Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: qmail vpopmail qmail-scanner courier squirrelmail
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, ... 15, 16, 17  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
salk
n00b
n00b


Joined: 05 Aug 2003
Posts: 37
Location: Johannesburg, South Africa

PostPosted: Tue Dec 30, 2003 6:06 am    Post subject: Reply with quote

The other option is to make use of the pop3d daemon that is now included in the qmail ebuild.

I have also got the login error with courier-imap and activated the pop3d from qmail and was sorted out.

I do not make use of IMAP atm ... so its easier for me to do it that way.
_________________
Steven Mac Intyre

http://steven.macintyre.name
Back to top
View user's profile Send private message
salk
n00b
n00b


Joined: 05 Aug 2003
Posts: 37
Location: Johannesburg, South Africa

PostPosted: Tue Dec 30, 2003 7:26 am    Post subject: Reply with quote

*had enough*

I have got everything up and actually running ... wow :)

I moved to qmail-pop3d because courier-imap was not authenticating ... I tried to login and got messages saying $HOME/Maildir did not exist.

I went into the run script for pop3d and changed .maildir to Maildir and it now logs in ...

I am firstly puzzled at why it logs in with steven and not steven@domain ... since its on a virtual setup.

BUT ... mail is not getting delivered to the Maildir in /var/vpopmail/domains/domain.net/steven/Maildir ... smtpd accepts the mail ... processes the queue ... but where does that mail go ?

The Maildir is a proper maildir created by vpopmail.

I have been through logs and all and cannot find any errors or notices that will have any impact on this.

Does anyone have any idea's ?
_________________
Steven Mac Intyre

http://steven.macintyre.name
Back to top
View user's profile Send private message
Sh4d0w
n00b
n00b


Joined: 26 Nov 2003
Posts: 28

PostPosted: Wed Dec 31, 2003 12:53 am    Post subject: Reply with quote

Good tutorial, thanks
Back to top
View user's profile Send private message
guitard00d
Tux's lil' helper
Tux's lil' helper


Joined: 19 Dec 2003
Posts: 81
Location: Minatare, NE, USA, Earth

PostPosted: Fri Jan 02, 2004 8:11 pm    Post subject: Re: clamav Reply with quote

sabrex wrote:
Ritter wrote:
I cant seem to prove that the clamav is really doing anything, I can send myself all forms of the eicar test virus signature and always get:
<snip>
Any help figuring this out would be greatly appreciated.


Go through step 5 again. I have made some changes recently that may accomplish this, although I haven't tested it much. Tell me if making those changes makes a difference.


I'm noticing the same thing here, it looks like clamav is loading and running, but it's not detecting viruses. I have sent several known viruses to myself from a separate server and they get right through. When I look at the message header, I see this:

Received: from administrator@*****.biz by server1 by uid 201 with qmail-scanner-1.16
(clamscan: 0.60. Clear:.
Processed in 0.123831 secs); 02 Jan 2004 19:55:25 -0000

Looks like clamav is actually running and processing the messages, it's just not detecting viruses.
_________________
I know you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant...
--Richard Nixon
Back to top
View user's profile Send private message
Gatak
Tux's lil' helper
Tux's lil' helper


Joined: 04 Jan 2004
Posts: 126

PostPosted: Mon Jan 05, 2004 6:33 pm    Post subject: Thanks for a great guide... Reply with quote

EDIT: I found the problem with qmail-pop3d. I am now using courier-pop3d and courier-imapd and both work fine. There is still the question from below:


How do I enable "SMTP AUTH" so mobile users can still send mail out from the server and unknown users (everyone on internet) can still mail into the server?

When I try to do "SMTP AUTH" I get a error in /var/log/messages:
Code:
vpopmail[4628]: vchkpw: password fail testuser (at) moment22.mine.nu:192.168.0.1
This only seem to happen when I use anything but plain-text authentication. The Bat! that I test with tries first with CRAM-MD5 and that seem to fail.

Thanks again for a great guide.
Back to top
View user's profile Send private message
sabrex
n00b
n00b


Joined: 28 Nov 2003
Posts: 45

PostPosted: Mon Jan 05, 2004 11:52 pm    Post subject: Re: Thanks for a great guide... Reply with quote

Gatak wrote:
How do I enable "SMTP AUTH" so mobile users can still send mail out from the server and unknown users (everyone on internet) can still mail into the server?

When I try to do "SMTP AUTH" I get a error in /var/log/messages:
Code:
vpopmail[4628]: vchkpw: password fail testuser (at) moment22.mine.nu:192.168.0.1
This only seem to happen when I use anything but plain-text authentication. The Bat! that I test with tries first with CRAM-MD5 and that seem to fail.

Thanks again for a great guide.


Did you follow step 8? Activating smtp-auth is outlined in that step.
Back to top
View user's profile Send private message
Gatak
Tux's lil' helper
Tux's lil' helper


Joined: 04 Jan 2004
Posts: 126

PostPosted: Mon Jan 05, 2004 11:56 pm    Post subject: Reply with quote

Yes I followed that step too...

Maybe I misunderstood something because plain-text SMTP AUTH works but not CRAM-MD5.
Back to top
View user's profile Send private message
sabrex
n00b
n00b


Joined: 28 Nov 2003
Posts: 45

PostPosted: Tue Jan 06, 2004 4:38 am    Post subject: Reply with quote

Gatak wrote:
Yes I followed that step too...

Maybe I misunderstood something because plain-text SMTP AUTH works but not CRAM-MD5.


I don't think vpopmail uses CRAM-MD5 for authentication. It uses something similar, but I'm not sure what it is. The only thing that (I know of) that can encrypt to and read from the vpopmail database is the vchkpw program ... I don't know how to get vchkpw to accept cram-md5 encrypted passwords.
Back to top
View user's profile Send private message
Gatak
Tux's lil' helper
Tux's lil' helper


Joined: 04 Jan 2004
Posts: 126

PostPosted: Tue Jan 06, 2004 6:37 am    Post subject: Reply with quote

sabrex wrote:
I don't think vpopmail uses CRAM-MD5 for authentication. It uses something similar, but I'm not sure what it is. The only thing that (I know of) that can encrypt to and read from the vpopmail database is the vchkpw program ... I don't know how to get vchkpw to accept cram-md5 encrypted passwords.

At least the plain text authentication with the clients work. Perhaps it is up to us to ask the developers of vpopmail or vchkpw to implement it?

I read in the docks that there is a checkpassword (cmd5checkpw) included in qmail that does support. This is from the /var/qmail/control/conf-smtpd
Code:

# This next block is for SMTP-AUTH
# This provides the LOGIN, PLAIN and CRAM-MD5 types
# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5
# and reads it's data from /etc/poppasswd
# see the manpage for cmd5checkpw for details on the passwords
# uncomment the next four lines to enable SMTP-AUTH
#QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
#[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"
#QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

Problem here is that it is not using vpopmail but /etc/poppasswd instead. Maybe it is possible to create some work around?
Back to top
View user's profile Send private message
zend
Tux's lil' helper
Tux's lil' helper


Joined: 10 Apr 2002
Posts: 112
Location: Shanghai,China

PostPosted: Tue Jan 06, 2004 7:17 am    Post subject: Reply with quote

i can't see any code
Back to top
View user's profile Send private message
sabrex
n00b
n00b


Joined: 28 Nov 2003
Posts: 45

PostPosted: Tue Jan 06, 2004 5:55 pm    Post subject: Reply with quote

Gatak wrote:
At least the plain text authentication with the clients work. Perhaps it is up to us to ask the developers of vpopmail or vchkpw to implement it?

I read in the docks that there is a checkpassword (cmd5checkpw) included in qmail that does support. This is from the /var/qmail/control/conf-smtpd
Code:

# This next block is for SMTP-AUTH
# This provides the LOGIN, PLAIN and CRAM-MD5 types
# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5
# and reads it's data from /etc/poppasswd
# see the manpage for cmd5checkpw for details on the passwords
# uncomment the next four lines to enable SMTP-AUTH
#QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
#[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"
#QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

Problem here is that it is not using vpopmail but /etc/poppasswd instead. Maybe it is possible to create some work around?


Qmail itself supports cram-md5, as well as many other encryption methods ... you're right though, it is vpopmail that needs to handle the passwords, as the passwords are stored in the vpopmail mysql tables. However, those passwords are encrypted somehow. It looks like they are encrypted with CRAM-MD5, but they are not. I'm sure a workaround probably exists, but haven't really had the need (yet) to find one. Perhaps you will, and if you do, please post your results.
Back to top
View user's profile Send private message
dylanr
n00b
n00b


Joined: 19 Nov 2003
Posts: 7

PostPosted: Wed Jan 07, 2004 8:52 pm    Post subject: Reply with quote

I'm also having the problem mentioned upthread with SA and Clam running but producing no results. All messages have this header:

Code:
X-Spam-Status:  No, hits=0.0 required=4.0


Zero hits regardless of what's scanned, even blatant spam. The 4.0 score requirement is what I've set in /etc/mail/spamassassin/local.cf. That suggests to me that SA is running *and* reading the correct config file... it's just not scoring any spam. SA's local.cf file is set up exactly as the howto suggests and everything else is working just fine.

I'm not using vpopmail as I do smtp auth differently. If I understand correctly, this means that /etc/conf.d/spamd should be set up thus:

Code:
SPAMD_OPTS="-a -c -d -u qmailq -C /etc/mail/spamassassin/local.cf"


BTW, I get the same score if I redirect a spam message to spamc:

Code:
# spamc -c < spammy_message
0.0/4.0


Am I missing something obvious?

Thanks for a great howto and TIA for any other help offered
Back to top
View user's profile Send private message
dylanr
n00b
n00b


Joined: 19 Nov 2003
Posts: 7

PostPosted: Wed Jan 07, 2004 9:54 pm    Post subject: Reply with quote

dylanr wrote:
I'm also having the problem mentioned upthread with SA and Clam running but producing no results. All messages have this header:

Code:
X-Spam-Status:  No, hits=0.0 required=4.0


I figured this out. For anyone else having this problem, the issue is that SA's rules are installed into /usr/share/spamassassin. Copy/move them to /etc/mail/spamassassin and all is well.

HTH
Back to top
View user's profile Send private message
ian!
Bodhisattva
Bodhisattva


Joined: 25 Feb 2003
Posts: 3829
Location: Essen, Germany

PostPosted: Wed Jan 07, 2004 11:59 pm    Post subject: Reply with quote

Moved to 'Documentation, Tips & Tricks'.
_________________
"To have a successful open source project, you need to be at least somewhat successful at getting along with people." -- Daniel Robbins
Back to top
View user's profile Send private message
sabrex
n00b
n00b


Joined: 28 Nov 2003
Posts: 45

PostPosted: Fri Jan 09, 2004 2:36 am    Post subject: Re: clamav Reply with quote

guitard00d wrote:

Looks like clamav is actually running and processing the messages, it's just not detecting viruses.


It appears that you're both correct. clamav was not functioning, and after fiddling around with it, I could not get it to work. I instead switched to f-prot which worked immediately. Follow the updated steps 5 AND 6 again in that order (you must emerge qmail-scanner again for f-prot to work). You can also get rid of clamav for now until somebody figures out how to get it to work.

For reference, here are the old clamav instructions (step 5) ... REMEMBER, THESE INSTRUCTIONS DO NOT WORK, FOLLOW THE MAIN INSTRUCTIONS ON TOP OF THE THREAD:

5) install clamav and Mail-SpamAssassin. they must be running before installing qmail-scanner.

Code:
> emerge clamav Mail-SpamAssassin
> nano -w /etc/conf.d/spamd.conf
  SPAMD_OPTS="-d -u vpopmail -v -x -C /etc/mail/spamassassin/local.cf"
> nano -w /etc/conf.d/clamd
  START_CLAMD=yes
> nano -w /etc/clamav.conf
  #Example (comment this line)
  ScanMail (uncomment this line)
> rc-update add spamd default
> rc-update add clamd default
> /etc/init.d/spamd start
> /etc/init.d/clamd start

You'll want to set up a cron.daily job to update the clamav definitions automatically:

> nano -w /etc/cron.daily/virus-update.cron
#!/bin/bash
/usr/bin/freshclam --quiet
> chmod 755 /etc/cron.daily/virus-update.cron
> crontab -e
# min hour day month weekday command
0 1 * * * /etc/cron.daily/virus-update.cron

Now to set up spam processing rules:

> nano -w /etc/mail/spamassassin/local.cf
required_hits  5.0
rewrite_subject  1
subject_tag  *****SPAM*****
report_safe  1
report_header  1
use_bayes  1
auto_learn  1
skip_rbl_checks  0
use_razor2  1
use_dcc  0
use_pyzor  1
ok_languages  all
ok_locales  all
Back to top
View user's profile Send private message
wetkitty
n00b
n00b


Joined: 26 Sep 2003
Posts: 16
Location: Baker City, OR

PostPosted: Fri Jan 09, 2004 11:03 pm    Post subject: Great tutorial Reply with quote

Thanks sabrex, this works just fine. I would like to add just a bit of info that took me several days of forum searching and googling to come up with.

I've added a mailfilter setup borrowed and modified from here:

https://forums.gentoo.org/viewtopic.php?t=109599

/var/vpopmail/domains/domain.com/.mailfilter
Code:
import EXT
import HOST
import HOME

SPAMBOX=".Trash"
VERBOSE=1
logfile "/var/log/maildrop-filter-log"
SHELL="/bin/sh"
VHOME=`/var/vpopmail/bin/vuserinfo -d $EXT@$HOST`
VDOMHOME=`/var/vpopmail/bin/vdominfo -d $HOST`
VPOP=`cat $VDOMHOME/.qmail-default`
#VPOP="$VHOME/Maildir/"
if (/^X-Spam-Status: Yes, hits=*!.* !.*/)
{
        if ( $MATCH2 > 8 )
         {
         to /dev/null
         }
}
if ((/^X-Spam-Status:.*YES/))
{
   `test -d $VHOME/Maildir/.Trash`
   if( $RETURNCODE == 1 )
   {
   `/usr/bin/maildirmake $VHOME/Maildir/.Trash;chown -R vpopmail.vpopmail $VHOME/Maildir/.Trash`
   `echo "INBOX.Trash" >> $VHOME/Maildir/courierimapsubscribed`
   }
   to "$VHOME/Maildir/.Trash/"
}

to "$VHOME/Maildir/"


and
/var/vpopmail/domains/domain.com/user/.qmail
Code:
| /var/qmail/bin/preline /usr/bin/maildrop /var/vpopmail/domains/domain.com/.mailfilter


So, fetchmail pulls from their ISP provided POP3 accounts and runs it through my little server. Anything scoring above 3 gets moved to the Trash folder, anything scoring above 8 goes away . All clients run Thunderbird which tags any missed spam and moves it to the Junk folder ( I'm planning to set up a cron job to run sa learn against the Junk folders). The Trash folder is set to clear 3day and older email away thus keeping it from becoming a runaway and providing a place to check for false positives.

The particular reason I'm sharing this setup is this, Yes this is a very aggressive setup - most of the results I found while searching for this solution said the same thing "Don't delete anything" for the good reason of false positives. But, my customers want an aggressive setup, they don't know how the internet or messenging works and they don't care, they just want the spam to go away with as little effort as possible. Their ISP's are unable to (and rightly so) provide that, so I do.

Hopefully this is helpful and I'll add anything I can think off, again hats off to sabrex for the great how to.

ps. Clamav has been working fine and I followed your original instructions
_________________
2x Sony VAIO FX-215's w/Stage1 installs
Back to top
View user's profile Send private message
sabrex
n00b
n00b


Joined: 28 Nov 2003
Posts: 45

PostPosted: Sat Jan 10, 2004 3:14 am    Post subject: Re: Great tutorial Reply with quote

Thank you very much, this mailfilter howto is very useful indeed. Have you figured out a way to automatically delete stuff from .Trash after it's been there for a while? A lot of my users are using regular pop3, and not imap, so they never even see the Trash folder. Would be nice if there was a way to automatically delete old stuff in that folder.

wetkitty wrote:
ps. Clamav has been working fine and I followed your original instructions


Are you absolutely sure it's working? I thought it was too, until I tried to send myself a test virus. Get it from http://www.eicar.org/anti_virus_test_file.htm and then send it to one of your mail accounts. qmail-scanner should prevent the message from going through, and should send a response to the sender informing them of the infection. That didn't work with clamav, but works perfectly with f-prot. Let me know if the test still works with clam, I'd be interested in finding out why it works for you but not for so many others (including me).[/url]
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Jan 10, 2004 5:56 am    Post subject: Reply with quote

well when i goto http://domain.com/cgi-bin/qmailadmin i get
Code:

file permission error /var/vpopmail/domains/domain.com/postmaster/Maildir/1073714040.qw


but when i goto that Maildir and ls i get just cur new and tmp ideas?

[edit]
on a side note i dont have any images on the login page either
Back to top
View user's profile Send private message
salk
n00b
n00b


Joined: 05 Aug 2003
Posts: 37
Location: Johannesburg, South Africa

PostPosted: Sat Jan 10, 2004 6:32 am    Post subject: Reply with quote

Hi there,

Quote:
well when i goto http://domain.com/cgi-bin/qmailadmin i get
Code:

file permission error /var/vpopmail/domains/domain.com/postmaster/Maildir/1073714040.qw



but when i goto that Maildir and ls i get just cur new and tmp ideas?


I had exactly the same error. All I did was delete the qmailadmin binary from my cgi-bin and re install qmail admin. <-- sorted me out

Quote:
[edit]
on a side note i dont have any images on the login page either


Did you make sure your paths to your htdocsdir are absolutly correct ? You did install qmailadmin as root ?
_________________
Steven Mac Intyre

http://steven.macintyre.name
Back to top
View user's profile Send private message
destr0yr
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2003
Posts: 80
Location: Kelowna, BC.

PostPosted: Sat Jan 10, 2004 7:11 am    Post subject: Reply with quote

salk wrote:
Hi there,
I had exactly the same error. All I did was delete the qmailadmin binary from my cgi-bin and re install qmail admin. <-- sorted me out

by reinstall do you mean from the inter7 tar or re-emerged?

i tried emerge -C qmailadmin, followed by emerge /usr/portage/net-mail-qmailadmin/qmailadmin-1.2.0_rc2.ebuild and get that error "file permission error /var/vpopmail/domains/destr0yr.com/postmaster/Maildir/1073718800.qw"

suggestions?

Quote:
[edit]
on a side note i dont have any images on the login page either


Did you make sure your paths to your htdocsdir are absolutly correct ? You did install qmailadmin as root ?[/quote]
He may have virtualhosts setup... in which he'll have to create an Alias in his commonapache2.conf... maybe like so:
Code:

Alias /qmailadmin /var/www/localhost/htdocs/qmailadmin
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Jan 10, 2004 7:18 am    Post subject: Reply with quote

i am using virtual hosts odly on an old instilation with a similar config it seemed to work out ok. ill alais the qmail dir and report back in a few

[edit]

btw i was not using emerge to install qmailadmin i did it exactly as in the stepbystep

i added an alias line but same results here is my vhost container

<VirtualHost *:80>
ServerName mailadmin.nanderson.com
DocumentRoot /var/www/nanderson.com
<Directory "/var/www/nanderson.com/">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AddHandler cgi-script .cgi
DirectoryIndex index.html index.htm index.cgi index.php index.pl
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/nanderson.com/cgi-bin/
Alias /qmailadmin /var/www/nanderson.com/htdocs/qmailadmin
</VirtualHost>
Back to top
View user's profile Send private message
destr0yr
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2003
Posts: 80
Location: Kelowna, BC.

PostPosted: Sat Jan 10, 2004 11:27 am    Post subject: Reply with quote

anybody got this working with relay-ctrl?
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Jan 10, 2004 4:41 pm    Post subject: Reply with quote

this morning it hit me that i had installed the unstable vpopmail so i unmerged it and merged 5.2.1-r9
replaced /etc/vpopmail.conf and edited it accordingly

now i no longer get the error i was getting ut after adding a domain when i tryt o use qmailadming to loginto it it says invalid login. and i still dont have graphics so i dunno whats goin on now

[edit]

just noticed that vchkpw isnt in my path .... most of the vpopmail bins arnt they are in /var/vpopmail was that supposed to be added to my path and it was just overlooked??
Back to top
View user's profile Send private message
Diggs
Apprentice
Apprentice


Joined: 07 Oct 2003
Posts: 239
Location: LoSt In NeT SpAcE

PostPosted: Sun Jan 11, 2004 2:59 am    Post subject: Reply with quote

I have problems on login with all and i dont'know why (I followed completely the tutorial).

These are my confs:
/etc/hosts
Code:

127.0.0.1         localhost.daemon       localhost
192.168.1.1     gateway.daemon        gateway
192.168.1.2     pc-01.daemon            pc-01
192.168.1.3     pc-02.daemon            pc-02

N.B: 192.168.1.1 is eth1 on internal lan, 192.168.1.2 and 192.168.1.3 are are others pc on internal lan

I have dynamic ip and vhost "gentoo.servebeer.com" from www.no-ip.com to the same ip.

I set the value localhost on /var/qmail/control/conf-smtpd = QMAIL_SMTP_POST="localhost /var/vpopmail/bin/vchkpw /bin/true".

I set always value "localhost" for squirrelmail's config.

I added "gentoo.servebeer.com" as virtual domain on vpopmail.

Result: I can't login, any connection is reject both imapd and qmailadmin.
Can someone tell me where i wrong?

Your sincerely,
Leonardo
_________________
IRCNET NICK: diggs on IRCNET
http://leonardo.netsons.org/
Gioca a Tremulous! Player [!!!] Diggs [ITA]
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Mon Jan 12, 2004 4:18 am    Post subject: Reply with quote

well irestarted from scratch only to get back to where i was before ... no graphics and says invalid login

ive got no clue what is wrong anyone have any ideas?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, ... 15, 16, 17  Next
Page 2 of 17

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum