[vchkpw] Re: a copy for all mails/all users to an adrress
Hi, > If you avoid usage of /ANY/ .qmail files in ~vpopmail/domains// > you can "misuse" .qmail-default there. How I do that? How I use .qmail file or how I "misuse" the .qmail-default? I try to modify .qmail-default but vdelivermail cannot permit to move somewhere else the mails. Thanks, Radu
[vchkpw] Re: [qmailadmin] PHP vpopmail extension
(off list) fredagen den 13 februari 2004 13.27 skrev Rick Widmer: > Is there anyone on these lists that are using the PHP extension for > vpopmail? > > > I have made substantial changes that adapt it to vpopmail 5.4.0 and I am > wondering how much effort I need to put into compatability with older > versions. No, I'm not using it but I have been packaging a whole bunch of extensions for Mandrake Linux and I would be very interested in looking at what you have done. Cheers.
RE: [vchkpw] PHP vpopmail extension
I would be interested in seeing what you have done also. Shane >-Original Message- >From: Rick Widmer [mailto:[EMAIL PROTECTED] >Sent: Friday, 13 February 2004 8:27 PM >To: [EMAIL PROTECTED]; [EMAIL PROTECTED] >Subject: [vchkpw] PHP vpopmail extension > >Is there anyone on these lists that are using the PHP extension for >vpopmail? > > >I have made substantial changes that adapt it to vpopmail >5.4.0 and I am >wondering how much effort I need to put into compatability with older >versions. > > > >
Re: [vchkpw] cram md5 mysql smtp auth
On Feb 12, 2004, at 10:51 PM, Jeremy Kitchen wrote: it appears that cram-md5 smtp auth with vpopmail-mysql isn't working. I recall a patch from before that fixed smtp auth with vpopmail, was that specific to cdb storage? Which patch are you using? Is qmail-smtpd running as user vpopmail (or root)? Since qmail-smtpd calls vchkpw to authenticate the user, it should work I have not had any reports of problems with the qmail-smtpd-auth-0.4.2.tar.gz patch included in the contrib directory of vpopmail 5.4.0. Older versions of this patch will not work, as they didn't correctly implement the chkpasswd interface (and neither did vchkpw). We fixed vchkpw for 5.4.0, but you may need to update your qmail-smptd to get CRAM-MD5 working again. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [vchkpw] Smtp Auth with VPopmail
On Feb 12, 2004, at 3:45 PM, [EMAIL PROTECTED] wrote: One question. Does smtp auth force users to authenticate when using smtp or does it just provide the option to authenticate? I am able to send email through smtp without authenticating. If I try to authenticate through smtp, it will do that also. It isn't forcing authentication. Any ideas? On a properly configured system, a connection that provides SMTP AUTH information can send email to any address. Connections that don't provide SMTP AUTH can only send to domains hosted locally on that server. *** If you are able to send mail to a domain like hotmail.com or yahoo.com without authenticating (and not from localhost or any other IP you've set up to allow relaying in /home/vpopmail/etc/tcp.smtp), then you messed something up. Check the qmail-smtpd/run file to make sure you're passing the proper parameters to qmail-smtpd. Older patches required a hostname between qmail-smtpd and the path to vchkpw. If you're using the "current" patch (contrib/qmail-smtpd-auth-0.4.2.tar.gz, from http://www.fehcom.de/qmail/smtpauth.html) then you shouldn't have the hostname. One way to tell if you've set up qmail-smtpd/run correctly is to try authenticating with a random username and password. If they work, then qmail-smtpd isn't calling vchkpw to authenticate. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [vchkpw] cram md5 mysql smtp auth
On Fri, 2004-02-13 at 08:52, Tom Collins wrote: > On Feb 12, 2004, at 10:51 PM, Jeremy Kitchen wrote: > > it appears that cram-md5 smtp auth with vpopmail-mysql isn't working. > > I > > recall a patch from before that fixed smtp auth with vpopmail, was that > > specific to cdb storage? > > Which patch are you using? Is qmail-smtpd running as user vpopmail (or > root)? Since qmail-smtpd calls vchkpw to authenticate the user, it > should work > > I have not had any reports of problems with the > qmail-smtpd-auth-0.4.2.tar.gz patch included in the contrib directory > of vpopmail 5.4.0. Older versions of this patch will not work, as they > didn't correctly implement the chkpasswd interface (and neither did > vchkpw). We fixed vchkpw for 5.4.0, but you may need to update your > qmail-smptd to get CRAM-MD5 working again. yes, using that patch, and vpopmail 5.4.0. qmail-smtpd is running as vpopmail user (it wouldn't be able to read the vpomail.mysql file if it wasn't, as I discovered ;) normal smtp auth works fine, cram doesn't not major, would be really nice to have it, but it's not life or death. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
