Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Email System For The Home Network - Version 2.1
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4, 5, 6 ... 25, 26, 27  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
puddpunk
l33t
l33t


Joined: 20 Jul 2002
Posts: 681
Location: New Zealand

PostPosted: Tue Jun 17, 2003 6:53 am    Post subject: Reply with quote

Okay beowulf, I will look at doing that. Of course you have my permission to add it to the front page, it would be an honour ;)

Basically, I'll have a maildir called Spam, with maildirs underneath it. i.e.
Code:
Spam
|---Unverified
|---Undetected
|---Misdetected
`---Verified


Or something. I'm working full time at the moment (with part time study :() so it might be a week or two before I get this figured out fully. I'll write it in python, because I know it, and it's nice and easy to hack around with.

When it's done, I'll PM it to you beowulf ;)

Cheers,
Chris.
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Tue Jun 17, 2003 3:20 pm    Post subject: Reply with quote

I have managed to get SpamAssassin 2.55 (emerged with ~x86 but seems stable to me) - this version has bayesian filtering, too.

I implemented it in a very simple way (basically combining the .procmailrc file from this guide and the example file that comes with SA, setting up a .spam maildir and setting up cronjobs to let SA learn the difference between spam and other emails):


1)
Emerge SA:

Quote:
ACCEPT_KEYWORD="~x86" emerge Mail-SpamAssassin


2)
Edit your .procmailrc file, add the following:

Quote:
#set up a Spam maildir where all the spam goes for teaching SA spam vs. non-spam
#and to be sure that no mail - even if detected as spam - gets lost (like when you pipe it to /dev/null)

SPAM_FOLDER= $MAILDIR/.spam/

#pipe mails through SA (this is basically from the example files
#but I use a higher limit, every mail up to 512 kB is filtered)
#spamc is the client programm for the daemonized
#version of SA (designed to keep load and overhead down)
#If you don't run SA as a daemon change "spamc" to "/usr/bin/spamassassin"
#If you do use spamc here you must add spamd to your runlevel
#like this:
Quote:
rc-update add spamd default


:0fw: spamassassin.lock
* < 524288
| spamc

#All mail tagged as spam (eg. with a score higher than the set threshold)
#is moved to ".spam".

:0:
* ^X-Spam-Status: Yes
$SPAM_FOLDER

#Work around procmail bug: any output on stderr will cause the "F" in
#"From" to be dropped. This will re-add it.
#(This is taken directly from the SA example file)

:0
* ^^rom[ ]
{
LOG="*** Dropped F off From_ header! Fixing up. "

:0 fhw
| sed -e '1s/^/F/'
}


Leave the rest of the file as it is described at the beginning of this guide.

3)
Setup Spam maildir

Code:
maildirmake -f spam ~/.maildir/


4)
Configure SA

This can be done automatically (almost) by using a script you can find here:
http://www.yrex.com/spam/spamconfig.php
Place the config file here: /etc/mail/spamassassin

If you setup SA with bayesian scanning enabled you must teach it to detect spam first.

This is done by putting all detected spam in the .spam maildir
(when some spam gets through, put it there manually, so SA can adapt)
and then letting SA learn from those mails and from those mails (considered good) in your .inbox.

You can do this by hand or - as I did - use a cronjob to do it.

SA will only start to use the bayesian scan after learning from at least 200 mails.

If you only use SA in standard mode or just merge the "stable" version (i.e. without using ACCEPT_KEYWORD="~x86") you do not need to do the next steps. The current stable version is 2.44 as of this writing and does not contain bayesian filtering at all...
(As it seems you can add bogofilter for this task instead, but I have no clue about that, yet.)


5)
Setup Cronjob for sa-learn (bayesian filter teaching program):

Quote:
#This scans for spam and for good mails every half hour.
#Set the interval (30 minutes) appropriatly for your convenience and the amount of mails you get.

*/30 * * * * sa-learn --dir --spam /root/.maildir/.spam > /dev/null 2>&1
*/30 * * * * sa-learn --dir --ham /root/.maildir/ > /dev/null 2>&1


So, I hope I haven't left out anything but I think this is all needed to enable spam-filtering with SpamAssassin.

