The qpopper list archive ending on 1 Apr 2002
Topics covered in this issue include:
1. Re: BUGTRAQ: Bug in QPopper (All Versions?)
"Alessandro de Manzano" <demanzano at playstos dot com>
Wed, 20 Mar 2002 14:06:29 +0100
2. Re: BUGTRAQ: Bug in QPopper (All Versions?)
simakin at dtd.peterstar dot com
Fri, 22 Mar 2002 11:32:41 +0300
3. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Michael Zimmermann <zim at vegaa dot de>
Fri, 22 Mar 2002 09:59:07 +0100
4. filtering/blocking recipients in qpopper
"Speci" <speci at gmx dot net>
Fri, 22 Mar 2002 11:20:19 +0100
5. Re: filtering/blocking recipients in qpopper
Michael Zimmermann <zim at vegaa dot de>
Fri, 22 Mar 2002 12:27:10 +0100
6. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Jeff Gray <jwgray at p3.boogs dot mu>
Fri, 22 Mar 2002 05:20:02 -0800 (PST)
7. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Michael Zimmermann <zim at vegaa dot de>
Fri, 22 Mar 2002 15:17:13 +0100
8. Relaying denied -reject=550
Jess haas <smoothstone57 at yahoo dot com>
Fri, 22 Mar 2002 13:05:36 -0800 (PST)
9. Re: Relaying denied -reject=550
Clifton Royston <cliftonr at lava dot net>
Fri, 22 Mar 2002 12:28:17 -1000
10. RE: Relaying denied -reject=550
"Daniel G" <tech at ct5 dot com>
Fri, 22 Mar 2002 16:37:12 -0600
11. RE: Relaying denied -reject=550
"Bob Lockie" <bjlockie at rogers dot com>
Fri, 22 Mar 2002 20:54:45 -0500
12. RE: Relaying denied -reject=550
Jess haas <smoothstone57 at yahoo dot com>
Fri, 22 Mar 2002 18:13:30 -0800 (PST)
13. Re: Relaying denied -reject=550
Robert Brandtjen <rob at prometheusmedia dot com>
Fri, 22 Mar 2002 20:06:09 -0600
14. Re: filtering/blocking recipients in qpopper
Chip Old <fold at bcpl dot net>
Fri, 22 Mar 2002 23:08:26 -0500 (EST)
15. qpopper and ssl: -ERR POP EOF
Brian Rankin <brankin at enbonline dot net>
Mon, 25 Mar 2002 08:51:08 -0800 (PST)
16. Spool name problem
"Neil R Porter" <neil at iamanidiot dot com>
Tue, 26 Mar 2002 10:57:33 -0000
17. Spool name problem
"Neil R Porter" <neil at iamanidiot dot com>
Tue, 26 Mar 2002 21:03:07 -0000
18. Patch for Hashed Mail Spool for sendmail 8.12.2 ?
"Christopher Crowley" <ccrowley at tulane dot edu>
Tue, 26 Mar 2002 15:25:48 -0600
19. -ERR [SYS/TEMP] Unable to open Bulletin database
Nico De Ranter <nico at sonycom dot com>
Tue, 26 Mar 2002 10:41:32 +0100
20. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Jeff Gray <jwgray at p3.boogs dot mu>
Wed, 27 Mar 2002 05:55:42 -0800 (PST)
21. Feedback on configure options, please.
"Christopher Crowley" <ccrowley at tulane dot edu>
Wed, 27 Mar 2002 09:11:29 -0600
22. Re: Relaying denied -reject=550
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Wed, 27 Mar 2002 08:48:43 -0800
23. RE: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
"Justin Ainsworth" <jda at sunset dot net>
Thu, 28 Mar 2002 22:27:26 -0800
24. Re: Relaying denied -reject=550
Robert Brandtjen <rob at prometheusmedia dot com>
Fri, 29 Mar 2002 03:39:28 -0600
25. Re: Relaying denied -reject=550
Robert Brandtjen <rob at prometheusmedia dot com>
Fri, 29 Mar 2002 03:46:01 -0600
26. Testing message
Patrick Guillot <pguillot at paanjaru dot com>
Thu, 28 Mar 2002 22:11:46 +0100
27.
"Andrew E. Guly" <andrew_g at tzk.jamal dot ru>
Fri, 29 Mar 2002 09:52:53 +0300
28. Re: Spool name problem
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 29 Mar 2002 08:32:35 -0500
29. Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 29 Mar 2002 08:45:12 -0500
30. Multiple messages
Alan Brown <alanb at digistar dot com>
Fri, 29 Mar 2002 07:40:02 -0500 (EST)
31. Re: your mail [noop has null function]
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 29 Mar 2002 09:31:36 -0500
32. RE: Spool name problem
"Neil R Porter" <neil at iamanidiot dot com>
Fri, 29 Mar 2002 17:12:36 -0000
33. Re: Spool name problem
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 29 Mar 2002 13:09:09 -0500
34. RE: Spool name problem
"Neil R Porter" <neil at iamanidiot dot com>
Fri, 29 Mar 2002 18:18:51 -0000
35. Re: your mail [noop has null function]
Daniel Senie <dts at senie dot com>
Fri, 29 Mar 2002 13:22:21 -0500
36. Re: Relaying denied -reject=550
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Fri, 29 Mar 2002 09:57:32 -0800
37. Re: your mail
Clifton Royston <cliftonr at lava dot net>
Fri, 29 Mar 2002 08:51:18 -1000
38. Re: Feedback on configure options, please.
Randall Gellens <randy at qualcomm dot com>
Fri, 29 Mar 2002 11:40:04 -0800
39. Re: -ERR [SYS/TEMP] Unable to open Bulletin database
Randall Gellens <randy at qualcomm dot com>
Fri, 29 Mar 2002 11:42:24 -0800
40. Re: Relaying denied -reject=550
Robert Brandtjen <rob at prometheusmedia dot com>
Fri, 29 Mar 2002 12:44:58 -0600
41. RE: Spool name problem
Randall Gellens <randy at qualcomm dot com>
Fri, 29 Mar 2002 11:44:46 -0800
42. Re: Spool name problem
Clifton Royston <cliftonr at lava dot net>
Fri, 29 Mar 2002 12:14:52 -1000
43. Re: your mail [noop has null function]
Randall Gellens <randy at qualcomm dot com>
Fri, 29 Mar 2002 11:50:55 -0800
44. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Clifton Royston <cliftonr at lava dot net>
Fri, 29 Mar 2002 12:49:05 -1000
45. Re: BUGTRAQ: Bug in QPopper (All Versions?)
Clifton Royston <cliftonr at lava dot net>
Fri, 29 Mar 2002 14:37:55 -1000
46. Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Clifton Royston <cliftonr at lava dot net>
Fri, 29 Mar 2002 12:17:27 -1000
47. Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sat, 30 Mar 2002 11:21:24 -0800
48. Re: Feedback on configure options, please.
"Christopher Crowley" <ccrowley at tulane dot edu>
Mon, 1 Apr 2002 09:18:40 -0600
49. Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
"Christopher Crowley" <ccrowley at tulane dot edu>
Mon, 1 Apr 2002 10:24:54 -0600
50. Re: Feedback on configure options, please.
Clifton Royston <cliftonr at lava dot net>
Mon, 1 Apr 2002 09:52:50 -1000
From: "Alessandro de Manzano" <demanzano at playstos dot com>
Date: Wed, 20 Mar 2002 14:06:29 +0100
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
On Tue, 19 Mar 2002 23:19:01 -0600, Randall Gellens wrote:
>The cause isn't as simple as that, sorry (which I realized as soon as
>I sent the message). It doesn't loop for me on some systems (such as
>OpenBSD 2.9) with inputs that aren't an even multiple of 2048. It
>also doesn't loop for me at all (with any size input) on some systems
>(such as Darwin/MacOS X).
on a FreeBSD 4.4-stable with qpopper 4.0.3 it loops forever (near 100%
CPU) but does not eat memory, according to "top"
I used this simple exploit:
perl -e '{print "A"x"2049"}' | nc my.pop3.host 110
(nc is netcat)
bye!
