HELP! pre-installed qmail woes
This is a discussion on HELP! pre-installed qmail woes within the alt.comp.mail.qmail forums, part of the Mail Servers and Related category; I have several major problems with the pre-installed version of qmail that came with my hosted server, and I ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-02-2004
|
|||
|
|||
HELP! pre-installed qmail woes
I have several major problems with the pre-installed version of qmail that
came with my hosted server, and I could really use some sources to help me get this this package configured correctly. This should be simple since we only have eight users on the system and none of them are doing mailing lists or anything fancy. My first problem is that I can't seem to figure out even some of the basic functions for qmail, like simply starting and stopping the service. Using qmHandle as a tool I find that even when it attempts to stop the service to remove queued junk the mailers don't really stop. Using the Plesk interface (this is psa-qmail, btw) has the same effect. The only way that I know to truly stop the service is to manually kill all the tasks. My second problem is that as configured, turning on relay authentication through plesk has no effect, so it turns out that the relay has been wide open for the last four weeks and become a heavily used target for spammers. I disabled relaying entirely (through plesk) and set the users up with ssh tunnels for relaying from localhost. By my testing I can't relay through the server internet address anymore, but I still see messages being sent with none of my users in the to: or from:, how the heck is that happening? Even after flushing all messages new relay messages are turning up through what should be a closed relay. Is there a way for these mailers to spoof the IP address so it looks like it's coming from localhost? My third problem is that I can't find any logs whatsoever, how do I turn on logging? If anyone could point me to a howto site with recommended settings I'd really appreciate it. There are so many qmail sites I can't sort out which ones really represent the consensus of the qmail user community. Thanks in advance, Sean 
|
|
09-02-2004
|
|||
|
|||
|
Re: HELP! pre-installed qmail woes
"Sean Conolly" <sjconolly_98@yaaho.com> writes:
> My first problem is that I can't seem to figure out even some of the basic > functions for qmail, like simply starting and stopping the service. Using > qmHandle as a tool I find that even when it attempts to stop the service to > remove queued junk the mailers don't really stop. Using the Plesk interface > (this is psa-qmail, btw) has the same effect. The only way that I know to > truly stop the service is to manually kill all the tasks. Ah...Plesk. That's something of a dirty word in the qmail community. They're apparently violating DJB's copyright by distributing a modified qmail. I don't know how the Plesk qmail is mdofied or installed, so I can't really tell you how to fix your starting/stopping problems. Maybe you should ask Plesk. > My second problem is that as configured, turning on relay authentication > through plesk has no effect, so it turns out that the relay has been wide > open for the last four weeks and become a heavily used target for spammers. > I disabled relaying entirely (through plesk) and set the users up with ssh > tunnels for relaying from localhost. By my testing I can't relay through the > server internet address anymore, but I still see messages being sent with > none of my users in the to: or from:, how the heck is that happening? Even > after flushing all messages new relay messages are turning up through what > should be a closed relay. Is there a way for these mailers to spoof the IP > address so it looks like it's coming from localhost? Again, I don't know how Plesk is controlling relaying, so I can't help you troubleshoot your relaying problems. Sounds like another question for Plesk. > My third problem is that I can't find any logs whatsoever, how do I turn on > logging? Sorry... Same answer. > If anyone could point me to a howto site with recommended settings I'd > really appreciate it. There are so many qmail sites I can't sort out which > ones really represent the consensus of the qmail user community. I recommend installing qmail following "Life with qmail" on the OS of your choice. I think that's also the consensus of the official qmail list. The same questions you asked above, for an LWQ-based installation, are readily answered here and on the qmail list. -- Dave Sill Oak Ridge National Lab, Workstation Support Author, The qmail Handbook <http://web.infoave.net/~dsill> <http://lifewithqmail.org/>: Almost everything you always wanted to know.
