qmail Digest 9 Jul 2001 10:00:00 -0000 Issue 1420
Topics (messages 65715 through 65730):
Re: Blank lines in .qmail files
65715 by: Tetsu Ushijima
Re: qmail-queue-patch and qmail-scanner
65716 by: Adrian Ho
65717 by: Andreas Grip
65719 by: Jason Haar
queue-repair v.0.8.3
65718 by: David Talkington
65720 by: Charles Cazabon
smtp Daemon!
65721 by: Qmail
65727 by: Frank Tegtmeyer
Re: queue-repair v.0.8.4
65722 by: Charles Cazabon
65730 by: Frank Tegtmeyer
Additional MAIL-FROM anti-spam checking:
65723 by: Tim Philips
65724 by: Charles Cazabon
two people with the same name but different domain
65725 by: Essy Ren
65726 by: Troy Settle
65728 by: Frank Tegtmeyer
R: two people with the same name but different domain
65729 by: Carlo Borelli
Administrivia:
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
John R. Levine writes:
> I see that if the first line of a .qmail file is blank, qmail-local
> dies with a temporary failure code. Other blank lines are ignored,
> but there's a specific test and a failure message "Uh-oh: first line of
> .qmail file is blank. (#4.2.1)"
>
> Anyone know why? It's documented in the man page, but even for DJB
> code, it seems awfully arbitrary.
Just guessing, but suppose that a .qmail file consists of
one or more blank lines only. Since it is not empty, the
default delivery instruction does not apply. And it does not
contain any instruction for qmail-local to follow.
By requiring that the first line of a .qmail file is not
blank, qmail-local can always identify a set of delivery
instructions.
--
Tetsu Ushijima
On Sat, Jul 07, 2001 at 09:19:19PM +0200, Andreas Grip wrote:
> Well, a smtp-server receiving a lot of mail can reach the limit of
> maximum allowed simultanius connection. If the smtp server close the
> connection faster there will be more time over and the server is able to
> receive more mail. So I think a server, that are faster with closing the
> connection should be more efficient.
If scanning incoming mail takes that long, either upgrade your hardware
or push the scanning problem to the end-users (ie. get them to buy an
anti-virus package or something).
Trying to accept even more mail, when you're already having trouble
clearing the mail you've already received, is IMO A Really Bad Idea In
A World Full Of Bad Ideas.
- Adrian
Charles Cazabon wrote:
>
> Andreas Grip <[EMAIL PROTECTED]> wrote:
> > >
> > > I don't think this is a great idea; it means you have to accept every message,
> > > then scan them, then generate late bounces, instead of rejecting them during
> > > the initial SMTP conversation.
> >
> > qmail-scanner do not reject them, it just bounce them.
>
> I think you're mistaken, although I don't use qmail-scanner. Issuing a 4xx or
> 5xx code after DATA _is_ rejecting a message -- it's also a bounce, although
> if it's done during the SMTP conversation, the sending MTA is responsible for
> generating the bounce message.
Nope, I'm not misstaken. An infected mail is not rejected while my smtp
server is receiving the mail, it turn of the connection with an ok. No
bounce at this time. And then it sends an bounce to the sender with
virus warning message.
> > And what diffrent should that make if the bunce is a few minutes late? It
> > will be late for the sender anyway because they use their ISP:s smtp server
> > and the mail will be sended from that to my smtp server that scan the mail.
>
> There's a big difference. See above. Late bounces have to be generated by
> your MTA and delivered; if the message is bounced during the initial SMTP
> conversion, the bounce message is the responsibility of the sending MTA, not
> the receiving one.
Maybe there should be an idea to change the behavior of qmail-scanner so
it reject the mail instead of accepting it. But then where can not be so
much details in the virus report because the sending smtp do not know
anything about the virus.
> > > What problem are you trying to solve? Why do you think making the SMTP
> > > client wait a minute or two is a bad idea?
> >
> > Well, a smtp-server receiving a lot of mail can reach the limit of maximum
> > allowed simultanius connection. If the smtp server close the connection
> > faster there will be more time over and the server is able to receive more
> > mail. So I think a server, that are faster with closing the connection
> > should be more efficient.
>
> Profile, don't speculate. You're trying to solve a problem that doesn't
> exist.
I'm not trying to solve a problem that dosen't exist. I'm just trying to
make sure that there will not be any problems.
>
> Charles
> --
> -----------------------------------------------------------------------
> Charles Cazabon <[EMAIL PROTECTED]>
> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
> -----------------------------------------------------------------------
On Sun, Jul 08, 2001 at 10:57:08AM +0200, Andreas Grip wrote:
> Nope, I'm not misstaken. An infected mail is not rejected while my smtp
> server is receiving the mail, it turn of the connection with an ok. No
> bounce at this time. And then it sends an bounce to the sender with
> virus warning message.
Absolutely right. I cannot send a SMTP error back during the DATA phase
otherwise the sending SMTP server just bounces the Email message with little
or no reason. SMTP error messages aren't any good when you're wanting to
convey an elaborate reason why it bounced (e.g. "it was the KAK worm virus")
and in several languages :-)
OTOH it is still real-time. An original design decisions behind
Qmail-Scanner - which I am still happy with - was that I wasn't going to
re-invent the wheel and do post-scanning, and I would then have to design my
own queuing system, retries, etc. The way it is designed means all such
issues are taken care of by standard SMTP.
10-20 minutes is the standard maximum time a SMTP server expects to be
sitting in DATA phase, if a mail message takes longer than that to be
scanned by whatever virus scanner you have chosen (that will be where the
bottleneck is - not with Q-S), then you seriously have to look at:
a> your choice of scanner
b> upgrading your hardware.
I have seen thrown around the "fact" that to run a real-time SMTP virus
scanner requires around 10x the amount of hardware that not scanning would.
Sounds about right. That isn't as bad as it sounds as we all over-spec SMTP
relay servers these days anyway. We run two different virus scanners over
each piece of Email entering and leaving our network via Qmail-Scanner. The
load on these boxes has increased from a load average of 0.02 to 0.06, and
climbs to 30+ when we have hour+ network outages. The sudden onslaught of
mail after an outage is the killer.
Always spec for outages...
Also, don't forget, disk IO is most important for SMTP servers. When you
start virus scanning, you must add CPU and RAM to that as well. i.e. Big AV
mail servers need lots of RAM, lots of CPU as well as fast disks.
--
Cheers
Jason Haar
Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417
-----BEGIN PGP SIGNED MESSAGE-----
Charles Cazabon wrote:
>queue-repair is another qmail queue diagnostic and repair tool. Details on
>what makes queue-repair different from other tools are set out in
>the included BLURB file.
Charles -
# ./queue_repair.py
On a working queue checks out fine. For testing purposes, I deleted
/var/qmail/queue, and ran:
# ./queue_repair --create
queue_repair.py v. 0.8.3
Copyright (C) 2001 Charles Cazabon <pqt @ discworld.dyndns.org>
Licensed under the GNU General Public License version 2
running in repair mode
finding qmail UIDs/GIDs...
determining conf-split...
basic queue directories not found at /var/qmail
creating new queue at /var/qmail
Traceback (innermost last):
File "./queue_repair.py", line 801, in ?
File "./queue_repair.py", line 797, in main
File "./queue_repair.py", line 690, in check_queue
NameError: split
Tried again, adding --repair to the command, with the same results.
I was hoping to use this tool as a supplement to a localized tarball
install of qmail, to enable me to store a binary package to add to a
Solaris jumpstart. Am I misunderstanding its purpose and/or usage?
Thank you -d
- --
David Talkington
PGP key: http://www.prairienet.org/~dtalk/dt000823.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6
iQEVAwUBO0frvb1ZYOtSwT+tAQHgPwgAx7cuW6p4/GWv+OmOqgKWLYNdAOfCTlPv
AfsS8U2J5jBEvgP83fJisR9JaUEcQFSFGRIBrn4nU7lGPr+CKTDaX6xkMKmvrjzs
6PS9Yn0qdNqwd3v41q5K2EKOgW7B98Gr8fcpE70rws3cKXyG0b4eJVj9v4sEYkjU
vEDduaeK/8SBOA8lRW6A+6ETiNUFZLUvvbflAvqSK2OM6gEK2kX+xRwZHKaliSzd
J5qaO5puke3Y1W8fPzqdnUYMm6x7nICcuC2NTjnPkKXLU91NWysKDd7SJg32BC8f
kmN8urlCoFYZh4DyzmwPaUKE5Hnx3G+dJWeq7SFNy4oGguJ7tUMSGA==
=2Wfu
-----END PGP SIGNATURE-----
David Talkington <[EMAIL PROTECTED]> wrote:
>
> # ./queue_repair.py
>
> On a working queue checks out fine.
Good.
> For testing purposes, I deleted /var/qmail/queue, and ran:
>
> # ./queue_repair --create
> queue_repair.py v. 0.8.3
> Copyright (C) 2001 Charles Cazabon <pqt @ discworld.dyndns.org>
> Licensed under the GNU General Public License version 2
>
> running in repair mode
> finding qmail UIDs/GIDs...
> determining conf-split...
> basic queue directories not found at /var/qmail
> creating new queue at /var/qmail
> Traceback (innermost last):
> File "./queue_repair.py", line 801, in ?
> File "./queue_repair.py", line 797, in main
> File "./queue_repair.py", line 690, in check_queue
> NameError: split
>
> Tried again, adding --repair to the command, with the same results.
Try adding an explicit "--split 23" (or appropriate split).
> I was hoping to use this tool as a supplement to a localized tarball
> install of qmail, to enable me to store a binary package to add to a
> Solaris jumpstart. Am I misunderstanding its purpose and/or usage?
Nope. You found a bug. If you don't supply a split argument, and
queue-repair can't find a basic queue structure, it has no way of knowing what
conf-split should be. I'll have to think about the right way to fix this. It
would be easy to just default to 23, but that's not "correct".
Thanks for the report.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
I am running qmail on redhat 7.1. qmail is working fine. outlook is used to
fetch mails via pop3.
when i restart the server, qmail smtpd gives a problem.
while sending a outlook says connecting and waits without any action.
when i telnet to port 25 on the server it again dosent reply.
when i do a ps, i get see more than 1 smtpd running. (the number varies,
some times 3 some times 4 )
when i replaced the file /var/qmail/service/smtpd/run (rights 755, and
sticky bit set for smtpd directory)
what could be the problem and how do i resolve it.
Best Regards,
Arun Hubballi,
"Qmail" <[EMAIL PROTECTED]> writes:
> what could be the problem and how do i resolve it.
What do the logs say?
What is the content of your smtpd run script?
Regards, Frank
Charles Cazabon <[EMAIL PROTECTED]> wrote:
>
> If you don't supply a split argument, and queue-repair can't find a basic
> queue structure, it has no way of knowing what conf-split should be. I'll
> have to think about the right way to fix this.
The right way is to ensure that if the user wants to create a new queue, they
have to supply a value for conf-split, and specify whether big-todo should be
used or not.
queue-repair version 0.8.4 incorporates this fix. It's available for download
at:
http://www.qcc.sk.ca/~charlesc/software/queue_repair/
Changes since version 0.8.3 include:
-when force-creating a queue, ensure the user supplies a value for
conf-split and either --bigtodo or --no-bigtodo
-change --create to imply --repair as well
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]> writes:
> queue-repair version 0.8.4 incorporates this fix.
You write software faster than I can keep up with reading your mails
:)
Hi,
Please excuse if this is an easy one to do but, we run a few Large QMAIL
1.03 servers and would like to try and control the Mail-From address our
clients are using.
We have qmail configured using tcpserver and our clients IP addresses are
listed in the tcp.smtp (tcpserver allowed RELAYCLIENTS file) there for
they are allowed to relay. What I wish to do is to control the relaying
beyond that to the level of the MAIL-FROM address, I wish to make sure
this is listed as a domain I'm an MX for or a domain listed in rcpthosts.
The only patches I seem to be able to find are full MAIL-FROM
authentication relaying patches which *isn't* what I wish to do.
Thanks.
--
Tim Philips ([EMAIL PROTECTED])
Tim Philips <[EMAIL PROTECTED]> wrote:
>
> Please excuse if this is an easy one to do but, we run a few Large QMAIL
> 1.03 servers and would like to try and control the Mail-From address our
> clients are using.
I personally don't think this is a great idea; your users may like being able
to set the envelope sender address for certain messages to something outside
of your control (like a Hotmail account) if they're mailing a company they
don't trust not to spam them.
> We have qmail configured using tcpserver and our clients IP addresses are
> listed in the tcp.smtp (tcpserver allowed RELAYCLIENTS file) there for
> they are allowed to relay. What I wish to do is to control the relaying
> beyond that to the level of the MAIL-FROM address, I wish to make sure
> this is listed as a domain I'm an MX for or a domain listed in rcpthosts.
... however, Bruce Guenter's QMAILQUEUE patch and qmail-qfilter add-on could
be used to implement this. You write a simple filter that simply checks that
the envelope sender is in one of your domains (something in rcpthosts,
presumably), and then use the tcpserver .cdb file to set the QMAILQUEUE
variable only for the IP addresses of your clients. You can find Bruce's
software at untroubled.org.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
|
Haiii ... I have installed the qmail and it's
worked fine (finally ..!!)
How about if there's two different man with a same
name , for example dave at test.local and the other is different people but with
same name for example dave at cobalt.local
How can I separate this two different man
?
I wonder if qmail can separate the Maildir
from this two virtual domain ?
If it can, can you help me to make the different
Maildir (and password) for the people who have the same name but in different
domain ?
thanks for your help
|
|
Haiii ... I have installed the qmail and it's
worked fine (finally ..!!)
How about if there's two different man with a
same name , for example dave at test.local and the other is different people
but with same name for example dave at cobalt.local
How can I separate this two different man
?
I wonder if qmail can separate the Maildir
from this two virtual domain ?
If it can, can you help me to make the different
Maildir (and password) for the people who have the same name but in different
domain ?
thanks for your help
|
"Essy Ren" <[EMAIL PROTECTED]> writes:
> How can I separate this two different man ?
Have a look at the man page for qmail-send. Look for the paragraph
about the controlfile virtualdomains.
Hint: If you add a domain to virtualdomains you *must* remove it from
locals.
There are also complete packages that handle virtual domains also for
POP access:
http://vmailmgr.org/ and
http://www.inter7.com/vpopmail/
Regards, Frank
Hi,
try to follow the instructions of Paul Gregg at
http://qmail.3va.net/single-uid-howto.html
I've configured a multiple domain qmail server and works fine.
Carlo Borelli
Project Management
Business Unit Tecnologie Data Center
Akros Informatica S.r.l. Via Cavina 7 Ravenna, Italy
Office +39 0544 503688, Mobile +39 348 6160660, Fax +39 0544 503551
mailto:[EMAIL PROTECTED]
-----Messaggio originale-----
Da: Essy Ren [mailto:[EMAIL PROTECTED]]
Inviato: luned� 9 luglio 2001 3.27
A: qmail
Oggetto: two people with the same name but different domain
Haiii ... I have installed the qmail and it's worked fine (finally ..!!)
I create two virtual domain so I have two account like this :
[EMAIL PROTECTED] and [EMAIL PROTECTED]
How about if there's two different man with a same name , for example dave
at test.local and the other is different people but with same name for
example dave at cobalt.local
How can I separate this two different man ?
I've try send to [EMAIL PROTECTED] from [EMAIL PROTECTED] and vice versa, and
the email was drop into the same Maildir,
so [EMAIL PROTECTED] has the same password to login (check the email) with
[EMAIL PROTECTED]
I wonder if qmail can separate the Maildir from this two virtual domain ?
If it can, can you help me to make the different Maildir (and password) for
the people who have the same name but in different domain ?
thanks for your help