Alessandro de Manzano
Senior System & Network Administrator
Playstos - TIMA SpA
Corso Sempione 63
20149 Milano
Italy
tel.: +39-02-3314153
fax: +39-02-315678
mail: demanzano at playstos dot com
http://www.playstos.com
Date: Fri, 22 Mar 2002 11:32:41 +0300
From: simakin at dtd.peterstar dot com
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
Hello!
Can anybody give an recommendation how to protect my qpopper now
from such exploits unil right patch will be aviable?
Thank you!
AdM> I used this simple exploit:
AdM> perl -e '{print "A"x"2049"}' | nc my.pop3.host 110
AdM> (nc is netcat)
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
Date: Fri, 22 Mar 2002 09:59:07 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Freitag, 22. März 2002 09:32 simakin at dtd.peterstar dot com wrote:
> Hello!
>
> Can anybody give an recommendation how to protect my qpopper now
> from such exploits unil right patch will be aviable?
> Thank you!
Clifton Royston has published two patches in this list, which should
both be applied. And Kenneth Porter has made a rpm and srpm out of them.
At Montag, 18. März 2002 17:50 Kenneth Porter wrote:
>
> I've cut a new RPM with your two patches and installed it on my servers.
> An SRPM is also available.
>
> http://www.sewingwitch.com/ken/SRPMS/
>
> Look for qpopper-4.0.4-0.1.1.*.rpm.
Greetings
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8mvJb72vu22ltWBERAsMVAJ9+cdNivT05FVe+4PAtWU3Blnq75ACcCkg9
mf3EWkNeQckM1wTNe6FMhAI
=pGre
-----END PGP SIGNATURE-----
From: "Speci" <speci at gmx dot net>
Subject: filtering/blocking recipients in qpopper
Date: Fri, 22 Mar 2002 11:20:19 +0100
hi there,
is there a way to block recipients (by email-address) in qpopper?
example:
generally I want to receive everything at * at domain dot com but someone is
sending spam to info at domain dot com
I dont need info at domain dot com so I want to block this.
I know I can filter this out in my email client but I'd like to know if
there's a way to filter this out in qpopper.
Regards
Sascha
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: filtering/blocking recipients in qpopper
Date: Fri, 22 Mar 2002 12:27:10 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Freitag, 22. März 2002 11:20 Speci wrote:
> hi there,
>
> is there a way to block recipients (by email-address) in qpopper?
I hope not, because I would consider that a serious design flaw.
The right place to filter spam or to discard a special email-address
is the MTA. And the right place to decide what should be done with
a message allready received should be the mail client (resp. it's owner).
Greetings
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8mxUO72vu22ltWBERAgPNAJ0Wsq1XpIJS7MTif94U7TO6vxPykgCbBGiI
q0KGbzsiRfhfqJPbJ7pZepU
=3aLd
-----END PGP SIGNATURE-----
Date: Fri, 22 Mar 2002 05:20:02 -0800 (PST)
From: Jeff Gray <jwgray at p3.boogs dot mu>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
Michael and Roger,
I am new to the lists but have followed the archive on this thread. The
last I saw was that Roger of qualcomm said he was working on a patch and,
by implication, had not endorsed the patches below.
Roger: is an official patch on your soon to be available list?
brgds
Jeff
On Fri, 22 Mar 2002, Michael Zimmermann wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> At Freitag, 22. März 2002 09:32 simakin at dtd.peterstar dot com wrote:
> > Hello!
> >
> > Can anybody give an recommendation how to protect my qpopper now
> > from such exploits unil right patch will be aviable?
> > Thank you!
>
> Clifton Royston has published two patches in this list, which should
> both be applied. And Kenneth Porter has made a rpm and srpm out of them.
>
> At Montag, 18. März 2002 17:50 Kenneth Porter wrote:
> >
> > I've cut a new RPM with your two patches and installed it on my servers
=2E
> > An SRPM is also available.
> >
> > http://www.sewingwitch.com/ken/SRPMS/
> >
> > Look for qpopper-4.0.4-0.1.1.*.rpm.
>
> Greetings
> - --
> Michael Zimmermann (Vegaa Safety and Security for Internet Services)
> <zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
> Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE8mvJb72vu22ltWBERAsMVAJ9+cdNivT05FVe+4PAtWU3Blnq75ACcCkg9
> mf3EWkNeQckM1wTNe6FMhAI
> =pGre
> -----END PGP SIGNATURE-----
>
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
Date: Fri, 22 Mar 2002 15:17:13 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Freitag, 22. März 2002 14:20 Jeff Gray wrote:
> Roger [ of qualcomm ]: is an official patch on your soon to be available list?
Hi Jeff,
you are right to wait for the official patch IMO,
if you have tested the exploit against your
server and found out that it is not vulnerable.
Have you ?
Friendly Greetings
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8mzzp72vu22ltWBERAhLyAJ0V3Y7vJsisK92EvI0DpYM4Gwfo8ACeI3c5
njnx4f6cPstP6ZQ5dKjhZnE
=8NGw
-----END PGP SIGNATURE-----
Date: Fri, 22 Mar 2002 13:05:36 -0800 (PST)
From: Jess haas <smoothstone57 at yahoo dot com>
Subject: Relaying denied -reject=550
I can receive mail, but when I try to send, I get this
error:
Mar 22 12:38:44 dsl061-070-151 sendmail[8679]:
MAA08679: ruleset=check_rcpt,
arg1=<smoothstone57 at yahoo dot com>,
relay=dsl081-050-104.sfo1.dsl.speakeasy.net
[64.81.50.104], reject=550
<smoothstone57 at yahoo dot com>... Relaying denied
Anyone know what is causing this & how to fix it?
I am running Red Hat 6.2 with sendmail Version 8.9.3
Compiled with: LOG MATCHGECOS MIME7TO8 MIME8TO7
NAMED_BIND NETINET
NETUNIX NEWDB NIS QUEUE SCANF SMTP USERDB
TIA,
Jess
smoothstone57 at yahoo dot com
__________________________________________________
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy AwardsÆ
http://movies.yahoo.com/
Date: Fri, 22 Mar 2002 12:28:17 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Relaying denied -reject=550
On Fri, Mar 22, 2002 at 01:05:36PM -0800, Jess haas wrote:
> I can receive mail, but when I try to send, I get this
> error:
>
> Mar 22 12:38:44 dsl061-070-151 sendmail[8679]:
^^^^^^^^ sendmail, not qpopper.
> MAA08679: ruleset=check_rcpt,
> arg1=<smoothstone57 at yahoo dot com>,
> relay=dsl081-050-104.sfo1.dsl.speakeasy.net
> [64.81.50.104], reject=550
> <smoothstone57 at yahoo dot com>... Relaying denied
>
> Anyone know what is causing this & how to fix it?
I suggest you try a sendmail support mailing list. qpopper doesn't
have anything to do with sending mail.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Fri, 22 Mar 2002 16:37:12 -0600
From: "Daniel G" <tech at ct5 dot com>
Subject: RE: Relaying denied -reject=550
You can get on the mailing list here:
http://www.sendmail.org/faq/
I'm having the same problem, only sending mail... It's a Sendmail
configuration thing... But, if you find the answer feel free to throw it
my way...lol...
Daniel
-----Original Message-----
From: Clifton Royston [mailto:cliftonr at lava dot net]
Sent: Friday, March 22, 2002 4:28 PM
To: Jess haas
Cc: Subscribers of Qpopper
Subject: Re: Relaying denied -reject=550
On Fri, Mar 22, 2002 at 01:05:36PM -0800, Jess haas wrote:
> I can receive mail, but when I try to send, I get this
> error:
>
> Mar 22 12:38:44 dsl061-070-151 sendmail[8679]:
^^^^^^^^ sendmail, not qpopper.
