Resources Latest reviews Search resources. Members Current visitors. Log in Register. Search titles only. Search Advanced search…. New posts. Search forums. Log in. Install the app. Curious how this feature can assist your resource management? Find out here. JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser. Qmail and misdirected bounces. Thread starter moltar Start date Nov 2, I am just wondering if the qMail version that is shipped with Plesk 7.
Installing a valid SSL certificate. Linux-VServer on Slackware. Running OpenBoard in a window. Running two php on the same server. Securing proftpd.
Installing mariaDB. Setting up MySQL. Building your ownCloud. Building your own mozilla-sync server. Setting up Tex on Mediawiki. Greylisting recommendations January 9, December 12, How to Unsubscribe an account from all Maling List December 11, Installing and configuring vpopmail.
Setting up your firewall with fail2ban. Testing qmail, SMTP and auth. This will reject fake senders without any domain declared. As far as my MTA is concerned, this solved an "invalid sender address format" reject message prompted by an email address of a mailman mailing list.. If you want to allow connections without TLS, just do. Values other than 0 or not declaring this variable at all will force TLS before the auth.
Then proceed to next paragraph Creating an SSL key file , as the qmail configuration is presented in the next page. So be aware that all existing messages in the queue will be destroyed when you erase the queue below. To secure the smtp authentication you must create the SSL certificate. The certificate must be owned by the user who runs qmail-smtpd , in our case vpopmail. When everything is working and under your control it will be the time to install a valid certificate from Let's Encrypt , following the page " Installing a valid SSL certificate ".
It provides cram-md5, login, plain authentication support for qmail-smtpd port and qmail-remote. You may be interested to take a look to the page concerning smtp-auth and TLS testing here. Small adjustments and a bug fix by Luca Franceschini here.
You may be interested to take a look to this page concerning chkuser testing. Enables simscan and qmail-dkim to return the appropriate message for each e-mail that qmail refuses to deliver. Simscan rejects with the name of the virus or the spam-score; qmail-dkim rejects with the verification failure message.
To enable SRS read carefully the configuration instructions above. More info here. Facilitates diagnosing qmail-smtpd logging its actions and decisions search for a line starting with qmail-smtp :. It can reject connections from clients which tried to send commands before greeting. The file hier. Makes qmail use a hashing mechanism in the todo folder similar to that used in the rest of the queue. Provides the ability to archive each email that flows through the system.
Archiving only messages from or to certain email addresses is possible as well. This often caused me a broken header when forwarding messages by means of a sieve rule. By default all outgoing emails are sent through the first IP address on the interface. The ehlo domain is NOT modified by this patch. The pid allows you to match the message up with a given tcpserver process and the qp lets you find a particular delivery. Added a line to make qmail-smtpd log the reject reason as well as the envelope to facilitate diagnostics.
RFC section 4. I slightly modified the patch also to log its response. With this, companies can segregate various parts of their organizations email activities, as well as provide a variety of security-enhancing services. It's useful in case of spammed servers, to temporarily stop outgoing messages. It adds a line like this in your qmail-smtp log:. It works in conjunction with chkuser with both cdb and mysql accounts.
Look here for details. It gets qmail to reject relay probes generated by so-called anti-spammers. These relay probes have '! An entry 'qlogenvelope' is generated after accepting or rejecting every recipients in the envelope phase, example:. Avoids qmail getting large amounts of DNS data we have no interest in and that may overflow our response buffer. It has to be used in conjuction with the rcptcheck-overlimit.
Allows you to add an arbitrary number of supplemental remote queues, each distinguished by a list of recipient domains and separate throttling concurrency capabilities. This patch also allows dynamic throttling of the concurrency control files so you can just send qmail-send a HUP signal instead of restarting the service every time. This patch is useful when some email provider complains of too many emails receveid at the same time in case of news letters for instance. Edit conf-channels before compiling: Total number of channels queues available for delivery.
Must be at least 2, and anything above 2 are considered supplemental channels. It allows you to write external programs and use them to check SMTP command argument validity.
The plug-in can trigger several actions, like denying a command with an error message, logging data, adding a header and much more. The qmail-spp functionality is disabled by default, so that it will be transparent for ancient users of this patch.