You can check whether or not an email has been scanned by looking at the mail headers, there should be some looking similar to those when it has been scanned:

Quote:
X-Spam-Status: No, hits=2.1 required=5.0
tests=HTML_00_10,HTML_MESSAGE,NO_REAL_NAME
version=2.55
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)





###########################################
@all:
Maybe the system would even be safer if we combined bogofilter and SA?
Or is there a certain advantage to bogofilter?

_________________
Greetings,
Proteus


Last edited by Proteus on Wed Jun 18, 2003 12:51 pm; edited 7 times in total
Back to top
View user's profile Send private message
beowulf
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 225

PostPosted: Tue Jun 17, 2003 4:00 pm    Post subject: Reply with quote

taskara wrote:
ok

I've re-emerged openssl and re run
Code:
 ./CA.pl -newca


it asks me
Quote:
CA certificate filename (or enter to create)
I just press enter.

then it continues asking
Quote:
Making CA certificate ...
Using configuration from /etc/ssl/openssl.cnf
Generating a 1024 bit RSA private key
...........................++++++
.................++++++
writing new private key to './demoCA/private/cakey.pem'
Enter PEM pass phrase:


if I just press "enter" it says
Quote:
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
phrase is too short, needs to be at least 4 chars
Enter PEM pass phrase:


what do I put in for the PEM pass phrase ?

looks like I'm getting somewhere.. thanks!


Taskara:

When you re-merged openssl did you delete the /etc/ssl dir? Or more importantly /etc/ssl/misc/*

I would try getting rid of any old cert's (if they aren't being used elsewhere)... so that when you retry it is fresh... Other than that, I am at a loss for what is going wrong... I do not see what could be causing this error... Anybody else who's reading know? Sorry i can't help further... perhaps a general post in the "networking and security" forums would get a good response?

puddpunk:

Thanks for allowing me to post it... As for when you can have it done... well that is up to you completely as it is your time that will be needed to write it... hehe just throw me a pm when it's ready... thanks

Proteus:

Nice work on SA! With your permission i would like to basically cut & paste your work onto the main post (give you credit of course)... and add it under a heading "Spam Filter" and then perhaps at a later date add puddpunk's bogofilter...

Let me know if this is okay with you... either here or through a pm...
_________________
I have nothing witty to say here... ever :-(
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Tue Jun 17, 2003 5:56 pm    Post subject: Reply with quote

beowulf:

I feel honored that you consider adding my mini-how-to to your great guide.
Basically that's why I posted it - to help people with this setup to easily integrate a spam-filter.
This guide helped me massively and I thought I can at least try to give some help back - and maybe someone needs/wants this.

I am also looking forward to puddpunk's bogofilter "add-in" to the guide.
That will make the setup - hopefully - even more spam-free.

Currently I am looking for easy ways to integrate a mail scanner (maybe amavis) into this setup.
Maybe if I can figure it out soon enough for myself I can post that as well.
This might take a bit longer, though, as I have to begin from zero here...

I'll let you know when I succeed - and when I run into trouble as well :wink: !
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
taskara
Advocate
Advocate


Joined: 10 Apr 2002
Posts: 3763
Location: Australia

PostPosted: Tue Jun 17, 2003 9:45 pm    Post subject: Reply with quote

sigh... thanks anyway..

I emerge -C openssl
then rm -fR /etc/ssl/

so yeah I deleted everything..

when I run ./CA.pl -newca is it supposed to ask for a filename and a PEM pass phrase? or should it do nothing?

as you can see in my post above, it asks for a few things when I run -newca and the guide doesn't show what to put in there. so I just put in a password, and it continued, completed "successfully" but there is no newcert.pem file for me to copy anywhere.

this is most distressing :(

thanks anyway for your help
_________________
Kororaa install method - have Gentoo up and running quickly and easily, fully automated with an installer!
Back to top
View user's profile Send private message
puddpunk
l33t
l33t


Joined: 20 Jul 2002
Posts: 681
Location: New Zealand

PostPosted: Wed Jun 18, 2003 9:14 am    Post subject: Reply with quote

bogofilter is really fast, it is purely a bayes filter, it has no RBL filter (which is useless for me, I have some kind of hybrid spam :\), which is where most of the time goes, in RBL filtering (it has to contact a lot of RBL servers).

This can sometimes take up to 3 times as long as bogofilter :) Also, it's faster because it's written in C, as opposed to SpamAssassin's perl base.

MailAssassin is basically the KDE of mail filters ;) It does everything, it does it well, but it's a bit bloated and slow. bogofilter is the fluxbox of mailfilters. It does what it does cleanly, and quickly.

I'm writing my own python script as we speak to train bogofilter off certain maildirs, and the script can be easily embedded in a cron job.

Cheers,
Chris.
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Wed Jun 18, 2003 12:46 pm    Post subject: Reply with quote

I have edited my little guide.

The crontab is slightly changed:
Quote:
*/30 * * * * sa-learn --dir --ham /root/.maildir/ > /dev/null 2>&1

I changed the directory from ".maildir/cur" to just ".maildir", sa-learn seems to know his way around in maildirs. So there is no need to specify the "/cur".

Also I added a remark about using spamc+spamd or spamassassin in the .procmail file:
Quote:
#spamc is the client programm for the daemonized
#version of SA (designed to keep load and overhead down)
#If you don't run SA as a daemon change "spamc" to "/usr/bin/spamassassin"
#If you do use spamc here you must add spamd to your runlevel
#like this:
Quote:
rc-update add spamd default

_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Wed Jun 18, 2003 1:52 pm    Post subject: Reply with quote

Just a question:

In my /etc/postfix/main.cf is this line
Quote:
mailbox_command = /usr/bin/procmail

I am not sure if this is needed or not nor do I know what it changes.

Anyone got an idea?
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
puddpunk
l33t
l33t


Joined: 20 Jul 2002
Posts: 681
Location: New Zealand

PostPosted: Wed Jun 18, 2003 8:35 pm    Post subject: Reply with quote

yup, i think it's when postfix recieves anything on it's SMTP port (like from another computer on the internet, sending mail to the computers host) it doesn't deliver it itself, it hands it to procmail, which is what you want :)
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Thu Jun 19, 2003 5:24 am    Post subject: Reply with quote

Ok, but I don't think this line is mentioned anywhere here in this guide and we work with procmail, too.
So I assume it's not really needed because postfix passes mail to procmail anyway?
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
puddpunk
l33t
l33t


Joined: 20 Jul 2002
Posts: 681
Location: New Zealand

PostPosted: Thu Jun 19, 2003 7:02 am    Post subject: Reply with quote

my main.cf doesn't have it set at all :|

Anyway, this guide was supposed to be for pulling mail off a server (via fetchmail) instead of the computer actually recieving mail via it's SMTP port.

my bogofilter guide is almost finished. The script is written and working, just need to finalise the steps, then i'll post it!

Cheers,
Chris.
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Thu Jun 19, 2003 7:21 am    Post subject: Reply with quote

Oh yes, I forgot about using fetchmail to receive mail...

Can't wait to see your bogofilter guide :-)
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
puddpunk
l33t
l33t


Joined: 20 Jul 2002
Posts: 681
Location: New Zealand

PostPosted: Thu Jun 19, 2003 8:15 am    Post subject: Reply with quote

Bogofilter mail filtering solution
For use with beowulfs Home Email System Guide

By Chris Smith

Introduction
This guide was written so that bogofilter may be implimented in the "Email System for the Home Network" Guide. This guide proves that bogofilter can be used in client AND in server side filtering solutions, still leaving the user in total control.

The script contained in this guide depends on most of this guide being followed word for word. Feel free to edit and modify my guide and script for your own use, just post on this thread and let us know what your doing with it. We're very interested to see where this goes :)

All code contained in this documentation is released under the GPL Public Licence. Of course :) Right... Here we go!

Instructions
  1. Make the spam maildirs:
    Code:
    $ cd ~/.maildir
    $ mkdir .Spam{,.False-Positives,.False-Negatives}
    $ mkdir .Spam{,.False-Positives,.False-Negatives}/{cur,tmp,new}

    NOTE: If you change these, I hope you know python, as you will need to hack the script so it knows which maildirs to treat as spam.