> MAA08679: ruleset=check_rcpt,
> arg1=<smoothstone57 at yahoo dot com>,
> relay=dsl081-050-104.sfo1.dsl.speakeasy.net
> [64.81.50.104], reject=550
> <smoothstone57 at yahoo dot com>... Relaying denied
>
> Anyone know what is causing this & how to fix it?
I suggest you try a sendmail support mailing list. qpopper doesn't
have anything to do with sending mail.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
From: "Bob Lockie" <bjlockie at rogers dot com>
Date: Fri, 22 Mar 2002 20:54:45 -0500
Subject: RE: Relaying denied -reject=550
I only sent my reply to Jess.
It is a common problem and the answer is in the sendmail FAQ.
http://www.sendmail.org/faq/section3.html#3.27
>You can get on the mailing list here:
>
>http://www.sendmail.org/faq/
>
>I'm having the same problem, only sending mail... It's a Sendmail
>configuration thing... But, if you find the answer feel free to throw it
>my way...lol...
>
>Daniel
>
>
>-----Original Message-----
>From: Clifton Royston [mailto:cliftonr at lava dot net]
>Sent: Friday, March 22, 2002 4:28 PM
>To: Jess haas
>Cc: Subscribers of Qpopper
>Subject: Re: Relaying denied -reject=550
>
>On Fri, Mar 22, 2002 at 01:05:36PM -0800, Jess haas wrote:
>> I can receive mail, but when I try to send, I get this
>> error:
>>
>> Mar 22 12:38:44 dsl061-070-151 sendmail[8679]:
>
> ^^^^^^^^ sendmail, not qpopper.
>> MAA08679: ruleset=check_rcpt,
>> arg1=<smoothstone57 at yahoo dot com>,
>> relay=dsl081-050-104.sfo1.dsl.speakeasy.net
>> [64.81.50.104], reject=550
>> <smoothstone57 at yahoo dot com>... Relaying denied
>>
>> Anyone know what is causing this & how to fix it?
>
>I suggest you try a sendmail support mailing list. qpopper doesn't
>have anything to do with sending mail.
>
> -- Clifton
>
>--
> Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
>"What do we need to make our world come alive?
> What does it take to make us sing?
> While we're waiting for the next one to arrive..." - Sisters of Mercy
>
>
Date: Fri, 22 Mar 2002 18:13:30 -0800 (PST)
From: Jess haas <smoothstone57 at yahoo dot com>
Subject: RE: Relaying denied -reject=550
Thanks for the help! I found the answer here
http://www.sendmail.org/tips/relaying.html
-J
--- Daniel G <tech at ct5 dot com> wrote:
> You can get on the mailing list here:
>
> http://www.sendmail.org/faq/
>
> I'm having the same problem, only sending mail...
> It's a Sendmail
> configuration thing... But, if you find the answer
> feel free to throw it
> my way...lol...
>
> Daniel
>
>
> -----Original Message-----
> From: Clifton Royston [mailto:cliftonr at lava dot net]
> Sent: Friday, March 22, 2002 4:28 PM
> To: Jess haas
> Cc: Subscribers of Qpopper
> Subject: Re: Relaying denied -reject=550
>
> On Fri, Mar 22, 2002 at 01:05:36PM -0800, Jess haas
> wrote:
> > I can receive mail, but when I try to send, I get
> this
> > error:
> >
> > Mar 22 12:38:44 dsl061-070-151 sendmail[8679]:
>
> ^^^^^^^^ sendmail,
> not qpopper.
> > MAA08679: ruleset=check_rcpt,
> > arg1=<smoothstone57 at yahoo dot com>,
> > relay=dsl081-050-104.sfo1.dsl.speakeasy.net
> > [64.81.50.104], reject=550
> > <smoothstone57 at yahoo dot com>... Relaying denied
> >
> > Anyone know what is causing this & how to fix it?
>
> I suggest you try a sendmail support mailing list.
> qpopper doesn't
> have anything to do with sending mail.
>
> -- Clifton
>
> --
> Clifton Royston -- LavaNet Systems Architect
> -- cliftonr at lava dot net
> "What do we need to make our world come alive?
> What does it take to make us sing?
> While we're waiting for the next one to arrive..."
> - Sisters of Mercy
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy AwardsÆ
http://movies.yahoo.com/
From: Robert Brandtjen <rob at prometheusmedia dot com>
Subject: Re: Relaying denied -reject=550
Date: Fri, 22 Mar 2002 20:06:09 -0600
On Friday 22 March 2002 04:37 pm, Daniel G wrote:
> I'm having the same problem, only sending mail... It's a Sendmail
> configuration thing... But, if you find the answer feel free to throw it
> my way...lol...
you need sendmails source code, and then read the .cf file - it will teach
you how to recompile sendmail.cf using m4 to enable various "features" - at
that point i would install webmin, as it makes dealing with sendmail
ridiculously easy.
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster at prometheusmedia dot com
www.prometheusmedia.com
Date: Fri, 22 Mar 2002 23:08:26 -0500 (EST)
From: Chip Old <fold at bcpl dot net>
Subject: Re: filtering/blocking recipients in qpopper
On Fri, 22 Mar 2002, Speci wrote to Subscribers of Qpopper:
> is there a way to block recipients (by email-address) in qpopper?
>
> example:
> generally I want to receive everything at * at domain dot com but someone is
> sending spam to info at domain dot com
>
> I dont need info at domain dot com so I want to block this.
>
> I know I can filter this out in my email client but I'd like to know if
> there's a way to filter this out in qpopper.
That isn't a Qpopper function. If you don't want to block mail to
info at domain dot com via a filter in your mail client, then you need to do it
in your MTA.
It isn't clear, but I'm guessing from your description that "domain.com"
is a hosted domain on a machine that has some other primary domain name.
Assuming you're using Sendmail, and assuming all mail for @domain.com
(regardless of username) is to go to you, and assuming you manage mail for
hosted domains via Sendmail's virtusertable feature, you need something
like this in your virtusertable:
info at domain dot com<tab>error:nouser User unknown
@domain.com<tab>speci at gmx dot net
That will cause Sendmail to reject mail for info at domain dot com with a "User
unknown" error, but will cause mail for any other username @domain.com to
be delivered to speci at gmx dot net (or to whatever real address you
substitute).
If that isn't applicable in your situation, take it up in
comp.mail.sendmail (or the support newsgroup or mailing list for whatever
MTA you use). It isn't a Qpopper issue.
--
Chip Old (Francis E. Old) E-Mail: fold at bcpl dot net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
320 York Road
Towson, MD 21204 USA
Date: Mon, 25 Mar 2002 08:51:08 -0800 (PST)
From: Brian Rankin <brankin at enbonline dot net>
Subject: qpopper and ssl: -ERR POP EOF
Hello,
I'm trying to setup qpopper 4.0.3 to utilize via SSL over port 110. I'm using openssl version 0.9.6b installed in /usr/local/ssl. I've successfully compiled popper as a standalone daemon with debugging enabled, and have my ssl certificate signed and inst
alled. qpopper is configured with "set tls-support = stls".
My mail clients are OutLook 2000 (Win2Ksp2, Outlook200 Sr-1a). They can successfully download mail in unencrypted sessions over port 110; but when they use SSL over 110 they get the following error: "The TCP/IP connection was unexpectedly terminated by t
he server (Error Number 0x800ccc0f)"
The server logs are verbose, but the error is: -ERR POP EOF or I/O Error [popper.c:794].
Any suggestions to solve this would be greatly appreciated!
Sincerely, Brian
Server Log Output:
Mar 25 08:36:53.692 2002
Mar 25 08:36:53.693 2002 [13925] Finished processing config file '/usr/local/mail/qpopper.config'; rslt=1 [pop_config.c:1463]
Mar 25 08:36:53.693 2002
Mar 25 08:36:53.697 2002 [13925] (v4.0.3) Unable to get canonical name of client 192.168.0.12: Authoritive answer: Host not found (1) [pop_init.c:1054]
Mar 25 08:36:53.697 2002
Mar 25 08:36:53.697 2002 [13925] (v4.0.3) Servicing request from "192.168.0.12" at 192.168.0.12 [pop_init.c:1153]
Mar 25 08:36:53.697 2002
Mar 25 08:36:53.697 2002 [13925] before TLS; tls_support==2 [popper.c:172]
Mar 25 08:36:53.697 2002
Mar 25 08:36:53.697 2002 [13925] ...Initializing OpenSSL library [pop_tls_openssl.c:224]
Mar 25 08:36:53.697 2002
Mar 25 08:36:53.703 2002 [13925] ...have /dev/urandom; skipping PRNG seeding [pop_tls_openssl.c:282]
Mar 25 08:36:53.703 2002
Mar 25 08:36:53.703 2002 [13925] ...setting method to SSLv23_server_method [pop_tls_openssl.c:306]
Mar 25 08:36:53.703 2002
Mar 25 08:36:53.703 2002 [13925] ...allocating OpenSSL context [pop_tls_openssl.c:336]
Mar 25 08:36:53.703 2002
Mar 25 08:36:53.704 2002 [13925] ...setting certificate file /usr/local/mail/certs/cert.pem [pop_tls_openssl.c:347]
Mar 25 08:36:53.704 2002
Mar 25 08:36:53.706 2002 [13925] ...private key file not set; assuming private key is in cert (/usr/local/mail/certs/cert.pem) [pop_tls_openssl.c:364]
Mar 25 08:36:53.706 2002
Mar 25 08:36:53.706 2002 [13925] ...setting private key file /usr/local/mail/certs/cert.pem [pop_tls_openssl.c:368]
Mar 25 08:36:53.706 2002
Mar 25 08:36:53.707 2002 [13925] ...verifying private key against certificate [pop_tls_openssl.c:381]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] ...(tls_cipher_list not specified) [pop_tls_openssl.c:408]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] ...allocating OpenSSL connection [pop_tls_openssl.c:419]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] ...setting input (0) and output (0) file descriptors [pop_tls_openssl.c:430]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] ...successfully completed OpenSSL initialization [pop_tls_openssl.c:449]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] TLS Init [popper.c:193]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.707 2002 [13925] (v4.0.3) Intro [popper.c:238]
Mar 25 08:36:53.707 2002
Mar 25 08:36:53.708 2002 [13925] +OK Qpopper (version 4.0.3) at lumina starting. [popper.c:251]
Mar 25 08:36:53.708 2002
Mar 25 08:36:53.708 2002 [13925] Qpopper ready for input from (null) at 192.168.0.12 [192.168.0.12] [popper.c:285]
Mar 25 08:36:53.708 2002
Mar 25 08:36:53.708 2002 [13925] (null) at 192.168.0.12 (192.168.0.12): -ERR POP EOF or I/O Error [popper.c:794]
Mar 25 08:36:53.708 2002
Mar 25 08:36:53.708 2002 [13925] I/O error flushing output to client at 192.168.0.12 [192.168.0.12]: Broken pipe (32) [pop_send.c:685]
Mar 25 08:36:53.708 2002
Mar 25 08:36:53.708 2002 [13925] +OK Pop server at lumina signing off. [popper.c:351]
Mar 25 08:36:53.708 2002
Mar 25 08:36:53.709 2002 [13925] I/O error flushing output to client at 192.168.0.12 [192.168.0.12]: Broken pipe (32) [pop_send.c:685]
Mar 25 08:36:53.709 2002
Mar 25 08:36:53.709 2002 [13925] pTLS->m_pPOP->tls_started == false [pop_tls_openssl.c:807]
Mar 25 08:36:53.709 2002
Mar 25 08:36:53.709 2002 [13925] freeing m_OpenSSLconn [pop_tls_openssl.c:811]
Mar 25 08:36:53.709 2002
Mar 25 08:36:53.709 2002 [13925] freeing m_OpenSSLctx [pop_tls_openssl.c:817]
Mar 25 08:36:53.709 2002
Mar 25 08:36:53.709 2002 [13925] openssl_shutdown returning 0 [pop_tls_openssl.c:822]
Mar 25 08:36:53.709 2002
Mar 25 08:36:53.710 2002 [13925] (v4.0.3) Ending request from "" at (192.168.0.12) 192.168.0.12 [popper.c:369]
Mar 25 08:36:53.710 2002
From: "Neil R Porter" <neil at iamanidiot dot com>
Subject: Spool name problem
Date: Tue, 26 Mar 2002 10:57:33 -0000
Hi All
I've got it all working to an extent. I'm using postfix with qpopper v4 on
linux. Postfix lands the incoming email into /var/spool/mail/username -
that's fine. And qpopper is setup to get mail from spool-dir
/var/spool/mail - again, seems fine. However, even though there was a mail
file in the dir called neil qpopper was ignoring it and instead just
returning as if no new mail. It wasn't until I played around and tried
renaming neil to .neil.pop that suddenly qpopper sent me all my mail and
deleted the file.
Now, my reading of the manual and config file is that .user.pop is a temp
spool dir, and if I have to ssh in to "mv neil .neil.pop" every time I need
to pop email, well that's silly. Question is, how do I get qpopper to use
the filename neil (i.e. user) and not .neil.pop (i.e. .user.pop)?
Thanks for any help you can give
Neil
From: "Neil R Porter" <neil at iamanidiot dot com>
Subject: Spool name problem
Date: Tue, 26 Mar 2002 21:03:07 -0000
Hi All
I've got it all working to an extent. I'm using postfix with qpopper v4
on linux. Postfix lands the incoming email into
/var/spool/mail/username - that's fine. And qpopper is setup to get
mail from spool-dir = /var/spool/mail - again, seems fine. However,
even though there was a mail file in the dir called neil qpopper was
ignoring it and instead just returning as if no new mail. It wasn't
until I played around and tried renaming neil to .neil.pop that suddenly
qpopper sent me all my mail and deleted the file.
Now, my reading of the manual and config file is that .user.pop is a
temp spool dir, and if I have to ssh in to "mv neil .neil.pop" every
time I need to pop email, well that's silly. Question is, how do I get
qpopper to use the filename neil (i.e. user) and not .neil.pop (i.e.
.user.pop)?
Thanks for any help you can give
Neil
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Date: Tue, 26 Mar 2002 15:25:48 -0600
Can anyone address this? Is a patch still necessary, or is there a
configuration option available in sendmail? I will also post this query to
the comp.mail.sendmail newsgroup. But it seems like this is the place where
a patch would be generated since it would be patching sendmail to perform
Qpopper like hashing ( /var/mail/c/c/ccrowley ). I read about a patch for
sendmail 8.9.x provided by Robert Harker, but that was posted back in 1996.
We also use UW-IMAP, and that is easy to modify and recompile to support the
hashed spool format that Qpopper uses.
Thanks in advance for any advice, references, or patches.
Christopher Crowley
TIS Network Services
Tulane University
ccrowley at tulane dot edu
504.314.2535
PGP Key ID: 0x7CF18FDB
Date: Tue, 26 Mar 2002 10:41:32 +0100
From: Nico De Ranter <nico at sonycom dot com>
Subject: -ERR [SYS/TEMP] Unable to open Bulletin database
Hi,
I just upgraded my pop server to 4.0.3. However some of my
users (all are using Netscape on Windows as mail client) get
a popup window stating:
[SYS/TEMP] Unable to open Bulletin database; contact your administrator
Unfortunately I'm the administrator :-(. Any idea how
to resolve this problem. I checked the bulletin database directory,
it's readable by everybody. Should I somehow initialize the bulletin
database?
Nico
---------------------------------------------------------
"It has been said that there are only two businesses that
refer to customers as users: illegal drug trade and
the computer industry."
