Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: qmail vpopmail courier-imap qmail-scanner (09/2005)
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Sat Nov 19, 2005 4:29 am    Post subject: Re: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/200 Reply with quote

petterg wrote:
7) install ClamAV and SpamAssassin
Code:
> emerge spamassassin clamav

...

Configure Clamav

...

Code:
> nano -w /etc/clamd.conf
Make sure the User clamd IS commented.

...

Known bugs:

clamav is running as root. This is the default setting, but I don't like it. If anyone figure a way to fix this, please let me know.


Umm, you seem to be causing this bug. First of all, the line in the default clamd.conf is
Code:
# Run as a selected user (clamd must be started by root).
# Default: disabled
User clamav

and this works beautifully for me. With this line commented, of course clamav is going to be owned by root (its started by root). I just left this line uncommented (the way it was when I emerged it) and haven't had any problems.
Back to top
View user's profile Send private message
rbshen
n00b
n00b


Joined: 22 Nov 2005
Posts: 3

PostPosted: Tue Nov 22, 2005 1:13 pm    Post subject: Reply with quote

I got a strange message on the qmail-send log when I use it to send mail:
User_and_password_not_set, continuing_without_authentication.
I have smtp-auth enabled and my qmail version is r16
Does anyone know what the problem is?
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Tue Nov 22, 2005 3:05 pm    Post subject: Re: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/200 Reply with quote

mobiusproject wrote:

Umm, you seem to be causing this bug. First of all, the line in the default clamd.conf is
Code:
# Run as a selected user (clamd must be started by root).
# Default: disabled
User clamav

and this works beautifully for me. With this line commented, of course clamav is going to be owned by root (its started by root). I just left this line uncommented (the way it was when I emerged it) and haven't had any problems.


When I do that there are one of two things happening (depending on other configurations).
1: Mail with attachments is blocked, and never recieved. Qmail-scanner outputs an error in the logfiles.
2: Mail passes through the scanner without being checked for viruses.

If your server identifies virus, and let normal mails with noneinfected attachments pass through I would really like to know what you've done different from the howto!
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Tue Nov 22, 2005 3:06 pm    Post subject: Reply with quote

rbshen wrote:
I got a strange message on the qmail-send log when I use it to send mail:
User_and_password_not_set, continuing_without_authentication.
I have smtp-auth enabled and my qmail version is r16
Does anyone know what the problem is?


That sounds like a logentry at debug level.
Does your server relay mail from world network?
Back to top
View user's profile Send private message
rbshen
n00b
n00b


Joined: 22 Nov 2005
Posts: 3

PostPosted: Tue Nov 22, 2005 10:53 pm    Post subject: Reply with quote

yes even I saw those messages, the mail was correctly relayed to outside.
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Wed Nov 23, 2005 12:40 am    Post subject: Re: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/200 Reply with quote

Alright, I will admit that you were right, clam antivirus _cannot_ be run as user clamav, but I now have gotten it to work as user qscand (which is what clam antivirus' faq question 40 suggests). Here are my steps (including testing afterwords). Just a note: I always just comment out the original line and add the new line so I have debug information (what I changed from mainly if I need to go back to an old option).

First we need to get clamav to play nicely with qmail-scanner (let it run as qscand, not as priviliged as root):
Code:
$ nano /etc/clamd.conf

  #User clamav
  User qscand

$ nano /etc/freshclam.conf

  #DatabaseOwner clamav
  DatabaseOwner qscand

$ chown -R qscand:qscand /var/lib/clamav/ /var/log/clamav/ /var/run/clamav/
$ /etc/init.d/clamd restart

Supposedly you can just change clamd.conf, leave freshclam.conf alone and then also leave /var/lib/clamav/ alone, but this didn't work for me, and I am happy running both as qscand (qmail-scanner being the only reason I am running clamav anyways).

Testing:
Code:
$ cd /usr/share/doc/qmail-scanner-1.25-r1/contrib/
$ gunzip -c test_installation.sh.gz >> test_installation.sh
$ chmod +x test_installation.sh

$ ./test_installation.sh -doit

QMAILQUEUE was not set, defaulting to /var/qmail/bin/qmail-scanner-queue.pl for this test...

Sending standard test message - no viruses...
done!

