The qpopper list archive ending on 1 Dec 2002
Topics covered in this issue include:
1. Re: Access blocked for uid below 10?
Sebastian Lagemann <lagemann at st-oneline dot net>
06 Nov 2002 18:57:38 +0100
2. Maximum Number of Connections
J Bacher <jb at jbacher dot com>
Wed, 06 Nov 2002 14:03:28 -0600
3. Error 425 Unable to connect
"Y Ramprasad" <yramprasad at ecomserver dot com>
Thu, 7 Nov 2002 10:38:59 +0530
4. Re: Access blocked for uid below 10?
Eric Luyten <Eric.Luyten at vub.ac dot be>
Thu, 7 Nov 2002 09:41:01 +0100 (MET)
5. Re: Access blocked for uid below 10?
Kenneth Porter <shiva at sewingwitch dot com>
Thu, 07 Nov 2002 04:27:59 -0800
6. TEST
Gennaro Esposito <esposito at marscenter dot it>
Thu, 07 Nov 2002 15:47:44 +0100
7. RE: Error 425 Unable to connect
"Phil Stubbington" <phil.stubbington at computer dot org>
Thu, 7 Nov 2002 21:56:31 -0000
8. Re: Access blocked for uid below 10?
Mark <admin at asarian-host dot net>
Fri, 8 Nov 2002 22:44:49 +0100
9. Re: Access blocked for uid below 10?
Syed Zaeem Hosain <Syed.Hosain at aeris dot net>
Wed, 06 Nov 2002 16:51:53 -0800
10. Re: Access blocked for uid below 10?
Gennaro Esposito <esposito at marscenter dot it>
Mon, 11 Nov 2002 16:54:45 +0100
11.
12. Receiving Mail from Home
"Kristi-Rheem" <kfuller at rheemsupply dot com>
Tue, 12 Nov 2002 08:37:36 -0500
13. Re: qpopper rpm
Kenneth Porter <shiva at sewingwitch dot com>
12 Nov 2002 06:36:37 -0800
14. Cannot Retrieve Email Using OpenSSL With Qpopper
Jeff West <J.West at astronautics dot com>
Wed, 13 Nov 2002 09:53:55 -0600
15. How to block public mails to group id
"Y Ramprasad" <yramprasad at ecomserver dot com>
Thu, 14 Nov 2002 11:10:12 +0530
16. Stronger authentication?!
Gennaro Esposito <esposito at marscenter dot it>
Mon, 18 Nov 2002 18:15:22 +0100
17. Re: Receiving Mail from Home
"Simon May" <simon at imsl dot es>
Sat, 23 Nov 2002 14:13:38 +0100
18. Re: Receiving Mail from Home
Chip Old <fold at bcpl dot net>
Sat, 23 Nov 2002 12:26:37 -0500 (EST)
19. Re: Error 425 Unable to connect
Alan Brown <alanb at digistar dot com>
Tue, 12 Nov 2002 13:29:47 -0500 (EST)
20. RE: Receiving Mail from Home
"Mike Pacheco" <mike at fwdsystems dot com>
Sat, 23 Nov 2002 10:10:35 -0500
21. Re: How to block public mails to group id
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sun, 24 Nov 2002 00:29:34 -0800
22. Stronger authentication?!
Gennaro Esposito <esposito at marscenter dot it>
Wed, 13 Nov 2002 14:34:36 +0100
23. Re: Receiving Mail from Home
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sat, 23 Nov 2002 09:22:05 -0800
24. qpopper running problem
"Konstantin Ivanov" <cyber at globcom dot net>
Sun, 24 Nov 2002 18:58:02 +0200
25. Re: Receiving Mail from Home
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sun, 24 Nov 2002 12:59:08 -0800
26. Re: qpopper running problem
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sun, 24 Nov 2002 13:03:03 -0800
27. Re: Receiving Mail from Home
Kenneth Porter <shiva at sewingwitch dot com>
Sun, 24 Nov 2002 13:57:56 -0800
28. qpopper running problem
"Konstantin Ivanov" <cyber at globcom dot net>
Mon, 25 Nov 2002 12:42:54 +0200
29. Re: Receiving Mail from Home
tavasa <tavasa at che.ufl dot edu>
Mon, 25 Nov 2002 10:52:14 -0500
30. RE: How to block public mails to group id
"Y Ramprasad" <yramprasad at ecomserver dot com>
Mon, 25 Nov 2002 11:27:14 +0530
31. loadbalanced / high availability qpopper setup ?
Jurgen Philippaerts <jph at tiamat.Belgium.EU dot net>
Wed, 27 Nov 2002 11:50:14 +0100
32. Re: loadbalanced / high availability qpopper setup ?
Carles Xavier Munyoz =?iso-8859-1?q?Baldó?= <carles at descom dot es>
Wed, 27 Nov 2002 15:20:26 +0100
33. Re: loadbalanced / high availability qpopper setup ?
The Little Prince <thelittleprince at asteroid-b612 dot org>
Wed, 27 Nov 2002 07:39:48 -0800 (PST)
34. Re: loadbalanced / high availability qpopper setup ?
Clifton Royston <cliftonr at lava dot net>
Wed, 27 Nov 2002 09:11:57 -1000
35. Re: loadbalanced / high availability qpopper setup ?
John Rudd <jrudd at kzin.ucsc dot edu>
Wed, 27 Nov 2002 12:21:17 -0800
36. Max amount of space
"Kirk" <kirk at aircomusa dot com>
Wed, 27 Nov 2002 14:53:57 -0700
37. RH 8.0 & Qpopper
"Austin Mann" <firemann816 at earthlink dot net>
Wed, 27 Nov 2002 22:07:32 -0600
38. Re: Max amount of space
"Alan W. Rateliff, II" <lists at rateliff dot net>
Thu, 28 Nov 2002 00:25:32 -0500
39. Re: loadbalanced / high availability qpopper setup ?
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Wed, 27 Nov 2002 23:22:33 -0800
40. Re: loadbalanced / high availability qpopper setup ?
Carles Xavier Munyoz =?iso-8859-1?q?Baldó?= <carles at descom dot es>
Thu, 28 Nov 2002 10:08:47 +0100
41. How to know to find POP3 is running
"Y Ramprasad" <yramprasad at ecomserver dot com>
Thu, 28 Nov 2002 18:12:07 +0530
42. Adding QPop's bulleting feature to IMAP
"Alan W. Rateliff, II" <lists at rateliff dot net>
Thu, 28 Nov 2002 10:51:17 -0500
43. Re: loadbalanced / high availability qpopper setup ?
Jurgen Philippaerts <jph at tiamat.Belgium.EU dot net>
Fri, 29 Nov 2002 12:22:25 +0100
44. Re: Max amount of space
Alan Brown <alanb at digistar dot com>
Fri, 29 Nov 2002 06:59:54 -0500 (EST)
45. Cannot find ELF??
"Bob Drum" <bobdrum at earthlink dot net>
Fri, 29 Nov 2002 16:54:48 -0800
46. Re: Max amount of space
Gregory Hicks <ghicks at cadence dot com>
Sun, 1 Dec 2002 00:05:32 -0800 (PST)
47. stand-alone?
Mark <admin at asarian-host dot net>
Sun, 1 Dec 2002 10:48:10 +0100
48. Re: stand-alone?
Mark <admin at asarian-host dot net>
Sun, 1 Dec 2002 11:46:43 +0100
49. Re: loadbalanced / high availability qpopper setup ?
John Rudd <jrudd at kzin.ucsc dot edu>
Sun, 1 Dec 2002 08:03:23 -0800
50. Re: stand-alone?
Mark <admin at asarian-host dot net>
Sun, 1 Dec 2002 18:29:50 +0100
Subject: Re: Access blocked for uid below 10?
From: Sebastian Lagemann <lagemann at st-oneline dot net>
Date: 06 Nov 2002 18:57:38 +0100
Hi,
I think, it's the best to forward root's e-mails. Its very dangerous to
fetch mails with user root.
Regards,
Sebastian Lagemann
On Wed, 2002-11-06 at 18:34, Gennaro Esposito wrote:
> Greetings
> I've just installed qpopper (4.0.4) on our old good DEC AlphaServer w/
> DECUnix 4.0F. Qpopper was configured with the following options:
> --disable-update-abort
> --enable-apop
> --enable-bulletins
> --enable-group-bulls
> --enable-nonauth-file=<pathtononauthfile>
> --enable-poppassd
> --enable-popuid=<popadminuser>
> --enable-server-mode
> --disable-specialauth
> Now, I'm using Eudora 5.1 as client and, being also the administrator of
> the mail server, I've a second personality: root
> I'm still working with "password" authentication and not populated the apop
> database yet.
> My "dominant" personality works fine but "root" personality brings me in
> the following situation when I check for its mails:
> ERR[AUTH] Access is blocked for UIDs below 10
> It's clear, for me, what it means (root is, obviusly, UID 0) but I'm very
> surprised 'cause nowhere in the manual nor in the FAQ I've seen anythig
> about this behaviour.
> How can I circunvent/resolve the "problem"?
> TIA
>
> ----------
> Gennaro Esposito
> (System & Security Engineer)
> MARS Center *****************************
> Via E. Gianturco,31 * YES! I SUPPORT *
> I-80146 - Napoli - ITALY * *
> ph.: +39 081-6042 493 * _/_/ _ _/_/ *
> fax...: +39 081-6042 100 * _/_/===x===_/_/ *
> mailto:esposito at marscenter dot it * _/_/ _/_/ *
> http://www.marscenter.it * *
> ftp://ftp.marscenter.it *International Space Station*
> *****************************
--
*** ST-oneline InterNet Service Provider GmbH, Hovesaatstr. 6 ***
* D-48432 Rheine, Tel. +49 5971 80825-5, Fax: +49 5971 80825-79 *
*** eMail: info at st-oneline.net WEB: http://www.st-oneline dot net ***
Date: Wed, 06 Nov 2002 14:03:28 -0600
From: J Bacher <jb at jbacher dot com>
Subject: Maximum Number of Connections
Is there a fixed number of connections to Qpopper in daemon mode?
If so, can it be increased and where?
Thanks in advance.
From: "Y Ramprasad" <yramprasad at ecomserver dot com>
Subject: Error 425 Unable to connect
Date: Thu, 7 Nov 2002 10:38:59 +0530
Phil ,
Thanks for your reply But We donot have Ipchains installed in my machine So
that We can assume Problem is not due to Firewall/Ipchain configuration.
waiting for further solutions
Regards
Ramprasad
-----Original Message-----
From: Phil Stubbington [mailto:phil.stubbington at computer dot org]
Sent: Friday, November 01, 2002 1:52 PM
To: Y Ramprasad; Subscribers of Qpopper
Subject: RE:
Ramprasad,
You may well find that's it a firewall problem. Check your configurations
of ipchains:-
ipchains --list
If you see a line:-
REJECT tcp -y---- anywhere anywhere any ->
any
Then that's why. However, don't remove the line altogether as you will be
compromising your firewall. Instead just open access for the relevant ports
(25 for pop, 110 for smtp).
Regards,
Phil
-----Original Message-----
From: Y Ramprasad [mailto:yramprasad at ecomserver dot com]
Sent: 01 November 2002 05:56
To: Subscribers of Qpopper
Subject:
Hi ,
I am Ramprasad , System Administrator at Ecomserver India Pvt Ltd. We have
RedHat Linux 7.1 MailServer with Qpopper 4 and Sendmail 8.11.2. Its work
fine. But Suddenly I received the following error while send/receive the
mails over Microsoft Outlook.
"The TCP/IP connection was unexpectedly terminated by the server. Server
Response:' -ERR 425 Unable to connect with remote host". (Account:90.0.0.3
POP3 Server:90.0.0.3, Error Number:0x800ccc0f)."
Where 90.0.0.3 is the POP3 Server Ip Address
I would be very happy and thankful if any one could give the solution to
rectify the above problem.
Regards & Thanks
Ramprasad.
Subject: Re: Access blocked for uid below 10?
Date: Thu, 7 Nov 2002 09:41:01 +0100 (MET)
From: Eric Luyten <Eric.Luyten at vub.ac dot be>
> My "dominant" personality works fine but "root" personality brings me in
> the following situation when I check for its mails:
> ERR[AUTH] Access is blocked for UIDs below 10
> It's clear, for me, what it means (root is, obviusly, UID 0) but I'm very
> surprised 'cause nowhere in the manual nor in the FAQ I've seen anythig
> about this behaviour.
Gennaro,
See the Qpopper 4.0 Administrator's Guide, page 43, macro BLOCK_UID
To modify this value, edit config.h AFTER running ./configure (same page)
Eric.
Date: Thu, 07 Nov 2002 04:27:59 -0800
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: Re: Access blocked for uid below 10?
--On Wednesday, November 06, 2002 6:34 PM +0100 Gennaro Esposito
<esposito at marscenter dot it> wrote:
> ERR[AUTH] Access is blocked for UIDs below 10
> It's clear, for me, what it means (root is, obviusly, UID 0) but I'm very
> surprised 'cause nowhere in the manual nor in the FAQ I've seen anythig
> about this behaviour. How can I circunvent/resolve the "problem"?
I don't remember where this rule is imposed, but it's a Good Idea. Use
/etc/aliases to forward root's mail to a mortal and read it via that mortal.
Qpopper and other services will drop priviliges and "become" the user
connecting once a password is processed. Allowing root to pop means that
all the code after the normal qpopper identity change is now run as root
instead of a mortal, and any overlooked security vulnerability in that code
can be exploited as root.
Date: Thu, 07 Nov 2002 15:47:44 +0100
From: Gennaro Esposito <esposito at marscenter dot it>
Subject: TEST
--=====================_176782970==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
------------ PLEASE DISCARD THIS MAIL --------------
THIS IS A TEST - Maybe thereis a problem with the mailing list....
------------ PLEASE DISCARD THIS MAIL --------------
----------
Gennaro Esposito
(System & Security Engineer)
MARS Center *****************************
Via E. Gianturco,31 * YES! I SUPPORT *
I-80146 - Napoli - ITALY * *
ph.: +39 081-6042 493 * _/_/ _ _/_/ *
fax...: +39 081-6042 100 * _/_/===x===_/_/ *
mailto:esposito at marscenter dot it * _/_/ _/_/ *
http://www.marscenter.it * *
ftp://ftp.marscenter.it *International Space Station*
*****************************
--=====================_176782970==_.ALT
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
------------ PLEASE DISCARD THIS MAIL --------------<br>
THIS IS A TEST - Maybe thereis a problem with the mailing list....<br>
------------ PLEASE DISCARD THIS MAIL --------------<br>
<x-sigsep><p></x-sigsep>
<font face="Fixedsys" size=1>----------<br>
Gennaro Esposito<br>
(System & Security Engineer)<br>
MARS
Center &nbs
p;
*****************************<br>
Via E.
Gianturco,31 &nbs
p;
* YES! I
SUPPORT *<br>
I-80146 - Napoli -
ITALY
* &nb
sp; &
nbsp;
*<br>
ph.: +39 081-6042
493
* _/_/ _
_/_/ *<br>
fax...: +39 081-6042
100
*
_/_/===x===_/_/ *<br>
<a href="mailto:esposito@marscenter dot it%A0" eudora="autourl">mailto:espos
ito at marscenter dot it
</a> *
_/_/
_/_/ *<br>
<a href="http://www.marscenter.it=A0=A0=A0=A0=A0=A0/" eudora="autourl">h
ttp://www.marscenter.it
</a>
* &nb
sp; &
nbsp;
*<br>
<a href="ftp://ftp.marscenter.it=A0=A0=A0=A0=A0=A0=A0/" eudora="autourl"
>ftp://ftp.marscenter.it
</a> *International Space Station*<br>
&nbs
p; &n
bsp;
*****************************</font></html>
--=====================_176782970==_.ALT--
From: "Phil Stubbington" <phil.stubbington at computer dot org>
Subject: RE: Error 425 Unable to connect
Date: Thu, 7 Nov 2002 21:56:31 -0000
Rampraprasad,
If you connect locally (telnet servername.com pop3) do you get the same
problem?
Regards,
Phil
-----Original Message-----
From: Y Ramprasad [mailto:yramprasad at ecomserver dot com]
Sent: 07 November 2002 05:09
To: Phil Stubbington; Subscribers of Qpopper
Subject: Error 425 Unable to connect
Phil ,
Thanks for your reply But We donot have Ipchains installed in my machine So
that We can assume Problem is not due to Firewall/Ipchain configuration.
waiting for further solutions
Regards
Ramprasad
-----Original Message-----
From: Phil Stubbington [mailto:phil.stubbington at computer dot org]
Sent: Friday, November 01, 2002 1:52 PM
To: Y Ramprasad; Subscribers of Qpopper
Subject: RE:
Ramprasad,
You may well find that's it a firewall problem. Check your configurations
of ipchains:-
ipchains --list
If you see a line:-
REJECT tcp -y---- anywhere anywhere any ->
any
Then that's why. However, don't remove the line altogether as you will be
compromising your firewall. Instead just open access for the relevant ports
(25 for pop, 110 for smtp).
Regards,
Phil
-----Original Message-----
From: Y Ramprasad [mailto:yramprasad at ecomserver dot com]
Sent: 01 November 2002 05:56
To: Subscribers of Qpopper
Subject:
Hi ,
I am Ramprasad , System Administrator at Ecomserver India Pvt Ltd. We have
RedHat Linux 7.1 MailServer with Qpopper 4 and Sendmail 8.11.2. Its work
fine. But Suddenly I received the following error while send/receive the
mails over Microsoft Outlook.
"The TCP/IP connection was unexpectedly terminated by the server. Server
Response:' -ERR 425 Unable to connect with remote host". (Account:90.0.0.3
POP3 Server:90.0.0.3, Error Number:0x800ccc0f)."
Where 90.0.0.3 is the POP3 Server Ip Address
I would be very happy and thankful if any one could give the solution to
rectify the above problem.
Regards & Thanks
Ramprasad.
From: Mark <admin at asarian-host dot net>
Date: Fri, 8 Nov 2002 22:44:49 +0100
Subject: Re: Access blocked for uid below 10?
This is a multi-part message in MIME format.
------=_NextPart_000_00A5_01C28778.718B6020
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
----- Original Message -----
From: Gennaro Esposito
To: Subscribers of Qpopper
Sent: Wednesday, November 06, 2002 6:34 PM
Subject: Access blocked for uid below 10?
ERR[AUTH] Access is blocked for UIDs below 10
It's clear, for me, what it means (root is, obviusly, UID 0)
but I'm very surprised 'cause nowhere in the manual nor
in the FAQ I've seen anythig about this behaviour.
How can I circunvent/resolve the "problem"?
TIA
Dunno who put it there, but it's a good policy. :) I wrote my own
version of poppasd once, to do just that: disallowing checking UID <
1000. Below 10 is even mild; I would set the marker much higher (at
1000, for instance, where FreeBSD starts numbering "regular" users).
Make it a habit of not logging in, remote, as "root" anyway -- whether
possible or not. I have mail for "root" be copied to a regular user,
which I check from a remote site. But never "root" directly. Just as I
disabled root-login for SSHD. I telnet in over the secure SSH shell, and
then su to root from there. Same goes for FTP: never FTP as root.
My advice? Do not try and circumvent these measures; they are sane and
installed for a good reason. Make those reasons your own.
Regards,
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
------=_NextPart_000_00A5_01C28778.718B6020
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#fffbf0>
<DIV> </DIV>
<BLOCKQUOTE dir=ltr
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px;
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color:
black"><B>From:</B>
<A title=esposito at marscenter dot it
href="mailto:esposito@marscenter dot it">Gennaro
Esposito</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=qpopper at lists.pensive dot org
href="mailto:qpopper at lists dot pensive dot org">Subscribers of Qpopper</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, November 06,
2002 6:34
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Access blocked for uid
below
10?</DIV>
<DIV><BR></DIV>
<DIV>ERR[AUTH] Access is blocked for UIDs below 10<BR>It's clear, for
me, what
it means (root is, obviusly, UID 0)</DIV>
<DIV>but I'm very surprised 'cause nowhere in the manual nor</DIV>
<DIV>in the FAQ I've seen anythig about this behaviour.<BR>How can I
circunvent/resolve the "problem"?<BR>TIA</DIV>
<DIV><BR> </DIV>
<DIV>Dunno who put it there, but it's a good policy. :) I wrote my own
version
of poppasd once, to do just that: disallowing checking UID < 1000.
Below 10
is even mild; I would set the marker much higher (at 1000, for
instance, where
FreeBSD starts numbering "regular" users).</DIV>
<DIV> </DIV>
<DIV>Make it a habit of not logging in, remote, as "root" anyway
--
whether possible or not. I have mail for "root" be copied to a regular
user,
which I check from a remote site. But never "root" directly. Just as I
disabled root-login for SSHD. I telnet in over the secure SSH shell,
and then
su to root from there. Same goes for FTP: never FTP as root.</DIV>
<DIV> </DIV>
<DIV>My advice? Do not try and circumvent these measures; they
are sane
and installed for a good reason. Make those reasons your own.</DIV>
<DIV> </DIV>
<DIV>Regards,</DIV>
<DIV> </DIV>
<DIV>- Mark
<DIV> </DIV>
<DIV> System Administrator
Asarian-host.org</DIV>
<DIV> </DIV>
<DIV>---<BR>"If you were supposed to understand it,<BR>we wouldn't
call it
code." - FedEx</X-SIGSEP></DIV></DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_00A5_01C28778.718B6020--
Date: Wed, 06 Nov 2002 16:51:53 -0800
From: Syed Zaeem Hosain <Syed.Hosain at aeris dot net>
Subject: Re: Access blocked for uid below 10?
Hi, all.
Am I the only one receiving thousands of these messages? Has the
Qpopper list gone wonky again? Or is the original senders e-mail
system gone berserk? Or some other problem ...?
I am about to block the st-online.net domain in sendmail ...
Sebastian Lagemann wrote:
> Hi,
>
> I think, it's the best to forward root's e-mails. Its very dangerous to
> fetch mails with user root.
>
> Regards,
>
> Sebastian Lagemann
>
> On Wed, 2002-11-06 at 18:34, Gennaro Esposito wrote:
>
>>Greetings
>>I've just installed qpopper (4.0.4) on our old good DEC AlphaServer w/
>>DECUnix 4.0F. Qpopper was configured with the following options:
>> --disable-update-abort
>> --enable-apop
>> --enable-bulletins
>> --enable-group-bulls
>> --enable-nonauth-file=<pathtononauthfile>
>> --enable-poppassd
>> --enable-popuid=<popadminuser>
>> --enable-server-mode
>> --disable-specialauth
>>Now, I'm using Eudora 5.1 as client and, being also the administrator of
>>the mail server, I've a second personality: root
>>I'm still working with "password" authentication and not populated the apop
>>database yet.
>>My "dominant" personality works fine but "root" personality brings me in
>>the following situation when I check for its mails:
>>ERR[AUTH] Access is blocked for UIDs below 10
>>It's clear, for me, what it means (root is, obviusly, UID 0) but I'm very
>>surprised 'cause nowhere in the manual nor in the FAQ I've seen anythig
>>about this behaviour.
>>How can I circunvent/resolve the "problem"?
>>TIA
>>
>>----------
>>Gennaro Esposito
>>(System & Security Engineer)
>>MARS Center *****************************
>>Via E. Gianturco,31 * YES! I SUPPORT *
>>I-80146 - Napoli - ITALY * *
>>ph.: +39 081-6042 493 * _/_/ _ _/_/ *
>>fax...: +39 081-6042 100 * _/_/===x===_/_/ *
>>mailto:esposito at marscenter dot it * _/_/ _/_/ *
>>http://www.marscenter.it * *
>>ftp://ftp.marscenter.it *International Space Station*
>> *****************************
--------------------------------------------------------------------
| Syed Zaeem Hosain Senior Vice President & |
| Chief Technical Officer |
| |
| Aeris.net tel: (408) 557-1905 |
| 1245 South Winchester Blvd. fax: (408) 557-1925 |
| San Jose, CA 95128-3908. Syed.Hosain at aeris dot net |
--------------------------------------------------------------------
Date: Mon, 11 Nov 2002 16:54:45 +0100
From: Gennaro Esposito <esposito at marscenter dot it>
Subject: Re: Access blocked for uid below 10?
--=====================_526403267==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
Hmmm...I whish to thank everybody who answered to me
I see your point of view and agree...
see you all soon, with new stupid ( ;-) )* questions
Bye
-------------------
* "If you ask for a stupid question, you'll be such for few minutes. If you
don't ask, you could be stupid forever"
(something like a) Ancient Chinese proverb
At 22.44 08/11/2002 +0100, Mark wrote:
>
>----- Original Message -----
>From: <mailto:esposito at marscenter dot it>Gennaro Esposito
>To: <mailto:qpopper at lists.pensive dot org>Subscribers of Qpopper
>Sent: Wednesday, November 06, 2002 6:34 PM
>Subject: Access blocked for uid below 10?