---------------------------------------------------------
Nico De Ranter
Sony Service Center (SDCE/VPE-B)
Sint Stevens Woluwestraat 55 (Rue de Woluwe-Saint-Etienne)
1130 Brussel (Bruxelles), Belgium, Europe, Earth
Telephone: +32 2 724 86 41 Telefax: +32 2 726 26 86
e-mail: nico.deranter at sonycom dot com
Date: Wed, 27 Mar 2002 05:55:42 -0800 (PST)
From: Jeff Gray <jwgray at p3.boogs dot mu>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
Any word from Qualcomm or others about a patch for this bug?
I would prefer to use an 'official patch' but prefer not to leave this
hole open if no patch is forthcoming.
thanks in advance
jeff
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Feedback on configure options, please.
Date: Wed, 27 Mar 2002 09:11:29 -0600
Please provide some feedback to this configuration setting:
./configure
--enable-servermode
--enable-log-login
--enable-nonauth-file=/etc/nonauthfile
--disable-check-pw-max
--enable-temp-drop-dir=/altmail/spool-temp-drop
--disable-any-kerberos-principal
I would like to use the hashed spool directory, but it doesn't seem
plausible since we are using sendmail's mail.local as our local delivery
agent. I have been given the suggestion to switch to procmail. But, that
isn't in the options at the moment. Perhaps in a few months.
Currently, the mail server has Qpopper 3.0.2 installed. I need to squeeze
some additional performance from it. Is there anything else that you
suggest? I don't think that I can use fast-updates because the mail spool
is NFS mounted where users have shell access.
Lastly, are the cache files that are left in the temp-drop-dir cleaned up
automatically by qpopper, or are they reused for each future login?
Thanks in advance for your insight and feedback.
Date: Wed, 27 Mar 2002 08:48:43 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Relaying denied -reject=550
No you don't need to pull down source code and you
shouldn't have to read the sendmail.cf.
You HAVE a source for your sendmail.cf (treat it as a binary).
The m4 file that generated your cf file is there already.
As is often the case, the information about your system
is virtually non-existant, so I'll presume you're running
OpenBSD on a Vax (why the hell not?).
The top of your sendmail.cf will show that it was generated
from a file under /usr/share/sendmail/cf/.
As far as relaying, what you do depends on where you are:
if it's a known LAN under your control, you can just add it
to the sendmail access map. If it's from arbitrary IP
addresses on the net, look into SMTP-AUTH (best) or
authB4smtp (aka popB4smtp).
Webmin might help you configure sendmail, to a point.
Sendmail.com offers a full blown management and monitoring
product around their MTA (but doesn't support your OpenBSD/VAX
platform).
Quoting Robert Brandtjen (rob at prometheusmedia dot com):
> On Friday 22 March 2002 04:37 pm, Daniel G wrote:
> > I'm having the same problem, only sending mail... It's a Sendmail
> > configuration thing... But, if you find the answer feel free to throw it
> > my way...lol...
>
> you need sendmails source code, and then read the .cf file - it will teach
> you how to recompile sendmail.cf using m4 to enable various "features" - at
> that point i would install webmin, as it makes dealing with sendmail
> ridiculously easy.
From: "Justin Ainsworth" <jda at sunset dot net>
Subject: RE: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Date: Thu, 28 Mar 2002 22:27:26 -0800
If you are using procmail for local delivery, than all you need to do is
recompile it with level 2 hash support...
.~.
/v\
-- // \\
JA /( )\
^`~`^
L I N U X
[-----------------------------------------------------------]
Justin Ainsworth Systems Administrator &
PHONE: (530) 879-5660x108 Technical Support Supervisor
FAX: (530) 879-5676 Sunset Net LLC
WEB: http://www.sunset.net 1915 Mangrove Ave
EMAIL: jda at sunset dot net Chico, CA 95926
[-----------------------------------------------------------]
> -----Original Message-----
> From: Christopher Crowley [mailto:ccrowley at tulane dot edu]
> Sent: Tuesday, March 26, 2002 1:26 PM
> To: Subscribers of Qpopper
> Subject: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
>
>
> Can anyone address this? Is a patch still necessary, or is
> there a configuration option available in sendmail? I will
> also post this query to the comp.mail.sendmail newsgroup.
> But it seems like this is the place where a patch would be
> generated since it would be patching sendmail to perform
> Qpopper like hashing ( /var/mail/c/c/ccrowley ). I read
> about a patch for sendmail 8.9.x provided by Robert Harker,
> but that was posted back in 1996.
>
> We also use UW-IMAP, and that is easy to modify and recompile
> to support the hashed spool format that Qpopper uses.
>
> Thanks in advance for any advice, references, or patches.
>
> Christopher Crowley
> TIS Network Services
> Tulane University
> ccrowley at tulane dot edu
> 504.314.2535
> PGP Key ID: 0x7CF18FDB
>
>
>
From: Robert Brandtjen <rob at prometheusmedia dot com>
Subject: Re: Relaying denied -reject=550
Date: Fri, 29 Mar 2002 03:39:28 -0600
On Wednesday 27 March 2002 10:48 am, Chuck Yerkes wrote:
> No you don't need to pull down source code and you
> shouldn't have to read the sendmail.cf.
not all installations install the sendmail source code, without it there is
no m4 and therefore no ability to create a new .cf file - without which, you
cannot enable relaying.
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster at prometheusmedia dot com
www.prometheusmedia.com
From: Robert Brandtjen <rob at prometheusmedia dot com>
Subject: Re: Relaying denied -reject=550
Date: Fri, 29 Mar 2002 03:46:01 -0600
On Wednesday 27 March 2002 10:48 am, Chuck Yerkes wrote:
> No you don't need to pull down source code and you
> shouldn't have to read the sendmail.cf.
I also disagree with this - you SHOULD know the whys and wherefors of what
you are about to do -
Opening up relaying without proper controls makes your sendmail server an
open relay system that can be abused by spammers and then get you on the
blackhole list.
Reading the sendmail.cf will at least give him/her a "working" knowlege of
sendmail -from there he can go to http://www.sendmail.org/ and learn some
more.
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster at prometheusmedia dot com
www.prometheusmedia.com
Date: Thu, 28 Mar 2002 22:11:46 +0100
From: Patrick Guillot <pguillot at paanjaru dot com>
Subject: Testing message
Hi,
This is just a testing message.
Yours.
--
Patrick Guillot mailto:pguillot at paanjaru dot com - +33 (0)6 08 41 11 54
Online Development - Paanjaru http://www.paanjaru.com
Riding the Shockwave in cyberspace, for now ... and ever
Date: Fri, 29 Mar 2002 09:52:53 +0300
From: "Andrew E. Guly" <andrew_g at tzk.jamal dot ru>
Hi All.
Sometimes I see in my log files:
Mar 29 10:48:31 tzk popper[17599]: noop has null function
What is it?
Sorry for my terrible English...
--
Best regards,
Andrew mailto:andrew_g at tzk.jamal dot ru
Date: Fri, 29 Mar 2002 08:32:35 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: Spool name problem
On Tue, Mar 26, 2002 at 10:57:33AM -0000, Neil R Porter wrote:
> I've got it all working to an extent. I'm using postfix with qpopper v4 on
> linux. Postfix lands the incoming email into /var/spool/mail/username -
> that's fine. And qpopper is setup to get mail from spool-dir
> /var/spool/mail - again, seems fine. However, even though there was a mail
> file in the dir called neil qpopper was ignoring it and instead just
> returning as if no new mail. It wasn't until I played around and tried
> renaming neil to .neil.pop that suddenly qpopper sent me all my mail and
> deleted the file.
>
> Now, my reading of the manual and config file is that .user.pop is a temp
> spool dir, and if I have to ssh in to "mv neil .neil.pop" every time I need
> to pop email, well that's silly. Question is, how do I get qpopper to use
> the filename neil (i.e. user) and not .neil.pop (i.e. .user.pop)?
>
> Thanks for any help you can give
'Qpopper' should do this automatically. Make sure that it has enough
permissions to do so. Is /var NFS-mounted?
