The qpopper list archive ending on 9 Nov 1999
Topics covered in this issue include:
1. Qpopper 3.0b20 available
Qpopper Support <qpopper at qualcomm dot com>
Mon, 1 Nov 1999 14:58:41 -0800
2. Authentication Problem
"Patrick Armour" <armour at cjnetworks dot com>
Mon, 1 Nov 1999 17:07:17 -0600
3. Re: Authentication Problem
Qpopper Support <qpopper at qualcomm dot com>
Mon, 1 Nov 1999 18:43:07 -0800
4. Newbie question
Ron Carver <rcarver1 at midsouth.rr dot com>
Mon, 01 Nov 1999 21:06:27 -0600
5. Re: Newbie question
Nick Marouf <marouni at earlham dot edu>
Mon, 01 Nov 1999 23:09:18 -0500
6. Re: Accounting and ETRN
Alan Brown <alan at manawatu.gen dot nz>
Tue, 2 Nov 1999 19:24:38 +1300 (NZDT)
7. AW: Accounting and ETRN
"Alexander Waller" <a.waller at webpoint dot at>
Tue, 2 Nov 1999 07:29:41 +0100
8. Re: Moving the mail spool!
Alan Brown <alan at manawatu.gen dot nz>
Tue, 2 Nov 1999 19:31:48 +1300 (NZDT)
9. Connect closed by remote host???
Kari Ahveninen <kari.ahveninen at pro-equal dot com>
Tue, 02 Nov 1999 09:38:20 +0200
10. Re: Moving the mail spool!
Terje Bless <link at tss dot no>
Tue, 2 Nov 1999 09:37:30 +0100
11. Re: Qpopper 3.0b20 available
Carrer Yuri <yurj at dns.alfa dot it>
Tue, 2 Nov 1999 10:04:19 +0100 (MET)
12. RE: Newbie question
Steven Fletcher <stevenf at shellnet.co dot uk>
Tue, 2 Nov 1999 10:25:42 -0000
13. Re: AW: Accounting and ETRN
Admin Mailing Lists <mlist at intergrafix dot net>
Tue, 2 Nov 1999 08:53:56 -0500 (EST)
14. Re: Accounting and ETRN
Tomasz Orzechowski <tmo at apk dot net>
Tue, 2 Nov 1999 09:37:47 -0500
15. Re: Moving the mail spool!
Tomasz Orzechowski <tmo at apk dot net>
Tue, 2 Nov 1999 09:46:57 -0500
16. Re: AW: Accounting and ETRN
Tomasz Orzechowski <tmo at apk dot net>
Tue, 2 Nov 1999 10:02:59 -0500
17. Re: Accounting and ETRN
Alan Brown <alan at manawatu.gen dot nz>
Wed, 3 Nov 1999 04:04:42 +1300 (NZDT)
18. Re: AW: Accounting and ETRN
Alan Brown <alan at manawatu.gen dot nz>
Wed, 3 Nov 1999 04:14:10 +1300 (NZDT)
19. B19 warnings
"Kenneth Porter" <shiva at well dot com>
Mon, 01 Nov 1999 21:14:46 -0700
20. RPM package for 3.0b20
"Kenneth Porter" <shiva at well dot com>
Mon, 01 Nov 1999 21:21:35 -0700
21. ERR POP timeout
Netlink Software admin <sw at netlinkcom dot com>
Tue, 2 Nov 1999 16:24:22 -0600 (EST)
22. Qpopper error messages
pez at aiming dot net
Wed, 03 Nov 1999 08:39:44 -0500
23. Mailboxes availability
Nedal Albert <na_90210 at yahoo dot com>
Wed, 3 Nov 1999 07:19:00 -0800 (PST)
24. advanced problem
"Timo Hummel aka. Rune Bassman" <thummel at junior-net dot de>
Wed, 3 Nov 1999 22:57:37 +0100
25. RE: advanced problem
"=?iso-8859-1?Q?Philipp_Gaschütz?=" <philipp at gng dot de>
Wed, 3 Nov 1999 23:45:22 +0100
26. RE: advanced problem
Alan Brown <alan at manawatu.gen dot nz>
Thu, 4 Nov 1999 11:34:42 +1300 (NZDT)
27. RE: advanced problem
Steven Champeon <schampeo at hesketh dot com>
Wed, 3 Nov 1999 17:45:34 -0500 (EST)
28. RE: advanced problem
Alan Brown <alan at manawatu.gen dot nz>
Thu, 4 Nov 1999 11:54:18 +1300 (NZDT)
29. RE: advanced problem
Steven Champeon <schampeo at hesketh dot com>
Wed, 3 Nov 1999 17:59:37 -0500 (EST)
30. RE: advanced problem
Alan Brown <alan at manawatu.gen dot nz>
Thu, 4 Nov 1999 12:14:15 +1300 (NZDT)
31. HELP: popper becoming wedged
Forrest Aldrich <forrie at forrie dot com>
Wed, 03 Nov 1999 23:02:43 -0500
32. Re: advanced problem - Relaying and POP accounts
"Brent L. Bates" <blbates at vigyan dot com>
Thu, 4 Nov 1999 08:59:49 -0500
33. Re: advanced problem - Relaying and POP accounts
Admin Mailing Lists <mlist at intergrafix dot net>
Thu, 4 Nov 1999 11:34:31 -0500 (EST)
34. Investigating security issues with POP
Madhavi -Deleted- <madhavi at unx.dec dot com>
Thu, 04 Nov 1999 12:38:10 -0500
35. installed as a user
"R.T. Hamilton Brown" <rtbrown at hb-web dot com>
Thu, 4 Nov 1999 14:46:46 -0500
36. Re: Investigating security issues with POP
"Dan Harkless" <dan-qpopper at dilvish.speed dot net>
Thu, 04 Nov 1999 12:02:52 -0800
37. Re: installed as a user
"Dan Harkless" <dan-qpopper at dilvish.speed dot net>
Thu, 04 Nov 1999 12:05:50 -0800
38. Re: Investigating security issues with POP
Alexey Melnikov <mel at messagingdirect dot com>
Thu, 04 Nov 1999 13:21:41 -0700
39. Qpopper BULLDB support (fix) (repost)
Jonathan Benson <sysadmin at ocean.com dot au>
Fri, 05 Nov 1999 12:19:25 +1100
40. Re: Investigating security issues with POP
"Kenneth Porter" <shiva at well dot com>
Thu, 04 Nov 1999 20:08:45 -0700
41. [Fwd: Re: Connect closed by remote host???]
Kari Ahveninen <kari.ahveninen at pro-equal dot com>
Fri, 05 Nov 1999 11:10:40 +0200
42. Re: how to enable users to change their password w.o. Eudora
jnemeth at victoria.tc dot ca (John Nemeth)
Sat, 6 Nov 1999 20:17:47 -0800
43. POP EOF Received
"Dave Thacker" <d_thacker at hotmail dot com>
Mon, 08 Nov 1999 08:48:35 PST
44. Re: POP EOF Received
Alan Brown <alan at manawatu.gen dot nz>
Tue, 9 Nov 1999 19:34:53 +1300 (NZDT)
45. Compile Error with qpopper3.0b20 on HP-UX10.20
Martin Waeger <waeger at irt dot de>
Tue, 09 Nov 1999 09:04:15 +0100
46. Re: Compile Error with qpopper3.0b20 on HP-UX10.20
Santiago A Tavares <tavasa at che.ufl dot edu>
Tue, 09 Nov 1999 12:04:10 -0500
47. Re: Compile Error with qpopper3.0b20 on HP-UX10.20
"Brent L. Bates" <blbates at mneme.vigyan dot com>
Tue, 9 Nov 1999 13:25:24 -0500
48. Re: Compile Error with qpopper3.0b20 on HP-UX10.20
Carrer Yuri <yurj at dns.alfa dot it>
Tue, 9 Nov 1999 19:26:42 +0100 (MET)
49. Re: Compile Error with qpopper3.0b20 on HP-UX10.20
Tomasz Orzechowski <tmo at apk dot net>
Tue, 9 Nov 1999 13:35:51 -0500
50. Re: Compile Error with qpopper3.0b20 on HP-UX10.20
Leonard Hermens <Leonard.Hermens at rcity dot com>
Tue, 9 Nov 1999 10:44:37 -0800
Date: Mon, 1 Nov 1999 14:58:41 -0800
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Qpopper 3.0b20 available
Qpopper 3.0b20 is available at
<ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>.
