Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
People has not the courage to say that Bernstein design and coding is horrible. ??? QMAIL was a secure product and a good academic programming model, ten years ago. Now, a modern MTA facing millions of emails has completely different problems from the ones Bernstein faced. But he made a closed architecture, not a modular one, adding a no-sense license. Hmm...qmail is STILL a secure and a good programming model. I don't see how it has become unsecure. Perhaps you can enlighten us on that. As for programming model, I don't see a problem. The only problem I see is the lack of certain capabilities and qmail's current architecture. Actually, not a problem with the design of the architecture but the state of it. postfix uses the same architecture with certain improvements like persistent daemons in the manner of httpd and a more advanced queue manager. If postfix had dot-qmail support, it would become rather complete. postfix code is however harder to follow than qmail's. Plugin is slow, and does not let do anything important, just side checks. The core is untouched, and here the problem is the core. Yes, the core can do with some improvements for certain scenarios. QMAIL has a lot of problems; the mail world has changed but QMAIL is designed to be impossible to change because of the presunction of Bernstein of being a perfect designer. qmail does not have a lot of problems. Quite bug free and secure :D. DJB is a perfect designer. The fact that Wietse uses the same basic design speaks for itself. We are only complaining that he has stopped and not continued. QMAIL is no more mantained because Bernstein is prisoner of his wrong architecture. He cannot improve it, because he should change all the architecture, and none would follow him today on the same licensing scheme. I am sorry but I really doubt you can do any better. Do you plan to show us by writing your own MTA? No one follows him on the licensing because corporations have made sure that things have become so muddied that no one would risk not specifying a license...but others have taken it a step further and made licenses to 'fight' back like the GPL. I find it ludicrous that software is 'licensed and not sold'. I can very do anything I like with a book I bought and that goes for software. Qmail is only an academic example of programming, that in real life should never be used by expert programmers. ROTFL. When you manage a software project that has as clean a record as qmail with respects to bugs, come back and let us know. Not even postfix can claim anything near qmail's record. Just my 1 eurocent. Soon I will have my 1 plastic HK Dollar.
[vchkpw] chkuser on relay server , part II
Hello All especially tonix ;) , well, I see discussion running here ;) but I want move little forward. just my2 cent: qmail is good example of "proof of concept" which make its own way. Bad luck is that DJB is not working on it, so this nifty features will be slowly lost as more and more patches will come, which is main point of all complaints. Its is nice that we have all the patches, but most of them are incompatible or hard to implement into others so until someone "really" Im mean "really" need them (so spending days on them), it will switch to something else, which is not good as qmail, but these days is almost everything good as qmail. If there is no progress,blind by own feeling how it is perfect , no matter that it is "best of the best" it will become soon or later overcome by others. Remember OS/2 or BeOS ? ;) As qmail server is used as front-relay , there is problem with chkuser to check real rcpt. from discussion I see few aproaches how it can be done: - copy/mount vpopmail (not all files, just needed) to relay server and delete from virtualdomains - well, kinda ugly but working ;) problem is that If I have some offices behind firewall and even on exchange, I cant go this way - using of "validrcptto" patch - nice, but problem implement into rest of patches (bill shupp/big ISP...), when I use it, im loosing chkuser features ;) and others - so after spending weekend over google ;) I want kindly ask TONIX if he is willing to add smal feature into chkuser 2.0.8, I have idea something like CHECK_EXTERNAL_FILE = 0/1 EXTERNAL_FILE = /bla/bla/list.txt (or even cdb) in this case is much easier make list of mailboxes , for example script from David Duserre from fehcom.de can make list of all even aliases and ezmlm lists it will be really helpfull to have something like this, and as I saw code for validrcptto it should be not so much coding ;) thank you very much even if you will not do it ;) Miki (Peter Mikeska)
[vchkpw] Error: Illegal username
Preliminary info. vpopmail 5.4.17 OpenBSD 4.0 It's been working for a week or so. I downloaded email from several accounts on Two domains around 08:30 today. My next email check around 09:15 gave me authorization failures on all accounts and domains. qmail is up...I did restarts just in case. Decided to directly change a postmaster passworde. cd /home/vpopmail/bin ./vpasswd [EMAIL PROTECTED] password Error: Illegal username domain and user still exists. Tried other users in the domain and the second domain It fails with Error: Illegal username on all attempts. Need a quick answer? Get one in minutes from people who know. Ask your question on www.Answers.yahoo.com
Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
At 14.14 15/01/2007, you wrote: People has not the courage to say that Bernstein design and coding is horrible. ??? QMAIL was a secure product and a good academic programming model, ten years ago. Now, a modern MTA facing millions of emails has completely different problems from the ones Bernstein faced. But he made a closed architecture, not a modular one, adding a no-sense license. Hmm...qmail is STILL a secure and a good programming model. I don't see how it has become unsecure. I said "it was" because at that time it was the unique one to be so safe. Now that other products give good security, the lack of features outperforms the need of security. Anyway, programming model is horrible, despite of other considerations. Perhaps you can enlighten us on that. As for programming model, I don't see a problem. The only problem I see is the lack of certain capabilities and qmail's current architecture. Actually, not a problem with the design of the architecture but the state of it. postfix uses the same architecture with certain improvements like persistent daemons in the manner of httpd and a more advanced queue manager. If postfix had dot-qmail support, it would become rather complete. You call that "same architecture"? QMAIL has a lot of problems; the mail world has changed but QMAIL is designed to be impossible to change because of the presunction of Bernstein of being a perfect designer. qmail does not have a lot of problems. Quite bug free and secure :D. DJB is a perfect designer. The fact that Wietse uses the same basic design speaks for itself. We are only complaining that he has stopped and not continued. If the architecture cannot grow, designer wasn't that good. QMAIL is no more mantained because Bernstein is prisoner of his wrong architecture. He cannot improve it, because he should change all the architecture, and none would follow him today on the same licensing scheme. I am sorry but I really doubt you can do any better. Do you plan to show us by writing your own MTA? I've not fear of that. I'll have spare time (I have to work, I'm not that rich) I will do. ROTFL. When you manage a software project that has as clean a record as qmail with respects to bugs, come back and let us know. Are you speaking of Open Source or professional projects? I can tell you about projects I worked on: transactional systems, telex switching systems, and so on. Millions/hundreds thousand lines of code, zero final bug (and very few during development) because of a very good design of systems. Bug free does not mean anything, when software is hard to change and makes easy to add new errors. And difficult code does not mean good code, as in this case. Not even postfix can claim anything near qmail's record. Postfix takes the risk to grow, while qmail is perfect (according to you) and dead. Regards, Tonino Just my 1 eurocent. Soon I will have my 1 plastic HK Dollar.
Re: [vchkpw] chkuser on relay server , part II
