Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: qmail vpopmail courier-imap qmail-scanner (09/2005)
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
YsndHalf
n00b
n00b


Joined: 14 May 2003
Posts: 53
Location: Barcelona

PostPosted: Mon May 08, 2006 1:11 pm    Post subject: My system works fine! Reply with quote

Hi petterg,

many thanks for this guide, I've now reviewed all of the steps and my system is running OK and smoothly. A couple of times some frame of Squirrelmail has "dissappeared" (i.e. seeing just a blank frame), but after reloading the page that's OK.

Now I'm able to log in through squirrelmail (http/https), use IMAPS (yes, IMAPS not IMAP! :) ), and manage "virtual" accounts with cgi-bin/qmailadmin. Sending+receiving is OK. Now I'll test the spam filtering.
I had many problems when receiving mail, but finally after deleting + creating again the domain (with vadddomain) everything is fine!

Thanks!
Jordi 8)
_________________
Did you know that we typically make use of only 5% of the power of our personal computers?
Check http://setiathome.berkeley.edu or http://www.seti.cat to use 100%!
Back to top
View user's profile Send private message
^and1
n00b
n00b


Joined: 13 Apr 2005
Posts: 9

PostPosted: Thu May 11, 2006 10:32 am    Post subject: Reply with quote

My installation is working fine. but there are some strange things with the smtp-auth and logging.
When i connect to the server with enabled tls, i saw 2 login tries, before i changed "--enable-logging=y" to "--enable-logging=p"

May 11 12:21:38 www vpopmail[12034]: vchkpw-smtp: password fail (pass: '2ceb63a29675b5b1bcd33b20a1db63ff') andi@xxx.yy:xx.xx.xx.xx
and the second one with AUTH PLAIN

I don't know from where fail comes, but the "AUTH PLAIN" login seems to work and i can send messages... can this mean, that tls isn't working, because the auth with the "not cleartext" password doesn't work?

Logging Problem:
Before I changed the logging configure, i had all successfull logins with plaintext password in de vlog table. Is this correct?
Back to top
View user's profile Send private message
YsndHalf
n00b
n00b


Joined: 14 May 2003
Posts: 53
Location: Barcelona

PostPosted: Thu May 11, 2006 1:42 pm    Post subject: Hint on problems receiving mail with qmail+vpopmail Reply with quote

Hi all,

after installing my mail system (qmail+vpopmail+squirrelmail, as described in the howto) I got my system broken, so that I couldn't receive any mail. I had bounces with "Sorry, no such mailbox".
Fortunately I found the following topic, please check it for info. Summarising, /var/qmail/control/locals must be EMPTY (but it must exist).
Also take a look at this in the Gentoo Wiki, it's really interesting.
Regards, Jordi 8)
_________________
Did you know that we typically make use of only 5% of the power of our personal computers?
Check http://setiathome.berkeley.edu or http://www.seti.cat to use 100%!
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Thu May 25, 2006 8:07 am    Post subject: Reply with quote

^and1 wrote:
My installation is working fine. but there are some strange things with the smtp-auth and logging.
When i connect to the server with enabled tls, i saw 2 login tries, before i changed "--enable-logging=y" to "--enable-logging=p"

May 11 12:21:38 www vpopmail[12034]: vchkpw-smtp: password fail (pass: '2ceb63a29675b5b1bcd33b20a1db63ff') andi@xxx.yy:xx.xx.xx.xx
and the second one with AUTH PLAIN

I don't know from where fail comes, but the "AUTH PLAIN" login seems to work and i can send messages... can this mean, that tls isn't working, because the auth with the "not cleartext" password doesn't work?

Logging Problem:
Before I changed the logging configure, i had all successfull logins with plaintext password in de vlog table. Is this correct?


My guess is that your mail client treis a unsupported kind of loggin first, then it has a failover to use AUTH PLAIN.
Back to top
View user's profile Send private message
mleck
n00b
n00b


Joined: 11 Jan 2005
Posts: 35
Location: UT

PostPosted: Tue Jun 20, 2006 11:59 pm    Post subject: Reply with quote

This guide has worked awesome! I have followed it, and it SEEMS to be working... however, I was wondering if there is any real way to test it. Can I see what spam exactly is being blocked. Can I see what viruses are being detected by CLAMAV? Is there a way for it to push that email to a specific SPAM folder under the inbox? How do I make further adjustments to make it more or less strict?

Thanks.
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Thu Jun 22, 2006 4:26 am    Post subject: Reply with quote

mleck wrote:
Can I see what spam exactly is being blocked. Can I see what viruses are being detected by CLAMAV?

Code:
less /var/spool/qmailscan/quarantine.log

mleck wrote:
Is there a way for it to push that email to a specific SPAM folder under the inbox?

Everything that qmail-scanner quarantines is moved to /var/spool/qmailscan/quarantine/new/. If you want virii and spam to be put into different directories, you can edit /var/qmail/bin/qmail-scanner-queue.pl. If the spam is pervasive enough it will just delete it outright, but it errs on the side of caution.
mleck wrote:
How do I make further adjustments to make it more or less strict?

Edit /etc/mail/spamassassin/local.cf, lower the required_score to make it more strict, and raise it to be less. 5.0 (which is the default) is a very good place to start though.
Back to top
View user's profile Send private message
biatch0
n00b
n00b


Joined: 25 May 2004
Posts: 40

PostPosted: Sun Jun 25, 2006 4:22 pm    Post subject: Reply with quote

Has anyone else run into smtp-auth problems while following the guide? I'm still stuck sending mail via webmail only since I am unable to auth with anything other than localhost.
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Sun Jun 25, 2006 7:35 pm    Post subject: Reply with quote

biatch0 wrote:
Has anyone else run into smtp-auth problems while following the guide? I'm still stuck sending mail via webmail only since I am unable to auth with anything other than localhost.


There are so many things that makes smtp-auth not work. Without any more details it's imposible to help.
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Sun Jun 25, 2006 8:55 pm    Post subject: Reply with quote

biatch0 wrote:
Has anyone else run into smtp-auth problems while following the guide? I'm still stuck sending mail via webmail only since I am unable to auth with anything other than localhost.


if you want to help, post your log describing a problem... anyone here does not have crystal ball
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
biatch0
n00b
n00b


Joined: 25 May 2004
Posts: 40

PostPosted: Mon Jun 26, 2006 2:55 pm    Post subject: Reply with quote

Code:
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)


I get this message no matter where I mail from (with the exception of webmail/localhost) :?

No idea where to look, tried checking the gentoo-wiki; which ended up with me deleting my rcpthosts for awhile... made it look like it was working, but also made me an open relay. So now I'm back to only sending mail via webmail :cry:
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Mon Jun 26, 2006 10:35 pm    Post subject: Reply with quote

biatch0 wrote:
Code:
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)


I get this message no matter where I mail from (with the exception of webmail/localhost) :?

No idea where to look, tried checking the gentoo-wiki; which ended up with me deleting my rcpthosts for awhile... made it look like it was working, but also made me an open relay. So now I'm back to only sending mail via webmail :cry:

Could you tell us what version of qmail you have installed (r15 or r16) and give the output of
Code:
> grep -v "#" /etc/tcprules.d/tcp.qmail-smtp
> grep -v "#" /var/qmail/control/conf-smtpd

Check to make sure that your rcpthosts file is a list of all the domains you are hosting.
Back to top
View user's profile Send private message
biatch0
n00b
n00b


Joined: 25 May 2004
Posts: 40

PostPosted: Tue Jun 27, 2006 12:12 pm    Post subject: Reply with quote

I'm using r16...

tcp.qmail-smtp (modified for privacy):
Code:
EXT.IP.ADD.RESS:allow,RELAYCLIENT="",RBLSMTPD=""
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
:allow


conf-smtpd:
Code:
TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"
QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"


My rcpthosts currently has 2 domains in it (I'm only receiving on mydomain.net), mx.mydomain.net and mydomain.net.
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Wed Jun 28, 2006 1:14 am    Post subject: Reply with quote

biatch0 wrote:
conf-smtpd:
Code:
TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"
QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

I don't use relay-ctrl, thus I have those lines commented, but you should change the last lines of conf-smtpd to what r16 originally had. Right before that I also have the checkpassword variable which is your second to last line. Keep the TCPSERVER_OPTS line. You may also check to see if running qmail without relay-ctrl works for you (just comment those lines).
Code:
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

[[ -n "${QMAIL_SMTP_CHECKPASSWORD}" ]] && {
        [[ -z "${QMAIL_SMTP_POST}" ]] && QMAIL_SMTP_POST=/bin/true
        QMAIL_SMTP_POST="${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"
}


biatch0 wrote:
tcp.qmail-smtp (modified for privacy):
Code:
EXT.IP.ADD.RESS:allow,RELAYCLIENT="",RBLSMTPD=""
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
:allow

According to this you don't have qmail-scanner set up to work with these tcp.qmail-* files. But then again, since you are using relay-ctrl, I don't know if you need to (as long as relay-ctrl calls qmail-scanner). I haven't bothered setting that up because my setup works just fine without it even though the install says that tcp.qmail-* are being deprecated in favor of relay-ctrl.
Code:
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

You shouldn't need the external ip address listed at all. With my setup, you don't need to use authentication if you send from localhost but all other relaying requires it.

Let me know how it goes.
Back to top
View user's profile Send private message
TvL
n00b
n00b


Joined: 30 Mar 2005
Posts: 15

PostPosted: Wed Jun 28, 2006 7:24 am    Post subject: Smarthost Reply with quote

Hi,

I'm looking for some way to send my email through my ISP's smarthost. I have the problem that the email that I sent doesn't always reach it's destination. For example, when I sent to a @hotmail.com email adress, it will never arrive, but is sent succesfully... 8O

I used to have sendmail with which it's very easy to implement a smarthost, but for qmail......
I've read things about patching the source and recompiling, but I cannot believe it should be that much of a hassle....

Does anybody here know how to do it correctly under gentoo?
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Wed Jun 28, 2006 7:01 pm    Post subject: Re: Smarthost Reply with quote

TvL wrote:
I'm looking for some way to send my email through my ISP's smarthost. I have the problem that the email that I sent doesn't always reach it's destination. For example, when I sent to a @hotmail.com email adress, it will never arrive, but is sent succesfully... 8O

I used to have sendmail with which it's very easy to implement a smarthost, but for qmail......
I've read things about patching the source and recompiling, but I cannot believe it should be that much of a hassle....

Does anybody here know how to do it correctly under gentoo?

From what I just read it seems that all you have to do is:
http://tomclegg.net/qmail/ wrote:
To relay outgoing mail for "example.com" to an SMTP server at 10.9.8.7 port 2500 with username "foo" and password "bar":
Code:
echo example.com:10.9.8.7:2500 foo bar >> /var/qmail/control/smtproutes

To relay all outgoing mail to an SMTP server at 10.9.8.7 port 25 with username "foo" and password "bar":
Code:
echo :10.9.8.7 foo bar >> /var/qmail/control/smtproutes

I just tested ":10.9.8.7 foo bar" with my server at home at it worked just fine. In my case my university just implamented a filter to stop all outgoing smtp traffic from the university except by specific mail servers (which I can't get my personal machine on that list) and I was able to relay the main from my mail server to the main smtp campus server using my username and password to send the mail.

Let me know how it goes.
Back to top
View user's profile Send private message
TvL
n00b
n00b


Joined: 30 Mar 2005
Posts: 15

PostPosted: Thu Jun 29, 2006 8:54 am    Post subject: Reply with quote

Hi,

Thank you very much for your reply! It worked!

The smtp server that I use as relay doesn't require authentication, so I did the following:
Code:
echo :mailrelay.isp.whatever:25 > /var/qmail/control/smtproutes
/etc/init.d/svscan restart (don't know if necessary)

And it worked. When I check the headers of the received email I see it went through my isp's mailserver and I can sent to hotmail again.

Thanks again :)
Back to top
View user's profile Send private message
biatch0
n00b
n00b


Joined: 25 May 2004
Posts: 40

PostPosted: Thu Jun 29, 2006 11:12 am    Post subject: Reply with quote

Didn't work unfortunately :cry:

I'll likely just unmerge everything and start from scratch using the exact versions I used on my last machine, which is r13 or something like that.
Back to top
View user's profile Send private message
TvL
n00b
n00b


Joined: 30 Mar 2005
Posts: 15

PostPosted: Thu Jun 29, 2006 11:19 am    Post subject: Reply with quote

biatch0 wrote:
Didn't work unfortunately :cry:

I'll likely just unmerge everything and start from scratch using the exact versions I used on my last machine, which is r13 or something like that.


Hey biatch0,
I installed my qmail a few days ago using this gentoo-howto: http://www.gentoo.org/doc/en/qmail-howto.xml#doc_chap1
I had no trouble whatsoever, except for the smarthost posted above. Maybe it's something for you?
I used the pyzor, dcc, razor extensions from this thread.

Good luck!

EDIT: Read my post below... something did go wrong obviously


Last edited by TvL on Thu Jun 29, 2006 11:27 am; edited 1 time in total
Back to top
View user's profile Send private message
TvL
n00b
n00b


Joined: 30 Mar 2005
Posts: 15

PostPosted: Thu Jun 29, 2006 11:26 am    Post subject: Reply with quote

Hi guys,
I'm still not convinced that my mailserver setup is functioning correctly.

On my previous sendmail/spamassassin/clamav setup all my received email would have the following in their headers:
Quote:
X-Virus-Scanned: ClamAV 0.88.2/1534/Mon Jun 12 14:30:53 2006 on mail.mydomain.example
X-Virus-Status: Clean
X-Spam-Checker-Version: SpamAssassin 3.0.5 (2005-11-28) on mail.mydomain.example
X-Spam-Level:
X-Spam-Status: No, score=0.8 required=5.0 tests=AWL,FORGED_RCVD_HELO,
HTML_50_60,HTML_MESSAGE autolearn=no version=3.0.5


Emails I receive through my new setup do not have those tags.
Also I have tested to send the eicar test message to my mailserver and it comes through without a warning...
So, I suppose my anti-virus and spam do not work....
Maybe something to do with qmail-scanner....

EDIT: I did remerge qmail-scanner with USE="spamassassin"
Also I made sure clamd and spamd where running when I merged qmail-scanner
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Thu Jun 29, 2006 2:56 pm    Post subject: Reply with quote

TvL wrote:
On my previous sendmail/spamassassin/clamav setup all my received email would have the following in their headers...

Is the only difference between your old setup and your new setup the addition of the smtproutes file?

TvL wrote:
Also I have tested to send the eicar test message to my mailserver and it comes through without a warning...

How are you trying to run the eicar test?

Could you also please post the output of
Code:
> grep -v "#" /etc/tcprules.d/tcp.qmail-smtp

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

This is the output of mine btw.
Back to top
View user's profile Send private message
TvL
n00b
n00b


Joined: 30 Mar 2005
Posts: 15

PostPosted: Thu Jun 29, 2006 5:54 pm    Post subject: Reply with quote

mobiusproject wrote:
TvL wrote:
On my previous sendmail/spamassassin/clamav setup all my received email would have the following in their headers...

Is the only difference between your old setup and your new setup the addition of the smtproutes file?

No no... sorry for not being clear about this. I've built a new OS for the mailserver. Before I was running Fedora Core 4 with sendmail/spamassassin and clamav.

mobiusproject wrote:
TvL wrote:
Also I have tested to send the eicar test message to my mailserver and it comes through without a warning...

How are you trying to run the eicar test?

I'm trying it out by sending an email from another machine outside of my network. I'm sending a message to my email account with the Eicar test string as mail body.

mobiusproject wrote:
Could you also please post the output of
Code:
> grep -v "#" /etc/tcprules.d/tcp.qmail-smtp

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

This is the output of mine btw.

Sure:
Code:
mail ~ # grep -v "#" /etc/tcprules.d/tcp.qmail-smtp
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""
:allow

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
10.10.0.33:allow,RELAYCLIENT="",RBLSMTPD=""


Oooooooohhh..... That
Code:
:allow
line should have been commented.... 8O
So obviously the script never reached the qmail-scanner since it was satisfied at :allow
Sorry for the stupid/obvious mistake
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Sat Jul 01, 2006 2:46 pm    Post subject: Reply with quote

biatch0 wrote:
Didn't work unfortunately :cry:

I'll likely just unmerge everything and start from scratch using the exact versions I used on my last machine, which is r13 or something like that.


How is your mail clients setup for smtp-auth? Which program? Did you enable TSL? Auth-methode? correct password? Any virus scanner scanning blocking encrypted smtp on you client? (At least Avast and norten block smtp-tsl by default)
Back to top
View user's profile Send private message
biatch0
n00b
n00b


Joined: 25 May 2004
Posts: 40

PostPosted: Mon Jul 03, 2006 7:55 pm    Post subject: Reply with quote

I've tried Outlook Express, ThunderBird, and another IMAP client for my symbian phone. All return the same error. IINM, I left TLS as disabled (but I've tried enabling TLS in OE/TB with the same results). I have Norton on my PC, results are the same whether enabled or disabled (it does return a warning when I use TLS).

Will try re-emerging with directions from the post by TvL later on.
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Tue Jul 04, 2006 6:48 am    Post subject: Reply with quote

Norton is very good AV program but for the mailing clients it is a pain. You have to disable scanning in/out emails to be able to use TLS. Anyway AV scanning does a clamav and very successfuly...
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
m3_del
n00b
n00b


Joined: 14 Jul 2005
Posts: 37

PostPosted: Tue Aug 01, 2006 4:05 am    Post subject: Reply with quote

This guide worked perfect. However, now I have a question about integrating procmail into this setup. I do not want it to get in the way of vpopmail or anything. The way I understand it to work is once the mail hits qmail it goes through the rules. Will this break qmails relationship with vpopmail?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next
Page 6 of 7

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum