Si vous ne visualisez pas correctement ce mail, cliquez ici
Hello, I try to use db suite plugin because I need to share the DB of greylisting with two server. My intention is to use a remote mysql server but I unable to understand where and how specify the server IP or name in the db_base config. Thx in adv, Gigi Noris
I found myself wanting to check for clients who are adding illegal whitespace after the MAIL FROM and RCPT TO commands. Before I started hacking, I did a quick search and found this thread: Stricter parsing of mail from: and rcpt to: http://grokbase.com/t/perl/qpsmtpd/04cmjwqh9p/stricter-parsing-of-mail-from-and-rcpt-to/oldest The gist of the thread is that a number of people were for stricter parsing, a number were against, and nothing happened. A similar exchange was had regarding angle brackets, except that time hooks were added allowing plugins to rewrite the address, adding the missing angle brackets. For other similar purposes, Qpsmtpd::Command was added, and the ability to substitute ones own parser was added, probably about the same time the parse_addr_withhelo plugin was added. But I don't need an entirely new parser. I just want to do something quick and fun like: if ( 'from: ' eq lc substr($envelope_header, 0, 6) ) { $self->adjust_karma(-1); }; After reading the proposed solutions, the one I adopted was storing the unparsed line in a connection note, making it available to plugins that wish to inspect and act upon it. Matt PS: I find it amusing that 7 or 8 years later, clients inserting that space have a 97+% correlation with infected PCs. Not enough to block based on it, but more than enough to cast suspicious glances. --- a/lib/Qpsmtpd/SMTP.pm +++ b/lib/Qpsmtpd/SMTP.pm <at> <at> -354,6 +354,7 <at> <at> sub mail { } $self->log(LOGDEBUG, "full from_parameter: $line"); + $self->connection->notes('envelope_from', $line); $self->run_hooks("mail_parse", $line); } <at> <at> -442,6 +443,7 <at> <at> sub mail_respond { sub rcpt { my ($self, $line) = <at> _; + $self->connection->notes('envelope_rcpt', $line); $self->run_hooks("rcpt_parse", $line); }
Within the register sub of the clamdscan plugin, is this little nugget:
# Set some sensible defaults
$self->{'_args'}{'deny_viruses'} ||= 'yes';
$self->{'_args'}{'max_size'} ||= 128;
$self->{'_args'}{'scan_all'} ||= 0;
Having a default enable for denying viruses is sensible enough.
But a max_size of 128K? You mean all a virus author needs to do is attach an image to his virus laden message to
evade virus scanning on a qpsmtpd server? Is that really a sensible default?
My first inclination is that max_size should default to whatever $config->data_bytes is set to. Why would
such a low limit be considered sensible?
The other thing I'm questioning is why scan_all=0 is the 'sensible' default. If one is going to bother
running a virus scanner, it would seem the "safe" choice is to scan everything. Should it be as easy as
inserting an illegal character into the Content-Type field value (which would get ignored later), to
bypass multipart detection, and thus virus scanning?
Matt
I added a signing feature to my DKIM plugin. https://github.com/qpsmtpd-dev/qpsmtpd-dev/blob/master/plugins/dkim Matt PS: for added pleasure, I also added a script that makes deploying DKIM really, really easy. How easy? # cd ~smtpd/config/dkim # ./dkim_key_gen.sh example.org Voila. Keys and selector generated. Now DNS needs to be updated. I made that easy too: # cat example.org/dns apr2013._domainkey TXT "v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Wu1fd74UXwH//0uiX/6C0hkv3I/PdeTxfnzHN6GrehJpCYBd1BKuigduwt/wZFVgUopwxmcjxSK6qrkADtHC+ZiqC/sqcVuVDhnvzkIgd7dYhqBcVORg6f8Eg8132yPkmHyDm588qKfdFSEUVgBqSfqZg4ZdG4Uq5erHAyQIEcs0h7xqUKJKA5xJWdRwaVYbNkNDAscax1WrSvMHQkKBf5bWUtkMGc/HeoZ6T3VTn5Le0OgLoINj4lNTFfT6toXsbZsKzOaUYacnWVOq2v2lWgghOMRQHYPr7ldl2E7/6sNSpNT8KXAiT7wlfE+/xXg+0DyQq/ahKaPgAecCCFiwIDAQAB" Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records. With SPF: SPF "v=spf1 mx a -all" TXT "v=spf1 mx a -all" With DMARC: _dmarc TXT "v=DMARC1; p=reject; adkim=s; aspf=r; rua=mailto:dmarc-feedback <at> example.org; ruf=mailto:dmarc-feedback <at> 'example.org; pct=100" With DomainKeys (deprecated) _domainkey TXT "o=-; t=y; r=postmaster <at> example.org" For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information: perldoc plugins/dkim perldoc plugins/sender_permitted_from
NAME
Domain-based Message Authentication, Reporting and Conformance
SYNOPSIS
DMARC: an extremely reliable means to authenticate email.
DESCRIPTION
From the DMARC Draft: "DMARC operates as a policy layer atop DKIM and
SPF. These technologies are the building blocks of DMARC as each is
widely deployed, supported by mature tools, and is readily available to
both senders and receivers. They are complementary, as each is
resilient to many of the failure modes of the other."
DMARC provides a way to exchange authentication information and
policies among mail servers.
DMARC benefits domain owners by preventing others from impersonating
them. A domain owner can reliably tell other mail servers that "if it
doesn't originate from this list of servers (SPF) and it is not signed
(DKIM), then reject it!" DMARC also provides domain owners with a means
to receive feedback and determine that their policies are working as
desired.
DMARC benefits mail server operators by providing them with an
extremely reliable (as opposed to DKIM or SPF, which both have
reliability issues when used independently) means to block forged
emails. Is that message really from PayPal, Chase, Gmail, or Facebook?
Since those organizations, and many more, publish DMARC policies,
operators have a definitive means to know.
Instructions on how to use the plugin, how to deploy DMARC to protect ones own domains, and more is included
as POD in the plugin.
Available in the qpsmtpd-dev repo:
https://github.com/qpsmtpd-dev/qpsmtpd-dev/blob/master/plugins/dmarc
As contrasted to most qpsmtpd plugins, DMARC provides an extremely reliable basis for message rejection.
Better still, it's based on the published policies of the domain the message purports to be from (in the
From: header), making it complementary to SPF, which checks the Envelope FROM sender.
If you find that SpamAssassin isn't catching all the forged <at> google.com emails that the Win bots are
sending, this plugin will do the trick. It'll also stop all the forged [a-z]{6} <at> yahoo.com spams those
senders haven't made it onto a DNSBL yet. The largest *legitimate* email senders have deployed DMARC
records. And now I have too. 
Matt
NAME
Forward Confirmed RDNS - http://en.wikipedia.org/wiki/FCrDNS
DESCRIPTION
Determine if the SMTP sender has matching forward and reverse DNS.
Sets the connection note fcrdns.
WHY IT WORKS
The reverse DNS of zombie PCs is out of the spam operators control.
Their only way to pass this test is to limit themselves to hosts with
matching forward and reverse DNS. At present, this presents a
significant hurdle.
There's more POD that explains the tests, config settings, and method.
Much like many other plugins, fcrdns is not reliable enough (only about 90%) to use for message rejection.
However, when combined with any sort of heuristics system such as the karma plugin, the fcrdns plugin
provides another extremely reliable indication of spam likelihood.
Matt
Back in August of last year, Devin Carraway posted this: http://www.nntp.perl.org/group/perl.qpsmtpd/2012/08/msg9954.html And a very short discussion ensued. I have applied a modified portion of that patch to qpsmtpd-dev. After the patch, the # enclosed area in the following header is removed: Received: from c-76-121-98-64.hsd1.wa.comcast.net (HELO [10.0.1.125]) (76.121.98.64) ### (smtp-auth username matt <at> redacted.com, mechanism plain) ### by mail.theartfarm.com (qpsmtpd/0.92) with (AES128-SHA encrypted) ESMTPSA; Fri, 26 Apr 2013 02:51:22 -0400 While many mailing list to www gateways redacting email addresses in headers, many do not. It just seems imprudent to be publishing that data into the headers, as well as having logged it. Matt --- a/lib/Qpsmtpd/SMTP.pm +++ b/lib/Qpsmtpd/SMTP.pm <at> <at> -824,7 +824,7 <at> <at> sub received_line { . " (HELO " . $self->connection->hello_host . ") (" . $self->connection->remote_ip - . ")\n $authheader by " + . ")\n by " . $self->config('me') . " (qpsmtpd/" . $self->version
I just tagged the 0.92 release of qpsmtpd-dev. It can be downloaded by clicking the Tags button on the github project page at https://github.com/qpsmtpd-dev/qpsmtpd-dev. The changes are listed below. Matt 0.92 Apr 20, 2013 new plugins: dmarc, fcrdns new feature: DKIM message signing. See 'perldoc plugins/dkim' for details. includes script for generating DKIM selectors, keys, and DNS records. RAM bumped up to 300MB, to avoid memory exhaustion errors. Qpsmtpd.pm: untaint config options before passing them to plugins. auth_vpopmaild: untaint responses obtained from network. Combined with the taint fix for config options, enables auth_vpopmaild to work when setting the host config and port tls: added ability to store SSL keys in config/ssl log2sql: added UPDATE query support removed FAQ to: https://github.com/qpsmtpd-dev/qpsmtpd-dev/wiki/faq helo: cease processing DNS records after first positive match karma: sprinkled karma awards throughout other plugins - limit poor karma hosts to 1 concurrent connection - allow +3 conncurrent connections to hosts with good karma - limit recipients to 1 for senders with negative karma Sanitize spamd_sock path for perl taint mode - Markus Ullmann geo_ip: added too_far option (deduct karma from distant senders) bogus_bounce: add Return-Path check, per RFC 3834 Fix for Net::DNS break - Markus Ullmann SPF: arrange logic to so improve reliability of spf pass reporting (helpful to DMARC plugin) is_naughty removed from is_immune feature. Allows more granular handling by plugins.
Hi
I just installed qpsmtpd on my system with 25 port and i have also
installed postfix email server. I moved the smtp port of postfix to 2525 so
that i can configure. So then after i tried to send a mail from the CLI
using mail command then i got this Error.
"[root <at> postfix qpsmtpd-0.84]# mail root
Subject: new mail
dsag
ds
d
v.
.
Cc:
[root <at> postfix qpsmtpd-0.84]# Feb 14 23:35:07 postfix sendmail[16669]:
r1EI57op016669: from=root, size=42, class=0, nrcpts=1,
msgid=<201302141805.r1EI57op016669 <at> postfix.test>, relay=root <at> localhost
Feb 14 23:35:07 postfix sendmail[16669]: r1EI57op016669: to=root,
ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay,
pri=30042, relay=[127.0.0.1] [127.0.0.1], dsn=4.2.0, stat=Deferred: 450 No
plugin decided if relaying is allowed
"
And from Gui of squirrel mail i am getting this Error.
"Message not sent. Server replied:
Requested mail action not taken: mailbox unavailable
450 No plugin decided if relaying is allowed
"
Can anyone help me on this issue that what is the reason behind this Error.
--
--
Thanks & Regards
Chetan Sharma
Bangalore
(9538183628)
RSS Feed3 | |
|---|---|
9 | |
1 | |
4 | |
21 | |
5 | |
3 | |
69 | |
199 | |
58 | |
3 | |
1 | |
6 | |
14 | |
19 | |
5 | |
16 | |
26 | |
5 | |
34 | |
27 | |
6 | |
13 | |
30 | |
5 | |
72 | |
9 | |
97 | |
25 | |
21 | |
30 | |
28 | |
14 | |
75 | |
46 | |
19 | |
25 | |
81 | |
59 | |
123 | |
73 | |
42 | |
97 | |
117 | |
55 | |
18 | |
36 | |
59 | |
22 | |
52 | |
38 | |
127 | |
75 | |
65 | |
94 | |
78 | |
116 | |
41 | |
78 | |
158 | |
275 | |
61 | |
142 | |
126 | |
86 | |
63 | |
208 | |
324 | |
78 | |
131 | |
157 | |
123 | |
80 | |
89 | |
123 | |
105 | |
181 | |
174 | |
233 | |
371 | |
85 | |
198 | |
76 | |
50 | |
88 | |
316 | |
133 | |
187 | |
162 | |
200 | |
168 | |
37 | |
66 | |
151 | |
84 | |
273 | |
121 | |
139 |
