qmail Digest 25 Jul 2000 10:00:00 -0000 Issue 1073
Topics (messages 45403 through 45519):
Re: MailDir
45403 by: Brett Randall
45405 by: Frank Tegtmeyer
45411 by: Philipp Steinkr�ger
45450 by: Michael T. Babcock
Re: orbs.org accuses qmail of mailbomb relaying!
45404 by: Ricardo Cerqueira
45406 by: Russ Allbery
45407 by: Peter van Dijk
45408 by: Chris, the Young One
45409 by: Petr Novotny
45410 by: Ricardo Cerqueira
45412 by: Russ Allbery
45413 by: Ricardo Cerqueira
45414 by: Chris, the Young One
45415 by: Ricardo Cerqueira
45416 by: Russ Allbery
45417 by: Ricardo Cerqueira
45421 by: Brian Johnson
45425 by: Dave Sill
45426 by: Michael T. Babcock
45427 by: Michael T. Babcock
45428 by: Michael T. Babcock
45434 by: Paul Jarc
45438 by: Nathan J. Mehl
45446 by: Michael T. Babcock
45451 by: Michael T. Babcock
45454 by: Paul Jarc
45457 by: Dave Sill
45460 by: Michael T. Babcock
45463 by: Vince Vielhaber
45464 by: Paul Jarc
45465 by: Dave Sill
45467 by: Greg Owen
45470 by: Adam McKenna
45480 by: Charles Cazabon
45481 by: OK 2 NET - Andr� Paulsberg
45482 by: Russell Nelson
45484 by: Russell Nelson
45485 by: Greg Owen
45486 by: David Dyer-Bennet
45488 by: Nathan J. Mehl
45490 by: Russ Allbery
45492 by: OK 2 NET - Andr� Paulsberg
45493 by: OK 2 NET - Andr� Paulsberg
45499 by: Joe Kelsey
45503 by: Russell Nelson
45508 by: David Dyer-Bennet
45518 by: Nicolas MONNET
qmail delivery 'blocked'
45418 by: Wayne Chu
qmail bouncing messages
45419 by: martin langhoff
Re: bounce management
45420 by: Dave Sill
virtualdomain mapping to ~alias users
45422 by: Daniel Cave
45424 by: Brett Randall
Re: qmail died again... 3x in 3 weeks
45423 by: Paul Farber
daemontools
45429 by: Jeff Jones
Re: Solaris / DoS / Broken bare LF mailers / thousands of qmail-smtpd&qmail-queue procs
45430 by: James Blondin
45435 by: Dave Sill
45440 by: Michael T. Babcock
45443 by: Dave Sill
45449 by: James Blondin
45458 by: Dave Sill
45469 by: James Blondin
45472 by: Dave Sill
45479 by: James Blondin
45514 by: Andrew Richards
45515 by: Petr Novotny
Re: procmail/vpopmail
45431 by: Ken Jones
Re: Attitude]
45432 by: Michael T. Babcock
45433 by: Scott D. Yelich
Re: Want to know your potential multiple recipient savings?
45436 by: Michael T. Babcock
45466 by: markd.bushwire.net
Re: Qmail 1.03
45437 by: Dave Sill
Re: log connections using tcpserver?
45439 by: Dave Sill
45447 by: Enrique Vadillo
45504 by: Chris, the Young One
Re: Bouncesaying question
45441 by: Tetsu Ushijima
Re: void main (no, not a long one)
45442 by: Michael T. Babcock
45444 by: Mark Mentovai
45445 by: Dave Sill
45448 by: Paul Jarc
45452 by: Michael T. Babcock
45453 by: Michael T. Babcock
45455 by: Dave Sill
45456 by: Petr Novotny
45459 by: Michael T. Babcock
45462 by: Vince Vielhaber
45468 by: Adam McKenna
Re: Yet another /var/spool/mail questions
45461 by: Dave Sill
45471 by: Paul Jarc
45474 by: Dave Sill
pop3d config, This user has no $HOME/Maildir
45473 by: Bruce Edge
45476 by: Bruce Edge
45477 by: Petr Novotny
45483 by: Chris Johnson
Re: licensing
45475 by: Michael T. Babcock
45478 by: Vince Vielhaber
QMTP & MX encoding
45487 by: Michael T. Babcock
45489 by: James Raftery
45494 by: Michael T. Babcock
45500 by: Russell Nelson
HELP. qmail doesn't send messages from my users
45491 by: lbajunior.zipmail.com.br
HELP,HELP,HELP. QMail doesn't send messages
45495 by: lbajunior.zipmail.com.br
QMTP via EHLO type command
45496 by: Michael T. Babcock
How to set qmail to forward all email to mail hub
45497 by: net admin
45505 by: Chris, the Young One
45507 by: Chris, the Young One
qmail goes down when my international backbone goes down
45498 by: Luis Bezerra
45502 by: Russell Nelson
45517 by: Luis Bezerra
Qmail distribution terms
45501 by: Russell Nelson
Where is ref. site of ETRN
45506 by: PipE
45509 by: Scott Gifford
I Need An Actual License For Qmail
45510 by: Mike Flynn
Mails not bouncing for virtual domains
45511 by: Ruchir Chandra
client nslookup
45512 by: Philippe Lagente
45513 by: Brett Randall
45516 by: Chris, the Young One
45519 by: Andrew Richards
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
OK...I didn't know virtual users actually existed. Somewhere along the line
qmail has to know where to deliver the mail to, and this is pulled
(eventually, no matter how many virtualhosts and aliases you have) from the
passwd file or NIS map. It will go to the home directory, open .qmail and
see where to store the e-mail. A virtual user? I might be wrong (not
unusual), but I don't believe that is possible. Could you e-mail the
contents of the virtualhosts file? (If you included it at first, sorry, I
have deleted that e-mail already...)
Thanks
Brett
Manager
InterPlanetary Solutions
http://ipsware.com/
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Philipp Steinkr�ger
> Sent: Monday, July 24, 2000 7:51 PM
> To: Brett Randall; [EMAIL PROTECTED]
> Subject: Re: MailDir
>
>
> Brett Randall wrote:
>
> > OK, try changing the ownership of the Maildir and the .qmail file to the
> > actual person that the mail is being delivered to...When
> qmail-local tries
> > delivering there, it relies on those permissions to be able to
> write to the
> > Maildir
> >
>
> Hmm, i cannot do this, because the user the mail is deliverd to
> does not exist
> in
> /etc/passwd. the account is virtual like the domain.
> qmail works fine for local accounts but not for the virtual domains, as i
> described in my
> first mail.
>
> Still an idea what could be wrong ?
>
> Philipp
>
>
> I found this in the qmail-FAQ, Question 5.3: how do i set up qmail-pop3d.
> So there is a problem with my startup script ?
Definitely. You will not be able to get mails by POP3 for virtual
domains.
> created and i can log on the virtual pop account using sqwebmail.
That would surprise me. Are you sure?
> I think that there is problem with qmail giving the mail to vpopmail. Is it
> possible that
> my mistake in the startup script is responsible? If, what would be the
> correct startup
> command ?
The startup command for qmail is the same with and without using vpopmail
(Maildir delivery assumed).
What has to be different is the start of qmail-popup/qmail-pop3d because
the checkpassword is replaced.
I think your problem is either in virtualdomains or users/assign or simply
a missing restart of qmail.
Please post that files for further assistance.
Still this would better go to the vpopmail list.
Regards, Frank
Brett Randall wrote:
> OK...I didn't know virtual users actually existed. Somewhere along the line
> qmail has to know where to deliver the mail to, and this is pulled
> (eventually, no matter how many virtualhosts and aliases you have) from the
> passwd file or NIS map. It will go to the home directory, open .qmail and
> see where to store the e-mail. A virtual user? I might be wrong (not
> unusual), but I don't believe that is possible. Could you e-mail the
> contents of the virtualhosts file? (If you included it at first, sorry, I
> have deleted that e-mail already...)
hmm, allright, perhaps my bad english made you misunderstood what i tried to
say.
the pop account is virtual, because it is no real account on the box. there is
no
entry in the passwd.
here is my /var/qmail/control/virtualdomains (i hope this is the file you mean)
file:
test.de:test.de
cyberraum.de:cyberraum.de
I read in the vpopmail docu about these .qmail files. there is a file
/home/vpopmail/cyberraum.de/
called .qmail-default and it looks like this:
| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
Perhaps here is something wrong. I tried to create files like .qmail-philipp
but it didnt work out...
Do you need something else ?
Philipp
Philipp Steinkr�ger wrote:
> > Here is definitely an error - if you use vpopmail you cannot use the
> > checkpassword provided by DJB.
>
> I found this in the qmail-FAQ, Question 5.3: how do i set up qmail-pop3d.
> So there is a problem with my startup script ?
Just a poor assumption -- qmail-pop3d isn't being used if you use virtual
domains, the vpopmail package comes with its own. Read the vpopmail INSTALL
files (and FAQ) for their example of how to set up POP3. All your other
startup configuration should be the same as a standard Qmail install.
>
> You cannot do more than check a single IP address and get a yes or no
> response without having a signed agreement with the RBL team. At the
> moment, I don't believe they even allow you to download their whole list
> at all since they're reworking the agreement.
Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll give
you the entire list.
Appearantly, they never read DJB's docs on DNS. ;-)
RC
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
> Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll
> give you the entire list.
Without signing the document?
That sounds like a bug, since they say on the web page that they didn't
intend to allow that without someone signing. Have you mentioned that to
them?
(More to the point, though, can you get the RSS? That would be closer to
what ORBS is doing; getting the RBL gives you a bunch of networks and a
bunch of sites that aren't open relays and isn't nearly as directly
useful.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote:
> Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
>
> > Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll
> > give you the entire list.
>
> Without signing the document?
>
> That sounds like a bug, since they say on the web page that they didn't
> intend to allow that without someone signing. Have you mentioned that to
> them?
>
> (More to the point, though, can you get the RSS? That would be closer to
> what ORBS is doing; getting the RBL gives you a bunch of networks and a
> bunch of sites that aren't open relays and isn't nearly as directly
> useful.)
www.orbs.org/database.html
ORBS only provides dumps consisting of hosts over 30 days old. From RSS,
tho, a current list is easily obtained as Alan outlines there.
Greetz, Peter.
--
[EMAIL PROTECTED] - Peter van Dijk [student:developer:ircoper]
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote:
! Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
! > Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll
! > give you the entire list.
!
! Without signing the document?
Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of
getting it, by exploiting BIND features (which don't include AXFR,
despite Ricardo's use of the words ``zone transfers'').
---Chris K.
--
Chris, the Young One |_ If you can't afford a backup system, you can't
Auckland, New Zealand |_ afford to have important data on your computer.
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed
PGP: 0xCCC6114E/0x706A6AAD |_
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 24 Jul 00, at 22:54, Chris, the Young One wrote:
> ! > Wrong. You can perform zone transfers on MAPS' nameservers :-)
> ! > That'll give you the entire list.
> !
> ! Without signing the document?
>
> Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of
> getting it, by exploiting BIND features (which don't include AXFR,
> despite Ricardo's use of the words ``zone transfers'').
Do you mean the same one as I do? That one doesn't do anything
else than "bruteforce-downloading" the entire zone on host-by-host
basis (the only "speedups" come from the possibility of having the
entire /24, /16 or even /8 network blacklisted).
I'd like to hear any definite statement about plausibility of this
"pseudo zone transfer"; it's certainly beyond my Internet
connection limits (64kb, pair per byte transferred). (Even the mere
idea of spawning 2^32 grep's is beyond my comprehension.)
In other words, did anyone actually try?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOXwT81MwP8g7qbw/EQJabACg4W+fg6Vvxrj6eGnA/MX5L+OSZQsAoKiM
QJXavXP4/vm15TFju57z+A0V
=9+eH
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote:
> Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
>
> > Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll
> > give you the entire list.
>
> Without signing the document?
>
> That sounds like a bug, since they say on the web page that they didn't
> intend to allow that without someone signing. Have you mentioned that to
> them?
>
> (More to the point, though, can you get the RSS? That would be closer to
> what ORBS is doing; getting the RBL gives you a bunch of networks and a
> bunch of sites that aren't open relays and isn't nearly as directly
> useful.)
>
I can get the RSS, but can't get the RBL. :-)
About warning them... not yet. I just found out yesterday.
RC
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Peter van Dijk <[EMAIL PROTECTED]> writes:
> www.orbs.org/database.html
> ORBS only provides dumps consisting of hosts over 30 days old. From RSS,
> tho, a current list is easily obtained as Alan outlines there.
That claims a straight-forward zone transfer works. Grr. Okay, off to
mail the RSS folks; I think that's a bad idea.
I know that you can "brute force" a zone transfer by just querying every
IP address, but this is also very detectable by the operator of the list,
and I'd *hope* that they'd block off sites that were doing that.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
On Mon, Jul 24, 2000 at 10:54:38PM +1200, Chris, the Young One wrote:
> On Mon, Jul 24, 2000 at 03:47:03AM -0700, Russ Allbery wrote:
> ! Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
> ! > Wrong. You can perform zone transfers on MAPS' nameservers :-) That'll
> ! > give you the entire list.
> !
> ! Without signing the document?
>
> Yes. DJB has posted on [EMAIL PROTECTED] a side-channel means of
> getting it, by exploiting BIND features (which don't include AXFR,
> despite Ricardo's use of the words ``zone transfers'').
>
Chris...
It's been blocked somewhere since I wrote that mail:
---- then ---
$ dig @NS-EXT.VIX.COM axfr relays.mail-abuse.org
; <<>> DiG 8.2 <<>> @NS-EXT.VIX.COM axfr relays.mail-abuse.org
; (1 server found)
$ORIGIN relays.mail-abuse.org.
@ 1D IN SOA @ iverson.mail-abuse.org. (
964432803 ; serial
10M ; refresh
5M ; retry
1W ; expiry
30M ) ; minimum
[etc...]
XX.88.XXX.130 5M IN A 127.0.0.2
5M IN TXT "Open relay problem - see
<URL:http://www.mail-abuse.org/cgi-bin/nph-rss?130.XXX.88.XX>"
XXX.240.XXX.130 5M IN A 127.0.0.2
5M IN TXT "Open relay problem - see
<URL:http://www.mail-abuse.org/cgi-bin/nph-rss?130.XXX.240.XXX>"
[etc, etc, etc...]
--------------- (The XXX were placed by me)
and now, it refuses the query :-)
RC
PS: I guess the mail I was writing to them isn't necessary anymore :)
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
On Mon, Jul 24, 2000 at 01:01:23PM +0200, Petr Novotny wrote:
! Do you mean the same one as I do? That one doesn't do anything
! else than "bruteforce-downloading" the entire zone on host-by-host
! basis (the only "speedups" come from the possibility of having the
! entire /24, /16 or even /8 network blacklisted).
That's right.
Basically:
Let a, b, c, d be 0, ..., 255.
1. If *.a.rbl.maps.vix.com (without globbing the *) has answers,
this means that $a.x.y.z is listed, for all values of x, y, z.
Print positive response, increment a, go to step 1.
2. If *.a.rbl.maps.vix.com (again without globbing) has errors,
this means that $a.x.y.z is not listed, for all x, y, z.
Increment a, go to step 1.
3. If *.b.a.rbl.maps.vix.com has answers, print positive response,
increment b, go to step 3.
4. If *.b.a.rbl.maps.vix.com has errors, increment b, go to step 3.
5. If *.c.b.a.rbl.maps.vix.com has answers, print positive response,
increment c, go to step 5.
6. If *.c.b.a.rbl.maps.vix.com has errors, increment c, go to step 5.
7. If d.c.b.a.rbl.maps.vix.com has answers, print positive response.
8. Increment d, go to step 7.
Items 1 and 2 are the real speedups, especially 2.
! In other words, did anyone actually try?
Not yet. I may get around to it though.
---Chris K.
--
Chris, the Young One |_ heartbleed (OpenBSD/i386) has now been up for
Auckland, New Zealand |_ all of 26 days, 09:25:14
http://cloud9.hedgee.com/ |_
PGP: 0xCCC6114E/0x706A6AAD |_
On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote:
>
> and now, it refuses the query :-)
>
I hate replying to myself, but it still works. Must have been a momentary failure.
RC
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
> On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote:
>> and now, it refuses the query :-)
> I hate replying to myself, but it still works. Must have been a
> momentary failure.
I've mailed them and made the same arguments that I was making here. I
still find the ORBS approach a lot more blatant about helping spammers,
given that they offer a neat file download (most spammers have no clue as
to how to do a zone transfer), but I don't think either of them should be
offering the data in that form.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
On Mon, Jul 24, 2000 at 04:45:31AM -0700, Russ Allbery wrote:
> Ricardo Cerqueira <[EMAIL PROTECTED]> writes:
> > On Mon, Jul 24, 2000 at 12:12:32PM +0100, Ricardo Cerqueira wrote:
>
> >> and now, it refuses the query :-)
>
> > I hate replying to myself, but it still works. Must have been a
> > momentary failure.
>
> I've mailed them and made the same arguments that I was making here. I
> still find the ORBS approach a lot more blatant about helping spammers,
> given that they offer a neat file download (most spammers have no clue as
> to how to do a zone transfer), but I don't think either of them should be
> offering the data in that form.
>
Agreed... I also mailed them just before I sent my previous mail to this list.
Most spammers may be clueless, but not all. And those lists should be kept "hidden",
by any means possible.
RC
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166700 (24h/dia) - Fax: +351 21 3166701
On Sun, Jul 23, 2000 at 07:36:55PM -0500, David Dyer-Bennet wrote:
> Adam McKenna <[EMAIL PROTECTED]> writes on 23 July 2000 at 19:53:13 -0400
> > On Sun, Jul 23, 2000 at 04:21:53PM -0700, Eric Cox wrote:
> > > Some would argue that MAPS abused their position when they listed
> > > ORBS - they do have a competing service, do they not?
> >
> > By using the word "competing", you're implying that admins have a choice of
> > running one or the other, but not both. This isn't the case. Admins can run
> > any combination of RSS, RBL, ORBS and DUL (not to mention several other
> > similar services).
>
> That's not at all the way the word is usually used. Coke and Pepsi
> are competing products, even though I can buy and drink both. Ford
> and Chrysler are in competition even though people can buy multiple
> cars. And so forth.
yes, but most people only have enough money for so many cars, or can only
drink so much pepsi or coke. an admin can use as many or as few of the
lists as they want without any cost/limit. when you go to buy a car, you
generally buy just A car, when you go and get a soda, you get one soda at
a time, but with spam relay lists, you pick whichever one(s) you decide
are best, and use them all together.. there's no reason for them having
to compete for users
--
Brian Johnson <[EMAIL PROTECTED]>
---
**FATAL ERROR! HIT ANY USER TO CONTINUE**
"Michael T. Babcock" <[EMAIL PROTECTED]> wrote:
>Incidentally, is there a discussion in the past that I've missed about 'void
>main' declarations? :-)
Yes. A quick search of the archives for "void main" yields:
http://www.ornl.gov/its/archives/mailing-lists/qmail/1996/12/msg01898.html
-Dave
No offense to DJB at all, but you have a very strange view of open sourced
software if you don't believe in using patches. I presume you don't use
rolled distributions of Linux (if you run Linux at all) either, seeing as
they're usually packed with patches.
Patches are basically the equivalent of plug-ins, which you probably don't use
either (for your browser, if you use anything but Lynx).
That said, if DJB says 'this patch breaks the security in Qmail' I'd be
tempted not to use it, if he has no comment, that's another thing entirely.
If he just doesn't like the proliferation of patches for Qmail, I don't really
care.
Example: I use vpopmail to replace the usual pop authentication, for
instance. Do I think it should be part of the Qmail distribution? No, I
think it works better on its own.
Russ Allbery wrote:
> Michael T Babcock <[EMAIL PROTECTED]> writes:
>
> > Considering the number of useful patches that aren't part of the qmail
> > distribution that the average qmail admin seems to be using, I disagree.
>
> I disagree with the contention that the *average* qmail admin is using any
> patches at all, if by average you mean the mode, and possibly even the
> median.
>
> I'm running qmail on a half-dozen different machines and I've never used a
> third-party patch to qmail for anything. I've never needed to.
>
> If your qmail installation is dependent on patches not written by Dan, I
> will echo my same recommendation: Seriously consider using another MTA.
> My opinion as a system administrator is that attempting to use and support
> packages plus third-party patches not blessed by the package maintainer is
> a recipe for disaster. With all due respect to the qmail-ldap people, for
> example, I'd be much more confident in Postfix's LDAP support because it's
> part of the main distribution.
Joe Kelsey wrote:
> > If a major point of
> > Qmail's existence is to provide reliable E-mail delivery, then this
> > _must_ include cooperating with other MTAs (without violating
> > standards) at least enough to keep from crashing / giving them
> > headaches so that we don't 'encourage' them to lose mail ... (through
> > failures of their own).
>
> You *REALLY* don't understand the point of Qmail. Qmail is designed to
> be standards compliant, fast, reliable and secure. Your belief seems to
> be that the designer of Qmail only cared about reliability. That is
> demonstrably false, by DJB's own admission.
I didn't say it was "just" reliability ... I've quoted myself above, but
that isn't good enough, so I'll say it again, "major point .... provide
reliable E-mail delivery". I was commenting on trade-offs between speed and
reliability. Helping to keep other MTAs from crashing is to help
reliability with a potential speed trade-off.
> Nothing in the design or implementation of Qmail was there ever
> consideration given to causing or preventing broken implementations of
> SMTP from crashing.
I realise that -- that's why I mentionned it.
> Now you have gone and changed the subject to secure e-mail. There is no
> such thing in the defined SMTP protocol. Security is an add-on and has
> nothing to do with Qmail.
Security has many definitions. Come back later when you can interpret a
topic outside your preconceptions.
I must have mistakenly added the message to the list. As my own comment stated,
I didn't mean to subject the list to our discussion.
I wrote:
> That said, I'm leaving this off the list because I don't like noise,
> so I'm not going to subject others to it.
Joe Kelsey wrote:
> You don't bother to read headers? I sent a private message to you. Why
> would you even consider broadcasting a private message over a public
> mailing list?
"Michael T. Babcock" <[EMAIL PROTECTED]> writes:
> VERP was proposed by DJB as a way to identify bounce recipients. VERP
> requires that each recipient have their own From: as well as To:.
Not quite: it's envelope senders and recipients, not To: and From:
fields. (So recipients can still receive exactly the same message -
with the same To: and From: fields - but with SMTP, the messages will
need to be delivered separately, and they'll get different
Delivered-To, Return-Path, and Received fields added during delivery.)
Does QMTP support per-recipient envelope senders for a single copy of
a single message?
paul
In the immortal words of Michael T. Babcock ([EMAIL PROTECTED]):
> No offense to DJB at all, but you have a very strange view of open sourced
> software if you don't believe in using patches.
One last time.
Qmail is not "open source software". Is not now. Has never been. In
all probability never will be.
You can reasonably maintain that this is not a good thing. (Heck, I'd
agree with you.) You can argue that qmail would benefit from an OSS
development model. (You might be right.) But understand that you are
talking about a hypothetical: qmail is _not_ OSS. And it seems to me
that a great deal of your confusion on this list stems from your
misapprehension of this fact.
-n
------------------------------------------------------<[EMAIL PROTECTED]>
Don't blame me -- I voted for the Unabomber!
