Qmail Archives - Page 2 of 3 - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘Qmail’

Fix QMAIL mail server – “warning: dropping connection, unable to SSL accept:protocol error” and why error occurs

Friday, August 24th, 2012

Every time I had to modify something in productive QMAIL server install, I end up with some kind unexplainable problems which create huge issues for clients. For one more time I end up with errors after minor “innocent” modifications of a working for more than year time QMAIL ….

After last changes I made to combined qmail install of Thibs, QmailRocks in Daemontools qmail start up files:

/var/qmail/supervise/qmail-smtpd/run /var/qmail/supervise/qmail-smtpdssl/run

In both files I set variable:

SSL=0 to SSL=1:

After making the change I restarted qmail tested sending emails and all looked well. Therefore I thought all works as usual, e.g. e-mail are properly sent and respectively received to the mail server….

So far so good until just today, when I received urgent phone call in which my employer reported about severe problems with receiving emails.
Trying to send from Gmail or Yahoo to our mail server were unable to be received with some delivery failure errors …
First I was a bit sceptical, hoping that maybe the errors reporting are not caused by the mail server but after giving a try to send email to the mail server in question the reported problem prooved true.
As always when errors with QMail, I checked what the logs says about the problem just to find in /var/log/qmail-smtpd/current log following err:

@4000000050374a0e1a5dc374 sslserver: warning: dropping connection, unable to SSL accept:protocol error

I’ve dig over almost all primary forums, threads and blog posts online but nowhere I couldn’t find anymeaningful as explanation to the error, so was forced to look for solution myself.
Obviously, there was error with SSL, so my first thought was to check if all is fine with permissions of servercert.pem and clientcert.pem. The permissions of two files were as follows:

ls -al /var/qmail/control/clientcert.pem -rw-r----- 1 root qmail 2136 2011-10-10 13:23 /var/qmail/control/clientcert.pem ls -al /var/qmail/control/servercert.pem -rw-r--r-- 1 qmaild qmail 2311 2011-10-12 13:21 /var/qmail/control/servercert.pem

At first glimpse I was suspicious concerning permissions of /var/qmail/control/clientcert.pem but after checking on other Qmail servers which worked just fine I was sure the problem did not root in clientcert.pem permissions.

As you can guess another failure point I suspected was the previous day change of SSL=0 to SSL=1 in /var/qmail/supervise/qmail-smtpd/run and /var/qmail/supervise/qmail-smtpdssl/run. On that account, I immediately reversed back the yesterday setting of SSL=0 and then restart QMAIL.

The usual QMAIL to restart qmail is via qmailctl, but since so often qmailctl does not reload qmail current settings I had to also refresh current working qmail binaries via both stopping qmail with qmailctl stop and through /etc/inittab by commenting out in it line dealing with daemontools svscanboot:

Hence I first stopped all running qmail processes via init script:

# /usr/bin/qmailctl stop

Then commented line:

SV:123456:respawn:/usr/bin/svscanboot

to:

#SV:123456:respawn:/usr/bin/svscanboot

Onwards did reload of initab with command:

# /sbin/init q

Right onwards I uncommented the commented line:

#SV:123456:respawn:/usr/bin/svscanboot

to:

SV:123456:respawn:/usr/bin/svscanboot

And load up daemontools (svscanboot) via inittab issuing:

# /sbin/init q

Finally I had to start QMAIL processes:

# qmailctl restart ...

Change of SSL svscanboot daemontools service script SSL=0 to SSL=1 however created other problems for clients cause any present clients which used crypted connections to SMTP server viaSSL encryption rendered unable to send mails anymore with error messages like:

Cannot establish SSL with SMTP server xx.xxx.xxx.xxx:465, SSL_connect error 336031996.

To work around this issue I had to once again start SSL (set SSL=1) in /var/qmail/supervise/qmail-smtpssl/run and leave SSL switched off for /var/qmail/supervise/qmail-smtp/run.

Even doing this changes for about 20 minutes though I restarted QMAIL multiple times, qmail continued having issues with mails received with the shitty:

@4000000050374a0e1a5dc374 sslserver: warning: dropping connection, unable to SSL accept:protocol error

After multiple restarts “magically” the stupid server figured out it should load my changed setting in qmail-smtpdssl/run (before it finally worked I probably had to restart 20 times using qmailctl stop; qmailctl start ….

