Re: AW: [toaster] quota problem
I think this would be cleared up (along with some other issues mentioned previously on the list) by fixing how catchall mail is delivered. Right now, if you have a local account set as catchall, the incoming mail gets dumped directly into its Maildir, ignoring any forwards, vacation messages or (it appears) quotas. By changing that behavior to a forward, the mail would be delivered through regular channels and be subject to all other rules for that user. On Wednesday, August 14, 2002, at 01:24 AM, nemeso | Listmaster wrote: > The question is: > > I send Mail to the postmaster account (postmaster@domain) and the mail > will be counted. > > I send Mail to another adress that doesn't exist (xxx@domain), the mail > goes to the postmaster account (catch all) and is not counted, so where > is the problem ? > -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Cannot Patch with Qmail-Monitor
On Sunday, November 17, 2002, at 08:52 AM, Bill WONG wrote: As i need to monitor my incoming and outgoing email messages, so i got a very nice patch called qmail-monitor. http://sourceforge.net/projects/qmail-monitor/ However, after i patched with patch -p0 < ../tar/qmail-toaster-0.4.2.patch, i cannot patch that patch anymore, it show me error got rejects. And i cannot complie the qmail. Do you have any ideas why i cannot patch qmail-toaster-0.4.2.patch with that one? That's kind of outside the scope of this list, but here are some ideas: Try the qmail-monitor patch first, and then do the qmail-toaster patch. If that doesn't work, you're going to have to look at the patches, see how they alter the code, and figure out where the conflict is. Then it's up to you to make the code changes to get it to work. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Re: [Fwd: RE: [Qmail-scanner-general]qmail scanner with vpopmail]
On Wednesday, November 20, 2002, at 04:20 PM, Bill Shupp wrote: You might consider not using roaming users. I'm moving away from it, as SMTP-AUTH is just a better solution. Most mail clients support it now. My toaster has been using SMTP AUTH only for the past year or so, and it works fine. I just set up a page that describes how to set up the email client, and haven't had any complaints. Like Bill said, most mail clients support it. If they don't, the user can use their ISP's SMTP server to relay outbound mail. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Problems with POP Authentication
On Thursday, November 21, 2002, at 04:23 PM, Peter Maag wrote: Hi there, I have installed Bill's QMail Toaster to the T, and I cannot seem to get POP to authenticate any of my users. And, the really wierd thing is that sqwebmail will allow users to login just fine, but when I try a real pop client, or try to just telnet to port 110 and login, I get an ERR: Authorization Denied message. qmailadmin also does not work. What are you using as the username? You do know that you need to include the domain name, correct? I typically have users use username%domain.com instead of [EMAIL PROTECTED] The first version seems to work with more mail clients than the second. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] smtproutes / security question
On Monday, February 10, 2003, at 11:21 AM, John Shireley wrote: That's really not an option for me, not being an db admin, +and+ I have to continue using /etc/passwd users for various reasons. I think my question can pretty much be boiled down to this: is SMTP-auth not able to function since the server has its mail proxied to it by a firewall running qmail with an smtproutes entry? If I'm reading your request correctly, I think that the answer is no. You want the users to connect to the firewall's SMTP port and authenticate so it will accept mail (either for relay to other domains, or for local users). The user database with passwords is located on another machine though. This means that the firewall machine would need to contact the true mail server in order to authenticate users. Instead of proxying the mail with an smtproute entry on the firewall, you could forward all SMTP (port 25) traffic directly to the mail server. You should be able to do SMTP AUTH at that point, but you'll want to make sure the server has whatever protections you had in place on the firewall machine (previously providing SMTP forwarding). -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Mac OS/X 10.2 clients not able to send mail
On Thursday, February 27, 2003, at 08:56 AM, John Shireley wrote: I'm honestly not certain as to where to send this inquiry, as I'm a bit stumped. In our marketing dept. we have several Macs running OS/X 10.2, and they seem to be completely unable to send mail using the toaster as their outbound mail server. All Windows/Un*x machines don't have any problems. It seems to have something to do with SMTP-AUTH maybe, because they don't even get prompted to offer a password (they're on a different subnet). They worked just fine until today (don't you just love that). Any ideas or wild speculations would be highly appreciated. This message you're reading was sent with Apple's Mail program on an OS 10.2 system through my mail server which I set up as a toaster. Go into the Accounts panel of Preferences, select the account in question. Choose "Options..." for the outbound server, and set it up with authentication "Password", the user's email address in the form "user%domain.com" for the username, and their POP/IMAP password for the password. Should work just fine. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] qmailadmin 1.0.12 - bugs
On Sunday, March 23, 2003, at 11:47 PM, aimix aimix wrote: hi all, i already testing the qmail-toaster 0.50. really great. the problem is when i add user using qmailadmin (1.0.12) without any patches and using squirrelmail 1.2.11. it can't read then inbox.draft, inbox.send but can read inbox and inbox.trash. I check the maildir, there's no /.draft and /.sent. but if using /home/vpopmail/bin/vadduser the folders are ok. what's wrong with qmailadmin-1.0.12 ? Both vadduser and qmailadmin use the same function for adding a user. I don't see why one would create those directories, and the other not. From what I've seen with my server, the directories aren't created until someone runs SquirrelMail. Perhaps this is an issue with SquirrelMail 1.2.11 or how it's been configured? -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Handling Mailer-Daemon
On my system, I placed blank lines in the /var/qmail/control/doublebouncehost and doublebounceto files. This seemed to eliminate the spam bounced I was plagued with -- I can't guarantee that I'm not missing out on other important bounces though... I'm going to be building a new system soon, and will follow Bill's toaster again. I'm definitely going to try out the chkuser.patch myself. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] smtp-auth, badmailfrom/to hit log
On Thursday, May 29, 2003, at 08:20 AM, Héja Tibor wrote:
I'm using the 0.5 patch. I tried to find the way to send the
badmailfrom-badmailto and mfcheck rejection messages to my smtpd
logfile. There is a patch at http://www.svm.cz/~jirka/qmail/ for this,
I wrote the differences into the smtpd.c. It works vell in that case,
when I don't use the smtp authentication. After the authentication the
smtpd send these error messages to the smtp-session, not into the
logfile. I know that there is a 2>&1 at the and of the smtpd run
script, which redirect the stderr to the stdout (as I see the patch
above send the errormessage to the stderr), but this will cause
problem only in that case, when I use the smtp authentication.
I notice that the SMTP AUTH patch includes the following line:
if (fd_copy(2,1) == -1) return err_pipe();
I'm not sure why it does that, and why the call to vchkpw needs to use
descriptors 2 and 3. There was a patch to that patch posted to the
vpopmail list that fixed the problem of closing file descriptor 3 in
the parent, perhaps the fdcopy (2,1) should be in the child process as
well.
--- qmail-smtpd.c.orig Sat Jan 18 09:13:50 2003
+++ qmail-smtpd.c Sat Jan 18 19:51:09 2003
@@ -459,14 +459,13 @@
if (!stralloc_0(&resp)) die_nomem();
if (fd_copy(2,1) == -1) return err_pipe();
- close(3);
if (pipe(pi) == -1) return err_pipe();
- if (pi[0] != 3) return err_pipe();
switch(child = fork()) {
case -1:
return err_fork();
case 0:
close(pi[1]);
+ if (0 > fd_copy(3,pi[0])) _exit(1);
sig_pipedefault();
execvp(*childargs, childargs);
_exit(1);
--
Tom Collins
[EMAIL PROTECTED]
Re: [toaster] Odd Delivery Problems...
On Thursday, May 29, 2003, at 03:06 PM, Matthew Walker wrote: The issue is /specifically/ when sending mail from the machine that hosts kydance.net to the machine that hosts forgeglobal.com. I've now discovered that any mail sent from any domain on the kydance.net machine destined for the forgeglobal.com machine gets it's domain rewritted to kydance.net by the forgeglobal.com machine, and sent back. Log into machine X, the one hosting kydance.net. Telnet to port 25 of machine Y, the one hosting forgegobal.com. Type 'HELP' and hit return. Is it qmail? Try an SMTP test message: -- MAIL FROM:<[EMAIL PROTECTED]> RCPT TO:<[EMAIL PROTECTED]> DATA To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] Subject: Test This is a test. . -- What do you see in the logs on machine Y? On machine Y, what happens if you `grep kydance.net /var/qmail/control/*`? On machine X, what if you `grep forgeglobal.com /var/qmail/control/*`? Maybe an odd entry in smtproutes? What does /var/vpopmail/domains/forgeglobal.com/.qmail-default look like? -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Disturbing Logs
On Thursday, May 29, 2003, at 05:05 PM, Peter Maag wrote: The message appears to be coming from my server and is being delivered to an external server that is not being hosted by my server. The local account that QMail is claiming the mail is being sent from is not even a valid POP3 account. Try `grep -ri "email.domain.com" /home/vpopmail/domains` (where the address in your log that the message went to is [EMAIL PROTECTED]) to see if the address in question is a forwarding address on any account you host. It is possible that it's a remote catchall, and could get listed in the log that way. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Disturbing Logs
On Thursday, May 29, 2003, at 07:06 PM, Peter Maag wrote: Looking through my logs it seems that a number of domains are doing what the original domain address is doing. In every case the from address(that claims to be from my server) is not a valid address on my server. It seems that someone has found a way to compromise the catchall setting in vpopmail, as the domains in question all have a catchall mail account. If someone is forging a return address, but sending to some random address for that domain, there's not much you can do (other than turning off the catchall). -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Odd Delivery Problems...
On Friday, May 30, 2003, at 08:24 AM, Matthew Walker wrote: Not as far as I can tell. As I've said before, lanparty recieves mail from everywhere except arsenic just fine. The only time it doesn't work is when sending mail directly from arsenic to lanparty. (Though, if I hand-enter the message, it works...) My guess is that for some reason arsenic is deciding that the mail is local and doesn't need to be delivered to lanparty. Unless you're seeing it get delivered with TLS and then immediately returned. Can you post the full headers from one of the mis-behaving messages? -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] weird thing happened
On Friday, June 27, 2003, at 06:49 AM, John Shireley wrote: Hey all, I've experienced a weird mail anomaly that I was wondering if anyone else has seen yet? For reasons I can't explain, my boss wants us to do "lists" by creating a username (e.g. saleslist), and filling its .qmail file with |forwards to individual recipient's names. I hope you meant &forward instead of |forward. In any case, email addresses that start with a letter or number don't need the & (it's probably a good idea to use it anyway). You could use qmailadmin to set up a forward and add addresses to it. Or, just set up an ezmlm mailing list. It's not that hard, and would accomplish the same thing with some extra features. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] weird thing happened - forward kept forwarding
On Friday, June 27, 2003, at 07:46 AM, John Shireley wrote: No, I meant the pipe symbol "|". I'm not using any of the virt stuff, its pretty much a straight /etc/passwd installation. Oddly enough I've been trying to duplicate this by just using my own address and can't seem to get it to do it again, whereas my original group of usernames received something like 30+ duplicate messages. G... The pipe (|) indicates program delivery. Ampersand (&) is used for forwarding address. Take a look at `man dot-qmail` or, if the qmail man pages weren't installed (they weren't on my system), go into the qmail source directory and do `man ./dot-qmail.5`. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] weird thing happened - forward kept forwarding
On Friday, June 27, 2003, at 09:52 AM, John Shireley wrote: I understand that, but for some reason this is the way we've always done it. It works, so I never questioned the practice. Ok, testing this again, it seems like if I only have one address in there it only delivers the message once, correctly. But if I have more than one addy in there, the message somehow gets stuck in the queue and repeatedly delivers itself. What would cause that kind of behavior? Until you switch from "|" to "&", I think that all bets are off. You'll have to look at the source code to qmail-local to see how it handles "|[EMAIL PROTECTED]", because it's undefined in the documentation. Based on my understanding of how .qmail files are handled, if the exit code from a program execution (a line starting with "|") isn't 0, then it's classified as an unsuccessful delivery and will be requeued. What happens if you use "&[EMAIL PROTECTED]" and all email accounts are valid? -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] NO root / segmentation fault
On Tuesday, July 1, 2003, at 11:45 PM, Jesper Goos wrote: After that, I can’t log in to my root account any more!!! And when I use one of the other accounts, I get ?segmentation faults all the time… It sounds like somebody hacked your server, changed the root password, and replaced some of the binaries. You might need to reboot into single-user mode and examine the system for evidence of hacking. CERT (http://www.cert.org/) has resources that might help you determine what happened. If it's a new system, it's probably better to reinstall the OS (and toaster) than to try cleaning up after the hackers. Make sure you apply all updates to your system before going online. On the RedHat servers I build, I typically start off with it behind a firewall until I can turn off unneeded services and install all of the updated RPMs. -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] Qmail Rewriting Email Addresses
On Wednesday, July 2, 2003, at 03:29 PM, Matthew Walker wrote: What I get from this whole mess, is that for some reason, qmail is rewriting the domainname of the RCPT TO after it gets it. With these new details, does anyone have any advice about how I should go about fixing the problem? I'm willing to provide any configuration detail requested (Though I've provided most of it before, with no luck...) Do you have a /var/qmail/control/rewrite file? If so, check this: <http://www.apress.com/article/articleDisplay.html?aID=14> What patches have you applied to qmail on the machine that rewrites the envelope recipient? -- Tom Collins [EMAIL PROTECTED]
Re: [toaster] maildir problem
On Saturday, October 4, 2003, at 02:00 PM, yc wrote: @40003f7f336f2d82c3b4 starting delivery 1913: msg 81385 to local [EMAIL PROTECTED] @40003f7f336f2d82e6dc status: local 1/10 remote 0/20 @40003f7f337e05fc092c delivery 1913: deferral: /bin/sh:_line_1:_maildir:_command_not_found/ @40003f7f337e05fc286c status: local 0/10 remote 0/20 Check the following files: domains/stu.domain.edu/.qmail-dgokalp domains/stu.domain.edu/.qmail-default domains/stu.domain.edu/dgokalp/.qmail What do they look like? It thinks "maildir" is a program and it can't find it. Read up on the format of .qmail files and make sure they contain what they're supposed to. -- Tom Collins [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] password generation - vpopmail table - pw_passwd
On Thursday, October 23, 2003, at 03:47 PM, GoodnGo.de ((R)) Zentrale wrote: How can I generate such passwords from commandline? Use the vpasswd program (installed to ~vpopmail/bin/). -- Tom Collins - [EMAIL PROTECTED] Note: The Tom Logic offices will be closed October 23 to November 18. QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] How to combine the chkuser.patch and the qmail-toaster-0.5
On Monday, November 10, 2003, at 07:06 PM, Jens Gassmann wrote: i tried to install latest vpopmail and qmail 1.03. chkuser.patch requieres an installed vpopmail and vpopmail requires a install qmail. How to install both? Install unpatched qmail, then vpopmail, then patch qmail and recompile/install it. -- Tom Collins - [EMAIL PROTECTED] Note: The Tom Logic offices will be closed through November 18. QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] IP Blocking
On Thursday, December 18, 2003, at 01:28 AM, Ashvin Savani (arckid) wrote: No ... it's a static IP not a dynamic one. Thanks for your reply. But is it an IP on residential DSL or cable modem? Is your server an open relay? Has it sent a lot of mail to CompuServe? I was occasionally blocked by Yahoo, since one of my customers had a forward set on their account and it received a lot of spam... You might need to search the CompuServe website for information on who to contact about blocking. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] AUTH CRAM-MD5, just can't get it to work.
On Jan 28, 2004, at 2:22 AM, Zachariah T Hall wrote: I can send email from outside the network to an address outside the network with AUTH LOGIN and PLAIN. But when I use CRAM-MD5 I get bad authentication. I don't understand what's going on anymore and would accept any help that might point me in the right direction. With vpopmail 5.4.0-rc2, make sure you're using the latest SMTP-AUTH patch from <http://www.fehcom.de/qmail/smtpauth.html>. Also note that that patch changes the parameter list to qmail-smtpd in the run file. You need to REMOVE the hostname. I've had reports that this combination works. I haven't been able to test it myself yet. Bill, you might need to update your toaster instructions if the new vpopmail doesn't work with the older version of the SMTP AUTH patch. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] AUTH CRAM-MD5, just can't get it to work.