<http://www.blank.org/memory/>------------------------------------------
Russell Nelson wrote:
> Are these records in relays.orbs.org? How can you say that ORBS
> doesn't block them, then? Oh, I see, ORBS made up their own semantics
> for the DNS zone entries. Semantics which nobody else uses.
>
> That's very nice, but what about the people blocking using
> relays.orbs.org? Who told them that they would find DNS entries
> belonging to hosts which had never spammed? This is other than what
> people were led to expect. It's Yet Another reason why ORBS is not to
> be trusted.
The ORBS pages are abundantly clear that relays.orbs.org does NOT contain a list
of spammers AT ALL but of open relays or potentially open relays. These CAN be
used for spam, but it isn't AT ALL necessary that they HAVE been used. Read
their pages. Using relays.orbs.org is a BAD idea IMHO as the other lists, such
as RBL are more specific.
You are free to tell me where I was supposed to agree to a license agreement
before downloading it and/or where the LICENSE file is and/or where the license
is embedded in C source files ...
"Nathan J. Mehl" wrote:
> In the immortal words of Michael T. Babcock ([EMAIL PROTECTED]):
> > No offense to DJB at all, but you have a very strange view of open sourced
> > software if you don't believe in using patches.
>
> One last time.
>
> Qmail is not "open source software". Is not now. Has never been. In
> all probability never will be.
>
> You can reasonably maintain that this is not a good thing. (Heck, I'd
> agree with you.) You can argue that qmail would benefit from an OSS
> development model. (You might be right.) But understand that you are
> talking about a hypothetical: qmail is _not_ OSS. And it seems to me
> that a great deal of your confusion on this list stems from your
> misapprehension of this fact.
"Michael T. Babcock" <[EMAIL PROTECTED]> writes:
> "Nathan J. Mehl" wrote:
> > Qmail is not "open source software". Is not now. Has never been. In
> > all probability never will be.
>
> You are free to tell me where I was supposed to agree to a license agreement
> before downloading it
Those license agreements are not legally binding. See
<URL:http://cr.yp.to/softwarelaw.html>. Also, the existence (as
opposed to the content) of those license agreements have nothing
whatsoever to do with the definition of Open Source software. See
<URL:http://www.opensource.org/osd.html>. qmail's license does not
meet these requirements.
> and/or where the LICENSE file is and/or where the license is
> embedded in C source files ...
The license terms aren't not required to be distributed along with the
material they apply to in order to be legally binding.
paul
[EMAIL PROTECTED] wrote:
>You are free to tell me where I was supposed to agree to a license
>agreement before downloading it and/or where the LICENSE file is
>and/or where the license is embedded in C source files ...
qmail is copyrighted by DJB. You have no rights to copy or use it
other than those he provides you, which are outlined in his
pages. See:
http://Web.InfoAve.Net/~dsill/lwq.html#license
-Dave
I understand Copyright law as much as many long time free / open source
software advocates do. That said, I have still seen nothing about the
licensing of his software besides that he doesn't care about anything
that isn't implicitly illegal.
That said, in a case-law country, I can do pretty much whatever I think
is legal to do until he sues me. At that point, the courts decide.
Most importantly, will he allow full-modification and redistribution
with a new name (GPL style). IE, forking.
Dave Sill wrote:
> [EMAIL PROTECTED] wrote:
>
> >You are free to tell me where I was supposed to agree to a license
> >agreement before downloading it and/or where the LICENSE file is
> >and/or where the license is embedded in C source files ...
>
> qmail is copyrighted by DJB. You have no rights to copy or use it
> other than those he provides you, which are outlined in his
> pages. See:
>
> http://Web.InfoAve.Net/~dsill/lwq.html#license
On Mon, 24 Jul 2000, Michael T. Babcock wrote:
> I understand Copyright law as much as many long time free / open source
> software advocates do. That said, I have still seen nothing about the
> licensing of his software besides that he doesn't care about anything
> that isn't implicitly illegal.
>
> That said, in a case-law country, I can do pretty much whatever I think
> is legal to do until he sues me. At that point, the courts decide.
>
> Most importantly, will he allow full-modification and redistribution
> with a new name (GPL style). IE, forking.
In that case you'd be "distributing" which has a link on the qmail home
page (http://cr.yp.to/qmail.html).
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] http://www.pop4.net
128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
"Michael T. Babcock" <[EMAIL PROTECTED]> writes:
> That said, I have still seen nothing about the licensing of his
> software besides that he doesn't care about anything that isn't
> implicitly illegal.
See <URL:http://cr.yp.to/qmail/dist.html>.
paul
[EMAIL PROTECTED] wrote:
>That said, in a case-law country, I can do pretty much whatever I think
>is legal to do until he sues me. At that point, the courts decide.
>
>Most importantly, will he allow full-modification and redistribution
>with a new name (GPL style). IE, forking.
It's clear from http://cr.yp.to/qmail/dist.html that that would be
against his wishes without his prior approval.
Rest assured that Dan is willing to engage in a legal battle. Consider
Bernstein v. Justice.
-Dave
Greg Owen writes:
> > Yup. If you have one qmail box forwarding to a second qmail box
> > which is the mail store, you get this amplification.
>
> No, you don't get any amplification. You only get amplification if
> you can get someone else's machine to expend resources that you
> didn't.
Yes, there is amplification. It does work, I have tested it, what
follows is a description of how it works.
Given a qmail box which relays mail to one other box (qmail,
exchange, sendmail, whatever), a malicious user can generate N messages of
size X (N * X) with the use of (N * sizeof(rcpt to)) + X. Note that
sizeof(rcpt to) is miniscule compared to the possible values for X.
Let's say you own qmail box mx10.example.com, and mx10.example.com
relays to mx5.example.com as the final mail store. It has no knowledge of
users; it just forwards as defined by MX records or smtproutes. Let's also
say I am at dialup06.msn.com, and that I'm pissed at heaven.af.mil.
If I (at dialup06.msn.com) connect to mx10.example.com, I can use a
MAIL FROM that points to [EMAIL PROTECTED]:
MAIL FROM: <[EMAIL PROTECTED]>
I can then enter 100 RCPT TOs, all pointing to invalid users for the
valid domain example.com, which MX10 accepts mail for:
RCPT TO: <[EMAIL PROTECTED]>
RCPT TO: <[EMAIL PROTECTED]>
...
RCPT TO: <[EMAIL PROTECTED]>
This costs me 100 * 28 bytes, or under 3k.
Now I send a 1 megabyte DATA segment.
The total cost to me, on my dialup line, is 1 meg + 3k.
mx10.example.com then sends that message to mx5.example.com, but
instead of aggregating the RCPT TOs, it sends it 100 times, with one RCPT TO
per message. Presumably mx10 and mx5 are connected by LAN not WAN, so this
is not a problem for the example.com network.
But upon reaching mx5.example.com, each one of these messages
bounces because u001 through u100 do not exist at example.com. Example.com
then sends 100 bounce messages, EACH CONTAINING A 1 MEG ATTACHMENT, to
[EMAIL PROTECTED] This imposes a 100 megabyte traffic hit on the
relatively lower bandwidth WAN lines of example.com and heaven.af.mil.
Therefore, I have amplified my force from 1meg + 3k to over 100 meg. Note
that this scales at the cost of 28 bytes per 1 meg of amplified force, and
that the amount of force amplified (the 1 meg) is also able to scale up (a 5
meg file, for example, is tedious but possible from a dialup line).
If both example.com and heaven.af.mil have a T1 line, then this
attack DOSes both of them equally (at little cost to lil ole me @ msn.com).
If example.com has a T3 compared to heaven.af.mil's T1, or if I can find
more than one bounce-relay victim (example1.com, example2.com, etc.) then I
can hit heaven.af.mil hard enough to saturate its T1 link. (Forget
downloading the MAPS list; go to qmail.org and then probe the list of "large
internet sites using qmail" to see which ones have more than one mail hop.
How do you probe? Send an email to a made up address and study the
Received: headers of the bounce.)
The point that the original ORBS quote apparently tried to make is
that other MTAs (like sendmail) which would forward the message once with
the 100 RCPT TO lines, and bounce it once with 100 "User <[EMAIL PROTECTED]>
not known" only adds the slight overhead of the bounce text, and are
therefore not effective in this type of attack. I don't play with sendmail
any more, and can neither confirm nor deny this understanding.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
On Mon, Jul 24, 2000 at 09:06:43AM -0400, Brian Johnson wrote:
> yes, but most people only have enough money for so many cars, or can only
> drink so much pepsi or coke. an admin can use as many or as few of the
> lists as they want without any cost/limit. when you go to buy a car, you
> generally buy just A car, when you go and get a soda, you get one soda at
> a time, but with spam relay lists, you pick whichever one(s) you decide
> are best, and use them all together.. there's no reason for them having
> to compete for users
Thanks, I was trying to think of a way to say this.
It's also worth noting that these lists should *not* be competing in this
manner -- the only thing they should be "competing" on is who can block the
most spam while generating the least false positives.
--Adam
Michael T. Babcock <[EMAIL PROTECTED]> wrote:
> I understand Copyright law as much as many long time free / open source
> software advocates do.
Very few people understand copyright law in general. Free software advocates
are not much better at it than others; RMS is a notable exception.
> That said, in a case-law country, I can do pretty much whatever I think
> is legal to do until he sues me. At that point, the courts decide.
Not exactly. Copyright and the protections thereof come into effect the
moment the work is created. No notice is required in the work itself to
be legally binding. In the absence of a statement granting you certain
rights, the legal assumption is you have no right to use the work in any
way.
Note that one point which is still questionable is whether a statement of
your rights applies if it is not signed by the creator of the work; if
licenses shipped with code in digital format are found to not be legally
binding, the situation reverts to you having no license, and therefore no
rights to the work in question.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
>> Argh. Get that misconception *out your head*.
>>
>> People who disallow ORBS to scan them get listed as *untestable*,
>> not as *open relays*. ORBS doesn't block.
>
> Are these records in relays.orbs.org?
> How can you say that ORBS doesn't block them, then?
> Oh, I see, ORBS made up their own semantics for the DNS zone entries.
> Semantics which nobody else uses.
There isn't any "default" semantics for how to set up these DNS zones,
just using rblsmtpd with relays.orbs.org will block any potential
Open Relay and list the reason why it was blocked in the bounce message.
(if the sending MTA doesn't cut it out or try translation)
You may at anytime choose your own method of checking the DNS information,
create your own scripts or programs or whatever you want/need.
> That's very nice, but what about the people blocking using relays.orbs.org?
Thats up to them if they choose to "trust" those who block ORBS,
they can use output.orbs.org if thats what they want.
While others might be paranoid and block them for trying to hide.
No matter what reason, ORBS can not be blamed for individual chosing.
These mail-administrators may very well have valid conserns about
the problems that Open Relay can cause them and their networks.
> Who told them that they would find DNS entries
> belonging to hosts which had never spammed?
> This is other than what people were led to expect.
> It's Yet Another reason why ORBS is not to be trusted.
ORBS policies and handling here is quite clear and documented,
it suprices me that so many who disagree with what Alan does
can't get their facts straight about this!
Never has the policies of ORBS have ANYTHING directly to do with SPAM,
it is an validated Open Relay database which for obvious reason also
contains those who deny/decive ORBS testing by blocking it.
If YOU don't trust someone for your lack of knowledge that's one thing,
it's another thing when you tell people publicly ORBS can not be
trusted for this and that based on this lack of knowledge.
Regards Andr� Paulsberg
OK 2 NET - Andr� Paulsberg writes:
> Never has the policies of ORBS have ANYTHING directly to do with SPAM,
> it is an validated Open Relay database which for obvious reason also
> contains those who deny/decive ORBS testing by blocking it.
In other words, it's a good place to go to find open relays, in order
to abuse them. Also, it's NOT a good listing to use to block sources
of spam, since it lists many hosts which have never sourced spam.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Greg Owen writes:
> Yes, there is amplification. It does work, I have tested it, what
> follows is a description of how it works.