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
Date: Fri, 29 Mar 2002 08:45:12 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
On Tue, Mar 26, 2002 at 03:25:48PM -0600, Christopher Crowley wrote:
> Can anyone address this? Is a patch still necessary, or is there a
> configuration option available in sendmail? I will also post this query to
> the comp.mail.sendmail newsgroup. But it seems like this is the place where
> a patch would be generated since it would be patching sendmail to perform
> Qpopper like hashing ( /var/mail/c/c/ccrowley ). I read about a patch for
> sendmail 8.9.x provided by Robert Harker, but that was posted back in 1996.
ISTM that sendmail supports that now. Check the sendmail FAQ.
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
Date: Fri, 29 Mar 2002 07:40:02 -0500 (EST)
From: Alan Brown <alanb at digistar dot com>
Subject: Multiple messages
Is someone's mail client looping messages back to the list?
X-Seen-Already headers help a lot in this kind of case.
AB
Date: Fri, 29 Mar 2002 09:31:36 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: your mail [noop has null function]
On Fri, Mar 29, 2002 at 09:52:53AM +0300, Andrew E. Guly wrote:
> Sometimes I see in my log files:
>
> Mar 29 10:48:31 tzk popper[17599]: noop has null function
>
> What is it?
> Sorry for my terrible English...
There is an operator "NOOP". It has no ["null"] function. I don't
know why it gets logged. It should be easy to remove the line from the
code.
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
From: "Neil R Porter" <neil at iamanidiot dot com>
Subject: RE: Spool name problem
Date: Fri, 29 Mar 2002 17:12:36 -0000
> On Tue, Mar 26, 2002 at 10:57:33AM -0000, Neil R Porter wrote:
> > I've got it all working to an extent. I'm using postfix
> with qpopper
> > v4 on linux. Postfix lands the incoming email into
> > /var/spool/mail/username - that's fine. And qpopper is
> setup to get
> > mail from spool-dir = /var/spool/mail - again, seems fine.
> However,
> > even though there was a mail file in the dir called neil
> qpopper was
> > ignoring it and instead just returning as if no new mail.
> It wasn't
> > until I played around and tried renaming neil to .neil.pop that
> > suddenly qpopper sent me all my mail and deleted the file.
> >
> > Now, my reading of the manual and config file is that
> .user.pop is a
> > temp spool dir, and if I have to ssh in to "mv neil
> .neil.pop" every
> > time I need to pop email, well that's silly. Question is, how do I
> > get qpopper to use the filename neil (i.e. user) and not .neil.pop
> > (i.e. .user.pop)?
> >
> > Thanks for any help you can give
>
> 'Qpopper' should do this automatically. Make sure that it
> has enough permissions to do so. Is /var NFS-mounted?
What is NFS-mounted? It's just /var in ext2 linux disc.
As for the permissions thing, well, I changed them to be chmod 777 neil
and also changed the owner variously. The thing is, I find it difficult
to see that this is the problem when (as I mentioned above) if I simply
"cp neil .neil.pop" then qpopper works... i.e. permissions of
".neil.pop" are same as "neil". But, if, as you say, Qpopper should use
"username" automatically, then it should be working, but it isn't. I'm
still no closer to knowing how to make sure Qpopper is set to use
"username" as the mail spool to use.
Anyone else any ideas?
Thanks
Neil
Date: Fri, 29 Mar 2002 13:09:09 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: Spool name problem
What configuration parameters did you use for 'qpopper'?
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
From: "Neil R Porter" <neil at iamanidiot dot com>
Subject: RE: Spool name problem
Date: Fri, 29 Mar 2002 18:18:51 -0000
Well, it was an rpm so I didn't compile it. However, it's setup to use
a configuration file (something it uses after being compiled for extra
options), and I spose I want to know what to setup in there so it will
use the correct spool name.
> -----Original Message-----
> From: Joseph S D Yao [mailto:jsdy at center.osis dot gov]
> Sent: 29 March 2002 18:09
> To: Neil R Porter
> Cc: 'Subscribers of Qpopper'
> Subject: Re: Spool name problem
>
>
> What configuration parameters did you use for 'qpopper'?
>
> --
> Joe Yao jsdy at center.osis dot gov -
> Joseph S. D. Yao
> OSIS Center Systems Support EMT-B
> --------------------------------------------------------------
> ---------
> This message is not an official statement of OSIS Center policies.
>
Date: Fri, 29 Mar 2002 13:22:21 -0500
From: Daniel Senie <dts at senie dot com>
Subject: Re: your mail [noop has null function]
At 09:31 AM 3/29/02, Joseph S D Yao wrote:
>On Fri, Mar 29, 2002 at 09:52:53AM +0300, Andrew E. Guly wrote:
> > Sometimes I see in my log files:
> >
> > Mar 29 10:48:31 tzk popper[17599]: noop has null function
> >
> > What is it?
> > Sorry for my terrible English...
>
>There is an operator "NOOP". It has no ["null"] function. I don't
>know why it gets logged. It should be easy to remove the line from the
>code.
Randy mentioned to me a while ago a fix for that is in the codebase for
inclusion in the future. It's quite harmless, though.
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
Date: Fri, 29 Mar 2002 09:57:32 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Relaying denied -reject=550
Quoting Robert Brandtjen (rob at prometheusmedia dot com):
> On Wednesday 27 March 2002 10:48 am, Chuck Yerkes wrote:
> > No you don't need to pull down source code and you
> > shouldn't have to read the sendmail.cf.
>
> not all installations install the sendmail source code,
true
> without it there is
> no m4 and therefore no ability to create a new .cf file - without which, you
> cannot enable relaying.
False.
You rely on a false assumption and make a jump that's just wrong.
I look on SunOS (5.8 and 5.9), there are the m4 files.
I look on BSD (any BSD), there are the m4 files.
I look on my OS X box, there are the m4 files.
I look on Redhat and ... well you get the notion.
As I said, you don't need the source code for sendmail to generate
m4s. Most OS's provide the m4 information you need.
And reading the cf files: To quote from the sendmail.org folk:
"the cf file should be treated as a binary, the m4 data is the source"
Just as I don't really rip into the networking source code to use
routing - I just use netstat and route - I don't really need to (or want
to) rip into the sendmail.cf "assembly code" to use sendmail.
That said, I have done it in detail and it's one of the reasons
I know sendmail excessively well.
My mechanic just tore apart my engine that had low compression
and rebuilt the top end. He's intimate with the engine. Me?
I use the accelerator, brake and clutch and know the principles of
it.
If you want to be a mechanic, by all means, decontruct the sendmail.cf.
The sendmail C code is also one of the more clear programming projects
(compare and contrast with named, gcc, many others). If you want
to be a good mechanic, understand that code - toy with the code
that implements multiple queues. But these are not required to use
the product.
/usr/share/sendmail/README (BSD) contains the instructions for m4
files. You will find your systems' .m4 file under there.
If that's too icky for your and/or you want a happy GUI, webmin
will do adequately for light weight work, Sendmail Inc's Switch
product is a more detailed MTA management tool.
chuck
Date: Fri, 29 Mar 2002 08:51:18 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: your mail
On Fri, Mar 29, 2002 at 09:52:53AM +0300, Andrew E. Guly wrote:
> Hi All.
>
> Sometimes I see in my log files:
>
> Mar 29 10:48:31 tzk popper[17599]: noop has null function
It is a needless warning message; I believe it's already removed in
versions to come.
Qpopper accepts the "NOOP" command which mail clients can send to avoid
being disconnected, but logs this message due to a missing entry in an
internal table. The situation is normal and nothing should be logged
for it; you can ignore it.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Fri, 29 Mar 2002 11:40:04 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Feedback on configure options, please.
At 9:11 AM -0600 3/27/02, Christopher Crowley wrote:
>Currently, the mail server has Qpopper 3.0.2 installed. I need to squeeze
>some additional performance from it. Is there anything else that you
>suggest? I don't think that I can use fast-updates because the mail spool
>is NFS mounted where users have shell access.
