headers
Jeffrey T Eaton | 1 Jun 2005 01:38
Picon
Favicon

Re: EMBARRASSING TO THE LIST: Re: *WARNING* Your EmailAccount Will Be Closed


Here is the somewhat "official" answer on the state of the mailing
list:

1.  The list is not now, nor ever has been, open-posting.  Posting is
restricted to subscribers, or to those users local to cmu.edu.  The
spam posts that make it through the to the list do so because they are
sent with forged From addresses from list members or cmu.edu addresses.

2.  The list is virus scanned.  We run ClamAV called from sendmail
before any list processing is done.  Messages which fail the virus
test are rejected with an SMTP error at the time of submission.  The
messages which started this thread made it through to the list because
ClamAV did not yet have a signature for this particular variant.  No
antivirus solution is perfect, and messages will make it through.

3.  We're going to be moving off of the current Majordomo server to a
new GNU Mailman based server in the near future.  No further
development is planned for the current service for this reason.

-jeaton

--

-- 
Jeffrey T. Eaton                    esp                      jeaton <at> cmu.edu
Research Systems Programmer                      Carnegie-Mellon University

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
(Continue reading)

Permalink | Reply | 1 comment |
headers
Marco Colombo | 1 Jun 2005 11:26
Picon
Favicon

Re: EMBARRASSING TO THE LIST: Re: *WARNING* Your EmailAccount Will Be Closed

On Tue, 2005-05-31 at 11:46 -0700, Jules Agee wrote:
> Kern, Tom wrote:
> > I'm subscribed to the postfix and spamassassin mailing lists and they are closed.
> > I think those 2 lists have a lot to do with email.
> > 
> > This is the only list i'm on that got hit by that german spam bot..
> > 
> > maybe you shouldn't discount every option to filter spam as "not worth the effort" or "they can get around
it somehow".
> > 
> > you'd be surprised at how far just basic checks and filters can go..
> 
> Seconded.
> info-cyrus is the only list I'm subscribed to that allows posting by
> non-subscribers. Maybe it's not a coincidence that it's also the only
> list that I get spam & viruses from on a regular basis.

This makes no sense. As I said before, it takes a close-to-zero effort
to forge headers. Subscribers-only or open, it's a matter of list
_policy_. It may have a minimal effect of reducing spam, but that's not
the point. If you want to stop spam, use a specific filter. Bypassing
the subscribers-only check is trivial.

> Spam coming through the list is more likely to bypass filters since it's
> origin is slightly obfuscated and the headers added by the list software
> add a small measure of authenticity to the message. My Bayes filter
> thinks those headers look like legit mail.

Bayesian filters do not work like that. They don't care about headers
more than any other word in the messages (they may account the fact that
(Continue reading)

Permalink | Reply | 6 comments |
headers
websrvr | 1 Jun 2005 11:41

is another master still running

I'm trying to run two instances of cyrusimap for configuration  
purposes to avoid destroying vendor supplied functionality on one IP  
while I utilize upstream functionality on the another IP.

While I can specify the alternate config file to use, it seems I have  
an issue with a pid file.

Here's the log error:
Jun  1 05:23:22 dellc master[2601]: cannot get exclusive lock on  
pidfile (is another master still running?)
Jun  1 05:23:22 dellc master[2601]: exiting

How do I specify an alternate pid file to avoid the conflict or is  
there another/better solution for this??

I made the assumption that the default config file was cyrus.conf.

cyrus is  started with the following command through launchd: (This  
is how my vendor starts things)
/usr/bin/cyrus/bin/master -c /etc/cyrusalt.conf

Launchd is a daemon startup processing environment and it does  
allowse some flexibility of adding additional arguments.

Here's the current launchd script for the alt config:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http:// 
www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Ondrej Sury | 1 Jun 2005 11:53
Gravatar

RE: EMBARRASSING TO THE LIST: Re: *WARNING* Your EmailAccount Will Be Closed

On Tue, 2005-05-31 at 13:22 -0400, Kern, Tom wrote:
> I'm subscribed to the postfix and spamassassin mailing lists and they are closed.
> I think those 2 lists have a lot to do with email.
> 
> This is the only list i'm on that got hit by that german spam bot..

Not true.  postfix-users was put on SORBS just because of german spam
comming thru list.  (See archives if you don't believe me...)

--

-- 
Ondrej Sury <ondrej <at> sury.org>

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Permalink | Reply | 0 comments |
headers
Igor Belikov | 1 Jun 2005 12:45
Picon
Favicon

Mailbox is locked by POP server

Hello info-cyrus,

  We have clients that get his (or her) mail via dial-up connections.

  If dial-up session terminates abnormally (while getting mail) and
  client redial and try to continue get his mail - he receive error:

  Mailbox is locked by POP server

  I understand what is the problem: Cyrus don't see ending previous
  POP session and think that client still using mailbox, and don't
  allow him begin new session.

  But I have 3 questions:

  1. Is it possible to turn this behavior off? We have enough dial-up
  clients, and nobody of them using IMAP - only POP3.

  2. How long in time (after session terminates abnormally) presents
  flag that locks user mailbox? Or, in other words, how long Cyrus
  thinks that session is alive?

  3. How I can configure period of time from question 2?

  (please exuse me my poor Englis, I hope anybody understand me <g>)

--

-- 
Best regards,
 Igor                          mailto:belikoviv <at> is.ua
(Continue reading)

Permalink | Reply | 0 comments |
headers
Imran Aziz | 1 Jun 2005 15:43
Picon

/usr/bin/ld: cannot find -lssl: Error on make

Hello All,
I have installed all the dependencies for Cyrus IMAPD but still
getting an error while trying to make it.

I am using this command for config and then make 

./configure --with-bdb-libdir=/usr/local/BerkeleyDB.4.3/lib
--with-bdb-incdir=/usr/local/BerkeleyDB.4.3/include
--with-sasl=/usr/lib/sasl2
make depend
make all CFLAGS=-O

and I get the following error

LD_RUN_PATH="/lib:/usr/local/lib" gcc  -shared -L/usr/local/lib IMAP.o
 -o blib/arch/auto/Cyrus/IMAP/IMAP.so ../../lib/libcyrus.a
../../lib/libcyrus_min.a  -L/usr/local/BerkeleyDB.4.3/lib -ldb-4.1
-lsasl2 -lssl -lcrypto
/usr/bin/ld: cannot find -lssl
collect2: ld returned 1 exit status
make[2]: *** [blib/arch/auto/Cyrus/IMAP/IMAP.so] Error 1
make[2]: Leaving directory
`/home/ub3rm4st3r/cyrus-mail/cyrus-imapd-2.2.12/perl/imap'
make[1]: *** [all] Error 1
make[1]: Leaving directory `/home/ub3rm4st3r/cyrus-mail/cyrus-imapd-2.2.12/perl'
make: *** [all] Error 1

Any ideas as to how to sort this out please. Any pointers would be
great. Thanks a lot
(Continue reading)

Permalink | Reply | 2 comments |
headers
Etienne Goyer | 1 Jun 2005 15:42

Re: EMBARRASSING TO THE LIST: Re: *WARNING* Your EmailAccount Will Be Closed

Marco Colombo wrote:
> On Tue, 2005-05-31 at 11:46 -0700, Jules Agee wrote:
>>Seconded.
>>info-cyrus is the only list I'm subscribed to that allows posting by
>>non-subscribers. Maybe it's not a coincidence that it's also the only
>>list that I get spam & viruses from on a regular basis.
> 
> This makes no sense. As I said before, it takes a close-to-zero effort
> to forge headers. Subscribers-only or open, it's a matter of list
> _policy_. It may have a minimal effect of reducing spam, but that's not
> the point. If you want to stop spam, use a specific filter. Bypassing
> the subscribers-only check is trivial.

What you are saying is technically correct.  But there is a caveat.  I 
am subscribed to about two dozens list (more ? I lost count), and the 
only one I am getting spam from is info-cyrus.  It's also the only one 
that I aware permit posting by non-subscriber.  So there is a 
correllation, but are there a causation ?  I do not know, it might be a 
coincidence.  But it's one heck of a coincidence.

Also, I do believe that list administrator have a responsability to take 
measure against abuse of their list.  Acting as amplificator for spammer 
certainly constitute an abuse.  I admin a few low-volume myself, and I 
take spam very seriously.  The only list where I permit posting by 
non-subscribers is moderated.  While my list do not have the volume or 
notoriety of info-cyrus, I can't remember the last time a spam got 
through one my list.

If forged sender address ever become a problem, I will run my lists 
through SpamAssassin and moderate high-scoring mail by hand.  Simple
(Continue reading)

Permalink | Reply | 5 comments |
headers
Paul van der Vlis | 1 Jun 2005 17:25
Picon

Saslauthd with ldaps

Hello,

I want to authentifate to a Novell NDS from saslauthd on a Debian Sarge
machine.

This works fine:
ldapsearch -x -b "cn=paulvdv,o=wlg" -D "cn=paulvdv,o=wlg"
    -w secret -H ldaps://firewall.domain.nl:636

This is my saslauthd.conf:
--------
ldap_servers: ldaps://firewall.domain.nl:636/
ldap_tls_cert: /home/paul/.cert/cacert.pem
ldap_tls_key: /home/paul/.cert/privkey.pem
ldap_search_base: cn=paulvdv,o=wlg
ldap_filter: cn=%u,o=wlg
--------

In this test-situation, everybody can read the files in
/home/paul/.cert. In .ldaprc I use the same files:
------
TLS_CERT /home/paul/.cert/cacert.pem
TLS_KEY /home/paul/.cert/privkey.pem
TLS_REQCERT never
------

I use ldap as mechanism for saslauthd.

The authentification with saslauthd does not work:
vlis:/home/paul# testsaslauthd -u paulvdv -p secret
(Continue reading)

Permalink | Reply | 3 comments |
headers
Marco Colombo | 1 Jun 2005 17:49
Picon
Favicon

Re: EMBARRASSING TO THE LIST: Re: *WARNING* Your EmailAccount Will Be Closed

On Wed, 2005-06-01 at 09:42 -0400, Etienne Goyer wrote:
> Marco Colombo wrote:
> > On Tue, 2005-05-31 at 11:46 -0700, Jules Agee wrote:
> >>Seconded.
> >>info-cyrus is the only list I'm subscribed to that allows posting by
> >>non-subscribers. Maybe it's not a coincidence that it's also the only
> >>list that I get spam & viruses from on a regular basis.
> > 
> > This makes no sense. As I said before, it takes a close-to-zero effort
> > to forge headers. Subscribers-only or open, it's a matter of list
> > _policy_. It may have a minimal effect of reducing spam, but that's not
> > the point. If you want to stop spam, use a specific filter. Bypassing
> > the subscribers-only check is trivial.
> 
> What you are saying is technically correct.  But there is a caveat.  I 
> am subscribed to about two dozens list (more ? I lost count), and the 
> only one I am getting spam from is info-cyrus.  It's also the only one 
> that I aware permit posting by non-subscriber.  So there is a 
> correllation, but are there a causation ?  I do not know, it might be a 
> coincidence.  But it's one heck of a coincidence.

Interesting theories. But they seem to backfire on you, since, according
to Mr. Jeffrey T Eaton <jeaton <at> cmu.edu> this list _is_ closed:
"The list is not now, nor ever has been, open-posting.  Posting is
 restricted to subscribers, or to those users local to cmu.edu"

Then it must be one of those lists that let you configure your sending
address, which is good. I must have done that at subscription time, and
later forgot about it.
(Continue reading)

Permalink | Reply | 4 comments |
headers
Igor Brezac | 1 Jun 2005 18:17

Re: Saslauthd with ldaps


On Wed, 1 Jun 2005, Paul van der Vlis wrote:

> Hello,
>
> I want to authentifate to a Novell NDS from saslauthd on a Debian Sarge
> machine.
>
> This works fine:
> ldapsearch -x -b "cn=paulvdv,o=wlg" -D "cn=paulvdv,o=wlg"
>    -w secret -H ldaps://firewall.domain.nl:636
>
> This is my saslauthd.conf:
> --------
> ldap_servers: ldaps://firewall.domain.nl:636/
> ldap_tls_cert: /home/paul/.cert/cacert.pem
> ldap_tls_key: /home/paul/.cert/privkey.pem

It appears you are specifying ca cert as the client cert.  Is this what 
you want?  Your configuration does not require client cert so you should 
remove those params.  Perhaps you wanted to specify 
ldap_tls_cacert_(file|dir)?

> ldap_search_base: cn=paulvdv,o=wlg
> ldap_filter: cn=%u,o=wlg

Have you tried this filter in the ldapsearch above?  This does not look 
right.

> --------
(Continue reading)

Permalink | Reply | 2 comments |

Gmane