View previous topic :: View next topic |
Author |
Message |
tekn0mage n00b
Joined: 10 Sep 2003 Posts: 47
|
Posted: Mon Jul 09, 2007 9:11 am Post subject: |
|
|
Anything I can help with?
I'm not much of a programmer but I could provide some useful feedback to implement this in a live environment. I have a production mail server that I'd be willing to offer up.
User-level control over spam just makes them feel better. Dunno why. *shrug*. |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Mon Jul 09, 2007 11:17 am Post subject: |
|
|
what it needs is a secure way for virtual users to authenticate and modify files, limited to the files in their own folder.....
The interface I've made has a totally different authentication, as this interface goes to another server process. This process is controlling vpopmail, so when users are created or changing passwords there is a user created in both this and the vpopmail authentication systems.
What I think is the way to go is that each vpopmail account has to be assigned to a chrooted system user account, then apache may be allowed to su-run as this user providing the users password. But then again - we're losing half the point of having virtual mailusers....
Edit: got to think... your needs could probably be fixed with a plugin to squirrelmail. Somewhat the same way as the loganalyzer works, just that it's given access to a file rather than the mysqldb....
(keep in mind - if users are given access to custom filtersetup, be sure they'll figure out how to blacklist the whole world, and you'll be given the blame for them not recieving mail) |
|
Back to top |
|
|
tekn0mage n00b
Joined: 10 Sep 2003 Posts: 47
|
Posted: Mon Jul 09, 2007 6:52 pm Post subject: |
|
|
And that is the joy of what I do
Billing them for something I warned them about in advance
They can either pay a little, and learn it up front the right way. Or they can pay a lot, and repeat the same mistake over and over. It really matters not to me.
But yes, a plugin with Squirrelmail would be a far better alternative than what I've seen. The old SA plugin hasn't been updated in years, so there remains a lot to do. I'm not even sure the current version is even viable.
I'll d/l and install it tonight to see what it does. Thankfully a mirrored copy of my production server is great for such things. |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Sun Jul 15, 2007 1:29 pm Post subject: |
|
|
How did the SA plugin work? |
|
Back to top |
|
|
tekn0mage n00b
Joined: 10 Sep 2003 Posts: 47
|
Posted: Mon Jul 16, 2007 8:04 am Post subject: |
|
|
I didn't even attempt to install it. The last update was in 2003 prior to SpamAssassin 3.0
I'm not even gonna bother with it. Just too old to be viable. The config files changed options a few times since SA 1.x (which is what thiis was built around).
Strike out on that one. |
|
Back to top |
|
|
feiticeir0 Apprentice
Joined: 13 Jul 2005 Posts: 288 Location: Castelo Branco, Portugal
|
Posted: Fri Jul 27, 2007 8:17 am Post subject: Ldap qmail |
|
|
Hello. I must say: this is the best howto i've seen of qmail.
I have it installed and working perfectly.
I just wonder if anyone has ever put qmail working with LDAP. Any ideias how to do that ?
Cheers,
Bruno _________________ Do It With Rhythm |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Tue Jul 31, 2007 2:08 pm Post subject: Thanks again :) |
|
|
Thanks again for that guide - everything seems to be working perfectly ;] _________________ -v- |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Wed Aug 01, 2007 11:26 am Post subject: Re: Thanks again :) |
|
|
vult wrote: | Thanks again for that guide - everything seems to be working perfectly ;] |
One problem:
I need to force users to authenticate before sending an email. I've done that by removing content from rctphosts file. Now you need to auth with your username and password to send an email to any domain - if you don't you get error:
Sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3)
Unfortunately when you try to send an email from other server (f.e. gmail) you get this error too.
Is there any solution for this problem?
Thanks for any help _________________ -v- |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Aug 02, 2007 9:31 pm Post subject: Re: Thanks again :) |
|
|
vult wrote: |
One problem:
I need to force users to authenticate before sending an email. I've done that by removing content from rctphosts file. Now you need to auth with your username and password to send an email to any domain - if you don't you get error:
Sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3)
Unfortunately when you try to send an email from other server (f.e. gmail) you get this error too.
Is there any solution for this problem?
Thanks for any help |
Just redo the step with tcprules. Edit the config so that only 127.... is allowed to relay. |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Mon Aug 06, 2007 12:45 pm Post subject: Re: Thanks again :) |
|
|
petterg wrote: |
Just redo the step with tcprules. Edit the config so that only 127.... is allowed to relay. |
Yup, It helped :] Thanks you very very much _________________ -v- |
|
Back to top |
|
|
anest n00b
Joined: 12 Mar 2007 Posts: 31
|
Posted: Sun Aug 12, 2007 3:51 am Post subject: |
|
|
I got this error (on another side, from i try to send email):
PERM_FAILURE: SMTP Error (state 13): 511 Sorry, no mailbox here by that name (#5.1.1)
i did two times by this instruction, but get no luck
please help me figure it out
i think this is can be permissions problem but i cant finded where is it. |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Sun Aug 12, 2007 12:06 pm Post subject: |
|
|
anest wrote: | I got this error (on another side, from i try to send email):
PERM_FAILURE: SMTP Error (state 13): 511 Sorry, no mailbox here by that name (#5.1.1)
i did two times by this instruction, but get no luck :cry:
please help me figure it out
i think this is can be permissions problem but i cant finded where is it. |
Did you send to an existing mail-adress?
Are you able to send to the address from localhost? (i.e using webmail)
Are you able to send mail out?
Did you try to telnet your smtp server? |
|
Back to top |
|
|
Uffe n00b
Joined: 16 Jun 2002 Posts: 14
|
Posted: Tue Aug 21, 2007 8:33 pm Post subject: |
|
|
petterg, great guide!
Do you or anyone else have a recommendation for automatically moving mail that gets tagged as spam into junk folders, within the mail environment configured using this guide? I've seen some maildrop solutions and tinkered with one but it doesn't seem to work right due to "Unable to create a dot-lock" error. I understand this means it's not finding the directory it's trying to deliver to, or it can't write to it, but I'm not sure what user maildrop would be running as.
Thanks in advance for any pointers around spam sorting solutions! |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Wed Aug 22, 2007 9:52 am Post subject: bayes autolearn=failed |
|
|
Maybe it'll help someone:
I had problem with bayes autolearn=failed.
Needed to comment:
lock_method flock
in /etc/mail/spamassassin/local.cf file.
Now bayes is learning without problems _________________ -v- |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Aug 23, 2007 9:28 pm Post subject: Re: bayes autolearn=failed |
|
|
vult wrote: | Maybe it'll help someone:
I had problem with bayes autolearn=failed.
Needed to comment:
lock_method flock
in /etc/mail/spamassassin/local.cf file.
Now bayes is learning without problems :) |
Is any files related to the mailsystem accessed over NFS? (If so, thats why. Think I even mentioned it in the guide. Or at least it's in the manual) |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Thu Aug 23, 2007 10:31 pm Post subject: Re: bayes autolearn=failed |
|
|
petterg wrote: |
Is any files related to the mailsystem accessed over NFS? (If so, thats why. Think I even mentioned it in the guide. Or at least it's in the manual) |
No I don't use NFS. I have separate partition for domains but it's HW RAID only. _________________ -v- |
|
Back to top |
|
|
jrenraw n00b
Joined: 23 Aug 2005 Posts: 16
|
Posted: Tue Oct 02, 2007 5:15 pm Post subject: SMTP-Auth no longer works after upgrading openssl |
|
|
I've had qmail/vpopmail/courier-imap,smtp-auth,spamassassin, and clamav working for a long time (following this how-to) but after upgrading openssl from 0.9.8d to 0.9.8e-r2, SMTP-auth no longer worked and the client trying to send email would get a error. I downgraded back to 0.9.8d and all is working normally. The netqmail changelog indicates a fix with openssl 0.9.8e. This is fixed in netqmail-1.05-r8. It also appears to have some smtp-auth patches included. Is anyone running netqmail-1.05-r8 and openssl-0.9.8e-r2 and will they work for this how-to? |
|
Back to top |
|
|
xeon061 n00b
Joined: 06 Jan 2007 Posts: 14
|
Posted: Mon Oct 08, 2007 5:05 am Post subject: Need help! mail stuck in mail queue |
|
|
Hi there!
I need help or maybe a little input.
I updated from the so called "2006" version with all the stuff mentioned here. (Hopefully all use flags are set correctly )
After a few little problems, it seem to be ok. (Mail from outside is being fetched, qmail-scanner and the stuff seems to be running and working, but finally the mail stuck in queue mail)
....
Mon, 08 Oct 2007 06:13:24 CEST:8379: p_s: type is a size!
Mon, 08 Oct 2007 06:13:24 CEST:8379: p_s: skipping auto-generated file textfile0
Mon, 08 Oct 2007 06:13:24 CEST:8379: p_s: finished scan of dir "/var/spool/qmailscan/tmp/linuxmail11918168047678379" in 0.02 secs
Mon, 08 Oct 2007 06:13:24 CEST:8379: scanloop: finished scan of "/var/spool/qmailscan/tmp/linuxmail11918168047678379"...
Mon, 08 Oct 2007 06:13:24 CEST:8379: ini_sc: scanning message took 0.021654 seconds
Mon, 08 Oct 2007 06:13:24 CEST:8379: q_r: fork off child into /var/qmail/bin/qmail-queue...
Mon, 08 Oct 2007 06:13:24 CEST:8379: q_r: xstatus=0
Mon, 08 Oct 2007 06:13:25 CEST:8379: qmail-scanner: Clear:RC:1(127.0.0.1): 0.03614 1482 blabla@mailadressblabla.de jor@dom800.local 1234 <47099C1B.3050400@mailadressblabla.de> textfile0:5
Mon, 08 Oct 2007 06:13:25 CEST:8379: cleanup: /bin/rm -rf /var/spool/qmailscan/tmp/linuxmail11918168047678379/ /var/spool/qmailscan/working/new/linuxmail11918168047678379
Mon, 08 Oct 2007 06:13:25 CEST:8379: --- all finished. Total of 0.113461 secs
qmHandle -l
....
12386339 (11, L)
Return-path: anonymous@linuxmail.dom800.local
From: root@linuxmail.dom800.local (Cron Daemon)
To: root@linuxmail.dom800.local
Subject: Cron <root@linuxmail> test -x /usr/sbin/run-crons && /usr/sbin/run-crons
Date: 8 Oct 2007 03:05:34 -0000
Size: 626 bytes
12386371 (20, L)
Return-path: balbla@mailadressblabla.de
From: sicher <blabla@mailadressblabla.de>
To: jor <lokal_address@lokalserver>
Subject: 1234
Date: Mon, 08 Oct 2007 04:55:23 +0200
Size: 1813 bytes
Messages in local queue: 5
Messages in remote queue: 1
More info needed?
Thanks in advance........... |
|
Back to top |
|
|
xeon061 n00b
Joined: 06 Jan 2007 Posts: 14
|
Posted: Sat Oct 13, 2007 10:22 am Post subject: Re: Need help! mail stuck in mail queue |
|
|
Fixed the problem!
Re-emerged all the things but no solution.
Unmerged all with -C and moved the configurationfiles in an extra directory and emerged all again and it worked.
Maybe there was a wrong sign or entry in the configuration files.
Thanks a lot for the Guide! |
|
Back to top |
|
|
x0b0h n00b
Joined: 15 Oct 2007 Posts: 1
|
Posted: Mon Oct 15, 2007 6:42 am Post subject: error with users auth... |
|
|
Hi,
I've got a problem with user auth. I installed netqmail package as included in this guide, but there is a problem with user auth. It allways gives auth error "Sending the password did not succeed. Mail Server mydomain.net responded: authorization failed" If I change username to an incorrect, gives me the following " This user has not &HOME/Maildir".
I guess there's a problem with userfile Mailboxes location or something like that...
I've clearly revised all related with vcheckpsw, and related stuff with no success... anyone could help please?
Thanks!
Cesc
|
|
Back to top |
|
|
jrenraw n00b
Joined: 23 Aug 2005 Posts: 16
|
Posted: Thu Oct 18, 2007 11:18 pm Post subject: |
|
|
Fyi...This took me a while to troubleshoot and resolve so hoping this info will help someone else. For unknown reasons I started to get the below "Cannot allocate memory" errors whenever a new email came in and vpopchk.sh was run.
Quote: |
sudo: qmaild : TTY=unknown ; PWD=/var/qmail ; USER=vpopmail ; COMMAND=/var/qmail/plugins/chkuser_pg/vpopchk.sh user domain.com
sudo: PAM unable to dlopen(/lib64/security/pam_cracklib.so)
sudo: PAM [dlerror: libcrack.so.2: failed to map segment from shared object: Cannot allocate memory]
sudo: PAM adding faulty module: /lib64/security/pam_cracklib.so
|
I was able to resolve this by increasing the qmail SOFTLIMIT_OPTS in /var/qmail/control/conf-common.
I was at:
Quote: | SOFTLIMIT_OPTS="-m 32000000" |
and changed it to:
Quote: | SOFTLIMIT_OPTS="-m 48000000" |
Of course svscan needs to be restarted afterward for it to take effect.
Quote: | /etc/init.d/svscan restart |
|
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Mon Oct 22, 2007 7:22 am Post subject: Re: error with users auth... |
|
|
x0b0h wrote: | Hi,
I've got a problem with user auth. I installed netqmail package as included in this guide, but there is a problem with user auth. It allways gives auth error "Sending the password did not succeed. Mail Server mydomain.net responded: authorization failed" If I change username to an incorrect, gives me the following " This user has not &HOME/Maildir".
I guess there's a problem with userfile Mailboxes location or something like that...
I've clearly revised all related with vcheckpsw, and related stuff with no success... anyone could help please?
Thanks!
Cesc
:-) |
Does authentication work for the POP/IMAP login? Are you able to send/recieve mails using the webmail? |
|
Back to top |
|
|
Uriazh n00b
Joined: 20 Apr 2003 Posts: 16 Location: Iceland
|
Posted: Mon Oct 29, 2007 9:56 pm Post subject: |
|
|
I know this is redundant, but thanks for this awesome howto, I agree that it's one of the easiest qmail how to's out there, and yet it goes a wee bit under the surface unlike most I've read.
I just used it to upgrade a productional server today and the only problem Im having is that on and off users can't login, but get a "incorrect user/pass" regardless of what the user is trying to connect via (squirrelmail, evolution, roundcube (love that one), outlook or any other mailapp.), nor the protocol (imap(-ssl) or pop3(-ssl)).
The only error I can see is in /var/log/mail/current and it states:
Code: |
Oct 29 19:38:53 [pop3d] Connection, ip=[::ffff:ipaddress]
Oct 29 19:38:53 [authdaemond] vmysql: sql error[3]: MySQL server has gone away
Oct 29 19:38:53 [pop3d] LOGIN FAILED, user=user@domain.tld, ip=[::ffff:ipaddress]
|
The only thing I can think of is courier-authlib, restarting it seems to fix the problem (users can log in straight away) but in a few minutes time users start getting the error again. Kinda like playing russian rulette with mail..
Any thoughts on what could be the problem and/or how to fix this ? |
|
Back to top |
|
|
vult n00b
Joined: 13 May 2006 Posts: 34 Location: Poland -> Łódź
|
Posted: Tue Oct 30, 2007 12:27 am Post subject: |
|
|
Uriazh wrote: | I know this is redundant, but thanks for this awesome howto, I agree that it's one of the easiest qmail how to's out there, and yet it goes a wee bit under the surface unlike most I've read.
I just used it to upgrade a productional server today and the only problem Im having is that on and off users can't login, but get a "incorrect user/pass" regardless of what the user is trying to connect via (squirrelmail, evolution, roundcube (love that one), outlook or any other mailapp.), nor the protocol (imap(-ssl) or pop3(-ssl)).
The only error I can see is in /var/log/mail/current and it states:
Code: |
Oct 29 19:38:53 [pop3d] Connection, ip=[::ffff:ipaddress]
Oct 29 19:38:53 [authdaemond] vmysql: sql error[3]: [b]MySQL server has gone away[/b]
Oct 29 19:38:53 [pop3d] LOGIN FAILED, user=user@domain.tld, ip=[::ffff:ipaddress]
|
The only thing I can think of is courier-authlib, restarting it seems to fix the problem (users can log in straight away) but in a few minutes time users start getting the error again. Kinda like playing russian rulette with mail..
Any thoughts on what could be the problem and/or how to fix this ? |
Are you sure you have MySQL server up and running? Seems to be down for me. _________________ -v- |
|
Back to top |
|
|
Uriazh n00b
Joined: 20 Apr 2003 Posts: 16 Location: Iceland
|
Posted: Tue Oct 30, 2007 9:08 am Post subject: |
|
|
It is up, I assure you, I've even been logged into MySQL via CLI when this error occurs.
It seems to me that once in a while the courier-authlib can't establish a connection to MySQL.
I've been googling like a maniac though, found this post which tells that the only workaround for this was to restart courier-authlib hourly, that seems to work for me too, but Im not so keen on having part of the mailserver going down every hour.. =P
The courier-authlib init script restarts not only itself but courier-* (pop3d/-ssl and imapd/-ssl)
I saw on one thread a patch for this, but it was for a much older version of courier-authlib and so I didn't try to patch anything. |
|
Back to top |
|
|
|