>
>Lastly, are the cache files that are left in the temp-drop-dir cleaned up
>automatically by qpopper, or are they reused for each future login?
I thought fast-updates and cache files were only in 4.x, not 3.x --
are you sure about the version you're using, and are you sure it
supports these features?
The cache files stay around and provide a significant optimization
for subsequent mail checks if no new mail arrived since the previous
login. That alone can really make a big difference in system load
(especially I/O).
The Administrator's Guide for 4.x has a section on performance that
may be helpful.
Date: Fri, 29 Mar 2002 11:42:24 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: -ERR [SYS/TEMP] Unable to open Bulletin database
At 10:41 AM +0100 3/26/02, Nico De Ranter wrote:
>Hi,
>
>I just upgraded my pop server to 4.0.3. However some of my
>users (all are using Netscape on Windows as mail client) get
>a popup window stating:
>
>[SYS/TEMP] Unable to open Bulletin database; contact your administrator
>
>Unfortunately I'm the administrator :-(. Any idea how
>to resolve this problem. I checked the bulletin database directory,
>it's readable by everybody. Should I somehow initialize the bulletin
>database?
The Administrator's Guide and the FAQ have some additional
information about this. The problem is that each session needs to
lock the bulletin database. The Guide talks about how to make sure
Qpopper waits for a fraction of a second between retries, which alone
makes it more likely to succeed, and also how to tweak various
settings related to bulletin database access.
From: Robert Brandtjen <rob at prometheusmedia dot com>
Subject: Re: Relaying denied -reject=550
Date: Fri, 29 Mar 2002 12:44:58 -0600
On Friday 29 March 2002 11:57 am, Chuck Yerkes wrote:
> /usr/share/sendmail/README (BSD) contains the instructions for m4
> files. You will find your systems' .m4 file under there.
>
>
> If that's too icky for your and/or you want a happy GUI, webmin
> will do adequately for light weight work, Sendmail Inc's Switch
> product is a more detailed MTA management tool.
the mc files contained in there are the default mc files - there is no
relaying (except from the local host) turned on by default - although I know
longer use OSX , I still have a mail server running on OSXserver (original
version) and like wise have aseveral RedHat boxen - the mc file must be
altered to enable features, the way you are telling this, one would be lead
to believe this isn't so.
the typical mc file contains:
divert(0)dnl
VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $')
OSTYPE(linux)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
MAILER(smtp)dnl
while a full featured mail server would contain a list of "features" to
enable - those features come with certain caveates attached to them that he
and anyone else running a mail server should know about. If he doesn't read
the info, how will he know which features he needs to implement and which
ones he doesn't?
as per the car analogy goes, I wouldn't liken reading the base info to being
able to rebuild the top half of an engine ( not that hard really, I once
dropped the bottom out of a 911 in a Berkley parking lot and replaced the
crank bearings)- I would liken it to knowing how to check the oil and add if
necessary.
Off topic, can you now compile sendmail on OSX client without getting error
messages? I know it can compile, i have done it, just curious if it actually
does so without error messages arising.
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster at prometheusmedia dot com
www.prometheusmedia.com
Date: Fri, 29 Mar 2002 11:44:46 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: RE: Spool name problem
If you haven't already, try enabling debug logging and see if says
anything helpful.
To enable tracing in Qpopper:
1. Do a 'make clean'
2. Re-run ./configure, adding '--enable-debugging'.
3. Edit the inetd.conf line for Qpopper, adding '-d' or '-t <tracefile-path>'.
4. Send inetd (or xinetd) a HUP signal.
(Steps 3 and 4 are only needed if you use inetd (or xinetd). In
standalone mode, you can add '-d' or '-t <tracefile-path>' to the
command line directly.)
(In either standalone or inetd mode, if you use a configuration file
you can add 'set debug' or 'set tracefile = <tracefile>' to either a
global or user-specific configuration file instead of steps 3 and 4.)
This causes detailed tracing to be written to the syslog or to the
file specified as 'tracefile'.
--
Date: Fri, 29 Mar 2002 12:14:52 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Spool name problem
On Tue, Mar 26, 2002 at 10:57:33AM -0000, Neil R Porter wrote:
> I've got it all working to an extent. I'm using postfix with qpopper v4 on
> linux. Postfix lands the incoming email into /var/spool/mail/username -
> that's fine. And qpopper is setup to get mail from spool-dir
> /var/spool/mail - again, seems fine. However, even though there was a mail
> file in the dir called neil qpopper was ignoring it and instead just
> returning as if no new mail. It wasn't until I played around and tried
> renaming neil to .neil.pop that suddenly qpopper sent me all my mail and
> deleted the file.
Something's just plain configured wrong. It sounds like qpopper does
not have permission to access/read the file. Possibly some incorrect
locking is going on with the /var/spool/mail file, possibly it's an
ownership problem, or I'm not sure what.
> Now, my reading of the manual and config file is that .user.pop is a temp
> spool dir, and if I have to ssh in to "mv neil .neil.pop" every time I need
> to pop email, well that's silly. Question is, how do I get qpopper to use
> the filename neil (i.e. user) and not .neil.pop (i.e. .user.pop)?
If it's working when you copy the file to .neil.pop that's
semi-accidental; you're simulating an error condition that qpopper
knows how to recover from. That doesn't seem it should have anything
to do with where it's looking for new mail.
Enable debugging and see what shows up in the log file; it should give
you a very verbose listing of what file it's looking at, when, and why.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Fri, 29 Mar 2002 11:50:55 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: your mail [noop has null function]
At 9:31 AM -0500 3/29/02, Joseph S D Yao wrote:
>There is an operator "NOOP". It has no ["null"] function. I don't
>know why it gets logged.
Actually, this is a coincidence. It's true that the NOOP command has
no function, but the error really means that internally within
Qpopper there is no C function associated with the NOOP command. I
believe this was fixed in a recent release.
Date: Fri, 29 Mar 2002 12:49:05 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Wed, Mar 27, 2002 at 05:55:42AM -0800, Jeff Gray wrote:
> Any word from Qualcomm or others about a patch for this bug?
>
> I would prefer to use an 'official patch' but prefer not to leave this
> hole open if no patch is forthcoming.
I'm going to go out on a limb here and say what I believe the problem
factors to be in this situation and why it hasn't happened yet; I do
believe it would have been reasonable to have an "official patch" to
Qpopper out by this point, though there are reasons it hasn't happened.
(Bear in mind that I have no relationship with Qualcomm whatsoever and
I'm not a spokesperson for any of the developers.)
1) Qpopper seems to be transitioning from a company-supported to a
community-supported piece of software. However, the website is still
run by Randy Gellens of Qualcomm, he is still the authority on the
software and what goes in, and everyone in the community (certainly
including myself) would rather defer to him for what kind of patch
should be official.
2) As I understant it Randy Gellens was travelling at an IETF meeting
at the time of this bug announcement and had limited access to try to
reproduce and analyse the bug. To complicate matters further, at least
one of the other volunteer developers was travelling too.
3) In addition I believe Randy was given incomplete or misleading
information about the nature of the bug, due to the vagueness of the
original disclosure.
4) The routine where the exploitable vulnerability occurred seems
kind of a mess. I'm pretty sure after looking at it that there is more
than one bug in it. (Indeed, Randy might have been looking at a
different bug than I was trying to fix with my patch.) I think Randy
and other developers are reluctant to issue an "official" patch that
may close one vulnerability and leaves another, or even creates
another. The SecurityFocus guys seem to have the same concern.
However, it's a tricky routine to rewrite from scratch without the risk
of introducing all-new bugs.
5) Even though I had a patch that seems to fix it, I haven't wanted
to push that on the whole world for the same reasons as everyone else
in (4) - I'm not sure it correctly fixes everything. It probably
doesn't, in fact.
6) I've had some kind of messed up SSH tunnel configuration problem.
Every couple days I work on it again and pull my hair some more. This
has kept me from submitting my patch through the normal channels it
should go through, which other Qpopper developers could reasonably
expect me to submit it for evaluation.
Add all this up, plus some inertia because everyone has "day jobs"
and I think the continuing absence of an official patch is adequately
explained.
Having said all that, I do honestly think you're better off applying
the little patch I wrote rather than doing nothing. This *is* known to
close at least one of the vulnerabilities seen by at least one exploit
script, on at least some sites which were vulnerable in 4.0.3. It also
fixes another (non-exploitable?) bug where the daemon hangs around too
long in the case of a client disconnecting prematurely.
When there's an "official patch", then by all means you should
uninstall this and install the official Qualcommm one.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
--fUYQa+Pmc3FrFX/N
Content-Type: application/x-patch
Content-Disposition: attachment; filename="qpopper4.0.3-digitux-exploit.patch"
--fUYQa+Pmc3FrFX/N--
Date: Fri, 29 Mar 2002 14:37:55 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: BUGTRAQ: Bug in QPopper (All Versions?)
On Fri, Mar 29, 2002 at 12:49:05PM -1000, Clifton Royston wrote:
...
> Having said all that, I do honestly think you're better off applying
> the little patch I wrote rather than doing nothing. This *is* known to
> close at least one of the vulnerabilities seen by at least one exploit
> script, on at least some sites which were vulnerable in 4.0.3. It also
> fixes another (non-exploitable?) bug where the daemon hangs around too
> long in the case of a client disconnecting prematurely.
Urrgh, and once again I forgot that the mailing list strips
attachments.
Oh well, go *here* for it:
<http://shaveice.lava.net/qpopper/qpopper4.0.3-digitux-exploit.patch>
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Fri, 29 Mar 2002 12:17:27 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
On Thu, Mar 28, 2002 at 10:27:26PM -0800, Justin Ainsworth wrote:
> If you are using procmail for local delivery, than all you need to do is
> recompile it with level 2 hash support...
However, after some years using procmail for local delivery at a
fair-sized site, I'm now convinced it's not the way to go. I'd
recommend using your MTA's own delivery agent if at all possible,
purely for efficiency reasons.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Sat, 30 Mar 2002 11:21:24 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Um, sendmail doesn't deliver mail into spools.
mail.local might, and there is an implementation available
in the sendmail package.
Quoting Christopher Crowley (ccrowley at tulane dot edu):
> Can anyone address this? Is a patch still necessary, or is there a
> configuration option available in sendmail? I will also post this query to
> the comp.mail.sendmail newsgroup. But it seems like this is the place where
> a patch would be generated since it would be patching sendmail to perform
> Qpopper like hashing ( /var/mail/c/c/ccrowley ). I read about a patch for
> sendmail 8.9.x provided by Robert Harker, but that was posted back in 1996.
>
> We also use UW-IMAP, and that is easy to modify and recompile to support the
> hashed spool format that Qpopper uses.
>
> Thanks in advance for any advice, references, or patches.
>
> Christopher Crowley
> TIS Network Services
> Tulane University
> ccrowley at tulane dot edu
> 504.314.2535
> PGP Key ID: 0x7CF18FDB
>
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Re: Feedback on configure options, please.
Date: Mon, 1 Apr 2002 09:18:40 -0600
----- Original Message -----
From: "Randall Gellens" <randy at qualcomm dot com>
To: "Christopher Crowley" <ccrowley at tulane dot edu>; "Subscribers of Qpopper"
<qpopper at lists.pensive dot org>
Sent: Friday, March 29, 2002 1:40 PM
Subject: Re: Feedback on configure options, please.
> At 9:11 AM -0600 3/27/02, Christopher Crowley wrote:
>
> >Currently, the mail server has Qpopper 3.0.2 installed. I need to squeeze
> >some additional performance from it. Is there anything else that you
> >suggest? I don't think that I can use fast-updates because the mail
spool
> >is NFS mounted where users have shell access.
> >
> >Lastly, are the cache files that are left in the temp-drop-dir cleaned up
> >automatically by qpopper, or are they reused for each future login?
>
> I thought fast-updates and cache files were only in 4.x, not 3.x --
> are you sure about the version you're using, and are you sure it
> supports these features?
>
My message was confusing. I am using 3.0.2 in production. However, I have
4.0.3 in test mode on the same server. In preparation for the transition, I
wanted to get some feedback on the 4.0.3 configuration I planned to use.
> The cache files stay around and provide a significant optimization
> for subsequent mail checks if no new mail arrived since the previous
> login. That alone can really make a big difference in system load
> (especially I/O).
>
> The Administrator's Guide for 4.x has a section on performance that
> may be helpful.
>
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Re: Patch for Hashed Mail Spool for sendmail 8.12.2 ?
Date: Mon, 1 Apr 2002 10:24:54 -0600
>
> ISTM that sendmail supports that now. Check the sendmail FAQ.
>
I didn't find any mention of mail.local handling this on sendmail's FAQ. Do
you know that it does for certain? I'll keep digging. But it seems like
procmail is the direction that I am headed.
from:
http://www.sendmail.org/faq/section4.html#4.9
It [procmail] is typically about 30% faster performing the job of the local
mailer than programs such as /bin/mail or /usr/bin/mail
Thanks for discussing this.
Chris
Date: Mon, 1 Apr 2002 09:52:50 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Feedback on configure options, please.
On Mon, Apr 01, 2002 at 09:18:40AM -0600, Christopher Crowley wrote:
> ----- Original Message -----
> From: "Randall Gellens" <randy at qualcomm dot com>
> To: "Christopher Crowley" <ccrowley at tulane dot edu>; "Subscribers of Qpopper"
> <qpopper at lists.pensive dot org>
> Sent: Friday, March 29, 2002 1:40 PM
> Subject: Re: Feedback on configure options, please.
>
>
> > At 9:11 AM -0600 3/27/02, Christopher Crowley wrote:
> >
> > >Currently, the mail server has Qpopper 3.0.2 installed. I need to squeeze
> > >some additional performance from it. Is there anything else that you
> > >suggest? I don't think that I can use fast-updates because the mail
> spool
> > >is NFS mounted where users have shell access.
Enable server mode for all users who do not have shell access, whatever
is the most convenient way to do this. Server mode is at least
potentially unsafe for shell users whether or not fast-updates is
enabled.
Fast-updates can be used provided that the mail spool and the
temp-drop-dir are on the same file system (NFS or locally mounted.) If
server mode is not enabled, fast-updates is effectively a noop, so you
can turn it on. However, on the other hand, you get better disk I/O
bandwidth if the mail spool and the temp-drop-dir are on file systems
on separate drives. It's something of a toss-up; YMMV.
Some knowledgeable admins have suggested that the flag to disable
qpopper writing UIDLs back to the file is a performance benefit,
because it reduces disk I/O (at the cost of CPU) and most modern
systems are I/O bound not CPU bound. I haven't tried this out, because
when I make this change I think it means everyone who leaves mail on
our server would get it all downloaded again. (Then again, maybe
that's a *good* thing. Heh.)
> > >Lastly, are the cache files that are left in the temp-drop-dir cleaned up
> > >automatically by qpopper, or are they reused for each future login?
...
> > The cache files stay around and provide a significant optimization
> > for subsequent mail checks if no new mail arrived since the previous
> > login. That alone can really make a big difference in system load
> > (especially I/O).
> >
> > The Administrator's Guide for 4.x has a section on performance that
> > may be helpful.
Here are the options I used to build it on our server. The
"server-mode-shell-include" reference is a local patch which I can send
you on request.
./configure --enable-uw-kludge --with-warnings --enable-log-login \
--enable-keep-temp-drop --enable-shy \
--enable-temp-drop-dir=/var/mail/.poptemp \
--enable-nonauth-file=/usr/local/etc/pop.disable \
--enable-server-mode-shell-include=/usr/bin/false:/sbin/nologin:nologin:/usr/local/bin/no_shell \
--enable-timing
# during testing only, add:
# --enable-debugging
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Last updated on 1 Apr 2002 by Pensive Mailing List Admin