Jacky January 5, Reply Permalink. Roberto Puzzanghera Jacky January 5, Jacky Roberto Puzzanghera January 5, I would check the chkuser's source code in order to verify that you are using the same patch.
Anonymous Roberto Puzzanghera January 5, I figured out my problem. This issue is in my qmail-smtp run config is still using old qmail-smtpd file. Adebola Ajiboye October 25, The latest patch builds fine.
I can send outgoing mail. Have spent a day troubleshooting this new build and could not locate the issue, hoping you can point me in the right direction. I have double-checked all the usual suspects Any pointers is much appreciated. Thank you. Roberto Puzzanghera Adebola Ajiboye October 26, Roberto Puzzanghera jacky August 27, Anonymous Roberto Puzzanghera August 27, Jaky August 27, Roberto Puzzanghera Jaky August 27, Hi, it should be quite easy to add the patch that was built for the old Bill Shupp's combined patch.
But you should do it by hand because the qmail-smtpd. Remember that those two qmail-qpp files are new and can be copied from a vanilla qmail patched with the same patch. Then you only have to take care of the makefile, which is easy to adjust, and qmail-smtpd.
Andreas Bachmann July 8, My qmail installation netqmail-tls 1. I read that Microsoft and others rejects TLSv1. I just checked the last FreeBSD port. But I couldn't find any version number like TLSv1.
Roberto Puzzanghera Andreas Bachmann July 8, You should contact the author of the patch for further informations. Or you can install the latest tls patch and test the connection against microsoft using openssl as explained in this guide.
Thomas June 18, Our server with your latest patch rejects mails because of the address includes slashes. I really have no idea why people are thinking this is a good idea :. What do you think about either replace f. Roberto Puzzanghera Thomas June 18, I'll do it in the following days.
Thomas Roberto Puzzanghera June 24, Roberto Puzzanghera Thomas June 24, Thomas Roberto Puzzanghera July 8, Eric Broch June 11, Roberto Puzzanghera Eric Broch June 11, Anonymous March 19, Roberto Puzzanghera Anonymous March 19, Anonymous Roberto Puzzanghera March 20, Roberto Puzzanghera Anonymous March 20, Anonymous Roberto Puzzanghera March 22, You should not delete that hash which goes before define, because in C language it's not intended as a character for comments.
So it will be. Bodan December 3, I have problem with compiling vpopmail and qmail with your patchset. I can not compile qmail with chkuser because he required vpopmail:. Roberto Puzzanghera Bodan December 3, You must compile vanilla qmail, not the patched one, and then compile vpopmail on top of it.
Then patch and recompile. Ruben October 26, Now I'm trying to update one of the servers, and receive a compilation error. I was using the patch from Aug before without those modification to this file, just apply patch and compile.
My system is a Centos 7. Roberto Puzzanghera Ruben October 26, C July 27, Roberto Puzzanghera C July 27, Patch added. When I send an e-mail to two aliases that both resolve to the same user account, only a single message gets delivered.
Both of these addresses are. Inside these files is the same real user's e-mail address so that they are forwarding accounts only. If I send that e-mail to both of those aliases, only the latter gets delivered i. If I change the message to send to foo bar. I read about someone else seeing the same thing with EXIM and while I'm sure it's a cool feature to limit bandwidth, it cause me hours of trying to nail down a problem with my code that didn't exist.
So, I'd love to be able to disable this feature if possible. Never mind. This was traced out and qmail is working just fine, as is Vpopmail.
It appears that Apple Mail is automatically deleting duplicate messages delivered to the same inbox. Alexandre Fonceca April 24, I noted that Outlook sends all emails sequentially, in a single connection, giving a rset after each message sending. But rcptcount is not reset. Roberto Puzzanghera Alexandre Fonceca April 25, After speaking with Luca Franceschini, my italian friend who authored qlogenvelope and heavily modified the qmail-smtpd stuff, I patched as follows.
It's not clear WHEN outlook is going to RSET the session, hopefully not after the data has been sent, in that case we should also verify that the total size of the message is reset as well, not to exceed the 'datalimit' for multiple messages. I am using your previous patch Dec 8, and chkuser and vpopmail are playing nicely. I am not using Mysql with vpopmail, just file based. When I installed your latest patch Jan 11, I could send e-mails out but could not receive anything. All messages failed back to the sender with a failure notice stating "sorry, no mailbox here by that name chkuser ".
I stopped all qmail services and installed the previous version I kept as a backup, just in case I had issues with the new patch, and everything is back and working. That being said, I am having a major issue with how qmail is processing e-mails prior to sending through SpamAssassin.
It works just fine, but Qmail is apparently stripping out certain portions of the e-mail because two things are occurring:.
We tested this against a postfix system and used the entire text of the e-mail against SpamAssassin on this server, and sure enough whitelisting worked as it should. DKIM headers are missing and who knows what else. Again, when the same e-mail from postfix was tested on this server, SA had no issues finding the rDNS for the sender's domain.
Roberto Puzzanghera kittonian February 15, This is strange as the latest modifications did not touch qmail-smtpd. Can you post your run and tcp. Concerning the qmail-scanner issue, I replaced it with simscan ages ago and I don't even remember how it works, I'm sorry. That re-enabled dns lookups and everything started working properly again on that front.
The other issue with chkuser is still a problem of course so I'm using your previous patch as mentioned above. Anonymous Roberto Puzzanghera February 15, I use a qmail-remote wrapper script so that my outgoing messages are signed, which works perfectly. Not sure about running as vpopmail as your previous patch works just fine.
It's only the new patch that seems to break chkuser against vpopmail. Roberto Puzzanghera Anonymous February 16, Anonymous Roberto Puzzanghera February 16, However, the exact same lines were commented out in both. My apologies that I did not come back and post the solution to this issue, which btw, is still present in your latest patch.
Roberto Puzzanghera kittonian June 16, I don't think this is what we want. Makes sense, however this is the only way I can get qmail to compile and install with your latest patches, and everything works just fine for me.
If chkuser was disabled, wouldn't vpopmail fail to send and deliver messages? Roberto Puzzanghera kittonian June 17, Gabriel Torres January 7, When sending out a newsletter to , subscribers, the number of concurrent connections always drops to less than I was never able to understand what causes this behavior of qmail-remote not going anywhere close to the concurrencyremove limit. I did a Google search several times, found other people with the same issue, but no solution or any hint of how to debug this or what might be causing it.
Roberto Puzzanghera Gabriel Torres January 8, Na November 30, Roberto Puzzanghera ChangHo. How can I reproduce it? Na Roberto Puzzanghera December 2, Na December 3, Na Roberto Puzzanghera December 3, But I don't get any mariadb error. Na Roberto Puzzanghera December 7, Na December 8, Na Roberto Puzzanghera December 4, Na Roberto Puzzanghera December 1, Roberto Puzzanghera nic November 20, It means that the user who did the authentication is different from the one in the mailfrom field.
This is because you have. Anonymous Roberto Puzzanghera November 20, Gabriel Torres July 6, I found a bug caused by your patch. The header from received emails are, for some reason, filling with '0' where there should be the server name.
Let me explain. Digging this further, the function that fills that part is received found in received. I made a temporary fix by hardcoding our FQDN there, but obviously we need to investigate this further to find out where exactly this variable is being transformed into a zero. I hope you can investigate this. I will try to take a look at this myself later, even though I am not too familiar with the C language.
Roberto Puzzanghera Gabriel Torres July 7, For example:. Roberto Puzzanghera Roberto Puzzanghera July 7, Gabriel Torres Roberto Puzzanghera July 10, This makes much more sense than using using 0. By using 0, SpamCop isn't able to parse the email headers, so reporting spam to SpamCop with spamassassin -r doesn't work.
I had this exact same issue and apparently it has to do directly with the -H option in the tcpserver line. That is what prevents reverse DNS lookups. I took out -H and all is well at least I think so, lol. Gabriel Torres kittonian June 16, Roberto Puzzanghera Gabriel Torres July 6, PS did you have the time to play with my new testing patch with the qmail-channels?
