Alessandro Vesely | 30 Jan 11:08 2015
Picon

Garbled log lines

Every now and then log lines from a filter through stderr to syslog get
intermixed.  For example, this came as a single line:

Jan 29 13:49:35 wmail courierfilter: zdkimfilter[31367]:INFO:zdkimfilter[31364]:drop
msg,id=00000000005DC056.0000000054CA2C5F.00007A7D: Found-Virusdrop
msg,id=00000000005DC04E.0000000054CA2C5F.00007A7C: Found-Virus

Would it work better if the filter sent lines to syslog directly?

Ale

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Mark Constable | 30 Jan 11:06 2015
Picon

autoreply script

I've been meaning to do this for the past decade...

#!/bin/bash
# autoreply 20150130 (C) Mark Constable <markc <at> renta.net> (AGPL-3.0)
#
# A simple vacation autoreply script for courier-mta based mailservers.
#
# Depends on these conditions:
#
# - courier-imap/mta with courier-authdaemon and maildrop is installed
# - nano is installed (and "stat", part of the coreutils package)
# - the MAILDIR variable below is set to the root of your maildir folders
# - the users .mailfilter is not used for anything else
#
# Usage:
#
# autoreply                   - show simple usage text and exit
# autoreply fi                - find all occurrences of autoreply.txt, and status
# autoreply sh email <at> address  - show the current autoreply.txt
# autoreply ed email <at> address  - edit/create an autoreply for email <at> address
# autoreply en email <at> address  - enable autoreply for user
# autoreply di email <at> address  - disable autoreply for user
# autoreply rm email <at> address  - completely remove users autoreply
#
#set -x

MAILDIRS=/home/u

test -z "$1" && echo "Usage: autoreply sh(ow)|ed(it)|en(able)|di(sable)|rm(remove)|fi(indall)
email <at> address" && exit 1
(Continue reading)

Mark Constable | 27 Jan 02:38 2015
Picon

Kolab?

Has anyone managed to get a recent installation of Kolab working with
courier-imap instead of the default cyrus?

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Vytautas Kasparavičius | 22 Jan 09:58 2015
Picon

SSL problem

Hello,
Courier version 0.73.1 on FC19
Sometimes getting following errors. What's wrong? TLS_PROTOCOL settings 
commented out(default).

Jan 22 10:48:26 mail courieresmtpd: started,ip=[::ffff:212.227.126.187]
Jan 22 10:48:26 mail courieresmtpd: EHLO mout.kundenserver.de
Jan 22 10:48:26 mail courieresmtpd: STARTTLS
Jan 22 10:48:26 mail courieresmtpd: courieresmtpd: STARTTLS failed: 
couriertls: accept: error:1409442F:SSL routines:SSL3_READ_BYTES:tlsv1 
alert insufficient security

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Justin Vallon | 22 Jan 02:27 2015
Picon

MX should not point to a CNAME?

I am having a "discussion" in a support ticket about an MX record
pointing to a CNAME.

Searching for references for MX and CNAME leads to RFC 2181:

{{{
10.3. MX and NS records

   The domain name used as the value of a NS resource record, or part of
   the value of a MX resource record must not be an alias.  Not only is
   the specification clear on this point, but using an alias in either
   of these positions neither works as well as might be hoped, nor well
   fulfills the ambition that may have led to this approach.  This
}}}

What is confusing here is the "Not only is the specification clear" - is
this a reference to another RFC?  Because RFC 2181 seems to be a
document that is clarifying "confusing" DNS issues, and are not defining
anything ("not authoritative" in RFC terms).

RFC1035 says an MX record is a PREFERENCE + EXCHANGE, where:

EXCHANGE        A <domain-name> which specifies a host willing to act as
                a mail exchange for the owner name.

So, maybe "<domain-name>" is not supposed to be an alias, and RFC 2181
is re-iterating that?

--

-- 
-Justin
(Continue reading)

Szépe Viktor | 19 Jan 16:47 2015
Picon

Error reading ACLs for : Invalid argument

Good morning!

I've read in an old thread that stock Debian /var/mail is for mboxes  
not for Maildirs.

My permissions are:

ls -ld /var/mail/szepe.net/viktor/Maildir/new/
drwx------ 2 virtual virtual 208896 Jan 19 16:22  
/var/mail/szepe.net/viktor/Maildir/new/

ls -ld /var/mail/szepe.net/viktor/Maildir
drwx------ 31 virtual virtual 4096 Jan 19 16:21  
/var/mail/szepe.net/viktor/Maildir

ls -ld /var/mail/szepe.net/viktor
drwxr-s--- 3 virtual virtual 4096 Feb 17  2011 /var/mail/szepe.net/viktor

ls -ld /var/mail/szepe.net
drwxr-s--- 7 virtual virtual 4096 Nov 27 20:39 /var/mail/szepe.net

ls -ld /var/mail
drwxrwsr-x 11 daemon daemon 4096 Jan 19 13:48 /var/mail

id virtual
uid=1999(virtual) gid=1999(virtual) groups=1999(virtual)

Could you help me find the cause of these messages:

Jan 19 15:36:20 szerver imapd-ssl: Error reading ACLs for : Invalid argument
(Continue reading)

Szépe Viktor | 19 Jan 13:28 2015
Picon

kitchen sink


Is there a way to "drop" (as in iptables) mail for certain addresses  
(not for an entire domain), so do receive it but do not save it  
anywhere?
I would prefer a solution without a local user.

Thank you!

Szépe Viktor
--

-- 
+36-20-4242498  sms <at> szepe.net  skype: szepe.viktor
Budapest, XX. kerület

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Mark Constable | 19 Jan 11:24 2015
Picon

Read only mailbox (no deliveries)

It's so hot here I can't think. If I wanted to have a read-only
"backup" mailbox that was populated from an "active" mailbox by
automatically moving messages older than 30 days from the "active"
mailbox to the "backup" mailbox then what would be the easiest
and simplest way to deny incoming deliveries to this alternate
backup mailbox?

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Szépe Viktor | 12 Jan 15:25 2015
Picon

RELAYCLIENT for IPv6 localhost by pythonfilter

I read in the Changelog:

"Set RELAYCLIENT for IPv6 localhost address."

In smtpaccess :0000:0000:0000:0000:0000:0000:0000:0001 allow,RELAYCLIENT
Tried with 0000:0000:0000:0000:0000:0000:0000:0001 and ::1

In syslog: courieresmtpd: started,ip=[::1]

In python:

sendersIP = courier.control.getSendersIP(controlFileList)
# gets the value of '::1'
if sendersIP and courier.config.isRelayed(sendersIP):
# returns false.

Please help!

...no.
The solution is:

:::1 allow,RELAYCLIENT
# triple :

Please document it here
http://www.courier-mta.org/makesmtpaccess.html

Thank you!

Szépe Viktor
(Continue reading)

Jeff Potter | 8 Jan 23:51 2015

Failed filter restarts when restarting courier and filter times out when stopping


Hi Sam & Co.,

I’ve been chipping away on spam filtering, DKIM, and other stuff to improve our setup, and have tracked
down an odd condition that I wanted to see if anyone else has seen.

1. Running courier 0.71 + pythonfilter + spamassassin (spamd)
2. SpamAssassin is randomly sluggish. Running spamc manually, most of the time completes in <1 second, but
on occasion, some messages will take 20-30 seconds to process (presumably URI lists being slow to respond).
3. Restarting courier (“service courier restart”) can sometimes cause an "Alarm clock" during the
stop phase, during filterctl stop, presumably because pythonfilter is handling a message that spamd is
being too slow on.
4. After start, pythonfilter is not started — 'filterctl start pythonfilter' fails to bring it up with this:
	filterctl start pythonfilter
	ln: creating symbolic link `/etc/courier/filters/active/pythonfilter' to
`/usr/lib/courier/libexec/filters/pythonfilter': File exists

If I stop courier and get this condition to happen, there are stuck processes running:

	daemon   32271  0.0  0.0   3832   328 ?        S    17:35   0:00 /usr/lib/courier/sbin/courierfilter start
	daemon   32273  0.0  0.0   3800   512 ?        S    17:35   0:00 /usr/sbin/courierlogger courierfilter
	daemon   32274  0.0  0.0 183444  9188 ?        S    17:35   0:00 /usr/bin/python /etc/courier/filters/active/pythonfilter

I have to kill -9 the courierfilter process, and then restart courier and stuff flushes out fine.

What am I missing? I would think that “service courier stop” should definitely nuke any process that it
started up, but I know there’s a boundary between filters and courier.

Thanks!

(Continue reading)

Jeff Potter | 5 Jan 17:12 2015

Format of Received headers when running in IPv4


Hi Sam,

When running courier compiled with “--without-ipv6”, submit.C still formats the Received headers
with brackets around the IP address, like so:

	Received: from mail-qa0-f47.google.com ([209.85.216.47])

Most mail systems format would format it without the brackets in IPv4 cases:

	Received: from mail-qa0-f47.google.com (209.85.216.47)

Our spam filtering software is chocking on the brackets (SpamAssassin’s RDNS_NONE gets triggered).

Admittedly, the true fix is getting SpamAssassin to be more tolerant in its parsing.

Is dropping the brackets something you’d see as okay? (line 1715 of submit.C) I’m not sure of the impact
of this in IPv6 cases?

-Jeff
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
courier-users mailing list
courier-users <at> lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
(Continue reading)


Gmane