Matt Sergeant | 1 Dec 02:48 2005

Re: Problem sending

On 30 Nov 2005, at 15:17, John Peacock wrote:

> Matt Sergeant wrote:
>> I still need to do some work on the logging - it currently only logs 
>> the fd# with the lines to distinguish them. So you have to find the 
>> connecting IP, and find the fd# and grep out lines for that fd#. Kind 
>> of a pain to say the least.
>
> But if you had the hook_reject log lines like Robin is suggesting, it 
> would be a simple matter to grep out the summary line with all of the 
> information in one place.

I don't think it's that simple. I suspect the disconnect is happening 
because qpsmtpd for some reason isn't seeing the line from the client, 
so eventually disconnects the end user with a timeout. And that doesn't 
get logged as a reject.

That plus logging hooks were are broken in trunk for reasons I'm unsure 
of.

Matt.

John Peacock | 1 Dec 03:05 2005

Re: require_resolvable_fromhost not working

Robin Bowes wrote:
> I've just noticed that the require_resolvable_fromhost is not working
> correctly.

It's working fine here (on two different networks, albeit both AT&T netblocks).

> [root <at> dude service]# dnsmx newsletter.nectar.com
> 40 bak2smtp1.edc.dartmail.net
> 10 inc2smtp1.edc.dartmail.net
> 30 bak1smtp1.edc.dartmail.net

The same query here hangs, but if I try it again, I get an answer right away
(which means that it was cached by my other query).  That's why your dnsmx
worked right away, because the previous query had eventually succeeded (but
probably after qpsmtpd had timed out).

If you want to really see what is going on, get a copy of dnstracer here:

	http://www.mavetju.org/unix/general.php

and do the following query from the root servers.

	$ dnstracer -oq mx -s . newsletter.nectar.com

You'll see that something very weird is going on with that domain; are you
responsible for it?  All of these servers are very slow responding:

	ns1.data-link.co.uk
	ns2.data-link.co.uk
	ns0.centri.net
(Continue reading)

John Peacock | 1 Dec 03:19 2005

Re: Problem sending

Matt Sergeant wrote:
> That plus logging hooks were are broken in trunk for reasons I'm unsure of.

That's going to be my focus ASAP.  I started to work on the merge from
branches/0.3x back to trunk and it is pretty ugly... :(

John

Bob Dodds | 2 Dec 03:59 2005

Re: Problem sending

John Peacock wrote:
> Matt Sergeant wrote:
>> I still need to do some work on the logging - it currently only logs 
>> the fd# with the lines to distinguish them. So you have to find the 
>> connecting IP, and find the fd# and grep out lines for that fd#. Kind 
>> of a pain to say the least.
>
> But if you had the hook_reject log lines like Robin is suggesting, it 
> would be a simple matter to grep out the summary line with all of the 
> information in one place.
>
> I'm liking his scheme more and more...
>
> John
I've been able to duplicate Robin's data except for the return
detail--I'm only logging the plugin name for denies--the end
result is about the same grepping *.s files output at loglevel 7,
plus cheating by loading up relayclients into an array.

With Robin's method we could use loglevel 4 and emit the
summary line at LOGWARN. I like that, versus loglevel 7,
because at loglevel 7 I would need to store 20G of log files
to cover three days time if I was Matt Sergeant, or
100 200MB *.s files. It would take continuous
processing to grep the logs down to one csv line
per message, and at times log processing would
lag concurrent messages by 8:1. And I haven't factored
in a merge or join with dspam log, using message id's.

At loglevel 7, I'm compressing/grepping 164 lines into one
(Continue reading)

Bob Dodds | 2 Dec 04:08 2005

Re: require_resolvable_fromhost not working

John Peacock wrote:
> Robin Bowes wrote:
>   
>> I've just noticed that the require_resolvable_fromhost is not working
>> correctly.
>>     
>
> It's working fine here (on two different networks, albeit both AT&T netblocks).
>
>   
>> [root <at> dude service]# dnsmx newsletter.nectar.com
>> 40 bak2smtp1.edc.dartmail.net
>> 10 inc2smtp1.edc.dartmail.net
>> 30 bak1smtp1.edc.dartmail.net
>>     
>
> The same query here hangs, but if I try it again, I get an answer right away
> (which means that it was cached by my other query).  That's why your dnsmx
> worked right away, because the previous query had eventually succeeded (but
> probably after qpsmtpd had timed out).
>
> If you want to really see what is going on, get a copy of dnstracer here:
>
> 	http://www.mavetju.org/unix/general.php
>
> and do the following query from the root servers.
>
> 	$ dnstracer -oq mx -s . newsletter.nectar.com
>
> You'll see that something very weird is going on with that domain; are you
(Continue reading)

Devin Carraway | 9 Dec 08:53 2005

Re: forkserver: when to drop privileges

On Mon, Nov 21, 2005 at 10:52:39PM +0100, Peter J. Holzer wrote:
> privileges after loading the modules is definitely bad: There is a good
> chance that the logfiles will be created with owner root, but later
> forkserver will run as a non-privileged user and be unable to reopen
> them.

And behold, this was just filed as Debian Bug#342336.  Could have sworn I
tested it with a purge/install/connect loop.

Here's the patch I'm testing before upload.  If any plugins do ultimately need
root, we might so an extra load_plugins() before dropping privileges, using a
different configuration file or something along those lines.

--

-- 
Devin  \ aqua(at)devin.com, IRC:Requiem; http://www.devin.com
Carraway \ 1024D/E9ABFCD2: 13E7 199E DD1E 65F0 8905 2E43 5395 CA0D E9AB FCD2
Index: 0.31.1/qpsmtpd-forkserver
===================================================================
--- 0.31.1/qpsmtpd-forkserver	(revision 582)
+++ 0.31.1/qpsmtpd-forkserver	(working copy)
 <at>  <at>  -129,7 +129,6  <at>  <at> 

 # Load plugins here
 my $qpsmtpd = Qpsmtpd::TcpServer->new();
-$qpsmtpd->load_plugins;

 # Drop privileges
 my (undef, undef, $quid, $qgid) = getpwnam $USER or
(Continue reading)

Bob Dodds | 10 Dec 05:28 2005

howto Net::LMTP dspam dlmtp conversation

something like this before we escape or single-quote the  <at> 's
for perl--

MAIL FROM: <usr <at> d.tld> DSPAMPROCESSMODE=\"usr <at> d.tld\"
 no-at-dspamuser optkey=value[\ is sepch]optkey2=value2[null-terminator]

I want to dlmtp to dspam using Net::LMTP. What goes
in dlmtp anyway? It's in client.c and agent_shared.c
but I don't read C very well(help!).

client_authenticate(&TTX, ATX->client_args)

I need to know the struct or structs to send
over the tcp socket to dspam, before the
 From and To. Sending From is part of dspamc
client_authenticate(), see below.

char *ident = _ds_read_attribute(agent_config, "ClientIdent");
..........

snprintf(buf, sizeof(buf), "LHLO %s", strchr(ident, ' <at> ')+1);
 if (send_socket(TTX, buf)<=0)

strchr strips  <at> .*$ from dspam.conf user <at> host, not an
email address. snprintf puts "LHLO $user" into buf,
then send_socket buf over the tcp socket. Newer
dspam may take the  <at> host part as well, because it
allows more than one client host in dspam.conf.

client_args is defined in agent_shared.c
(Continue reading)

Bob Dodds | 10 Dec 05:28 2005

howto Net::LMTP dspam dlmtp conversation

something like this before we escape or single-quote the  <at> 's
for perl--

MAIL FROM: <usr <at> d.tld> DSPAMPROCESSMODE=\"usr <at> d.tld\"
 no-at-dspamuser optkey=value[\ is sepch]optkey2=value2[null-terminator]

I want to dlmtp to dspam using Net::LMTP. What goes
in dlmtp anyway? It's in client.c and agent_shared.c
but I don't read C very well(help!).

client_authenticate(&TTX, ATX->client_args)

I need to know the struct or structs to send
over the tcp socket to dspam, before the
 From and To. Sending From is part of dspamc
client_authenticate(), see below.

char *ident = _ds_read_attribute(agent_config, "ClientIdent");
..........

snprintf(buf, sizeof(buf), "LHLO %s", strchr(ident, ' <at> ')+1);
 if (send_socket(TTX, buf)<=0)

strchr strips  <at> .*$ from dspam.conf user <at> host, not an
email address. snprintf puts "LHLO $user" into buf,
then send_socket buf over the tcp socket. Newer
dspam may take the  <at> host part as well, because it
allows more than one client host in dspam.conf.

client_args is defined in agent_shared.c
(Continue reading)

aarontbell | 11 Dec 19:43 2005
Picon

Unable to queue message

I'm using qpsmtpd 0.31.1, and some of my users (using Outlook Express)
receive the error "Unable to queue message" immediately upon attempting
to send a message to a non-local domain (typically it's a text page to
vtext.com).

Anyone know why this would be happening? Restarting qpsmtpd usually
fixes the problem--they just need to trash the original message and the
new one goes out fine.

John Peacock | 11 Dec 21:01 2005

Re: Unable to queue message

aarontbell <at> gmail.com wrote:
> I'm using qpsmtpd 0.31.1, and some of my users (using Outlook Express)
> receive the error "Unable to queue message" immediately upon attempting
> to send a message to a non-local domain (typically it's a text page to
> vtext.com).

I have to assume you are using qmail-queue (since you haven't told us
otherwise).  Normally, restarting qpsmtpd shouldn't behave differently.  It
would be helpful to know what plugins you are running and what your logging
contains.  If you aren't using the adaptive logging plugin, you should
temporarily increase your config/loglevel to LOGDEBUG.

One thing that might happen is if you are using multilog to manage your logfiles
and you are hitting some sort of quota issue.  If you are not correctly logging
(say you have your log 'run' file pointing at a directory that is not
writeable), the qpsmtpd process will eventually block; restarting will correct
that issue temporarily.  But I don't think you should see the "Unable to queue
message" error.

HTH

John


Gmane