Gordon Messmer | 6 Jul 00:42 2015
Picon

0.75

I had two minor problems with the upgrade to Courier 0.75 and authlib 
0.66.3.

The first is that Courier needs "ps" to build, and the spec need to be 
updated to reflect that.  Otherwise, it doesn't build in "mock".

BuildRequires: procps-ng

The other is that courier-authlib preuninstall script runs "authdaemond 
stop" and for some reason, that caused my rpm upgrade to hang.  The 
process tree looked like this.  I should have straced the children to 
see what they were doing, and I didn't.  My bad.  I was tired.  In a 
separate terminal, I ran "systemctl stop courier-authlib" and the 
upgrade then finished properly.

  4676 pts/3    S+     0:01  |                               \_ rpm -Fvh 
courier-0.75.0-1.el7.centos.x86_64.rpm 
courier-authlib-0.66.3-1.el7.centos.x86_64.rpm 
courier-authlib-debuginfo-0.66.3-1.el7.
  4825 pts/3    S+     0:00  |                                   \_ 
/bin/sh /var/tmp/rpm-tmp.9zDlMy 1
  4826 pts/3    S+     0:00  |                                       \_ 
/usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -stop 
/usr/libexec/courier-authlib/authdaemond
  4827 pts/3    S+     0:00  | 
  \_ /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -stop 
/usr/libexec/courier-authlib/authdaemond
  4828 pts/3    S+     0:00  | 
      \_ /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -stop 
/usr/libexec/courier-authlib/authdaemond
(Continue reading)

Lucio Crusca | 3 Jul 00:48 2015

slow transactions

Hello everybody,

mxtoolbox says that my SMTP is slow: http://mxtoolbox.com/domain/sulweb.org/
It's a Debian GNU/Linux 8.1 64bit kvm guest, 6 vCPUs, 2GB of RAM and a 
load average that is almost always below 0.5.
iptables blocks OUTPUT to 113/tcp with REJECT.
"courier show all" shows only one domain (that doesn't go away with 
"courier clear all" but that's another problem, because the blacklisted 
domain has nothing to do with mxtoolbox).
There aren't any DNS block lists configured.
The configured DNS is a local Bind9 with recursion.

What is taking nearly 13 seconds to complete the transactions that 
mxtoolbox expects to complete in less than 5 seconds?

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Bowie Bailey | 18 Jun 18:38 2015

sqlite version

I am trying to build courier-authlib on a CentOS 5 system and have found 
an error with sqlite.  Based on some Google searching, it looks like the 
problem is that sqlite 3.3.6 is too old. Unfortunately, that is the 
latest version available from the standard CentOS repos for CentOS 5.

Since I am not interested in actually using courier-authlib-sqlite, is 
there a way to prevent rpmbuild from building it?

Thanks

--

-- 
Bowie

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

alan milligan | 16 Jun 11:18 2015
Picon

spammer masquerading as root

Hi,

I've got some nasty spammer managing to send spam via my mail server by somehow authenticating as root (if I understand the logs correctly):
Jun 15 22:56:04 hostname courierd: newmsg,id=000000000034D6E2.00000000557F9043.00005D5F, auth=root: dns; User (x.x-x-x.rdns.scalabledns.com [::ffff:x.x.x.x])

My authdaemon (latest version: 0.66.2) is configured with pam and ldap (LOGIN auth only): but there is *no* password set for the root user (it's RSA identity only).  It would seem quite impossible that this user really can be authenticated as root.

Since they are authenticated, it seems I cannot simply block the IP via smtpaccess.

This user has caused the mail server to be on a number of blacklists and these spam messages (along with legitimate traffic) are filling up mail queues with multiple failed delivery attempts.  Even setting ESMTP_BLOCKBACKSCATTER to include authsmtp/dsn in courierd (latest version: 0.74.2) configuration isn't actually stopping this.

Whatsmore attempting cancelmsg (and I'm getting some thousands of these) to flush the queue is proving pointless: because of the blacklisting no DSN is going to get through to the recipient (spoofed that it is).   It would be great if there was an additional option in cancelmsg simply to remove the msgid from the queue - with no DSN processing at all.  I'm having to stop courier and manually delete all the msgs/msgq files.

Any thoughts upon how I can stop this miscreant sending mail would be greatly appreciated.

Alan
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
mail | 16 Jun 09:50 2015
Picon

Different esmtproutes for ipv6 and ipv4 domains?

Is it possible to have a different relay in (or none) for ipv6 capable hosts than ipv4 only hosts? 

Normally I would have 

: relay.com

Some hosts, like gmail,  support ipv6 and I want to use no/another relay for them.

~ A

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Bowie Bailey | 15 Jun 21:41 2015

Upgrading courier-unicode

I've run into what appears to be a catch-22 upgrading courier-unicode.

I downloaded all of the new courier, courier-authlib, and 
courier-unicode tarballs.  I successfully built the rpms for 
courier-unicode.  But when I try to install them, I run into problems.

Error: Missing Dependency: libunicode.so.1 is needed by package 
courier-maildrop-0.73.2-1.i386 (installed)
Error: Missing Dependency: libunicode.so.1 is needed by package 
courier-0.73.2-1.i386 (installed)
Error: Missing Dependency: libunicode.so.1 is needed by package 
courier-webmail-0.73.2-1.i386 (installed)
Error: Missing Dependency: libunicode.so.1 is needed by package 
courier-imapd-0.73.2-1.i386 (installed)

So I tried to build everything and install it all at once.

configure: error: The Courier Unicode Library 1.2 appears not to be 
installed. You may need to install a separate development subpackage, in 
addition to the main package

So I can't install courier-unicode 1.2 while the old courier is 
installed, but I can't build the new courier until I install 
courier-unicode 1.2.  I assume this is caused by the library name 
changes mentioned in the changelog, but I have not been able to find any 
reference for how to properly upgrade the library.

Suggestions?

--

-- 
Bowie

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Matus UHLAR - fantomas | 8 Jun 14:03 2015
Picon

calling session PAM modules

Hello,

could courier-authlib use PAM session functions?

We use AD authentication so we can't create home directories when users are
created (because on client we don't know when a user is created).

I would like to create homedir/maildir at first access, either from
maildrop, or from courier, whichever happens first.  However courier-authlib
does not call session functions, so we currently can not use courier, unless
we find OK that users' logins will fail before first mail is received... 
we do not.

this was discussed already few years ago, but I believe here we have proper
reason to support PAM sessions.

--

-- 
Matus UHLAR - fantomas, uhlar <at> fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows.   -- Matthew D. Fuller

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Ivan Pintori | 8 Jun 00:05 2015
Picon

Maildrop not working on NFS/9p based maildirs

Sorry to bother all you, but I am refactoring my home server and I am trying to move all my mailboxes over a
(simil)RAID based storage.

Moving the actual mailboxes is a piece of cake, and with rsync all permissions are copied from one server to
the other. I did re-apply the ownership, as the courier user had to change from one installation to the
other, and I did re-install 0.74.1 (I know, there is the .2 out there, but for the moment I am sticking with
what I know works for me ;) )

So after all this migration pain I startup the new server and give it a test run, before getting it into
production, and all hell brake loose. Basically when I get a message, mail drop fails with the following error:

courierlocal: id=0000000000220659.000000005574A4F2.00001635,from=<xx <at> xx>,addr=<xx <at> xx>:
maildrop: link() failed.

The only think that comes to my mind is that the mailboxes are actually mounted via 9p (the mail server is a VM
running on top of the HOST/Storage). I did try to mount the directory with NFS, and got the same error.

What would be the best practice to actually have mailboxes stored on an NFS/9p mounted partition? I did some
research on the web, but nothing conclusive came out.

Thanks to all that may help me.

Best regards,

ivan
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Lindsay Haisley | 7 Jun 19:44 2015

Blocking/whitelist precedence

I have several advisory blacklists specified in /etc/courier/esmtpd
(BLACKLISTS="-block=zombie.dnsbl.sorbs.net,.....").  I also have several
specific IP addresses whitelisted in /etc/courier/smtpaccess/webadmin
("w.x.y.z     allow,BLOCK").

Does such a whitelist spec take precedence over a hit from one of the
specified BLACKLISTS in the esmtpd config file?  If not, is there any
way to override a BLACKLIST hit for single IP addresses?

--

-- 
Lindsay Haisley       | "Never expect the people who caused a problem
FMP Computer Services |  to solve it."  - Albert Einstein
512-259-1190          |        
http://www.fmp.com    |

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Zenon Panoussis | 6 Jun 14:16 2015
Picon

LDAP_DEFAULTDELIVERY


Hi all

I've been using the same courier/authlib/LDAP configuration for
more than a decade. authldaprc says

LDAP_HOMEDIR homeDirectory
LDAP_MAILDIR mailbox
LDAP_DEFAULTDELIVERY mailbox

and I have some Mailman lists in LDAP that look like

uid: list
objectClass: top
objectClass: account
objectClass: CourierMailAccount
mail: list <at> lists.provocation.net
mailbox: |/usr/lib/mailman/mail/mailman post list
homeDirectory: /vol/vmail/net/provocation/lists/mailman

This worked fine for years, then at some point it stopped working.
Someone alerted me today that his list no longer works and I found
two years' worth of list mail in the list's homeDirectory. This
suggests that homeDirectory takes precedence over mailbox, whereas
previously it was the other way around.

All normal mail accounts and maildrops, also in LDAP, work just fine.
It's only the attribute 'mailbox' that stopped working. Was there
some change in authldap about two years ago that might have caused
this, or am I barking up the wrong tree?

Z

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Milan Obuch | 2 Jun 11:24 2015
Picon

Server delivery report localisation

Hi,

has somebody some experience with DSNs localisation? I know there are
template files (dsn*.txt and rfcerr*.txt) in config directory, but how
are they used? Are there any rules I must adhere to when modifying
these files?

Background:

I installed couple courier servers, and while they are all operating
mostly fine, with occasional investigation under some condition, I have
a problem with server reports (DSNs). Better said, when such message is
generated, most customers realize they are getting message in English,
refuse to read it (usually) or try to understand, they call for support
instead. This is both tiresome and time consuming.

I would like to modify templates so that all server generated mails
will be both in local language (Slovak in my case) and English. Is
something limiting me in what I can use here? Is something hardcoded
somewhere or all text is pulled from templates?

Also is there any way to test it? I don't know all condition when such
message is generated, I hope someone could help with this.

Regards,
Milan

------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users


Gmane