| |
| |
| |
|
Page: 1 2
Comments:
<0> Does an inputfilter-milter get the Received-line that the MTA will have added to the mail, when it's going to the next hop?
<1> I am having relaying issues. My logs are showing that mail is not being allowed to relay, even when I add *.*.*.* RELAY to my access file
<2> that does not work, wrong syntax for access_db
<2> and _please_ do not configure an open relay
<1> Zerberus: I know, but I became desperate
<2> for whom do you want to relay?
<1> Zerberus: What would allow anything (just until I figure out _what_ is wrong)
<2> roaming users or controlled LANs?
<1> roaming users
<2> configure SMTP AUTH
<1> Zerberus: what might that be (sorry, I have never really worked with mail servers)
<2> the same as when a user accesses his mailbox by POP3/IMAP: sending username and p***word
<1> Zerberus: humm, that is not really what my problem is, I can send all the mail I want, recieving mail from say user@gmail.com does not work
<1> Maybe relay was the wrong work I am looking for
<2> that has nothing to do with relaying
<2> echo '$=w' | sendmail -bt
<2> must print out each domain to be local
<1> Zerberus: my logs are saying relaying denied for those email coming in, so would that mean that it is not configured to recognize this as the final delivery point?
<2> yes
<1> http://pastebin.com/622597
<1> leepil.dyndns.org is the domain I have
<2> and a mail log entry showing the relaying denied?
<1> Zerberus: yes
<2> please show it
<2> RCPT TO:<postmaster@leepil.dyndns.org>
<2> 250 2.1.5 <postmaster@leepil.dyndns.org>... Recipient ok
<1> Mar 25 14:38:44 localhost sm-mta[21777]: k2PMceB4021777: from=<bagawk@gmail.com>, size=0, cl***=0, nrcpts=0, proto=ESMTP, daemon=MTA-v4, relay=pproxy.gmail.com [64.233.166.177]
<1> Mar 25 14:38:48 localhost imap-login: Login: lee [127.0.0.1]
<1> Whoops sorry
<1> Mar 25 14:39:31 localhost last message repeated 2 times
<1> Mar 25 14:44:33 localhost sm-mta[22062]: k2PMiUXx022062: ruleset=check_rcpt, arg1=<lee@leepil.dyndns.org>, relay=wproxy.gmail.com [64.233.184.229], reject=550 5.7.1 <lee@leepil.dyndns.org>... Relaying denied
<1> thought I grabbed the URL instead
<1> and now my email addr is public :(
<2> works
<2> 250 2.1.5 <lee@leepil.dyndns.org>... Recipient ok
<1> hummmm
<1> 2/me tried again
<1> Wow I must have changed something that made it work a bit ago
<1> Thanks
<3> how do I change the port number for sendmail?
<2> the port for what?
<3> Zerberus, that sendmail listens on
<3> is /etc/services the only way?
<2> cf/README -> DAEMON_OPTIONS
<3> Zerberus, if I change /etc/services, will that also change the ougoing port?
<2> why the outgoing port? you spoke about the daemon listening port
<2> read the docs please
<3> Zerberus, I got no docs on my system, anyhow, I asked if I change /etc/services that smtp = 1234 does that mean that for outgoing connections sendmail will also use 1234?
<3> Zerberus, where can I read the docs?
<2> your OS should ship them
<2> http://www.sendmail.org/m4/tweaking_config.html#DAEMON_OPTIONS (not current cf/README)
<3> than you
<0> Does an inputfilter-milter get the Received-line that the MTA will have added to the mail, when it's going to the next hop?
<4> I'm *guessing* it doesn't
<4> since the milter gets called before the mail is accepted
<4> and the Received: line includes a queue id (which presumably wouldn't exist yet)
<5> the queue id does exists
<5> as it is logged in to syslog as soon as mail from: is recieved..
<6> did sendmail support pop?
<7> ciao, what's needed for send mail to deliver mails? Is a dns address enough ?
<7> it delivers locally but not to the internet
<8> paolino: look in /usr/share/doc/sendmail ,and read man sendmail
<7> (and loose myself)
<7> the docs I'm reading around teaches everything but useful things for my poor mind
<7> what keywords are good for me ?
<7> help me grep that info please
<2> paolin1: what is your problem at all?
<9> just now I can't send out mails
<2> and what does the mail log tell you why it fails?
<9> Domain of sender address paolino@serverdedicato does not exist
<2> does not look like a FQDN
<2> so you know what to correct
<9> hostname ?
<2> this is one way, yes
<9> which is the other ?
<2> masquerading | confDOMAIN_NAME
<9> Thanks, now it works.
<10> Is there a way to make sendmail *not* need to be privileged to do -bv?
<0> Does an inputfilter-milter get the Received-line that the MTA will have added to the mail, when it's going to the next hop?
<10> It's setgid smmsp, which is the group on /usr/spool/mqueue, but it still complains
<11> Hanji: change the permissions of the mqueue directory.
<0> Hanji - I didn't care. I just use -bv as root and don't think much ;)
<10> twkm: To what? world-writable?
<11> Elrond: no.
<11> Hanji: don't be silly.
<10> twkm: I'm not being silly; It's current rwxrwxr-x, and it's not working
<0> twkm - What "no"?
<11> Elrond: you asked a question. it doesn't seem to require more to be a sufficient response.
<10> No, running -bv as root is the *wrong* solution.
<10> Especially since this is a multi-user box
<11> Hanji: then you have other files that are protected against users in general.
<11> Hanji: e.g., /etc/mail/access.db.
<0> twkm - Ahh, it was to my question.
<10> If I try sendmail -bv, it gives the error: collect: Cannot write ./dfk2QGOx4U006482 (bfcommit, uid=57530, gid=101): Permission denied
<0> twkm - You don't happen to know, how spam***-milter feeds the remote side's IP into spamc?
<10> Interestingly, 101 is *not* the gid of smmsp
<10> So I suspect it may be mistakenly dropping setgid permissions before trying to write whatever it wants to write
<0> Hanji - Just for testers: chmod a+wt /var/spool/mqueue ?
<10> That works
<11> Hanji: -bv does not write the queue, are you sure you are using it correctly?
<10> $ sendmail -bv -t < Mail/draft
<10> Notice: -bv may give misleading output for non-privileged user
<10> collect: Cannot write ./dfk2QGV4CN010547 (bfcommit, uid=57530, gid=101): Permission denied
<11> you didn't use it correctly.
<10> What is the correct way to use it?
<11> -bv some@address
<11> from ''man sendmail'' - " -bv Verify names only - do not try to collect or deliver a message."
<10> Is there a reason I can't use -bv and -t and have it read addressed from a message?
<0> -bv some@foo works, if I do chmod o+rx mqeueue and chmod o+r aliases.db
<11> but then you use -t and a file, so it then tries to deliver a message in mta mode which is not allowed by the mqueue permissions.
<11> Hanji: yes, the reason being that it must write the mqueue as it parses, which your uid is not allowed to do.
<10> hmm, alright, thanks
<11> Hanji: that would be handy, if you can work out how to do it send in a patch.
<10> *nod*, I might. It appears the system that I've observed it to work on has sendmail suid root, which I don't want to do.
<11> Elrond: the milter api provides a pointer to the peer's sockaddr to the filter's connect function.
<9> how do I make a secure authentication for relaying mails ?
<11> setup smtp auth.
<11> depending on the source of authentication credentials you may also want ssl.
<9> ok
<3> Zerberus, thanks for your help yesterday, I figured out a whole new world in configuring sendmail
<2> shmaltz: hehe :) the adventures of doc reading
<3> Zerberus, the problem was that I had no clue where to look for those docs, until you gave that link, that told me that it's located in /usr/share/ and not in /etc/mail as I thought
<3> Zerberus, I love doc reading, but I got to find the docs first
<2> yes, /usr/share/doc/ is a typical location
<3> Zerberus, anyhow, if you need any help with asterisk I'm usualy there at #asterisk
<2> shmaltz: thanks for that offer
<3> np
<3> I realy beleive in "Pay it forward"
<2> me too
<3> cya
<3> gtg
<2> cu
<12> is there a way in sendmail to block mails that come from a particular address?
<2> yes, sure
<2> see access_db
<12> thanks
<12> anf for example from a user address that is greater than 8 characters for example?
<12> would that be possible?
<12> ie: 12345678@example.com would be blocked
<13> sendmail doesn't care how long the userids are
<12> :/
<12> ok
<12> Is there like an option so I would know if a mail was read or delivered?
<12> guess not
<12> heh
<13> look for delivery status notifications - but note that many sites (and/or users) don't respect them
<13> or use a web-bug and make sure it is ignored :)
<14> for CVE 2006-0058, is there a public remote execution exploit, or explanation of how it's done. I'm only interested. The one in topic is for the SM syslog DOS attack correct?
<15> snappy: Few details: read http://www.kb.cert.org/vuls/id/834865 (The problem section). No public exploit to my knowledge
<15> snappy: http://www.sendmail.com/company/advisory/#exploit is rather interesting
Return to
#sendmail
or
Go to some related
logs:
E_no_instsrc_on_media installation_sources
#perl
#oe
\printing to stdin\
gaim has closed the conversation window+gaim
firefox config options
#math
#linux
#web
resolves to a file which is marked executable but is not a CGI file
|
|