>
>ERR[AUTH] Access is blocked for UIDs below 10
>It's clear, for me, what it means (root is, obviusly, UID 0)
>but I'm very surprised 'cause nowhere in the manual nor
>in the FAQ I've seen anythig about this behaviour.
>How can I circunvent/resolve the "problem"?
>TIA
>
>
>Dunno who put it there, but it's a good policy. :) I wrote my own version
>of poppasd once, to do just that: disallowing checking UID < 1000. Below
>10 is even mild; I would set the marker much higher (at 1000, for
>instance, where FreeBSD starts numbering "regular" users).
>
>Make it a habit of not logging in, remote, as "root" anyway -- whether
>possible or not. I have mail for "root" be copied to a regular user, which
>I check from a remote site. But never "root" directly. Just as I disabled
>root-login for SSHD. I telnet in over the secure SSH shell, and then su to
>root from there. Same goes for FTP: never FTP as root.
>
>My advice? Do not try and circumvent these measures; they are sane and
>installed for a good reason. Make those reasons your own.
>
>Regards,
>
>- Mark
>
> System Administrator Asarian-host.org
>
>---
>"If you were supposed to understand it,
>we wouldn't call it code." - FedEx
----------
Gennaro Esposito
(System & Security Engineer)
MARS Center *****************************
Via E. Gianturco,31 * YES! I SUPPORT *
I-80146 - Napoli - ITALY * *
ph.: +39 081-6042 493 * _/_/ _ _/_/ *
fax...: +39 081-6042 100 * _/_/===x===_/_/ *
mailto:esposito at marscenter dot it * _/_/ _/_/ *
http://www.marscenter.it * *
ftp://ftp.marscenter.it *International Space Station*
*****************************
--=====================_526403267==_.ALT
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
Hmmm...I whish to thank everybody who answered to me<br>
I see your point of view and agree...<br>
see you all soon, with new stupid ( ;-) )* questions<br>
Bye<br>
-------------------<br>
* "If you ask for a stupid question, you'll be such for few minutes.
If you don't ask, you could be stupid forever" <br>
(something like a) Ancient Chinese proverb<br><br>
At 22.44 08/11/2002 +0100, Mark wrote:<br>
<blockquote type=cite class=cite cite>
<dl>
<dd>----- Original Message -----
<dd>From:</b> <a href="mailto:esposito@marscenter dot it">Gennaro
Esposito</a>
<dd>To:</b> <a href="mailto:qpopper at lists dot pensive dot org">Subscribers of
Qpopper</a>
<dd>Sent:</b> Wednesday, November 06, 2002 6:34 PM
<dd>Subject:</b> Access blocked for uid below 10?<br><br>
<dd>ERR[AUTH] Access is blocked for UIDs below 10
<dd>It's clear, for me, what it means (root is, obviusly, UID 0)
<dd>but I'm very surprised 'cause nowhere in the manual nor
<dd>in the FAQ I've seen anythig about this behaviour.
<dd>How can I circunvent/resolve the "problem"?
<dd>TIA<br><br>
<dd>
<dd>Dunno who put it there, but it's a good policy. :) I wrote my own
version of poppasd once, to do just that: disallowing checking UID <
1000. Below 10 is even mild; I would set the marker much higher (at 1000,
for instance, where FreeBSD starts numbering "regular"
users).
<dd>
<dd>Make it a habit of not logging in, remote, as "root" anyway
-- whether possible or not. I have mail for "root" be copied to
a regular user, which I check from a remote site. But never
"root" directly. Just as I disabled root-login for SSHD. I
telnet in over the secure SSH shell, and then su to root from there. Same
goes for FTP: never FTP as root.
<dd>
<dd>My advice? Do not try and circumvent these measures; they are sane
and installed for a good reason. Make those reasons your own.
<dd>
<dd>Regards,
<dd>
<dd>- Mark
<dd>
<dd> System Administrator
Asarian-host.org
<dd>
<dd>---
<dd>"If you were supposed to understand it,
<dd>we wouldn't call it code." - FedEx</blockquote>
<x-sigsep><p></x-sigsep>
</dl><font face="Fixedsys" size=1>----------<br>
Gennaro Esposito<br>
(System & Security Engineer)<br>
MARS
Center &nbs
p;
*****************************<br>
Via E.
Gianturco,31 &nbs
p;
* YES! I
SUPPORT *<br>
I-80146 - Napoli -
ITALY
* &nb
sp; &
nbsp;
*<br>
ph.: +39 081-6042
493
* _/_/ _
_/_/ *<br>
fax...: +39 081-6042
100
*
_/_/===x===_/_/ *<br>
<a href="mailto:esposito@marscenter dot it%A0" eudora="autourl">mailto:espos
ito at marscenter dot it
</a> *
_/_/
_/_/ *<br>
<a href="http://www.marscenter.it=A0=A0=A0=A0=A0=A0/" eudora="autourl">h
ttp://www.marscenter.it
</a>
* &nb
sp; &
nbsp;
*<br>
<a href="ftp://ftp.marscenter.it=A0=A0=A0=A0=A0=A0=A0/" eudora="autourl"
>ftp://ftp.marscenter.it
</a> *International Space Station*<br>
&nbs
p; &n
bsp;
*****************************</font></html>
--=====================_526403267==_.ALT--
lows commercial message solicitation but the messages are subject to to a 25 cent per bit delivery fee and all mail users reserve the right to charge 25 cents per bit or the amount agreed to in a settlement as a reader fee All standard mail services are f
or preauthorized emails private in nature If you do not agree to pay these fees disconnect and do not send your messages) with SMTP id gA73e7d17507
for <qpopper at lists.pensive dot org>; Wed, 6 Nov 2002 21:40:08 -0600
Message-ID: <023401c28618$b03efbd0$4b02a8c0@destroyer>
From: "James Nelson" <james at digit.bloomnet dot com>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
References: <455321608629269510382 at lists.pensive dot org>
Subject: Re: qpopper and ipchains config
Date: Wed, 6 Nov 2002 22:46:08 -0600
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2720.3000
Disposition-Notification-To: "James Nelson" <james at digit.bloomnet dot com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
my only tip is to ALWAY put a
ipchains -j DENY -A input -s 0/0 -d 0/0 -p all --log at the end of your
rules!!
The problem would show up in /var/log/messages immediately.
----- Original Message -----
From: "Phil Stubbington" <phil.stubbington at computer dot org>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Thursday, October 31, 2002 1:56 AM
Subject: qpopper and ipchains config
> Hi,
>
> I've been trying to get qpopper configured for a few days now, and after
> lots of false starts (no thanks to M*cr*s*ft Outl**k or Outl**k Express) I
> think I've tracked the problem down to ipchains.
>
> When trying to connect using Express, I get the following errors:-
>
> The connection to the server has failed. Account: 'xxxxxx.com', Server:
> 'mail. xxxxxx.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket
Error:
> 10061, Error Number: 0x800CCC0E
>
> The connection to the server has failed. Account: 'xxxxxx.com', Server:
> 'xxxxxx.com', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error:
> 10071, Error Number: 0x800CCC0E
>
> Now, naÔve me assumed that the comment about SSL meant it was trying to
use
> SSL to connect to the port.
>
> However, if I remove the following rule from ipchains:-
>
> REJECT tcp -y---- anywhere anywhere any ->
> any
>
> Then the pop3 connection works. I need to do the equivalent for SMTP also,
> as I understand it.
>
> Now, what I'm a little confused about is whether this is the correct &
> safest way to configure ipchains to allow qpopper to work?
>
> I need to allow any external client with a valid IP address to connect via
> pop3 and SMTP using using the appropriate ports. Presumably it's a good
> idea to reject invalid IP addresses and to reject connections that appear
to
> come from the internal network address. I guess there is more I can do to
> secure things by using APOP, SSL, etc. but first things first.
>
> I would be grateful for any help.
>
> Thanks,
> Phil
>
>
>
>
From: "Kristi-Rheem" <kfuller at rheemsupply dot com>
Subject: Receiving Mail from Home
Date: Tue, 12 Nov 2002 08:37:36 -0500
Does anyone know how (if it is Qpopper) to make it so that my employees can
check their mail from home. When we're in the office we set our outgoing
mail to the name of the Machine that Sendmail is on, but when I try the
domain name it gives me errors. I am using QPopper with Sendmail on a
Solaris 8 machine.
Thanks,
Kristi
Subject: Re: qpopper rpm
From: Kenneth Porter <shiva at sewingwitch dot com>
Date: 12 Nov 2002 06:36:37 -0800
On Tue, 2002-11-12 at 02:20, Bart Verstraete wrote:
> Hi,
> I installed your qpopper package on a mandrake 9.0
> Everything seems to work without a problem, I can "telnet localhost
> pop-3". Until there everything is ok but with getmail i need to
> forward my mail to mailboxes and I dont know where that is, I tried
> '/var/mail/~USER", but than via telnet it says that there are no mails
> and if I look in that file there are. So where do I have to forward my
> mail to?
The binary RPM is compiled for Red Hat, and Red Hat's sendmail setup
delivers mail to /var/spool/mail/username. You may need to rebuild the
RPM using the .src.rpm file, so that the autoconfig script will detect
your system's settings.
Please reply to the qpopper list so that others can benefit from this
information.
Date: Wed, 13 Nov 2002 09:53:55 -0600
From: Jeff West <J.West at astronautics dot com>
Subject: Cannot Retrieve Email Using OpenSSL With Qpopper
I am unable to successfully retrieve email using OpenSSL with Qpopper.
My three questions are:
1. Has anyone successfully implemented OpenSSL with Qpopper running on
SunOS 5.7? If so, is there anything special I should know?
2. Can anyone tell from the information below if I've configured something
incorrectly on my POP server, or does the solution to my problem require
"taking the engine apart" (getting inside the OpenSSL and/or Qpopper code)?
3. Does this appear to be a client issue, server issue, or incompatibility
between the two?
I've already spent quit a bit of time under the hood and am not too
experienced at taking engines apart. Any thoughts or insights would be
greatly appreciated. Summary and Details below.
Thanks,
Jeff West
Postmaster
** Information found between tilde's (~) is proprietary and has been
changed.
SUMMARY
======
I am unable to retrieve mail when using SSL to connect to Qpopper over a
LAN. When Eudora is used, there are no errors. Eudora simply reports that
I have no new mail (when in fact there is). When Outlook Express is used,
a somewhat generic error message is displayed (see below). If I turn SSL
off in the email clients (leaving it enabled on the server), both retrieve
mail without any problems.
When SSL is turned on in the clients, I believe I've been able to isolate
the errors in the pop log (see below). Eudora and Outlook Express are
producing different errors in the pop log. Eudora is apparently sending
the QUIT command before it is suppose to. Qpopper seems to perceive a
premature QUIT as a possible intruder, but ends the SSL and POP connection
gracefully. Outlook Express seems to send a garbled CAPA command. Here
again both the SSL and POP connection are terminated gracefully by the
server - which seems to be what is causing the Outlook Express error
message.
I started this project a couple of weeks ago using version 4.0.4 of Qpopper
and version 0.9.6e of OpenSSL and have since upgraded to versions 4.0.5b1
and 0.9.6g respectively with no change in this behavior.
I'm fairly certain my certificates are in order, but I know of no way to
confirm this other than using the email clients to check mail. I did
receive cert-related errors when I first began, but I resolved those
problems and am no longer receiving any certificate-related errors.
DETAILS
======
Server Side Software
-----------------------
Qpopper 4.0.5b1
OpenSSL 0.9.6g
GCC 3.1
Random 0.7
Perl 3.1
SunOS 5.7
Client Side Software
-----------------------
Win 2000 Pro 5.0 SP3
Outlook Express 6.00.2800.1106
Eudora 5.1.1
Server Side Certificate
-----------------------
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=~OurState~, L=~OurCity~, O=~OurCompanyName
, OU=HQ,
CN=~FQDNServerHost~/Email=~postmaster at ourdomain dot com~
Validity
Not Before: Nov 5 21:32:44 2002 GMT
Not After : Nov 5 21:32:44 2003 GMT
Subject: C=US, ST=~OurState~, L=~OurCity~,
O=~OurCompanyName~, OU=HQ,
CN=~FCDNServerHost/Email=~postmaster at OurDomain dot com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ad:8a:1b:ed:93:8b:ab:0e:36:60:82:54:cb:78:
c3:40:d5:1d:c8:a3:47:ca:67:fd:d4:02:89:83:e7:
7f:3b:50:4b:ea:84:73:92:05:a9:9a:03:29:7b:46:
8f:9b:83:67:a9:de:e6:02:27:5b:28:97:ad:80:b9:
23:8a:78:8a:9e:02:ef:04:6d:a8:b7:98:81:35:de:
9c:06:11:69:1f:65:a4:96:a9:eb:e4:2a:b9:67:36:
19:dc:83:d7:47:07:f5:81:40:7d:e0:ce:19:e3:4a:
b2:38:de:73:ba:f1:26:6c:24:90:01:24:3f:d8:f4:
4f:ae:5b:06:6c:84:96:16:21
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
04:d2:c8:57:9e:88:59:f4:bb:3a:e6:a9:99:c5:d2:b3:d9:08:
ac:85:25:5b:99:07:eb:97:d6:68:c2:84:0b:7f:db:b2:34:99:
ff:45:5d:87:d3:ed:21:54:99:c5:0d:78:d1:f5:28:ed:de:70:
a7:84:98:c8:48:d8:8e:f1:58:bc:44:04:29:48:b8:8d:7f:35:
1a:63:fd:5a:76:56:ef:57:3e:3c:a5:d1:9c:05:9a:1d:11:7a:
17:4a:68:d1:83:47:b0:e9:c4:63:04:3e:44:e5:b2:60:f4:ad:
3c:77:96:0a:b8:e5:cd:c4:9a:7f:f9:99:0b:7a:44:13:72:95:
df:72
Error message (in a dialog box) returned by Outlook Express - This message
is returned immediatly
------------------------------------------------------------------------
Your server has unexpectedly terminated the connection. Possible causes for
this include server problems, network problems, or a long period of
inactivity. Account: 'At Work', Server: '~serverhostname.ourdomain.com~',
Protocol: POP3, Port: 110, Secure(SSL): Yes, Error Number: 0x800CCC0F
The pop.log has the following entries when an attempt to check mail w/SSL
from Outlook Express is made. Please note line 25 - a garbled CAPA command
seems to have been sent by Outlook Express.
------------------------------------------------------------------------
1. Trace and Debug destination is file "/var/mail/pop.log"
[pop_config.c:1144]
2. ...read line 2 (20): set tls-support=stls [pop_config.c:1370]
3. Set tls-support to STLS (2) [pop_config.c:1234]
4. ...read line 3 (49): set tls-server-cert-file=/etc/mail/certs/cert.pem
[pop_config.c:1370]
5. Set tls-server-cert-file to "/etc/mail/certs/cert.pem"
[pop_config.c:1250]
6. Finished processing config file '/etc/mail/pop/popper.conf'; rslt=1
[pop_config.c:1518]
7. (v4.0.5b1) Servicing request from "~clienthostname.ourdomain.com~" at
~99.99.99.99~ [pop_init.c:1174]
8. before TLS; tls_support==2 [popper.c:181]
9. ...Initializing OpenSSL library (version OpenSSL 0.9.6g 9 Aug 2002)
[pop_tls_openssl.c:230]
10. ...have /dev/urandom; skipping PRNG seeding [pop_tls_openssl.c:288]
11. ...setting method to SSLv23_server_method [pop_tls_openssl.c:312]
12. ...allocating OpenSSL context [pop_tls_openssl.c:342]
13. ...setting certificate file /etc/mail/certs/cert.pem
[pop_tls_openssl.c:363]
14. ...private key file not set; assuming private key is in cert
(/etc/mail/certs/cert.pem) [pop_tls_openssl.c:380]
15. ...setting private key file /etc/mail/certs/cert.pem
[pop_tls_openssl.c:384]
16. ...verifying private key against certificate [pop_tls_openssl.c:397]
17. ...(tls_cipher_list not specified) [pop_tls_openssl.c:424]
18. ...allocating OpenSSL connection [pop_tls_openssl.c:435]
19. ...setting input (0) and output (0) file descriptors
[pop_tls_openssl.c:446]
20. ...successfully completed OpenSSL initialization [pop_tls_openssl.c:465]
21. TLS Init [popper.c:202]
22. (v4.0.5b1) Intro [popper.c:247]
23. +OK Qpopper (version 4.0.5b1) at ~serverhostname.ourdomain.com~
starting. [popper.c:260]
24. Qpopper ready for input from (null) at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
25. Received (5): "€j" [pop_get_command.c:105]
26. (null) at ~clienthostname.ourdomain.com~ (~99.99.99.99~): -ERR Unknown
command: "€j". [pop_get_command.c:152]
27. Qpopper ready for input from (null) at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
28. (null) at ~clienthostname.ourdomain.com~ (~99.99.99.99~): -ERR POP EOF
or I/O Error [popper.c:820]
29. +OK Pop server at ~serverhostname.ourdomain.com~ signing off.
[popper.c:360]
30. I/O error flushing output to client at ~clienthostname.ourdomain.com~
[~99.99.99.99~]: Broken pipe (32) [pop_send.c:689]
31. pTLS->m_pPOP->tls_started == false [pop_tls_openssl.c:823]
32. freeing m_OpenSSLconn [pop_tls_openssl.c:827]
33. freeing m_OpenSSLctx [pop_tls_openssl.c:833]
34. openssl_shutdown returning 0 [pop_tls_openssl.c:838]
35. (v4.0.5b1) Ending request from "" at (~clienthostname.ourdomain.com~)
~99.99.99.99~ [popper.c:378]
36. (v4.0.5b1) Timing for @~clienthostname.ourdomain.com~ (error) auth=0
init=0 clean=0 [popper.c:384]
The pop.log has the following entries when an attempt to check mail w/SSL
from Eudora is made. Please note lines 51 and 52. It appears as if Eudora
issued a QUIT command before it was suppose to.
------------------------------------------------------------------------
1. Trace and Debug destination is file "/var/mail/pop.log"
[pop_config.c:1144]
2. ...read line 2 (20): set tls-support=stls [pop_config.c:1370]
3. Set tls-support to STLS (2) [pop_config.c:1234]
4. ...read line 3 (49): set tls-server-cert-file=/etc/mail/certs/cert.pem
[pop_config.c:1370]
5. Set tls-server-cert-file to "/etc/mail/certs/cert.pem"
[pop_config.c:1250]
6. Finished processing config file '/etc/mail/pop/popper.conf'; rslt=1
[pop_config.c:1518]
7. (v4.0.5b1) Servicing request from "~clienthostname.ourdomain.com~" at
~99.99.99.99~ [pop_init.c:1174]
8. before TLS; tls_support==2 [popper.c:181]
9. ...Initializing OpenSSL library (version OpenSSL 0.9.6g 9 Aug 2002)
[pop_tls_openssl.c:230]
10. ...have /dev/urandom; skipping PRNG seeding [pop_tls_openssl.c:288]
11. ...setting method to SSLv23_server_method [pop_tls_openssl.c:312]
12. ...allocating OpenSSL context [pop_tls_openssl.c:342]
13. ...setting certificate file /etc/mail/certs/cert.pem
[pop_tls_openssl.c:363]
14. ...private key file not set; assuming private key is in cert
(/etc/mail/certs/cert.pem) [pop_tls_openssl.c:380]
15. ...setting private key file /etc/mail/certs/cert.pem
[pop_tls_openssl.c:384]
16. ...verifying private key against certificate [pop_tls_openssl.c:397]
17. ...(tls_cipher_list not specified) [pop_tls_openssl.c:424]
18. ...allocating OpenSSL connection [pop_tls_openssl.c:435]
19. ...setting input (0) and output (0) file descriptors
[pop_tls_openssl.c:446]
20. ...successfully completed OpenSSL initialization [pop_tls_openssl.c:465]
21. TLS Init [popper.c:202]
22. (v4.0.5b1) Intro [popper.c:247]
23. +OK Qpopper (version 4.0.5b1) at ~serverhostname.ourdomain.com~
starting. [popper.c:260]
24. Qpopper ready for input from (null) at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
25. Received (4): "CAPA" [pop_get_command.c:105]
26. capa returned 1; CurrentState now auth1 [popper.c:338]
27. Qpopper ready for input from (null) at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
28. Received (4): "STLS" [pop_get_command.c:105]
29. +OK STLS [pop_extend.c:183]
30. Attempting OpenSSL handshake [pop_tls_openssl.c:514]
31. tls accept returned 1 [pop_tls_openssl.c:517]
32. SSL_get_error says SSL_ERROR_NONE (0) [pop_tls_openssl.c:524]
33. (v4.0.5b1) TLSv1/SSLv3 handshake with client at
~clienthostname.ourdomain.com~ (~99.99.99.99~); new session-id; cipher:
DES-CBC3-SHA (DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=ES(168)
Mac=SHA1), 168
bits [pop_tls_openssl.c:530]
34. pop_stls returning 1 [pop_extend.c:199]
35. stls returned 1; CurrentState now auth1 [popper.c:338]
36. Qpopper ready for input from (null) at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
37. tls read start 2048 ffbeee58 [pop_tls_openssl.c:595]
38. tls read 15 55 53 [pop_tls_openssl.c:599]
39. SSL_get_error says SSL_ERROR_NONE (0) [pop_tls_openssl.c:603]
40. Received (13): "USER testuser" [pop_get_command.c:105]
41. home (21): '/export/home/testuser' [pop_user.c:218]
42. +OK Password required for testuser. [pop_user.c:431]
43. tls write start 37 ffbef66c [pop_tls_openssl.c:690]
44. tls write 37 2b 4f [pop_tls_openssl.c:694]
45. SSL_get_error says SSL_ERROR_NONE (0) [pop_tls_openssl.c:698]
46. user returned 1; CurrentState now auth2 [popper.c:338]
47. Qpopper ready for input from testuser at ~clienthostname.ourdomain.com~
[~99.99.99.99~] [popper.c:294]
48. tls read start 2048 ffbeee58 [pop_tls_openssl.c:595]
49. tls read 6 51 55 [pop_tls_openssl.c:599]
50. SSL_get_error says SSL_ERROR_NONE (0) [pop_tls_openssl.c:603]
51. Received (4): "QUIT" [pop_get_command.c:105]
52. Possible probe of account testuser from host
~clienthostname.ourdomain.com~ (~99.99.99.99~) [pop_quit.c:29]
53. quit returned 1; CurrentState now halt [popper.c:338]
54. +OK Pop server at ~serverhostname.ourdomain.com~ signing off.
[popper.c:360]
55. tls write start 61 ffbef66c [pop_tls_openssl.c:690]
56. tls write 61 2b 4f [pop_tls_openssl.c:694]
57. SSL_get_error says SSL_ERROR_NONE (0) [pop_tls_openssl.c:698]
58. tls shutdown returned 0 [pop_tls_openssl.c:779]
59. SSL_get_error says SSL_ERROR_SYSCALL (5) [pop_tls_openssl.c:783]
60. TLS shutdown Error [pop_tls_openssl.c:805]
61. freeing m_OpenSSLconn [pop_tls_openssl.c:827]
62. freeing m_OpenSSLctx [pop_tls_openssl.c:833]
63. openssl_shutdown returning -1 [pop_tls_openssl.c:838]
64. (v4.0.5b1) Ending request from "testuser" at
(~clienthostname.ourdomain.com~) ~99.99.99.99~ [popper.c:378]
65. (v4.0.5b1) Timing for testuser at ~clienthostname.ourdomain dot com~ (normal)
auth=0 init=0 clean=0 [popper.c:384]
From: "Y Ramprasad" <yramprasad at ecomserver dot com>
Subject: How to block public mails to group id
Date: Thu, 14 Nov 2002 11:10:12 +0530
------=_NextPart_000_0010_01C28BCE.66EF5540
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0011_01C28BCE.66EF5540"
------=_NextPart_001_0011_01C28BCE.66EF5540
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Hi ,
Could you give me an answer for Sendmail on Linux 7.1 to block out side
mails to the particular group mail id so that I can allow only my staff to
send mails to group id and Outsiders can not send .
I knew this Question is not relating to Qpopper But Qpopper works with
sendmail so that some one could have an idea.
Thanks & Regards
Ramprasad
------=_NextPart_001_0011_01C28BCE.66EF5540
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face="Courier New"></FONT> </DIV>
<DIV> </DIV>
<DIV><SPAN class=358563205-14112002><FONT face="Courier New">Hi
,</FONT></SPAN></DIV>
<DIV><SPAN class=358563205-14112002><FONT
face="Courier New"></FONT></SPAN> </DIV>
<DIV><SPAN class=358563205-14112002><FONT face="Courier New">Could
you give me
an answer for Sendmail on Linux 7.1 to block out side mails to the
particular group mail id so that I can allow only my staff to send mails
to
group id and Outsiders can not send .</FONT></SPAN></DIV>
<DIV><SPAN class=358563205-14112002><FONT
face="Courier New"></FONT></SPAN> </DIV>
<DIV><SPAN class=358563205-14112002><FONT face="Courier New">I knew
this
Question is not relating to Qpopper But Qpopper works with sendmail so
that some
one could have an idea.</FONT></SPAN></DIV>
<DIV><SPAN class=358563205-14112002><FONT
face="Courier New"></FONT></SPAN> </DIV>
<DIV><SPAN class=358563205-14112002><FONT face="Courier New">Thanks
&
Regards</FONT></SPAN></DIV>
<DIV><SPAN class=358563205-14112002><FONT
face="Courier New">Ramprasad</FONT></SPAN></DIV></BODY></HTML>
------=_NextPart_001_0011_01C28BCE.66EF5540--
------=_NextPart_000_0010_01C28BCE.66EF5540
Content-Type: text/x-vcard;
name="YRamprasad.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="YRamprasad.vcf"
BEGIN:VCARD
VERSION:2.1
N:;YRamprasad
FN:YRamprasad
ORG:eComServer India Pvt Ltd.
TITLE:System Administrator
TEL;WORK;VOICE:+91 (040) 3110333
TEL;WORK;FAX:+91 (040) 3110969
EMAIL;PREF;INTERNET:yramprasad at ecomserver dot com
REV:20020418T111052Z
END:VCARD
------=_NextPart_000_0010_01C28BCE.66EF5540--
Date: Mon, 18 Nov 2002 18:15:22 +0100
From: Gennaro Esposito <esposito at marscenter dot it>
Subject: Stronger authentication?!
--=====================_282509947==.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
Greetings
I'm back again with another (stupid?) question
Sometimes I get the following message (in the syslog)
<username> at <fqdn> (<ipaddr>): -ERR [AUTH] You must use stronger
authentication such as AUTH or APOP to connect to this server
Well, but that <username> HAS an entry in the APOP database and, in fact,
he/she can download e-mail w/o problems.
Qpopper is 4.0.4 and was configured with:
--disable-update-abort
--enable-apop
--enable-bulletins
--enable-group-bulls
--enable-nonauth-file=<pathtononauthfile>
--enable-poppassd
--enable-popuid=<popadminuser>
--enable-server-mode
--disable-specialauth
and is running on a DEC Alpha w/ DECUnix 4.0f.
The client is Eudora 5.1/5.2 running on a Windoz NT 4.0 ws.
Have you, gurus, an answer to this?
"I'm sorry, but I'm nothing but an egg" (Valentine Michael Smith in
Stranger in a Strange Land by R.A.Heinlein)
TIA
----------
Gennaro Esposito
(System & Security Engineer)
MARS Center *****************************
Via E. Gianturco,31 * YES! I SUPPORT *
I-80146 - Napoli - ITALY * *
ph.: +39 081-6042 493 * _/_/ _ _/_/ *
fax...: +39 081-6042 100 * _/_/===x===_/_/ *
mailto:esposito at marscenter dot it * _/_/ _/_/ *
http://www.marscenter.it * *
ftp://ftp.marscenter.it *International Space Station*
*****************************
--=====================_282509947==.ALT
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
<body>
Greetings<br><br>
I'm back again with another (stupid?) question<br>
Sometimes I get the following message (in the syslog)<br><br>
<username> at <fqdn> (<ipaddr>): -ERR [AUTH] You must
use stronger authentication such as AUTH or APOP to connect to this
server<br><br>
Well, but that <username> HAS an entry in the APOP database and, in
fact, he/she can download e-mail w/o problems.<br><br>
Qpopper is 4.0.4 and was configured with:<br>
--disable-update-abort<br>
--enable-apop<br>
--enable-bulletins<br>
--enable-group-bulls<br>
--enable-nonauth-file=<pathtononauthfile><br>
--enable-poppassd<br>
--enable-popuid=<popadminuser><br>
--enable-server-mode<br>
--disable-specialauth<br>
and is running on a DEC Alpha w/ DECUnix 4.0f.<br>
The client is Eudora 5.1/5.2 running on a Windoz NT 4.0 ws.<br><br>
Have you, gurus, an answer to this?<br>
"I'm sorry, but I'm nothing but an egg" (Valentine Michael
Smith in <i>Stranger in a Strange Land by </i>R.A.Heinlein)<br>
TIA<br>
<x-sigsep><p></x-sigsep>
<font face="Fixedsys" size=1>----------<br>
Gennaro Esposito<br>
(System & Security Engineer)<br>
MARS
Center &nbs
p;
*****************************<br>
Via E.
Gianturco,31 &nbs
p;
* YES! I
SUPPORT *<br>
I-80146 - Napoli -
ITALY
* &nb
sp; &
nbsp;
*<br>
ph.: +39 081-6042
493
* _/_/ _
_/_/ *<br>
fax...: +39 081-6042
100
*
_/_/===x===_/_/ *<br>
<a href="mailto:esposito@marscenter dot it" eudora="autourl">mailto:esposito
@marscenter.it</a>
* _/_/
_/_/ *<br>
<a href="http://www.marscenter.it=A0=A0=A0=A0=A0/" eudora="autourl">http
://www.marscenter.it
</a>
* &nb
sp; &
nbsp;
*<br>
<a href="ftp://ftp.marscenter.it=A0=A0=A0=A0=A0=A0/" eudora="autourl">ft
p://ftp.marscenter.it
</a> *International Space Station*<br>
&nbs
p; &n
bsp;
*****************************</font></body>
</html>
--=====================_282509947==.ALT--
From: "Simon May" <simon at imsl dot es>
Subject: Re: Receiving Mail from Home
Date: Sat, 23 Nov 2002 14:13:38 +0100
You will need to ensure that the mail server is available from the internet
and the firewall if any
allows packets in to port 110 from the internet.
But remember that if your employees check there mail via pop3 from home then
they will not get the same emails at work.
It would be better to install a webbased email system eg neomail or similar
on the mail machine.
That way they can check their mail at home via the webmail system but
collect it via pop3 (qpopper)
at work.
Kind Regards
Simon May
Network Administrator
Internet Marketing S.L.
Telephone 971 72 92 04
Fax 971 71 92 04
Email simon at imsl dot es
----- Original Message -----
From: "Kristi-Rheem" <kfuller at rheemsupply dot com>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Tuesday, November 12, 2002 2:37 PM
Subject: Receiving Mail from Home
> Does anyone know how (if it is Qpopper) to make it so that my employees
can
> check their mail from home. When we're in the office we set our outgoing
> mail to the name of the Machine that Sendmail is on, but when I try the
> domain name it gives me errors. I am using QPopper with Sendmail on a
> Solaris 8 machine.
>
> Thanks,
>
> Kristi
>
Date: Sat, 23 Nov 2002 12:26:37 -0500 (EST)
From: Chip Old <fold at bcpl dot net>
Subject: Re: Receiving Mail from Home
On Tue, 12 Nov 2002, Kristi-Rheem wrote to Subscribers of Qpopper:
> Does anyone know how (if it is Qpopper) to make it so that my employees can
> check their mail from home. When we're in the office we set our outgoing
> mail to the name of the Machine that Sendmail is on, but when I try the
> domain name it gives me errors. I am using QPopper with Sendmail on a
> Solaris 8 machine.
Two assumptions:
1) Access to your QPopper is not restricted other than by the usual user
authentication.
2) Your Sendmail is configured to block promiscuous relaying (most are
these days).
If both are true, then your users should be able to get their incoming
mail via your QPopper both from work and from their ISP access at home.
However they won't be able to send mail from home via your Sendmail
because it will be blocked by the by Sendmail's anti-relaying rule.
The simplest solution to the outgoing mail problem is to have your users
configure their home mail programs to use your POP3 server as the incoming
mail server, but to use the mail servers specified by their individual
ISPs as their outgoing mail servers.
--
Chip Old (Francis E. Old) E-Mail: fold at bcpl dot net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
320 York Road
Towson, MD 21204 USA
Date: Tue, 12 Nov 2002 13:29:47 -0500 (EST)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: Error 425 Unable to connect
On Thu, 7 Nov 2002, Y Ramprasad wrote:
> Thanks for your reply But We donot have Ipchains installed in my machine So
> that We can assume Problem is not due to Firewall/Ipchain configuration.
Depending on your machine's age, you may have ipfwadm calls or iptraff
calls instead.
From: "Mike Pacheco" <mike at fwdsystems dot com>
Subject: RE: Receiving Mail from Home
Date: Sat, 23 Nov 2002 10:10:35 -0500
Qpopper - or any pop program has nothing to do with your subject - if you
have a firewall (I hope you do, and if not don't say so in this message
because your domain name is in your e-mail address and you'll just announce
to the world that your network is wide open) - then open port 110 on the
firewall to your sendmail - pop box (again, I hope you have deny relay setup
on the sendmail box, and if not, don't tell the list).
Then just have your employees point (the ip address or NAT translation
address your firewall presents for the sendmail\pop box) their favorite mail
client - Eudora has the tightest integration with qpopper - but Outlook will
do (Not my favorite, but I use it on occasion).
And you have connection - then work out the qpopper config as far as leaving
mail on the server or not - because, when the employees pull from home the
mail (in default qpopper installs) leaves the box and goes to the requesting
client. So if you want your employees to have access to the same mail from
everywhere - then keep the mail on the server - but be forwarned - two
gotchas with that setup. 1. Disk space, you have to watch it and get on
your employees to delete messages when they are done or they will lock the
box up by filling the free disk space. 2. Virus's - With all that mail in
one place its a virus breeding ground, unless you are tight with your
permissions they will cross-infect each other.
M
-----Original Message-----
From: Kristi-Rheem [mailto:kfuller at rheemsupply dot com]
Sent: Tuesday, November 12, 2002 8:38 AM
To: Subscribers of Qpopper
Subject: Receiving Mail from Home
Does anyone know how (if it is Qpopper) to make it so that my employees can
check their mail from home. When we're in the office we set our outgoing
mail to the name of the Machine that Sendmail is on, but when I try the
domain name it gives me errors. I am using QPopper with Sendmail on a
Solaris 8 machine.
Thanks,
Kristi
Date: Sun, 24 Nov 2002 00:29:34 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: How to block public mails to group id
news:comp.mail.sendmail is a great place to ask this.
My computer uses power, and I don't ask my power company for
help with it. Some people use qpopper with sendmail. Some
don't. Ask at a sendmail resource.
When you write, explain what you mean by "group mail id".
Is this an alias?
And what is "linux 7.1"!? I'm only running 2.4.18.
Quoting Y Ramprasad (yramprasad at ecomserver dot com):
>
> Could you give me an answer for Sendmail on Linux 7.1 to block out side
> mails to the particular group mail id so that I can allow only my staff to
> send mails to group id and Outsiders can not send .
>
> I knew this Question is not relating to Qpopper But Qpopper works with
> sendmail so that some one could have an idea.
>
> Thanks & Regards
> Ramprasad
Date: Wed, 13 Nov 2002 14:34:36 +0100
From: Gennaro Esposito <esposito at marscenter dot it>
Subject: Stronger authentication?!
--=====================_690794780==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
Greetings
I'm back again with another (stupid?) question
Sometimes I get the following message (in the syslog)
<username> at <fqdn> (<ipaddr>): -ERR [AUTH] You must use stronger
authentication such as AUTH or APOP to connect to this server
Well, but that <username> HAS an entry in the APOP database and, in fact,
he/she can download e-mail w/o problems.
Qpopper is 4.0.4 and was configured with:
--disable-update-abort
--enable-apop
--enable-bulletins
--enable-group-bulls
--enable-nonauth-file=<pathtononauthfile>
--enable-poppassd
--enable-popuid=<popadminuser>
--enable-server-mode
--disable-specialauth
and is running on a DEC Alpha w/ DECUnix 4.0f.
The client is Eudora 5.1 running on a Windoz NT 4.0 ws.
Have you, gurus, an answer to this?
"I'm sorry, but I'm nothing but an egg" (R.A.Heinlein -Valentine Michael
Smith in Stranger in a Strange Land)
TIA
----------
Gennaro Esposito
(System & Security Engineer)
MARS Center *****************************
Via E. Gianturco,31 * YES! I SUPPORT *
I-80146 - Napoli - ITALY * *
ph.: +39 081-6042 493 * _/_/ _ _/_/ *
fax...: +39 081-6042 100 * _/_/===x===_/_/ *
mailto:esposito at marscenter dot it * _/_/ _/_/ *
http://www.marscenter.it * *
ftp://ftp.marscenter.it *International Space Station*
*****************************
--=====================_690794780==_.ALT
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
Greetings<br>
I'm back again with another (stupid?) question<br>
Sometimes I get the following message (in the syslog)<br><br>
<username> at <fqdn> (<ipaddr>): -ERR [AUTH] You must
use stronger authentication such as AUTH or APOP to connect to this
server<br><br>
Well, but that <username> HAS an entry in the APOP database and, in
fact, he/she can download e-mail w/o problems.<br><br>
Qpopper is 4.0.4 and was configured with:<br>
--disable-update-abort<br>
--enable-apop<br>
--enable-bulletins<br>
--enable-group-bulls<br>
--enable-nonauth-file=<pathtononauthfile><br>
--enable-poppassd<br>
--enable-popuid=<popadminuser><br>
--enable-server-mode<br>
--disable-specialauth<br>
and is running on a DEC Alpha w/ DECUnix 4.0f.<br>
The client is Eudora 5.1 running on a Windoz NT 4.0 ws.<br><br>
Have you, gurus, an answer to this?<br>
"I'm sorry, but I'm nothing but an egg" (R.A.Heinlein
-Valentine Michael Smith in <i>Stranger in a Strange Land</i>)<br>
TIA<br>
<x-sigsep><p></x-sigsep>
<font face="Fixedsys" size=1>----------<br>
Gennaro Esposito<br>
(System & Security Engineer)<br>
MARS
Center &nbs
p;
*****************************<br>
Via E.
Gianturco,31 &nbs
p;
* YES! I
SUPPORT *<br>
I-80146 - Napoli -
ITALY
* &nb
sp; &
nbsp;
*<br>
ph.: +39 081-6042
493
* _/_/ _
_/_/ *<br>
fax...: +39 081-6042
100
*
_/_/===x===_/_/ *<br>
<a href="mailto:esposito@marscenter dot it%A0" eudora="autourl">mailto:espos
ito at marscenter dot it
</a> *
_/_/
_/_/ *<br>
<a href="http://www.marscenter.it=A0=A0=A0=A0=A0=A0/" eudora="autourl">h
ttp://www.marscenter.it
</a>
* &nb
sp; &
nbsp;
*<br>
<a href="ftp://ftp.marscenter.it=A0=A0=A0=A0=A0=A0=A0/" eudora="autourl"
>ftp://ftp.marscenter.it
</a> *International Space Station*<br>
&nbs
p; &n
bsp;
*****************************</font></html>
--=====================_690794780==_.ALT--
Date: Sat, 23 Nov 2002 09:22:05 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Receiving Mail from Home
Quoting Kristi-Rheem (kfuller at rheemsupply dot com):
> Does anyone know how (if it is Qpopper) to make it so that my employees can
> check their mail from home. When we're in the office we set our outgoing
> mail to the name of the Machine that Sendmail is on, but when I try the
> domain name it gives me errors. I am using QPopper with Sendmail on a
> Solaris 8 machine.
There are several issues with this.
The first is that you would be exposing your machine to the Internet.
It must be secured and monitored well if you do that. While you
should secure LAN only machines, when exposed to the "bad neighborhood"
(M. Ranum) that is the Internet, the imperative is stronger.
The next is that, typically, pop users send their passwords in
cleartext over the wire and get the mail in clear text. Not as
dangerous on the LAN (given that it's easier to "0wn" someones
machine by walking over to it), but unacceptable on the Internet
without measures to protect that. Measure include using APOP
(obscures the password only), SSL (connection is encrypted) or VPN
(IPSec) which obscures the whole connection altogether.
Okay, to the specifics:
It sounds like you are having problems sending mail out.
That's sendmail and DNS, not qpopper.
If you offered specifics, like the words you put in that don't work,
it would be easier to aid you.
The easy test is if you can "ping" or "telnet" to the name in
question (telnet to port 110 to emulate a POP client).
Does it work? No?
Can it not find the name (DNS problem)?
Can it not reach the host? (routing/firewall issue)
Date: Sun, 24 Nov 2002 18:58:02 +0200
From: "Konstantin Ivanov" <cyber at globcom dot net>
Subject: qpopper running problem
Hi to all,
when I try to start qpopper it logs this message:
"Unable to obtain socket and address of client: Socket operation on
non-socket (88)"
I have static IP adressess, and BIND but without hosted domain.
Date: Sun, 24 Nov 2002 12:59:08 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Receiving Mail from Home
Or use SMTP AUTH in Sendmail.
Quoting Chip Old (fold at bcpl dot net):
> On Tue, 12 Nov 2002, Kristi-Rheem wrote to Subscribers of Qpopper:
>
> > Does anyone know how (if it is Qpopper) to make it so that my employees can
> > check their mail from home. When we're in the office we set our outgoing
> > mail to the name of the Machine that Sendmail is on, but when I try the
> > domain name it gives me errors. I am using QPopper with Sendmail on a
> > Solaris 8 machine.
>
> Two assumptions:
> 1) Access to your QPopper is not restricted other than by the usual user
> authentication.
> 2) Your Sendmail is configured to block promiscuous relaying (most are
> these days).
>
> If both are true, then your users should be able to get their incoming
> mail via your QPopper both from work and from their ISP access at home.
> However they won't be able to send mail from home via your Sendmail
> because it will be blocked by the by Sendmail's anti-relaying rule.
>
> The simplest solution to the outgoing mail problem is to have your users
> configure their home mail programs to use your POP3 server as the incoming
> mail server, but to use the mail servers specified by their individual
> ISPs as their outgoing mail servers.
>
> --
> Chip Old (Francis E. Old) E-Mail: fold at bcpl dot net
> Manager, BCPL Network Services Phone: 410-887-6180
> Manager, BCPL.NET Internet Services FAX: 410-887-2091
> 320 York Road
> Towson, MD 21204 USA
Date: Sun, 24 Nov 2002 13:03:03 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: qpopper running problem
You are starting up qpopper in a way it expects to be
started by inetd.
From inetd, it queries to get the address of the client,
instead, it gets your terminal (a non-socket).
Quoting Konstantin Ivanov (cyber at globcom dot net):
> Hi to all,
> when I try to start qpopper it logs this message:
> "Unable to obtain socket and address of client: Socket operation on
> non-socket (88)"
>
> I have static IP adressess, and BIND but without hosted domain.
Date: Sun, 24 Nov 2002 13:57:56 -0800
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: Re: Receiving Mail from Home
--On Saturday, November 23, 2002 02:13:38 PM +0100 Simon May
<simon at imsl dot es> wrote:
> But remember that if your employees check there mail via pop3 from home
> then they will not get the same emails at work.
> It would be better to install a webbased email system eg neomail or
> similar on the mail machine.
Or use an IMAP server and leave mail on the server. I've switched to this
system so that I can read my mail from home or office. Combine this with
server-side filtering (eg. procmail) and some kind of server-based address
book (eg. LDAP) and you become client-independent and OS-independent. (I'm
finding Mulberry to be a very good IMAP client. Available for Linux, Win32,
and Mac OSX.)
I still use qpopper for my users who only need to read mail in one place,
though.
Date: Mon, 25 Nov 2002 12:42:54 +0200
From: "Konstantin Ivanov" <cyber at globcom dot net>
Subject: qpopper running problem
Starting popper form console or form inetd.conf it gives me this error:
Unable to obtain socket and address of client: Socket operation on non-
s0cket (88).
I do not have a valid domain name yet. Is it possible this is to be a
problem ?
Date: Mon, 25 Nov 2002 10:52:14 -0500
From: tavasa <tavasa at che.ufl dot edu>
Subject: Re: Receiving Mail from Home
Why don't you use IMAP?
As far as I know it is free and it works with Sendmail. You will need some space
on your mail server since the messages stay on the server until the user delete
them. But your employees will be able to check their mails from home or from
elsewhere.
Simon May wrote:
> You will need to ensure that the mail server is available from the internet
> and the firewall if any
> allows packets in to port 110 from the internet.
> But remember that if your employees check there mail via pop3 from home then
> they will not get the same emails at work.
> It would be better to install a webbased email system eg neomail or similar
> on the mail machine.
> That way they can check their mail at home via the webmail system but
> collect it via pop3 (qpopper)
> at work.
>
> Kind Regards
> Simon May
> Network Administrator
> Internet Marketing S.L.
> Telephone 971 72 92 04
> Fax 971 71 92 04
> Email simon at imsl dot es
>
> ----- Original Message -----
> From: "Kristi-Rheem" <kfuller at rheemsupply dot com>
> To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
> Sent: Tuesday, November 12, 2002 2:37 PM
> Subject: Receiving Mail from Home
>
> > Does anyone know how (if it is Qpopper) to make it so that my employees
> can
> > check their mail from home. When we're in the office we set our outgoing
> > mail to the name of the Machine that Sendmail is on, but when I try the
> > domain name it gives me errors. I am using QPopper with Sendmail on a
> > Solaris 8 machine.
> >
> > Thanks,
> >
> > Kristi
> >
--
Santiago A Tavares
System and Network Administrator
Chemical Engineering Department
University of Florida
Tel: 352-392-0804
Fax: 352-392-9513
From: "Y Ramprasad" <yramprasad at ecomserver dot com>
Subject: RE: How to block public mails to group id
Date: Mon, 25 Nov 2002 11:27:14 +0530
This is a multi-part message in MIME format.
------=_NextPart_000_003A_01C29475.9A5966F0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Chuck ,
It is RedHatLinux 7.1. Group id is nothing but alias.
Regards
Ramprasad
-----Original Message-----
From: Chuck Yerkes [mailto:chuck+qpopper at yerkes dot com]
Sent: Sunday, November 24, 2002 2:00 PM
To: Y Ramprasad
Cc: Subscribers of Qpopper
Subject: Re: How to block public mails to group id
news:comp.mail.sendmail is a great place to ask this.
My computer uses power, and I don't ask my power company for
help with it. Some people use qpopper with sendmail. Some
don't. Ask at a sendmail resource.
When you write, explain what you mean by "group mail id".
Is this an alias?
And what is "linux 7.1"!? I'm only running 2.4.18.
Quoting Y Ramprasad (yramprasad at ecomserver dot com):
>
> Could you give me an answer for Sendmail on Linux 7.1 to block out side
> mails to the particular group mail id so that I can allow only my staff to
> send mails to group id and Outsiders can not send .
>
> I knew this Question is not relating to Qpopper But Qpopper works with
> sendmail so that some one could have an idea.
>
> Thanks & Regards
> Ramprasad
------=_NextPart_000_003A_01C29475.9A5966F0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content="text/html;
charset=us-ascii">
<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial color=#0000ff>Chuck ,</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff>It is RedHatLinux 7.1. Group id
is nothing
but alias.</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff>Regards</FONT></DIV>
<DIV><FONT face=Arial color=#0000ff>Ramprasad</FONT></DIV>
<DIV><BR><BR></DIV>
<P><FONT size=2>-----Original Message-----<BR>From: Chuck Yerkes [<A
href="mailto:chuck+qpopper@yerkes.com">mailto:chuck+qpopper@yerkes dot com<
/A>]<BR>Sent:
Sunday, November 24, 2002 2:00 PM<BR>To: Y Ramprasad<BR>Cc: Subscribers
of
Qpopper<BR>Subject: Re: How to block public mails to group
id<BR><BR><BR><A
href="news:comp.mail.sendmail"
target=_blank>news:comp.mail.sendmail</A>
is a great place to ask this.<BR><BR>My computer uses power, and I don't
ask my
power company for<BR>help with it. Some people use qpopper with
sendmail. Some<BR>don't. Ask at a sendmail
resource.<BR><BR>When you
write, explain what you mean by "group mail id".<BR>Is this an
alias?<BR><BR>And
what is "linux 7.1"!? I'm only running 2.4.18.<BR><BR>Quoting Y
Ramprasad
(yramprasad at ecomserver dot com):<BR>><BR>> Could you give me an answer
for
Sendmail on Linux 7.1 to block out side<BR>> mails to the particular
group
mail id so that I can allow only my staff to<BR>> send mails to group
id
and Outsiders can not send .<BR>><BR>> I knew this Question
is not
relating to Qpopper But Qpopper works with<BR>> sendmail so that some
one
could have an idea.<BR>><BR>> Thanks & Regards<BR>>
Ramprasad<BR><BR></FONT></P></BODY></HTML>
------=_NextPart_000_003A_01C29475.9A5966F0--
Date: Wed, 27 Nov 2002 11:50:14 +0100
From: Jurgen Philippaerts <jph at tiamat.Belgium.EU dot net>
Subject: loadbalanced / high availability qpopper setup ?
Hi,
We are planning to upgrade our pop3 server (currently running on a dual
cpu Sun E450) to a more redundant solution.
with at least two qpoppers running, and using somekind of centralized
storage.
Is there something i should keep in mind ? is there anyone on this list
who has such a setup, and would like to share his/her experiences ?
i would prefer multiple pop3 servers, behind a loadbalancer, all active,
and doing their thing, on the same storage.
can someone guide me in the right direction ?
all answers appreciated,
Jurgen.
From: Carles Xavier Munyoz =?iso-8859-1?q?Baldó?= <carles at descom dot es>
Subject: Re: loadbalanced / high availability qpopper setup ?
Date: Wed, 27 Nov 2002 15:20:26 +0100
Hi,
Look at this URL:
http://www.unlimitedmail.org/
Greetings.
Date: Wed, 27 Nov 2002 07:39:48 -0800 (PST)
From: The Little Prince <thelittleprince at asteroid-b612 dot org>
Subject: Re: loadbalanced / high availability qpopper setup ?
On Wed, 27 Nov 2002, Jurgen Philippaerts wrote:
> Hi,
>
> We are planning to upgrade our pop3 server (currently running on a dual
> cpu Sun E450) to a more redundant solution.
> with at least two qpoppers running, and using somekind of centralized
> storage.
>
> Is there something i should keep in mind ? is there anyone on this list
> who has such a setup, and would like to share his/her experiences ?
>
no setup xperience with this setup, but might recommend you give a test
shot of my patch for qpopper to do mysql and Maildir, which will give you
central auth with the mysql part, and a lock-indepedent mail storage
format with Maildir. as i'm sure you dont want to be NFSing a central
message store from multiple frontend pop3 servers using mbox format.
http://www.asteroid-b612.org/software
--Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince at asteroid-b612.org http://www.asteroid-b612 dot org
"Every day should be a good day to die" -DJM
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Date: Wed, 27 Nov 2002 09:11:57 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: loadbalanced / high availability qpopper setup ?
On Wed, Nov 27, 2002 at 11:50:14AM +0100, Jurgen Philippaerts wrote:
> Hi,
>
> We are planning to upgrade our pop3 server (currently running on a dual
> cpu Sun E450) to a more redundant solution.
> with at least two qpoppers running, and using somekind of centralized
> storage.
>
> Is there something i should keep in mind ? is there anyone on this list
> who has such a setup, and would like to share his/her experiences ?
Solve the "centralized storage" bit first. With Solaris at least you
should have a good NFS implementation.
Get one qpopper running on a separate server from the one where the
storage and user info is located, and test that out. Then you can add
several identical systems and laodbalance them.
> i would prefer multiple pop3 servers, behind a loadbalancer, all active,
> and doing their thing, on the same storage.
The loadbalancing part is easy. There are probably hundreds of
different solutions for this, hardware and software. I prefer the
"load balancing switch" type solution, e.g. Foundry ServerIron.
Getting the user login data to be shared also has several solutions,
and though I'm not that familiar with Solaris, I know your options
there should include LDAP and NIS+ (as well as simply slaving the
password file from the master server.)
The shared dynamically upated data storage is the only hard part, but
if you use the maildir patches to qpopper and run on NFS, I think you
should be OK.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"As for yourself, ... I am well disposed to hope you may hitherto have
escaped many Vices of your Country. But by what I have gathered from
your own Relation, and the Answers I have with much Pain wringed and
extorted from you, I cannot but conclude the Bulk of your Natives to be
the most pernicious Race of little odious Vermin that Nature ever
suffered to crawl upon the Surface of the Earth."
- Jonathan Swift, _Gulliver's Travels_
Date: Wed, 27 Nov 2002 12:21:17 -0800
From: John Rudd <jrudd at kzin.ucsc dot edu>
Subject: Re: loadbalanced / high availability qpopper setup ?
> From: Carles Xavier Munyoz <carles at descom dot es>
>
> Hi,
> Look at this URL:
> http://www.unlimitedmail.org/
>
> Greetings.
>
The web page seems a little bit lacking for something that's supposed
to draw me in to using it.
1) the FAQ is rather skimpy, and neither it nor the Documentation pages
give me any indication what platforms this software requires (which is
usually an indication that it's for MS Windows ... but you do mention
Sparc equipment in there, so maybe there's hope for unix support).
2) the Documentation seems more like a technology white paper than actual
product documentation that I'd use for installing, setting up, and
configuring the software. It's also rather odd that you'd label and
describe the function, as though they're part of your product, of the
pieces that aren't at all part of the product (such as the pieces that
you then say "use sendmail" or "use mailscanner", etc.). I understand
the architecture of email systems ... that wont get me to use your product.
What might get me to use your product is if you actuall describe the
actual function, capabilities, and configuration options of your product.
3) you only barely mention supporting POP3. What other things do you
support? KPOP? SASL? APOP? SPOP? POP3 w/STLS? IMAP4? IMAPS?
4) do I _have_ to use your seperate password file for authentication?
What about PAM modules? What about KPOP? What about external authentication
via SASL?
5) is there a CLI interface for adding/deleting/etc accounts? or does it all
have to be done via the "provisioning" interface? And is that interactive
only?
6) can users create their own mailing lists, or does it have to be done by
an administrator?
7) when users add themselves to a mailing list, what sorts of authentication
happens? mail-back confirmation? username+password at a web page?
8) What's the price? What about Edu discount?
9) Why on earth is your curriculum vitae in the product documentation?
From: "Kirk" <kirk at aircomusa dot com>
Subject: Max amount of space
Date: Wed, 27 Nov 2002 14:53:57 -0700
This is a multi-part message in MIME format.
------=_NextPart_000_045B_01C29624.D06E6500
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi am new to the club.
There seems to be a problem when someone's account that is using our
email server hits 50MB
Is there a way to make it so that there is no limit?
Newbie-
------=_NextPart_000_045B_01C29624.D06E6500
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hi am new to the club.</FONT></DIV>
<DIV><FONT face=Arial size=2>There seems to be a problem when
someone's account
that is using our email server hits 50MB</FONT></DIV>
<DIV><FONT face=Arial size=2>Is there a way to make it so that there
is no
limit?</FONT></DIV>
<DIV><FONT face=Arial size=2>Newbie-</FONT></DIV></BODY></HTML>
------=_NextPart_000_045B_01C29624.D06E6500--
From: "Austin Mann" <firemann816 at earthlink dot net>
Subject: RH 8.0 & Qpopper
Date: Wed, 27 Nov 2002 22:07:32 -0600
Saw a related article in the lists and wanted to contribute.
I could telnet to localhost 110
but when using the nic's IP it would barf:
Nov 27 20:54:00 mx1 popper[2565]:
Unable to obtain socket and address of client: Socket operation on
non-socket (88)
RH during install, asks for a firewall setting, I took 'customize'
It builds an IPTables script that denies
110 & 995
so go to
/etc/sysconfig/iptables
and modify theirs "RH-Lokkit"
or write your own ruleset.
This will kill the problem, I saw on the list as an Outlook Express error,
where it says something like 'server terminated the connection, possible
causes, blah, blah'
Regards
-Austin
From: "Alan W. Rateliff, II" <lists at rateliff dot net>
Subject: Re: Max amount of space
Date: Thu, 28 Nov 2002 00:25:32 -0500
----- Original Message -----
From: "Kirk" <kirk at aircomusa dot com>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Wednesday, November 27, 2002 4:53 PM
Subject: Max amount of space
Hi am new to the club.
There seems to be a problem when someone's account that is using our email
server hits 50MB
Is there a way to make it so that there is no limit?
Newbie-
Are you using filesystem quotas? If so, is /var or /var/mail its own
filesystem?
--
Alan W. Rateliff, II : RATELIFF.NET
Independent Technology Consultant : alan2 at rateliff dot net
(Office) 850/350-0260 : (Mobile) 850/559-0100
-------------------------------------------------------------
[System Administration][IT Consulting][Computer Sales/Repair]
Date: Wed, 27 Nov 2002 23:22:33 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: loadbalanced / high availability qpopper setup ?
Quoting Clifton Royston (cliftonr at lava dot net):
> On Wed, Nov 27, 2002 at 11:50:14AM +0100, Jurgen Philippaerts wrote:
> > We are planning to upgrade our pop3 server (currently running on a dual
> > cpu Sun E450) to a more redundant solution.
> > with at least two qpoppers running, and using somekind of centralized
> > storage.
Why?
What perceived problem do you think you'd solve?
> > Is there something i should keep in mind ? is there anyone on this list
> > who has such a setup, and would like to share his/her experiences ?
>
> Solve the "centralized storage" bit first. With Solaris at least you
> should have a good NFS implementation.
On the server side: should. Don't. NetApp was better for several
reasons. On the client side, Solaris (and FreeBSD) do fine.
> The loadbalancing part is easy. There are probably hundreds of
> different solutions for this, hardware and software. I prefer the
> "load balancing switch" type solution, e.g. Foundry ServerIron.
Foundry good.
>
> Getting the user login data to be shared also has several solutions,
> and though I'm not that familiar with Solaris, I know your options
> there should include LDAP and NIS+ (as well as simply slaving the
> password file from the master server.)
And Radius.
------------------------------
Read up on Nick Christensen's paper on Earthlink (and tuned and tweaked
later. Sendmail has many hooks and things that were needed to do that well).
http://www.jetcafe.org/~npc/doc/mail_arch.html
The paper leaves out some details; he's got a book "Sendmail
Performance Tuning" that includes useful info about tuning for
popper too (and for that matter, just tuning in general).
In general, my experience is to make one machine REALLY REALLY good.
Ready for failover. You need all that for an HA/Failover machine.
Redundant paths to an HA-ready RAID system (dual PowerSupply, dual
RAID controllers, etc). Dual networks (different cards) out to
your LAN(s). Booting from software mirrored disks, etc.
Normally, the next step would be to have that with 2 machines
and make it an HA pair. Skip it. You've done the good part.
Leave it alone.
HA adds a level of complexity that costs more to maintain and means
that you don't just casually let an admin log in. My GirlF is
getting paged to deal with a VCS pair that keeps failing to, er,
failover. Mostly cheap disk issues. The two people who were
formally trained on VCS are gone. Nobody knows it. The GirlF and
I worked at a company that developed HA long ago. How good do you
feel that a member needs to be added to a group, but only 1 or 2
people are allowed to do that cause someone did it wrong once? HA
is inherently more complex and delicate.
If your downtime is measured in $100,000 per hour, it's worth it.
But this is *just* mail. If it's down for 20 minutes while you
pull the RAID and a boot disk to another standby machine and boot
it, you'll live.
Machines don't usually crash due to CPU or MotherBoard failures.
It's VERY RARE. Usually it's software, or disks, or cables.
Be disciplined on the software side. If you had an HA production
box, you'd also NEED an HA test box. Add that cost...
From: Carles Xavier Munyoz =?iso-8859-1?q?Baldó?= <carles at descom dot es>
Subject: Re: loadbalanced / high availability qpopper setup ?
Date: Thu, 28 Nov 2002 10:08:47 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 27 November 2002 21:21, John Rudd wrote:
> The web page seems a little bit lacking for something that's supposed
> to draw me in to using it.
Hi,
Yes, you are rigth the web is still quite incomplete.
I have put it online only a few days ago and needs lot of improvements, t
his
is one of my priority tasks now.
I'm preparing a platform in which I'll offer free email accounts under th
e
unlimitedmail.org domain. In this platform you will have a web control pa
nel
for the register and for manage all your email accounts information (add
accounts, delete accounts, modify passwords, forward, mailing lists,
moderated mailing lists, private mailing lists, vacation/autoresponder,
antispam, etc.).
I'll give to the registered users access to the status statistics (cpu, d
isk
I/O, network traffic, email statistics, etc.) for se the platform
performance.
If you want, I will send you an email when the platform is ready.
> 1) the FAQ is rather skimpy, and neither it nor the Documentation pages
> give me any indication what platforms this software requires (which is
> usually an indication that it's for MS Windows ... but you do mention
> Sparc equipment in there, so maybe there's hope for unix support).
The platform runs under Linux. My experience shows me that MS Windows is
not
enougth stable to support this kind of high availability/high scalability
email platform.
I'll add this issue to the FAQ section.
> 2) the Documentation seems more like a technology white paper than actu
al
> product documentation that I'd use for installing, setting up, and
> configuring the software. It's also rather odd that you'd label and
> describe the function, as though they're part of your product, of the
> pieces that aren't at all part of the product (such as the pieces that
> you then say "use sendmail" or "use mailscanner", etc.). I understand
> the architecture of email systems ... that wont get me to use your prod
uct.
> What might get me to use your product is if you actuall describe the
> actual function, capabilities, and configuration options of your produc
t.
Thanks for the commentary. I need opinions like this to make the web sit
better.
The objective of the Unlimited Mail web site is that people knows what it
is
and what is able to do.
One of the to do tasks is the Installation/Configuration document. Basica
lly
all the instalation/configuration is done using the Management Console.
> 3) you only barely mention supporting POP3. What other things do you
> support?
KPOP? NO
SASL? YES
APOP? YES
SPOP? YES
POP3 w/STLS? YES
IMAP4? ToDO
IMAPS? ToDO
> 4) do I _have_ to use your seperate password file for authentication?
> What about PAM modules? What about KPOP? What about external
> authentication via SASL?
Yes, you must use the separate password file for authentication.
But how I say in the overview section, this is not a closed product, if y
ou
require some not implemented feature, I can implement it for you.
> 5) is there a CLI interface for adding/deleting/etc accounts? or does
it
> all have to be done via the "provisioning" interface? And is that
> interactive only?
Yes, there is a CLI command for access the provisioning interface.
There is also a web interface for access it. The web control panel of the
production platform I'm preparing comunicates with the provisioning syste
m to
carry out its tasks.
The Management Consolo will be able to communicate with the provisioning
system too.
> 6) can users create their own mailing lists, or does it have to be done
by
> an administrator?
> 7) when users add themselves to a mailing list, what sorts of
> authentication happens? mail-back confirmation? username+password at
a
> web page?
Yes, with the users web control panel.
> 9) Why on earth is your curriculum vitae in the product documentation?
My curriculum vitae is in the Documents section.
And a curriculum vitae is a document, isn't it ? ;-)
Greetings.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBPeXdKzvYAf7VZNaaEQLRgACglX7t78fwS+fnLha7n5Z5aU2hu2UAoLVC
IwNwy4H1tNuOxEAXSkMT7Tma
=NfGK
-----END PGP SIGNATURE-----
From: "Y Ramprasad" <yramprasad at ecomserver dot com>
Subject: How to know to find POP3 is running
Date: Thu, 28 Nov 2002 18:12:07 +0530
------=_NextPart_000_0005_01C29709.A9CFE870
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0006_01C29709.A9CFE870"
------=_NextPart_001_0006_01C29709.A9CFE870
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Hi ,
Could any one help us how to know that Qpopper POP3 service is running in
Redhat Linux7.1 like /etc/rc.d/init.d/sendmail.
Regards & Thanks
Ramprasad
------=_NextPart_001_0006_01C29709.A9CFE870
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face="Courier New"></FONT> </DIV>
<DIV><SPAN class 5353812-28112002><FONT face="Courier New">Hi
,</FONT></SPAN></DIV>
<DIV><SPAN class 5353812-28112002><FONT
face="Courier New"></FONT></SPAN> </DIV>
<DIV><SPAN class 5353812-28112002><FONT face="Courier New">Could
any one help
us how to know that Qpopper POP3 service is running in Redhat Linux7.1
like
/etc/rc.d/init.d/sendmail.</FONT></SPAN></DIV>
<DIV><SPAN class 5353812-28112002><FONT
face="Courier New"></FONT></SPAN> </DIV>
<DIV><SPAN class 5353812-28112002><FONT face="Courier New">Regards
&
Thanks</FONT></SPAN></DIV>
<DIV><SPAN class 5353812-28112002><FONT
face="Courier New">Ramprasad</FONT></SPAN></DIV>
<DIV> </DIV></BODY></HTML>
------=_NextPart_001_0006_01C29709.A9CFE870--
------=_NextPart_000_0005_01C29709.A9CFE870
Content-Type: text/x-vcard;
name="YRamprasad.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="YRamprasad.vcf"
BEGIN:VCARD
VERSION:2.1
N:;YRamprasad
FN:YRamprasad
ORG:eComServer India Pvt Ltd.
TITLE:System Administrator
TEL;WORK;VOICE:+91 (040) 3110333
TEL;WORK;FAX:+91 (040) 3110969
EMAIL;PREF;INTERNET:yramprasad at ecomserver dot com
REV:20020418T111052Z
END:VCARD
------=_NextPart_000_0005_01C29709.A9CFE870--
From: "Alan W. Rateliff, II" <lists at rateliff dot net>
Subject: Adding QPop's bulleting feature to IMAP
Date: Thu, 28 Nov 2002 10:51:17 -0500
Recently I've migrated my webmail users from POP3 to IMAP, and also given
some of my users access to the IMAP daemon (UW-IMAPd.)
But by doing this I've lost functionality of the pop bulletins. I would
like to integrate this feature into the IMAP daemon. Has anyone done
similar, or could anyone give me some pointers on doing this?
I'll also be looking at other IMAP daemons as well. UW-IMAP works fine for
the most part, but if someone else has more features, well...
Thanks!
--
Alan W. Rateliff, II : RATELIFF.NET
Independent Technology Consultant : alan2 at rateliff dot net
(Office) 850/350-0260 : (Mobile) 850/559-0100
-------------------------------------------------------------
[System Administration][IT Consulting][Computer Sales/Repair]
Date: Fri, 29 Nov 2002 12:22:25 +0100
From: Jurgen Philippaerts <jph at tiamat.Belgium.EU dot net>
Subject: Re: loadbalanced / high availability qpopper setup ?
Jurgen Philippaerts wrote:
> all answers appreciated,
thanks everybody for your responses.
we're still in the middle of looking at all our options (still not sure
what hardware we'll be using).
so the actual implementation is not yet planned.
i'm definately going to look into the maildir format now. and i'll come
back later with an update how everything went :)
Jurgen.
Date: Fri, 29 Nov 2002 06:59:54 -0500 (EST)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: Max amount of space
On Wed, 27 Nov 2002, Kirk wrote:
> Hi am new to the club.
> There seems to be a problem when someone's account that is using our email server hits 50MB
> Is there a way to make it so that there is no limit?
Yes, but as Qpopper has to scan the mailbox each time the user logs in,
A 50Mb inbox may take so long to process before presenting anything back
tot he client that the client may present a timeout message to the user.
Most mail clients only allow 60 seconds at session startup. With big
mailboxes, this isn't enough.
From: "Bob Drum" <bobdrum at earthlink dot net>
Subject: Cannot find ELF??
Date: Fri, 29 Nov 2002 16:54:48 -0800
What doe sthe following log message indicate and how would I fix it?
Nov 29 16:46:10 besom unix: popper: Cannot find ELF
Thanks in advance.
Bob.
Date: Sun, 1 Dec 2002 00:05:32 -0800 (PST)
From: Gregory Hicks <ghicks at cadence dot com>
Subject: Re: Max amount of space
> Date: Fri, 29 Nov 2002 06:59:54 -0500 (EST)
> From: Alan Brown <alanb at digistar dot com>
>
> On Wed, 27 Nov 2002, Kirk wrote:
>
> > Hi am new to the club.
> > There seems to be a problem when someone's account that is using
> > our email server hits 50MB
> > Is there a way to make it so that there is no limit?
>
> Yes, but as Qpopper has to scan the mailbox each time the user logs in,
> A 50Mb inbox may take so long to process before presenting anything back
> tot he client that the client may present a timeout message to the user.
Actually, if you have popper in 'server' mode with a temp-drop-dir set
to something other than the spool dir, enable-cache-dir set to something
else also (usually the same as temp-drop-dir), service is vastly
improved - even for those users that have large mail files...
A gotcha though is that most mail clients will 'forget' about messages
that are too large to download over dial-up connections (popper
presents the info one time about the message, the MUA (mail user agent)
'forgets about the particular message, and popper never presents the
mail as being unread again.)
Thus 'large' messages will tend to accumulate in the spool... Which
degrades service in the long run...
To delete these types of messages, you have to use something like
'pine' or any other IMAP MUA.
Regards,
Gregory Hicks
>
> Most mail clients only allow 60 seconds at session startup. With big
> mailboxes, this isn't enough.
>
>
>
---------------------------------------------------------------------
Gregory Hicks | Principal Systems Engineer
Cadence Design Systems | Direct: 408.576.3609
555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479
San Jose, CA 95134 | Internet: ghicks at cadence dot com
Never attribute to malice that which is adequately explained by
ignorance or stupidity.
Asking the wrong questions is the leading cause of wrong answers
"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton
From: Mark <admin at asarian-host dot net>
Date: Sun, 1 Dec 2002 10:48:10 +0100
Subject: stand-alone?
Hello,
I just installed qpopper 4.04 on FreeBSD 4.7. That is, I used the port, and
made the package as follows:
make --WITHOUT_IPV6=yes --WITH_PAM=yes --WITH_SAMPLE_POPUSERS_FILE=yes --WIT
H_STANDALONE_MODE=yes --WITHOUT_U_OPTION=yes --WITH_DRAC=yes
Yet, when I try to start the daemon, I get this error:
"Dec 1 10:38:15 asarian-host /usr/local/libexec/qpopper[457]: Unable to
obtain socket and address of client: Socket operation on non-socket (38)"
As if stand-alone mode were not enabled. I tried to start the daemon as
follows:
"/usr/local/libexec/qpopper 127.0.0.1:110 -S"
What am I missing? (O, I also added "--with-openssl" within Makefile).
Thanks!
- Mark
From: Mark <admin at asarian-host dot net>
Date: Sun, 1 Dec 2002 11:46:43 +0100
Subject: Re: stand-alone?
----- Original Message -----
From: "Mark" <admin at asarian-host dot net>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Sunday, December 01, 2002 10:48 AM
Subject: stand-alone?
Ok, I figured it out: I needed to remove the "--" before the options.
But now I get this error:
Dec 1 11:37:30 asarian-host /usr/local/libexec/qpopper[5876]: [drac]:
dracauth returned -1: localhost: RPC: Port mapper failure - RPC: Timed out
Dec 1 11:37:31 asarian-host /usr/local/libexec/qpopper[5876]: Stats: admin
3 13558 0 0 192.168.79.1 192.168.79.1
It just waits like a minute or so to authenticate; then times out, and puts
this drac message in /var/log/messages. What is causing this??
Thanks!
- Mark
Date: Sun, 1 Dec 2002 08:03:23 -0800
From: John Rudd <jrudd at kzin.ucsc dot edu>
Subject: Re: loadbalanced / high availability qpopper setup ?
> From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
>
> Quoting Clifton Royston (cliftonr at lava dot net):
> > On Wed, Nov 27, 2002 at 11:50:14AM +0100, Jurgen Philippaerts wrote:
> > > We are planning to upgrade our pop3 server (currently running on a dual
> > > cpu Sun E450) to a more redundant solution.
> > > with at least two qpoppers running, and using somekind of centralized
> > > storage.
> Why?
>
> What perceived problem do you think you'd solve?
There are lots of reasons for it. Load distribution so that you can use
smaller machines to serve your huge base of users. Easing your maintenance
schedule by having multiple clones of the same end server, allowing you to
take individual machines off-line so you can do maintenance without
interrupting your production services, etc. And, really, even if you feel
qpopper is reliable enough to be part of a '5 nines' type service, that
doesn't mean the machine under qpopper is. (I'm not saying qpopper isn't
that good -- the one time I thought qpopper was our problem, it wasn't ...
it turned out to in fact be the machine under qpopper, which was having
problems with its cache batteries).
You can kind of compare it to RAID ... RAID lets you take lots of smaller
and less reliable disks and make something bigger and more reliable out
of them. You can do the same thing with dynamic clustering of your
services.
> > Getting the user login data to be shared also has several solutions,
> > and though I'm not that familiar with Solaris, I know your options
> > there should include LDAP and NIS+ (as well as simply slaving the
> > password file from the master server.)
> And Radius.
And Kerberos for the authentication side ... for the account side, you can
use just about anything (once your passwords aren't in the account system,
you can even almost trust something as bad as NIS with the accounts
themselves). For example, all of our passwords are in kerberos, and we
serve non-kerberized mail clients through popper using PAM. The accounts
themselves are in hesiod (which is sort of like NIS, only the underlying
engine is DNS, giving you all of the flexibility and scalability of DNS).
From: Mark <admin at asarian-host dot net>
Date: Sun, 1 Dec 2002 18:29:50 +0100
Subject: Re: stand-alone?
----- Original Message -----
From: "Mark" <admin at asarian-host dot net>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Sunday, December 01, 2002 11:46 AM
Subject: Re: stand-alone?
> It just waits like a minute or so to authenticate; then times out,
> and puts this drac message in /var/log/messages.
> What is causing this??
Never mind; solved it all. It works better if you have the drac daemon
running. :)
- Mark
Last updated on 1 Dec 2002 by Pensive Mailing List Admin