RE: [vchkpw] Smtp Auth with VPopmail
Title: RE: [vchkpw] Smtp Auth with VPopmail Thanks for the inf I have it setup right now. I have one last problem. When I do authenticate through smtp auth, it can't find the user. Here is the log entry: Feb 13 02:14:59 cssimsp0 vpopmail[21457]: [ID 997931 mail.notice] vchkpw-smtp: vpopmail user not found [EMAIL PROTECTED]:10.31.4.134 I know this user exists. I can login with this user in courier-imap. Do you know of any reasons why it can't find that user? -Original Message- From: Tom Collins [mailto:[EMAIL PROTECTED]] Sent: Friday, February 13, 2004 8:57 AM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Smtp Auth with VPopmail On Feb 12, 2004, at 3:45 PM, [EMAIL PROTECTED] wrote: > One question. Does smtp auth force users to authenticate when using > smtp or does it just provide the option to authenticate? I am able to > send email through smtp without authenticating. If I try to > authenticate through smtp, it will do that also. It isn't forcing > authentication. Any ideas? On a properly configured system, a connection that provides SMTP AUTH information can send email to any address. Connections that don't provide SMTP AUTH can only send to domains hosted locally on that server. *** If you are able to send mail to a domain like hotmail.com or yahoo.com without authenticating (and not from localhost or any other IP you've set up to allow relaying in /home/vpopmail/etc/tcp.smtp), then you messed something up. Check the qmail-smtpd/run file to make sure you're passing the proper parameters to qmail-smtpd. Older patches required a hostname between qmail-smtpd and the path to vchkpw. If you're using the "current" patch (contrib/qmail-smtpd-auth-0.4.2.tar.gz, from http://www.fehcom.de/qmail/smtpauth.html) then you shouldn't have the hostname. One way to tell if you've set up qmail-smtpd/run correctly is to try authenticating with a random username and password. If they work, then qmail-smtpd isn't calling vchkpw to authenticate. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/ Notice: The information contained in this message may be privileged, confidential, and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this message, and then delete it from your computer. All e-mail sent to this address will be received by the Aurum Technology corporate e-mail system and is subject to archiving and review by someone other than the recipient.
[vchkpw] Error: Message is looping
Hi all, Finally I have installed qmail+vpopmail sucessfully, but now I have another problem. When I add the domain 'interserv.com.br' (that's the main domain), after some minutes, the server starts to loop with the message: --- Feb 13 16:44:30 interserv qmail: 1076697870.806254 status: local 1/10 remote 0/20 Feb 13 16:44:30 interserv qmail: 1076697870.822365 new msg 876378 Feb 13 16:44:30 interserv qmail: 1076697870.829027 info msg 876378: bytes 269715 from <> qp 17418 uid 1020 Feb 13 16:44:30 interserv qmail: 1076697870.830355 delivery 17070: failure: /usr/virtual/vpopmail/domains/interserv.com.b r,,interserv.com.br/message_is_looping_/mail_is_looping/ Why does it happen ? Is it a bug ? How can I fix it ? Thanks in advance.
Re: [vchkpw] Error: Message is looping
additionally, it happens after I add a alias/forwarad. If I delete the alias/forward everything works fine again - Original Message From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Subject: [vchkpw] Error: Message is looping Date: 13/02/04 18:51 > > Hi all, > > Finally I have installed qmail+vpopmail sucessfully, but now I have another > problem. > > When I add the domain 'interserv.com.br' (that's the main domain), after > some minutes, the server starts to loop with the message: > > --- > > Feb 13 16:44:30 interserv qmail: 1076697870.806254 status: local 1/10 remote > 0/20 > Feb 13 16:44:30 interserv qmail: 1076697870.822365 new msg 876378 > Feb 13 16:44:30 interserv qmail: 1076697870.829027 info msg 876378: bytes > 269715 from <> qp 17418 uid 1020 > Feb 13 16:44:30 interserv qmail: 1076697870.830355 delivery 17070: failure: > /usr/virtual/vpopmail/domains/interserv.com.b > r,,interserv.com.br/message_is_looping_/mail_is_looping/ > > > Why does it happen ? Is it a bug ? How can I fix it ? > > Thanks in advance. > > > > > >
RE: [vchkpw] /var/mail/vpopmail
Hi Matias,
thanks for the tip. Nothing strange here. Can you please take a look and
see if you find anything weird?
