headers
Phil | 3 Dec 2005 00:08

TMDA being used as relay for spammers...

Hello all,

I'm using qmail and have it configured to accept wildcard 
anyuser <at> mydomain.com.  Recently I've notice a spammer who is sending an email 
every 20 seconds to an autogenerated user  <at> mydomain.com, this email has a valid 
email address as the envelope sender (Return-Path), and that address is the 
target of the spam.  The body of the original spam email is then added to the 
TMDA auto response and sent to the Return-Path recipient.  A sneaky way to spam 
or to attempt an email client exploit.

If I change the config variable AUTORESPONSE_INCLUDE_SENDER_COPY to 1 (2 means 
attach original email _default_, 1 means headers only, 0 means neither), then 
this spammer will no longer be able to use me and TMDA as a relay for their 
payload.

I have also altered the default confirm template to use the original Subject: 
string with an RE: prepended, rather than using the default TMDA subject.  I 
beleive this is more user friendly because if you create a subject and then get 
a reply with that same subject, you know and trust that email and are more 
likely to read it.

So I think I've made my email system 'spam relay proof' but it's too soon to 
tell.  Maybe they'll add spam content to the headers next.  Has anyone else had 
this problem?  You might not notice it unless you check your pending queue.  If 
this spammer wasn't so sloppy, I might have never noticed it.

This can also happen without TMDA, by exploiting bounces that attach the full 
spam body.  Ideally, qmail would reject the email at the smtp level I suppose, 
but with wildcard users that is not possible (?)
(Continue reading)

Permalink | Reply | 1 comment |
headers
Jay.Hall | 8 Dec 2005 20:49

Unable to confirm e-mail address

I have installed TMDA and have run into a problem I am not sure how to
solve.

TMDA and qmail are running on my FreeBSD server.

>From a mail client (i.e. Outlook) I send an e-mail to
jay.hall <at> scanner.mnea.org.  I receive a response asking me to verify my
e-mail address, just like I should.

However, when I reply to the challenge message, I receive the following:

Hi. This is the qmail-send program at scanner.mnea.org.
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<jay.hall-confirm-1134070455.44324.ae52f2 <at> scanner.mnea.org>:
Sorry, no mailbox here by that name. (#5.1.1)

Followed by a copy of the original message.

I'm sure this is something simple I have missed.  Does anyone have any
ideas?

Thanks for your help.

Jay Hall, Director of Information Technology Services
Missouri NEA

V:  573.634.3202
(Continue reading)

Permalink | Reply | 2 comments |
headers
Richard Feldmann | 8 Dec 2005 21:04
Picon

Re: Unable to confirm e-mail address

Jay.Hall <at> MNEA.ORG spake thusly on Thu, Dec 08, 2005 at 01:49:56PM -0600:
> I have installed TMDA and have run into a problem I am not sure how to
> solve.
> 
> TMDA and qmail are running on my FreeBSD server.
> 
> >From a mail client (i.e. Outlook) I send an e-mail to
> jay.hall <at> scanner.mnea.org.  I receive a response asking me to verify my
> e-mail address, just like I should.
> 
> However, when I reply to the challenge message, I receive the following:
> 
> Hi. This is the qmail-send program at scanner.mnea.org.
> I'm afraid I wasn't able to deliver your message to the following
> addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
> 
> <jay.hall-confirm-1134070455.44324.ae52f2 <at> scanner.mnea.org>:
> Sorry, no mailbox here by that name. (#5.1.1)
> 
> Followed by a copy of the original message.
> 
> I'm sure this is something simple I have missed.  Does anyone have any
> ideas?
> 
> Thanks for your help.
--- end quoted text ---

Hi Jay,
(Continue reading)

Permalink | Reply | 0 comments |
headers
R'twick Niceorgaw | 8 Dec 2005 21:07

Re: Unable to confirm e-mail address

Hi Jay,
On Thu, December 8, 2005 2:49 pm, Jay.Hall <at> MNEA.ORG said:
>
> Hi. This is the qmail-send program at scanner.mnea.org.
> I'm afraid I wasn't able to deliver your message to the following
> addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
>
> <jay.hall-confirm-1134070455.44324.ae52f2 <at> scanner.mnea.org>:
> Sorry, no mailbox here by that name. (#5.1.1)
>

do you have a + or = at the first line against jay.hall in
/var/qmail/users/assign file (or whereever this file is)?
To use extension addresses, the first byte of a user in the above file has
to be +.

If it's = then change it to + and run qmail-newu (typically
/var/qmail/bin/qmail-newu) and see if it solves the problem

HTH
-R'twick
Permalink | Reply | 0 comments |
headers
Zeno Davatz | 9 Dec 2005 09:09
Picon
Gravatar

AttributeError: 'unicode' object has no attribute 'Expand'

Hi

I'm running TMDA and TMDA-CG as following:

tmda-cgi: 	tmda-cgi/0.13 "Aluminum" (Python/2.4.2 on
Linux-2.6.11.11-i686-Intel-R-_Xeon-TM-_CPU_2.40GHz-with-glibc2.0)
TMDA: 	TMDA/1.0.3 "Seattle Slew" (Python/2.4.2 on
Linux-2.6.11.11-i686-Intel-R-_Xeon-TM-_CPU_2.40GHz-with-glibc2.0)

Compile Params
AUTH_ARG: 	/var/vpopmail/bin/vchkpw
AUTH_TYPE: 	program
BASE_DIR: 	/usr/lib/python2.3/site-packages/
CGI_DISP_DIR: 	/resources/tmda-cgi
CGI_MODE: 	system-wide
IDs: 	UID: 89 (89) GID: 89 (89)
SESSION_EXP: 	300
SESSION_ODDS: 	0.01
SESSION_PREFIX: 	/tmp/TMDASession.
VLOOKUP: 	vpopmail1 /var/vpopmail/bin/vuserinfo ~
VUSER: 	vpopmail

These days I constantly get the following error message provoked by
attached Mail. I get such an error every day now!

A problem occurred in a Python script. Here is the sequence of
function calls leading up to the error, in the order they occurred.
 /usr/local/src/tmda-cgi-0.13/tmda-cgi.py
  188   elif Cmd == "pending":
  189     import PendList
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jay.Hall | 9 Dec 2005 21:30

Re: Unable to confirm e-mail address

This combined with a misspelling in my .qmail-default problem were the
culprits. 

Thanks to everyone for their help.

Jay Hall, Director of Information Technology Services
Missouri NEA

V:  573.634.3202
F:  573.634.5645
-----Original Message-----
From: tmda-users-bounces <at> tmda.net [mailto:tmda-users-bounces <at> tmda.net]
On Behalf Of R'twick Niceorgaw
Sent: Thursday, December 08, 2005 2:07 PM
To: tmda-users <at> tmda.net
Subject: *****SUSPECTED SPAM**** Re: Unable to confirm e-mail address

Hi Jay,
On Thu, December 8, 2005 2:49 pm, Jay.Hall <at> MNEA.ORG said:
>
> Hi. This is the qmail-send program at scanner.mnea.org.
> I'm afraid I wasn't able to deliver your message to the following 
> addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
>
> <jay.hall-confirm-1134070455.44324.ae52f2 <at> scanner.mnea.org>:
> Sorry, no mailbox here by that name. (#5.1.1)
>

do you have a + or = at the first line against jay.hall in
(Continue reading)

Permalink | Reply | 3 comments |
headers
Jay.Hall | 9 Dec 2005 21:45

TOMDA on Outbound Mail Relay

I am in the final stages of configuring TMDA for use and I have one
final question, which I hope will have an easy solution.

My network has a qmail/TMDA server running as a relay for the MS
Exchange server.  All inbound and outbound e-mail passes through this
server.

The requirements were that each user must have the choice as to whether
or not to use TMDA for incoming e-mail.  However, I would like to have
all outbound e-mail addresses automatically whitelisted.  The reason for
this is that many of us e-mail the same people daily.

I have found documentation on how to TMDA accomplishes this when the
qmail server is the primary e-mail server, but nothing yet, on how to
make this occur when qmail is functioning as a relay.  If someone could
point me in the right direction, it would be greatly appreciated.

Thanks in advance for your assistance.

Jay Hall, Director of Information Technology Services
Missouri NEA

V:  573.634.3202
F:  573.634.5645
Permalink | Reply | 1 comment |
headers
Stephen Warren | 12 Dec 2005 22:48

Re: TOMDA on Outbound Mail Relay

Jay.Hall <at> MNEA.ORG wrote:
> I am in the final stages of configuring TMDA for use and I have one
> final question, which I hope will have an easy solution.
> 
> My network has a qmail/TMDA server running as a relay for the MS
> Exchange server.  All inbound and outbound e-mail passes through this
> server.
> 
> The requirements were that each user must have the choice as to whether
> or not to use TMDA for incoming e-mail.  However, I would like to have
> all outbound e-mail addresses automatically whitelisted.  The reason for
> this is that many of us e-mail the same people daily.

The simple part:

In the incoming filter specifications, point at some text file that
lists all the allowable email addresses, just like any other whitelist file.

The hard part:

Whenever qmail processes an outbound message (actually, it's better to
say, whenever qmail processes an inbound message from the exchange
server), add this address to a text file. How to do this is outside the
domain to TMDA.

Possible cunning solution:

Run tmda-ofmipd for a fake user (i.e. not one of the employees) and have
the exchange server send all email to the tmda-ofmipd port. Configure
the outgoing filter of that fake user to do nothing but append the
(Continue reading)

Permalink | Reply | 0 comments |
headers
yhhoo | 13 Dec 2005 03:01
Picon

Yee Huei Hoo is out of the office.


I will be out of the office starting  12/08/2005 and will not return until
12/14/2005.

For urgent matters please contact Kelvin Yang at 62139281 Vincent Tan at
62139144
Permalink | Reply | 0 comments |
headers
Gregory Malsack | 13 Dec 2005 17:48
Favicon

Unable to release message

Hello All,

I am using TMDA on a Fedorca Core 3 box. It has been working well so far. I am
also using tmda-cgi to manage the pending folders. This too has been working
well. Users are very happy with the install. It has been up and running now for
several weeks with no problems. However one of the 160 users called today and
said that she cannot release a message. I logged into her tmda-cgi account and
attempted to release the message both through the radio button/execute and
through the check mark on the details page. Neither work. The pending screen
places the message in italics and states that it is processing the message but
when you log out and back in the message is pending again and is never delivered
to her inbox.

I then tried the tmda-pending command line feature. This has the same result. it
says that it is releasing the message but does not. I've looked in the
tmda-error.log and tmda-in.log with no luck. The only thing I see is an entry in
the maillog file that states the message status is queued. However the user is
getting other messages so it's not a problem with the inbox.

The message in question was originally addressed to 2 users on this box. user a
was able to release the message and have it delivered to her inbox, user b
attempted this same thing a day later and is having the problem.

Any ideas? Please advise...

Gregory Malsack
Permalink | Reply | 0 comments |

Gmane