Sending eicar test virus - should be caught by perlscanner module...
X-Qmail-Scanner-1.25st:[hostname113270474271913704] clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2
qmail-inject: fatal: qq temporary problem (#4.3.0)
Bad error. qmail-inject died


This is actually the right output for now (though it caused a lot of frustration and cursing). This is because this script calls qmail-scanner-queue.pl directly and we are also running this as root. Because of these two things, /var/spool/qmailscan/tmp/hostname113270474271913704/ (which is where qmail-scanner actually scans the e-mails) is owned by root:root with the 700 permissions. clamdscan running as user qscand (or originally clamav) can't read this now and fails. Since we are using gentoo, we have a qmail-scanner-queue wrapper that actually calls qmail-scanner-queue.pl (for security purposes forcing qmail-scanner-queue.pl to run as user qscand) which this script (test_installation.sh) doesn't take advantage of. So, to compensate for this script running as root and not calling our wrapper but the perl script directly, we have to make a little change as to how we run test_installation.sh...

Code:
$ sudo -u qscand ./test_installation.sh -doit

QMAILQUEUE was not set, defaulting to /var/qmail/bin/qmail-scanner-queue.pl for this test...
QMAILQUEUE was not set, defaulting to /var/qmail/bin/qmail-scanner-queue.pl for this test...

Sending standard test message - no viruses...
done!

Sending eicar test virus - should be caught by perlscanner module...
done!

Sending eicar test virus with altered filename - should only be caught by commercial anti-virus modules (if you have any)...

Sending bad spam message for anti-spam testing - In case you are using SpamAssassin...
Done!

Finished test. Now go and check Email for postmaster@hostname.com


Checking my e-mail I now have two new e-mails, both the first and the second e-mail got through (not sure why the second e-mail got through yet, still looking into that one, seems to be something to do with perlscanner, but not concerned because it isn't an actual virus, it just has an attachment with the name of a virus). Here is the output of the qmail-queue.log for these four e-mails:
Code:
Tue, 22 Nov 2005 18:20:40 CST:13750: +++ starting debugging for process 13750 (ppid=13749) by uid=210
Tue, 22 Nov 2005 18:20:40 CST:13750: w_c: elapsed time from start 0.001324 secs
Tue, 22 Nov 2005 18:20:40 CST:13750: return-path='', recips='postmaster@hostname.com'
Tue, 22 Nov 2005 18:20:40 CST:13750: from='Qmail-Scanner Test <user@hostname.com>', subj='Qmail-Scanner test (1/4): inoffensive message', via local process 13750
Tue, 22 Nov 2005 18:20:40 CST:13750: This is a PLAIN text message, skip virus scanners - but not SA
Tue, 22 Nov 2005 18:20:41 CST:13750: SA: finished scan in 1.290007 secs - hits=0.1/5.0
Tue, 22 Nov 2005 18:20:41 CST:13750: p_s: finished scan in 0.010565 secs
Tue, 22 Nov 2005 18:20:41 CST:13750: ini_sc: finished scan of "/var/spool/qmailscan/tmp/hostname113270524071913750"...
Tue, 22 Nov 2005 18:20:41 CST:13750: ------ Process 13750 finished. Total of 1.32254 secs
Tue, 22 Nov 2005 18:20:41 CST:13763: +++ starting debugging for process 13763 (ppid=13762) by uid=210
Tue, 22 Nov 2005 18:20:41 CST:13763: w_c: elapsed time from start 0.002089 secs
Tue, 22 Nov 2005 18:20:41 CST:13763: return-path='', recips='postmaster@hostname.com'
Tue, 22 Nov 2005 18:20:41 CST:13763: from='Qmail-Scanner Test <user@hostname.com>', subj='Qmail-Scanner viral test (2/4): checking perlscanner...', via local process 13763
Tue, 22 Nov 2005 18:20:41 CST:13763: clamdscan: finished scan in 0.003139 secs
Tue, 22 Nov 2005 18:20:47 CST:13763: SA: finished scan in 5.801969 secs - hits=0.8/5.0
Tue, 22 Nov 2005 18:20:47 CST:13763: p_s: finished scan in 0.011087 secs
Tue, 22 Nov 2005 18:20:47 CST:13763: ini_sc: finished scan of "/var/spool/qmailscan/tmp/hostname113270524171913763"...
Tue, 22 Nov 2005 18:20:47 CST:13763: ------ Process 13763 finished. Total of 5.843493 secs
Tue, 22 Nov 2005 18:20:47 CST:13779: +++ starting debugging for process 13779 (ppid=13778) by uid=210
Tue, 22 Nov 2005 18:20:47 CST:13779: w_c: elapsed time from start 0.002117 secs
Tue, 22 Nov 2005 18:20:47 CST:13779: return-path='', recips='postmaster@hostname.com'
Tue, 22 Nov 2005 18:20:47 CST:13779: from='Qmail-Scanner Test <user@hostname.com>', subj='Qmail-Scanner viral test (3/4): checking non-perlscanner AV...', via local process 13779
Tue, 22 Nov 2005 18:20:47 CST:13779: clamdscan: there be a virus! (Eicar-Test-Signature)
Tue, 22 Nov 2005 18:20:47 CST:13779: clamdscan: finished scan in 0.003606 secs
Tue, 22 Nov 2005 18:20:47 CST:13779: ini_sc: finished scan of "/var/spool/qmailscan/tmp/hostname113270524771913779"...
Tue, 22 Nov 2005 18:20:47 CST:13779: ------ Process 13779 finished. Total of 0.01357 secs
Tue, 22 Nov 2005 18:20:48 CST:13786: +++ starting debugging for process 13786 (ppid=13785) by uid=210
Tue, 22 Nov 2005 18:20:48 CST:13786: w_c: elapsed time from start 0.00183 secs
Tue, 22 Nov 2005 18:20:48 CST:13786: return-path='', recips='postmaster@hostname.com'
Tue, 22 Nov 2005 18:20:48 CST:13786: from='sb55sb55@yahoo.com', subj='Qmail-Scanner anti-spam test (4/4): checking SpamAssassin [if present] (There yours for FREE!)', via local process 13786
Tue, 22 Nov 2005 18:20:48 CST:13786: This is a PLAIN text message, skip virus scanners - but not SA
Tue, 22 Nov 2005 18:20:50 CST:13786: SA: yup, this smells like SPAM - hits=15.7/5.0/9.2 - deleting message...
Tue, 22 Nov 2005 18:20:50 CST:13786: SA: finished scan in 2.490457 secs - hits=15.7/5.0
Tue, 22 Nov 2005 18:20:50 CST:13786: ini_sc: finished scan of "/var/spool/qmailscan/tmp/hostname113270524871913786"...
Tue, 22 Nov 2005 18:20:50 CST:13786: ------ Process 13786 finished. Total of 2.49898 secs