Miki, At 15.52 15/01/2007, you wrote: Hello All especially tonix ;) , well, I see discussion running here ;) but I want move little forward. just my2 cent: qmail is good example of "proof of concept" which make its own way. Bad luck is that DJB is not working on it, so this nifty features will be slowly lost as more and more patches will come, which is main point of all complaints. Its is nice that we have all the patches, but most of them are incompatible or hard to implement into others so until someone "really" Im mean "really" need them (so spending days on them), it will switch to something else, which is not good as qmail, but these days is almost everything good as qmail. If there is no progress,blind by own feeling how it is perfect , no matter that it is "best of the best" it will become soon or later overcome by others. Remember OS/2 or BeOS ? ;) As qmail server is used as front-relay , there is problem with chkuser to check real rcpt. from discussion I see few aproaches how it can be done: - copy/mount vpopmail (not all files, just needed) to relay server and delete from virtualdomains - well, kinda ugly but working ;) problem is that If I have some offices behind firewall and even on exchange, I cant go this way - using of "validrcptto" patch - nice, but problem implement into rest of patches (bill shupp/big ISP...), when I use it, im loosing chkuser features ;) and others - so after spending weekend over google ;) I want kindly ask TONIX if he is willing to add smal feature into chkuser 2.0.8, I have idea something like CHECK_EXTERNAL_FILE = 0/1 EXTERNAL_FILE = /bla/bla/list.txt (or even cdb) in this case is much easier make list of mailboxes , for example script from David Duserre from fehcom.de can make list of all even aliases and ezmlm lists it will be really helpfull to have something like this, and as I saw code for validrcptto it should be not so much coding ;) thank you very much even if you will not do it ;) I'm thinking a lot how solve this problem (one year ago I was near to start with a client/server chkuser, but I was not totally convincted). I now approaching to a solution that could be more easy than expected (and you suggestion could be another good one to add). But together with this feature I have a lot of other features to add, and I feel a lot within qmail must be rewritten in order to have those features working. I will evaluate a way to move to a really free Open Source qmail clone, more easy to update and be added of new features. If I will not see a feasible way, I'll continue with standard patching. Ciao, Tonino Miki (Peter Mikeska)
Re: [vchkpw] chkuser on relay server , part II
Miki wrote: - so after spending weekend over google ;) I want kindly ask TONIX if he is willing to add smal feature into chkuser 2.0.8, I have idea something like CHECK_EXTERNAL_FILE = 0/1 EXTERNAL_FILE = /bla/bla/list.txt (or even cdb) I second this request-- having this functionality in chkuser would save me a world of trouble. David
[vchkpw] vpopmail max quota of 2GB
Hi, It seems that there's a limit in quota at 2GB. What are the options available to have mail accounts with more than 4 GB quota? Thx, Iulian
Re: [vchkpw] Error: Illegal username
On Jan 15, 2007, at 7:19 AM, martin wrote: cd /home/vpopmail/bin ./vpasswd [EMAIL PROTECTED] password Error: Illegal username domain and user still exists. Tried other users in the domain and the second domain It fails with Error: Illegal username on all attempts. Is domain in /var/qmail/users/assign? Does vuserinfo work? Can you see the domain and it's vpasswd file in ~vpopmail/domains (exact directory will be listed in /var/qmail/users/assign)? -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] vpopmail max quota of 2GB
On Jan 15, 2007, at 9:29 AM, Iulian Liviu Ionescu wrote:
It seems that there's a limit in quota at 2GB. What are the options
available to have mail accounts with more than 4 GB quota?
One options: rewrite the Maildir++ patches for qmail and POP/IMAP
servers, along with vpopmail's quota support code to use a larger
variable type to store the sizes (long long?). It might be possible
to work around it with a hack of storing message sizes in bytes, but
the total of the sizes (and the user's quota) in KB. This would get
you up to 2TB quotas.
foreach message_size do {
bytes += message_size;
kbytes += bytes / 1024;
bytes = bytes % 1024;
}
I'm sure that at the time it was written, 2GB seemed like an insane
quota for a mailbox. Unfortunately it's now a realistic number.
Keep in mind that if you've got 2GB mailboxes, it probably requires
lots of resources to recalculate disk usage. Consider running a
nightly cronjob that calculates disk usage for all email users and
warns the ones who are over "quota". If they stay over for a certain
period, bill them or turn their account off.
Not a pretty solution, but I'm afraid there's no easy way to support
quotas over 2GB.
--
Tom Collins - [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] qmail-smtpd works only without SMTP auth after chkuser patch
Hello everyone, I guess I really have two issues. First, I just recently patched qmail-smtpd according to the manual installation guide [ http://www.interazioni.it/opensource/chkuser/documentation/installation/manual.html ] and sending works fine, except if authentication is marked in the client. I use Thunderbird on Windows and receive an error 5.5.0 that I'm already authorized. Another user (Thunderbird on Linux) receives an error 4.3.0 that he is unable to read controls. Without authentication, sending works fine. I'm using qmail, vpopmail, MySQL, and courier-auth on a Fedora Core 5 machine. Second one, which isn't near as vital as the first, is the test given on the chkuser site before implementing works for the "rcpt to:" command, but always allows the "mail from" command. I quintuple-checked the patch code and everything is correct, so I can't see why this first check fails. Any ideas on this as well? Thanks for any and all assistance to these problems! Matthew Washington
Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
QMAIL was a secure product and a good academic programming model, ten years ago. Now, a modern MTA facing millions of emails has completely different problems from the ones Bernstein faced. But he made a closed architecture, not a modular one, adding a no-sense license. Hmm...qmail is STILL a secure and a good programming model. I don't see how it has become unsecure. I said "it was" because at that time it was the unique one to be so safe. Now that other products give good security, the lack of features outperforms the need of security. I do not see how that makes it a 'was secure'. Even you make the point that its problem is the lack of features and not that it has somehow become insecure. Features is not the same as security. Anyway, programming model is horrible, despite of other considerations. You have not made any qualifying statements on this other than your insistence on your opinion. Saying the programming model is horrible does not make it so. I have pointed out that the code is readable. Let me explain that a bit more. The flow is readily discernible and I doubt that is a mark of a poor programming model. Perhaps you can enlighten us on that. As for programming model, I don't see a problem. The only problem I see is the lack of certain capabilities and qmail's current architecture. Actually, not a problem with the design of the architecture but the state of it. postfix uses the same architecture with certain improvements like persistent daemons in the manner of httpd and a more advanced queue manager. If postfix had dot-qmail support, it would become rather complete. You call that "same architecture"? I don't see why not. One can always swap out the tcpserver and qmail-smtpd combination with something else similar to postfix's master + smtpd combination. So it becomes a matter of the components. If that does not show that it is the same architecture then I do not know what you mean by architecture. One can do the same for qmail-send qmail-lspawn qmail-rspawn qmail-local qmail-remote. QMAIL has a lot of problems; the mail world has changed but QMAIL is designed to be impossible to change because of the presunction of Bernstein of being a perfect designer. qmail does not have a lot of problems. Quite bug free and secure :D. DJB is a perfect designer. The fact that Wietse uses the same basic design speaks for itself. We are only complaining that he has stopped and not continued. If the architecture cannot grow, designer wasn't that good. Bah! You claim that the architecture cannot grow. I call nonsense on your assertion. postfix uses the same basic design, the difference only being the components and postfix has demonstrated quite clearly that the design is good and efficient one. Just because qmail's components are lacking in certain behaviours and features does not mean that the architecture design was bad. QMAIL is no more mantained because Bernstein is prisoner of his wrong architecture. He cannot improve it, because he should change all the architecture, and none would follow him today on the same licensing scheme. I am sorry but I really doubt you can do any better. Do you plan to show us by writing your own MTA? I've not fear of that. I'll have spare time (I have to work, I'm not that rich) I will do. Funny that. DJB too had to work when he wrote qmail and I believe he is still working. ROTFL. When you manage a software project that has as clean a record as qmail with respects to bugs, come back and let us know. Are you speaking of Open Source or professional projects? I can tell you about projects I worked on: transactional systems, telex switching systems, and so on. Millions/hundreds thousand lines of code, zero final bug (and very few during development) because of a very good design of systems. Great. I await your qmail replacement. Bug free does not mean anything, when software is hard to change and makes easy to add new errors. And difficult code does not mean good code, as in this case. You find qmail code to be difficult? Now that is a laugh...I find it rather readable compared to other stuff I have looked at. Not even postfix can claim anything near qmail's record. Postfix takes the risk to grow, while qmail is perfect (according to you) and dead. Since when did I say it was perfect. I have quite clearly pointed out that I am complaining of DJB's lack of continued development of qmail. I have gone so far as to advocate postfix in replacement of qmail in a wide variety of environments but not a lot on this list. You however have called to question not its lack of features/development of features but its architecture and programming model without any case for such criticisms other than your opinion.
Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
Guys, in the interest of advancing the science of vpopmail, would you please consider taking this discussion/argument/difference-of-opinion offline? I'm keenly anxious to see the possible new directions that vpopmail may grow given the several threads of recent activity. Your energy and wisdom applied to that end would be most excellent! Cheers, Dave.
Re: [vchkpw] Rethinking qmail : was Re: [vchkpw] how use chkuser on "dmz"
Dave Richardson wrote: Guys, in the interest of advancing the science of vpopmail, would you please consider taking this discussion/argument/difference-of-opinion offline? +1 I'm keenly anxious to see the possible new directions that vpopmail may grow given the several threads of recent activity. Your energy and wisdom applied to that end would be most excellent! If you are interested in the gory details you should probably be watching the vpopmail-devel list too. I try to keep as much of the internals discussion and all the patches over there. Rick