  2. Load your mail client and move ALL your spam mail out of your normal directories, and into the Spam directory.

  3. OPTIONAL: If you have a LOT of mail (i.e. thousands), and not just spam either, all mail, you may choose to have a "Ham" directory, which you can put a selection of a few hundred messages in.

    You may choose to do this, because the script currently walks through all your directories (that aren't spam!) and commits all that mail to bogofilter as "Good" mail. If you have a lot of messages, this will take quite a while (but not _that_ long :)), but bogofilter will be more thourughly trained. Do this only in special cases:
    1. Create ham directory:
      Code:
      mkdir .Ham
      mkdir .Ham/{cur,tmp,new}

    2. Move a selection of a few hundred good messages into the new Ham directory
    The script will auto-detect the precense of a .Ham directory, so it won't walk all your maildirs.

  4. Copy the following script, and name it as:
    Code:
    ~/Bin/bogotrainer

    Code:
    #! /usr/bin/python
    import os, os.path

    #Configuration entries. Not much ATM. More if needed.
    bogodir = "~/.bogofilter/"
    maildir = "~/.maildir/"

    #Leave everything below here unless you want to do some hacking :)
    needdbs = 0
    bogodir = os.path.expanduser(bogodir)
    maildir = os.path.expanduser(maildir)

    def cleanhamdirs(dir):
       #We don't want Spam in the hamdirs :)
       if dir[len(maildir):len(maildir) + 5] == ".Spam":
          return 0
       #The maildirs of the inbox, must be handled especially
       if dir[len(maildir):len(maildir) + 3] == "cur":
          return 0
       if dir[len(maildir):len(maildir) + 3] == "tmp":
          return 0
       if dir[len(maildir):len(maildir) + 3] == "new":
          return 0
       #If you threw it away, you obviously don't want it :)
       if dir[len(maildir):len(maildir) + 6] == ".Trash":
          return 0
       return 1

    if os.path.isdir(bogodir):
       print "Bogofilter directory found"
       #I'm just assuming if the spamlist.db exists, goodlist.db does too
       #Program will die if goodlist.db doesn't exist anyway.
       if os.path.isfile(os.path.join(bogodir, "spamlist.db")):
          print "Databases found"
       else:
          print "Databases NOT found. Generating..."
          needdbs = 1
    else:
       print "Bogofilter directory NOT found. Generating..."
       needdbs = 1

    if needdbs:
       print "Generating databases:"
       print "Regestering spam messages from", os.path.join(maildir,".Spam/cur")
       spamlist = os.listdir(os.path.join(maildir,".Spam/cur"))
       for spam in spamlist:
          spampath = os.path.join(maildir,".Spam/cur/",spam)
          print "- ", spampath
          os.system("bogofilter -s < " + spampath)
       if os.path.isdir(os.path.join(maildir, ".Ham")):
          #If a specific .Ham dir exists, use that.
          print "Regestering spam messages from", os.path.join(maildir,".Ham/cur")
          hamlist = os.listdir(os.path.join(maildir,".Ham/cur"))
          for ham in hamlist:
             hampath = os.path.join(maildir,".Ham/cur",ham)
             print "- ", hampath
             os.system("bogofilter -n < " + hampath)
       else:
          #Or else, use everything that isn't spam!
          print "Registering spam messages from", os.path.join(maildir,"cur")
          hamlist = os.listdir(os.path.join(maildir,"cur"))
          for ham in hamlist:
             hampath = os.path.join(maildir,"cur",ham)
             print "- ", hampath
             os.system("bogofilter -n < " + hampath)
          maildirs = [os.path.join(maildir,dir) for dir in os.listdir(maildir)]
          maildirs = filter(os.path.isdir, maildirs)
          maildirs = filter(cleanhamdirs, maildirs)
          for dir in maildirs:
             print "Regestering ham messages from", dir
             hamlist = os.listdir(os.path.join(dir,"cur"))
             for ham in hamlist:
                hampath = os.path.join(dir,"cur",ham)
                print "- ", hampath
                os.system("bogofilter -n < " + hampath)

