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
Hi list: I have been running qmail for Internet mail for almost a year without special problems :-). Could anyone tell me if there is any way to restrict access outside the local domain for some users, I don't want to allow them to send mail to the internet, but yes to the local domain. Thanks. Eduardo Moor Extech SRL Argentina
On Mon, Apr 17, 2000 at 03:03:10PM -0300, Eduardo Moor wrote : > I have been running qmail for Internet mail for almost a year without > special problems :-). > Could anyone tell me if there is any way to restrict access outside the > local domain for some users, > I don't want to allow them to send mail to the internet, but yes to the > local domain. I'm not an expert in this. For those users, remove access to qmail-queue by chmod'ing it 4750 , chgrp into a group which is allowed to send email and put every user in this group. However, you can't prevent those users to send mail directory from your host to internet via port 25. At least not if you don't use smtp-auth. Anyone else comment about this thoughts ? kind regards, Markus -- Markus Fischer, http://josefine.ben.tuwien.ac.at/~mfischer/ EMail: [EMAIL PROTECTED] PGP Public Key: http://josefine.ben.tuwien.ac.at/~mfischer/C2272BD0.asc PGP Fingerprint: D3B0 DD4F E12B F911 3CE1 C2B5 D674 B445 C227 2BD0 - Free Software For A Free World -
I've never tried this however, i have a couple ideas. You could setup 2 qmail machines or 2 qmail processes on one machine. Force one process/machine to use the other as a relay. Dont give the machine relay access for that IP, and it will only allow you to deliver mail to domains that are 'local' to it, or are in the rcpthosts file. What i've said might be totally confusing, or i might be trying to think of one of the most difficult ways to solve a simple problem, and i just dont know it =) On Mon, 17 Apr 2000, Markus Fischer wrote: >On Mon, Apr 17, 2000 at 03:03:10PM -0300, Eduardo Moor wrote : >> I have been running qmail for Internet mail for almost a year without >> special problems :-). >> Could anyone tell me if there is any way to restrict access outside the >> local domain for some users, >> I don't want to allow them to send mail to the internet, but yes to the >> local domain. > > I'm not an expert in this. For those users, remove access >to qmail-queue by chmod'ing it 4750 , chgrp into a group which is >allowed to send email and put every user in this group. > > However, you can't prevent those users to send mail >directory from your host to internet via port 25. At least not if >you don't use smtp-auth. > > Anyone else comment about this thoughts ? _ __ _____ __ _________ ______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [---------------------------------------------[system info]-----------] 2:45pm up 83 days, 21:42, 4 users, load average: 0.06, 0.17, 0.36
Hi, It's probably been asked, but ..... Is there a scheduled release timeframe for the next qmail version ? Greetz, Steffan
"S.P. Hoeke" <[EMAIL PROTECTED]> wrote: >Is there a scheduled release timeframe for the next qmail version ? No. -Dave
Hello, I'am trying to set up the greeting message when you pop your mail. If someone could tell me how to do it, i am using qmail-pop3d. THX. Mikael chambon.
Hello, i've a smtpgreeting file in /var/qmail/control. The message has some space inside, and the server replace them by ?, does someone know why??
"quanta" <[EMAIL PROTECTED]> wrote: >Hello, i've a smtpgreeting file in /var/qmail/control. > >The message has some space inside, and the server replace them by ?, does >someone know why?? My smtpgreeting files have spaces that don't get replaced by ?'s. -Dave
Sorry I have one more question, I am using The Maildir format to make it works with qmail-pop3d but I can't find any client like pine or elm to work with it, do I have to patch something?? THX Mikael
At 9:41 PM +0200 4/17/00, quanta wrote: >Sorry I have one more question, I am using The Maildir format to make it >works with qmail-pop3d >but I can't find any client like pine or elm to work with it, do I have to >patch something?? Try mutt. http://www.mutt.org. > >THX >Mikael -- -- Paul J. Schinder NASA Goddard Space Flight Center Code 693 [EMAIL PROTECTED]
> >Sorry I have one more question, I am using The Maildir format to make it > >works with qmail-pop3d > >but I can't find any client like pine or elm to work with it, do I have to > >patch something?? > > Try mutt. http://www.mutt.org. Any pop3 mail client should work fine with the qmail-pop3d server, and I use a patched version of IMAP for things like Pine to connect to. Although you don't have all the capabilities that some mailers would give you by them bypassing the server, it does provide a transparen way for any standard pop3 or IMAP client to work. steve
"quanta" <[EMAIL PROTECTED]> wrote: >Sorry I have one more question, I am using The Maildir format to make it >works with qmail-pop3d >but I can't find any client like pine or elm to work with it, do I have to >patch something?? Accessed via POP, the native mailbox format is tranparent and irrelevant. You only need Maildir-compatible MUA's for people *not* using POP. -Dave
quanta wrote: > Sorry I have one more question, I am using The Maildir format to make it > works with qmail-pop3d > but I can't find any client like pine or elm to work with it, do I have to pop3 clients don't have to know anything about maildir. I use netscape pop3 client and it just work fine. > > patch something?? > > THX > Mikael
Hi, I have just downloaded vpopmail and started reading the documentation regarding it's configuration ;), but I have found that it only has support for qmail-pop3, am I wrong?, I am actually usinf ipop3d with /var/spool/mail directory style, would it be possible to use vpopmail with this scheme?. Thanks in advance. :) e-Mail : [EMAIL PROTECTED]
Is there a way to make qmail send a "Read Receipt" and/or a "Delivery Receipt" when it is requested by the sender?