Yes, you have described the situation accurately, and yes, I was
wrong. In the main, though, you've laid out yet another argument
against secondary MX.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
> In the main, though, you've laid out yet another argument
> against secondary MX.
If so, it's the first anti-secondary-MX argument I've seen that
didn't boil down to "incompetent machine administration causes problems,"
which is true with or without multiple MX - it's just easier for mistakes to
happen with more machines involved.
But even if you got rid of secondary MXs, there's another scenario
this attacks, one which most basic firewall design courses and books
recommend: using a mail relay as a bastion host in the DMZ to disallow
direct access from the Internet to the mail store.
For example, people running Exchange or Notes (and many do, for
various good or bad reasons) may not want that box directly on the Internet,
open to SYN flooding, DOS attacks, and buffer overflow attempts. qmail
makes the perfect intermediate relay - high performance, high security, high
reliability. If the bastion host is attacked, internal mail isn't directly
affected, which is a good thing.
Let me try this argument instead: Between two networkographically
close mail hosts owned by a single entity (Secondary and primary MX, or
bastion relay and mail store), the high bandwidth and low latency of the LAN
connection means that the SMTP latency issue is diminished. Between such
hosts, then, using multiple RCPTs with a single DATA may be faster then
qmail's default behavior, which is tuned for the high-latency Internet
environment. Therefore, having the ability to modify qmail's behavior on a
host-by-host basis (much as smtproutes affects mail routing) might be
useful. It would also close this DOS capability.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
Russ Allbery <[EMAIL PROTECTED]> writes on 23 July 2000 at 22:54:44 -0700
> Eric Cox <[EMAIL PROTECTED]> writes:
>
> > Some would argue that MAPS abused their position when they listed ORBS -
> > they do have a competing service, do they not?
>
> And ORBS is both spamming and operating a spam support service under the
> definition of that service. Suppose you run a security consulting service
> and as part of that service you publish vulnerabilities in commonly used
> products, as well as provide a network scanner. Now suppose you find a
> security vulnerability in someone else's network scanner. Do you publish
> that vulnerability?
Of course you do; being *very* careful to get it right, since people
will be inclined to see any mistake you make as a deliberate attack on
your competition. (And after giving them reasonable advance notice).
This is the full disclosure argument all over again, isn't it?
I don't mind ORBS publishing the list of known open relays, and I
don't mind ORBS accepting open-relay reports based on scans (or even
running their own).
I find RSS not adequate and RBL badly inadequate (though I continue to
use it to help them be the big stick you describe, a goal I definitely
support and which I have seen work well).
I'd like to use ORBS, but in fact I find the politics intolerable and
the arbitrary behavior too risky. I don't know the details of the
alleged "spamming" -- it sounds like they're bulk-mailing stuff to the
admins of open relays?
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
In the immortal words of Michael T. Babcock ([EMAIL PROTECTED]):
> You are free to tell me where I was supposed to agree to a license agreement
> before downloading it and/or where the LICENSE file is and/or where the license
> is embedded in C source files ...
Goddamnit. The entire world is NOT a gnu software project. Stop
pretending that it is.
http://cr.yp.to/qmail/dist.html
http://cr.yp.to/softwarelaw.html
And now that that's over with, stop using this mailing list as a
substitute for a web browser.
-n
------------------------------------------------------------<[EMAIL PROTECTED]>
"Sure, the left would love to have a Christian Coalition. The tiny problem is
that it doesn't have Christianity." (--James Poniewozik)
<http://www.blank.org/memory/>------------------------------------------------
David Dyer-Bennet <[EMAIL PROTECTED]> writes:
> I don't mind ORBS publishing the list of known open relays, and I don't
> mind ORBS accepting open-relay reports based on scans (or even running
> their own).
> I find RSS not adequate and RBL badly inadequate (though I continue to
> use it to help them be the big stick you describe, a goal I definitely
> support and which I have seen work well).
Fair enough.
> I'd like to use ORBS, but in fact I find the politics intolerable and
> the arbitrary behavior too risky. I don't know the details of the
> alleged "spamming" -- it sounds like they're bulk-mailing stuff to the
> admins of open relays?
That too, yeah, although I can see some justification for that. I'm not
all that overly comfortable with it *when they don't have a spam in hand*;
if they have a spam in hand, I think it's entirely and completely
reasonable to contact the server, but when it's never been spammed
through, it's mildly more borderline in my mind.
But no, I was talking specifically about their probes. Several of their
probes use both mangled return paths and mangled recipients that look like
their local. Any mail setup where the SMTP listener doesn't know what
accounts are valid (not only qmail, but also any number of different
firewall or secondary MX setups) is going to generate internal
double-bounces from that that end up in the postmaster mailbox.
ORBS is aware that they're dumping mail into the postmaster mailbox. If
they only did a test when they had evidence that the system was open, I
can accept that. I can even accept retesting open relays. But when the
system doesn't relay and has never relayed, constantly *retesting* it and
dumping that mail in the postmaster's mailbox seems wrong. Sure, it's not
that much spam, but when you have a number of hosts with mail setups like
that, it starts slowly adding up. And of course, their answer to it is to
just press delete.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
>> Never has the policies of ORBS have ANYTHING directly to do with SPAM,
>> it is an validated Open Relay database which for obvious reason also
>> contains those who deny/decive ORBS testing by blocking it.
>
> In other words, it's a good place to go to find open relays,
> in order to abuse them.
Put in the worst possible way, you may say that...
However in a more realistic and positiv way you can say that
this informs the administrators of a SERIOUS problem,
and allows them to fix this before they are abused by spammers.
At the same time it gives those using the ORBS service for protection
a means of stopping spam or other abuse through these Open Relays.
Open Relay servers was never a "problem" to find before ORBS anyway,
can't see any evidence that this has increased by ORBS policy.
I don't think spammers will value using servers that probably will
be blocked somewhere contrary to servers which aren't in ORBS or RSS,
and both these lists offer info on possible Open Relay servers
infact RSS lists them after day 1 while ORBS wait 30 days.
> Also, it's NOT a good listing to use to block sources of spam,
> since it lists many hosts which have never sourced spam.
As far as I'm concerned and according to experiences by users of ORBS,
MAPS hardly blocks any SPAM at all, while ORBS block 70-90% of all
the SPAM they ever get.
While MAPS chase the spammers in a Tom & Jerry like manner,
ORBS stops SPAM at it's very first attempt or the server
is closed before they've ever made the attempt.
Regards Andr� Paulsberg
> But when the system doesn't relay and has never relayed, constantly *retesting*
> it and dumping that mail in the postmaster's mailbox seems wrong.
> Sure, it's not that much spam, but when you have a number of hosts
> with mail setups like that, it starts slowly adding up.
> And of course, their answer to it is to just press delete.
I totaly agree, hosts tested and found secure should not be tested repeatedly.
They should be left in a database over tested secured and not be tested until
certain conditions arise, these conditions should be publicly know and debated
to insure a fair treatment of those mail administrators.
I've seen many complains about such behaviour,
but it's never been backed up by any "evidence".
I've never experienced this myself either,
but if anyone has please let me know all about it.
Regards Andr� Paulsberg
Greg Owen writes:
> > In the main, though, you've laid out yet another argument
> > against secondary MX.
> But even if you got rid of secondary MXs, there's another
> scenario this attacks, one which most basic firewall design courses
> and books recommend: using a mail relay as a bastion host in the DMZ
> to disallow direct access from the Internet to the mail store.
You have not read the qmail documentation provided by DJB. In it, he
provides explicit directions on exactly how to set up a bastion host: a
single qmail server on the DMZ listening to port 25 talking to 1 or more
qmail servers on the inside via qmqp. NOT smtp.
Therefore, any other use of qmail in a relay situation was not
considered part of the design and is thus deprecated (i.e., use at your
own risk).
DJB writes very compact documentation. You have to throw out any
assumptions that you may be carrying forward from other pieces of
software and actually read every single word he writes--they are all
important for correctly interpreting his design goals.
> For example, people running Exchange or Notes (and many do, for
> various good or bad reasons) may not want that box directly on the
> Internet, open to SYN flooding, DOS attacks, and buffer overflow
> attempts. qmail makes the perfect intermediate relay - high
> performance, high security, high reliability. If the bastion host is
> attacked, internal mail isn't directly affected, which is a good
> thing.
Relaying to Exchange or Notes was not part of the qmail design goals.
Qmail is not unique in not handling this situation and any expectation
that you carry that it would be useful in this situation is incorrect.
/Joe
Philip, Tim (CNBC Asia) writes:
> Thanks for all the interest in my original posting to
> this list. My question was:-
>
> "Is it possible to stop qmail from generating multiple
> bounce messages when mail with a forged sender address
> is received for multiple bad (non-local) mailboxes?"
>
> I guess the simple answer is, NO. (Is this correct?)
It's possible to stop *your* qmail installation from doing this.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Russ Allbery <[EMAIL PROTECTED]> writes on 24 July 2000 at 15:00:18 -0700
> But no, I was talking specifically about their probes. Several of their
> probes use both mangled return paths and mangled recipients that look like
> their local. Any mail setup where the SMTP listener doesn't know what
> accounts are valid (not only qmail, but also any number of different
> firewall or secondary MX setups) is going to generate internal
> double-bounces from that that end up in the postmaster mailbox.
Ah! Okay, I see some objection there. I've had double-bounces turned
off for a long, long time (and none of the causes were ORBS probes),
but a more macho admin wouldn't want to do that of course.
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
Sorry to contribute to the noise ratio on qmail-list ...
On Mon, 24 Jul 2000, Peter van Dijk wrote:
|> That's very nice, but what about the people blocking using
|> relays.orbs.org? Who told them that they would find DNS entries
|> belonging to hosts which had never spammed? This is other than what
|> people were led to expect. It's Yet Another reason why ORBS is not to
|> be trusted.
|
|I admit that this is a design misfeature. Moving the untestable hosts from
|the relays.orbs.org zone to another, leaving just relays in
|relays.orbs.org, is one of the main changes we are proposing to Alan.
You know what? I used to have no opinion on ORBS, but reading this about
"untestable" hosts being classified as almost like open relays led me to
have a strong one against it.
This behavior is just brain damaged. This is not a minor issue as you seem
to imply by saying "we are proposing [it] to Alan". This is a major
problem. It sucks.
If Alan does'nt realize it, he's just as brain damaged as his software.
This had happened serveral times before:
My qmail+ezmlm mailling-list server suddenly stopped all delivery.
No mail could be send from remote to local, local to remote,
or even local to local. All qmail-inject return success.
And no error messages were logged.
But then I log in as root, and delete all files in the queue directories:
/var/qmail/queue/remote/0 - 22/*
/var/qmail/queue/mess/0 - 22/*
/var/qmail/queue/local/0 - 22/*
....etc. etc.
The delivery will be funcional again! Even those mails that were delivered
and blocked BEFORE I delete the queue will reach its destination.
What was all this about? How do I prevent this from happening again?
hi list,
it seems that my qmail setup is bouncing messages every once in a
while. lists managed by ezmlm send me warnings such as :
> Messages to you from the vmailmgr mailing list seem to
> have been bouncing. I've attached a copy of the first bounce
> message I received.
and the bounce looks like :
> Return-Path: <>
> Received: (qmail 432 invoked from network); 11 Jul 2000 15:18:53 -0000
> Received: from m36-ras4.netizen.com.ar (HELO localhost.localdomain)
>([EMAIL PROTECTED])
> by lists.em.ca with SMTP; 11 Jul 2000 15:18:53 -0000
> Received: (qmail 7888 invoked for bounce); 11 Jul 2000 15:13:33 -0000
> Date: 11 Jul 2000 15:13:33 -0000
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: failure notice
>
> Hi. This is the qmail-send program at localhost.localdomain.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
>
> <[EMAIL PROTECTED]>:
> Sorry, I couldn't find any host named localhost.localdomain. (#5.1.2)
>
> --- Below this line is a copy of the message.
now i don't have the experience to know why once in a while doesn't
recognize the virtual user [EMAIL PROTECTED] and wants to resolve
localhost.locadomain.
has anyone seen this?
[hope the answers don't bounce too ;)]
martin
Thomas Duterme <[EMAIL PROTECTED]> wrote:
>I've looked at VERPS and it looks pretty good for being able to handle
>bounces and guaranteeing correct mail addresses, but this still doesn't
>address the issue of automated bounce handlers. More to the point: I'm
>trying to find out what rules these automated bounce handlers follow to
>determine: delete address, try again, no action, etc. Any ideas?
Look at what ezmlm does.
-Dave
Hi.
I would like to be able to setup multiple pop3 email accounts using the
virtual domains file allowing the following.
[EMAIL PROTECTED] -> [EMAIL PROTECTED]
[EMAIL PROTECTED] -> [EMAIL PROTECTED]
[EMAIL PROTECTED] -> [EMAIL PROTECTED]
How do I do this with regard to mapping the entry in virtualdomains and
.qmail aliases files?
i.e is this correct?
virtualdomains:
[EMAIL PROTECTED]:alias-fred@bloggs-com
[EMAIL PROTECTED]:[EMAIL PROTECTED]
bloggs.com:alias-bloggs.com
in $QMAIL/aliases
.qmail-fred@blogs:com reads &[EMAIL PROTECTED]
.qmail-joe@blogg:com reads &[EMAIL PROTECTED]
.qmail-bloggs:com reads &[EMAIL PROTECTED]
Is this syntactically correct??
Best Wishes,
Daniel.
Wow! you do this in such a complex way! Install fastforward, then set up
virtualdomains as:
bloggs.com:alias
{literally the word 'alias'}
Then edit /etc/aliases and add aliases:
[EMAIL PROTECTED]: [EMAIL PROTECTED]
[EMAIL PROTECTED]: [EMAIL PROTECTED]
Then run newaliases to update the database file
Done, easy to maintain, and fast. I use it with no obvious speed
decreases... Sendmail compatible, and more...
Brett Randall.
-----Original Message-----
From: Daniel Cave <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Tuesday, July 25, 2000 12:11 AM
Subject: virtualdomain mapping to ~alias users
>Hi.
>
>
>I would like to be able to setup multiple pop3 email accounts using the
>virtual domains file allowing the following.
>
>[EMAIL PROTECTED] -> [EMAIL PROTECTED]
>[EMAIL PROTECTED] -> [EMAIL PROTECTED]
>[EMAIL PROTECTED] -> [EMAIL PROTECTED]
>
>How do I do this with regard to mapping the entry in virtualdomains and
>.qmail aliases files?
>
>i.e is this correct?
>
>virtualdomains:
>
>[EMAIL PROTECTED]:alias-fred@bloggs-com
>[EMAIL PROTECTED]:[EMAIL PROTECTED]
>bloggs.com:alias-bloggs.com
>
>in $QMAIL/aliases
>.qmail-fred@blogs:com reads &[EMAIL PROTECTED]
>
>.qmail-joe@blogg:com reads &[EMAIL PROTECTED]
>
>.qmail-bloggs:com reads &[EMAIL PROTECTED]
>
>Is this syntactically correct??
>
>Best Wishes,
>
>Daniel.
>
>
>
>
It seems that all of a sudden my RH had a resource limit problem. DNS is
fine, but after 61 qmail-remotes it wouls appear that RH ran out of
resources.
I searched the archives and added some ulimit commands to the qmail.init
script, but I couldn't find a way to determine how many files to allow
open etc....
If anyone knows how many resources qmail needs for a concurrancy of 100
let me know.... as the default RH settings are to low.... plus the other
services on the box, https, ssh, ntp etc.
Paul Farber
Farber Technology
[EMAIL PROTECTED]
Ph 570-628-5303
Fax 570-628-5545
On Sat, 22 Jul 2000, Eric Cox wrote:
>
>
> Paul Farber wrote:
> >
> > telnetting to port 25 and 110 just timed out.
>
> This usually means (when it has happened to me anyway) that the
> server is listening on the port you're telnetting to, but is
> stalled doing a reverse DNS lookup of the client's IP address.
> Perhaps a munged reverse DNS zonefile?
>
>
> > DNS was fine... it means
> > just that, I could ping via hostname and the dns logs show it was running.
>
> That could still happen under the above scenario...
>
> Eric
>
I know this is a qmail mailing list so I won't bore all
of you with my questions.
However, I do have a question concerning the use of:
qmail, vpopmail, tcpserver, and daemontools.
The topic relates more to the use of daemontools and
the way qmail-smtp and qmail-pop3d must be invoked with
vpopmail.
If any of you are willing to help, please mail me off list.
I am in dire need of assistance.
Thanks,
Jeff Jones
> > - 3. The sending IP is using a broken mailer that's
> > generating bare LFs, and this mailer regards the
> > resulting temporary error code generated by qmail
> > as 'Please try again straightaway'.
> >
> > I'd be particularly interested to know if anyone has come
> > across the 3rd possibility...
>
> Yup, I see it happen on occasion. I usually sniff the message
> off the wire
> to see if its anything I care about then toss a deny rule into
> my tcprules
> for that ip to stop the hammering. Sending the remote party a
> message is
> nice too though I rarely get any cluefull responses.
>
I recently had this problem - some mailserver (Something Microsoft-based)
kept trying to get a bare LF message to me over and over again, and
sending the remote party a message about it did not yield anything like a
clueful response.
However, in this experience I realized I don't understand a couple of
things about the whole bare LF issue - according to the page Dan Bernstein
set up, bare LFs are prohibited by 822bis, but as far as I know, 822bis is
still in drafting stages ( not a standard yet ), so that's not exactly
something I can tell the remote party in trying to convince them to fix
their mailer.
qmail-smtpd does not convert bare linefeeds because it doesn't want to
corrupt data - instead if an e-mail it receives has bare linefeeds, it
just rejects the message. Sendmail just goes ahead and converts the bare
linefeeds to CRLF, and accepts the message. The question I have is, and
excuse my ignorance if it's something silly: why not just accept the bare
linefeeds? From what I can understand in RFC822, there's nothing wrong
with bare linefeeds in the body of the messages as long as the headers
have all the right CRLFs. From looking through qmail archives and reading
a few webpages, all I can find is some reference to the fact that you
shouldn't have bare linefeeds after the smtpd process. Anyone have any
more specifics about this? Is it to protect mailers that don't know how
to interpret bare linefeeds? Or something integral to the MTA?
Sorry if this is something obvious, or if there is some piece of
documentation out there I'm missing; if there is, please point me in the
right direction.
Thank you for your time,
Jamie Blondin
"James Blondin" <[EMAIL PROTECTED]> wrote:
>The question I have is, and
>excuse my ignorance if it's something silly: why not just accept the bare
>linefeeds? From what I can understand in RFC822, there's nothing wrong
>with bare linefeeds in the body of the messages as long as the headers
>have all the right CRLFs. From looking through qmail archives and reading
>a few webpages, all I can find is some reference to the fact that you
>shouldn't have bare linefeeds after the smtpd process. Anyone have any
>more specifics about this? Is it to protect mailers that don't know how
>to interpret bare linefeeds? Or something integral to the MTA?
The problem is simple. If a message contains a bare linefeed, qmail
will convert it to a premature end-of-line if it resends the
message. E.g.:
This message consists of one line\012with an embedded linefeed.
Will become:
This message consists of one line
with an embedded linefeed.
-Dave
The 'problem' as it relates to RFCs, not to Qmail's implementation, is probably
the original question.
Dave Sill wrote:
> "James Blondin" <[EMAIL PROTECTED]> wrote:
>
> >The question I have is, and
> >excuse my ignorance if it's something silly: why not just accept the bare
> >linefeeds? From what I can understand in RFC822, there's nothing wrong
> >with bare linefeeds in the body of the messages as long as the headers
> >have all the right CRLFs. From looking through qmail archives and reading
> >a few webpages, all I can find is some reference to the fact that you
> >shouldn't have bare linefeeds after the smtpd process. Anyone have any
> >more specifics about this? Is it to protect mailers that don't know how
> >to interpret bare linefeeds? Or something integral to the MTA?
>
> The problem is simple. If a message contains a bare linefeed, qmail
> will convert it to a premature end-of-line if it resends the
> message. E.g.:
>
> This message consists of one line\012with an embedded linefeed.
>
> Will become:
>
> This message consists of one line
> with an embedded linefeed.
>
> -Dave
[EMAIL PROTECTED] wrote:
>The 'problem' as it relates to RFCs, not to Qmail's implementation,
>is probably the original question.
Probably? If you don't know, why bother guessing? I answered the
question I thought was asked. If the person who asked the question
isn't satisfied with that answer, he can say so.
-Dave
Dave Sill wrote:
>
> [EMAIL PROTECTED] wrote:
>
> >The 'problem' as it relates to RFCs, not to Qmail's implementation,
> >is probably the original question.
>
> Probably? If you don't know, why bother guessing? I answered the
> question I thought was asked. If the person who asked the question
> isn't satisfied with that answer, he can say so.
>
The answer you gave was useful, Dave, but although I didn't realize it at
first, my question is really relating to the RFCs more than to qmail's
implementation. It's just that qmail's implementation of it led me to
asking the question.
I appreciate your information...
Jamie Blondin
"James Blondin" <[EMAIL PROTECTED]> wrote:
>The answer you gave was useful, Dave, but although I didn't realize it at
>first, my question is really relating to the RFCs more than to qmail's
>implementation. It's just that qmail's implementation of it led me to
>asking the question.
In that case, qmail is not strictly RFC822 compliant in rejecting
messages with bare linefeeds. Apparently Dan felt that the effort
necessary to allow messages to contain LF's was more trouble than it
was worth--especially considered that 822bis prohibits bare LF's.
-Dave
Dave Sill wrote:
> In that case, qmail is not strictly RFC822 compliant in rejecting
> messages with bare linefeeds. Apparently Dan felt that the effort
> necessary to allow messages to contain LF's was more trouble than it
> was worth--especially considered that 822bis prohibits bare LF's.
>
This basically answers my question. My only other query would be as to
what made allowing messages to contain LFs so troublesome. Any specific
reasons?
Thanks much,
Jamie Blondin
"James Blondin" <[EMAIL PROTECTED]> wrote:
>Dave Sill wrote:
>> In that case, qmail is not strictly RFC822 compliant in rejecting
>> messages with bare linefeeds. Apparently Dan felt that the effort
>> necessary to allow messages to contain LF's was more trouble than it
>> was worth--especially considered that 822bis prohibits bare LF's.
>>
>This basically answers my question. My only other query would be as to
>what made allowing messages to contain LFs so troublesome. Any specific
>reasons?
qmail stores messages in the queue in the standard UNIX format:
lines terminated with newlines (LF's). In SMTP, the line terminator is
<CR><LF>. qmail replaces that with <LF> when it writes the message to
disk.
qmail could have used <CR><LF> to terminate lines in the queue files,
but that would require converting <CR><LF> to <LF> on the fly during
delivery to files/programs.
-Dave
Dave Sill wrote:
>
> "James Blondin" <[EMAIL PROTECTED]> wrote:
>
> >Dave Sill wrote:
> >> In that case, qmail is not strictly RFC822 compliant in rejecting
> >> messages with bare linefeeds. Apparently Dan felt that the effort
> >> necessary to allow messages to contain LF's was more trouble than it
> >> was worth--especially considered that 822bis prohibits bare LF's.
> >>
> >This basically answers my question. My only other query would be as to
> >what made allowing messages to contain LFs so troublesome.