    # So, everything exists, this must be an "updating run", easy!
    # First, correct misdetected ham from the false-positives directory,
    # and move it into the inbox.
    print "Correcting ham messages from", os.path.join(maildir,".Spam.False-Positives")
    hamlist = os.listdir(os.path.join(maildir,".Spam.False-Positives/cur"))
    for ham in hamlist:
       hampath = os.path.join(maildir,".Spam.False-Positives/cur",ham)
       print "- ", hampath
       os.system("bogofilter -Sn < " + hampath)
       #Feed it back through procmail :)
       os.system("/usr/bin/procmail -d $USER < " + hampath)
       os.remove(hampath)

    # Now, correct misdetected spam, and put it in the Spam maildir :)
    print "Correcting spam messages from", os.path.join(maildir,".Spam.False-Negatives")
    spamlist = os.listdir(os.path.join(maildir,".Spam.False-Negatives/cur"))
    for spam in spamlist:
       spampath = os.path.join(maildir,".Spam.False-Negatives/cur",spam)
       print "- ", spampath
       os.system("bogofilter -Ns < " + spampath)
       #Don't bother procmailing it, put it in spam! :)
       os.rename(spampath, os.path.join(maildir,".Spam/cur",spam))


  5. Now, make the script executable:
    Code:
    chmod +x ~/Bin/bogotrainer


  6. If you have a previous training of bogofilter, the script won't overwrite it (so it's cronjob-able) but it's a good idea to start a fresh.
    Code:
    rm -rf ~/.bogofilter


  7. Run the script and wait while it takes in all of your mail and builds its databases. Bogofilter is quite fast, so it shouldn't take too long and you get to see it's progress!
    Code:
    ~/Bin/bogotrainer


  8. Add these recipies in your ~/.procmailrc before all your other recipies:
    Code:
    #Bogofilter filtering solution.
    :0fw
    | bogofilter -u -e -p

    :0e
    { EXITCODE=75 HOST }

    :0:
    * ^X-Bogosity: Yes,
    .Spam/


  9. Add this line to your crontab:
    Code:
    crontab -e
    * 23 * * * ~/Bin/bogotrainer >/dev/null 2>&1


    This sets it to run once a day at 11pm, you can change it. Once a day is about right.

  10. Done! Now you have 2 sub spamdirs which you can use to train bogofilter as you see fit, right from your mail client.

    When you recieve a mail that bogofilter moves to your spam directory, but isn't actually spam, move it into the False-Positives dir in your email client. You can either run the script immediately, or wait until the cronjob triggers. It retrains bogofilter correctly, then feeds the mail back through procmail for proper classicification. If it happens again, don't ignore, put it back in the False-Positives dir and run the script again until bogofilter learns it correctly!

    When you recieve a spam in your inbox, move it into the False-Negatives directory. Next time the script is run, it will retrain bogofilter to recognise that mail as spam then the mail is moved into your .Spam maildir.

    When you feel that your bogofilter is 100% accurate (when it comes to false-positives, you don't want to lose any mail) you can edit your .procmailrc so that when bogofilter detects a mail as spam, it moves it to /dev/null (deleting it). Use with caution! But with that method, you don't even have to look at the filth!


Conclusion
Well, I think that's about it for this. If there is anything I've forgotten, don't hesitate to drop me a PM. I will give out my email over PM if needed. I may look at updating and streamlining the script soon, so check back here in a little while.

Thanks and References
Thanks a lot to beowulf for creating this awesome guide, and all the other active participants on this thread (Proteus in particular :)). The community is what makes Gentoo thrive!

The sites I used researching this little project are as follows:


Cheers,
Chris.
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Tue Jun 24, 2003 8:58 am    Post subject: Reply with quote

@taskara:

You can make up a password when doing "./CA.pl -newca".
You just need it when you self-sign that cerificate using "./CA.pl -sign".

At least thats how it works here :P
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
beowulf
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 225

PostPosted: Tue Jun 24, 2003 9:54 am    Post subject: Reply with quote

Taskara's problem has been fixed... he kept me updated through PM... he basically needed to unmerge openssl, reboot and try the guide again... He wonders if it's because the ssl libraries were in use at the time... i don't know... and i can't figure it out.. but it works now... so i'm happy for him :)

----

Sorry for not updating the guide sooner... but I've been kind of busy from day to day... anyways, go and see the new additions to the guide :D

Added Spam Assassin and Bogofilter... choice is good... and we've given them both choice... if any of you two want an update on the front page... let me know... I'll be more than happy to update it...

Enjoy
_________________
I have nothing witty to say here... ever :-(
Back to top
View user's profile Send private message
taskara
Advocate
Advocate


Joined: 10 Apr 2002
Posts: 3763
Location: Australia

PostPosted: Tue Jun 24, 2003 11:37 am    Post subject: Reply with quote

yeah thanks guys,

as beowulf said I did finally find a solution..

I was trying to make a new ssl certificate while I was logged in via ssh, and I did get an error about shared libraries at one stage.

I un emerged ssl, deleted /etc/ssl and rebooted.

upon reboot ssh could not start (cause there was no ssl)

I re-built ssl, created the new certificates, restarted ssh and it came back up.

not sure if this was the cause, but it seemed to get it working for me.. thanks for your patience and brain storming :D much appreciated.

I got a little further along the guide... but got stuck somewhere else.. so I've kinda given up.

while I remember, there was one section that said "let's make out .fetchmailrc file executable", but I think the step is actually skipped, but changing the permissions of the file is included.. someone who knows what their doing can prob verify / deny this.
_________________
Kororaa install method - have Gentoo up and running quickly and easily, fully automated with an installer!
Back to top
View user's profile Send private message
beowulf
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 225

PostPosted: Wed Jun 25, 2003 5:59 am    Post subject: Reply with quote

taskara wrote:
yeah thanks guys,

as beowulf said I did finally find a solution..

I was trying to make a new ssl certificate while I was logged in via ssh, and I did get an error about shared libraries at one stage.

I un emerged ssl, deleted /etc/ssl and rebooted.

upon reboot ssh could not start (cause there was no ssl)

I re-built ssl, created the new certificates, restarted ssh and it came back up.

not sure if this was the cause, but it seemed to get it working for me.. thanks for your patience and brain storming :D much appreciated.

I got a little further along the guide... but got stuck somewhere else.. so I've kinda given up.

while I remember, there was one section that said "let's make out .fetchmailrc file executable", but I think the step is actually skipped, but changing the permissions of the file is included.. someone who knows what their doing can prob verify / deny this.

Ahh geeze, sorry to hear you've gotten stuck... i understand it must be trying on your patience... anyways, when i said to make the .fetchmailrc file executable, we did just that... by the command "chmod 710 ~/.fetchmailrc"

Since fetchmail is picky about what attributes the file has, it's not as simple as a chmod +x or anything... Anyways, if you ever feel like trying it again, I'm here to help you, as is the rest of the community...
_________________
I have nothing witty to say here... ever :-(
Back to top
View user's profile Send private message
taskara
Advocate
Advocate


Joined: 10 Apr 2002
Posts: 3763
Location: Australia

PostPosted: Wed Jun 25, 2003 12:05 pm    Post subject: Reply with quote

hey all..

well I persisted on, and now I have fetchmail grabbing mail and putting it into my maildir.

I can connect to my IMAP server, but I have a few problems.

one, I can't send mail out - it gives me an error saying
Quote:
The connection to the server has failed. Account: 'Chris' IMAP Mail', Server: '192.168.0.10', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10061, Error Number: 0x800CCC0E


so for now I am sending straight through my isps mail server.

what I am stuck on are cron jobs. I don't fully understand how to add getmailnow to a job. I am using fcron. I followed the commands as per doco
Code:
crontab -e
(which would only let me run as root, not as normal user for some reason) and it creates a file under /tmp. I copy the contents from the guide into it and save it. I'm sure this sounds absolutely rediculous but I don't know where to go from here, or how to do it properly. I sent a test message through but it was never arrived (so I assume fetchmail is not running properly in the cron job).

the other thing I would like to clarify, is how to get mail for all other users.
I have one mailbox which everyone's email goes to (chris@penguinitis.com, tim@penguinitis.com and etc) and I want fetchmail to grab them all and have them sorted into my maildir and tim's maildir.

how would I go about doing this? do I have to create seperate procmailrc files for each user? once again my apologies for my ignorance.

