qmail Digest 5 Aug 2000 10:00:00 -0000 Issue 1084
Topics (messages 46128 through 46222):
Re: using fetchmail on qmail machine
46128 by: Chris, the Young One
46157 by: Vincent Danen
46158 by: Vincent Danen
46168 by: markd.bushwire.net
46183 by: Vincent Danen
Newbie help: qmail as a relay gateway
46129 by: Leonard Tulipan
46131 by: Leonard Tulipan
46133 by: Greg Owen
Re: Anti Virus
46130 by: Paul Schinder
46138 by: Robin S. Socha
46141 by: Brett Randall
46144 by: Michael T. Babcock
46151 by: Michael T. Babcock
46152 by: Slider
46155 by: Brett Randall
46163 by: Robin S. Socha
46175 by: Robin S. Socha
46179 by: Steve Wolfe
46181 by: Chris, the Young One
46191 by: Robin S. Socha
46205 by: David Dyer-Bennet
Re: Mailing list performance
46132 by: Dave Sill
46142 by: Dave Sill
46203 by: David Dyer-Bennet
46219 by: P.Y. Adi Prasaja
Re: How I can turn off delivery for user ?
46134 by: Dave Sill
Re: maildirmake
46135 by: Dave Sill
Re: update Re: help - qmail rejecting mail. "no mailbox here by that name"
46136 by: Dave Sill
domain splitting
46137 by: Sheer El-Showk
46148 by: Russell Nelson
46202 by: Sheer El-Showk
46204 by: Chris Garrigues
46209 by: Ben Beuchler
46210 by: Adam McKenna
46211 by: Ihnen, David
46214 by: Russell Nelson
trouble
46139 by: Sumith Ail
46140 by: Greg Owen
46164 by: Sean C Truman
Qmail-Spawn
46143 by: Slider
46146 by: Russell Nelson
46149 by: Fernando Almeida
46150 by: Magnus Bodin
46153 by: Magnus Bodin
qmail-pop3d problem
46145 by: kapil sharma
46147 by: Brett Randall
46161 by: Chris, the Young One
46162 by: Brett Randall
46166 by: Petr Novotny
46169 by: Brett Randall
concurrencyremote up to 500
46154 by: Ricardo Albano
46165 by: Charles Cazabon
46167 by: Ricardo Albano
46170 by: Charles Cazabon
Unable to create pipe
46156 by: Ricardo Albano
46159 by: Brett Randall
Editing error messages
46160 by: Erich Zigler
46173 by: Ben Beuchler
46174 by: Robin S. Socha
46177 by: Bryan Ischo
46182 by: Erich Zigler
46218 by: Eric Cox
Re: duplicating sendmail's virtusertable
46171 by: Ben Beuchler
Re-injecting complete messages
46172 by: Brett Randall
46188 by: Scott Gifford
Bah!
46176 by: Holborn BongMiester
46180 by: Ben Beuchler
46184 by: Holborn BongMiester
46185 by: Hubbard, David
46186 by: Ben Beuchler
46187 by: Chris, the Young One
46192 by: Robin S. Socha
terminology (was Re: duplicating sendmail's virtusertable)
46178 by: Chris, the Young One
patch to require helo before mail from
46189 by: Darrell Wright
46193 by: Scott Gifford
Problems w/ pop3
46190 by: Adam McKenna
46198 by: Ben Beuchler
sqwebmail & qmail-pop3d ?
46194 by: Jens Georg
What a mess...
46195 by: Goran Blazic
46196 by: markd.bushwire.net
46197 by: Darrell Wright
46199 by: Charles Cazabon
46200 by: Charles Cazabon
filter by subject and deliver elsewhere
46201 by: M.B.
tcpserver hanging
46206 by: Adam McKenna
/var/qmail/rc
46207 by: James
46208 by: Ben Beuchler
Softgoods payload app using PayPal and qmail?
46212 by: Thomas David Kehoe
46213 by: Chris Garrigues
46215 by: David Dyer-Bennet
Re: tai64n -- why?
46216 by: Russ Allbery
Re: Now redhat's mailling lists have been removed to mailman and postfix
46217 by: Russ Allbery
Problems whith scan4virus
46220 by: Kornyakov Yevgeny
46222 by: Robin S. Socha
Exchange and qmail
46221 by: Massimiliano Bavo
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
On Fri, Aug 04, 2000 at 12:34:27AM -0400, Peter Green wrote:
! I don't know if it's the ``normal'' behavior, but I have localhost in my
! control/locals with the identical setup to you.
$ grep localhost /var/qmail/control/locals
localhost
Yep, it's there. From a casual perusal of config.sh in the qmail package
it can be seen that it calls a program to get the IP addresses of all
interfaces, then puts their PTR lookups into control/locals.
Unless you lack a loopback interface :-) I believe that localhost should
be in control/locals, at least by default.
---Chris K.
--
Chris, the Young One |_ If you can't afford a backup system, you can't
Auckland, New Zealand |_ afford to have important data on your computer.
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed
PGP: 0xCCC6114E/0x706A6AAD |_
On Fri, Aug 04, 2000 at 12:34:27AM -0400, Peter Green wrote:
> > Can someone let me know if the adding localhost to control/locals is
> > the "normal" behaviour? I think a lot of people would like to use
> > qmail as their own MTA instead of sendmail or postfix, so knowing
> > this would be of great help to me.
>
> I don't know if it's the ``normal'' behavior, but I have localhost in my
> control/locals with the identical setup to you.
That's the only way I could get qmail to deliver the mail that
fetchmail was sending it. FYI, I'm now looking at maildrop as
opposed to procmail... should be interesting... =)
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Services www.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc. www.linux-mandrake.com
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
Current Linux uptime: 20 hours 33 minutes.
On Fri, Aug 04, 2000 at 10:37:03PM +1200, Chris, the Young One wrote:
> ! I don't know if it's the ``normal'' behavior, but I have localhost in my
> ! control/locals with the identical setup to you.
>
> $ grep localhost /var/qmail/control/locals
> localhost
>
> Yep, it's there. From a casual perusal of config.sh in the qmail package
> it can be seen that it calls a program to get the IP addresses of all
> interfaces, then puts their PTR lookups into control/locals.
>
> Unless you lack a loopback interface :-) I believe that localhost should
> be in control/locals, at least by default.
Hmmm... it never put it in mine... wierd. Oh well, now I know that
this is "normal". Thanks!
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Services www.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc. www.linux-mandrake.com
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
Current Linux uptime: 20 hours 34 minutes.
On Fri, Aug 04, 2000 at 09:27:00AM -0600, Vincent Danen wrote:
> On Fri, Aug 04, 2000 at 10:37:03PM +1200, Chris, the Young One wrote:
>
> > ! I don't know if it's the ``normal'' behavior, but I have localhost in my
> > ! control/locals with the identical setup to you.
> >
> > $ grep localhost /var/qmail/control/locals
> > localhost
> >
> > Yep, it's there. From a casual perusal of config.sh in the qmail package
> > it can be seen that it calls a program to get the IP addresses of all
> > interfaces, then puts their PTR lookups into control/locals.
> >
> > Unless you lack a loopback interface :-) I believe that localhost should
> > be in control/locals, at least by default.
>
> Hmmm... it never put it in mine... wierd. Oh well, now I know that
> this is "normal". Thanks!
Hmmm. I use fetchmail in one (admittedly simple) scenario and it doesn't
require localhost in control/locals
Regards.
On Fri, Aug 04, 2000 at 09:03:07AM -0700, [EMAIL PROTECTED] wrote:
> > > Unless you lack a loopback interface :-) I believe that localhost should
> > > be in control/locals, at least by default.
> >
> > Hmmm... it never put it in mine... wierd. Oh well, now I know that
> > this is "normal". Thanks!
>
> Hmmm. I use fetchmail in one (admittedly simple) scenario and it doesn't
> require localhost in control/locals
Do you have fetchmail sending to procmail or something? I have
fetchmail sending it to port 25 on the local machine (ie. qmail) so
qmail still has to do the delivering to my maildirs. Are you maybe
sending it to something other than port 25?
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
// Danen Consulting Services www.danen.net, www.freezer-burn.org
// MandrakeSoft, Inc. www.linux-mandrake.com
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
Current Linux uptime: 22 hours 10 minutes.
First of: I'm a newbie both to sendmail & qmail. (Read: don't flame me for
my stupidity)
The only thing I really achieved was compiling the packages (both sendmail &
qmail seem to "work" fine in a sense that all the test complete successful)
If you can point me to the correct URLS or Steps I have to do, I'd be more
than grateful, for I have been assigned this project without really knowing
anything.
We currently have this setup:
internal MS Exchange Server
I
firewall (Linux-box with sendmail)
I
access router
I
Internet
So our sendmail (apparently) does: relay all email to
@bsbanksysteme.com/de/at/ch or @bs-ag.com/de/at to our Exchange Server and
that server relays all outgoing mail to the firewall which sends it.
Since I don't know how that configuration is called (authorized-relay? I
realy don't know) I don't know which questions of the faq realy apply to me.
Please help me out of my misery because I sincerely do hate sendmail.
Ciao
Leo
Yes, thank you, I have been looking thru that but since I don't know what my
config is called, I don't know what to look at.
I'm totally at loss, because I have never before configured a mail server.
Just a short:
do FAQ X.Y
then install Package/Software Z
then do FAQ A.B
check everything is working
enjoy
That's what I have been hoping for.
Thank you for your time
Ciao
Leo
> -----Original Message-----
> From: Robin S. Socha [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, August 04, 2000 1:26 PM
> To: Leonard Tulipan
> Subject: Re: Newbie help: qmail as a relay gateway
>
> * Leonard Tulipan <[EMAIL PROTECTED]> writes:
> > If you can point me to the correct URLS or Steps I have to do, I'd be
> more
> > than grateful, for I have been assigned this project without really
> knowing
> > anything.
>
> Have you checked /var/qmail/doc ? Read the FAQ and check the PICs. And:
> you cannot have both qmail and sendmail run at the same time.
> --
> Robin S. Socha <http://socha.net/>
Install qmail as described in INSTALL.
For each domain you want to receive mail for:
1) Put that domain name in /var/qmail/control/rctphosts
2) Put domain.com:[w.x.y.z] in /var/qmail/control/smtproutes, where w.x.y.z
is the IP address of your internal exchange server.
3) Make sure that none of these domains are listed in
/var/qmail/control/locals, or the mail will not make it to Exchange.
4) If you will also send mail from the bastion host directly, modify
defaultdomain and defaulthost to your taste (man qmail-control will tell you
where to find more info on them).
These steps will set up inbound relay for your domains; the internet
sends mail to qmail, and qmail forwards it all to Exchange.
To allow Exchange to relay out through the machine, follow the
selective relaying instructions at
http://www.palomine.net/qmail/selectiverelay.html.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
At 4:20 AM -0400 8/4/00, Adam McKenna wrote:
>On Fri, Aug 04, 2000 at 10:17:41AM +0200, Robin S. Socha wrote:
>> your way of quoting *may* be convenient for you. It is, however, annoying
>> for probably everyone else (particularly people not reading your "threads"
>> in a row. It also adds a *massive* amount of unnecessary overhead. May I
>> suggest your grabbing a copy - really, just about any - of the netiquette
>> and fixing your mail toys?
>
>For christ sake, leave the guy alone. IMHO your incessant personal attacks
>are way more annoying than his quoting style.
Does anyone else see what he's complaining about? I've read this
thread using MacOS Eudora, and just looked at one of the messages
with mutt, and I see nothing out of the ordinary. (Reminds me of the
time some idiot flamed me on Usenet for using "}" instead of ">" as
the quoting character.)
>
>--Adam
--
--
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693
[EMAIL PROTECTED]
* Paul Schinder <[EMAIL PROTECTED]> writes:
This is all grossly off topic. I suggest taking this thread off the
list ASAP and apologize for the inconvenience caused by my unnecessary
rudeness.
[my complaint about overhead through uncropped quotes]
> Does anyone else see what he's complaining about? I've read this
> thread using MacOS Eudora, and just looked at one of the messages with
> mutt, and I see nothing out of the ordinary.
Because I reformatted his mail according to age-old standards. In short,
it boils down to the following:
� your text goes below the quoted text;
� trim and if necessary reformat malformed quotes to the absolute
minimum, using "[...]" where necessary;
� a line ends at 80 charactes max.;
� no HTML, format-fla^Hwed, or similar "enhancements" on mailing lists -
ASCII only;
� an attribution line is 1 (one) line;
� sigdashes are "-- " (aka dash, dash, blank RET - you, Paul, are missing
the blank, rendering the whole thing useless for both my address book
(which is aimed at snarfing information from signatures) and my email
setup that automatically nukes signatures in replies);
> (Reminds me of the time some idiot flamed me on Usenet for using "}"
> instead of ">" as the quoting character.)
Might as well have been me. ">" is for quoted text in a reply, "|" is
for quotes from external sources. Using non-standard conformant quote
strings breaks many editors in the way that text cannot be automatically
reformatted to fit the "80 char per line" limit. It's nice and dandy
that you can do loads of things you might think funny with your MUA -
but it does not really mean you *have* to do them, right? I mean, I
could do quoted-printable, text-enriched text with nested citations and
a 10 line "attribution line". It's all here and I could even encode it
according to some arcane standards. But it would annoy you just as much
as mindless use of toys like Outlook annoys me (and AFAICS the majority
of technically-minded users all over the Net). Rationale: some people
actually pay for download. Full quotes with HTML make an email
significantly bigger than necessary (like, 5 times per average) without
buying the reader anything. All it takes is a little thoughtfulness on
behalf of the users of inferior (or badly set up) software (cf. my sig
for a good tool). Is that asked too much, Paul?
--
Robin S. Socha <http://socha.net/Gnus/>
> Because I reformatted his mail according to age-old standards. In short,
> it boils down to the following:
Some ideas for the list and it turns to this? Any voters to return to the
topic of how to stop our users getting virii attacks?
Thanks for opinions, defences, and updates on the latest netiquette.
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
I beg you to cite the place where this list abides by these "Age-old
standards".
I've cited some standards about mailing lists to people before -- but
usually along the lines of "don't quote 100 lines and give only 1 of your
own" or "don't use 10 line signatures". I don't complain about whether my
mail reader is only intelligent enough to recognise "-- " as a leader to a
signature instead of "--" or "- Michael" ... That, and I much prefer to put
my statements above the quoted text if my statement deals with the entirety
of the comment (not just segments, as yours was), so that anyone following
the list can quickly read what I have to say without scrolling.
----- Original Message -----
From: "Robin S. Socha" <[EMAIL PROTECTED]>
Because I reformatted his mail according to age-old standards. In short,
it boils down to the following:
[ MTB: available in archives: http://www-archive.ornl.gov:8000/ ]
Rationale: some people
actually pay for download. Full quotes with HTML make an email
significantly bigger than necessary (like, 5 times per average) without
buying the reader anything. All it takes is a little thoughtfulness on
behalf of the users of inferior (or badly set up) software (cf. my sig
for a good tool). Is that asked too much, Paul?
[ MTB: cf. http://cr.yp.to/sarcasm/modest-proposal.txt ]
----- Original Message -----
From: "Robin S. Socha" <[EMAIL PROTECTED]>
> So you are basically advocating running a piece of exremely expensive
> software with a mixed track record of functionality, running on an
> unstable, expensive and insecure operating system for production
> services?
> [ ... ]
> So, you're not only running an unstable OS but also an extremely
> flaky, bug-ridden MTA, and you actually have this setup connected to
> the internet. May I ask what your company is worth *to you*?
Sometimes its not their choice, you do realise. It might be that any tech
that decides to change operating systems gets fired. That happens. Deal
with the question at hand, please.
> It's more up to one's TCO calculations, isn't it? So, you're not only
> running an unstable OS but also an extremely flaky, bug-ridden MTA, have
> this setup connected to the internet, but also throw in more money to
> buy unneeded functionality that is likely to introduce more bugs. Can
> you explain your rationale, please?
They have no need to justify their rationale to you. You don't matter to
their corporation in all likelihood. In that light, maybe you could have
stuck to answering what was asked?
> Wow, we're finally back on topic... *sigh*
The previous part of the message was to satisfy those folks who always say
'give us more detail about your setup' (like me).
Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as you
probably do.
> I've said it once and I'll say it again: anti-virus software is snake
> oil. Under certain circumstances, it will buy you exactly nothing. Had I
> sent you ILOVEYOU the moment I got it, you would have been fucked. Real
> bad. Maybe your filter would have caught it, but who knows?
No, its not snake-oil. Its just not perfect. The anti-virus software
companies, by necessity, need to analyse a virus before they can add the
signature to their software. That usually requires that the virus be "in
the wild" for some period of time first. However, I've had client machines
come in with dozens of viruses -- usually some combination of Stoned or
Monkey with a few other oldies. These are all caught by modern anti virus
software and thus it _should_ be installed on machines. McAfee VirusScan
for workstations is only $15 (cost).
I don't classify that as snake-oil
--
Michael T. Babcock
CTO, FibreSpeed
Well,
I think we should keep the topic!
There are alot of inexperienced users out there like myself who are rather
interested in this topic!
Slider
> Because I reformatted his mail according to age-old standards. In short,
> it boils down to the following:
Some ideas for the list and it turns to this? Any voters to return to the
topic of how to stop our users getting virii attacks?
Thanks for opinions, defences, and updates on the latest netiquette.
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
OK I wasn't planning on continuing my argument but since others are for me!
...
> Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as you
> probably do.
I dislike them as well. All our servers are transitioning to linux/openbsd
EXCEPT for this one virus-scanning machine. Virtually a day after the "I
Love you" virus was realised, Norton had a fix for it and liveupdate
automatically updated it on our server. This change was propogated to every
client in the building, as well as used in scanning of e-mails. Luckily this
prestigous event happened largely on a weekend and so the few e-mails which
got through the server were then killed on Monday when the user went to read
their e-mail...We have stopped countless hundreds of this virus, and tens of
thousands of other virii with this firewall-style approach.
> come in with dozens of viruses -- usually some combination of Stoned or
> Monkey with a few other oldies. These are all caught by modern anti virus
> software and thus it _should_ be installed on machines. McAfee VirusScan
> for workstations is only $15 (cost).
Totally agreed with. You can't always catch the latest and greatest virii
with virus scanning software and yes killing every binary attachment is an
approach to removing the possibility altogether, but in many cases that is
just not an option. Killing script files, ok...can understand that. Less
impact on working habits, 95% agree with it. I trust stuff I pay for more
than free, open source scripting efforts. Just a peace-of-mind. Norton are
not overly bloated. Lotus' Notes is, to some extent, bloated, but we have
been using it for the last couple of years with thousands of e-mails coming
through and being scanned daily and have had no obvious problems thus far...
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
> -----Original Message-----
> From: Michael T. Babcock [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, August 05, 2000 12:36 AM
> To: qmail list; Robin S. Socha
> Subject: Re: Anti Virus
>
>
> ----- Original Message -----
> From: "Robin S. Socha" <[EMAIL PROTECTED]>
* Michael T Babcock <[EMAIL PROTECTED]> writes:
> From: "Robin S. Socha" <[EMAIL PROTECTED]>
Michael,
I thought you were making sense when you suggested ending this thread in
PM. Unfortunately, I was wrong. So here goes...
> Deal with the question at hand, please.
,----
| A+14 [Slider ]:=Anti Virus
| +20 [Robin S. Socha ]:= <- anomy for procmail
| A+41 [Slider ]:=
| +20 [Robin S. Socha ]: <-
|http://www.qmail.org/top.html#microsoft
|[...]
| +59 <Noel Mistula >:=
| A+86 [Brett Randall ]:=
| +128 [Robin S. Socha ]:=
| A+14 [Adam McKenna ]:=
| A+29 [Paul Schinder ]:=
| +55 [Robin S. Socha ]:=
| +32 [Michael T. Babcock ]: <- you are here
`----
I presume you can see where you missed the point, Michael?
>> I've said it once and I'll say it again: anti-virus software is
>> snake oil. Under certain circumstances, it will buy you exactly
>> nothing. Had I sent you ILOVEYOU the moment I got it, you would have
>> been fucked. Real bad. Maybe your filter would have caught it, but
>> who knows?
> No, its not snake-oil. Its just not perfect.
It is inherently snake-oilish. I would call my colleague in London an
experienced NT admin with a lot of common sense. He went "we've now got
4 virus scanners running, so we're safe". So I went "On your backup
mailserver, too? Cause some nasty buddy just DOS'ed your primary one."
So he went "AAAHHHHRRRGGGG!!!1".
The problem is not the quality of the scanners, the frequency of your
updates, the speed with which updates are released or whatever. The
problem is the quality of MS Software. Windows is a disaster waiting
to happen. Brett advocated using an insecure OS with closed source
protection mechanisms to secure a production environment running an
operating system that is as secure as a bullet proof vest made of
NT-CDs.
Since the system cannot be secured, the threat must be eliminated. Either
by changing the OS or by nuking all attachments that are potentially
dangerous.
> The anti-virus software companies, by necessity, need to analyse a
> virus before they can add the signature to their software. That
> usually requires that the virus be "in the wild" for some period of
> time first.
Right. And you do remember how fast ILOVEYOU spread, don't you?
> However, I've had client machines come in with dozens of viruses --
> usually some combination of Stoned or Monkey with a few other oldies.
> These are all caught by modern anti virus software and thus it _should_
> be installed on machines. McAfee VirusScan for workstations is only
> $15 (cost).
You're working around the problem. Ever wondered how come there are
no[1] viruses for Un*x?
> I don't classify that as snake-oil
You're as entitled to your personal opinion as everybody else. Too
bad it's beside the point since the OP wasn't interested in fixing
an infected system but preventing from viruses (or other dangerous
content) from entering his system. reply-to set accordingly.
Footnotes:
[1] Yes, there are three. But they don't exist.
--
Robin S. Socha <http://socha.net/>
* Brett Randall <[EMAIL PROTECTED]> writes:
> OK I wasn't planning on continuing my argument but since others are for me!
I'm still against you, Brett, so let's see how far we'll get... ]:->
>> Incidentally, I dislike NT, Microsoft Outlook and Exchange as much as
>> you probably do.
> I dislike them as well. All our servers are transitioning to
> linux/openbsd EXCEPT for this one virus-scanning machine.
Interestingly, this will leave this one machine open to attacks against the
OS itself. Strange notion of security. You could be running TrendMicro's
viruswall or [insert AV-vendor] stuff on various flavours of Un*x or Linux
as well.
> Virtually a day after the "I Love you" virus was realised, Norton had
> a fix for it and liveupdate automatically updated it on our server.
Literally one minute after I was informed about the problem via my
email2sms gateway (one of those things you'd call a "scripting effort"
monitoring various security MLs), I had remotely logged into our
mailserver and added a rule nuking all respective emails. Arguably, the
approach is different, but with the gaping holes in MS's security
"policy", chances are yet another script kiddy will find yet another
exploit soonish and it will not qualify as a virus again. Technically
speaking, BTW, ILOVEYOU was not a virus, anyway. Needless to say that
there are i18n versions of MS Office viruses that aren't caught by
American scanners...
> Luckily this prestigous event happened largely on a weekend and so the
> few e-mails which got through the server were then killed on Monday
> when the user went to read their e-mail...
"Luckily"... how do you sleep at night, Brett, when an integral part of
your security policy relies on luck?
> We have stopped countless hundreds of this virus, and tens of thousands
> of other virii with this firewall-style approach.
Brett, I just talked to my firewall. She's a nice firewall, y'know, and
she's got a great sense of humour. But that carpet was quite expensive,
and I stronly advise you not to make such rude jokes again unless you
want to face punitive damages. Besides, a 19" rack biting a rug is just
plainly ridiculous.
>> come in with dozens of viruses -- usually some combination of Stoned
>> or Monkey with a few other oldies. These are all caught by modern
>> anti virus software and thus it _should_ be installed on machines.
>> McAfee VirusScan for workstations is only $15 (cost).
> Totally agreed with. You can't always catch the latest and greatest
> virii with virus scanning software and yes killing every binary
> attachment is an approach to removing the possibility altogether, but
> in many cases that is just not an option.
True. That's why you set up sandboxes in each department, running
Linux and StarOffice. For the unaware, StarOffice is a free, GPL'ed
(?) Office Suite running on Windows and various Un*xoid OSes. Yes,
it's a little inconvenient to hop to another office to take a look at
an attachment. But it also makes you very angry at the people sending
them. Which is good.
> I trust stuff I pay for more than free, open source scripting efforts.
Ok, so on top of luck, you rely on trust. Then again, it's all that's
left to you, isn't it? While you can have an expert audit Open Source
Software, (closed source) commercial software has to be trusted. I
don't trust closed source software, and even less so if it comes from a
foreign country. Can you guarantee (100%) where Notes or Exchange or
whatever send your company's trade secrets? Does the word OPSEC ring a
bell? IT security isn't everything.
And, quite honestly, I don't like your condescending tone when you talk
about OSS. Calling OpenBSD or qmail "scripting efforts" is, well.. you
know, if MS ever released the Exchange code, and one were to compare it
to qmail's... oh, well...
> Just a peace-of-mind.
Then why are you running qmail? You /are/ running qmail, aren't you?
> Norton are not overly bloated. Lotus' Notes is, to some extent,
> bloated, but we have been using it for the last couple of years with
> thousands of e-mails coming through and being scanned daily and have
> had no obvious problems thus far...
Notes Server has had some bugs that qualify as lethal. And they weren't
fixed nearly as quickly as those in, say, sendmail. What makes you
recommend software with a bad track record in security on a ML for the
most secure mailserver there is?
--
Robin S. Socha <http://socha.net/>
> > I dislike them as well. All our servers are transitioning to
> > linux/openbsd EXCEPT for this one virus-scanning machine.
>
> Interestingly, this will leave this one machine open to attacks against
the
> OS itself. Strange notion of security.
Well, in a world devoid of any other security mechanisms, perhaps. But
it's perfectly easy to simply deny all traffic to the machine not related to
SMTP, at the router, firewall, and on the machine itself. It's hard to
exploit something on the machine if your packets never get there.
> > I trust stuff I pay for more than free, open source scripting efforts.
Well, it's sixes. Some commercial software is well-written, a lot isn't.
Some open-source software is well-written, I've found a lot that's not. It
all comes down to the individual package.
steve
On Sat, Aug 05, 2000 at 01:13:05AM +1000, Brett Randall wrote:
! I trust stuff I pay for more
! than free, open source scripting efforts. Just a peace-of-mind.
This reminds me of http://www.ultraviolet.org/treed/lam.txt. :-)
---Chris K.
--
Chris, the Young One |_ Never brag about how your machines haven't been
Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of
PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider
* Steve Wolfe <[EMAIL PROTECTED]> writes:
[scanning for MS viruses under MS OSes]
> Well, in a world devoid of any other security mechanisms, perhaps.
> But it's perfectly easy to simply deny all traffic to the machine not
> related to SMTP, at the router, firewall, and on the machine itself.
> It's hard to exploit something on the machine if your packets never
> get there.
man gauntlet
>> > I trust stuff I pay for more than free, open source scripting efforts.
> Well, it's sixes. Some commercial software is well-written, a lot
> isn't.
I beg to differ. You simply cannot know if closed source commercial
software is well written. I may seem to work well, but you don't know
what's under the hood. Back in university, we had the NT 4.0 CD that we
installed on a spare computer for laughs. We had blocked it inside a
firewall. It sent two crypted emails. We let them free. They disappeared
behind a MSN firewall. We did not laugh.
> Some open-source software is well-written, I've found a lot that's
> not. It all comes down to the individual package.
That's so true it's meaningless, I'd say. There is a lot of really bad
software available especially for Linux, true. But if you take a well
audited distribution (Jurix would be one) or stick to a core *BSD, you'll
find that the code base is excellent. It still remains to be shown how
you break into a bare-bones OpenBSD. I could not say that for a couple
commercial OSes. Bottom line: every system can be made insecure. But some
"packages" are secure by default. qmail springs to mind ;-) Stick to
those and you're fine.
--
Robin S. Socha <http://socha.net/>
Michael T. Babcock <[EMAIL PROTECTED]> writes on 4 August 2000 at 10:02:54 -0400
> I beg you to cite the place where this list abides by these "Age-old
> standards".
> I've cited some standards about mailing lists to people before -- but
> usually along the lines of "don't quote 100 lines and give only 1 of your
> own" or "don't use 10 line signatures". I don't complain about whether my
> mail reader is only intelligent enough to recognise "-- " as a leader to a
> signature instead of "--" or "- Michael" ...
Signature is pretty well-defined, and "-- " is the delimiter. Stuff
that uses other delimiters breaks all sorts of archiving and reply
software.
> That, and I much prefer to put
> my statements above the quoted text if my statement deals with the entirety
> of the comment (not just segments, as yours was), so that anyone following
> the list can quickly read what I have to say without scrolling.
I wish you wouldn't. When I then respond to various paragraphs of
your text, the resulting sequence is very confusing -- or would be if
I didn't take the trouble to reorder your message first.
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
"P.Y. Adi Prasaja" <[EMAIL PROTECTED]> wrote:
>On Thu, Aug 03, 2000 at 08:14:32AM -0400, Dave Sill wrote:
>>
>> He apparently confused incoming concurrency with outgoing
>> concurrency. Luckily, Postfix defaults to 50, so the results are still
>> valid.
>
>Then you wrong either :-)
No, I'm not wrong. If you're going to "correct" someone, please check
your facts first.
>From http://postfix.cloud9.net/rate.html:
The default_process_limit parameter (default: 50) gives direct
control over inbound and outbound delivery rates. This parameter
controls the number of concurrent processes that implement a Postfix
service (smtp client, smtp server, local delivery, etc.)
It says 50, not 10.
>Default _maximum_ concurrency is 10,
Perhaps you're thinking of default_destination_concurrency_limit?
That's the *per destination* limit, not the overall concurrency limit.
>Even though the author increase the number at master.cf, say 1000 (as
>I said that it has nothing todo with concurrency, neither incoming nor
>outgoing, beside the fact that there are no _incoming/outgoing_
>concurrency in postfix, the number is for differrent purpose).
>then the concurrency still be limited to 10 and will started at 5,
>etc... etc...
Either you're wrong or the documentation on the web is wrong. I don't
care enough to determine which is the case. Here is what the web docs
say:
>From http://postfix.cloud9.net/rate.html:
You can override [default_process_limit] for specific Postfix
daemons by editing the master.cf file. For example, if you do not
wish to receive 50 SMTP messages at the same time, you could
specify:
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (50)
# ==========================================================================
. . .
smtp inet n - - - 5 smtpd
. . .
-Dave
"David Dyer-Bennet" <[EMAIL PROTECTED]> wrote:
>Dave Sill <[EMAIL PROTECTED]> writes on 2 August 2000 at 10:14:56 -0400
> >
> > http://www.kyoto.wide.ad.jp/mta/eval1/eindex.html
>
>His methodology looks reasonably sound, now that I can read the
>description of it. And he seems entirely aware of the shortcomings,
>which leads me to trust his judgement on other matters as well.
>
>Looks like qmail took 20 seconds and sendmail took 1750 seconds to
>deliver his test load. Not surprising! (uncached case)
I don't see where you got 20 seconds. Here's the results in tabular
form--numbers are all APPROXIMATE since I'm reading them from the
graphs (the individual results by implementation):
Eval 1 Eval 2 Eval 3
MTA time dns time dns time dns
qmail 155 1250 127 1230 127 1235
Postfix 184 1375 168 1290 161 1330
exim 645 475 161 450 157 451
SMTPfeed 215 610 160 442 157 461
zmailer 1530 1675 357 1260 360 1300
>Also note that in the cached case postfix appears to beat qmail at
>delivering all the mail, at least on one graph.
I don't see that.
>However, did people notice that sendmail actually did *fewer* DNS
>queries? I had understood that for total bandwidth use, qmail won
>over sendmail partly for doing less DNS traffic, but this doesn't seem
>to be the case in this study.
Yeah, that suprised me, too. Exim wins the prize for DNS frugality,
though.
>(postfix took 30 seconds, exim 500, zmailer I can't tell. Am I
>reading the graphs wrong?
Where are you seeing these numbers?
>Zmailer shows increasing count of DNS
>queries off to the end of the map, but no increase in SMTP syn or
>fin. Now I'm confused.)
Me too, because I just don't see that. Which graph(s) are you looking
at?
-Dave
Dave Sill <[EMAIL PROTECTED]> writes on 4 August 2000 at 09:37:29 -0400
> "David Dyer-Bennet" <[EMAIL PROTECTED]> wrote:
>
> >Dave Sill <[EMAIL PROTECTED]> writes on 2 August 2000 at 10:14:56 -0400
> > >
> > > http://www.kyoto.wide.ad.jp/mta/eval1/eindex.html
> >
> >His methodology looks reasonably sound, now that I can read the
> >description of it. And he seems entirely aware of the shortcomings,
> >which leads me to trust his judgement on other matters as well.
> >
> >Looks like qmail took 20 seconds and sendmail took 1750 seconds to
> >deliver his test load. Not surprising! (uncached case)
>
> I don't see where you got 20 seconds. Here's the results in tabular
> form--numbers are all APPROXIMATE since I'm reading them from the
> graphs (the individual results by implementation):
>
> Eval 1 Eval 2 Eval 3
> MTA time dns time dns time dns
> qmail 155 1250 127 1230 127 1235
> Postfix 184 1375 168 1290 161 1330
> exim 645 475 161 450 157 451
> SMTPfeed 215 610 160 442 157 461
> zmailer 1530 1675 357 1260 360 1300
I read the time on eval 1 for qmail as 20 seconds. Well, maybe 22.
There's a very sharp bend in both DNS and SMTP curves at that point,
and only completely trivial activity after that. I do see that the
DNS answer curve is measurable separated from the DNS request curve;
but the SMTP lines don't appear to change after that, so whatever DNS
is doing, delivery has completed.
> >Also note that in the cached case postfix appears to beat qmail at
> >delivering all the mail, at least on one graph.
>
> I don't see that.
Well, maybe not, the SMTP fin line is separated a bit from the syn
line which the computed line is based on.
> >However, did people notice that sendmail actually did *fewer* DNS
> >queries? I had understood that for total bandwidth use, qmail won
> >over sendmail partly for doing less DNS traffic, but this doesn't seem
> >to be the case in this study.
>
> Yeah, that suprised me, too. Exim wins the prize for DNS frugality,
> though.
>
> >(postfix took 30 seconds, exim 500, zmailer I can't tell. Am I
> >reading the graphs wrong?
>
> Where are you seeing these numbers?
Eval 1, the individual graphs mostly. I'm using the point where the
SMTP fin count maxes as the terminal point, even though some DNS
activity occurs after that with some mailers.
But I don't see why I was confused about zmailer now (other than the
trailing DNS activity), seems to finish at about 190.
> >Zmailer shows increasing count of DNS
> >queries off to the end of the map, but no increase in SMTP syn or
> >fin. Now I'm confused.)
>
> Me too, because I just don't see that. Which graph(s) are you looking
> at?
http://www.kyoto.wide.ad.jp/mta/eval1/perf1-zmailer.gif (evaluation
1, zmailer). The SMTP syn count has peaked a bit under 200 seconds,
the SMTP fin count shortly thereafter. The DNS query and response
count are at about 1275 then. By 1400 seconds, the DNS query and
response count are up to about 1550.
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
On Fri, Aug 04, 2000 at 07:58:20AM -0400, Dave Sill wrote:
> No, I'm not wrong. If you're going to "correct" someone, please check
> your facts first.
oh .. well ...
Here is your previous post:
> He apparently confused incoming concurrency with outgoing
> concurrency.
What are you trying to say in this regard?
> Perhaps you're thinking of default_destination_concurrency_limit?
> That's the *per destination* limit, not the overall concurrency limit.
Yes. And seems to me that you pretend to that this would not give any
impact to the measurements...
> Either you're wrong or the documentation on the web is wrong. I don't
> care enough to determine which is the case. Here is what the web docs
> say:
No. The docs is minimum, but it isn't wrong.
If there is no such a limitation in qmail, why should one pretend
to that there is no such a limitation in other MTA (postfix) too?
Once again, if you would like to see the comparisson numbers that
author gives to us, just see at the linear equation from each graph.
You would see that postfix beat qmail just for about 1 msg/second
rate in 2nd and 3th evaluation (this fact is unsignificant, for me at
least). Anyway, if the number of process_limit is increased, say 120,
with the same condition (environment, machine, etc.), should qmail a
lot faster than postfix because of its great efficiency in resources
using by qmail compares to postfix (yes, I didn't talk about the
whole results, it's about 'internal processing').
Salam,
P.Y. Adi Prasaja
Kornyakov Yevgeny <[EMAIL PROTECTED]> wrote:
>I use procmail, and if "| preline procmail" line is exist in the .qmail
>file, I get two identical letters.
>First letter from qmail delivery
>Second letter from procmail delivery
>I need use only procmail delivery.
If the only line in the .qmail file is "|preline procmail", you'll
only get one copy.
-Dave
"Eddie Greer" <[EMAIL PROTECTED]> wrote:
>thanks for responding. The answer that I am trying to find is whether the
>maildirmake command creates a file of any sort that keeps track of the
>mailboxes.
No, maildirmake makes a maildir. That's all; nothing else.
>We changed someone's mailbox,
What do you mean by that? Exactly what did you change?
>and copied the new current and tmp
>directories into their mailboxes but qmail did not redirect their mail (even
>after we did the maildirmake and specified their new home directory).
qmail won't redirect their mail until you tell it to via a .qmail file
or defauldelivery specification on the qmail-start command line.
>I am
>hoping that their is a way to modified a user home directory and Maildir
>folder without recreating the user from scratch.
There's *never* a need to recreate a user from scratch under UNIX.
-Dave
J <[EMAIL PROTECTED]> wrote:
>I changed the alias to:
>.qmail-joe:bob
>
>with the contents: bobj
>
>I restarted all qmail daemons.. and unfortunatly I
>still get the "no mailbox here by that name".
>
>Any other sugguestions?
No, that ought to work--assuming bobj is a valid mail user. For
example:
root@sws5# cd ~alias
root@sws5# echo ./joebob >.qmail-joe:bob
root@sws5# echo To: joe.bob |qmail-inject
root@sws5# cat joebob
>From [EMAIL PROTECTED] Fri Aug 04 12:29:17 2000
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 525673 invoked by uid 0); 4 Aug 2000 12:29:17 -0000
Date: 4 Aug 2000 12:29:17 -0000
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
-Dave
Hi I'm posting this on several mail-related newsgroups to try to get as
much information as I can I hope no one regards this as a spam:
I would like to host mail for a single domain (ie all users should be
[EMAIL PROTECTED]) on several (geographically distributed) machines,
with users in each area receiving their mail at the local mail sever. The
hard part is, as bandwidth is a limiting issue, I don't want all the mail
to be forwarded through a single host (eg if user1 at location A is
sending a 5 MB attachement to user2 at location B, I don't want that to
have to bounce off some central mail sever at location C). This means
that all the mail servers serve the same domain name but have to be
distinguishable (via DNS or sonmething sendmail does) by users served.
It seems to me that this must be do-able since AOL and other large
multinationals can't have all their mail go through some central
hub. However since DNS won't resolve different hosts according to user
name (since it knows nothing about the user sending/receiving the
mail) the SMTP protocol must have some way of routing beyond DNS (ie so we
can have one mail server which tells outside mail servers which
internal mail server to send a particular message to accorind to user name
-- without actually receiveing the message proper itself). This would
require some kind of pre-sending negotiation between mail servers. Is
such a thing possible?
Does any of what I've said make sense to anybody, and if so can you clue
me in on how to do this (or where to look to find out more).
I've found some stuff about using qmail + PH that looks like it might be
what I'm looking for (its a user address table thing that works with mail
daemons) -- does anyone know more about this.
Thank a lot in advance,
Sheer
Sheer El-Showk writes:
> I would like to host mail for a single domain (ie all users should be
> [EMAIL PROTECTED]) on several (geographically distributed) machines,
> with users in each area receiving their mail at the local mail sever. The
> hard part is, as bandwidth is a limiting issue, I don't want all the mail
> to be forwarded through a single host (eg if user1 at location A is
> sending a 5 MB attachement to user2 at location B, I don't want that to
> have to bounce off some central mail sever at location C). This means
> that all the mail servers serve the same domain name but have to be
> distinguishable (via DNS or sonmething sendmail does) by users served.
Qmail lets you implement this using virtualdomains. You can
virtualize a domain on a per-use basis. So tell the qmail running at
location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
Unfortunately, both sites A and B have to be running qmail and must be
configured with the user table. There's no global way to do what you
want. I suggest that you colocate the central mail server somewhere
where there's plenty of bandwidth, and configure it with the user table.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com | If you think
Crynwr sells support for free software | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it costs when it's free.
Thanks, but my real concern is that all the mail NOT go through a SINGLE
mail server (in terms of bandwithd). If I do what you suggested
[EMAIL PROTECTED] still has to go through location A (the full message,
including attachements has to be received at that location) which means
that it becomes a bandwidth bottle-kneck (and since there will be many
locations all with very little bandwidth supporting a large organization
this can be a problem). At least that's how I understand it -- if you
know some way that location A could tell the outside server just to route
directly to location B, that's what I'm really looking for (sort of a SMTP
user-based server resolution). Please correct me if I misunderstood what
you said or if it doens't require full mail routing through location A.
By the way, an entirely qmail solution shouldn't be a problem since the my
clients seem to like the idea of linux and I am a big fan of qmail ;->
Thanks anyway,
Sheer
On Fri, 4 Aug 2000, Russell Nelson wrote:
> Sheer El-Showk writes:
> > I would like to host mail for a single domain (ie all users should be
> > [EMAIL PROTECTED]) on several (geographically distributed) machines,
> > with users in each area receiving their mail at the local mail sever. The
> > hard part is, as bandwidth is a limiting issue, I don't want all the mail
> > to be forwarded through a single host (eg if user1 at location A is
> > sending a 5 MB attachement to user2 at location B, I don't want that to
> > have to bounce off some central mail sever at location C). This means
> > that all the mail servers serve the same domain name but have to be
> > distinguishable (via DNS or sonmething sendmail does) by users served.
>
> Qmail lets you implement this using virtualdomains. You can
> virtualize a domain on a per-use basis. So tell the qmail running at
> location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
>
> Unfortunately, both sites A and B have to be running qmail and must be
> configured with the user table. There's no global way to do what you
> want. I suggest that you colocate the central mail server somewhere
> where there's plenty of bandwidth, and configure it with the user table.
>
> --
> -russ nelson <[EMAIL PROTECTED]> http://russnelson.com | If you think
> Crynwr sells support for free software | PGPok | health care is expensive now
> 521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
> Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it costs when it's free.
>
> From: Sheer El-Showk <[EMAIL PROTECTED]>
> Date: Fri, 4 Aug 2000 21:13:32 +0000 (WET)
>
>
> Thanks, but my real concern is that all the mail NOT go through a SINGLE
> mail server (in terms of bandwithd). If I do what you suggested
> [EMAIL PROTECTED] still has to go through location A (the full message,
> including attachements has to be received at that location) which means
> that it becomes a bandwidth bottle-kneck (and since there will be many
> locations all with very little bandwidth supporting a large organization
> this can be a problem). At least that's how I understand it -- if you
> know some way that location A could tell the outside server just to route
> directly to location B, that's what I'm really looking for (sort of a SMTP
> user-based server resolution). Please correct me if I misunderstood what
> you said or if it doens't require full mail routing through location A.
>
> By the way, an entirely qmail solution shouldn't be a problem since the my
> clients seem to like the idea of linux and I am a big fan of qmail ;->
This is doable as long as you find some reasonably automated way to maintain
the .qmail files that forward the users identically everywhere.
Make domain.com a virtual domain at all locations. Tell qmail at all
locations that [EMAIL PROTECTED] is really [EMAIL PROTECTED] and
[EMAIL PROTECTED] is really [EMAIL PROTECTED] and so on.
Point MX records equally at all your locations. The outside world will send
the mail to one of your hosts which will then forward it to where you really
want it.
I'd probably maintain the .qmail-domain-* files for the virtual domain
in one central location and then rsync or rdist them to all the servers at the
same time.
Also, I think qmail-ldap has a facility for doing this more magically out of
LDAP.
Chris
> On Fri, 4 Aug 2000, Russell Nelson wrote:
>
> > Sheer El-Showk writes:
> > > I would like to host mail for a single domain (ie all users should be
> > > [EMAIL PROTECTED]) on several (geographically distributed) machines,
> > > with users in each area receiving their mail at the local mail sever.
> The
> > > hard part is, as bandwidth is a limiting issue, I don't want all the m
> ail
> > > to be forwarded through a single host (eg if user1 at location A is
> > > sending a 5 MB attachement to user2 at location B, I don't want that t
> o
> > > have to bounce off some central mail sever at location C). This means
> > > that all the mail servers serve the same domain name but have to be
> > > distinguishable (via DNS or sonmething sendmail does) by users served.
> >
> > Qmail lets you implement this using virtualdomains. You can
> > virtualize a domain on a per-use basis. So tell the qmail running at
> > location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
> >
> > Unfortunately, both sites A and B have to be running qmail and must be
> > configured with the user table. There's no global way to do what you
> > want. I suggest that you colocate the central mail server somewhere
> > where there's plenty of bandwidth, and configure it with the user table.
> >
> > --
> > -russ nelson <[EMAIL PROTECTED]> http://russnelson.com | If you think
> > Crynwr sells support for free software | PGPok | health care is expensiv
> e now
> > 521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
> > Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it costs when it's
> free.
> >
>
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
On Fri, Aug 04, 2000 at 09:13:32PM +0000, Sheer El-Showk wrote:
> Thanks, but my real concern is that all the mail NOT go through a SINGLE
> mail server (in terms of bandwithd). If I do what you suggested
I don't think it's possible to avoid that. Which server mail is sent to
is a function of DNS, not mail server configuration. The only way an
MTA has of knowing where to send a piece of mail is by looking up an MX
record for it. It can only look up based on domain. DNS does not know
anything about users and should not.
So. Your only real option is to have a single mail server accepting
mail and then distribute it to other servers. This does not fix your
bandwidth problem. But, with a little research you can find one of
several ways to use the primary mail server only as a way to accept
inbound mail and then redistribute it to any one of several other mail
servers based on multiple criteria.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
On Fri, Aug 04, 2000 at 05:25:46PM -0500, Ben Beuchler wrote:
> On Fri, Aug 04, 2000 at 09:13:32PM +0000, Sheer El-Showk wrote:
>
> > Thanks, but my real concern is that all the mail NOT go through a SINGLE
> > mail server (in terms of bandwithd). If I do what you suggested
>
> I don't think it's possible to avoid that. Which server mail is sent to
> is a function of DNS, not mail server configuration. The only way an
> MTA has of knowing where to send a piece of mail is by looking up an MX
> record for it. It can only look up based on domain. DNS does not know
> anything about users and should not.
>
> So. Your only real option is to have a single mail server accepting
> mail and then distribute it to other servers. This does not fix your
> bandwidth problem. But, with a little research you can find one of
> several ways to use the primary mail server only as a way to accept
> inbound mail and then redistribute it to any one of several other mail
> servers based on multiple criteria.
What about having two servers with the same MX priority? That should work.
adam@spotted:~$ dig earthlink.net mx
; <<>> DiG 8.2 <<>> earthlink.net mx
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; earthlink.net, type = MX, class = IN
;; ANSWER SECTION:
earthlink.net. 0S IN MX 5 mx09.earthlink.net.
earthlink.net. 0S IN MX 5 mx00.earthlink.net.
earthlink.net. 0S IN MX 5 mx01.earthlink.net.
earthlink.net. 0S IN MX 5 mx02.earthlink.net.
earthlink.net. 0S IN MX 5 mx03.earthlink.net.
earthlink.net. 0S IN MX 5 mx04.earthlink.net.
earthlink.net. 0S IN MX 5 mx05.earthlink.net.
earthlink.net. 0S IN MX 5 mx06.earthlink.net.
earthlink.net. 0S IN MX 5 mx07.earthlink.net.
earthlink.net. 0S IN MX 5 mx08.earthlink.net.
--Adam
If you wish to load balance mail through several servers, then just use a
load balancing scheme like through red hats new product, though I forget its
name, or use a cisco loaddirector or an F5 BigIP or any number of farm
solutions.
Each server can have a copy of the user table and route to the appropriate
mail servers as needed.
Bottleneck Eliminated.
(two server addresses on the same MX priority is not as configurable or
reliable as the load balancing hardware)
"Nothing eliminates stress like having auto-redundant systems" - me as a
network administrator
David
> -----Original Message-----
> From: Sheer El-Showk [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 04, 2000 2:14 PM
> To: Russell Nelson
> Cc: [EMAIL PROTECTED]
> Subject: Re: domain splitting
>
>
>
> Thanks, but my real concern is that all the mail NOT go
> through a SINGLE
> mail server (in terms of bandwithd). If I do what you suggested
> [EMAIL PROTECTED] still has to go through location A (the full message,
> including attachements has to be received at that location)
> which means
> that it becomes a bandwidth bottle-kneck (and since there will be many
> locations all with very little bandwidth supporting a large
> organization
> this can be a problem). At least that's how I understand it -- if you
> know some way that location A could tell the outside server
> just to route
> directly to location B, that's what I'm really looking for
> (sort of a SMTP
> user-based server resolution). Please correct me if I
> misunderstood what
> you said or if it doens't require full mail routing through
> location A.
>
> By the way, an entirely qmail solution shouldn't be a problem
> since the my
> clients seem to like the idea of linux and I am a big fan of qmail ;->
>
> Thanks anyway,
> Sheer
>
> On Fri, 4 Aug 2000, Russell Nelson wrote:
>
> > Sheer El-Showk writes:
> > > I would like to host mail for a single domain (ie all
> users should be
> > > [EMAIL PROTECTED]) on several (geographically distributed)
> machines,
> > > with users in each area receiving their mail at the
> local mail sever. The
> > > hard part is, as bandwidth is a limiting issue, I don't
> want all the mail
> > > to be forwarded through a single host (eg if user1 at
> location A is
> > > sending a 5 MB attachement to user2 at location B, I
> don't want that to
> > > have to bounce off some central mail sever at location
> C). This means
> > > that all the mail servers serve the same domain name but
> have to be
> > > distinguishable (via DNS or sonmething sendmail does) by
> users served.
> >
> > Qmail lets you implement this using virtualdomains. You can
> > virtualize a domain on a per-use basis. So tell the qmail
> running at
> > location A that [EMAIL PROTECTED] is actually [EMAIL PROTECTED]
> >
> > Unfortunately, both sites A and B have to be running qmail
> and must be
> > configured with the user table. There's no global way to
> do what you
> > want. I suggest that you colocate the central mail server somewhere
> > where there's plenty of bandwidth, and configure it with
> the user table.
> >
> > --
> > -russ nelson <[EMAIL PROTECTED]> http://russnelson.com |
> If you think
> > Crynwr sells support for free software | PGPok | health
> care is expensive now
> > 521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait
> until you see
> > Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it
> costs when it's free.
> >
>
Sheer El-Showk writes:
> Thanks, but my real concern is that all the mail NOT go through a SINGLE
> mail server (in terms of bandwithd). If I do what you suggested
> [EMAIL PROTECTED] still has to go through location A (the full message,
> including attachements has to be received at that location) which means
> that it becomes a bandwidth bottle-kneck (and since there will be many
> locations all with very little bandwidth supporting a large organization
> this can be a problem). At least that's how I understand it -- if you
> know some way that location A could tell the outside server just to route
> directly to location B, that's what I'm really looking for (sort of a SMTP
> user-based server resolution). Please correct me if I misunderstood what
> you said or if it doens't require full mail routing through location A.
You can't get the rest of the world to send mail to a single domain
except by going to the host that accepts mail for that domain. But
within your domain, you can split it any way you want. You could use
LDAP, you could use the DNS, you could use fastforward, you could use
a bunch of .qmail files. Personally, I'd use the DNS. It's an
efficient, scalable, secure (well, okay, it's secure if you use
djbdns), cross-host, cross-platform database. Just do this:
echo 'example.com:alias-example' >/var/qmail/control/virtualdomains
echo '|forward $EXT2@$EXT2.example.com'
Then set up a bunch of DNS records that point to the host with that
user's mailbox.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com | If you think
Crynwr sells support for free software | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it costs when it's free.
Hi All
I've installed qmail+patches from source rpms on my RH
6.2 1386 linux box from Bruce Guenter source
distribution
1. daemontools 70-1
2. ucpspi-tcp-0.88-1
3. supervise-scripts-2.4
4. qmail-1.03+patches-14
Everythings fine but the smtp server takes a long time
to initialize..like when I telnet to port 25 on my
localhost...the 220 host.domain.com ESMTP appears but
after a long time.
Has anybody experienced such a problem and was able to
solve this...
Thanx in advance
- Sumith
__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/
> Everythings fine but the smtp server takes a long time
> to initialize..like when I telnet to port 25 on my
> localhost...the 220 host.domain.com ESMTP appears but
> after a long time.
>
> Has anybody experienced such a problem and was able to
> solve this...
Your tcpserver invocation is probably trying to get IDENT info,
which is the default. This times out after 26 seconds or so. Put '-R' into
your tcpserver command line and the lag goes away, or open up port 113 on
the firewall to allow IDENT traffic to freely flow.
>From http://cr.yp.to/ucspi-tcp/tcpserver.html:
-r: (Default.) Attempt to obtain $TCPREMOTEINFO from the remote host.
-R: Do not attempt to obtain $TCPREMOTEINFO from the remote host. To avoid
loops, you must use this option for servers on TCP ports 53 and 113.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
Your also might want to look into installing dnscache
http://cr.yp.to/djbdns/dnscache-1.00.tar.gz and have a local caching only
server running on the qmail machine.
Sean Truman
----- Original Message -----
From: Greg Owen <[EMAIL PROTECTED]>
To: Qmail List (E-mail) <[EMAIL PROTECTED]>
Sent: Friday, August 04, 2000 9:13 AM
Subject: RE: trouble
> > Everythings fine but the smtp server takes a long time
> > to initialize..like when I telnet to port 25 on my
> > localhost...the 220 host.domain.com ESMTP appears but
> > after a long time.
> >
> > Has anybody experienced such a problem and was able to
> > solve this...
>
> Your tcpserver invocation is probably trying to get IDENT info,
> which is the default. This times out after 26 seconds or so. Put '-R'
into
> your tcpserver command line and the lag goes away, or open up port 113 on
> the firewall to allow IDENT traffic to freely flow.
>
> >From http://cr.yp.to/ucspi-tcp/tcpserver.html:
>
> -r: (Default.) Attempt to obtain $TCPREMOTEINFO from the remote host.
> -R: Do not attempt to obtain $TCPREMOTEINFO from the remote host. To avoid
> loops, you must use this option for servers on TCP ports 53 and 113.
>
> --
> gowen -- Greg Owen -- [EMAIL PROTECTED]
Can anyone reflect a little light as to why I might be getting this error??
965396867.707127 delivery 8637: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707147 status: local 41/120 remote 0/20
965396867.707234 delivery 8638: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707255 status: local 40/120 remote 0/20
965396867.707636 delivery 8639: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707656 status: local 39/120 remote 0/20
965396867.707671 delivery 8640: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
965396867.707690 status: local 38/120 remote 0/20
965396867.707803 delivery 8641: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)
Thanks
Slider
Slider writes:
> Can anyone reflect a little light as to why I might be getting this error??
Bad karma?? Too many years spent in pubs downing a warm one??
> 965396867.707127 delivery 8637: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
This is almost always due to some kind of operating system limit.
Strace (truss in your case) is usually helpful.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com | If you think
Crynwr sells support for free software | PGPok | health care is expensive now
521 Pleasant Valley Rd. | +1 315 268 1925 voice | now, wait until you see
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | what it costs when it's free.
I would like to known WHAT is qmail-spawn too... :-)
Slider wrote:
> Can anyone reflect a little light as to why I might be getting this error??
>
> 965396867.707127 delivery 8637: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
> 965396867.707147 status: local 41/120 remote 0/20
> 965396867.707234 delivery 8638: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
> 965396867.707255 status: local 40/120 remote 0/20
> 965396867.707636 delivery 8639: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
> 965396867.707656 status: local 39/120 remote 0/20
> 965396867.707671 delivery 8640: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
> 965396867.707690 status: local 38/120 remote 0/20
> 965396867.707803 delivery 8641: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)
>
> Thanks
>
> Slider
--
_________________________
Fernando Costa de Almeida
ICQ - 72293951
On Fri, Aug 04, 2000 at 02:56:10PM +0100, Slider wrote:
>
>
> Can anyone reflect a little light as to why I might be getting this error??
>
> 965396867.707127 delivery 8637: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
One of the few errors I've covered in my brief error guide ;-)
http://x42.com/qmail/error/#spawnpipe
/magnus
--
http://x42.com/
On Fri, Aug 04, 2000 at 11:20:38AM -0300, Fernando Almeida wrote:
> I would like to known WHAT is qmail-spawn too... :-)
qmail-spawn is either qmail-lspawn or qmail-rspawn, as they both share the
code in spawn.c where this error message lives and prospers.
/magnus
--
http://x42.com/
Hi,
I have installed qmail-pop3d, checkpassword with qmail on redhat linux
6.2. I have entered the following lines in my "/etc/inetd.conf" file:
pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
I am able to connect to 110 port but unable to authenticate. Following
is the session:
telnet foo.com 110
Trying 202.54.67.72...
Connected to foo.com.
Escape character is '^]'.
+OK <15634.965386256@\>
user naminfo
+OK
pass ggggg
-ERR authorization failed
Connection closed by foreign host.
Please help
OK. First make sure that the Maildir is readable by the group and user that
will be using it, then make sure that the folder actually exists and that
the folders leading up to it (eg /home) are readableby all users. This was a
problem for me once. No guarantees but take a look...
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, August 05, 2000 12:17 AM
> To: [EMAIL PROTECTED]
> Subject: qmail-pop3d problem
>
>
> Hi,
> I have installed qmail-pop3d, checkpassword with qmail on redhat linux
> 6.2. I have entered the following lines in my "/etc/inetd.conf" file:
>
> pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
> foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
>
> I am able to connect to 110 port but unable to authenticate. Following
> is the session:
>
> telnet foo.com 110
> Trying 202.54.67.72...
> Connected to foo.com.
> Escape character is '^]'.
> +OK <15634.965386256@\>
> user naminfo
> +OK
> pass ggggg
> -ERR authorization failed
> Connection closed by foreign host.
>
> Please help
>
On Fri, Aug 04, 2000 at 07:47:27PM +0530, kapil sharma wrote:
! pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
! foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
[...]
! +OK <15634.965386256@\>
Are you sure that ``\'' is an acceptible line continuation character?
qmail-popup seems to think that ``\'' is the host name, so maybe you
should just put everything on one line without using ``\''.
---Chris K.
--
Chris, the Young One |_ but what's a dropped message between friends?
Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H.
http://cloud9.hedgee.com/ |_ Robinson, IV
PGP: 0xCCC6114E/0x706A6AAD |_
> On Fri, Aug 04, 2000 at 07:47:27PM +0530, kapil sharma wrote:
> ! pop-3 stream tcp nowait root /var/qmail/bin/qmail-popup qmail-popup \
> ! foo.com /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir
> [...]
> ! +OK <15634.965386256@\>
>
> Are you sure that ``\'' is an acceptible line continuation character?
> qmail-popup seems to think that ``\'' is the host name, so maybe you
> should just put everything on one line without using ``\''.
The command line is interpreted by bash (I take it you are using bash)
before the program that is being called (try typing some nonexistant command
followed by a '\' and there will be no error) so qmail-popup won't even know
it existed.
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 5 Aug 00, at 1:49, Brett Randall wrote:
> The command line is interpreted by bash (I take it you are using bash)
> before the program that is being called (try typing some nonexistant
> command followed by a '\' and there will be no error) so qmail-popup
> won't even know it existed.
I beg to differ.
1. inetd doesn't support wrapped lines in /etc/inetd.conf. At least
mine doesn't. It doesn't know about the second line at all.
2. inetd doesn't run the command through bash. Where did you
hear that?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOYraKVMwP8g7qbw/EQL2xgCfeWq+XgG/ESanEVRtMK5Yl8oHvEQAnRiK
hHXnlYyRwU1ygxyqrZ43yOMx
=HKTS
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
[EMAIL PROTECTED]
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
[Tom Waits]
> I beg to differ.
>
> 1. inetd doesn't support wrapped lines in /etc/inetd.conf. At least
> mine doesn't. It doesn't know about the second line at all.
>
> 2. inetd doesn't run the command through bash. Where did you
> hear that?
My apologies :> It is 2am over here and I forgot this is an inetd call, not
a tcpserver call!
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
|
Hello,I'm trying to get qmail running in a
Solaris 7 box and get up to 500 qmail-remote proccesses at the same time, I do
the following steps :
1. Before compiling qmail-1.03 I applyed the
"big concurrency patch"
2. Set conf-spawn to 500 in the qmail source
tree
3. make setup check
4. echo "500" >
/var/qmail/control/concurrencyremote
5. Get it running!.
But I noticed that the maximun number of
"qmail-remote procs" is 30 !....
My box is a high traffic outbound smtp server
and 30 qmail-remote procs. is very poor..... the same steps I do in a Linux box
and get 500 qmail-remote without any problem....
Any Idea ???
This is possible relationed with a per user/max
procs in Solaris or any like this ?
Thank you.
RDA.-
|
Ricardo Albano <[EMAIL PROTECTED]> wrote:
> Hello,I'm trying to get qmail running in a Solaris 7 box and get up to 500
> qmail-remote proccesses at the same time, I do the following steps :
[...]
> But I noticed that the maximun number of "qmail-remote procs" is 30 !.... My
> box is a high traffic outbound smtp server and 30 qmail-remote procs. is very
> poor..... the same steps I do in a Linux box and get 500 qmail-remote without
> any problem....
[...]
> This is possible relationed with a per user/max procs in Solaris or any like
> this ?
It is almost certainly a resource limit the system is imposing. It may be
fds, or it could be something else. What are you limits currently set to?
Have you tried changing them? You seem to have diagnosed your own problem
here.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
I can't imagine where to start the diagnostic, I think the problem is in the
OS Limit but I need some specific pointers to the problem to ask Sun
peoples.
>Ricardo Albano <[EMAIL PROTECTED]> wrote:
>> Hello,I'm trying to get qmail running in a Solaris 7 box and get up to
500
>> qmail-remote proccesses at the same time, I do the following steps :
>[...]
>> But I noticed that the maximun number of "qmail-remote procs" is 30 !....
My
>> box is a high traffic outbound smtp server and 30 qmail-remote procs. is
very
>> poor..... the same steps I do in a Linux box and get 500 qmail-remote
without
>> any problem....
>[...]
>> This is possible relationed with a per user/max procs in Solaris or any
like
>> this ?
>
>It is almost certainly a resource limit the system is imposing. It may be
>fds, or it could be something else. What are you limits currently set to?
>Have you tried changing them? You seem to have diagnosed your own problem
>here.
>Charles
>--
>-----------------------------------------------------------------------
>Charles Cazabon <[EMAIL PROTECTED]>
>GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
>Any opinions expressed are just that -- my opinions.
>-----------------------------------------------------------------------
Ricardo Albano <[EMAIL PROTECTED]> wrote:
> >It is almost certainly a resource limit the system is imposing. It may be
> >fds, or it could be something else. What are you limits currently set to?
> >Have you tried changing them? You seem to have diagnosed your own problem
> >here.
> I can't imagine where to start the diagnostic, I think the problem is in the
> OS Limit but I need some specific pointers to the problem to ask Sun
> peoples.
Try adding some ulimit calls to your qmail startup script. `man ulimit`
for details.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
|
I get a lot of errors like this in the qmail
logs :
delivery 4770: deferral:
qmail-spawn_unable_to_create_pipe._(#4.3.0)/
How can I solve this ?, I readed the FAQ and
mailling list archives but I can't find this.
Thanks
RDA.-
|
This was posted here just a few hours ago...look at it
Brett
Manager
InterPlanetary Solutions
http://ipsware.com/
-----Original Message-----
From: Magnus Bodin [mailto:[EMAIL PROTECTED]]
Sent: Saturday, August 05, 2000 12:25 AM
To: qmail list
Subject: Re: Qmail-Spawn
On Fri, Aug 04, 2000 at 02:56:10PM +0100, Slider wrote:
>
>
> Can anyone reflect a little light as to why I might be getting this
error??
>
> 965396867.707127 delivery 8637: deferral:
> qmail-spawn_unable_to_create_pipe._(#4.3.0)/
One of the few errors I've covered in my brief error guide ;-)
http://x42.com/qmail/error/#spawnpipe
/magnus
--
http://x42.com/
I was wondering if its possible to edit the error messages in qmail. And
what is the simplest way to do it?
For example, I want to change "This address is not in my rcpthosts" message
to something different.
--
Erich Zigler Sr. System Administrator
Interesting how the need for substance in an unexamined life
often times leads to gulibility. -- Cornfed
On Fri, Aug 04, 2000 at 10:28:27AM -0500, Erich Zigler wrote:
> I was wondering if its possible to edit the error messages in qmail.
> And what is the simplest way to do it?
>
> For example, I want to change "This address is not in my rcpthosts"
> message to something different.
They are hard-coded. Edit the code at your own risk.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
* Erich Zigler <[EMAIL PROTECTED]> writes:
> I was wondering if its possible to edit the error messages in qmail. And
> what is the simplest way to do it?
Grab an editor and UTSL.
> For example, I want to change "This address is not in my rcpthosts"
> message to something different.
That'd be qmail-(s|q)mtpd.c - but why would you want to do that?
--
Robin S. Socha <http://socha.net/>
"Robin S. Socha" <[EMAIL PROTECTED]> writes:
> * Erich Zigler <[EMAIL PROTECTED]> writes:
>
> > I was wondering if its possible to edit the error messages in qmail. And
> > what is the simplest way to do it?
>
> Grab an editor and UTSL.
>
> > For example, I want to change "This address is not in my rcpthosts"
> > message to something different.
>
> That'd be qmail-(s|q)mtpd.c - but why would you want to do that?
I am sure Erich can answer for himself, but may I posit one possible
reason:
The people who read bounce mails are typically those who sent it, which,
99% of the time, is a person who is completely unfamiliar with mail
systems.
To them, something like, "You cannot sent mail to that site using this
mail server", or somesuch, would be less confusing and more personable.
Just a thought.
On the flip side, as soon as the word "rcpthosts" leaves a user's
mouth, I am pretty sure I know exactly what the problem is.
Bryan
--
________________________________________________________________________
p l u m b d e s i g n
Bryan Ischo | Software Developer
157 chambers st ny ny 10007
p.212-285-8600 x233 f.212-285-8999
On Fri, Aug 04, 2000 at 12:40:14PM -0400, Bryan Ischo wrote:
> The people who read bounce mails are typically those who sent it, which,
> 99% of the time, is a person who is completely unfamiliar with mail
> systems.
Your actually quite right.
> To them, something like, "You cannot sent mail to that site using this
> mail server", or somesuch, would be less confusing and more personable.
Actually we use vpopmail's roaming users. So if they dont check their email
beforehand they cannot use us as a relay. We get many calls from angry
customers and employees because all they see in the current error message is
"You cant send mail."
> On the flip side, as soon as the word "rcpthosts" leaves a user's
> mouth, I am pretty sure I know exactly what the problem is.
Yeah, but in my opinion I dont want to hear of those calls in the first
place. =)
--
Erich Zigler Sr. System Administrator
Bryan Ischo wrote:
>
> The people who read bounce mails are typically those who sent it, which,
> 99% of the time, is a person who is completely unfamiliar with mail
> systems.
>
> To them, something like, "You cannot sent mail to that site using this
> mail server", or somesuch, would be less confusing and more personable.
Another possibility is putting personal, domain-specific info into the
bounce messages, like who to contact for help, etc...
Eric
On Thu, Aug 03, 2000 at 11:05:47PM -0400, Sam Carleton wrote:
> > > I also need to change the from header from [EMAIL PROTECTED] to
> > > [EMAIL PROTECTED] I am trying to stealth my user account because
> > > it is the only account able to su in as root. I would prefer if folks
> > > do not know the user name on the account:) (No, it isn't sam, that is
> > > simply my example <g>)
> >
> > Both of these can be accomplished using fastforward, available from
> > http://www.qmail.org.
>
> I have installed fastforward and I am aliasing incoming mail from
> sam.carleton@domain to sam@domain, but I do not have a clue as to how to
> use fastforward to change the From: header on out going mail from
> sam@domain to sam.carleton@domain. Can someone enlighten me?
My error. I did not read your request carefully enough. The "From: "
header is entirely under the control of your MUA (mutt, pine, mailx,
etc). The envelope "from " header is controlled via your MTA (qmail, in
this case) and can be controlled either by using the sendmail wrapper
with a "[EMAIL PROTECTED]" or setting some environment variables
before calling qmail-inject.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
Hi...I've been asked by a fellow sysadmin to reinject a number of complete
e-mails (containing every original header field and the body with the
standard one-line gap) into the mail system for delivery to their relevant
locations, both locally and remotely. What is the best way of doing this?
Thanks!
Brett.
Manager
InterPlanetary Solutions
http://ipsware.com/
"Brett Randall" <[EMAIL PROTECTED]> writes:
> Hi...I've been asked by a fellow sysadmin to reinject a number of complete
> e-mails (containing every original header field and the body with the
> standard one-line gap) into the mail system for delivery to their relevant
> locations, both locally and remotely. What is the best way of doing this?
/var/qmail/bin/qmail-inject
should do what you need. Make sure you give it a
-f envelope-sender
where the envelope sender is where bounces from this message should
go, and then give it a list of who the message should go to after
that; qmail-inject won't look at the To header.
For example:
/var/qmail/bin/qmail-inject -f [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED]
is how I would re-inject this message.
Hope this helps,
----ScottG.
Hi all,
I've finally got my arse around to using tcpserver.
Well I say using, more like installing and then ripping my hair out.
Is there any _useful_ documentation, with some examples out there
on how to use it? I saw one snippet that mentioned it goes in inetd.conf
If so what the bleeding point?? I'd rather be using FreeBSD's improved
tcp_wrappers than using them and having to use tcpserver within it.
I'm mainly going to it becuase of the god awful RELAYCLIENT hack to
allow a few hosts to use me as a smarthost (instead of a more sane
/var/qmail/control file that allows named ip's to connect).
Yours close to another MTA,
D.
On Fri, Aug 04, 2000 at 05:45:06PM +0100, Holborn BongMiester wrote:
> I've finally got my arse around to using tcpserver.
>
> Well I say using, more like installing and then ripping my hair out.
>
> Is there any _useful_ documentation, with some examples out there
> on how to use it? I saw one snippet that mentioned it goes in inetd.conf
> If so what the bleeding point?? I'd rather be using FreeBSD's improved
> tcp_wrappers than using them and having to use tcpserver within it.
>
> I'm mainly going to it becuase of the god awful RELAYCLIENT hack to
> allow a few hosts to use me as a smarthost (instead of a more sane
> /var/qmail/control file that allows named ip's to connect).
You have a very charming way of asking for help. Also of not reading
readily and freely available documentation.
Start with the home page for ucspi-tcp. Documents every option of every
program in the package.
http://cr.yp.to/ucspi-tcp.html
If that is too obtuse for you, try David Sill's excellent "Life With
qmail", linked to from the qmail.org page.
http://web.infoave.net/~dsill/lwq.html
If you find that too difficult, follow some of the other links
concerning "anti-relaying" from the qmail.org page. There are several.
All of which offer complete descriptions for setting up tcpserver.
If you still can't figure it out, hire a 12 year old.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
Ben Beuchler wrote:
> You have a very charming way of asking for help. Also of not reading
> readily and freely available documentation.
Maybee I should of took a break and then asked. Dan's links on his main
page are hidden everywhere. I followed the 'installing tcpserver' and
also the other ucspi-tcp link and the info I got out of that was
untar and make. His INSTALL could do with a, for some examples and
further documnetaion go here...
> http://cr.yp.to/ucspi-tcp.html
Great! I'll go take a ganders.
> If that is too obtuse for you, try David Sill's excellent "Life With
> qmail", linked to from the qmail.org page.
>
> http://web.infoave.net/~dsill/lwq.html
I'm not too bad with qmail, it's just to get things to function b4 I
didnt need this tcpserver.
> If you find that too difficult, follow some of the other links
> concerning "anti-relaying" from the qmail.org page. There are several.
> All of which offer complete descriptions for setting up tcpserver.
Sensible place to put it (as oppsed to 'installing tcpserver' :) But
thnks for the pointer.
> If you still can't figure it out, hire a 12 year old.
I guess I asked for that :) Been a bad day at work and I've been having
helll with tcpserver and pop3d and qmail-smtpd.
D.
I'd hire that 12 year old if he/she could tell me what the
damn status codes for tcpserver meant. :-) Seriously
though, those pages need some updates, I spent an hour or two
searching the archives of this list the other day to find
out the reason my post card cgi perl script needed to have
\r\n on the end of each of it's lines when constructing
the mail headers... The only thing I had to search on
was the fact that my tcpserver was logging the undocumented
status=256 which seems to be spit out for multiple problems.
Dave
-----Original Message-----
From: Ben Beuchler
To: [EMAIL PROTECTED]
Sent: 8/4/00 12:53 PM
Subject: Re: Bah!
You have a very charming way of asking for help. Also of not reading
readily and freely available documentation.
Start with the home page for ucspi-tcp. Documents every option of every
program in the package.
http://cr.yp.to/ucspi-tcp.html
If that is too obtuse for you, try David Sill's excellent "Life With
qmail", linked to from the qmail.org page.
http://web.infoave.net/~dsill/lwq.html
If you find that too difficult, follow some of the other links
concerning "anti-relaying" from the qmail.org page. There are several.
All of which offer complete descriptions for setting up tcpserver.
If you still can't figure it out, hire a 12 year old.
Ben
--
Ben Beuchler
[EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290
x101
Bitstream Underground
www.bitstream.net
On Fri, Aug 04, 2000 at 06:14:39PM +0100, Holborn BongMiester wrote:
> I guess I asked for that :) Been a bad day at work and I've been having
> helll with tcpserver and pop3d and qmail-smtpd.
My apologies. I'm a tad short-tempered myself.
Anyway, tcpserver is quite easy. I found it preferable to inetd by a
long shot. And having the tcp program do the IP based stuff makes
perfect sense as the stuff qmail sees is too easily forged. It only has
envelope information to work from, after all.
As a peace offering, here's my tcpserver setup:
/usr/local/bin/tcpserver -R -c 80 -q -p -x /etc/smtprules/tcp.smtp.cdb \
-u79 -g1003 0 smtp /var/qmail/bin/qmail-smtpd 2>&1 &
There are several other options, all well documented on the ucspi-tcp
page. Of course, the -u and -g options need to be changed to match the
correct UID/GID on your box. And the -x option needs to point to your
tcprules file, the format of which is documented on the tcprules page at
the ucspi-tcp site.
A typical line looks like this:
123.45.67.89:allow,RELAYCLIENT=""
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
On Fri, Aug 04, 2000 at 01:08:05PM -0400, Hubbard, David wrote:
! The only thing I had to search on
! was the fact that my tcpserver was logging the undocumented
! status=256 which seems to be spit out for multiple problems.
It's not really undocumented. The status code in the log is what's
returned by wait(2) (or an equivalent). Divide that number by 256,
and get the return code (1, in your case). The status modulo 256 has
information on how the program exited: normal termination, killed by
a signal, &c.
---Chris K.
--
Chris, the Young One |_ If you can't afford a backup system, you can't
Auckland, New Zealand |_ afford to have important data on your computer.
http://cloud9.hedgee.com/ |_ ---Tracy R. Reed
PGP: 0xCCC6114E/0x706A6AAD |_
* Holborn BongMiester <[EMAIL PROTECTED]> writes:
> Is there any _useful_ documentation [for tcpserver], with some examples
> out there on how to use it?
You've already been pointed to DJB's site. There also exists a tarball
with man pages at http://innominate.de/, compiled by G. Pape.
> I saw one snippet that mentioned it goes in inetd.conf If so what the
> bleeding point?? I'd rather be using FreeBSD's improved tcp_wrappers
> than using them and having to use tcpserver within it.
I don't think so. But go see for yourself. If you don't see the value of
this excellent software package, you probably don't need it.
--
Robin S. Socha <http://socha.net/>
``The "From: " header'' and ``The envelope "from " header''---I knew I
was confused the first time I read the message...
On Fri, Aug 04, 2000 at 11:22:12AM -0500, Ben Beuchler wrote:
! My error. I did not read your request carefully enough. The "From: "
! header is entirely under the control of your MUA (mutt, pine, mailx,
! etc).
The address listed in the From field is what I call the header sender.
There could be a different official name for it though.
! The envelope "from " header is controlled via your MTA (qmail, in
! this case) and can be controlled either by using the sendmail wrapper
! with a "[EMAIL PROTECTED]" or setting some environment variables
! before calling qmail-inject.
That's what I (and most people I know of) call the envelope sender, and
it does not appear in the header (unless your mailer puts it into the
Return-Path field, but it's not an obligatory behaviour).
The other thing that should be clarified is that there is _one_ header
in a message, consisting of one or more fields. For more definitions,
see http://cr.yp.to/immhf/header.html.
---Chris K.
--
Chris, the Young One |_ Never brag about how your machines haven't been
Auckland, New Zealand |_ hacked, or your code hasn't been broken. It's
http://cloud9.hedgee.com/ |_ guaranteed to bring the wrong kind of
PGP: 0xCCC6114E/0x706A6AAD |_ attention. ---Neil Schneider
I have written a patch to force clients to say helo first.
ahelocheck.diff
"Darrell Wright" <[EMAIL PROTECTED]> writes:
> I have written a patch to force clients to say helo first.
Out of curiosity and not unpleasantness, why would one want such a
patch? I've seen that sendmail has options to do the same thing, and
have never understood exactly what it accomplishes.
Thanks for any insight,
------ScottG.
Some people where I work use pop3 at home and at work. When they check their
mail from home, they are leaving the messages on the server. The problem
happens when they get to work the next day. Apparently, when using the old
pop3 server, messages they had already downloaded from home were marked
"read". But now, with qmail-pop3d, they show up as "unread" when the people
come into work.
Anyone know why this problem happens? I assume it is some POP3
feature/extension that qmail-pop3d doesn't support. By the way, the people
complaining are using Eudora.
--Adam
On Fri, Aug 04, 2000 at 02:00:24PM -0400, Adam McKenna wrote:
> Some people where I work use pop3 at home and at work. When they check their
> mail from home, they are leaving the messages on the server. The problem
> happens when they get to work the next day. Apparently, when using the old
> pop3 server, messages they had already downloaded from home were marked
> "read". But now, with qmail-pop3d, they show up as "unread" when the people
> come into work.
>
> Anyone know why this problem happens? I assume it is some POP3
> feature/extension that qmail-pop3d doesn't support. By the way, the people
> complaining are using Eudora.
I encountered the same problem.
qmail-pop3d does not support the (deprecated) LAST command. Instead, it
generates a unique ID for each message which it sends in response to the
UIDL command. This is supposed to be cached by the client and used to
figure out which messages it has already read. The idea was to remove
the 'state' onus from the server and give it to the client.
No solution, realy. Tell 'em if they want to leave mail on the server,
use a protocol designed for that, like IMAP. Or find a client that
correctly implements the POP3 protocol.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
hi,
i am running a small internet-server with several virtual domains and
i would like to install sqwebmail for my customers. the question is:
does qmail work together with /Maildir format and a running qmail-pop3d
or do i need the install vpopmail ? user should be able not open new
pop3 accounts; they should only read and write emails using the web.
--
regards,
jens
---------------------------------------------------------------------------
department computer science, university of dortmund
linux ... life's too short for reboots!
begin:vcard
n:Georg;Jens
x-mozilla-html:FALSE
org:University of Dortmund, Germany;computer science
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;0
fn:Jens Georg
end:vcard
Hi...
I have a problem for wich I haven't got a clue on where to start looking for
a possible sollution...
There is this company that wanted to have mails coming to their domain...
(slofit.si). Ok, no problem, a virtual mail domain... But no, they had to go
ask their internet provider first, and what they did is forward all mail for
this domain (slofit.si) into a single mailbox!?!.
So the company has been using this setup for some time (haven't got the
faintest idea for how long) and now they are asking me to fix this, but they
still want to use this single mailbox at their internet providers server.
They are using a dialup link, so I was thinking of setting up a qmail server
on a local machine and allowing mail from the local network to be relayed
outwards... This is all well, but what about the incoming mail?
My idea is: Get the mails from the mailbox and inject them into qmail... Is
this possible? I dont really have the time to test this and try it out, so I
hope someone will have some info for me...
Thanks, Goran
The documentation said to install Windows NT 4.0 or better - so I installed
Linux 2.2.13!
Sounds like a job for fetchmail unless the ISP offers ETURN services.
fetchmail connects to a remote POP server (so that it can slurp all
the mail for a single mailbox) and reinjects it into your local
mail system. It's not necessarily perfect depending on the ISPs
mail system (especially wrt retrieving envelope info) but it's
better than nothing if you have no choice.
Mark.
On Fri, Aug 04, 2000 at 08:22:13PM +0200, Goran Blazic wrote:
> Hi...
>
> I have a problem for wich I haven't got a clue on where to start looking for
> a possible sollution...
> There is this company that wanted to have mails coming to their domain...
> (slofit.si). Ok, no problem, a virtual mail domain... But no, they had to go
> ask their internet provider first, and what they did is forward all mail for
> this domain (slofit.si) into a single mailbox!?!.
> So the company has been using this setup for some time (haven't got the
> faintest idea for how long) and now they are asking me to fix this, but they
> still want to use this single mailbox at their internet providers server.
> They are using a dialup link, so I was thinking of setting up a qmail server
> on a local machine and allowing mail from the local network to be relayed
> outwards... This is all well, but what about the incoming mail?
>
> My idea is: Get the mails from the mailbox and inject them into qmail... Is
> this possible? I dont really have the time to test this and try it out, so I
> hope someone will have some info for me...
>
> Thanks, Goran
>
> The documentation said to install Windows NT 4.0 or better - so I installed
> Linux 2.2.13!
>
I believe procmail does this. I do not use it, but I remember reading it in
a document somewhere. I would try there.
Darrell Wright
----- Original Message -----
From: "Goran Blazic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 04, 2000 2:22 PM
Subject: What a mess...
: Hi...
:
: I have a problem for wich I haven't got a clue on where to start looking
for
: a possible sollution...
: There is this company that wanted to have mails coming to their domain...
: (slofit.si). Ok, no problem, a virtual mail domain... But no, they had to
go
: ask their internet provider first, and what they did is forward all mail
for
: this domain (slofit.si) into a single mailbox!?!.
: So the company has been using this setup for some time (haven't got the
: faintest idea for how long) and now they are asking me to fix this, but
they
: still want to use this single mailbox at their internet providers server.
: They are using a dialup link, so I was thinking of setting up a qmail
server
: on a local machine and allowing mail from the local network to be relayed
: outwards... This is all well, but what about the incoming mail?
:
: My idea is: Get the mails from the mailbox and inject them into qmail...
Is
: this possible? I dont really have the time to test this and try it out, so
I
: hope someone will have some info for me...
:
: Thanks, Goran
:
: The documentation said to install Windows NT 4.0 or better - so I
installed
: Linux 2.2.13!
:
Goran Blazic <[EMAIL PROTECTED]> wrote:
>
> I have a problem for wich I haven't got a clue on where to start looking for
> a possible sollution...
[...]
> My idea is: Get the mails from the mailbox and inject them into qmail... Is
> this possible? I dont really have the time to test this and try it out, so I
> hope someone will have some info for me...
Other people have mentioned fetchmail; that can work. You might also try
my own 'fetchmail' -- it has support for domain mailboxes, and delivers
into Maildirs or mboxes.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
Following up on my own reply, I wrote:
>
> You might also try my own 'fetchmail'...
Of course, I meant "my own 'getmail'". My bad.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
http://www.ornl.gov/its/archives/mailing-lists/qmail/2000/06/msg00284.html
The above link sends one to a script that filters based on subject.
It bounces the mail. I, however, wish to instead forward this
email to an alternative Maildir. How might I do that?
mike.
_______________________________________________
Why pay for something you could get for free?
NetZero provides FREE Internet Access and Email
http://www.netzero.net/download/index.html
Does anyone know why tcpserver would do this?
It seems to be randomly hanging on incoming connections, about 1 in every 10:
Connection closed by foreign host.
adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK <25910.965424763@orbicus>
quit
+OK
Connection closed by foreign host.
adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK <25912.965424764@orbicus>
quit
+OK
Connection closed by foreign host.
[a bunch more times]
then... randomly, this will happen:
adam@orbicus:~$ telnet localhost 110
Trying 127.0.0.1...
[hangs]
Logs show nothing out of the ordinary:
@40000000398b36852712097c tcpserver: status: 1/40
@40000000398b368527154d6c tcpserver: pid 25910 from 127.0.0.1
@40000000398b3685271c9c84 tcpserver: ok 25910 localhost:127.0.0.1:110
:127.0.0.1::3755
@40000000398b368605ccc39c tcpserver: end 25910 status 256
@40000000398b368605cd486c tcpserver: status: 0/40
@40000000398b36861a2ae01c tcpserver: status: 1/40
@40000000398b36861a324a8c tcpserver: pid 25912 from 127.0.0.1
@40000000398b36861a39dc0c tcpserver: ok 25912 localhost:127.0.0.1:110
:127.0.0.1::3757
@40000000398b368633f6a29c tcpserver: end 25912 status 256
@40000000398b368633f7276c tcpserver: status: 0/40
Here is the command I'm using to run tcpserver:
adam@orbicus:~$ cat /var/qmail/supervise/qmail-popup/run
#!/bin/sh
PATH=$PATH:/var/qmail/bin:/usr/local/bin
exec /usr/local/bin/softlimit -m 2000000 \
tcpserver -R -H -v -x/etc/tcp.pop3.cdb -u0 0 110 qmail-popup
orbicus /bin/checkpassword qmail-pop3d Maildir 2>&1
Any ideas? I've already recompiled both qmail and ucspi-tcp. We had some
disk problems recently so I wanted to make sure they weren't damaged somehow.
--Adam
I've installed qmail from the FreeBSD ports collection, and I'm
trying to get it going... so when reading the help documents, I
see references to /var/qmail/rc. I don't see this file. I even
checked in the distribution tarball, and I don't see this file. Is
there something I'm missing?
On Fri, Aug 04, 2000 at 03:13:26PM -0700, James wrote:
> I've installed qmail from the FreeBSD ports collection, and I'm
> trying to get it going... so when reading the help documents, I
> see references to /var/qmail/rc. I don't see this file. I even
> checked in the distribution tarball, and I don't see this file. Is
> there something I'm missing?
Yup.
In the file named "INSTALL" on line 24 it says:
8. Copy /var/qmail/boot/home (or proc) to /var/qmail/rc.
That should take care of it.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net
Should I use qmail for this application? I was going to write it in PHP.
Qmail looks interesting, but I have zero experience with it.
I want customers to e-mail money to my website, and my website automatically
e-mails them a file (text, photo, MP3, etc.). I want to use PayPal to
handle the credit card transaction.
There are e-commerce applications that can do "softgoods payload delivery,"
e.g. Hazel. But these applications are much bigger than I need. If I use
PayPal, I don't need credit card processing. Security concerns are simpler.
I don't need hardgoods processing, shopping carts, etc.
Plus, PayPal has zero transaction fees. Wells Fargo charges me up to 12%
for small credit card transactions.
My plan is to write a PHP script to parse the e-mail that PayPal sends to
the seller. PayPal sends an e-mail to the seller saying, "[EMAIL PROTECTED]
has paid you $3 and attached this note: 'I want gilliananderson.jpg.'" I
was going to parse that e-mail into "[EMAIL PROTECTED], $1,
gilliananderson.jpg" and then send out the photo to that address.
Comments, suggestions? Would this be easier to do in qmail or in PHP? Can
I hire a qmail consultant to write this for me?
--
Thomas David Kehoe Casa Futura Technologies
http://www.FriendshipCenter.com Stuttering Science & Therapy Website
The free penpals database for http://www.fluencydevices.com
individuals with disabilities. (888) FLU-ENCY
> From: Thomas David Kehoe <[EMAIL PROTECTED]>
> Date: Fri, 04 Aug 2000 16:40:38 -0700
>
> Comments, suggestions? Would this be easier to do in qmail or in PHP?
umm, qmail isn't a programming language. qmail could call a php script (or a
perl script or a c program) which would do this. qmail is a replacement for
sendmail.
Chris
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
Thomas David Kehoe <[EMAIL PROTECTED]> writes on 4 August 2000 at 16:40:38 -0700
> Comments, suggestions? Would this be easier to do in qmail or in PHP? Can
> I hire a qmail consultant to write this for me?
I find the "qmail or PHP" question confusing. For a moderate volume
(and you say you don't need some of the more heavy-duty commercial
softgoods payload delivery systems), I'd write a CGI in something like
Perl, or use PHP, or use ColdFusion if I already had it on my server,
or something like that. And then I'd use whatever MTA was installed
on the server to accept and deliver the incoming, and to dispatch the
outgoing.
Qmail is a fine choice for MTA; it's fast, reliable, secure, and
easy to interface to from a CGI application. If there's no MTA
currently installed, or if it's time for a change, qmail would be a
good choice.
I'm sure you can hire a consultant to write this for you. I'd look
for web expertise more than qmail expertise, since the interface to
whatever MTA you use isn't particularly the hard part. If you're
setting up the server yourself you might want a qmail consultant to
get the whole mail handling thing set up for you, and finding somebody
who can do both parts might be more convenient for you.
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
David Dyer-Bennet <[EMAIL PROTECTED]> writes:
> Yes, when I first looked at it. As is often the case with Dan, I just
> disagree. It's not straight text in the sense I mean; it's not human
> readable. Of all the strange choices Dan's made that I've encountered
> in working with qmail, this is the first one that I fail completely to
> understand. All the others, I see the tradeoffs and I see why he chose
> as he did, even if I might have chosen otherwise. This one makes zero
> sense. It's non-functional. It doesn't connect to the way I work.
syslog timestamps are amazingly annoying to try to parse. TAI64 is
trivial to parse. This is a significant improvement.
ISO date/time format would also have been easy to parse, and I would have
been slightly happier with that, but TAI64 is definitely a *huge*
improvement over syslog if you want to do anything at all automated with
the logs.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Irwan Hadi <[EMAIL PROTECTED]> writes:
> , PayPal/Confinity, Red Hat's mailing lists, Hypermart.net, Casema,
> ^^^^^^^^^^^^^^^^^^^^^^^^^^
> Rediffmail.co.in, Topica, MyNet.com.tr, FSmail.net, and vuurwerk.nl.
> at www.qmail.org/top.html should be removed right ?
It can be replaced with all of the Perl development mailing lists, all of
which are using ezmlm-idx.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Hi all !!!
I have installed perl based programm Scan4virus from Jason Haar
but I have problems whith execute this program.
When I try execute I get next message
======================================
www:/var/qmail/bin# ./antivirus-qmail-queue.pl -t
YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!
FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!
======================================
What can I do ?????
--
Best regards,
Kornyakov mailto:[EMAIL PROTECTED]
* Kornyakov Yevgeny <[EMAIL PROTECTED]> writes:
> I have installed perl based programm Scan4virus from Jason Haar but I
> have problems whith execute this program. When I try execute I get
> next message
> YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET! FIX YOUR
> KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!
,----[ perldoc perldiag ]
| YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!
| (F) And you probably never will, because you probably don't
| have the sources to your kernel, and your vendor probably
| doesn't give a rip about what you want. Your best bet is to
| use the wrapsuid script in the eg directory to put a setuid C
| wrapper around your script.
`----
> What can I do ?????
Use the wrapsuid script in the eg directory to put a setuid C wrapper
around your script. And fix your "?"-key - it appears to be severely
broken.
--
Robin S. Socha <http://socha.net/>
Hi,
i have a big problem with excanghe.
I use qmail for my mail server and excanghe as remote mail server.
Excanghe server use a router to connect my qmail server: it can send
outgoing message but it can recive in message.
I try with pullmail: strange, it works with one Excanghe server but it
doesn't works with another one. The configuration in the same on boot
server: pullmail returna 503 message error: Bad sequance list.
I send a message on boot server: one accept it the other one no: but the
message is the same, the same format.
Now, is there another solution ?
Tanks a lot Max