Hello Scott, Monday, April 17, 2000, 11:09:11 PM, you wrote: > Is there a way to make qmail send a "Read Receipt" and/or a "Delivery > Receipt" when it is requested by the sender? Hard thing to implement. The only thing which would be possible is a 'I sent the mail to the client' from qmail-pop3d what should be pretty easy to implement if it's not already there. A real "Read Receipt" would have to be done by the reader... Best regards, Gabriel
On Mon, Apr 17, 2000 at 10:14:18PM +0300, Gabriel Ambuehl wrote: > Hello Scott, > > Monday, April 17, 2000, 11:09:11 PM, you wrote: > > Is there a way to make qmail send a "Read Receipt" and/or a "Delivery > > Receipt" when it is requested by the sender? > > Hard thing to implement. The only thing which would be possible is a > 'I sent the mail to the client' from qmail-pop3d what should be pretty > easy to implement if it's not already there. A real "Read Receipt" > would have to be done by the reader... man qreceipt Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
I have atrange problem. I have set up one domain on my qmail system and it is working well. I tried to set up another so I did /home/vpopmail/bin/vadddomain lrpr.com. Then did vadduser [EMAIL PROTECTED] laura. The mailbox is there and I can log into it with SQwebmail, however, when I try to send mail to the address and I get the following: Hi. This is the qmail-send program at nixmail.silverw.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[EMAIL PROTECTED]>: Sorry, no mailbox here by that name. (#5.1.1) I tried comparing the domain that was not working to the domain that is and the only difference I noticed was that for the domain that is working, the .qmail-default file has the line bounce-no-mailbox, where the bad domain has the path of the postmaster mailbox instead. Any ideas? This is driving me nuts. Thanks. - Joel
Hello averyone:Anyone has one solution for this situation:
When I execute one Telnet session to mail-abuse.org, this relay problem is described:
Relay test 10
>>> RSET
<<< 250 flushed
>>> MAIL FROM:<spamtest@[200.194.96.32]>
<<< 250 ok
>>> RCPT TO:<[EMAIL PROTECTED]@[200.194.96.32]>
<<< 250 ok
Relay test result
Uh oh, host appeared to accept a message for relay.
The host may reject this message internally, however
Connection closed by foreign host.Could you help me for to resolve this problem?
regards
--
-----------------------------
Luís Bezerra de A. Junior
[EMAIL PROTECTED]
SecrelNet Informática LTDA
Fortaleza - Ceará - Brasil
Fone: 021852882090
-----------------------------
This has been discussed many times on this list. This test is erroneous. As the message says "It appeared to accept ..." This doesn't mean that it DID accept the message. This is a non-problem (as it is not a TRUE indication of your machine being an open relay). Only if it actually DOES deliver the mail should you worry (and unless you installed a patch to allow you to do this, then you shouldn't worry(. Matt Soffen Web Intranet Developer http://www.iso-ne.com/ ============================================== Boss - "My boss says we need some eunuch programmers." Dilbert - "I think he means UNIX and I already know UNIX." Boss - "Well, if the company nurse comes by, tell her I said never mind." - Dilbert - ============================================== > -----Original Message----- > From: Luis Bezerra [SMTP:[EMAIL PROTECTED]] > Sent: Saturday, April 15, 2000 4:42 PM > To: qmail list > Subject: mail-abuse.org > > Hello averyone: > > Anyone has one solution for this situation: > > When I execute one Telnet session to mail-abuse.org, this relay problem is > described: > > Relay test 10 > >>> RSET > <<< 250 flushed > >>> MAIL FROM:<spamtest@[200.194.96.32]> > <<< 250 ok > >>> RCPT TO:<[EMAIL PROTECTED]@[200.194.96.32]> > <<< 250 ok > Relay test result > Uh oh, host appeared to accept a message for relay. > The host may reject this message internally, however > Connection closed by foreign host. > > Could you help me for to resolve this problem? > > regards > > > -- > ----------------------------- > Luis Bezerra de A. Junior > [EMAIL PROTECTED] > SecrelNet Informatica LTDA > Fortaleza - Ceara - Brasil > Fone: 021852882090 > ----------------------------- >
> From: Luis Bezerra [mailto:[EMAIL PROTECTED]] > Hello averyone: > Anyone has one solution for this situation: > When I execute one Telnet session to mail-abuse.org, this relay problem > is described: > Relay test 10 > >>> RSET > <<< 250 flushed > >>> MAIL FROM:<spamtest@[200.194.96.32]> > <<< 250 ok > >>> RCPT TO:<[EMAIL PROTECTED]@[200.194.96.32]> > <<< 250 ok > Relay test result > Uh oh, host appeared to accept a message for relay. > The host may reject this message internally, however > Connection closed by foreign host. > Could you help me for to resolve this problem? > regards Easy. Install sendmail.
On Sat, Apr 15, 2000 at 05:42:19PM -0300, Luis Bezerra wrote: Yeah. I agree. Try it without the HTML. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
On Mon, Apr 17, 2000 at 02:01:46PM -0700, Bruce wrote: [snip] > > Easy. Install sendmail. Please, don't say thing like these unless you really mean them. And if you do, don't say 'm here. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
> From: Peter van Dijk [mailto:[EMAIL PROTECTED]] > > On Mon, Apr 17, 2000 at 02:01:46PM -0700, Bruce wrote: > [snip] > > > > Easy. Install sendmail. > > Please, don't say thing like these unless you really mean > them. And if you > do, don't say 'm here. > > Greetz, Peter. Well, Peter, I must say that you are a far more gracious person than I will ever be. This appears to be the third time this month that Luis has asked about qmail accepting spam, and looking at the archives, the only time to date that he responded to any advice given him was when he said to you, "Peter Pan, I not want your opinion. I want one solution[sic]" If you can still be polite, I should sit back and learn from your example. In my heart of hearts, though, I may still wish he took up another MTA, so he can ask some other list for advice to ignore. Doesn't sound like I'm learning much does it? Ok, I'll try to be quiet and accept any flames I may deserve. Sorry, - Bruce
On Mon, Apr 17, 2000 at 02:45:01PM -0700, Bruce wrote: > > From: Peter van Dijk [mailto:[EMAIL PROTECTED]] > > > > On Mon, Apr 17, 2000 at 02:01:46PM -0700, Bruce wrote: > > [snip] > > > > > > Easy. Install sendmail. > > > > Please, don't say thing like these unless you really mean > > them. And if you > > do, don't say 'm here. > > Well, Peter, I must say that you are a far more gracious > person than I will ever be. This appears to be the third > time this month that Luis has asked about qmail accepting > spam, and looking at the archives, the only time to date > that he responded to any advice given him was when he said > to you, "Peter Pan, I not want your opinion. I want one > solution[sic]" Urgh. I did not recall it was him. I was serious about that 'killfile' thing back then, but was unlucky I did not find an easy way. I will try again :) > If you can still be polite, I should sit back and learn > from your example. In my heart of hearts, though, I may > still wish he took up another MTA, so he can ask some other > list for advice to ignore. Hmmm my acceptance of abuse does stretch very far, but he is pushing the line. Depending on how he asks next time, I might even give serious answers. > Doesn't sound like I'm learning much does it? Ok, I'll try > to be quiet and accept any flames I may deserve. You don't. I just didn't recognize him as the person being so abusive last time, if I did I would have given a different answer :) > Sorry, The sorry is mine :) Please flame Luis all you want. And people: don't flame Bruce for this. Or me, please :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