~vpopmail/yimports.com/# cat .qmail-default
| maildrop mailfilter
~vpopmail/yimports.com/# cat mailfilter
#!/bin/bash
VPOP="| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox"
VHOME=`/home/vpopmail/bin/vuserinfo -d [EMAIL PROTECTED]
if ( $SIZE < 262144 )
{
exception {
xfilter "/usr/bin/spamc -f -d 127.0.0.1 -u [EMAIL PROTECTED]"
}
}
if (/^X-Spam-Flag: *YES/)
{
# try filtering it using user-defined rules
exception {
include $VHOME/Maildir/.mailfilter
}
# then try delivering it to a Spam folder
exception {
# to "$VPOP"
to "$VHOME/Maildir/.Spam/"
}
# ah well, I guess they'll just have to live with disappointment
exception {
to "$VPOP"
}
}
else
{
exception {
include $VHOME/Maildir/.mailfilter
}
exception {
to "$VPOP"
}
}
/var/mail# head -n 30 vpopmail
>From vpopmail Thu Feb 12 23:10:09 2004
Received: (qmail 1652 invoked from network); 10 Feb 2004 10:50:23 -
Received: from adslfixo-b3-115-147.telepac.pt (HELO halconviajes.com)
(213.13.115.147)
by cb.yimports.com with SMTP; 10 Feb 2004 10:50:23 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: hello
Date: Tue, 10 Feb 2004 10:53:17 +
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="=_NextPart_000__E0E0A74D.C039BD2E"
X-Priority: 3
X-MSMail-Priority: Normal
This is a multi-part message in MIME format.
--=_NextPart_000__E0E0A74D.C039BD2E
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit
and that's all there is... Ah, about that /var/mail/vpopmail mbox file,
there's no [EMAIL PROTECTED] address so i suppose that should be a bounce
email.
Again, thanks for all your help.
Regards,
Celso
On Sex, 2004-02-13 at 01:31, Matias G. Lambert ( OSInet ) wrote:
> It is possible that you have a default delivery to a mbox.
> Take a look at any .qmail files in /var/qmail/alias, and .qmail-default
> files in the domain directories ( /home/vpopmail/domain/directory.com/ ) .
> If you have the email you can see if they are a bounced messages, or what is
> the delivery route ( send us the header ).
> I hope that I help,
>
> Matias Lambert
> OSInet Telecomunicaciones
> Capital Federal - Buenos Aires
> Argentina - CA1185ACA
> http://www.osinet.com.ar
>
>
>
> > -Mensaje original-
> > De: Celso Pinto [mailto:[EMAIL PROTECTED]
> > Enviado el: Jueves, 12 de Febrero de 2004 08:43 p.m.
> > Para: [EMAIL PROTECTED]
> > Asunto: Re: [vchkpw] /var/mail/vpopmail
> >
> >
> > No, not really... only /usr/sbin/sendmail and /usr/lib/sendmail both
> > symlinks to qmail binary replacement.
> >
> > On Qui, 2004-02-12 at 23:18, Marcin Sołtysiak wrote:
> > > Hi
> > > > I have Vpopmail installed on my server and with this new mydoom worm i
> > > > noticed how quickly I was running out of disk space.
> > > >
> > > > Doing some du . -s I found out that vpopmail has been feeding an mbox
> > > > file at /var/mail named vpopmail.
> > > >
> > >
> > > Perhaps you got several "sendmail" binaries and one of them is
> > not a qmail
> > > replacement. It looks like mail to ordinary MBOX has been delivered as a
> > > local delivery which is done mostly by sendmail binary. If it
> > was and old
> > > ona, like from postfix or pure sendmail packages it could
> > deliver to wrong
> > > place.