The third e-mail is quarantined and the fourth e-mail is just deleted because the spam level is high enough.

This is also just a testing server (building a nice little image to use for my currently working though very outdated qmail server) so I haven't tested this it "the real world", but everything looks like it is suppose to.

EDIT: Things that couldn't hurt to make sure that permissions are correct (mine were screwed up after only running test_installation.sh as root):
Code:
$ cd /var/spool/qmailscan/
$ chown -R qscand:qscand *

or at least:

$ chown qscand:qscand mailstats.csv qmail-queue.log quarantine.log

If you want to actually create quarantine-attachments.db as the underpriviliged user qscand:

$ rm quarantine-attachments.db
$ sudo -u qscand /var/qmail/bin/qmail-scanner-queue.pl -g
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Wed Nov 23, 2005 11:32 pm    Post subject: Re: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/200 Reply with quote

Thanks for that howto. I'll test it out once I get my testsystem back.


mobiusproject wrote:
[...]Checking my e-mail I now have two new e-mails, both the first and the second e-mail got through (not sure why the second e-mail got through yet, still looking into that one, seems to be something to do with perlscanner, but not concerned because it isn't an actual virus,[...]


I'm told that it is the way clamav works - it's looking for dagerous code. As the testvirus is not doing any damage it's not detected.
(But then, way does it detect the same infected testfile if it's in a zip file?)
Back to top
View user's profile Send private message
Rammoth
n00b
n00b


Joined: 05 Jan 2005
Posts: 36

PostPosted: Wed Nov 30, 2005 1:55 pm    Post subject: Reply with quote

Can anyone confirm deny the reported random failure when checking mail?

I'm eager to setup this system, however, as it will be for 500~ users, I don't want it 'randomly' failing.

Thanks. :D
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Mon Dec 05, 2005 9:13 am    Post subject: Reply with quote

Rammoth wrote:
Can anyone confirm deny the reported random failure when checking mail?

I'm eager to setup this system, however, as it will be for 500~ users, I don't want it 'randomly' failing.