My friend: It's not a good solution I prefer QMail -----Original Message----- From: Peter van Dijk <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Segunda-feira, 17 de Abril de 2000 15:42 Subject: Re: mail-abuse.org >On Mon, Apr 17, 2000 at 02:45:01PM -0700, Bruce wrote: >> > From: Peter van Dijk [mailto:[EMAIL PROTECTED]] >> > >> > On Mon, Apr 17, 2000 at 02:01:46PM -0700, Bruce wrote: >> > [snip] >> > > >> > > Easy. Install sendmail. >> > >> > Please, don't say thing like these unless you really mean >> > them. And if you >> > do, don't say 'm here. >> >> Well, Peter, I must say that you are a far more gracious >> person than I will ever be. This appears to be the third >> time this month that Luis has asked about qmail accepting >> spam, and looking at the archives, the only time to date >> that he responded to any advice given him was when he said >> to you, "Peter Pan, I not want your opinion. I want one >> solution[sic]" > >Urgh. I did not recall it was him. I was serious about that 'killfile' >thing back then, but was unlucky I did not find an easy way. > >I will try again :) > >> If you can still be polite, I should sit back and learn >> from your example. In my heart of hearts, though, I may >> still wish he took up another MTA, so he can ask some other >> list for advice to ignore. > >Hmmm my acceptance of abuse does stretch very far, but he is pushing the >line. Depending on how he asks next time, I might even give serious >answers. > >> Doesn't sound like I'm learning much does it? Ok, I'll try >> to be quiet and accept any flames I may deserve. > >You don't. I just didn't recognize him as the person being so abusive last >time, if I did I would have given a different answer :) > >> Sorry, > >The sorry is mine :) > >Please flame Luis all you want. And people: don't flame Bruce for this. Or >me, please :) > >Greetz, Peter. >-- >Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder >| >| 'C makes it easy to shoot yourself in the foot; >| C++ makes it harder, but when you do it blows your whole leg off.' >| Bjarne Stroustrup, Inventor of C++ >
On Mon, Apr 17, 2000 at 06:57:58PM -0300, Luis Bezerra wrote: > My friend: > > It's not a good solution > > I prefer QMail You don't seem to understand -- this is the way qmail handles messages. If you don't like it, you can either write a patch, or run another MTA. --Adam
On Mon, Apr 17, 2000 at 06:57:58PM -0300, Luis Bezerra wrote: > My friend: > > It's not a good solution > > I prefer QMail So stop acting clueless and start taking advice from us. There is no relaying problem, unless you have proof that your machine actually _delivered_ the message in question. I will make an effort to filter mail from you into oblivion if you don't take the above-mentioned hint. Oh, and please take some quoting-lessons. We like to communicate efficiently. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
"Luis Bezerra" <[EMAIL PROTECTED]> wrote: > > It's not a good solution > > I prefer QMail Luis, people have answered your questions. Also, your questions are already answered in the documentation AND in the qmail archive. Are you 1) thick headed, 2) a troll, or 3) having trouble understanding English? Or are you an autoresponder? If so, are you available under the GPL? Maybe I can run you from procmail, to annoy people who annoy me. Len. -- Any _widely used_ spam-detection system is a waste of time, because the spammers can and will avoid it. It ends up doing more harm than good. -- Dan Bernstein
On Mon, Apr 17, 2000 at 07:08:39PM -0400, Len Budney wrote: > "Luis Bezerra" <[EMAIL PROTECTED]> wrote: > > > > It's not a good solution > > > > I prefer QMail > > Luis, people have answered your questions. Also, your questions are > already answered in the documentation AND in the qmail archive. Are you > 1) thick headed, 2) a troll, or 3) having trouble understanding English? > > Or are you an autoresponder? If so, are you available under the GPL? > Maybe I can run you from procmail, to annoy people who annoy me. If not GPL, then we'll just reverse-engineer him and open the source up anyway :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hi, after some discussion with Bernat and Luis I updated the SPAMCONTROL patch to fix the problems mentioned so far. It took a while because I was busy to start a new web-page. The SPAMCONTROL patch moved to: http://www.fehcom.de/qmail_en.html/ One basic problem left: In case QMAIL-SMTPD 1) has been addressed (Mail from:) by means of the MTA's IP address [IP address] and/or 2) sees a RECIPIENT address (RCPT to:) with its's [IP address] QMAIL-SMTPD subsitutes this to its FQDN. I mentionend this in the new README. However, this behavior makes it impossible (whether TCPSERVER or QMAIL + SPAMCONTROL patch) to filter those address-schemes, which are used by ORBS to test a MTA. I try to investigate this for the next release of SPAMCONTROL. That subject keeps me busy. regards. eh. +-----------------------------------------------------------------------+ | fff hh http://www.fehcom.de Dr. Erwin Hoffmann | | ff hh | | ff eee hhhh ccc ooo mm mm mm Wiener Weg 8 | | fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln | | ff ee eee hh hh cc oo oo mm mm mm | | ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 | | ff eeee hh hh ccc ooo mm mm mm Fax 0221 484 4924 | +-----------------------------------------------------------------------+
Hello , Does someone know how to set up greeting message with qmail-pop3d??? THX
From: Giulio Orsero <[EMAIL PROTECTED]> Date: Mon, 17 Apr 2000 09:42:03 +0200 Could 554 RCPT first (#5.5.1) mean something else, like unknown user, access denied, .....? I think it must. mx0a.softhome.net seems to have its error messages screwed up. I tried several variations on your example, and all of them failed, until I tried using a valid address: rgr> telnet mx0a.softhome.net 25 Trying 204.144.231.54... Connected to mx0a.softhome.net. Escape character is '^]'. 220 softhome.net ESMTP HELO h0050da615e79.ne.mediaone.net 250 softhome.net MAIL FROM:<[EMAIL PROTECTED]> 250 ok RCPT TO:<[EMAIL PROTECTED]> 250 ok DATA 354 go ahead Terminated rgr> (I killed telnet to avoid spamming the postmaster.) Just for grins, I tried it again with varying syntax, and discovered that the angle brackets are optional, but the colon is not. . . . RCPT TO [EMAIL PROTECTED] 553 envelope recipient address invalid (#5.7.1) RCPT TO: [EMAIL PROTECTED] 250 ok DATA 354 go ahead Terminated rgr> So it appears that "RCPT first" was a broken, delayed version of "No such user", and had nothing to do with SMTP command syntax. Feel free to forward to [EMAIL PROTECTED] . . . -- Bob