On Jan 28, 2004, at 9:00 AM, Bill Shupp wrote: @40004017d73a022b7544 tcpserver: pid 10338 from 4.60.15.238 @40004017d73a022c6b5c tcpserver: ok 10338 0:216.234.249.114:110 :4.60.15.238::52038 40004017d73a024f50f4 10338 > +OK <[EMAIL PROTECTED]> 40004017d73a060ce1ac 10338 < CAPA 40004017d73a060e29cc 10338 > -ERR authorization first @40004017d73a0a3f40bc 10338 < [EOF] @40004017d73a0a42a004 tcpserver: end 10338 status 256 This looks like a POP session. I think the original sender was talking about SMTP AUTH. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] AUTH CRAM-MD5, just can't get it to work.
On Jan 28, 2004, at 10:19 AM, Bill Shupp wrote: I've looked over the smtp-auth link you sent, but am confused about the base64 part. Would you call the base64 tool after qmail-popup (or qmail-smtpd), but before vchkpw? And have you tested this? The base64 tool is just useful for manually testing the AUTH LOGIN method. Running `echo -n "[EMAIL PROTECTED]" | base64 -e` gives you "cG9zdG1hc3RlckB0ZXN0LmNvbQ==", the base64 encoded text to send to the server. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] Relay
On Jan 30, 2004, at 12:02 PM, <[EMAIL PROTECTED]> wrote: It seems also that anYone can send an email to a local using our smtpd. That's the way it works. If it's to a local account and your server is set up properly, it should accept mail from anyone. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] qmail-smtpd-viruscan-1.3.patch
On Feb 12, 2004, at 9:45 AM, Bill Shupp wrote: My recommendation is to use the qmail-scanner/clamav solution rather than this virus patch. Netqmail already comes with the qmailqueue patch, which is required for qmail-scanner to work. And clamav already had MyDoom added to its virus definitions before MyDoom had a name (that's why they called it WORM.SCO.A (meaning the clamav guys are very much on the ball). Since using this solution, I have not had a complaint of a single virus getting through. And I highly recommend Qscanq, <http://budney.homeunix.net:8080/users/budney/software/qscanq/>, as a replacement for qmail-scanner. It's a C-based program that replaces qmail-queue and does virus scanning on inbound messages. If a message contains a virus, it's denied by qmail-smtpd. No bounces to forged senders, no virus warnings to annoy the recipient, no bounces for non-existent recipients, no spam scanning of viruses, no Perl overhead of qmail-scanner. I use it in conjunction with qmail-spamc (in SpamAssassin's qmail directory) to scan all incoming messages for viruses and spam without invoking Perl. At some point, I will probably replace qmail-spamc with Ken Jones' patch for vpopmail that adds SpamAssassin scanning to vdelivermail. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] qmail-smtpd-viruscan-1.3.patch
On Feb 13, 2004, at 12:37 AM, Mike McCallister wrote: P.S. Does anyone have experience with http://bincimap.org/ (IMAP server with Maildir++ support) ? Looks relatively nifty. This mailing list post brought it to my attention: http://www.mail-archive.com/[EMAIL PROTECTED]/msg01013.html while I was searching for information on running courier. I don't personally have experience with it, but know that qmailadmin/vpopmail will work with it. Friends of mine have successfully used it on their sever. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] chkuser.tmda.patch error
On Feb 18, 2004, at 8:13 AM, SEFEROVIC Edvin wrote: serv2:/var/src/vpopmail-5.4.0-rc1 # Please use the final 5.4.0 release version, available at SourceForge. As to your qmail-smtpd problem, it's probably assuming that vpopmail was installed to /home/vpopmail. Look in the Makefile for a reference to /home/vpopmail/lib and update it to the correct location. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [toaster] Double Bounce Patch
On Feb 26, 2004, at 7:52 AM, Rob G wrote: Can I have double bounces automatically discarded in another way or do I need to install that patch to have it? I don't know if it's part of stock qmail, but with one of Bill's older toasters I have the following: In the file /var/qmail/control/doublebounceto: doublebounce In the file /var/qmail/alias/.qmail-doublebounce # -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] mfcheck patch
On Feb 26, 2004, at 9:55 AM, Jeff Koch wrote: Does anything need to be done to turn on the mfcheck patch or is it automatically enabled. I remember reading somewhere that a parameter needed to be set. Probably: echo "1" > /var/qmail/control/mfcheck -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Suggestions for improving performance
On Feb 27, 2004, at 3:08 PM, Bill Shupp wrote: The one thing that you can lose by doing this is chkuser support. Two workarounds are to use MySQL w/ valias support, or perhaps share the mail spool via NFS. Mailing lists aren't stored in MySQL, even with valias support turned on. I have ideas on how to do it, but I can't spare the time to work on it unless someone sponsors the work. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Quota Usage Plugin - PATCH
On Feb 29, 2004, at 11:04 AM, Frankie wrote:
I regret that I am not a
C programmer and don't know how to amend sourcecode of vpopmail or
qmailadmin.
Thanks for pointing out this bug.
For those on the vchkpw list, it was pointed out that vsetuserquota
doesn't write the quota to maildirsize in the correct format. This
patch fixes that problem (and hopefully the new line won't word-wrap).
diff -u -r1.2 vsetuserquota.c
--- vsetuserquota.c 20 Oct 2003 18:59:57 - 1.2
+++ vsetuserquota.c 1 Mar 2004 05:35:05 -
@@ -144,12 +144,7 @@
/* Grab the quota */
if ( optind < argc ) {
- snprintf(Quota, sizeof(Quota), "%s", argv[optind]);
- for(c=0;Quota[c]!=0;++c){
- if ( islower((int)Quota[c]) ) {
- Quota[c] = (char)toupper((int)Quota[c]);
- }
- }
+ snprintf(Quota, sizeof(Quota), "%s",
format_maildirquota(argv[optind]));
++optind;
}
I'm checking this into CVS now.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[toaster] Re: Quota Usage Plugin - UPDATED PATCH
On Mar 1, 2004, at 3:37 AM, frankie wrote:
After patch, vsetuserquota seems to be ok. But problem still exist if
the email account is created or amended by qmailadmin.
Any other suggestion ?
I guess you're right. I'm surprised no one reported this earlier --
this code has been in vpopmail for many releases now. The previous
patch to vsetuserquota.c is unnecessary, use this patch to vpopmail.c
instead.
--- vpopmail.c 22 Feb 2004 22:50:48 - 1.29
+++ vpopmail.c 1 Mar 2004 15:33:18 -
@@ -1543,6 +1543,7 @@
int vsetuserquota( char *username, char *domain, char *quota )
{
struct vqpasswd *mypw;
+ char *formattedquota;
int ret;
if ( strlen(username) >= MAX_PW_NAME ) return(VA_USER_NAME_TOO_LONG);
@@ -1558,7 +1559,8 @@
/* correctly format the quota string,
* and then store the quota into the auth backend
*/
- ret = vauth_setquota( username, domain, format_maildirquota(quota));
+ formattedquota = format_maildirquota(quota);
+ ret = vauth_setquota( username, domain, formattedquota);
if (ret != VA_SUCCESS ) return(ret);
mypw = vauth_getpw( username, domain );
@@ -1569,7 +1571,7 @@
char maildir[MAX_BUFF];
snprintf(maildir, sizeof(maildir), "%s/Maildir/", mypw->pw_dir);
umask(VPOPMAIL_UMASK);
-(void)vmaildir_readquota(maildir, quota);
+(void)vmaildir_readquota(maildir, formattedquota);
if ( vget_assign(domain, NULL, 0, &uid, &gid)!=NULL) {
strcat(maildir, "maildirsize");
chown(maildir,uid,gid);
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Double Bounce Patch
On Mar 5, 2004, at 7:12 PM, Rob G wrote: In the file /var/qmail/control/doublebounceto: doublebounce In the file /var/qmail/alias/.qmail-doublebounce # Ok, I have finally had a chance to test this, I know better late then never, but could someone please explain to me what exactly the commands Tom is using are doing? With the doublebounceto patch installed, the first line tells qmail to deliver doublebounces to local account "doublebounce" (you could call it anything). The second line tells it to ignore all mail to local account doublebounce. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Double Bounce Patch
On Mar 6, 2004, at 11:58 AM, Rob G wrote: Ok because I know I didnt' install the Double Bounce Patch but when I added those commands/files I haven't seen a double bounce to my postmaster account in over 12 hours. Could the patch be included in one of the other patch files or is it dropping the files somewhere else? Yes, it might be in one of the other patches. Grep the source of qmail-send.c for doublebounceto. If it's in there, you have the patch. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Double Bounce Patch
On Mar 6, 2004, at 12:39 PM, Rob G wrote: Grep the source of qmail-send.c for doublebounceto. If it's in there, you have the patch. Would if I could, but to save on space I deleted the sources from the system. I will take a lookk at the logs and see if it is saying anything. Other then that I have no clue how to follow up on it to see if I am just sending them somewhere else to take up space. strings /var/qmail/bin/qmail-send | grep "doublebounceto" -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Multiple Domains > Same Users
On Mar 6, 2004, at 5:25 PM, Peter Maag wrote: Not sure if there is an elegant solution to this with QMail, but I am curious. Say I have a user john who has the e-mail address: [EMAIL PROTECTED] , john registers another domain, domain2.com and would like all e-mail hitting domain2 to be sent to [EMAIL PROTECTED] . But, if john adds more users to: domain.com he would like them to propogate over to domain2.com without having to do any more configuration. Look at the vpopmail program "vaddaliasdomain". -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Double Bounce Patch
On Mar 6, 2004, at 1:43 PM, Rob G wrote: strings /var/qmail/bin/qmail-send | grep "doublebounceto" The above command comes back with control/doublebounceto I take it that means that the DoubleBounce Patch is in there somwhere. Yes. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] sqwebmail and SquirrelMail login problem for new user
On Mar 11, 2004, at 8:42 AM, Yalcin Cekic wrote: I upgraded my mail server using new toaster. My old vpopmail was use the mysql. I convert my user information to cdb. I have a problem for my new user. When I add new users, they cant login e-mail accounts using Sqwebmail or SquirrelMail. (old account can login) But pop3 is ok and Qmailadmin is working for new users. Recompile courier-imap so it links to the new libvpopmail. On a related note, we will start compiling libvpopmail as a shared library (I'm working on it now, soon to be in devel CVS). This means that you will be able to update your vpopmail install without having to recompile everything that links to it (after upgrading all of those programs to use the shared library, of course). It will also mean smaller binaries, and the ability of the OS to cache a single copy of the library in memory for all programs using it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] deleting alias domain
On Mar 27, 2004, at 10:22 PM, James Taylor wrote: It looks as though I'm running 5.3.6 according to vdeldomain -v, which would appear later than 4.9.2, but... still doesn't work right, and I have an alias sitting around now doing nothing but shoving 100 spam messages a day into my inbox (Haven't figured out DSPAM for vpopmail or qmail yet.) Please try one of the 5.4 releases. I recall that there were some bugs fixed related to deleting alias domains. I do know that the current releases will properly delete and alias domain without removing the real domain it points to. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Qmailadmin
On Apr 23, 2004, at 1:21 AM, Meniconi Giuseppe wrote: I have changed some email accounts quotas through Qmailadmin, but I have seen that for each account quota is changed only on his database entry, but not on his maildirsize file. What can I do to solve this problem? Upgrade vpopmail to 5.4.3 and then recompile QmailAdmin. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] ezmlm / qmailadmin bug?
On May 13, 2004, at 11:10 AM, christopher wrote: we just created a virgin install of the qmail toaster on a RHE system, as per the latest instructions. What version of vpopmail and qmailadmin? If you look in the domain's directory in ~vpopmail/domains, does it show .qmail files for the list? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] maildirsize updates (not)
On May 14, 2004, at 1:41 PM, David M. Shirley wrote: @400040a5282721710af4 delivery 453: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/ DOMAINREMOVED/postmaster//did_0+0+1/ @400040a5282721712e1c status: local 0/10 remote 0/20 @400040a52827217135ec end msg 3532276 Obviously, I've munged the logs a bit to obscure the email address in question but it should still be clear what it says. I see no problem in that log entry. Do you concur? Perhaps there's a bug in vdelivermail where it doesn't count catch-all emails against the quota? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] debian and tcp.smtp
On May 2, 2004, at 6:23 PM, Shane Chrisp wrote:
I reported the error to Tom and he will fix it in the next release.
It's in 5.4.4. I'll try to get it uploaded soon, but I'm in the middle
of a move from Arizona to California.
Here's what will be included (currently in the 5.4 branch of CVS):
5.4.4 - unreleased
Tom Collins
- Link math lib when compiling for MySQL.
- Create ~vpopmail and ~vpopmail/etc in configure script.
[930939]
Note that any code creating files in ~vpopmail should probably
be moved from configure and into Makefile (under make
install).
- Use MAX_PW_DIR when checking max size of domain's directory.
Michael Bowe
- Minor documentation tweaks
- Fix for : If roaming users were enabled, and auth module was
not
SQL based, and user's IP address was not available (eg being
called from Courier-IMAP with authdaemon enabled), then
open_smtp.tmp.pid files would be created for each auth
but never removed.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Vpopmail MySQL - Qmailadmin Dead
On May 28, 2004, at 10:59 AM, James Taylor wrote: Hi everyone - I just recently recompiled vpopmail on a live system to work with MySQL and did a vconvert -c -m to get all the data imported into MySQL. Well, everything works great except for one little problem, and that's Qmailadmin doesn't seem to be working correctly anymore. It seems to still be using CDB format to store all of the user information, and for me to get the changes a user makes to their domain to take effect, I have to manually run vconvert -c -m again. Any idea on how to get Qmailadmin to use MySQL? Same actually goes for Vqadmin, though I plan on phasing it out with my own scripts. For both qmailadmin and vqadmin. make clean && ./config-status --recheck && make && make install -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] netqmail + qmail-toaster-0.6-1 + chkuser-0.6.mysql with vpopamil-5.4.3 chkusr doesn't work
On Jun 3, 2004, at 8:25 AM, Davide Giunchi wrote: catchall isn't set For that patch to work, it needs to be set to bounce. Setting it to delete or an email address will let all mail through. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] qmail-scanner repeating the same mail
On Jun 18, 2004, at 10:52 AM, Bill Shupp wrote: I use qscanq/clamav with spamassassin, but spamassassin is on a per-user config, not site-wide. Works great. I'm very pleased with qscanq/clamav for virus scanning and SpamAssassin's qmail-spamc/spamd combination for spam tagging site-wide. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Disable tarpit patch
On Jun 27, 2004, at 10:27 AM, Lars E. D. Jensen wrote: Maybe I'm wrong, but I tremble thinking about 5 secs of delay on a very busy qmail. Apparently I have misunderstood something. Is tarpitting only enabled when the environment variable TARPITCOUNT is set? On my toaster, I have two files that control it: :: /var/qmail/control/tarpitcount :: 5 :: /var/qmail/control/tarpitdelay :: 15 You'd have to check the source code to see if there's a way to disable it via environment variables. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] smtp issue
On Jun 29, 2004, at 11:13 AM, Darius Wei wrote: I altered the configuration to put vpopmail in /var/vpopmail, changed the vpopmail user's home dir to /var/vpopmail, and even edited the conf-vpopmail file that came out of the chkuser patch so that it looks for /var/vpopmail instead of /home/vpopmail. Viewing and receiving email works just fine, but when I try to connect to port 25 or use SMTP in any way, I get the following error in my qmail SMTP log: Fix the path in your qmail-smtpd/run script. That's where tcpserver gets the path to tcp.smtp.cdb. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] remote conncurrency
On Jun 30, 2004, at 7:39 AM, Jason 'XenoPhage' Frisvold wrote: On Tue, 2004-06-29 at 18:12, Jeff Koch wrote: Hi Jason: Thanks for the help. What exactly does 'tarpit' do? Something with a delay? Yeah, basically, if qmail sees mail coming from the same source (not sure what's considered a source), it will pause for a configurable number of seconds before accepting the mail. This can cause timeouts on the far end, slowing down the attacking server. In an SMTP connection, after the sender has specified recipients, the server will wait seconds in between each RCTP TO: command that the sender specifies. So, it the sender is trying a dictionary attack (lots of recipients on a single SMTP connection), they'll be slowed down. If they're spamming a lot of users in your domain (one connection to send a message to multiple recipients), they'll be slowed down. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] SMTP-AUTH does not work for me.
On Jun 30, 2004, at 4:06 AM, John Doe wrote: I read lots of documntation in network but nothing about my problem. I still can send email without authorization and qmail-smtpd does not block these emails. If you host a.net and you're sending mail to a.net, you don't need to authenticate. If you test your connection from localhost or 10.x.x.x, you don't need to authenticate (since RELAYCLIENT is set in your tcp.smtp file). So, make sure you test from a remote host and try to send mail to a domain you don't host. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] SMTP-AUTH does not work for me.
On Jun 30, 2004, at 7:11 PM, John Doe wrote: I think that the problem is in some of configuration files, because when I remove from vpopmail defaultdomain file my domain and added my domain in qmail locals file the email is not recived to user and log is: Jul 1 04:43:10 ns qmail: 1088646190.282575 starting delivery 377: msg 277963 to local [EMAIL PROTECTED] That's expected behavior -- you're telling qmail that a.net is a local domain. qmail will deliver mail to user blabla in the /etc/passwd file. if I not make these changes email send/recive is work, and smtp auth is work but not not blocked emails that is send without autorization. Log is: Jul 1 04:43:10 ns qmail: 1088646190.282575 starting delivery 377: msg 277963 to local [EMAIL PROTECTED] Like I said before. If a.net is a vpopmail domain, then anyone can send to it without needing to AUTH -- this is normal. Try using a domain like hotmail.com for your SMTP AUTH test. Qmail should reply that it won't relay the mail. That log message is normal when a.net is a vpopmail domain. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] AUTH Plain problem
On Jul 5, 2004, at 8:57 AM, Drew Wells wrote: I have patch netqmail-1.05 with netqmail-1.05-tls-smtpauth-20040207.patch and have had a problem with both types of AUTH PLAIN. I am always getting '501 malformed auth input' with either of the following :- I just built a toaster on a dev box to test some SMTP AUTH client code I'm working on and I used Bill's current toaster document. All versions of AUTH are working fine. The date stamp on qmail-toaster-0.6-1.patch from the toaster doc is Feb 13 15:31. So, does this mean that it's more up to date than the 20040207 patch you used? I guess we'll have to wait for Bill's response. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] fatal error
On Jul 22, 2004, at 3:38 PM, Noel Sanchez wrote: Thanks for responding Bill. I've already edited /etc/php.ini for "max_execution_time = 2400" and "memory_limit = 15M". Any other files? Take a look at this as well: ; Maximum size of POST data that PHP will accept. post_max_size = 8M Try an even higher memory limit -- like 100M and see if that fixes it. If so, then PHP has some extra overhead when handling the message. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] fatal error
On Jul 22, 2004, at 5:55 PM, Noel Sanchez wrote: Thanks Tom, that worked. I had it set to 15M. What exactly does "POST data that PHP will accept" mean? Is 100M overkill? It's the amount of data it will accept from the web browser sending via the HTTP POST method. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] qmail-spamc with qscanq
On Jul 29, 2004, at 1:36 PM, Bill WONG-SV wrote: Dear All, If i only want to run qmail-spamc with qscanq (without ClamAV), how i can do? What to fill in conf-scancmd ? Anyone can help? Bill Why not just use qmail-spamc? Uninstall qscanq and use qmail-spamc as a replacement for qmail-queue (set QMAILQUEUE=/var/qmail/bin/qmail-spamc in your qmail-smtpd run file). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] qmailadmin / vpopmail / autorespond 2.0.4 issue, mail loses
On Aug 10, 2004, at 3:40 AM, Eero Volotinen wrote:
Looks like that if using qmailadmin with autorespond 2.0.4, if and
email that received too many messages with vacation / autoresponder on
, is losing mail due to wrong exit level? (99 - stop processing .qmail
file)
Can you confirm this? I noticed that today.
Steve Fulton patched vdelivermail.c to get around this problem. Fixing
autorespond is probably a better solution.
I can't recall whether this problem is at all related to the larger
problem of trying to use a single program to act both as an
autoresponder and as a vacation program.
I'll hold the patch and try to put it into the version of autorespond
in the QmailAdmin SourceForge project. I'm cc'ing this to the vpopmail
list to see if anyone would like to comment.
my patch:
http://www.jlug.fi/~eero/autorespond-2.0.4.vpopmail:
diff -u autorespond-2.0.4/autorespond.c
autorespond-2.0.4.new/autorespond.c
--- autorespond-2.0.4/autorespond.c 2003-08-18 11:34:07.0 +0300
+++ autorespond-2.0.4.new/autorespond.c 2004-08-10 13:28:49.0
+0300
@@ -6,6 +6,7 @@
Patched 2000 by Matthias Henze [EMAIL PROTECTED]
Patched 2001 by Brad Dameron <[EMAIL PROTECTED]>
+ Patched 2004 by Eero Volotinen <[EMAIL PROTECTED]>
Usage:
@@ -32,9 +33,11 @@
the new commandline options are optional by now
BD 06/2001 2.0.0 Removed excess code, cleaned up some code
+EV 08/2004 Fixed bug with vpopmail
MH - Matthias Henze [EMAIL PROTECTED]
BD - Brad Dameron <[EMAIL PROTECTED]>
+ EV - Eero Volotinen
TODO:
@@ -694,7 +697,8 @@
}
if(count>num) {
fprintf(stderr,"AUTORESPOND: too many received from [%s]\n",sender);
- _exit(99);
+ // EV: exit with 0, else mail autoresponder loses mail in vpopmail
systems.
+ _exit(0);
}
sprintf(filename,"tmp%u.%u",getpid(),timer);
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] smtp-auth problems in freebsd
On Aug 10, 2004, at 1:19 AM, <[EMAIL PROTECTED]> wrote:
004-08-08 19:40:39.658546500 94306 > 250 AUTH LOGIN PLAIN
004-08-08 19:40:39.899217500 94306 < AUTH PLAIN
004-08-08 19:40:39.899534500 94306 > 334
004-08-08 19:40:40.140874500 94306 <
AGx1Y2FzQHZhbGRlb24ubmV0AE1hcmdhcml0YTI0
004-08-08 19:40:40.141250500 94306 > 501 malformed auth input (#5.5.4)
It might actually be bad input. If you decode that string, you'll see
that it's usernamepassword. I just tried it myself, using
usernameusernamepassword and it worked.
Although it only worked with I sent the request as a single line ("AUTH
PLAIN ") -- sending in response to 334 failed.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: Re[2]: [toaster] smtp-auth problems in freebsd
On Aug 10, 2004, at 3:27 PM, Lucas wrote: What does it means ?. Is the client (thebat) implementing the protocol incorrectly ? Not necessarily -- just in a way that's incompatible with the SMTP AUTH patch. AUTH PLAIN specifies an authorization id, user id and password. thebat sends a blank authorization id and just uses user id and password. qmail-smtpd uses the authorization id and password. I've read the RFC for SMTP AUTH, and it wasn't very clear to me what the difference was between authorization id and user id. In an SMTP AUTH client implementation I did, I sent the same information for both. It shouldn't be too difficult to update the qmail-smtpd patch to use the user id if the authorization id is blank. Erwin Hoffmann has recently done work on that patch, but if he's not interested in making the changes, then I'll volunteer to do it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Message Time
On Aug 11, 2004, at 2:13 PM, Eero Volotinen wrote: Make sure all systems in the cluster use NTP to sync to the same time server, and make sure all the time zones are set correctly (and the same). qmail does not rewrite date headers, so time comes from mail client clock. And if you're using SqWebMail or SquirrelMail (or some other web client), it will use the server's time and timezone settings when displaying a message. My guess is that the timezone is set incorrectly on the machine in question. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: Re[2]: [toaster] smtp-auth problems in freebsd [update]
On Aug 27, 2004, at 8:57 AM, Erwin Hoffmann wrote: No. Thats wrong. The Auth patch skips the auth-id and uses the user-id and the password: You're right -- I took a closer look. I also went back to the original message that showed the error was "501 malformed auth input (#5.5.4)". So, it had nothing to do with the authentication failing. It makes me wonder what version of the SMTP AUTH patch the original poster is using, and whether any errors with base64 decoding of auth plain were fixed in recent releases. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Toaster - qmail smtp-auth patch
On Sep 8, 2004, at 10:20 AM, Jeff Koch wrote:
I have been trying to figure out why we're having trouble getting the
'mail' program on OSX Mac's to smtp authenticate with the newer
netqmail-1.05 versions of the Toaster. When the Mac's mail program is
able to authenticate with a mailserver built in Fall 2003.
Make sure you're running vpopmail 5.4.0 or later. The older
qmail-smtpd patches and vchkpw programs used the wrong parameter order
form CRAM-MD5 authentication. We fixed vpopmail during the 5.4.0
release candidates, and now include an updated AUTH patch in the
contrib directory.
We inspected the code in qmail.smtp.c and found in the earlier
versions the smtp code outputs two forms of AUTH information - one
with an equal sign (=) and one without.
#ifdef AUTHCRAM
out("\r\n250-AUTH LOGIN CRAM-MD5 PLAIN");
out("\r\n250-AUTH=LOGIN CRAM-MD5 PLAIN");
#else
out("\r\n250-AUTH LOGIN PLAIN");
out("\r\n250-AUTH=LOGIN PLAIN");
#endif
The '=' is wrong and doesn't match the spec in the RFC. It may have
been included to support broken email clients that have since been
fixed. Apple's Mail program (which I use) does not look for the '='.
but the current netqmail 1.05 version only outputs one form of AUTH.
#ifdef CRAM_MD5
out("250 AUTH LOGIN PLAIN CRAM-MD5\r\n");
#else
out("250 AUTH LOGIN PLAIN\r\n");
#endif
Can anyone explain what the difference is and whether it could affect
the ability of the Mac's mail program to authenticate?
The problem is that the AUTH patch to qmail-smtpd doesn't match the
vchkpw program so CRAM-MD5 authentications fail. Update vpopmail on
the netqmail box and you should be fine.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Toaster - qmail smtp-auth patch
On Sep 8, 2004, at 3:25 PM, Jeff Koch wrote: We had CRAM-MD5 disabled in the toaster we built in late 2003 and it successfully SMTP authenticates using LOGIN PLAIN with Mac OSX Mail. Why is LOGIN PLAIN a problem for the current toaster? Is it possible there is a bug in the SMTP-Auth patch 0.4.2? I understand there is a 0.4.3 patch which fixes some bugs. Also, some Google search revealed that there have been some buggy server implementations of the smtp-auth RFC's which have caused Mac Mail to fail to authenticate. Eudora has had to issue a patch to acommodate the same problem. Is that copy of Mail configured to use Password or MD5 authentication? I wasn't aware that LOGIN PLAIN was a problem with the current toaster. I used it on a development box to do some client-side AUTH development and testing, and it worked fine. I don't think anything changed that would cause LOGIN PLAIN to fail, but you'd have to check with Erwin, the SMTP AUTH guru (http://www.fehcom.de/qmail/smtpauth.html). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] smtp-auth log
On Sep 15, 2004, at 3:42 AM, Eduardo Cortés wrote: is there any "easy way" to include on logs (qmail-scanner-queue.pl should be the better place) the smtp auth information? You can see on logs each authentication, but in a server with some thousands of accounts, should be great to know who authenticated user sent what email. qmail-scanner-queue.pl log each email with "from, to, clear/virus, ip, SA rate, subject". Is there any easy way to pass user like a env variable to be read on qmail-scanner-queue? You might be able to modify qmail-scanner-queue to extract that information from the Received header(s). It should also be possible to modify qmail-smtpd to set an environment variable with the AUTH username. I know that Erwin Hoffmann has been doing some work with the SMTP AUTH patch recently, perhaps he'd have time to add (and standardize) such a feature. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] simscan
On Sep 29, 2004, at 9:16 AM, Peter Maag wrote: It looks good to us, however we don't want to reject based on SpamAssassin results. Right now we use qmailscanner, which does slow things down quite a bit and a C alternative that does a SMTP deny based on ClamAV, and not SpamAssassin would be preferred. Anyone know of a solution that would work? Take a look at qscanq for doing SMTP deny on ClamAV. I use it with qmail-spamc (included in SpamAssassin distribution) to process all incoming mail. qscanq uses ClamAV to deny infected messages at the SMTP level, then qmail-spamc adds SpamAssassin headers before handing the message off to the real qmail-queue. All in C. Here's a copy of my modified qmail-spamc.c, <http://tomlogic.com/qmail/qmail-spamc.c>. It is supposed to only scan inbound email (e.g., exclude mail sent by authenticated senders), but I recently noticed that it was scanning all messages. I haven't had time to look into that yet... It does have other improvements on the original though -- see the comments for details. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] POP and IMAP Auth Failed - migrating from old toaster
On Oct 25, 2004, at 6:28 AM, Matt Gourley wrote: We're migrating our userbase from an older version of the toaster to the latest, and I'm running into auth issues when I test POP and IMAP. Does vuserinfo report the correct password? There's a program in vpopmail's contrib directory that will let you test your vchkpw program to make sure it's working. What versions of vpopmail are you upgrading from and to? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] any people with problems with spamassasin 3.0
On Oct 31, 2004, at 12:26 PM, Eero Volotinen wrote: Processing message takes long time. sometimes? Maybe spamassasin 3.0.1 fixes this ? Make sure you rebuild your Bayes database (`sa-learn --force-expire` should do the trick). Note that if your SA prefs and Bayes DB are in a different directory, you'll have to use the --dbpath option to sa-learn: sa-learn --force-expire --dbpath /home/vpopmail/.spamassassin/ And if you have spamd run as a user other than root (or the user you run that sa-learn as), you should chown /home/vpopmail/.spamassassin/* to the correct owner. I also had some problems with a large autowhitelist (350MB+) that may have gotten corrupted at one point. I had to take it out and let SA 3.0 build a new one. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Odd SMTP banner...
On Nov 11, 2004, at 9:41 AM, Matthew Walker wrote: Now... Remote Test: arsenic ~ # telnet mail.thebraingarden.com 25 Trying 209.90.91.5... Connected to user-5.pl107658.fiber.net. Escape character is '^]'. 220 * Can you watch the network with a packet sniffer like Ethereal? You said that 209.90.91.5 is actually port forwarded to your server. It looks like it's not transparent -- like there's a proxy of some sort running on 209.90.91.5. Is it possible to connect directly to the Ethernet interface of the server without going through any firewalls? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Changing Passwords
On Nov 21, 2004, at 5:18 AM, David wrote: Does anyone have any pointers for how to change the stock qmail toaster install (0.6) to use mysql authentication so that I can use one of these password plugins for squirrelmail? (btw I don't know which password plugin exactly to use) When configuring vpopmail, use --enable-auth-module=mysql. You'll need to create a vpopmail user and vpopmail table in your MySQL database, assign the vpopmail user full access to the vpopmail table, and then put that information in ~vpopmail/etc/vpopmail.mysql. To convert existing cdb domains to MySQL, use the vconvert program that's a part of vpopmail. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] mysql / 551 error
On Nov 21, 2004, at 3:16 PM, Júlio Olivares wrote: I'm debbuging Mysql and I got this message everytime vpopmail connects to mysql: --- 041121 22:43:22 Aborted connection 4898 to db: 'vpopmail' user: 'myvpop' host: `localhost' (Got an error reading communication packets) --- However user has no problem autheticating. I'm also running other databases on same server but only vpopmail has this problem. The chkusr patch to qmail-smtpd will often exit without properly closing the connection to MySQL. I think that vdelivermail also behaves that way under certain conditions. I have a new version of vdelivermail (not fully tested yet) that should help, and Tonio is working on a fix for the chkusr patch. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Toaster performance tuning
On Nov 22, 2004, at 8:31 AM, Júlio Olivares wrote: I improved my toaster by rejecting virus at smtp level instead of deleting them at delivery time. I use Clamav+qmail-qfilter with this script: Take a look at qscanq (http://qscanq.org/), a C-based program that rejects viruses at the SMTP level. Should be less resource intensive than spawning a Perl program for every incoming message. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] toaster patch beta 4
On Dec 6, 2004, at 9:14 PM, Bill Shupp wrote: qmail-smtpd gets linked to the vpopmail library. Vpopmail must be pre-compiled to support mysql. You then just need to edit the Makefile so that the mysql, zlib, and probably math libraries are also linked so compilation is successful. Bill, You might be able to have the Makefile read in the contents of the ~vpopmail/etc/lib_deps or ~vpopmail/etc/inc_deps files to make editing the Makefile unnecessary. I'm off-line at the moment, so can't verify those directories, but the vpopmail Makefile uses them to determine what extra libraries it will need to link in. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] Toaster Migration.
On Dec 13, 2004, at 4:19 AM, [EMAIL PROTECTED] wrote: Hello folks, i'm trying to move a toaster implementation from one machine to another. I have already installed all the packets accordind to the qmailtoaster manual. After that, i copied all the databases from /var/lib/mysql and the /usr/share/toaster content to the new machine. I also copied the vpopmail home dir. But i cannot access the accounts via webmail. What did i mess up? The files from /var/qmail/control and /var/qmail/users. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] From one qmail server to another qmail server...
On Dec 23, 2004, at 3:05 AM, saki wrote: i've tried with MX , but it didn't help me. when his server goes down then the mails serch the server and then search my server but it gets bounced. it says there is no recipient at this name. Your server needs to have the domain in rcpthosts (or morercpthosts which is built into morercpthosts.cdb). You might also want to put their server in your smtproutes file, but I'm not sure if that's required. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] test.com was not found in the assign file
On Dec 29, 2004, at 5:29 PM, Stewart Walker wrote:
After pressing the login button I found these error entries in the
/var/log/messages file..
Dec 29 18:21:52 ns1 kernel: audit(1104369712.843:0): avc: denied {
read
} for pid=4597 exe=/var/www/cgi-bin/qmailadmin name=cdb dev=dm-0
ino=1258729 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:var_t tclass=file
Is qmailadmin running as the vpopmail user? It sounds like it doesn't
have access to the /var/qmail/users/cdb file.
Are you running SELinux? Can you disable it for httpd and/or
qmailadmin? It sounds like you've tightened security too much.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] restricting outgoing mail address to account
On Jan 1, 2005, at 12:25 PM, Martin Petz wrote: Or is there a possibility to always have the address used for smtp-auth in the mail-header?? The received headers will include the auth address and IP. Send an email to yourself, and you'll see (mailing lists strip out Received headers before passing a message on). It should be possible to modify qmail-smtpd to only allow MAIL FROM to match the authenticated address, but that could cause problems for users who own an entire domain and wish to use various sender addresses (yet auth with the same username/password). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] maildir++ patch update
On Jan 21, 2005, at 10:38 AM, Bill Shupp wrote: can you describe the bug shortly ? is it nesessary to update ? regards rene It's a duplicate call to free(). Could result in bad things happening.. ;) Although I never witnessed it, you should upgrade to the new toaster patch. The changes are in a part of code that would only get executed if there was an error creating a new maildirsize file and then renaming it. The bad code has been in that patch and in vdelivermail for quite some time now. I'd say that it isn't an urgent patch, as it's code that is almost never executed. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] patch problem
On Jan 24, 2005, at 9:04 AM, Bill Shupp wrote: Tom Collins: I think this is a result of using the qmail-maildir++.patch from the vpopmail contrib directory.. it has the line break as well. You might want to update that in cvs. Are you sure it wasn't a problem in the download? Line 15 of the overmaildirquota.c patch looks fine when I view it in my source tree, and in the web CVS interface. http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/contrib/qmail- maildir%2B%2B.patch?rev=1.1.1.1.2.1&only_with_tag=stable -5_4&view=markup -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] New to the toaster Version: 0.7.2
On Jan 24, 2005, at 11:24 AM, [EMAIL PROTECTED] wrote: I'm new to the list and just setting up my first server with toaster Version 0.7.2. Everyhting is fine except I can only login one email account from my computer. If I open up another browser(e.g IE, Mozilla..) and login with different email account, the two browsers will become working with the new email account. Login to what? SquirrelMail? QmailAdmin? I'd think that QmailAdmin would work, but SquirrelMail might not since (I think) it uses session cookies. You'd have to fire up separate browsers in order to have separate sessions going. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] SMTP Auth Doesn't work ??
On Feb 4, 2005, at 6:19 AM, David wrote: At the 127.0.0.1 and in the DMZ looks: 220 ESMTP But out looks: 220 It’s normal? No. This has come up before though, on this list last November, here's the answer: http://www.mail-archive.com/toaster@shupp.org/msg01905.html You have a firewall (Cisco PIX or F5 Big IP) that is rewriting the SMTP session. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [toaster] quota problems
On Feb 5, 2005, at 10:12 AM, Lucas wrote: We migrate several domains from qmail+vpopmail5.2.1+cdb(linux) to another box with vpopmail 5.4.0+mysql(freebsd). Everything seems to be ok, except quotas. We use limits table . We delete maildirsize files and when a mail is sent file is created again, but with /home/vpopmail/etc/vlimits.default parameters. What do I miss? What does vuserinfo report the user's quota as? The quota is stored in the MySQL table with all other user info. When you switched from cdb to mysql, did you use the vconvert program to move the users from the vpasswd file into the MySQL table? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: Re[2]: [toaster] quota problems
On Feb 5, 2005, at 11:12 AM, Lucas wrote: ops, vuserinfo says No user limits, and use /etc/limits instead of limits table. Why ? bash-2.05b# ./vuserinfo [EMAIL PROTECTED] ... limits: No user limits set. ... You need to run vpopmail's configure script with the --enable-mysql-limits option to store limits in mysql. Make sure you recompile QmailAdmin after installing any new version of vpopmail so it will use the new settings. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[toaster] Odd behavior with Courier?
I had something odd happen on my toaster today. Courier-IMAP stopped accepting connections from localhost. I have no idea why, but restarting it (/etc/init.d/courier-imap restart) appeared to take care of the problem -- it started accepting connections again. But, I then had trouble with SquirrelMail working. My logs would show a sequence like this: Feb 16 11:06:13 rusty imapd: Connection, ip=[:::127.0.0.1] Feb 16 11:06:13 rusty imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP Feb 16 11:06:13 rusty imapd: LOGOUT, [EMAIL PROTECTED], ip=[:::127.0.0.1], headers=0, body=0, time=0 Feb 16 11:06:13 rusty imapd: Connection, ip=[:::127.0.0.1] Feb 16 11:06:13 rusty imapd: LOGIN, [EMAIL PROTECTED], ip=[:::127.0.0.1], protocol=IMAP With the second LOGIN hanging until SquirrelMail timed out. I tried restarting apache (apachectl graceful), but eventually, I had to reboot the server. Now, everything is working fine, but I'm wondering what could have happened and how I can avoid it in the future. Is there a possibility that a component of courier-imap doesn't get reset properly by the init.d/courier-imap script? Any thoughts? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Odd behavior with Courier?
On Feb 16, 2005, at 10:24 AM, Bill Shupp wrote: Yeah, check your MAXPERIP setting in /usr/lib/courierimap/etc/imapd. It defaults to 4, and you need to raise that to meet your max connections setting if you use SquirrelMail, as ALL connections are from the same IP. I bumped that up, and it's happening again, even with a single connection on localhost. Here's something odd, when I do a netstat -n, I see a lot of Unix domain sockets open: unix 2 [ ] STREAM CONNECTED 537501 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 525755 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 525716 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 525560 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 525504 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 525490 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 524217 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 521288 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 521225 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 521171 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 521153 @/tmp/fam-vpopmail- unix 2 [ ] STREAM CONNECTED 521122 @/tmp/fam-vpopmail- 1049 to be precise. What are these streams? When I stopped courier, they remained. When I restarted courier, they all went away except for one. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Odd behavior with Courier?
On Feb 20, 2005, at 12:31 AM, Bill Shupp wrote: Try building courier imap without FAM support. I've never gotten it work right. I did some research online, and it looks like I just needed to be running portmap. Since I don't need portmap for anything else, I disabled it during my install. For security purposes, I'm only running it on localhost (put PMAP_ARGS=-l in /etc/sysconfig/portmap on Fedora, note that's a lowercase L and not the number 1) and it seems to have solved the problem. I now have just one entry for @/tmp/fam-vpopmail- in my netstat output. I'll let everyone know if it behaves itself now. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Odd behavior with Courier?
On Feb 20, 2005, at 1:49 PM, Bill Shupp wrote: Interesting, thanks for the info. I might have had the same problem. I need to upgrade courier-imap soon, and I'll try getting FAM support working this time. Well, enabling portmap wasn't enough apparently. Courier stopped accepting connections again this morning. I manually edited maildir/config.h and commented out "#define HAVE_FAM 1" before compiling. We'll see if that takes care of the problem. Bill, let me know if you learn anything new. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Zombie Connections
On Feb 21, 2005, at 9:03 PM, Chris Moody wrote: I have a pretty low-throughput system, but it shows 2332 messages sitting in the queue. They are all to bogus addressesfrom bogus addressesand go nowhere. If they are for bogus local addresses, running the chkuser patch (as you mentioned in your own followup) is your solution. If they are to and from bogus remote addresses, then you have a problem -- you're an open relay of some sort. If you're running SMTP, make sure you have it configured correctly so that it doesn't just accept ANY user/password for authentication. If bogus messages are getting injected via SMTP AUTH, you can look at the headers to determine the address used for authentication (look at the first Received header your system generates). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] SIMSCAN
On Feb 21, 2005, at 8:25 PM, Jeff Koch wrote: It's been almost a year since I installed my last toaster and I see that Bill is now using simscan and clamav instead of qmail-scanner. What do you all think about simscan? - have you seen a substantial reduction in server load and cpu load? I would love some opinions - we have four mailservers running with loads that are higher than we'd like and it would be easy to switch them over to simscan if the benefit is there. I stopped using qmail-scanner a long time ago because of its high overhead and serious bugs (in early version). I started using qscanq to block incoming viruses, and qmail-spamc to do spam scoring with SpamAssassin. Unfortunately, I had to add extra programs to delete especially spammy messages from users' mailboxes. I've been very pleased with the results of replacing qscanq and qmail-spamc with simscan. I now reject 50% of the email coming to my server (spam score 10+) at the SMTP level. vdelivermail doesn't have to run, I don't have to run extra programs to throw the mail out, and I have the benefit of a reject (5xx response) instead of mail just disappearing. My only concern is how reliable simscan is. Is it possible for mail to be lost if simscan (or clamav or spamassassin) fails? -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Zombie Connections
On Feb 21, 2005, at 10:05 PM, Chris Moody wrote: I'm not running SMTP auth. All my SMTP is controlled specifically via tcp.smtp or relay-ctrl managed ip addresses. The strange thing is that these messages do not seem to deliver...just sit in my queue and build up over time. They will eventually (after 5 days) get doublebounced and go away. If you were to pick one of of the queue and monitor it, it would disappear on its own. I'm pretty sure the chkuser patch is what you want. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Qmailadmin errors
On Feb 23, 2005, at 10:42 AM, Bill Shupp wrote:
File error 6 (192.168.0.10, != 192.168.0.10 ..
ip_addr=192.168.0.10&returntext=&returnhttp= )
Try using --disable-ipauth. I don't know why this started happening
out of the blue, though.
It's very odd. It's like the web server is setting REMOTE_ADDR to
include both the private and public IP of the machine accessing the
page. I'm not sure how it could even get the private IP in the first
place...
The cryptic "File error 6" is a security thing to prevent someone from
hijacking your session. If your IP address changes during your
QmailAdmin session, it will bail with that error.
Bill has the correct solution, --disable-ipauth in the configuration
options.
This might be interesting -- try running this simple perl script as a
cgi and see what it reports:
#!/usr/bin/perl
print "Content-type: text/plain\n\n";
foreach (sort keys %ENV) {
print "$_ is $ENV{$_}\n";
}
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
You don't need a laptop to troubleshoot high-speed Internet:
sniffter.com
Re: [toaster] Can't email users but can email aliases
On Mar 11, 2005, at 9:41 AM, Matt Perry wrote: The only thing I changed was to use MySQL for storing the user config for vpopmail. I'm thinking I might have missed a setting somewhere so preventing chkuser from looking at the table in MySQL. Any ideas? Whenever you install a new version of vpopmail, you should recompile and reinstall anything that links to libvpopmail (including qmailadmin and qmail-smtpd w/chkuser). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Disabling SMTP for my users
On Mar 17, 2005, at 10:07 AM, Bill Shupp wrote: I did this and users are still able to use SMTP. I'm using mysql, there's any diference ? No. Make sure that smtp-auth is failing. Next, double check that open-smtp is clear, that you don't have any relays setup in tcp.smtp, and that tcp.smtp.cdb is updated. If all that is in place, make sure the relayed messages are coming in from smtp, and not a web form or something (i.e. formmail.pl being exploited). You might also have to set disable_relay. You can use vmoddomlimits to check and set the default domain limits. `vmoddomlimits -S -d` will show you the current settings. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Odd behavior with Courier?
On Mar 27, 2005, at 7:04 PM, danny soh wrote: I have lots of Unix domain sockets open by /tmp/fam-vpopmail-. After sometime, i will not be able to access my mail through SQUIRRELMAIL. When I stop or restart courier, they still remained. ?The only i get rid of them is by restarting the whole machine. Saw online that you had faced this problem before, had you resolved this issue? Hope you can shared with me your solution. Thanks. Danny emailed me off list, but I'm sending the response back to the list as it might be useful for others. Bill might even want to include a mention of it in the toaster document. I installed the toaster on RedHat FC3, and had fam-related problems. The only solution I found was to run configure, manually edit maildir/config.h to comment out the "#define HAVE_FAM 1" line, and then compile. I've been running problem-free ever since. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] ezmlm-idx-0.435
On Mar 28, 2005, at 2:49 PM, Bill Shupp wrote: Has anyone tried ezmlm-idx-0.435? Specifically, does it work with qmailadmin nicely? I didn't know it had been released. I can try to take a look at it (at least do a diff from the 0.42? version to see what's different). I'm investigating this after a client pointed out that received headers on messages going through ezmlm do NOT contain IP addresses or hostnames. I do not see this mentioned in the change log of ezmlm-idx-0.435, however. I thought it was intentional that ezmlm stripped out the received headers leading up to the receipt of the message. I guess that it could make it difficult to track down spam that way... -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Patching
On Apr 4, 2005, at 5:27 PM, Rick Macdougall wrote: patch -p0 < patch.file etc You might want -p0 or -p1 depending on the patch type. You might or might not want to be in the same directory as the original files depending on the patch type. I always like to include the '--dry-run' option to patch the first time through, in case I used the wrong -p option or there are other problems (like patches that aren't going to apply correctly). Once I'm confident it will run smoothly, I just remove the --dry-run from the last command. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Mailing List
On Apr 5, 2005, at 6:38 AM, YM wrote: I created a mailing list with the option - only moderator can post, all other bounced. But the funny thing is that it still sends out confirmation email to the moderator for confirmation, instead of directly sending out the email to target list members? If it didn't ask for confirmation, it would be possible to forge messages to the list by pretending to be the moderator. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Mailing List
On Apr 6, 2005, at 2:03 AM, Bob Hutchinson wrote: man ezmlm-sub should tell you enough to script it Make sure you su to user vpopmail before running it, otherwise you'll end up with some files owned by root. If you've done it as root, you can fix it with chown -R vpopmail:vchkpw ~vpopmail/domains -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Strange problem with open relay
On Apr 16, 2005, at 6:32 PM, Júlio Olivares wrote: But, I see there's someone still using my smtp server to relay messages. See this header: --- Received: (qmail 17773 invoked by uid 89); 16 Apr 2005 22:00:20 - Received: from unknown (HELO .net) ([EMAIL PROTECTED]) by 0 with SMTP; 16 Apr 2005 22:00:18 - --- The username before IP is weird. The guy registered the "[EMAIL PROTECTED]" (I provide a free webmail service) and after that he is able to send messages (both To and From are not local domains). Any clue how is he relaying ? He's using SMTP-AUTH. Roaming-users (pop-before-smtp) does not add a username to the received headers. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [toaster] Opening ports on router
On Apr 22, 2005, at 2:13 PM, Ryan Dorn wrote: It just kind of seemed odd to me that I had to leave SMTP open in order to receive messages, as I thought that was what POP3 was for. I was sending the mail from a yahoo address outside the network to an address on the toaster, and I checked the mail from my linux box using Thunderbird. As Bill stated, mail is delivered on port 25, and picked up on 110 (POP), 143 (IMAP), 993 (IMAP over SSL) or 995 (POP over SSL). If you will only pick up email from your home network, you won't have to open up 110, 143, 993 and 995 on your router. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