> > >
> > > Solt
> > >
> > >
> >
> >
> >
[vchkpw] Re: Heureka! Finished POP3-Frequency-Patch (against brute forcing)
Hi, ,- - [ Le jeudi 12 février 2004 vers 10:25 knom écrivait: ] - - | > Currently the patch works IP based. I write a file for each logged in IP to > a directory, where I mark the time of the first login. > Then I count the number of logins during the next xx minutes in that file, > too. > If the number exceeds, I show the message to the user, which is in my > opinion mandatory, because otherwise the user will be confused (but I think > of showing only the minutes and not the exact time ?!...) | `- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Personaly, i would be interested by a patch to limit the frequency by login, and not by IP... What i would like to limit, is customer placing continuous mail check every 30 seconds... il would like to limit email check to 5 every 10 minutes... but it would be a limit per login, and not per IP, i have customers connected with 50 computers behind a NAT router, so only one IP for at least 50 mailbox... IP based frequency patch is only usefull against DoS, but honnestly, for a brute force DoS, a hacker would probably not use POP3 protocol, except if the DoS is really targetting a mail system and not a whole server... Best regards... _ (_' L'informatique est ma passion, vous la simplifier, mon métier ! ,_)téphane Bouvard [antarex AT freenet DOT be] http://www.antarex.be -- _ _ |_)(_ Votre propre nom de domaine .be - service de qualité - 25 Euros o|_)(_ Hosting php4/cgi/mySQL - 100 Euros, pq payer plus ? www.myown.be
[vchkpw] vpopmail and enable-roaming-users not finding QMAILQUEUE variable
Hello List, Is there an archive for the vchkpw/vpopmail mailing lists? If not...here's my problem: I have installed vpopmail with the --enable-roaming-users option. The SMTP "authentication" feature works great! (I can block non-authenticated hosts from sending to domains outside of rcpthosts). But, for the incoming mail originating outside my domain to an address inside (within rcpthosts), I want to invoke the qmail-scanner-queue.pl script, but it does not fire. I have the open-smtp file for the "authentication" and also have the tcp.smtp for the static entries (internal network and how to handle external). I have in tcp.smtp: :allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" But when I look at the message headers of the incoming mail, nothing is populated resulting from being scanned, but the message is allowed to be received. Thanks! J.T.
Re: [vchkpw] Re: Heureka! Finished POP3-Frequency-Patch (against brute forcing)
Here is an obnoxious idea for you... If the user is checking mail too often, send them an email every time they check telling them how often you think they should be doing it... Dear subscriber, It has only been 32 seconds since you last checked your email. If you are waiting for an urgent message, this is fine, but if your are setting your email client to less than 10 minutes, you will get a lot of these messages. Thanks, Your Email Provider Stephane Bouvard [ML] wrote: Hi, ,- - [ Le jeudi 12 février 2004 vers 10:25 knom écrivait: ] - - | Currently the patch works IP based. I write a file for each logged in IP to a directory, where I mark the time of the first login. Then I count the number of logins during the next xx minutes in that file, too. If the number exceeds, I show the message to the user, which is in my opinion mandatory, because otherwise the user will be confused (but I think of showing only the minutes and not the exact time ?!...) | `- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Personaly, i would be interested by a patch to limit the frequency by login, and not by IP... What i would like to limit, is customer placing continuous mail check every 30 seconds... il would like to limit email check to 5 every 10 minutes... but it would be a limit per login, and not per IP, i have customers connected with 50 computers behind a NAT router, so only one IP for at least 50 mailbox... IP based frequency patch is only usefull against DoS, but honnestly, for a brute force DoS, a hacker would probably not use POP3 protocol, except if the DoS is really targetting a mail system and not a whole server... Best regards... _ (_' L'informatique est ma passion, vous la simplifier, mon métier ! ,_)téphane Bouvard [antarex AT freenet DOT be] http://www.antarex.be
[vchkpw] PHP vpopmail extension
Is there anyone on these lists that are using the PHP extension for vpopmail? I have made substantial changes that adapt it to vpopmail 5.4.0 and I am wondering how much effort I need to put into compatability with older versions.
[vchkpw] qmail install script 1.3.7-rc4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello all, A new version of my installing's script for qmail are released (1.3.7-rc4). All feedback are welcome please ... http://www.linuxpourtous.com/download/qmail/releases/ install_qmail-1.3.7-rc4.tar.gz http://www.linuxpourtous.com/download/qmail/CHANGELOG http://www.linuxpourtous.com/download/qmail/README Changelog since 1.3.7-rc3 * Added check for software's compilation * Versions of softwares sources updated * Minor bugfix Best regards - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFALN7C1zwfep5k9qERAnAQAKCahi116vGXMpIDqpC31Ayo0B/GqwCgtzlT lqndyJMJdUQ3wIjZXqPBb34= =lC+o -END PGP SIGNATURE-