On Tue, Apr 18, 2000 at 01:14:12AM +0200, Mike Alexander Sauvain wrote: > where are the best howto's for uscpi / deamontools ? http://cr.yp.to/ http://www.qmail.org/ > please send referrs to :> [EMAIL PROTECTED] No. You ask the list, you read the list for replies. > ..... if you have something nice about the qmail & mysql i qould be happy to....... http://www.qmail.org/ should have some about that too. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hi, I was having some users complain about the times shown in their Outlook 2000 e-mail listings being 'incorrect' (UTC) while when they opened the message, the times were correct. They were seeing this situation when using IMAP (UW IMAP server), but not with POP (qpopper). After doing some experimentation, I discovered that the IMAP server is getting its time from the "From " header in the mbox, not the "Received:" or "Date:" headers, and passing this on to Outlook. When using POP, Outlook evidently gets the time itself from a "Received:" header. Since qmail delivers mail to mboxes with a "From " header that looks like this: >From [EMAIL PROTECTED] Mon Apr 17 20:13:21 2000 IMAP or Outlook (didn't dig in deep enough to figure out who does this) evidently assumes that the date/time given is local time. To rectify this problem, I patched the qmail myctime.c to append " -0000" to the time, like this: >From [EMAIL PROTECTED] Mon Apr 17 20:13:21 2000 -0000 This 'fixes' the time seen in Outlook, I guess because either IMAP or Outlook can now figure out the local time. My question is this: does this solution violate any standards or will it break anything obvious? Why doesn't qmail give some indication that the date/time given in this header is not local time? Thanks, Eric
On Mon, Apr 17, 2000 at 07:46:39PM -0400, Eric M. Johnston wrote: > Hi, > > I was having some users complain about the times shown in their Outlook 2000 > e-mail listings being 'incorrect' (UTC) while when they opened the message, > the times were correct. They were seeing this situation when using IMAP (UW > IMAP server), but not with POP (qpopper). > > After doing some experimentation, I discovered that the IMAP server is > getting its time from the "From " header in the mbox, not the "Received:" or > "Date:" headers, and passing this on to Outlook. When using POP, Outlook > evidently gets the time itself from a "Received:" header. a From: header, I think. There is no common standard for Received-headers. Also, in qmail, these will be UTC as well :) > IMAP or Outlook (didn't dig in deep enough to figure out who does this) > evidently assumes that the date/time given is local time. To rectify this > problem, I patched the qmail myctime.c to append " -0000" to the time, like > this: I think IMAP just passes the string along. > This 'fixes' the time seen in Outlook, I guess because either IMAP or > Outlook can now figure out the local time. My question is this: does this > solution violate any standards or will it break anything obvious? Why > doesn't qmail give some indication that the date/time given in this header > is not local time? I can't find anything about this in RFC822, probably because RFC822 doesn't describe mailbox formats, only message formats :) I don't know. I don't think it will break anything. I do think IMAPd is broken for supplying the user with that info. But UW IMAP is broken anyway. You do know that _another_ buffer overflow in UW IMAP was found somewhere in the last few days? Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Peter van Dijk wrote: > > > After doing some experimentation, I discovered that the IMAP server is > > getting its time from the "From " header in the mbox, not the "Received:" or > > "Date:" headers, and passing this on to Outlook. When using POP, Outlook > > evidently gets the time itself from a "Received:" header. > > a From: header, I think. There is no common standard for Received-headers. > Also, in qmail, these will be UTC as well :) Umm, there isn't a timestamp in the "From:" header, just the mailbox "From " header (I assume that's what you meant). Anyway, Outlook seems to be able to cope with UTC in "Received:" headers, as in the POP case; just not in the "From " header that IMAP passes, because there's no indication that "From " is in UTC. > > This 'fixes' the time seen in Outlook, I guess because either IMAP or > > Outlook can now figure out the local time. My question is this: does this > > solution violate any standards or will it break anything obvious? Why > > doesn't qmail give some indication that the date/time given in this header > > is not local time? > > I can't find anything about this in RFC822, probably because RFC822 doesn't > describe mailbox formats, only message formats :) Yeah, this was my experience. > I don't know. I don't think it will break anything. I do think IMAPd is > broken for supplying the user with that info. But UW IMAP is broken anyway. > You do know that _another_ buffer overflow in UW IMAP was found somewhere > in the last few days? I agree completely. I'd much rather not use mailbox or UW IMAP, but circumstances require them at this point. Perhaps sometime in the future... Thanks, Eric
On Mon, Apr 17, 2000 at 08:18:48PM -0400, Eric M. Johnston wrote: > Peter van Dijk wrote: > > > > > After doing some experimentation, I discovered that the IMAP server is > > > getting its time from the "From " header in the mbox, not the "Received:" or > > > "Date:" headers, and passing this on to Outlook. When using POP, Outlook > > > evidently gets the time itself from a "Received:" header. > > > > a From: header, I think. There is no common standard for Received-headers. > > Also, in qmail, these will be UTC as well :) > > Umm, there isn't a timestamp in the "From:" header, just the mailbox > "From " header (I assume that's what you meant). Anyway, Outlook seems Sorry, I meant the Date: header. Clients don't normally (not with POP anyway) see the "From " header anyway. > to be able to cope with UTC in "Received:" headers, as in the POP case; > just not in the "From " header that IMAP passes, because there's no > indication that "From " is in UTC. The Date: header is usually in a local time zone, and indeed clients are encouraged to convert to local. Don't now if Outlook really does that tho... > > > This 'fixes' the time seen in Outlook, I guess because either IMAP or > > > Outlook can now figure out the local time. My question is this: does this > > > solution violate any standards or will it break anything obvious? Why > > > doesn't qmail give some indication that the date/time given in this header > > > is not local time? > > > > I can't find anything about this in RFC822, probably because RFC822 doesn't > > describe mailbox formats, only message formats :) > > Yeah, this was my experience. man mbox (from qmail) on the other hand, does specify an exact time format. > > I don't know. I don't think it will break anything. I do think IMAPd is > > broken for supplying the user with that info. But UW IMAP is broken anyway. > > You do know that _another_ buffer overflow in UW IMAP was found somewhere > > in the last few days? > > I agree completely. I'd much rather not use mailbox or UW IMAP, but > circumstances require them at this point. Perhaps sometime in the > future... Hehe :) Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
I am trying to install qmail. I have a sun sparc 5 with the new solaris 8 installed. I installed the latest version of gcc (gcc2.95). I downloaded qmail. Issued 'gunzip qmail-1.03.tar.gz' and then 'tar -xvf qmail-1.03.tar'. I created the qmail users and groups and then I tried to compile qmail. I received the error '/usr/ucb/cc: language optional software package not installed' '*** Error code 1' 'make: Fatal error: Command failed for target 'qmail-local.o' '. What does this mean and how can I get around this?
