Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-28, 19:34:18

Author Topic: [UPDATE] Please update qmail-toaster and courier-imap-toaster  (Read 11692 times)

0 Members and 1 Guest are viewing this topic.

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
In version qmail-toaster-1.03-1.3.36 and .37 have a big trouble. Need update to .38.

Step for update:
Code: [Select]
cd /
yum clean all
yum update
sh /script/fixmail-all
sh /script/restart-mail
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline nhp

  • Junior Member
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
latest qmailtoaster disabled STARTTLS

telnet localhost 587

Connected to chaos-studio.com.
Escape character is '^]'.
ehlo test.unknown
250-yyy.zzz.com - Welcome to Qmail
250-PIPELINING
250-8BITMIME
250-SIZE 209715200
250 AUTH LOGIN PLAIN CRAM-MD5



Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Read /var/qmail/supervise/submission/run for configure.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
If using spamdyke you must include the server cert configuration as stated here:

http://forum.mratwork.com/kloxo-mr-development/(spam-protection)-spamdyke-5-0-and-kloxomr/msg30964/#msg30964

add the line mentioned in the bottom of the post to spamdyke.conf - if using spamdyke.
« Last Edit: 2014-03-11, 16:19:49 by chrisf »
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline nhp

  • Junior Member
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
thanks guys for the information! it was the spamdyke.conf @chrisf

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
No problem, glad I could help :)
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
No, spamdyke did exactly what the domain wanted... you cant say it is a problem if bounce was enabled!  Spamdyke-qrv checks this, so if you had bounce enabled, you became a backscatter spammer.

Bounce needs to be removed for clients.  I have asked Mustafa before, here it is AGAIN, please change the catchall settings so only admin can set bounce in catchall.  Allow clients to only set to delete or valid email.  PLEASE make this change Mustafa.

GoDaddy and Hostgator both do not allow catchall at all.  It is restricted in Cpanel.

KloxoDR, I understand your frustration, but if catchall was set to bounce, it did as you wanted.  Spamdyke 5 with qrv simply does what you want.  If set to delete, recipient reject checks if valid, if not rejects the mail.  If set to bounce,  spamdyke-qrv assumes you want to bounce.  Forged from headers turns your server into a backscatter spam relay.  If set to a valid email address, spamdyke-qrv will accept all mail because qmail tells it all mail is deliverable.   This is not a bug.  This is correct.
« Last Edit: 2014-03-14, 03:23:25 by chrisf »
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline Kloxo-DR

  • Senior Member
  • *
  • Posts: 239
  • Karma: +3/-9
    • View Profile
Hi Chris,
No, spamdyke did exactly what the domain wanted... you cant say it is a problem if bounce was enabled!  Spamdyke-qrv checks this, so if you had bounce enabled, you became a backscatter spammer.
Spamdyke 5 with qrv simply does what you want.  If set to delete, recipient reject checks if valid, if not rejects the mail.  If set to bounce,  spamdyke-qrv assumes you want to bounce.  Forged from headers turns your server into a backscatter spam relay.  If set to a valid email address, spamdyke-qrv will accept all mail because qmail tells it all mail is deliverable.   This is not a bug.  This is correct.

Can we agree on differences of one major issue for our further discussion, that we both are talking on two entirely separate areas mentioned under the following:

http://forum.mratwork.com/kloxo-mr-development/%28qmail%29-recipient-verification-to-avoid-spamming/
« on: February 19, 2014, 07:59:52 PM »

The common point of the issue is "invalid or non-existent recipient". The difference is:

I say that Qmail must not accept an email to a non-existent recipient.

Chris says that an email to a non-existent recipient must accepted to process and execute the bounce function.

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
That is NOT what I am saying.

I am saying that spamdyke-qrv is very efficient.  If you have catchall set to delete, a non existing recipient will never see qmail, spamdyke will reject it.

If you have it set to bounce, spamdyke assumes you want bounces and permits the bounce.

If you have catchall set to a valid email, spamdyke will assume you want all mail delivered and let it through.

That is how it is supposed to work.  You said above domain was configured for bounce!  So when that happens, why surprised?

I have spent too much time on this already, I am working on proprietary hosting website.  Spamdyke catches all non-recipients for me.

From your other posts, mysql password changed, etc, etc, you may be hacked.
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline Kloxo-DR

  • Senior Member
  • *
  • Posts: 239
  • Karma: +3/-9
    • View Profile
Hello Spacedust,

It appears that you are also one of the victims. The description is here:

http://forum.mratwork.com/kloxo-mr-development/something-is-trying-to-send-221877-mails-from-my-server-!

Offline Spacedust

  • Super Grand Master
  • ****
  • Posts: 4,050
  • Karma: +1/-0
    • View Profile
Please note this time I wasn't hacked via a file sent via FTP. It was probably customer PC mail software hacked. All mails were properly authenticated. After changing password to random the problem is gone.

Solution ? Limit mail sending to 100 per hour for account or user.

I have Release     : 1.3.38.mr.el6 already.

Offline Kloxo-DR

  • Senior Member
  • *
  • Posts: 239
  • Karma: +3/-9
    • View Profile
Hi Spacedust,
It was probably customer PC mail software hacked. All mails were properly authenticated.
Solution ? Limit mail sending to 100 per hour for account or user.

Well, then your problem regarding hacking was totally different to the one identified by me and occured with others.

Where do you change the limit mail sending to 100 per hour? I have not found it.
Please tell us as this could also help a bit.

Offline Spacedust

  • Super Grand Master
  • ****
  • Posts: 4,050
  • Karma: +1/-0
    • View Profile
I didn't. It's only a proposition.

 


MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix
Click Here

Page created in 0.029 seconds with 21 queries.

web stats analysis