> Any specific
> >reasons?
>
> qmail stores messages in the queue in the standard UNIX format:
> lines terminated with newlines (LF's). In SMTP, the line terminator is
> <CR><LF>. qmail replaces that with <LF> when it writes the message to
> disk.
>
> qmail could have used <CR><LF> to terminate lines in the queue files,
> but that would require converting <CR><LF> to <LF> on the fly during
> delivery to files/programs.
>
Ah, it makes some sense now. Thanks tons for the information.
-Jamie Blondin
Hi All,
Just to say thank you to everyone who replied to this: The replies
have been very helpful and I feel have clarified the issues -
it seems that 'Fixing' bare LF issues is likely to be more productive
(i.e. use fixcr or fixcrio) than messing around with Solaris patches.
And that's the solution I've setup with the system concerned - if
there's still a problem (presumably as per TAG's messages on
Solaris), I'll write an update to the list. The affected system isn't
'Hit' all the time, so it'll take a week to know if it is now fixed.
I found the explanation of the behaviour of embedded LFs
particularly useful too.
For what it's worth, a reminder of using fixcr - aimed primarily at
archive users who come across this message a month/year etc.
ahead and want to see if this might fix similar issues for them...
- on the normal tcpserver line for qmail-smtpd, replace
qmail-smtpd
with
sh -c "fixcr | qmail-smtpd"
I presume for fixcrio you'd just need
fixcrio qmail-smtpd
cheers,
Andrew.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 25 Jul 00, at 9:49, Andrew Richards wrote:
> For what it's worth, a reminder of using fixcr - aimed primarily at
> archive users who come across this message a month/year etc. ahead and
> want to see if this might fix similar issues for them...
> - on the normal tcpserver line for qmail-smtpd, replace
> qmail-smtpd
> with
> sh -c "fixcr | qmail-smtpd"
This solution is inferior. fixcr doesn't notice that qmail-smtpd
normally existed until it tries to write another byte to the pipe.
Consequently, fixcr processes start hanging in the memory.
> I presume for fixcrio you'd just need
> fixcrio qmail-smtpd
Yes. This is also much better since fixcrio handles child exit
gracefully, and goes away as soon as qmail-smtpd does.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOX1Hq1MwP8g7qbw/EQK9ewCgv4261DRGNIfQEJv7ax8jzpYvLHcAn0uw
/rwaMXtKgFKIqECn7y2Q28p5
=AlgW
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
Chester Chee wrote:
>
> Hi,
>
> Does anyone has an experience using procmail with vpopmail (virtual domain)?
> I am trying to setup procmail to filter "junk" mail to specific mail folder
> for vpopmail user. And it does not seem to work at all. My vpopmail users
> access their mail via IMAP instead of Maildir. Am I using the right approach
> to taggle this problem? Any pointer or help is greatly appreciated. Thanks
> in advance.
>
> Here is my .procmailrc:-
>
> :0:
> * ^X-JunkMail: Yes
> junk-mail
Take a look at the development version of vpopmail, 4.8.6.
It contains a new filtering module.
Ken Jones
inter7
Score:
Apology for indirection: 1
Asanine comments: 1
Thanks everyone. I think this discussion has been very helpful to the Qmail
cause ... really.
Adam McKenna wrote:
> On Sun, Jul 23, 2000 at 12:37:55AM -0500, David Dyer-Bennet wrote:
> > Probably our responses are by now somewhat cryptic, encoded in local
> > language that's completely clear to those of us who've been through
> > the argument umpteen times before. And which is probably NOT clear to
> > you; sorry about that!
>
> Yes, let me translate for David:
>
> "Shut Up and Go Away"
>
> --Adam
On Mon, 24 Jul 2000, Michael T. Babcock wrote:
> > "Shut Up and Go Away"
You're not gonna SUGA down yer comments, are ya?
Why not pour a little SUGA on this thread?
Scott
This is what I've asked for too -- and been given "do it yourself".
Best of luck.
Frank Tegtmeyer wrote:
> > In his measurements that indicated that qmail used less bandwidth in
> > real-life situations than sendmail, Dan counted the DNS traffic due to
> > sendmail.
>
> And I have never seen numbers, only Dan's claims. It's hard to argue using
> them without being backed up by numbers.
On Mon, Jul 24, 2000 at 11:31:05AM -0400, Michael T. Babcock wrote:
> This is what I've asked for too -- and been given "do it yourself".
Almost certainly because:
a) It's hard to arrange a reproducable set of deliveries that
can be run on qmail and sendmail. Even a couple of hours on
the Internet can change the exact same run, eg, if
AOL changes the size of the response to MX lookups, even
an identical run will generate different traffic loads.
b) It's especially hard with email because you really want
to deliver the email to the recipient. How do you do a real
life test with real-life recipients on remote networks
without spamming them?
c) It's hard because everyone's situation differs. Should you
run a benchmark in isolation from your other network traffic
or with it? Is it legitimate to gain the benefits of, eg,
DNS caching that your web browsing might pre-load?
d) It's hard to measure. What it needs is a dedicated machine
that you can generate just the email load you want, then
take measurements off the interface (or connecting
router). Many don't have the setup/skill/motivation
to set this up.
Actually, it wouldn't be that hard, you'd need a dedicated server that
you can run qmail and sendmail on. A real life set of mail submissions
and recipient addresses and you'd smarthost qmail and sendmail to an
smtpsink. You's also use a dnscache on another machine so that you
see perfect and uncached DNS traffic. But no one seems to have posted
a test like this so until that happens, I guess it's "do it yourself".
Regards.
>
> Frank Tegtmeyer wrote:
>
> > > In his measurements that indicated that qmail used less bandwidth in
> > > real-life situations than sendmail, Dan counted the DNS traffic due to
> > > sendmail.
> >
> > And I have never seen numbers, only Dan's claims. It's hard to argue using
> > them without being backed up by numbers.
>
"Bob Ross" <[EMAIL PROTECTED]> wrote:
>The questoin is I want to add the new domain righ now so that users will be
>able to collect mail sent to either domain to make the transiction easier.
>Do I just add the new domain in the same locations as the old domain under
>the /var/qmail/control files? to allow mail to [EMAIL PROTECTED] and mail to
>[EMAIL PROTECTED] to show up in the same mailbox?.
Yes, add the new domain to control/rcpthosts and control/locals.
-Dave
[EMAIL PROTECTED] (Enrique Vadillo) wrote:
>I'm using qmail 1.03, i'd like to log every IP connection to my qmail
>smtp server, i've noticed that tcpserver is not logging this info for now,
>my tcpserver runs like follows:
>
>tcpserver -R -c 100 -x /etc/tcp.smtp.cdb -v -u 7170 -g 1100 0 smtp
>/var/qmail/bin/qmail-smtpd \
>2>&1 | /var/qmail/bin/splogger smtpd 3 &
>
>Any suggestions so i can log IP connections too?
The -v should cause connections to be logged. Try putting it first,
e.g.:
tcpserver -v -R ...
-Dave
I just restarted it with "tcpserver -v -R ..." and still nothing!
I *only* get this in /var/log/syslog for mail delivery from a remote host:
Jul 24 10:54:51 mail qmail: 964454091.551368 new msg 223505
Jul 24 10:54:51 mail qmail: 964454091.551743 info msg 223505: bytes 199 from
<[EMAIL PROTECTED]> qp 28030 uid 91
Jul 24 10:54:51 mail qmail: 964454091.612723 starting delivery 3: msg 223505 to local
[EMAIL PROTECTED]
Jul 24 10:54:51 mail qmail: 964454091.612972 status: local 1/10 remote 0/20
Jul 24 10:54:51 mail qmail: 964454091.694699 delivery 3: success: did_1+0+1/
Jul 24 10:54:51 mail qmail: 964454091.709046 status: local 0/10 remote 0/20
Jul 24 10:54:51 mail qmail: 964454091.709290 end msg 223505
any ideas why my tcpserver won't log remote IP connections?
I'm using Solaris 7 and 8 and on both it fails.
Enrique-
|o| ---- Dave Sill escribi� ----
|o| [EMAIL PROTECTED] (Enrique Vadillo) wrote:
|o|
|o| >I'm using qmail 1.03, i'd like to log every IP connection to my qmail
|o| >smtp server, i've noticed that tcpserver is not logging this info for now,
|o| >my tcpserver runs like follows:
|o| >
|o| >tcpserver -R -c 100 -x /etc/tcp.smtp.cdb -v -u 7170 -g 1100 0 smtp
|/var/qmail/bin/qmail-smtpd \
|o| >2>&1 | /var/qmail/bin/splogger smtpd 3 &
|o| >
|o| >Any suggestions so i can log IP connections too?
|o|
|o| The -v should cause connections to be logged. Try putting it first,
|o| e.g.:
|o|
|o| tcpserver -v -R ...
|o|
|o| -Dave
On Mon, Jul 24, 2000 at 11:03:15AM -0500, Enrique Vadillo wrote:
! I just restarted it with "tcpserver -v -R ..." and still nothing!
I recalled that your original tcpserver command line had a -v as well,
oh well. :-)
! I *only* get this in /var/log/syslog for mail delivery from a remote host:
You had ``splogger smtpd 3''. On my system, 3 stands for LOG_DAEMON
(look in your /usr/include/syslog.h to confirm). Where do messages
from the ``daemon'' facility get logged?
---Chris K.
--
Chris, the Young One |_ but what's a dropped message between friends?
Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H.
http://cloud9.hedgee.com/ |_ Robinson, IV
PGP: 0xCCC6114E/0x706A6AAD |_
Gavin Cameron writes:
> I have a ~alias/.qmail-bouncer file with the contents
>
> |bouncesaying 'This is an automated bounce message' exit 0
bouncesaying tries to execvp() the given program; it doesn't use a
shell to run the program. So it can't run a shell built-in command.
Instead of above, you might want to write:
|bouncesaying 'This is an automated bounce message' sh -c 'exit 0'
or simply:
|bouncesaying 'This is an automated bounce message'
--
Tetsu Ushijima
I don't see how "If there is ever a compiler dumb enough to break void main(), I
will
happily advise everyone to use a different compiler" engenders any trust in
someone's ability to write C code.
Qmail is well written, sure. But void main() is and always has been wrong on 99%
of platforms and adding "return 0;" to the end of the function will shut up GCC
as well. That said ...
Dave Sill wrote:
> >Incidentally, is there a discussion in the past that I've missed about 'void
> >main' declarations? :-)
>
> Yes. A quick search of the archives for "void main" yields:
>
> http://www.ornl.gov/its/archives/mailing-lists/qmail/1996/12/msg01898.html
Michael T. Babcock wrote:
>I don't see how "If there is ever a compiler dumb enough to break void
>main(), I will happily advise everyone to use a different compiler"
>engenders any trust in someone's ability to write C code.
>
>Qmail is well written, sure. But void main() is and always has been wrong
>on 99% of platforms and adding "return 0;" to the end of the function will
>shut up GCC as well. That said ...
void main() does NOT shut recent versions of gcc up, unless you specify
-Wno-main.
> cat void.c
void main() {}
> gcc void.c
void.c: In function `main':
void.c:1: warning: return type of `main' is not `int'
Was there a problem with int main() that was giving people trouble?
Mark
--
Do not reply directly to this e-mail address
--
Mark Mentovai
UNIX Engineer
Gillette Global Network
[EMAIL PROTECTED] wrote:
>I don't see how "If there is ever a compiler dumb enough to break
>void main(), I will happily advise everyone to use a different
>compiler" engenders any trust in someone's ability to write C code.
The proof of Dan's pudding is in the eating. Theoretically, "void
main" is wrong. In practice, it works just fine. Personally, I could
not care less.
Please stop trying to make mountains out of old, dead molehills. If
you have a serious, practical problem, we'll be glad to help.
