Lindsay Haisley | 23 Jul 21:05 2016

Management of maildir structures

I've run into a couple of articles, including the Wikipedia article at
<https://en.wikipedia.org/wiki/Maildir> on maildirs which state that
the internal management of files in the new, tmp and cur directories is
the responsibility of the client's MUA ("When the mail user agent (MUA)
process finds messages in the new directory it moves them to cur (using
rename()"). This makes no sense. My impression has been that the
responsibility for managing the internal structures of maildirs lies
with the Mail Retrieval Agent, imapd or pop3d, on the server since the
IMAP and POP3 protocols deal with messages as entities and the storage
structure on the server is, or should be outside of MUA control.

This makes a difference here! I'm looking at customer accounts with a
substantial amount of mail in their "new" directories, and an equally
or more substantial amount in their "cur" directories. I've been
judging the date that mail was last checked by looking at the earliest
file date in the "new" directory, which generally corresponds closely
with the latest file date in the "cur" directory, so I can tell a
customer that a particular mailbox hasn't been checked since 2014, or
whenever. If management of the internal details of the maildir
structure is somehow the MUA's responsibility, then it's certainly
possible that a mailbox is in active use and is being accessed by an
ill-behaved MUA which isn't doing proper management.

Clarification?

--

-- 
Lindsay Haisley       | "UNIX is user-friendly, it just
FMP Computer Services |       chooses its friends."
512-259-1190          |          -- Andreas Bogk
http://www.fmp.com    |
(Continue reading)

Fred Drueck | 15 Jul 04:20 2016
Picon

couriermlm bug, bouncing messages with 'Help' eve

Hello Everyone,

I'm afraid that I'm complaining about some un-expected / misleading
behavior in the courier tools again.

When NOBOZOS=1 is set on a couriermlm list it will reject a message
that starts *any* line with a keyword.  E.g.

cat <<EOF
To: user-list <at> domain
Subject: leftover pizza

Hi guys,

There's some pizza leftover in the kitchen.

Help yourselves!

-Me
EOF

I think that's weird enough to qualify as a bug.

If the line does not begin with 'Help' it will post to the list, e.g.:

cat <<EOF
To: user-list <at> domain
Subject: leftover pizza

Hi guys,
(Continue reading)

Fred Drueck | 15 Jul 02:29 2016
Picon

Re: locking $HOME (~) directories (temporarily deferring delivery)

Hi Sam,

Thanks for your reply, I'm sorry I haven't noticed it until just
recently.  I do not seem to be properly getting mail from the
sourceforge mailing lists.  I've had to go through and read the
lists web archives to get anything.

I'm glad that you're going to correct either courier or the courier
documentation so the behavior regarding the sticky bit is consistent.

Ultimately, I have decided to forego locking home directories and have
rewritten my admin scripts to make atomic changes to .courier files,
(write tempfile, then mv tempfile to replace the current .courier
file) which should prevent me from having to lock home directories.

Best regards,
-Fred

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.http://sdm.link/zohodev2dev
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

(Continue reading)

Nathan Harris | 8 Jul 15:49 2016

Blocking Brute Force Auth Attacks

For a while now our server has been seeing a lot of brute force 
authentication attacks.  Of course the source of these attacks is 
constantly changing.  My firewall (pfSense) is running Snort and I am 
using the following custom rules to help.

alert tcp $SMTP_SERVERS 25 -> $EXTERNAL_NET any (msg:"SMTP AUTH brute 
force attack"; content:"535 Authentication failed."; nocase; 
classtype:attempted-user; threshold:type threshold, track by_src, count 
2, seconds 60; sid:1000500; rev:6;)

alert tcp $SMTP_SERVERS 25 -> $EXTERNAL_NET any (msg:"SMTP ERROR 
potential spam or malware bot"; content:"502 ESMTP command error"; 
nocase; classtype:policy-violation; threshold:type threshold, track 
by_src, count 2, seconds 60; sid:1000501; rev:4;)

alert tcp $SMTP_SERVERS 25 -> $EXTERNAL_NET any (msg:"SMTP SPAMHAUS 
potential spam or malware bot"; content:"511 https://www.spamhaus.org"; 
nocase; classtype:policy-violation; threshold:type threshold, track 
by_src, count 1, seconds 60; sid:1000502; rev:4;)

alert tcp $SMTP_SERVERS 25 -> $EXTERNAL_NET any (msg:"SMTP SPAM detected 
spam or malware bot"; content:"554 Mail rejected - spam detected"; 
nocase; classtype:policy-violation; threshold:type threshold, track 
by_src, count 1, seconds 60; sid:1000503; rev:2;)

This is working fairly well.  However, it would also be good to 
immediately block an IPs when an invalid user name is specified.  I have 
looked at Fail2Ban which does a similar operation to what I'm doing 
(except on the mail server's firewall).  Is there anything more 
sophisticated or a better approach to solving this problem?
(Continue reading)

Mark Constable | 8 Jul 08:38 2016
Picon
Gravatar

Vhost certificates

FWIW I finally got around to testing 0.76.1 with a virtual vhost SSL
(letsencrypt) certificate and it worked!

All I did was create symlinks from /etc/courier/{esmtpd,imapd}.pem.DOMAIN
to the right combined privkey.pem + fullchain.pem for the particular
vhost and Thunderbird worked perfectly.

Brilliant! Thank you Sam :-)

Just checked, Outlook for Android did not work. Anyone know of an Android
mail app that might work with IMAP/ESMTP SNA?

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

covici | 29 Jun 09:10 2016

courier-imapd imaplog.dat empty

Hi.  I am trying to debug a problem with my imap server which is using
only encrypted connections on port 993 and so I have set
IMAPDEBUGFILE="imaplog.dat"  and restarted the server, but  even though
I created the file subsequent logins give me an empty file.

Thanks in advance for any suggestions.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici <at> ccs.covici.com

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Mark Constable | 27 Jun 09:50 2016
Picon
Gravatar

OpenSSL v1.1.0

Hi Sam, FWIW Debian "stretch" is currently rebuilding all SSL related
packages based on OpenSSL v1.1.0 which will also flow through to Ubuntu
packages pretty soon. Perhaps you could provide a tweak to help ondrej
build new deb packages, and no doubt this will affect rpm packages too.

> From: Kurt Roeckx <kurt <at> roeckx.be>
> To: submit <at> bugs.debian.org 
> Subject: courier: FTBFS with openssl 1.1.0
> Date: Sun, 26 Jun 2016 12:21:22 +0200
> 
> Source: courier Version: 0.76.1-3 Severity: important Control: block
> 827061 by -1
> 
> Hi,
> 
> OpenSSL 1.1.0 is about to released. During a rebuild of all packages
> using OpenSSL this package failed to build. A log of that build can be
> found at:
>
> https://breakpoint.cc/openssl-1.1-rebuild-2016-05-29/Attempted/courier_0.76.1-3_amd64-20160529-1412
>
> On https://wiki.openssl.org/index.php/1.1_API_Changes you can see
> various of the reasons why it might fail. There are also updated man
> pages at https://www.openssl.org/docs/manmaster/ that should contain
> useful information.
> 
> There is a libssl-dev package available in experimental that contains
> a recent snapshot, I suggest you try building against that to see if
> everything works.
> 
(Continue reading)

SZÉPE Viktor | 23 Jun 11:33 2016
Picon
Gravatar

filtering for aliases


Good morning!

Could I convince Courier to filter mail when received for a pipe alias?

me <at> local.com: |/usr/bin/couriersrs some <at> gmail.com

Thank you.

SZÉPE Viktor
--

-- 
+36-20-4242498  sms <at> szepe.net  skype: szepe.viktor
Budapest, III. kerület

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Fred Drueck | 18 Jun 05:01 2016
Picon

locking $HOME (~) directories (temporarily deferring delivery)

Hello courier-users,

I've been replacing qmail on a few mail servers with courier-mta and
I've been caught up by the differing behavior between the two programs
with regards to locking home directories with the sticky bit.

qmail-local always fails to deliver to a home directory with the
sticky bit set (or permissions that it considers insecure).  This
gives one a convenient way to lock ones home directory and then mess
with .qmail files or ezmlm mailing list or whatever you want to do.

maildrop also refuses to deliver mail to a home directory with the
sticky bit set.

However, on both Debian and Ubuntu (also Arch Linux, using a package
built from the AUR), even with courier-maildrop installed, it does not
appear that maildrop is invoked by default to deliver local mail.
Either that, or when maildrop is invoked in this manner, it *will*
deliver mail to a user home directory with the sticky bit set.

The courier online documentation suggests this should not be the case:

http://www.courier-mta.org/local.html

> Output module
> 
> setuids to the user indicated in the host parameter.
> If $HOME has the sticky bit set, defers the mail.

there are 2 points I'm trying to make in pointing this out, I guess:
(Continue reading)

Sam Varshavchik | 12 Jun 01:11 2016
Gravatar

Courier build 20160610

Download: http://www.courier-mta.org/download.html

Changes:

- courier: allow consecutive % and ! characters in return addresses. Still  
disallow consecutive periods, as that's still expressly prohibited in RFC  
2822.

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
SZÉPE Viktor | 7 Jun 06:42 2016
Picon
Gravatar

Fwd: Cron <root <at> szerver4> /usr/local/sbin/syslog-errors-infrequent.sh

Hello!

Could you help me where is the syntax error in this address?

Jun  6 21:39:09 szerver4 courieresmtpd:  
error,relay=::ffff:195.228.245.161,from=<optimail-%9566%-%2234290% <at> optimail.hu>: 517 Syntax  
error.

AFAIK this is a very high volume newsletter.

Thanks.

SZÉPE Viktor
--

-- 
+36-20-4242498  sms <at> szepe.net  skype: szepe.viktor
Budapest, III. kerület

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Gmane