thank you all very much,

Chris
_________________
Kororaa install method - have Gentoo up and running quickly and easily, fully automated with an installer!
Back to top
View user's profile Send private message
BlueEar
Tux's lil' helper
Tux's lil' helper


Joined: 06 Oct 2002
Posts: 143
Location: Mountain View, CA

PostPosted: Thu Jun 26, 2003 1:08 am    Post subject: How to use ISP's smtp server? Reply with quote

I followed the section that explains how to set up postfix to use ISP's smtp server (3.2) but when I e-mail a friend at AOL postfix still attempts to connect directly to their mail servers. In particular, in my log file I see:
Quote:
Jun 25 18:58:11 [postfix/smtp] connect to mailin-02.mx.aol.com[64.12.137.184]: server refused mail service (port 25)
Jun 25 18:58:12 [postfix/smtp] connect to mailin-03.mx.aol.com[64.12.138.57]: server refused mail service (port 25)
Jun 25 18:58:12 [postfix/smtp] connect to mailin-01.mx.aol.com[64.12.137.89]: server refused mail service (port 25)

Is there a trick to it? The relevant section of my mail.cf reads as follows:
Code:
 # cat /etc/postfix/main.cf | grep "smtp_sasl"
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtp_sasl_security_options =

and I have set up saslpass file
Code:
 # ls -l /etc/postfix/saslpass
-rw-------    1 root     root          175 Jun 25 10:40 /etc/postfix/saslpass
# cat /etc/postfix/saslpass
# $Header: /home/cvsroot/gentoo-x86/net-mail/postfix/files/saslpass,v 1.1 2002/07/13 20:17:14 raker Exp $
#
# remotehost user:password
 
foo.bar.net user:password

What else do I need to do to have postfix relay mail through my ISP's smtp server?
Back to top
View user's profile Send private message
-leliel-
Apprentice
Apprentice


Joined: 03 May 2003
Posts: 294
Location: Germany

PostPosted: Thu Jun 26, 2003 6:53 pm    Post subject: Reply with quote

Hi there.

there's a questions and a problem:

q) how is the maildir organized? There's a new, a tmp and a cur folder currently in there ... where do I have to create my folders procmail should sort in?

p) I could only send mails plain, not with tls or ssl. What's wrong?

thanks for the great guide. ;)
_________________
- carpe noctem -

dunkelelf@jabber.org
Back to top
View user's profile Send private message
Proteus
Guru
Guru


Joined: 14 Jul 2002
Posts: 346
Location: Hamburg, Germany

PostPosted: Thu Jun 26, 2003 7:36 pm    Post subject: Reply with quote

The maildir subdirs are for new (i.e. unread) mail in the new subfolder and normal mail (i.e. mail you read before) in the cur folder.
I guess the tmp is there for some specific reason, too. Just that is something i don't know.

Just create any subfolders with the maildirmake command, it takes care of the specifics of maildirs.

Can you maybe show us your main.cf so we can guess why tls/ssl does not work. Is there some specific error message?
_________________
Greetings,
Proteus
Back to top
View user's profile Send private message
-leliel-
Apprentice
Apprentice


Joined: 03 May 2003
Posts: 294
Location: Germany

PostPosted: Thu Jun 26, 2003 7:39 pm    Post subject: Reply with quote

sure. these are my options in main.cnf about tls and ssl:

Code:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains

smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom


thanks
_________________
- carpe noctem -

dunkelelf@jabber.org
Back to top
View user's profile Send private message
beowulf
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 225

PostPosted: Thu Jun 26, 2003 7:58 pm    Post subject: Reply with quote

taskara:
Great to hear you tried it again!

Regarding the inability to send mail and the error... What client are you using? Apparently the issue is with TLS... did you emerge the software with the use flags specified? Can you connect without using SSL? Can you do this for me:
Code:
# cat /etc/postfix/main.cf | grep tls


RE: the cron jobs. Are you in the cron group? Type this as your user
Code:
$ id
Does it tell you that you are in the cron group? I've never used fcron... is it much different from vcron? If you need to, put the script in /etc/cron.hourly or something and set it to run as your user.