I’ve figured out as a good practice to put delay between qmailctl stop and qmailctl start cmds so in restarts I used a little 3 secs sleep in between like so:

# qmailctl stop; killall -9 multilog; sleep 3; qmailctl start

Also killing multilog (killall -9 multilog) is good practice cause often nevertheless restarts server logging is not refreshed …

Something else that might be important is the AUTH settings in qmail-smtpd/run and qmail-smtpdssl/run in thisfinally working qmail they are:

AUTH=1 REQUIRE_AUTH=0 ALLOW_INSECURE_AUTH=0

Hope this post helps someone to solve same crazy error …
Cheers

Tags: connection, dropping, Qmail, server, unable, Warning
Posted in Qmail, System Administration | 4 Comments »

How to disable spammer domain in QMAIL mail server with badmailto variable

Thursday, July 12th, 2012

I've recently noticed one of the qmail SMTP servers I adminster had plenty of logged spammer emails originating from yahoo.com.tw destined to reache some random looking like emails (probably unexisting) again to *@yahoo.com.tw

The spam that is tried by the spammer is probably a bounce spam, since it seems there is no web-form or anything wrong with the qmail server that might be causing the spam troubles.
As a result some of the emails from the well configured qmail (holding SPF checks), having a correct existing MX, PTR record and even having configured Domain Keys (DKIM) started being marked, whether emails are sent to *@yahoo.com legit emails.

To deal with the shits, since we don't have any Taiwanese (tw) clients, I dediced to completely prohibit any emails destined to be sent via the mail server to *@yahoo.com.tw. This is done via /var/qmail/control/badmailto qmail control variable;

Here is content of /var/qmail/control/badmailto after banning outgoing emails to yahoo.com.tw;;;

qmail:~# cat /var/qmail/control/badmailto [!%#:\*\^] [] [\{\}] @.*@ *@yahoo.com.tw

The first 4 lines are default rules, which are solving a lot of badmailto common sent emails. Thanks God after a qmail restart:

qmail:~# qmailct restart ....

Checking in /var/log/qmail-sent/current, there are no more outgoing *@yahoo.com.tw destined emails. Problem solved …

Tags: Auto, bounce, cat, checks, com, common, configured, control, control variable, default rules, dkim, domain, Draft, god, legit, mail, mail server, mx, outgoing emails, plenty, ptr, Qmail, qmailct, reache, Result, shits, smtp servers, spam, spammer, SPF, twThe, var, well, Yahoo, yahoo com tw
Posted in Qmail, System Administration | 1 Comment »

How to add multiple email accounts in qmail’s vpopmail with vpasswd via ssh (console) / Little shell script to add multiple email addresses

Sunday, June 12th, 2011

I’ve been assigned the task to add on one of the qmail powered servers I administrate about 50 email addresses via command line.

Each email addresses was required to be configured to have the same mail password.
Adding the email addresses via an interface would be a killing time consuming task and will probably require at least 1 hour of time to add the emails with qmailwebmin, qadmin, qubit or the other vpopmail qmail web administration interfaces available nowdays.

To solve the task, I’ve used a line oner bash shell script which reads all my 80 emails from a file and adds them with vpopmail’s command line tool vpasswd on the mail server.

Here is the one liner shell script I’ve written to solve the task:

debian:~# while read line; do vadduser $line Email_Pass_Phrase; done < email_list_file.txt

In above’s code I’ve used the email_list_file.txt file is a text file on the server and contains list of all my 50 email addresses, where each line in the file contains one email. The Email_Pass_Phrase is actually the password I’ve set for all the new email addresses being created with vpasswd

That’s all now the 50 email addresses on the server are created and I’ve saved at least one hour of boring repeating actions in the browser 😉

Tags: administrate, bash shell script, browser, command, command line tool, consuming, email accounts, email addresses, email list, file, file txt, interface, killing time, line, little shell, lt, mail password, mail server, new email, nowdays, password, phrase, qadmin, Qmail, qubit, read, servers, Shell, ssh, time, time consuming task, tool, TXT, vadduser, vpasswd, vpopmail, web administration
Posted in Qmail, System Administration | No Comments »

The day Today

Friday, March 28th, 2008

I stand up in the morning at somewhere around 09:30. I made my physical excersises everyday. What I have to say that I’m trying to fast. You know it’s the orthodox fasting period. Orthodox Eastern has to be on 27 may if I’m not mistaken. In the morning we had Marketing II classes with a teacher called Stanislav. Nobody has a homework and only three of us entered the classes so the teacher was furious. After that we had lectures with Ruelof on the topic of Marketing Research. I had not much job from work. Our project manager said that they are going to give me a phone so they can reach me cheaper and easier. We have to had some English classes just after the Marketing Planning lectures but the teacher Valio said we won’t have it because he has some job to do. After the school I worked on the servers. Servers and stuff works just fine thanks to God. Unfortunately my health issues continue on and on. I’m starting to loose temper I try to pray for a little every night before I go to bed and every evening. I still hope God would hear me and heal me. Ahm what else in the evening I went to the 2nd hand furniture shop of my cousin Zlatina and her husband Ivailo I spend a little less than an hour there. After that I went to Yasho a colleague 1st year (A metal head and brother of one of my class mates) and we watched Dr. Strangelove together Or How I learned to stop worrying and drop the bomb. I really enjoy this Kubrick film :). That’s most of the day. I figure out that one of the qmail chkuser’s patch wasn’t working properly on one of the servers and I did some tweaks to make it work. Also I’m reading a little book on MySQL although I almost doesn’t have time to read it. Well that’s it Let’s call it a day.END—–

Tags: Ahm, bomb, brother, class mates, colleague, Cousin, doesn, dr strangelove, end, excersises, furniture, furniture shop, hand furniture, HEAD, health issues, homework, job, manager, marketing, marketing planning, marketing research, Metal, nobody, phone, pray, Qmail, Research, Ruelof, servers, shop, stanislav, temper, thanks to god, time, tweaks, Valio, year
Posted in Everyday Life | No Comments »

How to solve squirrelmail “ERROR: Connection dropped by IMAP server.”

Wednesday, August 17th, 2011

One server recently installed with Qmail + Vpopmail and Squirrelmail had just been reported to me that the webmail is failing to properly login existent users on the server via the IMAP protocol.

I’ve checked on port 143 to see if couriertpcd process is properly listening with netstat -tlnp as well as used telnet to check if I can normally connect with telnet to the imap port and it seemed there is no issue with IMAP

Further on I checked /var/log/mail.log and there I found the following error message popping up:

Aug 17 08:56:27 mail-serv imapd: LOGIN FAILED, user=hipo@mail-serv.com, ip=[::ffff:127.0.0.1] Aug 17 08:56:27 mail-serv imapd: authentication error: Connection refused Aug 17 08:56:29 mail-serv imapd: Connection, ip=[::ffff:127.0.0.1] Aug 17 08:56:29 mail-serv imapd: authdaemon: s_connect() failed: Connection refused Aug 17 08:56:29 mail-serv imapd: [Hint: perhaps authdaemond is not running?]

The error was shown each time I do get a failure in Squirrelmail in my browser to connect to IMAP with the error:
ERROR: Connection dropped by IMAP server.

As the log revealed the courier-authdaemond was not up and running on the system. I thus launched it :

qmail:~# /usr/local/sbin/authdaemond stop qmail:~# /usr/local/sbin/authdaemond start qmail:~# /etc/init.d/imap start

I’ve later on figured out the strange, was caused because of a server reboot, during boot process authdaemond did not properly load up, therefore to prevent future problems like this one, I’ve put authdaemond and /etc/init.d/imap scripts to load up via /etc/rc.local :

qmail:~# echo '/usr/local/sbin/authdaemond stop' >> /etc/rc.local qmail:~# echo '/usr/local/sbin/authdaemond start' >> /etc/rc.local qmail:~# echo '/etc/init.d/imap start' >> /etc/rc.local

Tags: authdaemon, authentication error, boot, boot process, browser, com, connection, connection ip, ERROR, error error, error message, failure, ffff, imap port, imap protocol, IMAPFurther, issue, localqmail, login, mail, mail log, nbsp, port, port 143, Protocol, Qmail, Reboot, sbin, scripts, squirrelmail, startI, startqmail, Stop, time, usr, var, vpopmail
Posted in Linux, Qmail, System Administration | No Comments »

How to change users quota to NO QUOTA on Qmail with Vpopmail Mail server install / Qmail mail over quota issue

Monday, February 20th, 2012

Already on a couple of mail boxes located on one of the qmail powered mail servers I adminiter, there is an over QUOTA reached problem encountered.

