| |
| |
| |
|
Page: 1 2
Comments:
<0> when you create users with qmail, where is this information stored?
<1> gunoon: you don't create users with qmail.
<0> well can you explain to me how it works, say I have a user mikey@host.com
<0> how can I manage all the users in qmail
<2> Does anyone know of a patch or third party program that will check wether a recipiant is valid on a remote host?
<3> i'm having a spam problem (sending spam thru our server) and I've stopped qmail, but i continue to get hundreds of tcp-env processes being created
<3> how are these processes created?
<3> problem solved, they are smtp request
<4> I need help with ezmlm and tmda .... anyone there ?
<2> CountZ, there aren't any local accounts
<5> so you want qmail-remote to ask the remote server?
<5> but what if the remote servers already tell qmail-remote in real-time that the account doesn't exist?
<5> (such as happens on many servers)
<2> CountZ, I want it checked at incoming SMTP time
<2> so that it can be rejected before being processed by spam filters.
<5> ryan`: ok so the remote servers will check incoming mails... I do this right now with qpsmtpd, I don't know of anything else that does this.
<5> qpsmtpd has a check_delivery plugin which does that before the DATA stage
<2> hmmm.
<5> it's a drop-in replacement for qmail-smtpd
<5> you can test it on another port temporarily if you want to just play with it
<5> I block tons of spam before the data phase, saves tons of cpu power
<2> does it work with QMAIL_QUEUE programs?
<5> of course it does, when its done it calls qmail-queue
<2> hmm.
<5> you can tell it to use any queue program you want
<5> there's even an example in the config file
<5> (of different deliveries)
<2> CountZ, do you know if it works with qmail-scanner, specificly?
<5> it does not need qmail-scanner, that's the beauty of it... it is more flexible. what do you do with qmail-scanner at the moment?
<5> it has antivirus plugins, spam******in plugin, and more
<2> I have it set up to reject viruses and high scoring spam during the DATA phase.
<2> using rblsmtpd to filter based on spamhaus
<2> that's about it.
<5> so qpsmtpd does all that and more
<2> hmm.
<5> for example there's a nice plugin called check_helo
<5> it delays the initial greeting a bit to make sure it's not a spam robot
<2> the drops hosts that do stupid **** like 'helo localhost'?
<5> (sometimes the spam robots don't wait for the greeting, they ***ume it will come, and they just start talking to the smtp server)
<2> or helo [my.ip.ad.dy]
<5> you can set it up to do that, yes
<2> exim on my personal server does that.
<5> plugins usually have several modes... a mode just for testing, and a mode to actually reject
<2> that sounds nice.
<5> there's a nice plugin that rejects based on regular expressions in hostnames
<5> check_hostByREname
<5> I use that as well to filter hostnames with ip addresses in them that seem to come from dynamic ip blocks
<5> like dsl-14-13-115-14.rr.com
<5> (should be sending mail)
<5> (should NOT be...)
<2> mmm
<5> some virus
<5> it's quite powerful and it's also very easy to write plugins
<5> whatever people asked for, on the mailing list, some other guy already wrote
<5> it's reached a stage where people no longer know what to ask for ;-)
<5> so now they just focus on performance and other stuff like that
<5> there's a way to run it with persistent-perl for example
<2> mmm
<5> best to read the news server first I guess
<2> that will surely be faster then qmail-scanner
<5> news.perl.org
<5> look for 'qpsmtpd'
<5> (nntp)
<5> I use qpsmtpd-forkserver
<5> my load never goes beyond 0.50 and I have ~300 active mail domains
<5> (ever since I started using qpsmtpd-forkserver)
<2> how many emails per day?
<5> I don't know I need to re-run my log analysis
<5> but i'm too lazy
<5> :-\
<2> We get around 50,000/day
<5> I think we exceed that a bit
<2> mm, also, what hardware are you running on?
<5> it used to be 50,000 a year ago but it grew since
<5> it's a 3.2ghz pentium box
<2> ah.
<5> 1gb ram
<5> but it does other stuff as well
<2> we've got 3 550Mhz/256MB boxes...
<5> if you dedicate one of them for mail, it should be fine
<2> they're all running a qmail-scanner setup with spam******in and clamav
<5> wow, all 3?
<5> why?
<2> redundancy
<5> that's good
<2> and one isn't quite enough to handle our load by itself.
<5> how do you load balance? dns?
<2> yeah
<2> multiple MX records
<5> and how do they handle the same domain? shared nfs?
<5> I see
<5> multiple mx records all on the same level?
<2> right.
<5> that's interesting
<5> i'd like to try that at some point
<2> works quite well
<5> redundancy would be nice
<5> nfs kernel daemon?
<5> with locking and all?
<2> no nfs.
<5> so how do they share the same domains/mail?
<2> they're basicly proxies
<5> ah!
<2> they redeliver to the real mail server using smtproutes
<5> with smtproutes in the end?
<5> I see.
<2> that's why I was asking about verifying recipiants on remote servers.
<5> that's ok - qpsmtpd does all that stuff + respects smtproutes
<5> in fact I think it has even more advanced stuff for remote delivery
<2> the check_delivery does not seem to check the remote
<5> no it checks on local and notifies the remote, in real-time
<5> it's the same basically
<2> hmm.
<5> but now I understand why you want that
<2> right.
<5> because you have proxies
<5> However!
<5> There is a version of check_delivery that uses mysql
<5> this means that if you run vpopmail-mysql or vpopmail-ldap you could modify check_delivery to check against that
<2> we've got a spammer that insists on spamming a few thousand non-existant accounts on a client's domain every couple of days that is seriously agrivating me.
<5> and then it doesn't matter if you run proxies
<2> the end mail servers are running imail on windows.
<2> so that's not really an option.
<5> i've had that too, that's why I started using qpsmtpd in the first place... very annoying!
<5> ouch
<5> so just modify check_delivery to VRFY
<5> sec, i'll check the mailing list, i'm sure somebody has already done that
<2> yeah, I know a fair bit of perl if not.
<2> just gotta get the time approved to do it.
<5> If you look at the plugin code, then, you will find it is really quite simple to hack stuff into it
<2> since our spam filters are still signifigantly below capacity.
<2> but it wastes ****loads of bandwidth.
<2> cause this particular spammer has been sending GIF spam.
<5> ouch
<2> and I get pages when they max out the concernecyincoming limits (set to just 10...)
<2> just annoying all around.
<5> Yah, of course!
<2> CountZ, do you use greylisting?
<5> no
<5> unless you are referring to something I don't know by name
<5> ok there is a check_vrfy plugin
<5> seems like this could end your problems
<5> check out the description:
<5> If you are running a "smart" relay host that accepts e-mail for your
<5> domains and then forwards to the actual delivery MTA, you run the
<5> risk of accepting mail only to then turn around and bounce it. With
<5> this plugin, the "smart" relay host can use the SMTP command VRFY to
<5> decide whether the recipient address is acceptable. In fact, the way
<5> that the plugin is written, multiple internal MTA's could be checked,
<5> prior to attempting delivery.
<5> Sounds good, no? :-)
Return to
#qmail
or
Go to some related
logs:
#asm
rdate connection refused ubuntu
#linux
#fluxbox
ubuntu ext2 turn journaling on
iptables for nfs debian
gentoo amd54 flags
makejail jailer jailtool
pyode snippet
#php
|
|