Thanks. :D


I have no failure on my system, using the versions mentioned in the guide. The failures reported seems to be related to qmail-1.03-r16, not the r15 as the guide uses.
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Mon Dec 05, 2005 3:29 pm    Post subject: Reply with quote

I have no problems with r16 either. The main change between r15 and r16 that I can see is in /var/qmail/control/conf-smtpd:
Code:
> nano -w /var/qmail/control/conf-smtpd
Uncomment the last 4 lines, and change the value of QMAIL_SMTP_CHECKPASSWORD:
QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

changes to:

> nano -w /var/qmail/control/conf-smtpd
Add a value of QMAIL_SMTP_CHECKPASSWORD before the last four lines (which are already uncommented)
# SMTP-AUTH using vchkpw from vpopmail
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Fri Dec 09, 2005 3:46 pm    Post subject: Re: HOWTO: qmail vpopmail courier-imap qmail-scanner (09/200 Reply with quote

I would like to post just few comments from my testing the mailserver. It is my review of this install documentation with expierence what is mailserver supposed to do and what really does. Anyway the manual is very good done:

software used:
qmail 1.03-r16
spamassassin 3.1.0

7) install ClamAV and SpamAssassin
Configure SpamAssassin

Code:

> nano -w /etc/spamassassin/local.cf

# How many hits before a message is considered spam. Lower to 3.0 after 1000 spams, adjust as needed
required_hits           5.0

# Text to prepend to subject if rewrite_subject is used
rewrite_header  subject   ***SPAM***

# Encapsulate spam in an attachment
report_safe             1

# Enable the Bayes system
use_bayes               1

# Enable Bayes auto-learning - disable after 20000 spammails (reduce server load)
bayes_auto_learn              1
bayes_auto_learn_threshold_spam 10.0

# Enable or disable network checks
skip_rbl_checks         0
use_razor2              1
use_dcc                 1
use_pyzor               1

# Languages
ok_languages    all
ok_locales      all

save/exit

Code:
use_razor2              1
use_dcc                 1
use_pyzor               1
ok_languages    all
ok_locales      all

these are now distributed as spamassasin modules, in local.cf will be ignored (!), configure these in /etc/spamassassin/v310.pre. See /usr/bin/spamassassin --lint -D for "failed" strings, if you have correctly configured local.cf. There are some changes across 2.x and 3.x versions of spamassassin.

Code:

> nano -w /etc/conf.d/spamd
Modify:
SPAMD_OPTS="-m 5 -H -v -x -C /etc/spamassassin/local.cf"

save/exit

Reconfigure SpamAssassin
Code:

> nano -w /etc/conf.d/spamd

Modify:
SPAMD_OPTS="-m 5 -H -u qscand -v -x"
(It would make sence to keep the option "-C /etc/spamassassin/local.cf", but for some weird reason the current version of spamd ignores the config file if it's specified!

PIDFILE="/var/run/spamd/spamd.pid"

save/exit

Code:

> mkdir /var/run/spamd
> chown qscand:qscand /var/run/spamd

Well here I was a bit confused, why are you configuring spamd twice(?) This two sets of options are not lucky with use of spamassassin 3.1 and qmail-scaner 1.25. Simply the installation of qmail-scanner does not detect the spamassassin at all.
Just outputs this warning:
Code:
   
Something like the SpamAssassin spamc is present, but not working
(didn`t include a "X-Spam-Status" line in output) - ignoring...

Which anyway means, that qmail-scanner will not use SA, and will not tag the mails, so it is not what we want.

The options for spamd I successfuly use are:
Code:

SPAMD_OPTS="-d -m 5 -H -u qscand -v -x -c --siteconfigpath=/etc/spamassassin/local.cf"

The -d and --siteconfig were crucial for qmail-scanner to find and use the spamassassin correctly. For more options, what the other tags do, I suggest read the spamd manual...
_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
mobiusproject
Tux's lil' helper
Tux's lil' helper


Joined: 15 Jun 2003
Posts: 110

PostPosted: Fri Dec 09, 2005 5:12 pm    Post subject: Reply with quote

Note: I wrote this a while ago but never posted it due to me being too busy. Some of these points are the same as yours, stripe, but I thought I would just post it in its entirity. Above is the fix that I found for the clamav.

After installing SpamAssassin and setting it up, I noticed that razor and dcc weren't running. So, after reading a bunch of man pages and perldocs, here is what I have concluded. I have also quoted your original to show my findings. Below once again are my suggestions as well as notes as to why. I find that too often I can't just give people an answer, I need to give people the why of the answer...