Filling up the mailbox quota is not nice as mails starts get bounced back to the sender with a message QUOTA FULL or EXCEEDED MESSAGE, if this is a crucial mail waiting for some important data etc. the data is never received.
Below is a copy of the mail quota waarning notification message:

Delivered-To: email_use@my-mail-domain.net Date: Wed, 15 Feb 2012 17:40:36 +0000 X-Comment: Rename/Copy this file to ~vpopmail/domains/.quotawarn.msg, and make appropriate changes X-Comment: See README.quotas for more information From: Mail Delivery System <Mailer-Daemon@different.bg> Reply-To: email@www.pc-freak.net To: Valued Customer:; Subject: Mail quota warning Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit > Your mailbox on the server is now more than 90% full. So that you can continue to receive mail you need to remove some messages from your mailbox.

As you can read from the copy of the mail message above, the message content sent to the mail owner whose quota is getting full is red from /var/vpopmail/domains/.quotawarn.msg

The mail reaching quota problem is very likely to appear in cases like low mailbox quota set, but sometimes also occurs due to bugs in vpopmail quota handling.

Various interesting configuration settings for mail quotas etc. are in /home/vpopmail/etc/vlimits.default file, (assuming vpopmail is installed in /home).

In my specific case, the default vpopmail mailbox quota size was set to only 40 Megabytes.
40MB is too low if compared to todays mailbox size standards which in Gmail and Yahoo mail services are already a couple of gigabytes.
Hence to get around the quota troubles, I removed the quota for the mail.
To remove the quota size in vpopmail set for address (email_user@my-mail-domain.net) used cmd:

qmail-server:~# vmoduser -q NOQUOTA email_user@my-mail-domain.net

To save myself from future quota issues, I decided to apply a permanent fix to all those over quota size VPOPMAIL mailbox problems by removing completely quota restriction for all mailboxes in my vpopmail existent mail domain.

To do so, I wrote a quick simple bash loop one-liner script:

qmail-server:~# cd /home/vpopmail/domains qmail-server:~/vpopmail/domains# cd my-mail-domain.net qmail-server:~/vpopmail/domains/my-mail-domain.net# for i in *; do \ vmoduser -q NOQUOTA $(echo $i|grep -v vpasswd)@my-mail-domain.net; \ done

This works only on vpopmail installations which are configured to store the mail messages directly on the filesystem. Therefore this approach will not work for people who during vpopmail install had configured it to store mailboxes in MySQL or in other kind of SQL db engine.

Anyways for Vpopmail installed to use SQL backend, the script can be changed to read directly a list with all the mailboxes obtained from databasae (SQL query) and then, loop over each of the mail addresses apply the vmoduser -q NOQUOTA mail@samplemaildomain.net.

I've written also a few lines shell script (remove_vpopmail_emails_domain_quota.sh), it accepts one argument which is a vpopmail domain to which the admin would like to reset all applied mailbox quotas. The script is useful, if you have to often remove all quotas for vpopmail domainsor have to do quota wipe out simultaneously for multiple email domain names located on different servers.

Tags: Auto, bit, charset, configuration settings, content transfer, copy, Date, Draft, EXCEEDED, file, free mail services, FULL, gigabytes, Gmail, information, ISO, mail boxes, mail delivery system, mail domain, mail message, mail owner, mail quota, mail quotas, mail server, mail servers, mail services, mailbox quota, mailbox size, megabytes, message, message quota, Mime, msg, msgThe, nbs, NOQUOTA, notification message, Qmail, quot, quota problem, README, Rename, script, sender, size, SQL, text, transfer, version, vpopmail
Posted in Qmail, System Administration | No Comments »

How to change Return Path variable in Qmail

Friday, July 1st, 2011

The Return Path variable on one of the qmail mail servers I manage was improperly set.
New newsletter mails initiated by the php scripts on the mail server had the improper return path set in the mail headers, like so:

Return-Path: <anonymous@mail.mymailserver.com>

Therefore many mail servers dropped messages as the set Return Path variable in the headers was incorrectly set to the domain mail.mymailserver.com

Thus to change the Return Path to the correct one that should have been mymailserver.com I had to include mymailserver.com in qmail’s control file /var/qmail/control/bouncehost, e.g.

root@qmail:~# echo 'mymailserver.com' > /var/qmail/control/bouncehost root@qmail:~# echo 'mymailserver.com' > /var/qmail/control/doublebouncehost

By the way the return path in qmail is set by:

> qmail-inject and qmail-send

There seems to be also some way to ovewrite the default set return-path variable with some php variables but I have never tried this one.
Cheers 😉

Tags: anonymous mail, Auto, bouncehost, Cheers, com, control, default, domain, domain mail, doublebouncehost, Draft, file, lt, mail, mail headers, mail server, mail servers, mymailserver, newsletter, ovewrite, Path, php, php scripts, php variables, Qmail, Return, return path, root, server, var, way
Posted in Linux, Qmail, System Administration | 2 Comments »

Fix 503 AUTH first (#5.5.1) mail receive errors in Qmail

Friday, September 2nd, 2011

I have one qmail rocks install based on Thibbs Qmalrocks tutorial

I had to do some changes, to:
/etc/service/qmail-smtpd/run and /etc/service/qmail-smtpdssl/run init scripts.

After a qmail restart suddenly qmail stopped receiving any mail messages and my sent messages was returned with an error:

Connected to xx.xxx.xx.xx but sender was rejected. Remote host said: 503 AUTH first (#5.5.1)

After investigating the issue I finally found, that one value I’ve changed in /etc/service/qmail-smtpd/run and /etc/service/qmail-smtpdssl was causing the whole mess:

The problematic variable was:

REQUIRE_AUTH=1

To solve the issue I had to disable the value which it seems, I have enabled by mistake.

Below is a quote from http://qmail.jms1.net which explains what REQUIRE_AUTH shell variable does:

Setting REQUIRE_AUTH=1 will make the service not accept ANY mail unless the client has sent a valid AUTH command. This also prevents incoming mail from being accepted for your own domains, so do not use this setting if the service is accepting “normal” mail from the outside world.
Restarting via qmailctl restart and qmail started receiving messages normal 😉

Tags: ANY, Below, client, command, Connected, host, incoming mail, issue, mail, mail messages, mess, mistake, Qmail, qmailctl, quot, quote, receiving messages, Remote, REQUIRE, rocks, run, scripts, sender, Shell, shell variable, Thibbs, value, xxx
Posted in Linux, Qmail, System Administration, Various | 3 Comments »

Filter messages in Qmail with unwanted words, get rid of the Viagra annoying spam with Qtrap

Sunday, September 4th, 2011

Drop qmail received mail containing banned / unwanted words to get rid of Viagra and Sex related spam

Recently the annoying Viagra spam has emerged again. Therefore I decided to clean up some of the mails received to one of the qmail servers to protect users emailbox from this viagra peril.

To do so I’ve remember about an old script which used to be part of qmailrocks.org qmail install, the script is called qtrap and is able to filter emails based on list of specific mail contained words.
Since qmailrocks.org is gone (down) for some time and its still available only on few mirrored locations which by the way are not too easy to find I decided to write a little post on how qtrap.sh could be integrated quick & easy with any Qmail + Vpopmail install out there.

Hereby I include the description for qtrap.sh given by the script author:

“qtrap.sh script is applied on a per domain basis and serves as a “bad word” scanner to catch any spam that Spamassassin may have missed. This filter serves as the last defense against SPAM before it arrived in your inbox. I like this filter because it helps to get rid of any SPAM that happens to make it by Spamassassin. Without any protection at all, my mailbox gets a shit ton of SPAM every day. Within the first 3 months I enacted the Qtrap filter, Qtrap logged over 9,000 deleted SPAM messages, none of which were legitimate e-mails. My keyboard’s delete key was very appreciated the extra rest.

Any emails that are scanned and contain a banned word will be automatically deleted and logged by the qtrap script. A whitelist feature now exists so that individual addresses or domains can be exempt from the qtrap scan.”

Now as one might have general idea on what the script does. Here is the step by step qtrap.sh integration;

1. Create necessery qtrap directory and logs and set proper permissions

If the vpopmail is installed in /home/vpopmail , issue the following commands.

debian:~# cd /home/vpopmail debian:~# mkdir -p qtrap/logs debian:/home/vpopmail/qtrap# cd qtrap debian:/home/vpopmail/qtrap# wget https://www.pc-freak.net/files/qtrap.sh ... debian:/home/vpopmail/qtrap# cd ~ debian:~# touch /home/vpopmail/qtrap/logs/qtrap.logdebian:~# chown -R vpopmail:vchkpw /home/vpopmail/qtrapdebian:~# chmod -R 755 /home/vpopmail/qtrap