Changes:
1. tar file now has 'qpopper3.0b20' as top level
From: "Patrick Armour" <armour at cjnetworks dot com>
Subject: Authentication Problem
Date: Mon, 1 Nov 1999 17:07:17 -0600
I have completed the ./configure and make, changed all the settings in the
/etc/inetd.conf and /etc/services, just as the INSTALL suggested. However,
the information regarding the use of shadow passwords is somewhat vague and
I obviously have not set it up correctly. What happens is, when a user
attempts to POP their mail, they get an authentication error stating that
the password is incorrect. Could someone please shed some light on my
problem.
**********************************************************************
Patrick Armour
ADSL Coordinator
NetWorks Technical Support Team
http://www.myinternetworks.com
Date: Mon, 1 Nov 1999 18:43:07 -0800
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Re: Authentication Problem
At 5:07 PM -0600 11/1/99, Patrick Armour wrote:
when a user
attempts to POP their mail, they get an authentication error stating
that the password is incorrect.
Did you use --enable-specialauth with ./configure?
Date: Mon, 01 Nov 1999 21:06:27 -0600
From: Ron Carver <rcarver1 at midsouth.rr dot com>
Subject: Newbie question
Greetings. I have a question that I know full well is a brain dead one,
but since this is my first Linux mail server, and my first one away from
Netscape messaging server.... Here goes. :)
I got qpopper installed, and running. I can telnet into port 25 and 110
with no problems. However when I try to send mail to or from the server..
I get a message saying...
outgoing...
<rcarver at cnhtech dot com>:
Sorry. Although I'm listed as a best-preference MX or A for that host,
it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)
My /var/qmail/control/locals file consists of...
cnhtech.com
mail.cnhtech.com
www.cnhtech.com
So this seems strange to me.
Sending mail says the following...
The recipient rcarver1 at midsouth.rr dot com is not acceptable to your SMTP server.
the message is not sendable until the recepient has been changed.
Since this is new to me, and there is 0 documentation on qpopper that I
have been able to fine... I am kinda stuck. Any and all help will be
greatly appreciated.
Ron Carver
Check out The Linux mall for all the greatest Linux stuff!
http://www.LinuxMall.com/cgi-bin/weblead.cgi/?0032459
Date: Mon, 01 Nov 1999 23:09:18 -0500
From: Nick Marouf <marouni at earlham dot edu>
Subject: Re: Newbie question
--------------DC1B094D225AB49306C13F93
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Ron,
Its good that you got it working. I had a similar problem with that.
the problem is that your DNS table needs to be updated. Sendmail 8.9.3 has more
security featuers added to it. and one of them is that the mahine u are sending
from needs to be in your DNS table. This could cause a problem. if you got a
messed up dhcp and dns tables. :(
An easy way to test this is to do an nslookup
marouf@here:/home/marouf>nslookup IP_address_A
Server: this.here.edu
Address: server IP
Name: EXAMPLE.CCLAB.EARLHAM.EDU
Address: example IP
marouf@here:/home/marouf>
---
marouf@here:/home/marouf>nslookup IP_address
Server: this.here.edu
Address: server IP
*** this.here.edu can't find IP_address_B: Non-existent host/domain
marouf@here:/home/marouf>
Basically after updating the DNS table.. all went fine.
GoodLuck
Nick
Ron Carver wrote:
> Greetings. I have a question that I know full well is a brain dead one,
> but since this is my first Linux mail server, and my first one away from
> Netscape messaging server.... Here goes. :)
>
> I got qpopper installed, and running. I can telnet into port 25 and 110
> with no problems. However when I try to send mail to or from the server..
> I get a message saying...
>
> outgoing...
>
> <rcarver at cnhtech dot com>:
> Sorry. Although I'm listed as a best-preference MX or A for that host,
> it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)
>
> My /var/qmail/control/locals file consists of...
>
> cnhtech.com
> mail.cnhtech.com
> www.cnhtech.com
>
> So this seems strange to me.
>
> Sending mail says the following...
>
> The recipient rcarver1 at midsouth.rr dot com is not acceptable to your SMTP server.
> the message is not sendable until the recepient has been changed.
>
> Since this is new to me, and there is 0 documentation on qpopper that I
> have been able to fine... I am kinda stuck. Any and all help will be
> greatly appreciated.
>
> Ron Carver
>
> Check out The Linux mall for all the greatest Linux stuff!
> http://www.LinuxMall.com/cgi-bin/weblead.cgi/?0032459
--
Nicholas Marouf | TEL#: 765-973-2514 | Cell#: 765-967-6660
System Adminstrator | Fax#: 765-983-1253 | AIM# : phant0nl0rd13
Earlham College | ECH3 : Nocturnal L.O.M.B.
http://www.earlham.edu/~marouni | http://www.cs.earlham.edu/~marouf
--------------DC1B094D225AB49306C13F93
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Ron,
<br>Its good that you got it working. I had a similar problem
with that.
<br>the problem is that your DNS table needs to be updated. Sendmail
8.9.3 has more security featuers added to it. and one of them is that the
mahine u are sending from needs to be in your DNS table. This could
cause a problem. if you got a messed up dhcp and dns tables. :(
<p>An easy way to test this is to do an nslookup
<p>marouf@here:/home/marouf>nslookup IP_address_A
<br>Server: this.here.edu
<br>Address: server IP
<p>Name: EXAMPLE.CCLAB.EARLHAM.EDU
<br>Address: example IP
<p>marouf@here:/home/marouf>
<br>---
<br>marouf@here:/home/marouf>nslookup IP_address
<br>Server: this.here.edu
<br>Address: server IP
<p>*** this.here.edu can't find IP_address_B: Non-existent host/domain
<br>marouf@here:/home/marouf>
<br>
<p>Basically after updating the DNS table.. all went fine.
<br>GoodLuck
<p>Nick
<br>
<br>
<p>Ron Carver wrote:
<blockquote TYPE=CITE>Greetings. I have a question that I know full
well is a brain dead one,
<br>but since this is my first Linux mail server, and my first one away
from
<br>Netscape messaging server.... Here goes. :)
<p>I got qpopper installed, and running. I can telnet into port 25
and 110
<br>with no problems. However when I try to send mail to or from
the server..
<br>I get a message saying...
<p>outgoing...
<p><rcarver at cnhtech dot com>:
<br>Sorry. Although I'm listed as a best-preference MX or A for that host,
<br>it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)
<p>My /var/qmail/control/locals file consists of...
<p>cnhtech.com
<br>mail.cnhtech.com
<br>www.cnhtech.com
<p>So this seems strange to me.
<p>Sending mail says the following...
<p>The recipient rcarver1 at midsouth.rr dot com is not acceptable to your SMTP
server.
<br>the message is not sendable until the recepient has been changed.
<p>Since this is new to me, and there is 0 documentation on qpopper that
I
<br>have been able to fine... I am kinda stuck. Any and all help
will be
<br>greatly appreciated.
<p>Ron Carver
<p>Check out The Linux mall for all the greatest Linux stuff!
<br><a href="http://www.LinuxMall.com/cgi-bin/weblead.cgi/?0032459">http://www.LinuxMall.com/cgi-bin/weblead.cgi/?0032459</a></blockquote>
<pre>--
Nicholas Marouf | TEL#: 765-973-2514 | Cell#: 765-967-6660
System Adminstrator | Fax#: 765-983-1253 | AIM# : phant0nl0rd13
Earlham College | ECH3 : Nocturnal L.O.M.B.
<A HREF="http://www.earlham.edu/~marouni">http://www.earlham.edu/~marouni</A> | <A HREF="http://www.cs.earlham.edu/~marouf">http:
</html>
--------------DC1B094D225AB49306C13F93--
Date: Tue, 2 Nov 1999 19:24:38 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: Accounting and ETRN
On Mon, 1 Nov 1999, Tomasz Orzechowski wrote:
> Why not just make the 'secondary' the best MX?
If you have a mailertable entry for the ETRN target, it doesn't matter -
mailertable overrides MX
(and on a related note, anyone who enables feature(relay_by_mx) in
sendmail needs their head examined.)
Given that, the static IP may as well be the bext MX, as that way mail
can be delivered directly while the host is logged in.
AB
From: "Alexander Waller" <a.waller at webpoint dot at>
Subject: AW: Accounting and ETRN
Date: Tue, 2 Nov 1999 07:29:41 +0100
That seems to be easy. But don¥t I have to make changes to sendmail ?
Alex.
+------------------------------------------+
+ Alex Waller +
+ WebPoint +
+ Internet-Services +
+ A-6840 G–tzis +
+ Mobil +43 676 4121128 +
+ http://www.webpoint.at +
+------------------------------------------+
-----Urspr¸ngliche Nachricht-----
Von: Jeff Halper [mailto:jeff at ihot dot com]
Gesendet: Montag, 01. November 1999 22:20
An: Subscribers of Qpopper
Betreff: Fw: Accounting and ETRN
> I have a tutorial on how to do this here:
>
> http://www3.ihot.com/ihotusers/exchetrn.html
>
>
>
> You wrote:
>
> > From: Admin Mailing Lists <mlist at intergrafix dot net>
> > To: Alexander Waller <a.waller at webpoint dot at>
> > cc: Subscribers of Qpopper <qpopper at lists.pensive dot org>
> > Date: Mon, 1 Nov 1999 15:20:13 -0500 (EST)
> > Subject: Re: Accounting and ETRN
> >
> >
> > in the domain's DNS zone file give it a bogus priority mail exchanger
> > (a server without port 25 active) and a secondary mail exchanger of your
> > mail server.
> >
> > something like:
> >
> > client.com. IN MX 10 bogus.yourdomain.com.
> > client.com. IN MX 20 yourmailserver.yourdomain.com.
> >
> >
> > then since it can't hit the primary server it'll queue up all mail for
the
> > domain on the secondary. Then they can pull it off there with their ETRN
> > command.
> >
> > this is what we do when a company gets a static IP from us. we set the
> > primary to their static IP and whenever they're online the mail goes
> > straight down the pipe to them, to their exchange server or whatever,
and
> > when they're offline it queues it up here..when they come online, their
> > exchange server issues the ETRN command pullling the queued mail off and
> > they go happily on their way with primary again.
> >
> > -Cygnus
> > ..-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> > Anthony J. Biacco Network Administrator/Engineer
> > admin at intergrafix dot net Intergrafix Internet Services
> >
> > "Dream as if you'll live forever, live as if you'll die today"
> > http://cygnus.ncohafmuta.com http://www.intergrafix.net
> > ..-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> >
> > On Mon, 1 Nov 1999, Alexander Waller wrote:
> >
> > > Hi !
> > > This is my second attempt to get Informations on mailaccounting.
> > > I got some replies but they didn¥t lead me to a solution.
> > > So pleas be so kind and try to help me.
> > >
> > > I have :
> > > Linux
> > > Sendmail
> > > qpopper
> > >
> > > I need :
> > > Informations on how to establish mail-accounting. Any hints or links
are
> > > wellcome.
> > >
> > >
> > > Now I add another question. Maybee I am offtopic here but the people
here
> > > maybee can help me.
> > >
> > > I have to queue mail for a customer. He wants then to get the mail via
etrn
> > > command via smtp-protocoll.
> > > Has anyone a solution for that.
> > >
> > > Thanx. Alex.
> > >
> > >
> > > +------------------------------------------+
> > > + Alex Waller +
> > > + WebPoint +
> > > + Internet-Services +
> > > + A-6840 G–tzis +
> > > + Mobil +43 676 4121128 +
> > > + http://www.webpoint.at +
> > > +------------------------------------------+
> > >
> > >
> >
> >
> >
>
Date: Tue, 2 Nov 1999 19:31:48 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: Moving the mail spool!
On Mon, 1 Nov 1999, Terje Bless wrote:
> Is mandatory file locking widely supported these days? Last I heard, most
> systems only supported advisory file locking which gets you next to
> nowhere. Unless you can verify the support for mandatory file locking at
> build time the answer would seem to be "Don't do that then!".
Pine (at least) generates a .lock file containing the pid of the
process holding the file. Qpopper could check for that.
AB
Date: Tue, 02 Nov 1999 09:38:20 +0200
From: Kari Ahveninen <kari.ahveninen at pro-equal dot com>
Subject: Connect closed by remote host???
Hello all!
I'll have a problem which one have confused me totally. I have installed
Qpopper in server mode, have checked everything with sendmail (I also
tried Qmail, with same results....) and I cannot find anything to be
wrong, but still I will get an answer when I try to get a connection to
linux with telnet to gate 110 that connection will be closed by remote
host.
It shows that telnet will connect to host (it seems to same which way I
ever try?), it will notify that escape character is whatever it is, and
after that it tell me that connection is closed.....
I have Linux RH60 with ISDN PPP-connection as server, DNS, network
routed through linux. Kernel is upgraded to 6.1 (2.2.12-20) 'caused by
ISDN-adapter which is Asuscom OEM (Winbond 6692CF) and everything else
will work fine.
Will You have any good ideas? I don't .....
Kari Ahveninen
Date: Tue, 2 Nov 1999 09:37:30 +0100
From: Terje Bless <link at tss dot no>
Subject: Re: Moving the mail spool!
On 02.11.99 at 19:31, Alan Brown <alan at manawatu.gen dot nz> wrote:
>Pine (at least) generates a .lock file containing the pid of the
>process holding the file. Qpopper could check for that.
Well, Pine is hardly the only possible source of problems with this and
that is hardly a good solution anyway (race conditions and other
nastyness).
What I was talking about was OS level support for mandatory locking a file
so that no other process -- including interactive shells and copies of
myself -- can modify it. Most systems support advisory file locking, but
that only works when the "other" process actually checks for the lock
because it isn't enforced. In effect, I would be safe from other copies of
Qpopper, but nothing much else. Status quo.
Date: Tue, 2 Nov 1999 10:04:19 +0100 (MET)
From: Carrer Yuri <yurj at dns.alfa dot it>
Subject: Re: Qpopper 3.0b20 available
On Mon, 1 Nov 1999, Qpopper Support wrote:
> Qpopper 3.0b20 is available at
> <ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>.
>
> Changes:
>
> 1. tar file now has 'qpopper3.0b20' as top level
Are you joking? :)
Yuri
From: Steven Fletcher <stevenf at shellnet.co dot uk>
Subject: RE: Newbie question
Date: Tue, 2 Nov 1999 10:25:42 -0000
That's a Qmail error, not a qpopper one - check out www.qmail.org or use the
man pages.
Steven Fletcher
stevenf at shellnet.co dot uk
> <rcarver at cnhtech dot com>:
> Sorry. Although I'm listed as a best-preference MX or A for that host,
> it isn't in my control/locals file, so I don't treat it as
> local. (#5.4.6)
Date: Tue, 2 Nov 1999 08:53:56 -0500 (EST)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: Re: AW: Accounting and ETRN
just add the domain into your /etc/sendmail.cw file (or whereever it
happens to be for your sendmail dist.) so sendmail knows to
handle mail for it.
-Cygnus
=2E-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
=2E-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On Tue, 2 Nov 1999, Alexander Waller wrote:
> That seems to be easy. But don´t I have to make changes to sendmail ?
>
> Alex.
>
>
> +------------------------------------------+
> + Alex Waller +
> + WebPoint +
> + Internet-Services +
> + A-6840 Götzis +
> + Mobil +43 676 4121128 +
> + http://www.webpoint.at +
> +------------------------------------------+
>
>
> -----Ursprüngliche Nachricht-----
> Von: Jeff Halper [mailto:jeff at ihot dot com]
> Gesendet: Montag, 01. November 1999 22:20
> An: Subscribers of Qpopper
> Betreff: Fw: Accounting and ETRN
>
>
> > I have a tutorial on how to do this here:
> >
> > http://www3.ihot.com/ihotusers/exchetrn.html
> >
> >
> >
> > You wrote:
> >
> > > From: Admin Mailing Lists <mlist at intergrafix dot net>
> > > To: Alexander Waller <a.waller at webpoint dot at>
> > > cc: Subscribers of Qpopper <qpopper at lists.pensive dot org>
> > > Date: Mon, 1 Nov 1999 15:20:13 -0500 (EST)
> > > Subject: Re: Accounting and ETRN
> > >
> > >
> > > in the domain's DNS zone file give it a bogus priority mail exchanger
> > > (a server without port 25 active) and a secondary mail exchanger of y=
our
> > > mail server.
> > >
> > > something like:
> > >
> > > client.com. IN MX 10 bogus.yourdomain.com.
> > > client.com. IN MX 20 yourmailserver.yourdomain.co=
m.
> > >
> > >
> > > then since it can't hit the primary server it'll queue up all mail fo=
r
> the
> > > domain on the secondary. Then they can pull it off there with their E=
TRN
> > > command.
> > >
> > > this is what we do when a company gets a static IP from us. we set th=
e
> > > primary to their static IP and whenever they're online the mail goes
> > > straight down the pipe to them, to their exchange server or whatever,
> and
> > > when they're offline it queues it up here..when they come online, the=
ir
> > > exchange server issues the ETRN command pullling the queued mail off =
and
> > > they go happily on their way with primary again.
> > >
> > > -Cygnus
> > > ..-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._=
=2E-.
> > > Anthony J. Biacco Network Administrator/Enginee=
r
> > > admin at intergrafix dot net Intergrafix Internet Service=
s
> > >
> > > "Dream as if you'll live forever, live as if you'll die today"
> > > http://cygnus.ncohafmuta.com http://www.intergrafix.ne=
t
> > > ..-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._=
=2E-.
> > >
> > > On Mon, 1 Nov 1999, Alexander Waller wrote:
> > >
> > > > Hi !
> > > > This is my second attempt to get Informations on mailaccounting.
> > > > I got some replies but they didn´t lead me to a solution.
> > > > So pleas be so kind and try to help me.
> > > >
> > > > I have :
> > > > Linux
> > > > Sendmail
> > > > qpopper
> > > >
> > > > I need :
> > > > Informations on how to establish mail-accounting. Any hints or link=
s
> are
> > > > wellcome.
> > > >
> > > >
> > > > Now I add another question. Maybee I am offtopic here but the peopl=
e
> here
> > > > maybee can help me.
> > > >
> > > > I have to queue mail for a customer. He wants then to get the mail =
via
> etrn
> > > > command via smtp-protocoll.
> > > > Has anyone a solution for that.
> > > >
> > > > Thanx. Alex.
> > > >
> > > >
> > > > +------------------------------------------+
> > > > + Alex Waller +
> > > > + WebPoint +
> > > > + Internet-Services +
> > > > + A-6840 Götzis +
> > > > + Mobil +43 676 4121128 +
> > > > + http://www.webpoint.at +
> > > > +------------------------------------------+
> > > >
> > > >
> > >
> > >
> > >
> >
>
Date: Tue, 2 Nov 1999 09:37:47 -0500
From: Tomasz Orzechowski <tmo at apk dot net>
Subject: Re: Accounting and ETRN
Alan Brown wrote on Tue, Nov 02, 1999 at 07:24:38PM +1300:i
> On Mon, 1 Nov 1999, Tomasz Orzechowski wrote:
> > Why not just make the 'secondary' the best MX?
> If you have a mailertable entry for the ETRN target, it doesn't matter -
> mailertable overrides MX
Yes, but my point was that adding an MX that explicitly is known to not
be able to receive mail, as the post I was replying to suggested.
> (and on a related note, anyone who enables feature(relay_by_mx) in
> sendmail needs their head examined.)
Dunno where that came from :) but it says so exaclty in the docs for
sendmail, and yes, an approach like that is not too smart...
> Given that, the static IP may as well be the bext MX, as that way mail
> can be delivered directly while the host is logged in.
Yes, but the assumption behind ETRN, at least from my point of view is
that the target server dials up for as long as it takes to receive its
messages and logs off immediately. True, this may not always be the
case, but oh well.
--
Tomasz Orzechowski tmo at apk dot net
APK.net systems administration team TO630
Date: Tue, 2 Nov 1999 09:46:57 -0500
From: Tomasz Orzechowski <tmo at apk dot net>
Subject: Re: Moving the mail spool!
Alan Brown wrote on Tue, Nov 02, 1999 at 07:31:48PM +1300:i
> On Mon, 1 Nov 1999, Terje Bless wrote:
> > Is mandatory file locking widely supported these days? Last I heard, most
> > systems only supported advisory file locking which gets you next to
> > nowhere. Unless you can verify the support for mandatory file locking at
> > build time the answer would seem to be "Don't do that then!".
> Pine (at least) generates a .lock file containing the pid of the
> process holding the file. Qpopper could check for that.
And then for /tmp/mbox.user for elm, Eris knows what for mutt, something
for imapd, and so on. I don't think so :)
--
Tomasz Orzechowski tmo at apk dot net
APK.net systems administration team TO630
Date: Tue, 2 Nov 1999 10:02:59 -0500
From: Tomasz Orzechowski <tmo at apk dot net>
Subject: Re: AW: Accounting and ETRN
Admin Mailing Lists wrote on Tue, Nov 02, 1999 at 08:53:56AM -0500:i
> just add the domain into your /etc/sendmail.cw file (or whereever it
> happens to be for your sendmail dist.) so sendmail knows to
> handle mail for it.
I assume he was asking about modifying sendmail on the 'relay' etrn
server in which case adding a domain to Cw will cause a disaster...
T
Date: Wed, 3 Nov 1999 04:04:42 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: Accounting and ETRN
On Tue, 2 Nov 1999, Tomasz Orzechowski wrote:
> Yes, but the assumption behind ETRN, at least from my point of view is
> that the target server dials up for as long as it takes to receive its
> messages and logs off immediately. True, this may not always be the
> case, but oh well.
My usual assumption is that a ETRN box is running as a dialup server and
may be online for a while if there is user activity happening, so the
mail may as well go through to it in that case.
A lot of my ETRN customers are businesses who bring their call up at 8am
and drop it at 5pm, then poll hourly outside those hours. :-)
AB
Date: Wed, 3 Nov 1999 04:14:10 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: AW: Accounting and ETRN
On Tue, 2 Nov 1999, Tomasz Orzechowski wrote:
> I assume he was asking about modifying sendmail on the 'relay' etrn
> server in which case adding a domain to Cw will cause a disaster...
It does need to be added to sendmail.cR though.
I knocked up a horrible set of .sh scripts to ease management of
sendmail 8.9 aliasing/virtusers/mail masquerading/MX forwarding
(UUCP+ETRN) and spammer control some time back.
If someone would like to use them as the basis to produce a more elegant
tool for the job, please contact me off list. As it stands, the scripts
are unsuitable for anyone except sendmail experts.
AB
From: "Kenneth Porter" <shiva at well dot com>
Date: Mon, 01 Nov 1999 21:14:46 -0700
Subject: B19 warnings
Compiling 3.0b19 on Red Hat Linux 5.2, I get the following warnings:
pop_send.c: In function `pop_send':
pop_send.c:259: warning: passing arg 1 of `header_mucker_init' from
incompatible pointer type
pop_user.c:210: warning: type mismatch with previous external decl
pop_user.c:74: warning: previous external decl of `downcase_uname'
pop_user.c:210: warning: type mismatch with previous implicit
declaration
pop_user.c:74: warning: previous implicit declaration of
`downcase_uname'
pop_user.c:210: warning: `downcase_uname' was previously implicitly
declared to return `int'
The one in pop_send looks like a signature mismatch between two
indirect functions, MimeInput and topper_input. The second in pop_user
is simply a missing prototype for downcase_uname; it's defined after
its first point of use, so the implied int return type conflicts with
the actual void return type.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.215Now.com/
From: "Kenneth Porter" <shiva at well dot com>
Date: Mon, 01 Nov 1999 21:21:35 -0700
Subject: RPM package for 3.0b20
I'm planning to produce an RPM source package for beta 20. RPM doesn't
have a notion of beta versions, so 3.0bXX seems to come *after* 3.0.
Therefore I'm planning to call the next beta package qpopper-2.99.20 to
ensure that it has a version number prior to the gold release of 3.0.
This will allow the RPM update mechanism to work properly.
As my previous (and only) version was called qpopper-3.0b18, the new
package will look like a back-level, and it will be necessary to
uninstall the old package before installing the new one.
I'll announce on the list when the new package is ready.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.215Now.com/
Date: Tue, 2 Nov 1999 16:24:22 -0600 (EST)
From: Netlink Software admin <sw at netlinkcom dot com>
Subject: ERR POP timeout
Nov 2 15:17:43 xxxxxx in.popper[7174]: xxxx@xxxx: -ERR POP timeout
I have a few users who cause this error to be logged.
The also get some of their messages and then it quits (2 of 5 or
whatever).
It does not seem to be on particularly large messages only, but many of
them are of 1MB or more.
My inetd.conf entry is:
pop-3 stream tcp nowait.100 root /usr/sbin/tcpd in.popper -s -T 480
This is a RH Linux 5.2 machine.
QPOP (version 3.0b18)
This is an SMP machine with plenty of memory.
What exactly causes this?
What can I do to stop the error messages and help the users retrieve their
mail?
Thanks,
Curt
Date: Wed, 03 Nov 1999 08:39:44 -0500
From: pez at aiming dot net
Subject: Qpopper error messages
I keep getting these messages constantly from my /var/log/messages file
and it seems that my machine (running RH 6.0) is locking up every few
days and this is the only problems I can seem to find. Does anyone know
what this means?
Nov 3 09:13:25 pz popper[2741]: @100.10.10.30: -ERR POP EOF received
--
Cheers,
Derek
Date: Wed, 3 Nov 1999 07:19:00 -0800 (PST)
From: Nedal Albert <na_90210 at yahoo dot com>
Subject: Mailboxes availability
Folks,
I'm looking for a simple way to provide availability
to
users mailboxes. Right now, I'm relying on the
vendor's
cluster software (Sun Cluster) to provide this
functionality.
However, from previous experiences ,when odds happen
,its very
painful to recover the cluster. So, this made look
into other direction.
e.g. using Cisco local directors or Traffic management
software
between identical servers . to insure data syncing ,an
incremental
backup is performed from one server to the others(e.g.
using rcp in a cron job). A manual failover can
accepted!.
I would appreciate any comments/direction.
if somebody direct me to another resource that would
be helpful too.
I'm using sendmmail/qpopper.
Thanks
N.Albert
p.s. sorry if question might not be directly related
to qpopper.
=====
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com
From: "Timo Hummel aka. Rune Bassman" <thummel at junior-net dot de>
Subject: advanced problem
Date: Wed, 3 Nov 1999 22:57:37 +0100
Hello!
I got a real advanced configuration problem. The problem is quite complex;
the main problem is that
I need to let users from different IP adresses send mail trough my server,
without knowing when or
from which IP they need to send mail. I noticed that GMX.NET does a very
clever trick: They allow
people to send stuff trough their SMTP server when these people previously
fetched their mail from
the same IP via POP. Has somebody setup something like this?
Thanks
Timo
From: "=?iso-8859-1?Q?Philipp_Gaschütz?=" <philipp at gng dot de>
Subject: RE: advanced problem
Date: Wed, 3 Nov 1999 23:45:22 +0100
Hi!
> people to send stuff trough their SMTP server when these
> people previously
> fetched their mail from
> the same IP via POP. Has somebody setup something like this?
If you want do to setup your mailserver the way GMX does:
For Exim there is a solution to this:
Q0806: <http://www.exim.org/FAQ.html#SEC137>
-philipp
Date: Thu, 4 Nov 1999 11:34:42 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: RE: advanced problem
On Wed, 3 Nov 1999, [iso-8859-1] Philipp Gasch¸tz wrote:
> If you want do to setup your mailserver the way GMX does:
> For Exim there is a solution to this:
> Q0806: <http://www.exim.org/FAQ.html#SEC137>
For sendmail, there's whoson and DRAC.
DRAC is at http://mail.cc.umanitoba.ca/drac/ and is designed to scale
across server clusters - which is why it uses "icky Sun RPC calls"
Because it's modular, it can be rigged to use multiple inputs for
authentication - radius logins, pop3/imap access, etc. If you have
source code you can add DRACd support into almost anything.
There are even qpopper hooks at umanitoba. No idea if they've been
incorporated into 3.0 though.
AB
Date: Wed, 3 Nov 1999 17:45:34 -0500 (EST)
From: Steven Champeon <schampeo at hesketh dot com>
Subject: RE: advanced problem
On Thu, 4 Nov 1999, Alan Brown wrote:
> DRAC is at http://mail.cc.umanitoba.ca/drac/ and is designed to scale
> across server clusters - which is why it uses "icky Sun RPC calls"
>
> Because it's modular, it can be rigged to use multiple inputs for
> authentication - radius logins, pop3/imap access, etc. If you have
> source code you can add DRACd support into almost anything.
>
> There are even qpopper hooks at umanitoba. No idea if they've been
> incorporated into 3.0 though.
I have a patch against qpopper3.0b18 that I can make available if anyone
is interested, but it's pretty much the same as the patch for v2.53,
nothing special. Let me know and I'll post the patch to the list.
You /do/ have to know how to setup portmapper and sendmail properly in
order for this to work, FWIW. And my recent experiments in running RSS
and the DUL in conjunction with DRAC POP-before-SMTP met with resounding
failure, so you may need to hack your m4 files if you plan to use both
the MAPS blocking services and DRAC. YMMV.
Steve
--
Steven Champeon v: 919.854.1570
Sr. Technical Consultant f: 919.854.1579
hesketh.com/inc. w: hesketh.com
Date: Thu, 4 Nov 1999 11:54:18 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: RE: advanced problem
On Wed, 3 Nov 1999, Steven Champeon wrote:
> You /do/ have to know how to setup portmapper and sendmail properly in
> order for this to work, FWIW. And my recent experiments in running RSS
> and the DUL in conjunction with DRAC POP-before-SMTP met with resounding
> failure, so you may need to hack your m4 files if you plan to use both
> the MAPS blocking services and DRAC. YMMV.
Were you using sendmail 8.9.2 or earlier?
Everything prior to 8.9.3 allowed RBLs to override access.db.
Sendmail 8.9.3 reversed that order to allow access.db to override RBLs
AB
Date: Wed, 3 Nov 1999 17:59:37 -0500 (EST)
From: Steven Champeon <schampeo at hesketh dot com>
Subject: RE: advanced problem
On Thu, 4 Nov 1999, Alan Brown wrote:
> On Wed, 3 Nov 1999, Steven Champeon wrote:
> > You /do/ have to know how to setup portmapper and sendmail properly in
> > order for this to work, FWIW. And my recent experiments in running RSS
> > and the DUL in conjunction with DRAC POP-before-SMTP met with resounding
> > failure, so you may need to hack your m4 files if you plan to use both
> > the MAPS blocking services and DRAC. YMMV.
>
> Were you using sendmail 8.9.2 or earlier?
No, sendmail 8.9.3.
> Everything prior to 8.9.3 allowed RBLs to override access.db.
>
> Sendmail 8.9.3 reversed that order to allow access.db to override RBLs
Yes, but drac doesn't use access.db - that's the whole point. There's the
access.db file for approved relay (and rejects, etc.) and then there's the
drac.db which is for roamers not in the access.db and who are possibly in
the DUL (which they should be, AFAICT). In my tests, the DUL overrided the
drac lookup. I've got some rulesets from a couple of folks on spamtools
that I plan to hack on a bit when I get some time, that change the order
of the relay checking so that drac's OK ends the checks.
Are you saying that drac should be configured to use the access.db file?
On my system, drac is a btree and access is a hash. And in any case, the
makemap call will overwrite any drac-added entries with the contents of
the access file alone. Or am I missing something?
Thanks,
Steve
--
Steven Champeon v: 919.854.1570
Sr. Technical Consultant f: 919.854.1579
hesketh.com/inc. w: hesketh.com
Date: Thu, 4 Nov 1999 12:14:15 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: RE: advanced problem
On Wed, 3 Nov 1999, Steven Champeon wrote:
> Are you saying that drac should be configured to use the access.db file?
No, but drac.db should be checked immediately after access.db and before
RBL lists.
AB
Date: Wed, 03 Nov 1999 23:02:43 -0500
From: Forrest Aldrich <forrie at forrie dot com>
Subject: HELP: popper becoming wedged
I've been experiencing a problem on our mail server whereby
popper appears to get "stuck". Several processes are spawned,
"popper -s" and they hang. This is on FreeBSD-2.2.8, and a
display of the output of "top" shows that each process is in
a "lockf" state.
I checked /var/mail to see if there were any old .user.pop lockfiles,
an nothing is there. I end up having to killall the processes, HUP
sendmail... and pray.
This occurs with older versions of popper AND the latest 3.0b20.
We have a lot of very unhappy mail users that I need to answer to,
so I'd appreciate it if anyone might know what the problem is
and how to remedy it.
Thanks,
Forrest
From: "Brent L. Bates" <blbates at vigyan dot com>
Date: Thu, 4 Nov 1999 08:59:49 -0500
Subject: Re: advanced problem - Relaying and POP accounts
We recently implemented this type of set up using the information at:
http://www.cynic.net/~cjs/computer/sendmail/poprelay.html
There is also an extremely stripped down version listed at:
http://spam.abuse.net/spam/toos/smPbS.html
but I liked the first one better. It is more automated and involved fewer
changes on my part. The sendmail server is basically opened up for relaying
for some predetermined amount of time to the IP address the POP client last
connected from. After that amount of time has passed, relaying is closed down
for that IP address. To reopen relaying, the user only needs to check their
email again. The limited open relaying time can be set to however long the
root user wants, seconds, hours, days.
We just recently installed this and it seems to be working. We've only
tested it, so we don't know how things will be when real users start beating
on things.
I had to make some changes to the POP server so it would log the
information we needed where we needed it. The `poprelayd' Perl script also
had to be changed to read the log file in order to get the information it
needed.
--
Brent L. Bates (UNIX Sys. Admin.)
M.S. 912 Phone:(757) 865-1400, x204
NASA Langley Research Center FAX:(757) 865-8177
Hampton, Virginia 23681-0001
Email: B.L.BATES at larc.nasa.gov http://www.vigyan dot com/~blbates/
Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B)
This email address may not be added to any commercial mail list with out
my permission. Violation of my privacy with advertising or SPAM will
result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.
Date: Thu, 4 Nov 1999 11:34:31 -0500 (EST)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: Re: advanced problem - Relaying and POP accounts
I've used the second version and have used it with mixes of qpopper
2.53, 3.0 and sendmail 8.8.8 and 8.9.3 for about 1 1/2 years now without
problem
I'm sure the first version works fine too. Whatever trips your trigger :-)
-Cygnus
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On Thu, 4 Nov 1999, Brent L. Bates wrote:
> We recently implemented this type of set up using the information at:
>
> http://www.cynic.net/~cjs/computer/sendmail/poprelay.html
>
> There is also an extremely stripped down version listed at:
>
> http://spam.abuse.net/spam/toos/smPbS.html
>
> but I liked the first one better. It is more automated and involved fewer
> changes on my part. The sendmail server is basically opened up for relaying
> for some predetermined amount of time to the IP address the POP client last
> connected from. After that amount of time has passed, relaying is closed down
> for that IP address. To reopen relaying, the user only needs to check their
> email again. The limited open relaying time can be set to however long the
> root user wants, seconds, hours, days.
> We just recently installed this and it seems to be working. We've only
> tested it, so we don't know how things will be when real users start beating
> on things.
> I had to make some changes to the POP server so it would log the
> information we needed where we needed it. The `poprelayd' Perl script also
> had to be changed to read the log file in order to get the information it
> needed.
>
> --
>
> Brent L. Bates (UNIX Sys. Admin.)
> M.S. 912 Phone:(757) 865-1400, x204
> NASA Langley Research Center FAX:(757) 865-8177
> Hampton, Virginia 23681-0001
> Email: B.L.BATES at larc.nasa.gov http://www.vigyan dot com/~blbates/
>
> Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B)
> This email address may not be added to any commercial mail list with out
> my permission. Violation of my privacy with advertising or SPAM will
> result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.
>
Date: Thu, 04 Nov 1999 12:38:10 -0500
From: Madhavi -Deleted- <madhavi at unx.dec dot com>
Subject: Investigating security issues with POP
I was investigating on the security isssues with POP.
I would appreciate any issues that you may have come accross
1. Is APOP used widely? Since only the eudora email client uses APOP,
my feeling is that APOP is 'nt very popular
2. What are your comments if the RFC for POP was changed to use 160 bit
message digest
instead of the 148 bit digest used by APOP. Is it worthwhile ?
3. What are your comments on implementing a POP server to use SSL
instead?
4. The other security issue with POP is that it gives too much of
information. Is there any other field of security with POP that concerns
you?
Thanks, Madhavi
-
\\\||///
( . . )
( o )
+--------------------------oo0---0oo-----------------------------------------+
| Madhavi -Deleted- \\\||/// mail :
madhavi at unx.dec dot com|
| compaq computer corporation \ /
Phone:(732)-577-6190 |
| 200 Route 9 North ( . . ) Fax
:(732)-577-6003 |
| Manalapan,New Jersey 07726 ( O
) |
+----------------------------------------oo0---0oo---------------------------+
From: "R.T. Hamilton Brown" <rtbrown at hb-web dot com>
Subject: installed as a user
Date: Thu, 4 Nov 1999 14:46:46 -0500
Is it possible to install qpopper, or any pop3 server as a "user" on a
machine.
Thanks for any info!
From: "Dan Harkless" <dan-qpopper at dilvish.speed dot net>
Subject: Re: Investigating security issues with POP
Date: Thu, 04 Nov 1999 12:02:52 -0800
Madhavi -Deleted- <madhavi at unx.dec dot com> writes:
> I was investigating on the security isssues with POP.
> I would appreciate any issues that you may have come accross
>
> 1. Is APOP used widely?
Not anywhere near as widely as it should be, no. Too bad it wasn't invented
before standard USER / PASS POP authentication, so it could have become the
standard.
> Since only the eudora email client uses APOP,
> my feeling is that APOP is 'nt very popular
The MH mail suite (<http://www.ics.uci.edu/~mh>) also supports APOP.
> 4. The other security issue with POP is that it gives too much of
> information. Is there any other field of security with POP that concerns
> you?
What kind of information are you talking about? One piece of information
that qpopper unnecessarily gives out is the software name and version
number. This is very handy for hackers scanning for POP3 servers of a
particular version so they can run a known root exploit.
I've patched my local qpopper-2.53 so it just says "Pop server at <machine>
starting." (to go along with the unchanged "Pop server at <machine> signing
off." message). qpopper should have a configurable option (like wu-ftpd
does) to print out a generic welcome message rather than giving up its
version.
-----------------------------------------------------------------------
Dan Harkless | To prevent SPAM contamination, please
dan-qpopper at dilvish.speed dot net | do not post this private email address
SpeedGate Communications, Inc. | to the USENET or WWW. Thank you.
From: "Dan Harkless" <dan-qpopper at dilvish.speed dot net>
Subject: Re: installed as a user
Date: Thu, 04 Nov 1999 12:05:50 -0800
"R.T. Hamilton Brown" <rtbrown at hb-web dot com> writes:
> Is it possible to install qpopper, or any pop3 server as a "user" on a
> machine.
Not unless you use a nonstandard port rather than 110. Ports below 1024 can
only be bound by root on UNIX.
-----------------------------------------------------------------------
Dan Harkless | To prevent SPAM contamination, please
dan-qpopper at dilvish.speed dot net | do not post this private email address
SpeedGate Communications, Inc. | to the USENET or WWW. Thank you.
Date: Thu, 04 Nov 1999 13:21:41 -0700
From: Alexey Melnikov <mel at messagingdirect dot com>
Subject: Re: Investigating security issues with POP
Madhavi -Deleted- wrote:
> I was investigating on the security isssues with POP.
> I would appreciate any issues that you may have come accross
>
> 1. Is APOP used widely? Since only the eudora email client uses APOP,
> my feeling is that APOP is 'nt very popular
Some other clients use it. Have a look at
http://baikonur.demo.ru/homerus/mail/SASL_ClientRef.html
Execmail also supports APOP, but it is not listed as such.
> 2. What are your comments if the RFC for POP was changed to use 160 bit
> message digest instead of the 148 bit digest used by APOP. Is it worthwhile ?
>
No. APOP was replaced by more general mechanism(s): SASL (AUTH command). It is not
worthwhile investing time in development of obsoleted technologies.
SASL may have integrity protection and even encryption. It it sometimes cheaper to
implement than SSL.
> 3. What are your comments on implementing a POP server to use SSL
> instead?
>
> 4. The other security issue with POP is that it gives too much of
> information. Is there any other field of security with POP that concerns
> you?
>
> Thanks, Madhavi
Alexey Melnikov
Date: Fri, 05 Nov 1999 12:19:25 +1100
From: Jonathan Benson <sysadmin at ocean.com dot au>
Subject: Qpopper BULLDB support (fix) (repost)
Since someone recently asked about this and it seems my patch didn't
make it in to the new beta (which I haven't yet tried, I hope they at
least added in PAM support?) here is a repost.
------ Original Message -------
Regarding trying to compile Qpopper 3.0b18 with G/DBM support for the
bulletins.
I posted a little while back saying I couldn't get this to work.
I've since found a rather simple solution.
The problem again in brief (on a RedHat 6.0 system anyway):
When attempting to compile qpopper with:
./configure --prefix=/usr --exec-prefix=/usr --enable-servermode
--enable-bulletins=/var/spool/bulls --enable-specialauth
And editing the $SRCDIR/popper/Makefile to enable G/DBM support for
bulletins:
DEFS = -DHAVE_CONFIG_H -DBULLDB
An error is produced when attempting to perform a make:
pop_bull.c: In function `pop_bull':
pop_bull.c:172: `LOCK_EX' undeclared (first use in this function)
pop_bull.c:172: (Each undeclared identifier is reported only once
The solution:
1. Edit $SRCDIR/popper/pop_bull.c to include:
#ifdef BULLDB
#include <sys/file.h>
#endif
--
Jonathan Benson
Systems Administrator
Ocean Internet
http://www.ocean.com.au/
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 04 Nov 1999 20:08:45 -0700
Subject: Re: Investigating security issues with POP
On Thu, 04 Nov 1999 13:21:41 -0700, Alexey Melnikov wrote:
>Some other clients use it. Have a look at
>http://baikonur.demo.ru/homerus/mail/SASL_ClientRef.html
>Execmail also supports APOP, but it is not listed as such.
FWIW, Southsoft's PMMail (http://www.southsoft.com) can do APOP and
RPA. It handles multiple POP3 and SMTP accounts and the authentication
selection can be separately configured for each account. I've been
using the OS/2 and Win32 versions for a couple years to service 5
accounts.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.215Now.com/
Date: Fri, 05 Nov 1999 11:10:40 +0200
From: Kari Ahveninen <kari.ahveninen at pro-equal dot com>
Subject: [Fwd: Re: Connect closed by remote host???]
-------- Original Message --------
Subject: Re: Connect closed by remote host???
Date: Fri, 05 Nov 1999 11:06:46 +0200
From: Kari Ahveninen <kari.ahveninen at pro-equal dot com>
Organization: Pro-Equal Oy Networks
To: Paul Furnival <paul at APT-uk dot net>
References: <524586917900718880184 at lists.pensive dot org>
<009b01bf26f6$84a15880$0c00a8c0@apt>
Hi, Paul!
Paul Furnival wrote:
> I had the same problem.
> qpopper uses /usr/spool/mail to store messages.
> My server didn't have this directory. Once I created it, qpopper worked
> fine.
Well, I have that directory. I suppose that also permissions will be
correct,
at least I have not changed them...... it were created by rpm during
installation.
Basically, I got qpopper to start working, since I moved popper from
/usr/local/lib to /usr/sbin and also changed preferences in inetd.conf
to
pointing same dir. It seems that it is security issue in RH 6.1 that it
did
not work from that dir which were determined in istructions of Qpopper
3.
Now, the next problem is: Qpopper will now response correctly, it should
be
configured correctly with sendmail (qpopper will answer for questions to
port
110 and sendmail to port 25 as smtp, in .cf is determined as far as I
understand that qpopper is pop delivery program... ) and still I do not
get
mail from one user to another inside of our own domain. It cannot be big
problem, just that I should find it...
One big problem is that I never have enough time to do anything ready
without
some interrups 'caused by work.... as I will be still quite novice with
linux... :-o
> Hope this helps,
Everything will help. Thanks.
Kari Ahveninen
Pro-Equal Oy
From: jnemeth at victoria.tc dot ca (John Nemeth)
Date: Sat, 6 Nov 1999 20:17:47 -0800
Subject: Re: how to enable users to change their password w.o. Eudora
On Sep 28, 9:00am, "Jonathan C. Detert" wrote:
}
} I'm using qpopper on solaris to enable students to read their email which
} resides on that solaris server.
}
} The only ways I know of to enable the users to change their password are:
} 1) use Eudora;
} 2) telnet to the solaris server, login, and change their password.
}
} I can't require them to use Eudora, and I don't want them to have to telnet to
} the server. Any ideas how they could otherwise change their password?
I don't recall seeing an answer to this question. Anyways, you can
download a standalone Windows program, called PopPass, which will do the
job from: http://www.tip.net.au/~mphillip/ .
} Secondly, I'd like to employ password aging on the solaris server. However, I
} notice that Eudora's poppassd doesn't observe the password aging rules. Any
} ideas how I could enforce password aging?
Time to break out the C compiler...
}-- End of excerpt from "Jonathan C. Detert"
From: "Dave Thacker" <d_thacker at hotmail dot com>
Subject: POP EOF Received
Date: Mon, 08 Nov 1999 08:48:35 PST
OS: Red Hat 5.2
popper : V 3.18
inetd.conf line: pop-3 stream tcp nowait root /usr/sbin/popper -s -b
/var/spool/bulletins
Our users connect to this machine via a WAN. They generally run
a Microsoft client. 90% of the users generate this error in the
error log:
@[xxx.xxx.xxx.xxx]: -ERR POP EOF received
^ their IP address
10% of the users can pull mail. I am sure that I have simply missed
something in the configuration of this beast. Does anyone have some
pointers on what to check? TIA
Dave Thacker
SysAdmin Omni Hotels Reservation Center
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Date: Tue, 9 Nov 1999 19:34:53 +1300 (NZDT)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: POP EOF Received
On Mon, 8 Nov 1999, Dave Thacker wrote:
> Our users connect to this machine via a WAN. They generally run
> a Microsoft client. 90% of the users generate this error in the
> error log:
>
> @[xxx.xxx.xxx.xxx]: -ERR POP EOF received
> ^ their IP address
>
> 10% of the users can pull mail. I am sure that I have simply missed
> something in the configuration of this beast. Does anyone have some
> pointers on what to check? TIA
How big are the messages they're pulling?
How long are the timouts set to on the clients?
What error message (if any) is being seen on the client machine?
AB
Date: Tue, 09 Nov 1999 09:04:15 +0100
From: Martin Waeger <waeger at irt dot de>
Subject: Compile Error with qpopper3.0b20 on HP-UX10.20
Hi qpopper users,
when I try to compile qpopper3.0b20 on HP-UX 10.20 I get the errors:
make
cd ./popper && make all
cc -c -I.. -I.. -I. -I../mmangle -g -DHAVE_CONFIG_H -DHPUX
-DHPUX10 -DU
NIX flock.c -o flock.o
cc -c -I.. -I.. -I. -I../mmangle -g -DHAVE_CONFIG_H -DHPUX
-DHPUX10 -DU
NIX pop_dele.c -o pop_dele.o
cc: "popper.h", line 282: error 1000: Unexpected symbol: "*".
cc: "popper.h", line 284: error 1000: Unexpected symbol: "FP".
cc: "popper.h", line 282: error 1506: Parameters allowed in function
definition
only.
cc: "popper.h", line 284: error 1573: Type of "Stack" is undefined due to
an ill
egal declaration.
cc: "popper.h", line 284: error 1578: Size of struct or union member is
unknown.
*** Error exit code 1
The same is with all versions 3.x of qpopper while 2.53 had no problems.
The compiler used is the HP ANSI C Compiler:
LINT G.10.32.05 CXREF G.10.32.05
HP92453-01 G.10.32.05 HP C Compiler
/usr/lib/libc: $Revision: 76.3 $
If anybody can help please answer to the qpopper mailing list
Thanks.
Martin Waeger
______________________________________________________________________
__ ___
| | \ | Institut fuer Rundfunktechnik GmbH | Martin Waeger
| | / | Floriansmuehlstr. 60 | e-mail: waeger at irt dot de
| | \ | D-80939 Muenchen | Tel. +49 89 32399 206
| | \ | Germany http://www.irt.de | Fax: +49 89 32399 399
______________________________________________________________________
Date: Tue, 09 Nov 1999 12:04:10 -0500
From: Santiago A Tavares <tavasa at che.ufl dot edu>
Subject: Re: Compile Error with qpopper3.0b20 on HP-UX10.20
I did the installation of Qpopper 3.x under UP-UX10.20 without problems. Than
is, "configuration" and "make" run without problems. I use Gnu "gcc" and
"make". If you are using HP c compiler, try the Gnu staff.
Santiago
Chemical Engineering Department
University of Florida
Martin Waeger wrote:
> Hi qpopper users,
>
> when I try to compile qpopper3.0b20 on HP-UX 10.20 I get the errors:
>
> make
> cd ./popper && make all
> cc -c -I.. -I.. -I. -I../mmangle -g -DHAVE_CONFIG_H -DHPUX
> -DHPUX10 -DU
> NIX flock.c -o flock.o
> cc -c -I.. -I.. -I. -I../mmangle -g -DHAVE_CONFIG_H -DHPUX
> -DHPUX10 -DU
> NIX pop_dele.c -o pop_dele.o
> cc: "popper.h", line 282: error 1000: Unexpected symbol: "*".
> cc: "popper.h", line 284: error 1000: Unexpected symbol: "FP".
> cc: "popper.h", line 282: error 1506: Parameters allowed in function
> definition
> only.
> cc: "popper.h", line 284: error 1573: Type of "Stack" is undefined due to
> an ill
> egal declaration.
> cc: "popper.h", line 284: error 1578: Size of struct or union member is
> unknown.
>
> *** Error exit code 1
>
> The same is with all versions 3.x of qpopper while 2.53 had no problems.
> The compiler used is the HP ANSI C Compiler:
> LINT G.10.32.05 CXREF G.10.32.05
> HP92453-01 G.10.32.05 HP C Compiler
> /usr/lib/libc: $Revision: 76.3 $
>
> If anybody can help please answer to the qpopper mailing list
> Thanks.
> Martin Waeger
> ______________________________________________________________________
> __ ___
> | | \ | Institut fuer Rundfunktechnik GmbH | Martin Waeger
> | | / | Floriansmuehlstr. 60 | e-mail: waeger at irt dot de
> | | \ | D-80939 Muenchen | Tel. +49 89 32399 206
> | | \ | Germany http://www.irt.de | Fax: +49 89 32399 399
> ______________________________________________________________________
From: "Brent L. Bates" <blbates at mneme.vigyan dot com>
Date: Tue, 9 Nov 1999 13:25:24 -0500
Subject: Re: Compile Error with qpopper3.0b20 on HP-UX10.20
I was also told to use the garbage GNU compilers as they will ignore all
the ERRORS/BUGS in the source files. Personally, I would not/will not trust
anything that comes out of GNU's trash compilers. To compile source files
that are blatantly wrong with out errors could lead to all sorts of problems,
including, but not limited to, unreliable operations and security problems.
Personally, I believe who ever is developing qpopper should find a REAL
compiler that will not allow grossly incorrect source files to compile with
out errors.
No wonder I'm always seeing posts in other news groups saying NOT to user
qpopper. Sounds like it is time to find some better written software.
Date: Tue, 9 Nov 1999 19:26:42 +0100 (MET)
From: Carrer Yuri <yurj at dns.alfa dot it>
Subject: Re: Compile Error with qpopper3.0b20 on HP-UX10.20
> I was also told to use the garbage GNU compilers as they will ignore all
> the ERRORS/BUGS in the source files. Personally, I would not/will not trust
> anything that comes out of GNU's trash compilers. To compile source files
> that are blatantly wrong with out errors could lead to all sorts of problems,
> including, but not limited to, unreliable operations and security problems.
> Personally, I believe who ever is developing qpopper should find a REAL
> compiler that will not allow grossly incorrect source files to compile with
> out errors.
> No wonder I'm always seeing posts in other news groups saying NOT to user
> qpopper. Sounds like it is time to find some better written software.
Can someone test qpopper reliability (EOF RECEIVED TOO OFTEN) with
Linux 2.0.XX, libc5, gcc 2.7.3.
Yuri
Date: Tue, 9 Nov 1999 13:35:51 -0500
From: Tomasz Orzechowski <tmo at apk dot net>
Subject: Re: Compile Error with qpopper3.0b20 on HP-UX10.20
Brent L. Bates wrote on Tue, Nov 09, 1999 at 01:25:24PM -0500:i
> I was also told to use the garbage GNU compilers as they will ignore all
> the ERRORS/BUGS in the source files. Personally, I would not/will not trust
> anything that comes out of GNU's trash compilers. To compile source files
> that are blatantly wrong with out errors could lead to all sorts of problems,
> including, but not limited to, unreliable operations and security problems.
> Personally, I believe who ever is developing qpopper should find a REAL
> compiler that will not allow grossly incorrect source files to compile with
> out errors.
> No wonder I'm always seeing posts in other news groups saying NOT to user
> qpopper. Sounds like it is time to find some better written software.
Learn english, and write a better popper and give it away for free.
Geez, and I thought that using qpopper was an option and people chose to
do it or not to do it. Looks like some people are being forced into using
it against their will...
T.
--
- Look, ma, I caught a troll...
- Good, honey, now throw it back.
Date: Tue, 9 Nov 1999 10:44:37 -0800
From: Leonard Hermens <Leonard.Hermens at rcity dot com>
Subject: Re: Compile Error with qpopper3.0b20 on HP-UX10.20
At 1:25 PM -0500 11/9/99, Brent L. Bates wrote:
> I was also told to use the garbage GNU compilers as they will ignore all
>the ERRORS/BUGS in the source files. Personally, I would not/will not trust
>anything that comes out of GNU's trash compilers. To compile source files
>that are blatantly wrong with out errors could lead to all sorts of problems,
>including, but not limited to, unreliable operations and security problems.
> Personally, I believe who ever is developing qpopper should find a REAL
>compiler that will not allow grossly incorrect source files to compile with
>out errors.
> No wonder I'm always seeing posts in other news groups saying NOT to user
>qpopper. Sounds like it is time to find some better written software.
Please send some concise evidence supporting your generalities.
-- Leonard