References:
perldoc spamd
perldoc Mail::SpamAssassin::Plugin::DCC
perldoc Mail::SpamAssassin::Plugin::Razor2
less /var/qmail/bin/qmail-scanner-queue.pl

petterg wrote:
7) install ClamAV and SpamAssassin
Code:
> emerge spamassassin clamav


Configure SpamAssassin
Code:
> nano -w /etc/conf.d/spamd
Modify:
SPAMD_OPTS="-m 5 -H -v -x -C /etc/spamassassin/local.cf"

## -m 5 is default
## -H should be changed to -H /etc/mail/spamassassin
##   This moves the plugin base directories (.razor, .pyzor) to /etc/mail/spamassassin instead of leaving them in /root/ which is where they end up with just -H
## -v is for vpopmail, which is good
##   This option, though, currently isn't supported without the -u option, thus you also need -u vpopmail
## -x turns off reading of per-user configuration files which is good for our configuration
## -C /etc/spamassassin/local.cf isn't needed, this is default (its also actually /etc/mail/spamassassin/local.cf, but there is a softlink for folders)


Code:
> nano -w /etc/spamassassin/local.cf

# How many hits before a message is considered spam. Lower to 3.0 after 1000 spams, adjust as needed
required_hits       5.0
## As of 3.1, this variable has changed to required_score and the default is 5 anyways

# Text to prepend to subject if rewrite_subject is used
rewrite_header subject  ***SPAM***
## I personally dislike renaming the subject line, I just set filter rules to look at the headers that spamassassin adds
## qmail-scanner-queue.pl already changes the subject (by default which I changed) to SPAM: [HIGH|MED|LOW] rest of subject.  If you want to remove this altogether find $sa_subject in qmail-scanner-queue.pl and change to "".

# Encapsulate spam in an attachment
report_safe         1
## Default is 1, no need to set

# Enable the Bayes system
use_bayes           1
## Default is 1, no need to set

# Enable Bayes auto-learning - disable after 20000 spammails (reduce server load)
bayes_auto_learn    1
## Default is 1, no need to set
bayes_auto_learn_threshold_spam 10.0
## Default is 12, which is what I keep, but its personal preference

# Enable or disable network checks
skip_rbl_checks     0
## Default is 0, no need to set
use_razor2          1
## Default is 1, no need to set, but need to enable plugin
use_dcc             1
## Default is 1, no need to set, but need to enable plugin
use_pyzor           1
## Default is 1, no need to set, plug already enabled

# Languages
ok_languages        all
## Not an actual variable anymore
ok_locales          all
## Default is all, no need to set


Start spamd
Code:
/etc/init.d/spamd start

...

Stop spamd
Code:
/etc/init.d/spamd stop


Reconfigure SpamAssassin
Code:
> nano -w /etc/conf.d/spamd

Modify:
SPAMD_OPTS="-m 5 -H -u qscand -v -x"
(It would make sence to keep the option "-C /etc/spamassassin/local.cf", but for some weird reason the current version of spamd ignores the config file if it's specified!
## The man page for spamd says that the user for the -u option should be the vpopmail user.  On my current (original) install of all of this from over a year ago, I also have vpopmail as the user and it works just fine for me.  If qscand works, then keep it.
## Also, why change the spamd conf again espcially with such different options?  It would be easier to just have the right options from the beginning.

PIDFILE="/var/run/spamd/spamd.pid"
## no reason to put the pid elsewhere...

save/exit


mobiusproject wrote:
7) install ClamAV and SpamAssassin
Code:
> emerge spamassassin clamav


Configure SpamAssassin
Code:
> nano /etc/conf.d/spamd

SPAMD_OPTS="-v -u vpopmail -x -H /etc/mail/spamassassin/"


The subject line of spam is already edited for you. If you don't want it to be rewritten:
Code:
> nano /var/qmail/bin/qmail-scanner-queue.pl

(This is down around line 310)
#my $sa_subject_site="SPAM:";  # st: if fast_spamassassin mode is selected
my $sa_subject_site="";  # st: if fast_spamassassin mode is selected


Uncomment the following (since we installed them, we could just as well use them):
Code:
> nano -w /etc/mail/spamassassin/v310.pre

loadplugin Mail::SpamAssassin::Plugin::DCC
loadplugin Mail::SpamAssassin::Plugin::Razor2
Back to top
View user's profile Send private message
Loibisch
Tux's lil' helper
Tux's lil' helper