On older qmail installations it could be vpopmail is installed in /var/vpopmail if that’s the case, link /var/vpopmail to /home/vpopmail and go back to step 1. To link:

debian:~# ln -sf /var/vpopmail/ /home/vpopmail

2. Edit qtrap.sh to whitelist email addresses and build a ban words list

a) Include the email addresses mail arriving from which would not be checked by qtrap.sh

Inside qtrap.sh in line 63, there is a shell function whitelist_check(), the function looks like so:

whitelist_check () { case $WHITELIST in address@somewhere.com|address@somewhereelse.com) echo $SENDER found in whitelist on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log exit 0;; *) ;; esac }

By default the script has just two sample mails which gets whitelisted this is the line reading:

address@somewhere.com|address@somewhereelse.com

The whitelisted emails should be separated with a pipe, thus to add two more sample emails to get whitelisted by script the line should be changed like:

address@somewhere.com|address@somewhereelse.com|hipod@mymailserver.com|hipo@gmail.com

In order to whitelist an entire domain let’s say yahoo.com add a line to the above code like:

address@somewhere.com|address@somewhereelse.com|hipod@mymailserver.com|hipo@gmail.com|*yahoo.com

b) Defining the bad words ban list, mails containing them should not be delivery by qmail

The function that does check for the ban word list inside the script is checkall();, below is a paste from the script function:

checkall () { case $BANNED_WORDS in porn|PORN|Sex|SEX) printout $BANNED_WORDS echo MESSAGE DROPPED from $SENDER because of $BANNED_WORDS on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log exit 99;; *) ;; esac }

checkall(); is located on line 74 in qtrap.sh, the exact list of banned words which the script should look for is located on line 76, the default qtrap.sh filters only mails containing just 4 words, e.g.:

porn|PORN|Sex|SEX)

To add the Viagra and VIAGRA common spam words to the list, modify it and expand like so:

The delimiter is again | , so proceed further and add any unwanted spam words that are not common for any legit mails.

3. Install qtrap.sh to process all emails delivered to vpopmail

If its necessery to install the dropping of mails based on word filtering only to a single vpopmail virtualdomain do it with cmd:

debian:~# cd /home/vpopmail/domains/yourdomain.com debian:/home/vpopmail/domains/yourdomain.com# touch .qmail-default.new debian:/home/vpopmail/domains/yourdomain.com# echo '| /home/vpopmail/qtrap/qtrap.sh' >> .qmail-default.new debian:/home/vpopmail/domains/yourdomain.com# echo "| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" >> .qmail-default.new debian:/home/vpopmail/domains/yourdomain.com# chown vpopmail:vchkpw .qmail-default.new debian:/home/vpopmail/domains/yourdomain.com# cp -rpf .qmail-default .qmail-default.bak; mv .qmail-default.new .qmail-default If however qtrap.sh needs to get installed for all existing vpopmail virtualdomains on the qmail server, issue a one liner bash script:

debian:~# cd /home/vpopmail/domains debian:/var/vpopmail/domains# for i in *; do cd $i; echo "| /home/vpopmail/qtrap/qtrap.sh" >> $i/.qmail-default.new; echo "| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" >> $i/.qmail-default.new; chown vpopmail:vchkpw .qmail-default.new; mv .qmail-default .qmail-default.old; mv .qmail-default.new .qmail-default; cd ..; done

This for loop will add ‘| /home/vpopmail/qtrap/qtrap.sh’ to all .qmail-default for all vpopmail domains.

Afterwards the .qmail-default file should contain the following two lines:

| /home/vpopmail/qtrap/qtrap.sh | /home/vpopmail/bin/vdelivermail '' delete

A very important thing here you should consider that adding some common words, as let’s say hello or mail etc. could easily drop almost all the emails the qmail hands in to vpopmail.

Caution!! Never ever implement common words in the list of words !!
Always make sure the banned words added to qtrap.sh are words that are never enter an everyday legit email.

Another thing to keep in mind is that qtrap.sh doesn’t make a copy of the received message ,though it can easily be modified to complete this task.
Any mail that matches the banned words list will be dropped and lost forever.

4. Check if qtrap.sh is working

To check, if qtrap is working send mail to some mailbox located on the qmail server containing inside subject or mail message body the unwanted word defined inside qtrap.sh.

The mail should not be received in the mailbox to which its sent, if qtrap is working moreover qtrap.sh should log it inside it’s log file:

debian:~# cat /home/vpopmail/qtrap/logs/qtrap.log MESSAGE DROPPED from hipo@mytestmail.com because of viagra on 09/03/11 11:34:19 MESSAGE DROPPED from support@mymailserver.com because of Viagra on 09/03/11 11:39:29

If the qtrap.log contains records similar to the one above, and the mail matching the banned word is not delivered, qtrap.sh is properly configured. If any issues check in qmail logs, they should have a good pointer on what went wrong with qtrap.sh invokation.

Note that I’ve integrated qtrap.sh to custom qmail install running on Debian Lenny 5.0 GNU/Linux.
If I have time I’ll soon test if its working fine on the latest stable Debian Squeeze and will report here in comments.
If however someone is willing to test if the script works on Debian Squeeze 6.0 or have tested it already please drop a comment to report if it works fine.
qtrap.sh, is a bit oldish and is not written to work too optimal therefore on some heavy loaded mail servers it can create some extra load and a bit delay the mail delivery. Thus when implementang one needs to consider the downsides of putting it in.

Also I was thinking tt might be nice if the script is rewritten to read the ban words and whitelist mails from files instead of as it is now as the words are hard coded in the script.
If I have some free time, I’ll probably do this, though I’m not sure if this is a too good idea as this might have a negative performance impact on the script execution time, as each instance of the script invoked should do one more operation of reading a file storing the ban words.

Well that’s pretty much it, enjoy 😉

Tags: amp, annoying spam, bad word, ban, BANNED, basis, cd home, com, defense against spam, description, esac, filter messages, function, general idea, Gmail, Hereby, hipo, inbox, keyboard, logs, mail, mkdir, necessery, newdebian, peril, PORN, proper permissions, protection, Qmail, qtrapdebian, quot, scanner, script, script author, servers, Sex, spamassassin, time, viagra, vpopmail, whitelist, word scanner, WORDS
Posted in FreeBSD, Linux, Qmail, System Administration | 1 Comment »

Fix to mail forwarding error “Received-SPF: none (domain.com: domain at maildomain does not designate permitted sender hosts)

Tuesday, October 18th, 2011

I’m Configuring a new Exim server to relay / forward mail via a remote Qmail SMTP server
Even though I configured properly the exim to forward via my relaying mail server with host mail.domain.com, still the mail forwarding from the Exim -> Qmail failed to work out with an error:

Fix to mail forwarding error "Received-SPF: none (domain.com: domain at maildomain does not designate permitted sender hosts)

I pondered for a while on what might be causing this “mysterous” error just to realize I forgot to add the IP address of my Exim mail server in the Qmail relay server

To solve the error I had to add in /etc/tcp.smtp on my Qmail server a record for my Exim server IP address xx.xx.xx.xx, like so:

debian-server:~# echo 'xx.xx.xx.xx:allow,RELAYCLIENT="",QS_SPAMASSASSIN="0"' >> /etc/tcp.smtp

The QS_SPAMASSASSIN=”0″ as you might have guessed instructs Qmail not to check the received mails originating from IP xx.xx.xx.xx with spamassassin.

Finally on the Qmail server to load up the new tcp.smtp settings I had to rebuild /etc/tcp.smtp.cdb and restart qmail :

– reload qmail cdb

linux-server:/var/qmail# qmailctl cdb Reloaded /etc/tcp.smtp. - restart qmail
linux-server:/var/qmail# qmailctl restart Restarting qmail: * Stopping qmail-smtpdssl. * Stopping qmail-smtpd. * Sending qmail-send SIGTERM and restarting. * Restarting qmail-smtpd. * Restarting qmail-smtpdssl.

This solved the issue and now mails are forwarded without problems via the Qmail SMTPD.

Tags: cdb, com, Configuring, domain, exim, forward mail, Forwarding, hosts, issue, Linux, mail, mail domain, mail server, none, Qmail, qmailctl, qs, quot, quot quot, relay, relay server, RELAYCLIENT, relaying mail, sender, Sending, server ip address, serverTo, SMTPD, smtpThe, spamassassin, SPF, var, while
Posted in Everyday Life, Linux, Qmail, System Administration, Various | No Comments »

☩ Walking in Light with Christ – Faith, Computing, Diary

Posts Tagged ‘Qmail’

The day Today

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Top Post Views

blogtopsites