Roberto Puzzanghera Roberto Puzzanghera July 6, Gabriel Torres Roberto Puzzanghera July 6, Forgot to mention that the same issue happens in the SPF line as follows. I also had to manually edit and hardcode our server name in spf. Regarding the other patch, I need some time when our server isn't sending our newsletters to try it out I will let you know and appreciate your effort!
Gabriel Torres June 24, With me, I had to change ownership manually to qmailr. The folder will be owned by qmailr the user running qmail-remote if you sign at qmail-remote level or vpopmail, which is the user who runs qmail-smtpd, if you decide to sign at qmail-smtpd level. My script changes the owner to qmailr by default". Gabriel Torres June 19, Gabriel Torres June 18, This is something we need to slow down delivery to certain ISPs, so emails will be correctly delivered.
We run a weekly newsletter. Roberto Puzzanghera Gabriel Torres June 18, Gabriel Torres Roberto Puzzanghera June 19, Maybe this will help other people as well? Anyway, I made a donation to you earlier today via Paypal. Keep up the nice job of keeping this website up-to-date. Roberto Puzzanghera Gabriel Torres June 19, Thank you very much for your donation and contributions. I'll take a deeper look at this patch, but it seems to me that it's too much invasive, as it completely changes the logic of the qmail queue Gabriel Torres Roberto Puzzanghera June 25, The thing is, we run a newsletter with , subscribers, and some email providers complain that we are sending too many emails at the same time.
So it would be great to have a way to limit the number of emails sent out based on the destination domain. Roberto Puzzanghera Gabriel Torres June 26, Can you test the channels functionality please?
I configured it not to create additional channels, so you have to edit conf-channels and increase the number of qmail-rspawn processes to be created it was 22 before my adjustment. I finally had the time to install this patch and configure qmail-channels. Now I need to wait until we send out our next newsletter to see if qmail is separating emails in separate queues based on the destination domain.
I should have a detailed analysis for us within the next couple of days. Stay tuned! After my original message, Yahoo is now also refusing our newsletters because we are sending too many emails at the same time:. I'm not familiiar with the qmail channel patch, but you have to limit the number of mails per second in order to avoid the block. Roberto Puzzanghera miz July 11, It seems that yahoo accepts a maximum of 20 msg per connection, so this patch should do the trick Gabriel Torres Roberto Puzzanghera July 12, The qmail-channels patch you integrated in your patch worked like a charm to fix the yahoo issue described above.
We could use the postfix solution you linked above, but it would only work in our webserver where postfix is used to accept and send emails to our email server, which is running qmail , whereas with qmail-channels we have the solution valid for all emails sources in our setup, which is best. The configuration of qmail-channels is quite simple. After applying the patch, and before compiling qmail, we need to edit conf-channels and add the total number of queues we want.
The default is 2, meaning local and remote. As I wanted two additional queues two group of domains we wanted to limit the delivery rate , I changed that to 4 and compiled qmail. Roberto Puzzanghera Gabriel Torres July 12, Suitable concurrency values could be useful to someone else Gabriel Torres Roberto Puzzanghera July 13, I am still testing the numbers. I have concurrencysuppl0 with 1 and concurrencysuppl1 with 10 right now. According to what the other user posted above, we could increase the Yahoo queue up to Another note: I had to increase the softlimit configuration.
Na April 25, GoofY April 10, While running make in the netqmail dir I encountered an error in chkuser. Roberto Puzzanghera GoofY April 10, Tony Fung April 8, I just compile libdomainkeys with patch "libdomainkeys-openssl Is the patch "libdomainkeys-openssl Roberto Puzzanghera Tony Fung April 8, Madzel February 19, Roberto Puzzanghera Madzel February 19, Madzel Roberto Puzzanghera February 19, Can you confirm that this is the patch you applied?
Madzel Roberto Puzzanghera February 20, Yes, i used the linked openssl patch. I have all downloaded data deletetd and repeated the whole procedure again:. Roberto Puzzanghera Madzel February 27, Roberto Puzzanghera Madzel February 20, Try to apply this patch, which is specific for openssl Stumpi February 11, It will not compile with OpenSSL 1. After more than 12 years of using Qmail it is now time to change to Exim or PostFix, i guess. Sad and disapointing Roberto Puzzanghera Stumpi February 19,
0コメント