|
|
09-02-2004
|
|||
|
|||
|
Re: HELP! pre-installed qmail woes
"Dave Sill" <MaxFreedom@sws5.ornl.gov> wrote in message
news:wx0u0ugzq62.fsf@sws5.ornl.gov... > "Sean Conolly" <sjconolly_98@yaaho.com> writes: > > > My first problem is that I can't seem to figure out even some of the basic > > functions for qmail, like simply starting and stopping the service. Using > > qmHandle as a tool I find that even when it attempts to stop the service to > > remove queued junk the mailers don't really stop. Using the Plesk interface > > (this is psa-qmail, btw) has the same effect. The only way that I know to > > truly stop the service is to manually kill all the tasks. > > Ah...Plesk. That's something of a dirty word in the qmail community. > They're apparently violating DJB's copyright by distributing a > modified qmail. I don't know how the Plesk qmail is mdofied or > installed, so I can't really tell you how to fix your > starting/stopping problems. Maybe you should ask Plesk. Both Plesk and my hosting company are useless. I'd like to ditch Plesk entirely but my co-admin relies on it heavily. > I recommend installing qmail following "Life with qmail" on the OS of > your choice. I think that's also the consensus of the official qmail > list. The same questions you asked above, for an LWQ-based > installation, are readily answered here and on the qmail list. I'm starting to think that I need to just build it from the latest stable sources and reinstall / reconfigure / repatch from scratch. It won't be quick but at least I'll reduce the number of problem domains I'm dealing with. If I move to the latest authentic version, do you have any recomendations for patching / configuring to do: - Don't send rejections for unknown users - Require SMTP authentication even from localhost (I tried removing localhost from control/locals, but no joy) - Don't accept connections from blackhole listed sites Thanks again for your help, Sean
|
|
09-02-2004
|
|||
|
|||
|
Re: HELP! pre-installed qmail woes
"Sean Conolly" <sjconolly_98@yaaho.com> writes:
> I'm starting to think that I need to just build it from the latest stable > sources and reinstall / reconfigure / repatch from scratch. It won't be > quick but at least I'll reduce the number of problem domains I'm dealing > with. Yes, it's a little more work at the front-end, but much easier to support. > If I move to the latest authentic version, do you have any recomendations > for patching / configuring to do: > - Don't send rejections for unknown users echo '#' > ~alias/.qmail-default (Or the appropriate equivalent for virtual domains.) > - Require SMTP authentication even from localhost (I tried removing > localhost from control/locals, but no joy) SMTP-after-POP via relay-ctl, Bruce Guenter's mailfront, or one of the AUTH patches listed on qmail.org. > - Don't accept connections from blackhole listed sites http://lifewithqmail.org/lwq.html#rblsmtpd > Thanks again for your help, Glad to help. -- Dave Sill Oak Ridge National Lab, Workstation Support Author, The qmail Handbook <http://web.infoave.net/~dsill> <http://lifewithqmail.org/>: Almost everything you always wanted to know.
|
|
09-04-2004
|
|||
|
|||
|
Re: HELP! pre-installed qmail woes
"Dave Sill" <MaxFreedom@sws5.ornl.gov> wrote in message
news:wx0oekozlga.fsf@sws5.ornl.gov... > "Sean Conolly" <sjconolly_98@yaaho.com> writes: > > If I move to the latest authentic version, do you have any recomendations > > for patching / configuring to do: > > - Don't send rejections for unknown users > > echo '#' > ~alias/.qmail-default > > (Or the appropriate equivalent for virtual domains.) Is there something missing? Just a pound char? I've tried this in the root dir of a virtual host, but no joy. I tried find more info on this, but it's tough to search on a non-setting :-) Sean
|
|
09-07-2004
|
|||
|
|||
|
Re: HELP! pre-installed qmail woes
"Sean Conolly" <sjconolly_98@yaaho.com> writes:
> "Dave Sill" <MaxFreedom@sws5.ornl.gov> wrote in message > news:wx0oekozlga.fsf@sws5.ornl.gov... >> "Sean Conolly" <sjconolly_98@yaaho.com> writes: >> > If I move to the latest authentic version, do you have any > recomendations >> > for patching / configuring to do: >> > - Don't send rejections for unknown users >> >> echo '#' > ~alias/.qmail-default >> >> (Or the appropriate equivalent for virtual domains.) > > Is there something missing? No. > Just a pound char? Yes. The point is that you want a .qmail file with no delivery instructions, but also non-empty, because an empty .qmail file means "use the default delivery instructions specified on the qmail-start command line". > I've tried this in the root dir of a virtual host, but no joy. I tried find > more info on this, but it's tough to search on a non-setting :-) Are you using qmail/users/assign for this virtual domain? If so, what do the applicable entries contain? If not, post: - the output of qmail-showctl or at least the relevent virtualdomains entries - the qmail-send log entries for a "misbehaving" delivery -- Dave Sill Oak Ridge National Lab, Workstation Support Author, The qmail Handbook <http://web.infoave.net/~dsill> <http://lifewithqmail.org/>: Almost everything you always wanted to know.
|
Linear Mode