-Dave
Dave Sill <[EMAIL PROTECTED]> writes:
> Theoretically, "void main" is wrong. In practice, it works just
> fine. Personally, I could not care less.
Theoretically, BIND's noncompliance with standards is wrong. In
practice, it interoperates with most of the world (i.e., itself) just
fine. But I care.
paul
Dan's comment was that 'void main()' was done because 'int main()'
caused compiler warnings. If so, int main() should now prevail because
void main() causes the warnings.
Dave Sill wrote:
> >I don't see how "If there is ever a compiler dumb enough to break
> >void main(), I will happily advise everyone to use a different
> >compiler" engenders any trust in someone's ability to write C code.
>
> The proof of Dan's pudding is in the eating. Theoretically, "void
> main" is wrong. In practice, it works just fine. Personally, I could
> not care less.
Well said, considering how often DJB waxes eloquent about non-standards
compliant and/or broken software.
Paul Jarc wrote:
> Dave Sill <[EMAIL PROTECTED]> writes:
> > Theoretically, "void main" is wrong. In practice, it works just
> > fine. Personally, I could not care less.
>
> Theoretically, BIND's noncompliance with standards is wrong. In
> practice, it interoperates with most of the world (i.e., itself) just
> fine. But I care.
[EMAIL PROTECTED] (Paul Jarc) wrote:
>Theoretically, BIND's noncompliance with standards is wrong. In
>practice, it interoperates with most of the world (i.e., itself) just
>fine. But I care.
I'll care about "void main" when it causes me problems. Until then,
I've got real problems to worry about.
-Dave
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 24 Jul 00, at 12:55, Michael T. Babcock wrote:
> Dan's comment was that 'void main()' was done because 'int main()'
> caused compiler warnings. If so, int main() should now prevail
> because void main() causes the warnings.
The newer djb sources (like djbdns - formerly dnscache) uses
main(int argc,char **argv)
without return value specifications, which, by C standards, mean
implicit int main().
However, what do you expect, Michael? qmail-1.04 which would
only "fix" void main()?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOXxoR1MwP8g7qbw/EQKahACfT7P1CKNaXdilUUeGwJSFm2RaPDkAoN4L
3YNAR1KCzNMTc4gHfEgNQDGP
=qqTo
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
I was hoping for an admission of guilt rather than a fight.
Petr Novotny wrote:
> However, what do you expect, Michael? qmail-1.04 which would
> only "fix" void main()?
On Mon, 24 Jul 2000, Michael T. Babcock wrote:
> I was hoping for an admission of guilt rather than a fight.
Why? Does it excite you or something? It all looks more to me like
you've been trying to pick a fight.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] http://www.pop4.net
128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
On Mon, Jul 24, 2000 at 01:10:45PM -0400, Michael T. Babcock wrote:
> I was hoping for an admission of guilt rather than a fight.
It's nice to hope for things. However, the only thing you're going to get is
membership in a lot of procmail filters. (I've just added you to mine.)
--Adam
"David Bouw" <[EMAIL PROTECTED]> wrote:
>Everything works nicely, but I would like to have all mail be delivered in
>the the /var/spool/mail directory instead of $HOME/$USER/Mailbox..
>
>I read the INSTALL files, but I can't figure out something..
>
>You run the command 'qmail-start ./Mailbox splogger qmail' to deliver to
>Mailbox file
>When I read the documentation what you need to change in order to get the
>delivery in your /va/spool directory they tell you, you need to use Procmail
>(or binmail) to deliver your mail to /var/spool/mail..
>
>Is this correct?
Yes. The qmail delivery agent *only* delivers to mailboxes under the
user's home directory.
>Isn't there a easier way?
Nope. This is intentionally "hard" to do with qmail because it's
inferior to storing them in the user's home directory. The central
mail spool is security nightmare.
-Dave
Dave Sill <[EMAIL PROTECTED]> writes:
> The qmail delivery agent *only* delivers to mailboxes under the
> user's home directory.
Well, qmail-local can deliver to maildirs or mboxes anywhere, but
there's no way to describe a maildir or mbox in a user-dependent way
except by using a path relative to the user's home directory. So
/var/spool/mail/user can be used in users' .qmail files, but not as
the default delivery instruction.
paul
[EMAIL PROTECTED] (Paul Jarc) wrote:
>Well, qmail-local can deliver to maildirs or mboxes anywhere, but
>there's no way to describe a maildir or mbox in a user-dependent way
>except by using a path relative to the user's home directory. So
>/var/spool/mail/user can be used in users' .qmail files, but not as
>the default delivery instruction.
You're absolutely correct. I spoke too strongly.
-Dave
I'm getting this message from my pop3 clients.
Could not login in to mail server.
The server responded:
This user has no $HOME/Maildir
Well, the user does have a Maildir. I can see new mail piling up in
Maildir/new.
It's being started as follows:
supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup
checkpassword qmail-pop3d Maildir
Any ideas as to what to do next?
If this is a case of RTFM could someone direct me to the appropriate section
in the FM?
Thanks, Bruce.
Never mind, I found the problem, dnsfq is failing to return my hostname
correctly.
That said, any thoughts on this:
[root@mail control]# /usr/local/src/qmail-1.03/dnsfq mail.sattel.com
hard error
[root@mail control]#
[root@mail control]# hostname
mail.sattel.com
My dns server is local:
[root@mail control]# nslookup
Default Server: localhost
Address: 127.0.0.1
> mail.sattel.com
Server: localhost
Address: 127.0.0.1
Name: mail.sattel.com
Address: 192.168.1.100
This is correct as far as I can tell.
Bruce Edge wrote:
>
> I'm getting this message from my pop3 clients.
>
> Could not login in to mail server.
> The server responded:
>
> This user has no $HOME/Maildir
>
> Well, the user does have a Maildir. I can see new mail piling up in
> Maildir/new.
>
> It's being started as follows:
>
> supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup
> checkpassword qmail-pop3d Maildir
>
> Any ideas as to what to do next?
> If this is a case of RTFM could someone direct me to the appropriate section
> in the FM?
>
> Thanks, Bruce.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 24 Jul 00, at 18:15, Bruce Edge wrote:
> That said, any thoughts on this:
>
> [root@mail control]# /usr/local/src/qmail-1.03/dnsfq mail.sattel.com
> hard error
[snip]
> Name: mail.sattel.com
> Address: 192.168.1.100
Is there the reverse record for 192.168.1.100 pointing to
mail.sattel.com?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOXx6vlMwP8g7qbw/EQLFtACg8+V4+oQXTSe5iIe9f0tVDMYblBoAoLrN
3lQf5LH+wcTUwRfsX9JO/xWF
=QaVZ
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
On Mon, Jul 24, 2000 at 06:03:00PM -0700, Bruce Edge wrote:
> I'm getting this message from my pop3 clients.
>
> Could not login in to mail server.
> The server responded:
>
> This user has no $HOME/Maildir
>
> Well, the user does have a Maildir. I can see new mail piling up in
> Maildir/new.
>
>
> It's being started as follows:
>
> supervise /var/lock/qmail-pop3d tcpserver -v -c40 -u0 -g0 0 pop-3 qmail-popup
> checkpassword qmail-pop3d Maildir
>
> Any ideas as to what to do next?
> If this is a case of RTFM could someone direct me to the appropriate section
> in the FM?
RTFM the Synopsis section of the qmail-popup man page. I quote it here for your
convenience:
SYNOPSIS
qmail-popup hostname subprogram
You left out the hostname, so qmail-popup interpreted checkpassword as the
hostname and exec'ed qmail-pop3d instead of checkpassword.
Chris
The question is: does DJB prefer that one modify (should they wish to) 55% of
the source code (say) and make this mod available as a patch, or simply rename
it to "rmail" (or whatever) and mention that it is derived from Qmail,
available at ... blah ...
Vince Vielhaber wrote:
> > I understand Copyright law as much as many long time free / open source
> > software advocates do. That said, I have still seen nothing about the
> > licensing of his software besides that he doesn't care about anything
> > that isn't implicitly illegal.
> >
> > That said, in a case-law country, I can do pretty much whatever I think
> > is legal to do until he sues me. At that point, the courts decide.
> >
> > Most importantly, will he allow full-modification and redistribution
> > with a new name (GPL style). IE, forking.
>
> In that case you'd be "distributing" which has a link on the qmail home
> page (http://cr.yp.to/qmail.html).
On Mon, 24 Jul 2000, Michael T. Babcock wrote:
> The question is: does DJB prefer that one modify (should they wish to) 55% of
> the source code (say) and make this mod available as a patch, or simply rename
> it to "rmail" (or whatever) and mention that it is derived from Qmail,
> available at ... blah ...
What part of "If you want to distribute modified versions of qmail
(including ports, no matter how minor the changes are) you'll have to get
my approval." didn't you understand?
Vince.
>
> Vince Vielhaber wrote:
>
> > > I understand Copyright law as much as many long time free / open source
> > > software advocates do. That said, I have still seen nothing about the
> > > licensing of his software besides that he doesn't care about anything
> > > that isn't implicitly illegal.
> > >
> > > That said, in a case-law country, I can do pretty much whatever I think
> > > is legal to do until he sues me. At that point, the courts decide.
> > >
> > > Most importantly, will he allow full-modification and redistribution
> > > with a new name (GPL style). IE, forking.
> >
> > In that case you'd be "distributing" which has a link on the qmail home
> > page (http://cr.yp.to/qmail.html).
>
>
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] http://www.pop4.net
128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
DJB mentions on his 'future of qmail' page that a way to encode that a
host supports QMTP into its MX data is in the works. What method for
doing so is proposed?
On Mon, Jul 24, 2000 at 05:32:17PM -0400, Michael T. Babcock wrote:
> DJB mentions on his 'future of qmail' page that a way to encode that a
> host supports QMTP into its MX data is in the works. What method for
> doing so is proposed?
http://cr.yp.to/proto/mxps.txt, I imagine.
Regards,
james
--
James Raftery (JBR54) - Programmer Hostmaster - IE TLD Hostmaster
IE Domain Registry - www.domainregistry.ie - (+353 1) 706 2375
"Managing 4000 customer domains with BIND has been a lot like
herding cats." - Mike Batchelor, on [EMAIL PROTECTED]
Actually, searching for MXPS (thank-you) in the archives, I found:
http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/01/msg00791.html
... by DJB (in January, 1999):
-X-
I'm going to use a special MX host name format instead of special MX
preferences. The basic options will be
_magic.s.* I can receive mail by SMTP
_magic.q.* I can receive mail by QMTP
_magic.qs.* I can receive mail by QMTP or SMTP
with the possibility of future extensions such as
_magic.abcdqrsz.*
-X-
James Raftery wrote:
> On Mon, Jul 24, 2000 at 05:32:17PM -0400, Michael T. Babcock wrote:
> > DJB mentions on his 'future of qmail' page that a way to encode that a
> > host supports QMTP into its MX data is in the works. What method for
> > doing so is proposed?
>
> http://cr.yp.to/proto/mxps.txt, I imagine.
Michael T. Babcock writes:
> Actually, searching for MXPS (thank-you) in the archives, I found:
> http://www.ornl.gov/its/archives/mailing-lists/qmail/1999/01/msg00791.html
> ... by DJB (in January, 1999):
>
> -X-
> I'm going to use a special MX host name format instead of special MX
> preferences. The basic options will be
I think that's a silly idea. Better to pick a "magic" MX preference,
and try qmtp. If it fails, then fall back to smtp. The number of
people who happen to use that preference AND who have something
listening on the qmtp port is either zero now, or will become zero
once all hosts running qmail attempt to talk to all other qmail hosts
using qmtp.
I'd really like to see a qmail 1.04 which uses qmtp. It would let
qmail hosts talk *much* faster to each other. The other thing I'd
like to see is for qmtp to implement VERP. So that instead of
expanding list-@host-@[], qmtp would *transmit* list-@host-@[] and the
receiving host would expand the verp. That also means that the qmail
qmtpd would transmit all the recipients of a piece of email whose
hostname was textually equal, ignoring case differences.
This would allow people concerned about qmail's single-RCPT feature to
implement a qmtpd, and set their MX priority to the magic value.
There's no reason why you couldn't implement a qmtpd for sendmail.
And it would save sites like aol or hotmail MANY SMTP connections.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Hello everyone,
I have a big problem in my ISP
After the morning, when my users try to use my smtp server, the
daemon displays this message:
Sorry, that domain isn't allowed to be relayed thru this MTA
Anyone knows this problem??????
please, if anyone has, send one copy to [EMAIL PROTECTED]
Thanks in advance
Luis Bezerra
________________________________________
- Presente surpresa pra namorada? O ZipShop tem. http://www.zipshop.com.br
Hello everyone
My QMail MTA doesn't send messages.
The syslog shows this message: Invalid Relay Client:xxx.xxx.xxx.xxx
PS.: In Brazil, at this time,the international communications are down,
and when the comunications are down, this problem appear.
My site runs with BGP4
anyone knows this problem??
Please, send one copy to [EMAIL PROTECTED] and [EMAIL PROTECTED]
thanks in advance
Luis
________________________________________
- Presente surpresa pra namorada? O ZipShop tem. http://www.zipshop.com.br
I was wondering if it wouldn't be smart to use an extension to EHLO as a
way to detect QMTP availability on an MX. I decided to check and 'QMTP'
& 'EHLO' only appear together 4 times. Chuck Foster seems to be the
first to have asked whether it wouldn't be smart to add a "250 QMTP"
(later corrected to "250 XQMTP" by L. Widdifield) to the EHLO response.
Janos Farkas felt that this (rightfully) adds a couple round-trips at
least to the communication, instead of reducing it as much as QMTP does
by definition. At this point the discussion died.
However, isn't it worth having some method in place for actually using
this more efficient protocol? The round-trips required by "Mail from:"
and "Rcpt To:" and "Data" are all eliminated, and the "250 XQMTP" could
be given as the first 250 response, allowing the QMTP compatible MTA to
immediately send a confirmation, not reading / parsing the remainder of
the TCP stream (which may be a slight improvement).
{ Syntax: "<" from server ... ">" to server }
< 220 IP ESMTP
> EHLO
< 250 IP
< 250 XQMTP
> QMTP
> (data stream)
< (response)
I see this as adding two potential delays (over straight QMTP); the
initial connection response by the foreign MTA, and the delay of waiting
for the EHLO round-trip.
As with RFC 1869 (introducing ESMTP) though, one of these could be
eliminated by simply changing "EHLO" to "QHLO" leaving us with a 500
response if the remote MTA does not understand QMTP. This adds a
round-trip every time we communicate with a non-QMTP MX, but that might
not concern many people. 'QMTP' could of course also be added to the
initial connection string to reduce things further.
Option #2:
< 220 IP ESMTP
> QHLO
< 2000 QMTP ready
> (data stream)
< (response)
Option #3:
< 220 IP ESMTP QMTP
> QHLO
> (data stream)
< (response)
I see this last one as being best, since the opening message can be
customised to mention QMTP in it easily, and once that is parsed by the
sending MTA, no further foreign responses are required until the QMTP
dialog is finished. The initial "QHLO" would be added to inform the
foreign MTA of our intentions.
Comments?
Hi Folks;
What is the best way to set up qmail to handle mails from web forms and CGIs and send
it to a mail hub for processing i.e a qmail install that does not do any mail
processing even for locals but send all mail to another qmail server.
I would want all mail ent to mail hub masqueraded to remove host name
i.e [EMAIL PROTECTED] to look [EMAIL PROTECTED]
Thanks
Dan
On Mon, Jul 24, 2000 at 04:30:16PM -0700, net admin wrote:
! What is the best way to set up qmail to handle mails from web forms and
! CGIs and send it to a mail hub for processing i.e a qmail install that
! does not do any mail processing even for locals but send all mail to
! another qmail server.
Read qmail-remote(8), search for ``smtproutes''.
! I would want all mail ent to mail hub masqueraded to remove host name
! i.e [EMAIL PROTECTED] to look [EMAIL PROTECTED]
Do that at the mail hub. Install ofmipd at the hub (not necessarily
at port 25, though that's an option---if you use a different port,
make sure your web machine's smtproutes knows that). Read rewriting(5)
on how the rewriting works in ofmipd.
ofmipd and rewriting(5) are in the mess822 package:
http://cr.yp.to/mess822.html
---Chris K.
--
Chris, the Young One |_ Never brag about how your machines haven't been
Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of
PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider
Feel free to scrap my previous response. :-)
On Mon, Jul 24, 2000 at 04:30:16PM -0700, net admin wrote:
! What is the best way to set up qmail to handle mails from web forms and
! CGIs and send it to a mail hub for processing i.e a qmail install that
! does not do any mail processing even for locals but send all mail to
! another qmail server.
On further thought, the alternative solution: mini-qmail
(http://cr.yp.to/qmail/mini.html). You will have to install a
QMQP daemon on your mail hub.
! I would want all mail ent to mail hub masqueraded to remove host name
! i.e [EMAIL PROTECTED] to look [EMAIL PROTECTED]
Make your web scripts invoke new-inject instead of qmail-inject.
Rewriting is described in the rewriting(5) manual page. new-inject
and rewriting(5) is provided by http://cr.yp.to/mess822.html.
I'm sure others will have other solutions too...
---Chris K.
--
Chris, the Young One |_ Never brag about how your machines haven't been
Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of
PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider
|
Hello everyone.
I Have one problem very interesting.
In Brazil, when my backbone goes down(EMBRATEL), my qmail MTA
doesn't send any messages.
Today, this problem was occoured, and me and my the MTAs in my
city who MTA is Qmail, they are broken down too.
Anyone knows this problem?
Thanks in advance!!!!!!
Luis Bezerra
|
Luis Bezerra writes:
> In Brazil, when my backbone goes down(EMBRATEL), my qmail MTA
> doesn't send any messages.
Sounds like a DNS problem. What does the log file say(tm)?
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Why DNS?
For two years, qmail works very well.
This problem appear when my back bone goes down and my router
doesn't have the international routes. It has the domestic routes, but
nothing out of Brazil.
-----Original Message-----
From: Russell Nelson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Segunda-feira, 24 de Julho de 2000 19:53
Subject: Re: qmail goes down when my international backbone goes down
>Luis Bezerra writes:
> > In Brazil, when my backbone goes down(EMBRATEL), my qmail MTA
> > doesn't send any messages.
>
>Sounds like a DNS problem. What does the log file say(tm)?
>
>--
>-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
>Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
>521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and
government:
>Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
>
Michael T. Babcock writes:
> You are free to tell me where I was supposed to agree to a license agreement
> before downloading it and/or where the LICENSE file is and/or where the license
> is embedded in C source files ...
Welcome to a Berne Convention country (where have you been all this
time?). Everything is born copyrighted. If you can download
something from the copyright holder, then you are welcome to keep it.
You can modify it if you wish. You cannot redistribute it without
permission.
Redistribution permission (that is, copyright permissions, not a
license) is given at http://cr.yp.to/qmail/dist.html. You don't have
to agree to these terms, because they do not form a license or
contract.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Tornadoes, earthquakes,
521 Pleasant Valley Rd. | +1 315 268 1925 voice | hurricanes and government:
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | uncontrollable forces
Dear All
i
wanna find more detail about ETRN .... what it mean how to work who
can give me information or Document ?
=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=
PipE
System Engineer
Samart Infonet Co.ltd
99/12 Software Park, 30th Floor Chaengwattana Rd., Klong Gluar, Pak-kred
Nonthaburi 11120
[EMAIL PROTECTED]
icq uin # 10831
office phone : (662) 502-6388 fax : (662)
502-6382
=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=
PipE <[EMAIL PROTECTED]> writes:
> Dear All i wanna find more detail about ETRN .... what it mean how
> to work who can give me information or Document ?
See RFC 1985:
http://www.geektools.com/rfc/rfc1985.txt
Hope this helps,
----ScottG.
Hello,
I work for IBM and I want to install qmail
on my server. IBM requires that I present
our legal department with an actual license
so that the Intellectual Property lawyers can
review it and bless it or not. I will not
be distributing qmail in any way, just using it,
hopefully, to dramatically reduce the time
spent sending very large mailings (on an RS/6000
server under AIX) using the sendmail daemon.
I saw one append a while back that had something about
a license and referenced an ftp site. I don't think
the information there is in "proper" enough form
(I'm guessing) to satisfy the lawyers.
Does anybody know where I can get this information?
Thanks...
Mike
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail � Free email you can access from anywhere!
http://mail.yahoo.com/
Hi,
I have Virtual domains and locals running on my qmail server. For the
domains hosted in locals, any incoming mail to a wrongly spelled ID gets
bounced immediately to the sender.
In case of domains under virtualdomains file the incoming mail for the
wrongly spelled user doesn't bounce back, instead the qmail takes it as an
remote user and put it to Relay mail server. Since that domain is hosted
from the same qmail server the mail comes back, this happens 25 times and
then a error message is posted too many hops and then the mail bounce back.
My question is why at all the qmail server is forwarding the wrongly
spelled incoming mail to te relay mail, it should mark this as a bounce
message immediately.
Kindly comment on the above issue.
thanks
Ruchir
Hello everyone,
When a client connects to qmail to send a mail, a DNS lookup is
performed by qmail to get the logical name of the client.
My question is : how to disable this lookup ?
Thks in advance
Philippe Lagente
AVS
begin:vcard
n:Lagente;Philippe
tel;cell:33 (0)6 80 45 27 32
tel;fax:33 (0)1 39 44 02 44
tel;work:33 (0)1 39 44 29 99
x-mozilla-html:FALSE
url:www.avs-consulting.com
org:AVS Consulting
adr:;;130,136 av Joseph Kessel;Voisins le Bretonneux;;78960;France
version:2.1
email;internet:[EMAIL PROTECTED]
title:Directeur
fn:Philippe Lagente
end:vcard
Not that this is really an answer but just some terminology so others might
understand better...this is called a reverse DNS lookup and is referred to
in DNS language as ARPA (Address Resolution Protocol Architecture I
believe...). Might help you in your quest.
Brett
Manager
InterPlanetary Solutions
http://ipsware.com/
> -----Original Message-----
> From: Philippe Lagente [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 25, 2000 6:13 PM
> To: [EMAIL PROTECTED]
> Subject: client nslookup
>
>
> Hello everyone,
>
> When a client connects to qmail to send a mail, a DNS lookup is
> performed by qmail to get the logical name of the client.
> My question is : how to disable this lookup ?
>
> Thks in advance
>
> Philippe Lagente
> AVS
>
On Tue, Jul 25, 2000 at 10:12:51AM +0200, Philippe Lagente wrote:
! When a client connects to qmail to send a mail, a DNS lookup is
! performed by qmail to get the logical name of the client.
! My question is : how to disable this lookup ?
1. Use tcpserver to serve your SMTP, instead of tcp-env, if you don't
already.
2. Specify the -H option when invoking tcpserver. You can also specify
-R to disable ident lookups.
---Chris K.
--
Chris, the Young One |_ If you can't afford a backup system, you can't
Auckland, New Zealand |_ afford to have important data on your computer.
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed
PGP: 0xCCC6114E/0x706A6AAD |_
Philippe,
>When a client connects to qmail to send a mail, a DNS lookup is
>performed by qmail to get the logical name of the client.
>My question is : how to disable this lookup ?
Take a look at the -R and -H options to tcpserver. See
http://cr.yp.to/ucspi-tcp/tcpserver.html
for the 'man page' for tcpserver.
cheers,
Andrew.