At 19:59 00/04/17 -0500, you wrote: > I am trying to install qmail. I have a sun sparc 5 with the new solaris > 8 installed. I installed the latest version of gcc (gcc2.95). I > downloaded qmail. Issued 'gunzip qmail-1.03.tar.gz' and then 'tar -xvf > qmail-1.03.tar'. I created the qmail users and groups and then I tried > to compile qmail. I received the error '/usr/ucb/cc: language optional > software package not installed' '*** Error code 1' 'make: Fatal error: > Command failed for target 'qmail-local.o' '. What does this mean and how > > can I get around this? For installing qmail-1.03 on Solaris 7 with gcc-2.8... on sparc I also did the following. Don't know if you need to do the same. % vi conf-cc change cc to gcc % vi conf-ld change cc to gcc Hope it helps, Kristina
I am installing Qmail from RPM on a Redhat 6.1 system. I am having a bit of trouble with the following instruction: According to the README.var-qmail: --------------- 4) Get the package qmail-1.03-102memphis.src.rpm from this directory. This package does not contain the qmail sources; it contains a tarball of the compiled qmail binaries and a spec file. Execute rpm --rebuild qmail-1.03-102memphis.src.rpm -------------- So I do it, and here is what I get: [root@cueva /root]# rpm --rebuild qmail-1.03-102memphis.src.rpm Installing qmail-1.03-102memphis.src.rpm Bad owner/group: /usr/src/redhat/SOURCES/var-qmail-1.03.tar.gz Here is ls -la of /usr/src/redhat/SOURCES/ [root@cueva /root]# ls -la /usr/src/redhat/SOURCES/ total 300 drwxr-xr-x 2 root 0 4096 Apr 16 19:38 . drwxr-xr-x 7 root 0 4096 Feb 27 03:13 .. -rw-r--r-- 1 root 0 293692 Aug 16 1999 var-qmail-1.03.tar.gz This is a RedHat 6.1 machine Can anyone get me past this hurdle? Help! Thanks!! Jeff Dilcher
Jeff, I had a similar problem, so I installed the source rpm(rpm -Uvh filename), and built the package from the SPECS directory(rpm -ba specfilename). I also had to add the qmail users/groups manually(prior to the build). After that, it built and installed fine. Hope this helps... Regards, Charles Werbick The Wirehouse -----Original Message----- From: Jeff Dilcher [mailto:[EMAIL PROTECTED]] Sent: Monday, April 17, 2000 19:50 To: [EMAIL PROTECTED] Subject: Can you help me install Qmail? I am installing Qmail from RPM on a Redhat 6.1 system. I am having a bit of trouble with the following instruction: According to the README.var-qmail: --------------- 4) Get the package qmail-1.03-102memphis.src.rpm from this directory. This package does not contain the qmail sources; it contains a tarball of the compiled qmail binaries and a spec file. Execute rpm --rebuild qmail-1.03-102memphis.src.rpm -------------- So I do it, and here is what I get: [root@cueva /root]# rpm --rebuild qmail-1.03-102memphis.src.rpm Installing qmail-1.03-102memphis.src.rpm Bad owner/group: /usr/src/redhat/SOURCES/var-qmail-1.03.tar.gz Here is ls -la of /usr/src/redhat/SOURCES/ [root@cueva /root]# ls -la /usr/src/redhat/SOURCES/ total 300 drwxr-xr-x 2 root 0 4096 Apr 16 19:38 . drwxr-xr-x 7 root 0 4096 Feb 27 03:13 .. -rw-r--r-- 1 root 0 293692 Aug 16 1999 var-qmail-1.03.tar.gz This is a RedHat 6.1 machine Can anyone get me past this hurdle? Help! Thanks!! Jeff Dilcher
Jeff Dilcher wrote: > I am having a bit of trouble with the following instruction: > > According to the README.var-qmail: > > --------------- > > 4) Get the package qmail-1.03-102memphis.src.rpm from this directory. > This package does not contain the qmail sources; it contains a > tarball of the compiled qmail binaries and a spec file. > Did you read the README first? I uset Midnight Commander to read the documentation inside the .rpm and there are some instructions related to creating some files and directories first. I did just that and the rpm installed just fine here. (RedHat 6.1) > So I do it, and here is what I get: > > [root@cueva /root]# rpm --rebuild qmail-1.03-102memphis.src.rpm > Installing qmail-1.03-102memphis.src.rpm > Bad owner/group: /usr/src/redhat/SOURCES/var-qmail-1.03.tar.gz Anthony -------------------------------------------------------------------- Movielink Pty Ltd E-Mail technical: [EMAIL PROTECTED] 8-10 River Street E-Mail Sales : [EMAIL PROTECTED] Richmond, Victoria 3121 Ph : +(61) 3 9428 8088 Australia FAX : +(61) 3 9429 5918 --------------------------------------------------------------------
Hey, Haven't found anything about this in the archives, I've tried playing with it to no avail. One of my mail servers was put in ORBS today. I can't use ORBS myself, but I value what they're doing, and I consider the problem that got me there a real one. The test we failed involves a header in the format "rcpt to:<foo!bar>". qmail-send grabs this address and appends the address in .../control/envnoathost, resulting in <[EMAIL PROTECTED]>. This is then delivered in the normal way, using MX records, to the primary hub for the lynxus.com domain, which runs sendmail. Sendmail does it's thing with the UUCP addressing, and I wind up in ORBS. This seems broken. Qmail should not treat mail as local JUST BECAUSE it has a rcpt header with no domain. I understand the value of being able to treat mail without a domain in the rcpt as local (a lot of scripts assume this will happen, and users expect it on some systems), IF that mail is actually invoking the MTA locally. But there should definitely be some distinction made between actual local mail and mail that simply has no domain specified. Maybe .../control/envnoathost should only be used if the mail originates from 127.0.0.1? Something. Anyhow, I'm hoping this isn't a bug report. I'd really like someone to tell me, "just do -this-, and rcpts without a domain will stop being treated as local." The man page for qmail-send says envnoathost will default to .../control/me, so I can't just remove the file. I've tried copying /dev/null into it; that doesn't work either. I don't want to put some bogus domain in there... doesn't seem like I should have to intentionally misconfigure my server to protect it from spammers. Any solutions, possible solutions, or statements of "you blithering idiot, just..." would be greatly appreciated. Thanks, mark tippetts
Mark Tippetts <[EMAIL PROTECTED]> writes: > One of my mail servers was put in ORBS today. I can't use ORBS myself, > but I value what they're doing, and I consider the problem that got me > there a real one. The test we failed involves a header in the format > "rcpt to:<foo!bar>". qmail-send grabs this address and appends the > address in .../control/envnoathost, resulting in <[EMAIL PROTECTED]>. > This is then delivered in the normal way, using MX records, to the > primary hub for the lynxus.com domain, which runs sendmail. Sendmail > does it's thing with the UUCP addressing, and I wind up in ORBS. Sounds like your problem is with your sendmail box. Why don't you turn off !-addressing on your sendmail system? That would seem to neatly solve the problem. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Hey, Sendmail is NOT the problem. Its presence is creating conditions where the problem manifests, but it's not to blame. It's simply accepting a message from a host it trusts. The problem is qmail relaying this message from an untrusted host. Even if I did turn off UUCP rewriting for sendmail, the underlying problem remains: qmail is acting as an open relay for messages with no @domain specified. Yes, it takes more than this alone to actually use it as an open relay, but that's beside the point. We don't live in an SMTP-only, qmail-only universe. (yet :) The problem can be redefined as, "qmail appends envnoathost to ANY rcpt address without a domain". This works too: $ telnet mx0.lynxus.com 25 Trying 12.6.137.100... Connected to mx0.lynxus.com. Escape character is '^]'. 220 mx0.lynxus.com ESMTP helo 250 mx0.lynxus.com mail from:[EMAIL PROTECTED] 250 ok rcpt to:<bishop%lynxus.net> 250 ok data 354 go ahead test . 250 ok 956024397 qp 28670 quit 221 mx0.lynxus.com Connection closed by foreign host. $ This gets delivered despite the fact I have not enabled percenthack, because it's actually relayed to [EMAIL PROTECTED], and the server for lynxus.com does percenthack processing. BTW, since I wrote my original message, my assistant pointed out a spot on the ORBS web site where it describes this exact problem as a bug. So now I have to rephrase my question: Is there an effective work-around for this, that will prevent qmail from automatically rewriting rcpt addresses without a domain? Thanks, Mark > -----Original Message----- > From: Russ Allbery [mailto:[EMAIL PROTECTED]] > Sent: Mon, April 17, 2000 10:07 PM > To: 'qmail list' > Subject: Re: Qmail failing ORBS test :-( > > > Sounds like your problem is with your sendmail box. Why > don't you turn > off !-addressing on your sendmail system? That would seem to > neatly solve > the problem. > > -- > Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Mark Tippetts writes: > One of my mail servers was put in ORBS today. I can't use ORBS myself, but > I value what they're doing, and I consider the problem that got me there a > real one. The test we failed involves a header in the format "rcpt > to:<foo!bar>". qmail-send grabs this address and appends the address in > .../control/envnoathost, resulting in <[EMAIL PROTECTED]>. This is then > delivered in the normal way, using MX records, to the primary hub for the > lynxus.com domain, which runs sendmail. Sendmail does it's thing with the > UUCP addressing, and I wind up in ORBS. > > This seems broken. Yup. Sendmail shouldn't be gratuitiously interpreting addresses that arrived over SMTP as if they were UUCP addresses. I would suggest that you fix your sendmail host, except that I understand fully how difficult sendmail administration can be. Instead, fix it on the qmail side. Set control/envnoathost to something like "nouucp". Then insert "nouucp:alias-nouucp" into control/virtualdomains. Then create ~alias/.qmail-nouucp-default and put something like this into it (all on one line of course): |if echo "$EXT2" | grep !; then bouncesaying "No UUCP addresses here"; else forward $EXT2; fi -- -russ nelson <[EMAIL PROTECTED]> http://russnelson.com Crynwr sells support for free software | PGPok | "Ask not what your country 521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
Mark Tippetts <[EMAIL PROTECTED]> writes: > Sendmail is NOT the problem. Its presence is creating conditions where > the problem manifests, but it's not to blame. I beg to differ. The problem is created by sendmail's willingness to treat the username portion of an e-mail address as specifying a non-local destination. This is contrary to current mail RFCs and is useful only for very specific historical addressing syntaxes that practically no one uses any more, and definitely not on the open Internet. It is perfectly reasonable for qmail to assume that hosts will treat e-mail addresses ending with @<local-domain> as local. If you turn off sendmail's support for UUCP bang-path addressing, the entire problem goes away. > The problem is qmail relaying this message from an untrusted host. No, you've explicitly configured qmail to do that by telling it to pass off local mail deliveries to another server. Certainly if you turn off that relaying the problem will also go away, but I assume that this is integral to your mail system design. > Even if I did turn off UUCP rewriting for sendmail, the underlying > problem remains: qmail is acting as an open relay for messages with no > @domain specified. No, it's not. It's acting as a specific relay for local deliveries, just like you've presumably configured it to be. It is in no way an open relay problem for mail servers to accept mail addressed to local users. Those messages are invalid SMTP messages, since the RCPT TO envelope is not a mailbox. How a specific SMTP server chooses to deal with such messages is therefore undefined. qmail accepts them and treats them as local, probably in an attempt to partially deal with the problems caused by braindead user MUAs that try to talk broken SMTP that happens to be accepted by sendmail. > We don't live in an SMTP-only, qmail-only universe. (yet :) The fact that you don't live in an SMTP-only universe is precisely the problem. You are mixing multiple different addressing syntaxes within your mail network. Different portions of your mail network are interpreting the same address in different fashions. This is a bug. It will cause you many other problems besides this one. You should fix it. Fixing it by mandating an SMTP universe is perfectly reasonable, works, and is the least likely to cause further surprises down the road. > The problem can be redefined as, "qmail appends envnoathost to ANY rcpt > address without a domain". This works too: Yes, because it's a variation of the same UUCP addressing syntax as your previous example. If you absolutely cannot live without UUCP addresses for some odd reason, you can force qmail to bounce all unqualified addresses by putting something like "unqualified.invalid" in control/envnoathost. This will probably not have any negative effects, given that qmail-inject will canonicalize local e-mail addresses before passing them to qmail-queue anyway. But I stand by my statement that this is papering over the bug, not fixing it. You need to decide what addressing convention your e-mail network uses and enforce it uniformly, or you're asking for more problems down the road. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 17 Apr 00, at 22:32, Mark Tippetts wrote: > Sendmail is NOT the problem. Its presence is creating conditions > where the problem manifests, but it's not to blame. It's simply > accepting a message from a host it trusts. Why does it trust that host? > The problem is qmail > relaying this message from an untrusted host. It will always do so. (This about that: qmail gets message for your domain. It's quite likely to come from unstrusted host. qmail has no idea that ! or % signs have special meanings for sendmail - they have NO special meaning for qmail. Therefore qmail duly passes the message along.) > Even if I did turn off > UUCP rewriting for sendmail, the underlying problem remains: qmail is > acting as an open relay for messages with no @domain specified. No, it does not. It thinks sendmail will deliver them locally. Anything wrong with that? > The problem can be redefined as, "qmail appends envnoathost to ANY > rcpt address without a domain". This works too: > > $ telnet mx0.lynxus.com 25 > Trying 12.6.137.100... > Connected to mx0.lynxus.com. > Escape character is '^]'. > 220 mx0.lynxus.com ESMTP > helo > 250 mx0.lynxus.com > mail from:[EMAIL PROTECTED] > 250 ok > rcpt to:<bishop%lynxus.net> > 250 ok > data > 354 go ahead > test > . > 250 ok 956024397 qp 28670 > quit > 221 mx0.lynxus.com > Connection closed by foreign host. > $ > > This gets delivered despite the fact I have not enabled percenthack, > because it's actually relayed to [EMAIL PROTECTED], and the > server for lynxus.com does percenthack processing. Why does it do the percenthack processing then? It's not vital part of SMTP, you know, it's more or less a sendmailism. > BTW, since I wrote my original message, my assistant pointed out a > spot on the ORBS web site where it describes this exact problem as a > bug. So now I have to rephrase my question: Is there an effective > work-around for this, that will prevent qmail from automatically > rewriting rcpt addresses without a domain? You want to fix your sendmail, trust me. qmail won't add the local hostname. So what? Someone else will post to [EMAIL PROTECTED] and your sendmail will relay the mail anyway. If you can't fix your sendmail, patch qmail-smtpd to refuse mails with addresses containing "!" or "%". But you're putting the horse behind the cart. -----BEGIN PGP SIGNATURE----- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOPv+M1MwP8g7qbw/EQKw5QCg+3YW2RsuknDToNJ8lPHLa89t03AAoL6X 0E8FGjjJI6kvoRAveYZ/8iyW =4CX7 -----END PGP SIGNATURE----- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
On Mon, Apr 17, 2000 at 10:01:08PM -0400, Mark Tippetts wrote: > Hey, > > Haven't found anything about this in the archives, I've tried playing with > it to no avail. This is, in fact, in the archives. The same thing has happened to me a couple of times. My newest qmail-box (that went production yesterday) is also already in ORBS, but that's because ORBS now does it's relaying tests from our own network, meaning it is in the qmail-smtpd.cdb file for tcpserver. I will fix that shortly :) > One of my mail servers was put in ORBS today. I can't use ORBS myself, but > I value what they're doing, and I consider the problem that got me there a > real one. The test we failed involves a header in the format "rcpt > to:<foo!bar>". qmail-send grabs this address and appends the address in > .../control/envnoathost, resulting in <[EMAIL PROTECTED]>. This is then > delivered in the normal way, using MX records, to the primary hub for the > lynxus.com domain, which runs sendmail. Sendmail does it's thing with the > UUCP addressing, and I wind up in ORBS. Yes. Sendmail is broken. > This seems broken. Qmail should not treat mail as local JUST BECAUSE it has > a rcpt header with no domain. I understand the value of being able to treat Uhm. If the sender would have appended the domain you append by default, the mail would have been delivered just as easily. The problem is that sendmail processes the RCPT TO (which is prohibited by RFC821!) if this message comes from a trusted host. And it should be able to trust your qmail-host, since it _is_ in your local network.. > mail without a domain in the rcpt as local (a lot of scripts assume this > will happen, and users expect it on some systems), IF that mail is actually > invoking the MTA locally. But there should definitely be some distinction > made between actual local mail and mail that simply has no domain specified. > Maybe .../control/envnoathost should only be used if the mail originates > from 127.0.0.1? Something. That is not gonna solve anything, as per above. > Anyhow, I'm hoping this isn't a bug report. I'd really like someone to tell It is a bug report. It is a bug in sendmail, in that it allows you to easily misconfigure it to perform brokenly (or may even come preinstalled that way). > me, "just do -this-, and rcpts without a domain will stop being treated as > local." The man page for qmail-send says envnoathost will default to > .../control/me, so I can't just remove the file. I've tried copying > /dev/null into it; that doesn't work either. I don't want to put some bogus > domain in there... doesn't seem like I should have to intentionally > misconfigure my server to protect it from spammers. > > Any solutions, possible solutions, or statements of "you blithering idiot, > just..." would be greatly appreciated. Fix the UUCP and percenthack processing on your sendmail. Note that Exim+Postfix (Exim as qmail in this story, Postfix as sendmail) show the same broken behaviour. This doesn't mean anything about Exim (apart from that it handled this situation as correctly as qmail would), but it does say Postfix sucks. Turning this around, putting Postfix on the outside, gives other broken behaviour - even if Postfix is set up to be a secondary MX (which means it may _never_ touch the RCPT TO:) it will reject mail with a % in is. Yes, this is broken. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hi all, I have this entry for qmail-pop3d which is under supervise: #!/bin/sh exec env - PATH="/var/qmail/bin:$PATH" \ tcpserver 0 110 /var/qmail/bin/qmail-popup host.name.gov \ /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir & It is working but when I check with svstat the pid always changes every second or less. Thanks for any help. LLU
Hi, I have two mail servers - on is located in a different country - My question is how do I become a backup for that other server in the event that it goes down or looses connectivity?? I have added entries into DNS so as the two severs are secondary MX's for each other.. BUT what needs to be done on the qmail side so that it will accept these messages and queue them until they can be dilivered?? Thanks Tonino
On Tue, Apr 18, 2000 at 09:01:30AM +0200, TAG wrote: > Hi, > > I have two mail servers - on is located in a different country - My > question is how do I become a backup for that other server in the event > that it goes down or looses connectivity?? > > I have added entries into DNS so as the two severs are secondary MX's > for each other.. BUT what needs to be done on the qmail side so that it > will accept these messages and queue them until they can be dilivered?? echo hisdomain.com >> /var/qmail/control/rcpthosts Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hi everybody! Maybe I am missing something essential in qmail documentation, but: I've installed qmail + qmail-pop3d on the machine with my dns server which is dual homed (so it works as proxy and mail serv). The machine is firewalled on external interface and absolutely open on internal interface. So, the problem is with setup of qmail-pop3d or qmail itself. HELP! Any windows mail client (e.g. Netscape Messager (4.72) or Outlook Express) can receive mail but can not send mail to external domains like ukrpack.net, etc. These external domains use normal sendmail and do not use any kind of anti-spam sequrity. It says "553 sorry, this domain is not in the list of allowed rcpthost (#5.7.1.)." However, it normally sends and receives messages to and from hotmail.com. I almost got desperate. Thanx for participation. Maximorus (Max. Khudik)
On Tue, Apr 18, 2000 at 10:11:55AM +0200, Max B. Khudik wrote: > Hi everybody! > > Maybe I am missing something essential in qmail documentation, but: > > I've installed qmail + qmail-pop3d on the machine with my dns server which > is dual homed [snip] > HELP! > Any windows mail client (e.g. Netscape Messager (4.72) or Outlook Express) > can receive > mail but can not send mail to external domains like ukrpack.net, etc. [snip] > It says "553 sorry, this domain is not in the list of allowed rcpthost > (#5.7.1.)." What's the contents of your rcpthosts ? > However, it normally sends and receives messages to and from hotmail.com. Seems one of the entries in rcpthosts is hotmail ;-) > I almost got desperate. <G> I know the feeling ... Greetz, Steffan
Slightly off topic I know but I'd appreciate any pointers. Is there any such thing as an IMAP server (or similar) that one can set up as a *user* - i.e. without root access? I have two shell login accounts with excellent connectivity etc. which would be ideal for managing my E-Mail using IMAP but neither system actually runs IMAP and there seems little prosect of it. Also (more on topic) what's the simplest IMAP server to set up with qmail on a Linux system (Mandrake 6.1)? -- Chris Green ([EMAIL PROTECTED]) Home: [EMAIL PROTECTED] Work: [EMAIL PROTECTED] WWW: http://www.isbd.co.uk/
On Tue, Apr 18, 2000 at 08:42:20AM +0100, Chris Green wrote: > Slightly off topic I know but I'd appreciate any pointers. > > Is there any such thing as an IMAP server (or similar) that one can > set up as a *user* - i.e. without root access? Should be no problem, you just won't be able to run it off port 143. > I have two shell login accounts with excellent connectivity etc. > which would be ideal for managing my E-Mail using IMAP but neither > system actually runs IMAP and there seems little prosect of it. So install IMAP in your homedir and have it listen to one port there. Greetz, Peter. -- Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder | | 'C makes it easy to shoot yourself in the foot; | C++ makes it harder, but when you do it blows your whole leg off.' | Bjarne Stroustrup, Inventor of C++
Hi, We are in the process of moving to qmail from Mailsite (on NT), but I face a problem with SPAM that I do not think will be solved by QMail. The sender of the spam is using a fake address on our domain as the from address in the spam. Although the spam itself is forwarded through AOL/concentric and possibly via other free/cheap access points (our server is not a relay or originator), the bounces and complaints do reach us. 1. Is there a way to get qmail to reject mail sent to a specified address on one of the domains for which it does accept mail - sort of a BADMAILTO entry? Ideally the mail should be rejected during the SMTP receipt session. 2. A better solution would be to stop mail with fake from addresses from exiting a system altogether. Any one know about such a system or how it can be implemented - it certainly would seem to be a major task to convince mail admins to do so, and they all would have to to be able to prevent this from happening. 3. The spam messages contain only US based toll free numbers (1-888-258-4753 and 888-533-1018). I am not in the US so I need some help in tracking the owners of these numbers. Can someone help in that regard? Thanks Abdul