RE: Multiple mail users: There were some posts back on pages 2 and 3 where i gave possibilities to grab email from multiple places and filter it... basically the software you'd use is Fetchmail, with multiple poll lines and procmail to filter using the To: email header...

BlueEar
I'm glad you tried it out! Can you post this output:
Code:
grep -v ^# /etc/postfix/main.cf | grep smtp

Did you set up the file in /etc/sasl2/sasldb2?
Code:
 # ls -l /etc/sasl2/sasldb2
-rw-r-----    1 postfix  root        xxxxxxxx /etc/sasl2/sasldb2

The reason i ask for this is that 3.3 shares dependancy on 3.2... without knowing what you have in one section, means i cannot fully diagnose the problem...

-leliel-
Good to hear you can send email! Regarding your question, a maildir has 3 directories... "cur, tmp, new" Cur and New were described by Proteus... so let me tell you what tmp is... the tmp directory is where mail lands first during a fetch... or when receiving... as it's name suggests, it's a temporary place for the email to go... It is later moved to the "new" directory after the fetch/receiving has completed.

As for your problem... Does your output match this?
Code:

root@server # cat /etc/postfix/main.cf | grep smtp_sasl
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtp_sasl_security_options =

Did your ssl certificates generate okay? Also, can you post any relevant information from your logs... one such log to check is /var/log/mail.err or /var/log/mail.warn... check the other /var/log/mail.* files for relevant information...

--

I'll wait to hear back from you guys... hope this helps
_________________
I have nothing witty to say here... ever :-(
Back to top
View user's profile Send private message
BlueEar
Tux's lil' helper
Tux's lil' helper


Joined: 06 Oct 2002
Posts: 143
Location: Mountain View, CA

PostPosted: Fri Jun 27, 2003 2:48 am    Post subject: Reply with quote

beowulf wrote:
[...]Can you post this output:
Code:
grep -v ^# /etc/postfix/main.cf | grep smtp

Did you set up the file in /etc/sasl2/sasldb2?
Code:
 # ls -l /etc/sasl2/sasldb2
-rw-r-----    1 postfix  root        xxxxxxxx /etc/sasl2/sasldb2


Amazing! A multi-support! :D Beowulf, thanks for getting back. I did set up sasldb2, with my regular (bluear) user. The results of the two commands you asked about are:
Code:
# grep -v ^# /etc/postfix/main.cf | grep smtp
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtp_sasl_security_options =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
# ls -l /etc/sasl2/sasldb2
-rw-------    1 postfix  root        12288 Jun 25 18:54 /etc/sasl2/sasldb2

In the meantime I got postfix to use my ISP's smtp server by adding relayhost=foo.bar.com to my /etc/postfix/main.cf, where foo.bar.com is my ISP's host and it is listed in /etc/postfix/saslpass file. I did not see anything about relayhost in your guide so I am wondering if this is a good way of dealing with my issue. Any advice is greatly appreciated!
Back to top
View user's profile Send private message
taskara
Advocate
Advocate


Joined: 10 Apr 2002
Posts: 3763
Location: Australia

PostPosted: Fri Jun 27, 2003 3:38 am    Post subject: Reply with quote

Hey Beowulf,

thanks for your reply.. I should have updated my posts.

I have fcron working, it's grabbing my mail, and I will look into single pop and multiple users :)

I have fixed my outgoing mail server problem, however I do have a couple of problems atm:

1) I can send email, but ONLY to my internal network (ie *@taskara.dyndns.org) sending to my work address the smtp mail server rejects it

2) Sending email still works withOUT authentication, but I don't want to be usedas a mail relay! ;)

3) SSL doesn't seem to be working with smtp

4) every time I connect to my IMAP server it says that my ssl certificate cannot be verified or something, and do I want to continue. I assume this is because it's not officially registered with some global ssl place or something. how can I get aroudn this, so that it doesn't ask all the time? do Ihave to install my public key onto each sdesktop or something?

thanks heaps for your help, here is the output from what you requested:

Quote:
root@server chris # cat /etc/postfix/main.cf | grep tls
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

_________________
Kororaa install method - have Gentoo up and running quickly and easily, fully automated with an installer!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6 ... 25, 26, 27  Next
Page 5 of 27

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum