Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: qmail vpopmail courier-imap qmail-scanner etc (NEW)
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3 ... 11, 12, 13 ... 23, 24, 25  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
slim
n00b
n00b


Joined: 25 Dec 2002
Posts: 5
Location: Texas

PostPosted: Sun Sep 12, 2004 9:39 pm    Post subject: New perl and qmail-scanner ebuilds Reply with quote

Anyone have feedback on qmail-scanner-1.23-r3 with perl-5.8.4-r1?

I foolishly emerged perl-5.8.4-r1 without reading the change log close enough, and I can confirm that's a really bad idea. It broke qmail-scanner since /usr/bin/suidperl has been removed. Now that I've downgraded back to 5.8.4, I'm sitting here reflecting on the error of my ways. I don't think I'll have a chance to test on that server for 2 weeks, so maybe someone could test the new combo and post the results.
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Mon Sep 13, 2004 12:23 am    Post subject: Reply with quote

same situation and same problem here.

i am now downgrading perl and libperl too, since i cannot afford to test it further with my mail server practically down.

if anyone has a chance to solve it in a reasonable manner please post your conclusions and you fix here.
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Mon Sep 13, 2004 1:17 am    Post subject: Reply with quote

also, i now see that

Code:

emerge /usr/portage/dev-perl/Mail-SpamAssassin/Mail-SpamAssassin-2.63.ebuild


from the original post by sabrex can no longer work since Mail-SpamAssassin was completely removed from portage and replaced by spamassassin which is configured a little bit different

also, even after downgrading perl, my installation is now really messed up (though it is working, but only after disabling clamd), so maybe someone who can test it thoroughly can repost the tutorial in an updated form.
Back to top
View user's profile Send private message
catalinux
n00b
n00b


Joined: 30 Aug 2004
Posts: 10

PostPosted: Mon Sep 13, 2004 6:12 am    Post subject: Re: another good patch javascript:emoticon(':D')validrcptto Reply with quote

petterg wrote:
catalinux wrote:
[take a look at http://www3.sympatico.ca/humungusfungus/code/validrcptto.html
patched r15 qmail ebuild with:


And your point is?
There's quite a few nice patches in the r15, but none of them does the job of chkusr patch, which will save the server quite a bit of load in case of spammails to [random chars]@domain.net. To bad it makes a conflict with the smtp-auth over tsl!
The magic-smtpd seems to be even better on stopping spam before arrival, but I haven't figured out the correct way to install it.


thid patch is a kind of generic chkusr patch ( i need that 'cause i do not use vpopmail , i use vmailmgr)
ideea is -populate /control/validrcptto with user mail adresses on your server and qmail-smtpd wiill check against this file rcptto from header-BEFORE DATA being sent in SMTP session
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Mon Sep 13, 2004 11:07 am    Post subject: Re: another good patch javascript:emoticon(':D')validrcptto Reply with quote

catalinux wrote:
ideea is -populate /control/validrcptto with user mail adresses on your server and qmail-smtpd wiill check against this file rcptto from header-BEFORE DATA being sent in SMTP session


Would be good if vpopmail would add/remove users in that file when users are added/remomed using the the vadduser vdeluser. Allthough it could be done by a script... how would we get around to make qmailadmin work with this?
Guess vmailmgr already does this?
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Mon Sep 13, 2004 11:13 am    Post subject: Re: New perl and qmail-scanner ebuilds Reply with quote

A question for those of you who are using qmail-scanner 1.23:
How is it working?
I tried it, with the result that incomming mail carying a header "X-Spam-Status:No..." passed unchecked through the scanner. This also happened if it carryed virus!
Also, random mails came through unchecked!
Are you experiencing any of these problemes?

How did you set it up?
If you're running with clamav, are you running clamd as the clamav, qscand or vpopmail user?
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Tue Sep 14, 2004 6:25 pm    Post subject: Reply with quote

well I made it to work, but I think it is bug as a cow...

I use:
perl-5.8.4-r1
qmail-1.03-r13
qmail-scanner-1.23-r3
spamassassin-2.64


so after doing emerge -u world and restarting the daemons I noticed that the mailserver stopped to send the emails with some "qq problem"

after half a day tracing the log files, I figured how to run out from that and here are my issues:

a) UID+GID qscand, under which is supposed qmail-scanner to run, is absolutely useless and misleading. qmailscanner runs still under qmaild, so you have to set back again the dir and file permissions recursively, typically by:

Code:

chown qmaild:nofiles -R /var/spool/qmailscan


b) in qmail-scanner 1.23 is implementation of checking the Razor, Pyzor, F-Prot. Clavam, etc, solved somehow different, so without update won´t it to run. so you have to reinitialise the database by:

Code:

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -g
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z


EDIT ON MY PREVIOUS POST, READ THE CHANGES BELLOW!

c) qmail-scanner is reinitialising it´s database within the cron job. however this cronjob from qmail-scanner 1.16 sets UID+GID to root of file /var/spool/qmail-scanner-queue-version.txt with 0700 mask, which causes qmail-scanner of 1.23 version from ability to read the file and again rejects to send the mails.

you have to find /etc/cron.daily/qmail-scanner, edit and change the content:

from:
Code:

/var/qmail/bin/qmail-scanner-queue -z

to:
Code:

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z


now everything is doing just fine....
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)


Last edited by stripe on Wed Sep 22, 2004 4:29 pm; edited 6 times in total
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Tue Sep 14, 2004 7:59 pm    Post subject: thanks stripe Reply with quote

thank you stripe.
tonight i will try the procedures you described on both my servers and check back here to confirm.
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Tue Sep 14, 2004 8:20 pm    Post subject: Reply with quote

ok, try it.... If you´ll be successful, I´m gonna to write a bug report about qmail-scanner-1.23-r3.ebuild thus I really don´t have an idea why would be qmail-scanner run as qsand, when in fact is called by qmaild and therefore must be accessible for qmaild
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)


Last edited by stripe on Wed Sep 15, 2004 12:41 am; edited 1 time in total
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Tue Sep 14, 2004 11:31 pm    Post subject: Reply with quote

regarding the permissions problem you might want to see neonsamurai answer here : https://forums.gentoo.org/viewtopic.php?t=221865&highlight=qmailscannerqueue

and if you have problems with spamassassin not working anymore you might want to consider this: https://forums.gentoo.org/viewtopic.php?t=217463&highlight=qmailscannerqueue

maybe sabrex could take these new changes into consideration and edit the howto to reflect the current situation.
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Tue Sep 14, 2004 11:47 pm    Post subject: Reply with quote

Code:

Get rid of
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
from /etc/tcp.smtp, Watch the add! It's not ".pl" anymore


I had this already in my config, but the problems with ebuild of qmail-scanner 1.23-r3 I had to solve:

a) chowns whole directory /var/spool/qmailscan to qscand without noticing you about that.
b1) setting wrapper in /var/qmail/conf/common-conf is not issue, if qmail scanner cannot work with it´s directory, when called under qmaild
b2) the same situation fixing tcp.smtp and eding the .PL issue
c) you have to chown whole directory back again
d) if it works finaly, in the night (on my box aprox. at 3AM) will qmail-scanner reinitialise database, but with bad UID+GID and mask 0700, so you are back again where you´ve been. so you have to finaly edit /etc/cron.daily/qmail-scanner

.....simply utopia.....

and one day of SMTP malfunction

I THINK IT IS SOLVED NOW, just do the things in my little howto above and you can go to sleep peacefuly without waking up by nervous users, like me..... 8)
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
tecknojunky
Veteran
Veteran


Joined: 19 Oct 2002
Posts: 1937
Location: Montréal

PostPosted: Wed Sep 15, 2004 5:17 am    Post subject: Reply with quote

I have a server to rebuild. I think I'm finally going to give Debian a try.

This is the second time I do an update that creates major problems for the whole network (in this case, no email server).

You got to admit, Gentoo as a long way to go to make it into enterprises. I don't know which of the Perl or qmail-scanner maintainers is to blame, but someone did not do his job properly for allowing them to reach stable status together.

I had enough and I'm now seriously thinking to use a REAL distro, not one made by script kiddies.

PS. I may sound crude and harsh? You think I should apologize? In your dreams. I don't appreciate the pressures I get because I relied on the works made by amateurs and incompetents, so let me get some steam out.
_________________
(7 of 9) Installing star-trek/species-8.4.7.2::talax.
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Wed Sep 15, 2004 8:52 am    Post subject: Reply with quote

techknojunky, i am a little embarassed by your message. you should be too as you came out of nowhere on this thread to criticize a distribution you are not able to understand even after more than 900 posts on these forums.

you should proceed to work for your new debian server and stop poluting forum threads with off-topic messages.
the reason i am using (and i will keep use) gentoo is exactly the fact that this forum helps me solve things EVERY SINGLE TIME i have a minor problem like this one. and i wish you good luck in getting the same prompt response with you next distribution.

and remember: we are very fortunate to be able to choose among this many excelent distributions, so you should be happy every time you are able to make such a choice.

best regards.
radu
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Wed Sep 15, 2004 9:42 am    Post subject: Reply with quote

offtopic: agreed, I used Slackware 8.1 in the past and it used to work well from installation without much changes. any other software compilaton which was not included on CD was breaknecking and without much possibility to upgrade the package. anyway package upgrade was much rather hell, then a peaceful operation. plus the init scripts, resp. rc. scripts are the piece of disgust..... if I striked to a problem, I was completely helpless. I don´ know what is Slack 10 about now, but you can visit it´s homesite to confirm it´s "support".

so that´she reason I moved from Slackware and I´m happy with Gentoo since that time. OK sometime it´s released a breaknecking ebuild, but therefore you have this forums you can turn around. That´s the point.

PS: thanks this forums and structure of Gentoo I think I have understood linux to the level I can friendly go with and therefore I can do proudly my job, eg. I´m able to satisfy what really the company I work wishes ....
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
tecknojunky
Veteran
Veteran


Joined: 19 Oct 2002
Posts: 1937
Location: Montréal

PostPosted: Wed Sep 15, 2004 10:29 am    Post subject: Reply with quote

radulucian wrote:
techknojunky, i am a little embarassed by your message. you should be too as you came out of nowhere on this thread to criticize a distribution you are not able to understand even after more than 900 posts on these forums.
When you get there, maybe you too you'll want to let some steam out when a "minor mistake" affect everybody (like Perl and qmail-scanners that don't play well with each others).

radulucian wrote:
you should proceed to work for your new debian server and stop poluting forum threads with off-topic messages.
Well, I'm not that off topic. I've found this because qmail-scanner now has permissions problems for which you provided two links. I will admit that I did fall in like a hair in a soup. I apologize for that.

My post polution? And threads like this one with 24 zillions of posts is not polution? You never noticed that when you search something, the first few results are always the ones that have gazillions of posts in it. Some get so big that they must be close to enclose every words of the dictionnary. No wonder it ends up in your search result.

radulucian wrote:
the reason i am using (and i will keep use) gentoo is exactly the fact that this forum helps me solve things EVERY SINGLE TIME i have a minor problem like this one. and i wish you good luck in getting the same prompt response with you next distribution.
Thank god, you can also rant on the forums. I heard Debian also has a good support base. I personally think that the forum, however useful it might be, is no excuse to bad implemented or insuffisiently tested releases of ebuilds. Sure, you can sometime forget things, but it should happen in the unstable stage, not during stable, and surely not produce massive demand for support.

radulucian wrote:
and remember: we are very fortunate to be able to choose among this many excelent distributions, so you should be happy every time you are able to make such a choice.
and that's why when someone among the Gentoo maintainers does a poor job, I get hangry because I expect a minimal decent QA. stable/unstable is not there to qualify the soldity of the desk the computer is on. My point is, I love Gentoo but I question the release process to ensure things work properly.

If you look at qmail-scanner's ebuild, notice that 1.23-r3 is marked stable while 1.23-r2 is marked unstable. It's the first I notice that and it would not surprise me if someone made the mistake of marking the r3 stable while it should have been unstable. That would be a dumb mistake that can have huge repercussions for some users.

Thanks for this.
_________________
(7 of 9) Installing star-trek/species-8.4.7.2::talax.
Back to top
View user's profile Send private message
defined
n00b
n00b


Joined: 24 Apr 2004
Posts: 2
Location: Belgium

PostPosted: Thu Sep 16, 2004 3:01 am    Post subject: Reply with quote

tecknojunky wrote:
...


i can only agree, after spending 4hours figuring out how to get my mailserver back up(had been down for almost a day before i found out :()

debian never let me down during upgrades in the stable branch AND it was much smarter dealing with config files..
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Fri Sep 17, 2004 11:17 am    Post subject: Reply with quote

tecknojunky wrote:
....

defined wrote:
....debian never let me down during upgrades in the stable branch...


As the topic for this thread has been Qmail-Scanner 1.23 I assume your bitching is somewhat related to upgrading to this package.
Iæll just remind you that this package is masked by the ~keyword. That means it's not yet stable! It's not fear to the guys who make the ebuilds to bitch their newest unstable releases and compare to stable releases from other distros!
If you want to be bitchy at least you could start you own thread and stick to the stable releases!
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Fri Sep 17, 2004 11:15 pm    Post subject: Reply with quote

If i had a large group of users relying on a mail server I was maintaining I would have an identical one that is used for uprage testing. regardless of what OS its running things sometimes break. So it sounds more like your mistake than the maintainers. Yeah i get frustrated when i make the same mistake ( i have before and im sure i will again) seriously go install xp sp2 something breaks you cus microsoft things break its inevitable the only thing you can do is to be a smart admin and run identical boxen when there are critical services envolved.


that said. im on a fresh install i hope all the answers are here :)
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Sep 18, 2004 8:33 pm    Post subject: Reply with quote

I had to echo "hostname.domain.tld" > /var/qmail/control/me to be able to send mail
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Sep 18, 2004 8:38 pm    Post subject: Reply with quote

I ran /usr/portage/distfiles/qmail-scanner-1.16/contrib/test_instal -doit after adding RECIP="me@mydomain.com" on line 94 and I got 3 of the 4 test messages
someone want to help me tune this up? and figure out whats up?
l
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Sep 18, 2004 10:02 pm    Post subject: Reply with quote

stripe wrote:


b) in qmail-scanner 1.23 is implementation of checking the Razor, Pyzor, F-Prot. Clavam, etc, solved somehow different, so without update won´t it to run. so you have to reinitialise the database by:

Code:

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -g
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -z


EDIT ON MY PREVIOUS POST, READ THE CHANGES BELLOW!

c) qmail-scanner is reinitialising it´s database within the cron job. however this cronjob from qmail-scanner 1.16 sets UID+GID to root of file /var/spool/qmail-scanner-queue-version.txt with 0700 mask, which causes qmail-scanner of 1.23 version from ability to read the file and again rejects to send the mails.

you have to find /etc/cron.daily/qmail-scanner, edit and change the content:

from:
Code:

/var/qmail/bin/qmail-scanner-queue-pl -z

to:
Code:

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -z


now everything is doing just fine....

when i do setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -g i get
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -z
setuidgid: fatal: unable to run /var/qmail/bin/qmail-scanner-queue-pl: file does not exist

also in your tcp.smtp do you have qmail-scanner.pl or qmail-scanner? i see both files exist and hear the at qmail-scanner is supposed to eb a wrapper for qmail-scanner.pl
Back to top
View user's profile Send private message
radulucian
Apprentice
Apprentice


Joined: 05 Jan 2004
Posts: 151
Location: Bucharest Romania

PostPosted: Sat Sep 18, 2004 11:19 pm    Post subject: Reply with quote

there is a typo there. if you use the setuidgid solution then you should change the qmail-scanner-queue-pl to qmail-scanner-queue.pl. the difference is the .pl instead of -pl at the end.
however, i am using the qmail-scanner-queue wrapper (in both tcp.smtp and the conf file) and it works ok.
Back to top
View user's profile Send private message
sucarino
n00b
n00b


Joined: 20 Aug 2004
Posts: 32
Location: San Jose, Costa Rica

PostPosted: Sat Sep 18, 2004 11:22 pm    Post subject: everything working fine, except minor smtp-auth problem Reply with quote

people!

after several headaches and a few tricks you correctly explain here I finally have a well robusted mail server :)

i'm just now a little afraid of next updates, i read your former posts.... :roll:

but i still need your help... i have a minor problem here. Everytime a tried to smtp-auth from an external network, the mail client delay exactly 5 seconds to auth and then the message is accepted and sended. This is what i have in my mail.log files everytime i tried:


Sep 18 18:11:24 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171
Sep 18 18:11:29 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171
Sep 18 18:11:48 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171
Sep 18 18:11:53 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171

other thing, smtp-auth accept my e-mails using TLS or not. so is letting me authenticate even when the session is not encrypted.

Is that correct? Any ideas?

thanx

Frodo
Back to top
View user's profile Send private message
nianderson
Guru
Guru


Joined: 06 May 2003
Posts: 369
Location: Lawrence, KS

PostPosted: Sat Sep 18, 2004 11:57 pm    Post subject: Reply with quote

radulucian wrote:
there is a typo there. if you use the setuidgid solution then you should change the qmail-scanner-queue-pl to qmail-scanner-queue.pl. the difference is the .pl instead of -pl at the end.
however, i am using the qmail-scanner-queue wrapper (in both tcp.smtp and the conf file) and it works ok.

which conf file?

and to clarify for anyone else if you use the wrapper script qmail-scanner-queue then you need to do the following

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z

and in the cron file add
setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z


and does anyone know if
Code:

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r sbl-xbl.spamhaus.org"

turns on checking from spamhaus? or how would i be able to tell?

if im wrong someone please correct me.

what happens when you run the test_install.sh script?
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Sun Sep 19, 2004 10:16 am    Post subject: Reply with quote

My apologies, there is type mistake, of course it is qmail-scanner-queue.pl.

The wrapper works too, but anyway setgiduid within cron job (at least for me) must be used, anyway the file qmail-scanner-queue-version.txt is made with mask 0600 and root:root permissions which causes qmail from the work.
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3 ... 11, 12, 13 ... 23, 24, 25  Next
Page 12 of 25

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum