View previous topic :: View next topic |
Author |
Message |
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Mon Jul 04, 2005 4:41 am Post subject: |
|
|
Hello,
I've just brwosed through the forum but couldn't find an answer tomy problem...
I'm running qmail / vpopmail / qmail-scanner with clam and fast sa...
It was a hell setting up, but it runs, it discards all viruses and spam mails are identified all spam above 12 is deleted (I think this is by sa default) and all spam between 5 and 12 is tagged with *****SPAM**** in the subject. When you see the headers of the emails sa writes it own headers to it with the correct sa score... But I've looked everywhere to find a method to delete all those mails between 5 and 12.. is this doable.. so yes how ?
thx in advance
C. |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Tue Jul 05, 2005 9:06 am Post subject: |
|
|
805 wrote: |
...
But I've looked everywhere to find a method to delete all those mails between 5 and 12.. is this doable.. so yes how ?
...
|
Make a backup of /var/qmail/bin/qmail-scanner.pl
Edit /var/qmail/bin/qmail-scanner.pl
Search for "my $sa_delete_site" (on my server it's on line 221)
Modify the value to whatever suites your needs. (read the comments!) |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Tue Jul 05, 2005 9:17 am Post subject: |
|
|
thx for the reply peter...
my $sa_delete_site='5';
my $sa_delete='1';
is my config...
sa_quarantine is set to 0
Could it be that it conflicts with the rewrite subject in the SA local.cf ?
greetz
C. |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Tue Jul 05, 2005 9:21 am Post subject: |
|
|
I just double check it.. and saw that there is sill email coming through with spam level 5 or higher.. the subject is rewriten for those emails but still deliverd
here is my local.cf:
Code: | required_hits 5
#rewrite_header Subject *****SPAM*****
report_safe 1
ok_languages nl
trusted_networks 192.168.254.254 127.0.0.1
# lock_method flock
skip_rbl_checks 0
dns_available yes
use_bayes 1
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam 1
bayes_auto_learn_threshold_spam 14.00
|
thx |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Tue Jul 05, 2005 9:49 pm Post subject: |
|
|
805 wrote: | I just double check it.. and saw that there is sill email coming through with spam level 5 or higher.. the subject is rewriten for those emails but still deliverd :(
... |
The comment reads
Code: | # st: Spam messages with a score higher than
# (required_hits + sa_delete) should be deleted (or rejected).
... |
5+5 = 10, so with your current config mails with spamlevel 5..10 is tagged. spamlevel > 10 is deleted. |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Wed Jul 06, 2005 7:27 am Post subject: |
|
|
oh thx peter.. I'm a dumbass... didn't now had to take the req hists from the local.cf + the ones in qmail-scanner scripts...
Won't it give trouble if I set requeired hits in local.cf to 0 or should it be better to set sa_delete to 1 and req hits to 4?
thx |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Fri Jul 08, 2005 11:36 pm Post subject: |
|
|
805 wrote: | oh thx peter.. I'm a dumbass... didn't now had to take the req hists from the local.cf + the ones in qmail-scanner scripts...
Won't it give trouble if I set requeired hits in local.cf to 0 or should it be better to set sa_delete to 1 and req hits to 4?
thx |
i'm having req.hits=2.5 and delete=4.
The result (after a while with autolearn enabled) is 2-3 mails/week tagged as spam. That is good enough for my use. |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Sat Jul 09, 2005 6:05 am Post subject: |
|
|
thx a lot for the help peter... This has sure pointed me to the right direction.. I should read more carefully.. thx! |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Sat Jul 16, 2005 10:29 pm Post subject: |
|
|
Well, everything is okay with my qmail server except that I cannot send messages..
With squirrelmail there is no probleme, and the config is using smtp on port 25, but If i try to send an E-mail using a client on my computer (which is not on the same network as the server) it doesn't work..
I've tried to telnet on port 25 but I have no response.
Phil _________________ User #29433 |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Sun Jul 17, 2005 4:50 pm Post subject: |
|
|
is firewall software or hardware active ? What if you use a shell on the server and try to connect to localhost:25 ? |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Sun Jul 17, 2005 4:58 pm Post subject: |
|
|
Well, really weird.
Quote: | netrock ~ # telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 netrock.ca ESMTP |
I'm looking for a few commands to test it's working well.
It's seems to work..
Quote: |
netrock ~ # ps aux | grep smtp | grep -v grep
root 6195 0.0 0.0 1280 272 ? S Jul15 0:00 supervise qmail-smtpd
qmaill 6197 0.0 0.0 1292 272 ? S Jul15 0:00 /usr/bin/multilog t s2500000 n10 /var/log/qmail/qmail-smtpd
qmaild 16340 0.0 0.1 2680 800 ? S Jul15 0:00 /usr/bin/tcpserver -H -R -l 0 -R -x /etc/tcprules.d/tcp.qmail-smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd netrock.ca /var/vpopmail/bin/vchkpw /bin/true
|
EDIT: Wow , i've looked to make it work myself and now I get this error....
Quote: |
ERROR:
Requested action not taken: mailbox name not allowed
Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
|
EDIT2: Well i've tried to restart from the begi]ning but this command takes forever, normal ?
Code: |
tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
|
_________________ User #29433 |
|
Back to top |
|
|
805 n00b
Joined: 26 May 2005 Posts: 10
|
Posted: Mon Jul 18, 2005 4:23 pm Post subject: |
|
|
hey geforce...
It looks like you'll have to read the qmail howto on the gentoo wiki.. there is still some configuration to do for qmail.. |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Mon Jul 18, 2005 5:24 pm Post subject: |
|
|
I re-folowed the guide from the begining, and SMTP still answer only from localhost.
But at least I can send E-mails trought Squirrelmail.
Phil _________________ User #29433 |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Jul 21, 2005 9:00 am Post subject: |
|
|
geforce wrote: | I re-folowed the guide from the begining, and SMTP still answer only from localhost.
But at least I can send E-mails trought Squirrelmail.
|
Seems like you've forgot to enable smtp-auth eigther in the server config or in the client config (or both).
One way to test if smtp-auth is the problem is to enter a line in /etc/tcp-rules/smtp (or whatever the file is named) to allow the clients ip-adress to relay mails. Then run the tcprules update (as in the guide) and give it a 'hup' (also in the guide). This way smtp-auth should be bypassed for connections from that ip.
Note: this is for testing only. Restore the config after testing! |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Fri Jul 22, 2005 3:14 am Post subject: |
|
|
Well, I'm using smtp-auth..
I need any users be allowed to send mail..
Here is my /etc/tcprules.d/tcp.qmail-smtp:
Quote: | #to update the database after changing this file, run:
# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
#-----------------------------------------------------
# HERE ARE THE RULES! :
#-----------------------------------------------------
# BYPASS OPEN RELAY CHECKING FOR THESE IPS :
#
# These IPs are ones that we have setup so that they arent RBL checked.
# We have done this because these particular servers are RBL listed,
# and for whatever reason they can't/won't fix their open relay problem,
# and we still want to be able to receive mail from them.
#
# reminder text goes here for this entry so we know the story...
#111.111.111.111:allow,RBLSMTPD=""
# reminder text goes here for this entry so we know the story...
#222.222.222.222:allow,RBLSMTPD=""
#-----------------------------------------------------------------
# DONT ALLOW THESE IPS TO SEND MAIL TO US :
#
216.242.75.100-116:allow,RBLSMTPD="-Connections from this IP have been banned."
# heaps of spam from replyto of *@freeamateurhotties.com dec2001
64.228.127.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"
154.20.94.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"
209.151.132.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"
216.18.85.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"
#-----------------------------------------------------------------
# ALLOW THESE IPS TO RELAY MAIL THROUGH OUR SERVER
#
# Local class-c's from our LAN are allowed to relay,
# and we wont bother doing any RBL checking.
#123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""
#123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""
#
# Connections from localhost are allowed to relay
# (because the WebMail server runs on localhost),
# and obviously there is no point trying to perform an RBL check.
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
#-----------------------------------------------------------------
# ALLOW EVERYONE ELSE TO SEND US MAIL
#
# Everyone else can make connections to our server,
# but not allowed to relay
# RBL lookups are performed
:allow |
Thanks
Phil _________________ User #29433 |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Sat Jul 23, 2005 3:06 pm Post subject: |
|
|
geforce wrote: | Well, I'm using smtp-auth..
I need any users be allowed to send mail..
|
Again... try to allow one of the clients ip adresses to send mail without using smtp-auth. (by adding 123.123.123.123:allow,RELAYCLIENT="",RBLSMTPD="" to the tcp.qmail-smtp and regenerate cdb and hup acording to the guide.) If works without smtp-auth you know you have a authentication problem. If it does not work without smtp-auth you know the trouble is somewhere else. |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Sun Jul 24, 2005 11:33 pm Post subject: |
|
|
Well, I've added my IP to the tcprules file and did the steps all the needed steps.
It don't work either with or without the autentification, it still connect, but I have no answer from the server.
Phil
EDIT: I've tried to login with telnet from localhost just to see... If that normal ?
Quote: |
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 netrock.ca ESMTP
# auth login
530 Must issue a STARTTLS command first (#5.7.0)
# STARTTLS
220 ready for tls
# auth login
Connection closed by foreign host.
|
Is it an error from me or really a problem from the server ? _________________ User #29433 |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Mon Jul 25, 2005 7:53 am Post subject: |
|
|
EDIT: I've tried to login with telnet from localhost just to see... If that normal ?
Quote: |
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 netrock.ca ESMTP
# auth login
530 Must issue a STARTTLS command first (#5.7.0)
# STARTTLS
220 ready for tls
# auth login
Connection closed by foreign host.
|
Is it an error from me or really a problem from the server ?[/quote]
Your server is setup to force TLS. (Which is a good thing for security.) You've emerged qmail-1.03-r15 (or newer) with the NOTLSBEFOREAUTH use-flag disabled.
To make this work you need to set the client to use TLS!
Read my posting earlier in this thread regarding clients and TLS. Some clientes are buggy (like outlook XP (2k is ok!))
Also, do the same telnet commands from the a remote location - does the same ting happen? (you may have a problem with your isp) |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Mon Jul 25, 2005 5:08 pm Post subject: |
|
|
Well, If a try from localhost, it works.
If a try on a machine with the same kind of IP (142.156.169.xx) it appears NetRock ESMTP.
But If i'm not on the network it wont work.. I've contacted my ISP. They said there was no Firewall or blocked ports on my T1.
My server doesn't have any kind of firewall or port-blocking program.
Phil _________________ User #29433 |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Jul 28, 2005 8:27 am Post subject: |
|
|
Localhost works because the 127... ip is in your tcprules.
What do you mean by "get NetRock ESMTP"? No possible to type the auth login command? Buggy telnet client? (I've had some of those telnet clients that doesn't display what is typed in, but the still send commands to the server.) |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Thu Jul 28, 2005 10:39 pm Post subject: |
|
|
Well, If I am on the same IP range (142.169.156.xx) it'll work, Same thing from localhost.
But if I am on any other network it won't work... It connect but I don't get the "220 netrock.ca ESMTP" thing... It only says "Connected" but no login prompt, nothing.
This is really weird...
Phil _________________ User #29433 |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Fri Jul 29, 2005 8:59 pm Post subject: |
|
|
geforce wrote: | But if I am on any other network it won't work... It connect but I don't get the "220 netrock.ca ESMTP" thing... It only says "Connected" but no login prompt, nothing.
|
Add the GLOBAL ip-adress of the testclient on an "other network" to your tcprules. This should disable smtp-auth and verify / exclude smtp-auth as the problem.
Does incomming mail from other smtp servers work? |
|
Back to top |
|
|
geforce l33t
Joined: 29 Dec 2003 Posts: 653 Location: Canada
|
Posted: Fri Jul 29, 2005 10:54 pm Post subject: |
|
|
petterg wrote: |
Does incomming mail from other smtp servers work? |
Yes
petterg wrote: |
Add the GLOBAL ip-adress of the testclient on an "other network" to your tcprules. This should disable smtp-auth and verify / exclude smtp-auth as the problem.
|
How do I do this ?
I've tried to comment the line :allow
and add this:
:allow,RELAYCLIENT="",RBLSMTPD=""
It didn't worked..
I've tried:
69.159.135.26:allow,RELAYCLIENT="",RBLSMTPD=""
And I still have the same problem;
The connection is etablished, but I have no prompt (with telnet (both windows & linux client)), or with mail client.
Phil _________________ User #29433 |
|
Back to top |
|
|
trickypicky75 n00b
Joined: 02 Apr 2004 Posts: 69 Location: Downingtown, PA
|
Posted: Mon Aug 01, 2005 2:18 pm Post subject: Problems w/ Horde |
|
|
All,
I ran through this How-to No problem... well except for Horde & Imp. I've temporarily setup squirrel mail, but I would much rather have the flexibility Horde offers... BTW I am a NEWB to Horde and I am ignorant of all things PHP.... I've done everything accoring to the how-to but when I go to http://server.my.FQDN/horde I get the following error
Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Auth.php on line 81
Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Prefs.php on line 144
If I go to http://server.my.fqdn/horde/test.php I get this
Horde Versions
* Horde: 2.2.8
* IMP: 3.2.8 (run IMP tests)
PHP Version
* View phpinfo() screen
* PHP Version: 4.4.0
* PHP Major Version: 4.4
* PHP Minor Version: 0
* PHP Version Classification: release
* You are running a supported version of PHP.
PHP Module Capabilities
* DOM XML Support: Yes
* FTP Support: Yes
* Gettext Support: Yes
* IMAP Support: Yes
* LDAP Support: Yes
* MCAL Support: No
* Mcrypt Support: Yes
* MySQL Support: Yes
* PostgreSQL Support: No
* XML Support: Yes
Miscellaneous PHP Settings
* magic_quotes_runtime disabled: Yes
* file_uploads enabled: Yes
* safe_mode disabled: Yes
* trans_sid disabled: Yes
PHP Sessions
* Session counter: 1
* To unregister the session: click here
PEAR
* PEAR - Yes
* Recent PEAR - Yes
* Mail - Yes
* Log - Yes
* DB - No
* Your version of DB is not recent enough.
* Net_Socket - Yes
* Date - Yes
* HTML_Common/HTML_Select - No
* Horde requires the HTML_Common and HTML_Select classes only for Kronolith 1.0 to display forms correctly.
The only thing I'm curious about is under PEAR -> DB ... But I don't know if that has anything to do with this problem.
Any help is appreciated.... |
|
Back to top |
|
|
trickypicky75 n00b
Joined: 02 Apr 2004 Posts: 69 Location: Downingtown, PA
|
Posted: Mon Aug 01, 2005 9:05 pm Post subject: Solved |
|
|
O.k. I solved my problem by going to the following files and making 1 change
/etc/php/apache2-php4/php.ini
/etc/php/cli-php4/php.ini
/etc/apache2/conf/php.ini
I ensured that the following was set in each file:
Code: |
error_reporting = E_ALL & ~E_NOTICE
|
and change the following:
Code: |
display_errors = On
|
To:
Code: |
display_errors = Off
|
then I restarted Apache, that seemed to fix the problem.... I'm not sur that I had to make the change in all 3 files, but that seemed to do it. |
|
Back to top |
|
|
|