Thanks for the typically super-explicit instructions. Everything went as expected - the server continues to serve mail. Whew!
However, I re-ran the tests from http://spamlart.homeunix.org and got the same results (although they do have a caveat that qmail might produce "false positives". I also re-ran the relay test from www.abuse net and passed all the tests except one:
"Relay test 6
>>> RSET <<< 250 flushed >>> MAIL FROM:<[EMAIL PROTECTED]> <<< 250 ok >>> RCPT TO:<[EMAIL PROTECTED]> <<< 250 ok >>> DATA <<< 354 go ahead >>> (message body) <<< 250 ok 1064604415 qp 28830
Relay test result Hmmn, at first glance, host appeared to accept a message for relay."
is this something I should be concerned about?
Thanks again for tremendous help!!
Andy
On Friday, September 26, 2003, at 12:09 PM, Bill Shupp wrote:
On Friday, September 26, 2003, at 12:06 PM, Andy Drexler wrote:
Bill, Eero, John -
Thanks very much for the quick, on target replies.
It turns out that the situation with AOL has to do with a reverse-DNS issue (even though my server has been running for a long long time and the configuration hasn't changed, they decided to get picky about it now). Nonetheless, I think I'd like to address the problem that you guys have brought up.
I added the host name to the /var/qmail/supervise/qmail-smtpd/run file and re-ran the tests from http://spamlart.homeunix.org and got the same results (a lot of "Potential Vulnerabilities"). I guess I need to "grab the 0.5 patch from shupp.org. You'll have to patch a fresh copy of qmail." I hate to be too dense here, but are there some instructions for doing this to a live mail server? I'd really like to avoid demolishing something that works well. Is this something I should do in the middle of the night? Are there any non-obvious configuration files that need to be backed up first?
Thanks again for all your help - it is very much appreciated.
Assuming your old files are still there...
cd /var/src/tar wget http://shupp.org/patches/qmail-toaster-0.5.patch.bz2 cd ../ mv qmail-1.03 qmail-1.03-old tar -xzf tar/qmail-1.03.tar.gz cd qmail-1.03 bunzip2 -c ../tar/qmail-toaster-0.5.patch.bz2 | patch make qmailctl stop killall -TERM qmail-remote qmail-smtpd make setup check qmailctl start
That SHOULD do it. But if you have problems, or are not confident in being able to solve them quickly, then do it off hours.
Regards,
Bill
Andy Drexler [EMAIL PROTECTED] (650) 948-4217