Joined: 03 Jan 2006
Posts: 89

PostPosted: Tue Jan 03, 2006 5:12 pm    Post subject: Reply with quote

s4mmy wrote:
Please note that if you follow this setup and upgrade to qmail-1.03-r16, you HAVE to change the /var/control/qmail-smtpd line (etc-update will do it correctly for you, however if you are like me and distrustful of etc-update, here is what you do.)

this line:
Code:
# QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"


should read instead:
Code:
QMAIL_SMTP_POST="${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

Thanks, perfect solution to the problem I had :)
Back to top
View user's profile Send private message
YsndHalf
n00b
n00b


Joined: 14 May 2003
Posts: 53
Location: Barcelona

PostPosted: Sun Jan 22, 2006 9:33 pm    Post subject: IMAPS auth OK, Squirrelmail not! Reply with quote

Hi all, (and many thanks for this excellent guide!)

I've followed step by step this guide, and I've had some problems with the authentication...
In the beginning, I was absolutely unable to get authenticated neither in IMAPS (from a Thunderbird remote client) or via "webmail", with squirrelmail.
Now the system runs very fine with IMAPS (outside the linux box), but I'm still unable to log in with Squirrelmail!
Do you have any idea about what could be happening?
Many thanks in advance!
Jordi :-)
_________________
Did you know that we typically make use of only 5% of the power of our personal computers?
Check http://setiathome.berkeley.edu or http://www.seti.cat to use 100%!
Back to top
View user's profile Send private message
epsilon_da
n00b
n00b


Joined: 17 Jan 2006
Posts: 28

PostPosted: Mon Jan 23, 2006 4:04 pm    Post subject: Reply with quote

hi, people, i want to contribute a bit to complete the tutorial.

I was having problems at the first when i can not send mails to outside. This was becouse my provider closes the port to only get outside with his smtp which is authenticated. so the solution is:

the solution for PLAIN authentication is:
on /var/qmail/control/smtproutes which by default doesn't exists

edit and place a line like this

:smtp.ispdomain.com username password

of course, if you dont want to authenticate, use:

:smtp.ispdomain.com

only

and that fix the problem.
Back to top
View user's profile Send private message
Sarpy Sam
Tux's lil' helper
Tux's lil' helper


Joined: 19 May 2004
Posts: 86
Location: Montana USA

PostPosted: Mon Jan 23, 2006 5:44 pm    Post subject: Reply with quote

I have a working qmail vpopmail server installed not by this tutorial but one that was very similar and was using this one to try to get spamassassain and clamv working. I was getting a lot of errors in my log due to permission problems and finally sorted all them out but I am still getting one error that I can't figure out. When an e-mail comes in I get the following output in /var/log/mail.log.

Quote:
Jan 23 12:30:24 host spamd[23362]: spamd: connection from localhost [127.0.0.1] at port 2237
Jan 23 12:30:25 host spamd[23362]: spamd: checking message <43D512A4.3080103@direcway.com> for qscand:210
Jan 23 12:30:25 host spamd[23362]: internal error
Jan 23 12:30:26 host spamd[23362]: pyzor: check failed: internal error
Jan 23 12:30:32 host spamd[23362]: spamd: clean message (0.0/5.0) for qscand:210 in 7.6 seconds, 723 bytes.
Jan 23 12:30:32 host spamd[23362]: spamd: result: . 0 - scantime=7.6,size=723,user=qscand,uid=210,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=2237,mid=<43D512A4.3080103@direcway.com>,autolearn=ham
Jan 23 12:30:32 host spamd[23347]: prefork: child states: II


Can anybody tell me what the pyzor internal error is and how to clear it? Thanks for any help.
Back to top
View user's profile Send private message
epsilon_da
n00b
n00b


Joined: 17 Jan 2006
Posts: 28

PostPosted: Mon Jan 23, 2006 5:58 pm    Post subject: Reply with quote

spamassassin -D --lint

/usr/share/doc/qmail-scanner<TAB>/contrib/test_installation.sh -doit (unzip it first)

this will give us a clue, i think


at the first i was having problems with spamassassin and clamav to not check for viruses and spam, and it fix it looking at this errors and emerging 2 things

emerge mail-filter/maildrop
and updating perl and all the required modules (showed with the first command)

but i dont know exactly what of both fix my problem.
first try to check the errors on test_installation then with spamassassin -D --lint
Back to top
View user's profile Send private message
stripe
n00b
n00b


Joined: 04 Jan 2004
Posts: 72
Location: Prague

PostPosted: Mon Jan 23, 2006 6:38 pm    Post subject: Re: IMAPS auth OK, Squirrelmail not! Reply with quote

too less information for help....

YsndHalf wrote:
Hi all, (and many thanks for this excellent guide!)

I've followed step by step this guide, and I've had some problems with the authentication...
In the beginning, I was absolutely unable to get authenticated neither in IMAPS (from a Thunderbird remote client) or via "webmail", with squirrelmail.
Now the system runs very fine with IMAPS (outside the linux box), but I'm still unable to log in with Squirrelmail!
Do you have any idea about what could be happening?
Many thanks in advance!
Jordi :-)

_________________
Sick of computers? Well, Czech girls and beer solve it! Trust me :-)
Back to top
View user's profile Send private message
Sarpy Sam
Tux's lil' helper
Tux's lil' helper


Joined: 19 May 2004
Posts: 86
Location: Montana USA

PostPosted: Mon Jan 23, 2006 7:44 pm    Post subject: Reply with quote

I am not sure which part of the output of spamassassin -D --lint you want but here is the lines pertaining to pyzor.

Quote:
[24878] dbg: plugin: registering glue method for check_pyzor (Mail::SpamAssassin::Plugin::Pyzor=HASH(0x906a950))
[24878] dbg: util: current PATH is: /sbin:/bin:/usr/sbin:/usr/bin
[24878] dbg: util: executable for pyzor was found at /usr/bin/pyzor
[24878] dbg: pyzor: pyzor is available: /usr/bin/pyzor
[24878] dbg: info: entering helper-app run mode
[24878] dbg: pyzor: opening pipe: /usr/bin/pyzor check < /tmp/.spamassassin248785tzzzDtmp
[24879] dbg: util: setuid: ruid=0 euid=0
[24878] dbg: pyzor: [24879] finished: exit=0x0100
[24878] dbg: pyzor: got response: 66.250.40.33:24441_(200, 'OK')_0_0
[24878] dbg: info: leaving helper-app run mode


I trolled through my logs a little more and the pyzor internal error doesn't happen every time there is an e-mail come in. Just sometimes. I have not been able to figure out if there is a pattern to when it comes up or not but I will keep an eye on it and see if there is a pattern I can discern.
Back to top
View user's profile Send private message
epsilon_da
n00b
n00b


Joined: 17 Jan 2006
Posts: 28

PostPosted: Tue Jan 24, 2006 1:20 am    Post subject: Reply with quote

try

spamassassin -D --lint | grep warn
spamassassin -D --lint | grep error

warning or errors messages are what we need.

pyzor seams to be load correctly, maybe is a database misconfiguration, i didnt have any problem when emerging pyzor. try to remerge it.
Back to top
View user's profile Send private message
Sarpy Sam
Tux's lil' helper
Tux's lil' helper


Joined: 19 May 2004
Posts: 86
Location: Montana USA

PostPosted: Sun Jan 29, 2006 3:16 am    Post subject: Reply with quote

I still haven't seen a pattern to the pyzor problem but it works over 90% of the time, just occasionally I get the internal error. I seem to be having another problem and I don't think it's related to the pyzor problem. Twice now I get an entry in the log like this.

Quote:
Jan 27 14:00:15 host spamd[3732]: tcp timeout at /usr/lib/perl5/vendor_perl/5.8.7/Mail/SpamAssassin/SpamdForkScaling.pm line 195.
Jan 27 14:00:24 host spamd[3732]: tcp timeout at /usr/lib/perl5/vendor_perl/5.8.7/Mail/SpamAssassin/SpamdForkScaling.pm line 195.


Which then leads to entries like these after words.

Quote:
Jan 27 14:47:53 host spamc[6920]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#1 of 3): Connection refused
Jan 27 14:47:54 host spamc[6920]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#2 of 3): Connection refused
Jan 27 14:47:55 host spamc[6920]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#3 of 3): Connection refused
Jan 27 14:47:56 host spamc[6920]: connection attempt to spamd aborted after 3 retries
Jan 27 14:48:01 host spamc[6933]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#1 of 3): Connection refused
Jan 27 14:48:02 host spamc[6933]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#2 of 3): Connection refused
Jan 27 14:48:03 host spamc[6933]: connect(AF_INET) to spamd at 127.0.0.1 failed, retrying (#3 of 3): Connection refused
Jan 27 14:48:04 host spamc[6933]: connection attempt to spamd aborted after 3 retries


I am assuming spamassassin is not working after these log entries pop up. All I have to do to fix the problem is restart spamd. It is inconvenient to always be checking my logs and restarting spamd for this problem, is there any way to fix this issue?
Back to top
View user's profile Send private message
pht3k
n00b
n00b


Joined: 04 Apr 2005
Posts: 53
Location: Québec

PostPosted: Fri Feb 10, 2006 4:32 am    Post subject: Reply with quote

hi,

thanks a lot for this nice howto. it worked great, except for one thing : the notice about the diffencies of the r16 rlz should be added to the main post in my opinion.

now, some1 managed to get rid of those nasty messages about certificate when retreiving mail from outlook? i know i should use an other mail client ... that's what i do but some persons using my server are just continuing to stick with outlook ... argh

pht3k
Back to top
View user's profile Send private message
Jaspur
n00b
n00b


Joined: 19 Sep 2003
Posts: 4

PostPosted: Mon Feb 13, 2006 9:24 am    Post subject: DCC and Razor2 are now disabled by default in SA 3.1.0 Reply with quote

DCC and Razor2 are now disabled by default in Spamassassin 3.1.0. You will need to do the following to enable DCC and Razor2 if you are running Spamassassin 3.1.0 or later.

vi /etc/mail/spamassassin/v310.pre and remove the # from the 2 lines shown below:

Code:

# DCC - perform DCC message checks.
#
# DCC is disabled here because it is not open source.  See the DCC
# license for more details.
#
loadplugin Mail::SpamAssassin::Plugin::DCC

# Razor2 - perform Razor2 message checks.
#
# Razor2 is disabled here because it is not available for unlimited free
# use.  It is currently free for personal use, subject to capacity
# constraints.  See the Cloudmark SpamNet Service Policy for more details.
#
loadplugin Mail::SpamAssassin::Plugin::Razor2
Back to top
View user's profile Send private message
maiku
Guru
Guru


Joined: 24 Mar 2004
Posts: 573
Location: Long Island, NY

PostPosted: Wed Feb 15, 2006 3:56 am    Post subject: Reply with quote

SMTP is functioning incorrectly. When I try to log into SMTP to send mail using a username and a password (created by vadduser) it won't work. If I turn off using a user/password option the mail gets sent no problem. However, the mail goes nowhere...
Quote:
@4000000043f2a47a0dcdce4c info msg 646111: bytes 687 from <mike@divineaspirations.net> qp 26423 uid 201
@4000000043f2a47a2520b12c starting delivery 1: msg 646111 to remote infested@optonline.net
@4000000043f2a47a2520c89c status: local 0/10 remote 1/20
@4000000043f2a47a2520cc84 starting delivery 2: msg 646111 to remote mikealeonetti@gmail.com
@4000000043f2a47a2520d454 status: local 0/10 remote 2/20
@4000000043f2a47b2002e87c delivery 2: success: User_and_password_not_set,_continuing_without_authentication./<mikealeonetti@gmail.com>_64.233.185.27_accepted_message./Remote_host_said:_250_2.0.0_OK_1139975281_6si98299wrl/
@4000000043f2a47b200307bc status: local 0/10 remote 1/20
@4000000043f2a4f22a50f83c delivery 1: deferral:
Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
The mail gets delivered to the gmail account but not the optonline.net one.

/var/qmail/control/conf-smtpd
Quote:
# this turns off the IDENT grab attempt on connecting
TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"
/etc/tcprules.d/tcp.qmail-smtp
Quote:
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

69.123.141.251:allow,RELAYCLIENT="",RBLSMTPD=""
10.0.0.:allow,RELAYCLIENT="",RBLSMTPD=""
Has anybody else had a similar problem/solution thereof?
_________________
Michael A. Leonetti
As warm as green tea
Back to top
View user's profile Send private message
petterg
Guru
Guru


Joined: 25 Mar 2004
Posts: 500
Location: Oslo, Norway

PostPosted: Sun Feb 19, 2006 11:01 pm    Post subject: Reply with quote

maiku wrote:
The mail gets delivered to the gmail account but not the optonline.net one.


I'm back!
Have been living a life outside the mailserver for a while

I guess your problem is related til a problem with the MX record pointing to your server. Some smtp servers looks up the senders mx record and refuses connections if it isn't happy with the result. (This is to stop spam.)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7  Next
Page 4 of 7

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum