# HOWTO: qmail vpopmail courier-imap qmail-scanner etc (NEW)

## sabrex

This is the new version of this guide, and is based on the previous one posted a while ago.  All comments have been incorporated into this new HOWTO, and everything here should work if the instructions are followed properly.  This version is also different in that it uses the absolute latest version of each program currently available.  You can substitute a newer version if one is available.  As long as it installs, it should probably work with these instructions.

1) ensure that the proper USE flags are set

```
> nano -w /etc/make.conf

add apache2, maildir, and mysql as USE flags.
```

2) install qmail

```
First of all, make sure that you unmerge the other mail handlers that may be installed, such as ssmtp, sendmail, or postfix:

> emerge -C ssmtp sendmail postfix

> emerge /usr/portage/net-mail/qmail/qmail-1.03-r13.ebuild

> ebuild /var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild config

 

> ln -s /var/qmail/supervise/qmail-send /service/qmail-send

> ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd

> rc-update add svscan default

> /etc/init.d/svscan start
```

3) install vpopmail

```
> emerge /usr/portage/net-mail/vpopmail/vpopmail-5.4.0.ebuild

First log into mysql as your mysql root user and pass. Then:

> create database vpopmail;

> use mysql;

> grant select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'your password';

> flush privileges;

 

If you have problems with vpopmail not accepting mail properly,

please ensure that /etc/vpopmail.conf is chmod 600 and

owned by vpopmail:vpopmail
```

4) install courier-imap as imap and pop3 server

```
> emerge /usr/portage/net-mail/courier-imap/courier-imap-3.0.2-r1.ebuild

> nano -w /etc/courier-imap/authdaemonrc

  authmodulelist="authvchkpw"

> nano -w /etc/courier-imap/imapd

  IMAPDSTART=YES

  AUTHMODULES="authvchkpw"

> nano -w /etc/courier-imap/pop3d

  POP3DSTART=YES

  AUTHMODULES="authvchkpw"

> rc-update add courier-imapd default

> rc-update add courier-pop3d default

> /etc/init.d/courier-imapd start

> /etc/init.d/courier-pop3d start
```

5) update the smtpd config to allow smtp-auth using vpopmail

```
> nano -w /var/qmail/control/conf-smtpd

QMAIL_SMTP_POST="mail.mydomain.com /var/vpopmail/bin/vchkpw /bin/true"

> svc -t /var/qmail/supervise/qmail-smtpd

> chmod u+s /var/vpopmail/bin/vchkpw

The following step makes sending mail a lot faster under some circumstances, and I highly recommend that you do the following if you notice delays of 30 to 45 seconds sending mail:

> nano -w /var/qmail/control/conf-common

TCPSERVER_OPTS="-H -R -l 0" (that's lower-case L followed by zero)

```

6) install spam database clients.

```
> emerge /usr/portage/dev-python/pyzor/pyzor-0.4.0-r1.ebuild

> emerge /usr/portage/net-mail/razor/razor-2.40.ebuild

> emerge /usr/portage/net-mail/dcc/dcc-1.2.28.ebuild
```

7) install f-prot and Mail-SpamAssassin.  they must be running before installing qmail-scanner.

```
> emerge /usr/portage/app-antivirus/f-prot/f-prot-4.4.2.ebuild

> emerge /usr/portage/dev-perl/Mail-SpamAssassin/Mail-SpamAssassin-2.63.ebuild

> nano -w /etc/conf.d/spamd.conf

  SPAMD_OPTS="-d -u vpopmail -v -x -C /etc/mail/spamassassin/local.cf"

> rc-update add spamd default

> /etc/init.d/spamd start

You'll want to set up a cron.hourly job to update the f-prot definitions automatically:

> nano -w /etc/cron.hourly/virus-update.cron

#!/bin/bash

/opt/f-prot/check-updates.pl -cron -quiet

> chmod 755 /etc/cron.hourly/virus-update.cron

> crontab -e

# min hour day month weekday command

0 * * * * /etc/cron.hourly/virus-update.cron

Now to set up spam processing rules:

> nano -w /etc/mail/spamassassin/local.cf

required_hits  5.0

rewrite_subject  1

subject_tag  *****SPAM*****

report_safe  1

report_header  1

use_bayes  1

auto_learn  1

skip_rbl_checks  0

use_razor2  1

use_dcc  1

use_pyzor  1

ok_languages  all

ok_locales  all
```

8) install qmail-scanner.  for this to work, you may have to force the install of maildrop.

```
> emerge /usr/portage/net-mail/maildrop/maildrop-1.5.3-r1.ebuild

> emerge /usr/portage/net-mail/qmail-scanner/qmail-scanner-1.16-r2.ebuild

Please log into the "qmaild" account  and run

/var/qmail/bin/qmail-scanner-queue.pl -g

 

If you see the error "Can't do setuid", or "Permission denied", then

refer to the FAQ.

 

(e.g.  "setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl -g"

or "su qmaild -c "/var/qmail/bin/qmail-scanner-queue.pl -g")

The 'subject_tag' variable in /etc/mail/sendmail/local.cf does not seem to change the subject of detected spam.  As a workaround, do this:

> nano -w /var/qmail/bin/qmail-scanner-queue.pl

my $spamc_subject='*****SPAM*****';

Now update tcp.smtp to activate qmail-scanner

> nano -w /etc/tcp.smtp

# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                         

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                         

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

save tcp.smtp and then:

> tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp

> chmod 644 /etc/tcp.smtp*
```

9) install squirrelmail

```
> emerge /usr/portage/net-mail/squirrelmail/squirrelmail-1.4.2-r5.ebuild

> perl /var/www/localhost/htdocs/squirrelmail/config/conf.pl

set up squirrelmail

You can also set up the vpopmail squirrelmail plugin as follows. For this to work though, you'll need to run apache as vpopmail:vpopmail by editing /etc/apache2/conf/commonapache2.conf.  This may be a security risk, so follow at your own risk:

> wget http://www.squirrelmail.org/plugins/vpopmail.1.00-1.4.0.tar.gz

> cd /<your squirrelmail dir>/plugins

> tar -zxvf /<location of vpopmail.1.00-1.4.0.tar.gz>

> cd vpopmail

> nano -w config.php

$vpopmail_autorespondpath = '/usr/local/bin';

> perl /var/www/localhost/htdocs/squirrelmail/config/conf.pl

activate the vpopmail plugin

```

10) install qmailadmin

```
> emerge /usr/portage/net-mail/ezmlm-idx-mysql/ezmlm-idx-mysql-0.40-r2.ebuild

> emerge /usr/portage/net-mail/autorespond/autorespond-2.0.4.ebuild

> emerge /usr/portage/net-mail/qmailadmin/qmailadmin-1.2.0_rc2-r1.ebuild

You can access qmailadmin from http://www.youdomain.com/cgi-bin/qmailadmin ... if the image files are not showing, you'll have to copy the qmailadmin images to wherever apache is trying to access them from.  You can find out where by checking your /var/log/apache2/error_log ... note that this version still does not use valias to maintain forward/alias info, and you'll need to install 1.2.1 from source for that to work.
```

Last edited by sabrex on Tue Jun 15, 2004 4:38 pm; edited 2 times in total

----------

## sabrex

For those who want to use the latest qmailadmin (with valias support), then alternatively, you can install qmailadmin from source with the following instructions (note, that you still need to copy the images from where they are to where apache is trying to load them from):

```
> wget http://easynews.dl.sourceforge.net/sourceforge/qmailadmin/qmailadmin-1.2.1.tar.gz

> tar -zxvf qmailadmin-1.2.1.tar.gz

> cd qmailadmin-1.2.1

> ./configure --enable-valias --enable-cgibindir=/var/www/localhost/cgi-bin/ --enable-htmldir=/var/www/localhost/htdocs/ --enable-htmllibdir=/var/www/localhost/htdocs/qmailadmin --enable-imagedir=/var/www/localhost/htdocs/qmailadmin/images --enable-ezmlmdir=/usr/bin --enable-vpopuser=vpopmail --enable-vpopgroup=vpopmail --enable-modify-quota

> make

> make install
```

Last edited by sabrex on Thu May 20, 2004 9:07 pm; edited 1 time in total

----------

## blubbi

Thanks for that nice howto.

But just one little question, did you manage it to get SMTP-AUTH working?

----------

## sabrex

 *blubbi wrote:*   

> Thanks for that nice howto.
> 
> But just one little question, did you manage it to get SMTP-AUTH working?

 

Yes, smtp-auth has been working for me all along, with these instructions, as well as instructions from the previous howto.  Follow step 8 carefully, and actually run all of the commands (including chmod, etc).  It doesn't just work on one server, but on all servers I've set up.

----------

## image

really nice guide. i've used it a couple of times already, with perfect results. i do have a gripe tho. for the life of me, i CANT figure out how to change the spam settings to behave differently. my client never uses anything other than IMAP/Squirrelmail, so i would like to move the mail to another folder by default instead of getting it's subject changed. any easy way to do this, without deviating from the guide's instructions too much? let me know, thanks.

----------

## sabrex

 *image wrote:*   

> really nice guide. i've used it a couple of times already, with perfect results. i do have a gripe tho. for the life of me, i CANT figure out how to change the spam settings to behave differently. my client never uses anything other than IMAP/Squirrelmail, so i would like to move the mail to another folder by default instead of getting it's subject changed. any easy way to do this, without deviating from the guide's instructions too much? let me know, thanks.

 

There is a way to do this, although it isn't easy.  It was covered by other posters (JeffreyCentex) in the original HOWTO and the actual instructions are located at https://forums.gentoo.org/viewtopic.php?t=111817&postdays=0&postorder=asc&start=50

Mind you, I haven't tested these yet, on page 2 of the howto, there is another guide to do this by wetkitty, and I did try that without success.  Let me know which one works out for you.

----------

## tfunk

I'm just looking to have php send email from a web server...I don't really want to be able to receive email (response wil be directed to a different server).

Will this still work for this purpose?  I imagine I would only need the first part? (steps 1 and 2?)

Is that accurate?

Thanks!

Tfunk

----------

## battlex

hi, great tutorial, worked first time  :Very Happy:  however i do have a problem... i tried to login to squirrelmail / pop3 / imap with a user account i made in gentoo, but i can't seem to be able to. it says incorrect user / pass. also i can't seem to login to qmailadmin. what is the username / pass for that? are there any other settings i need to do so that everything works? thanks  :Razz: 

----------

## image

 *sabrex wrote:*   

> For those who want to use the latest qmailadmin (with valias support), then alternatively, you can install qmailadmin from source with the following instructions (note, that you still need to copy the images from where they are to where apache is trying to load them from):

 

i took the liberty to actually modify the latest known ebuild to just include the correct switch. here's how.

```

cd /usr/portage/net-mail/qmailadmin/

cp qmailadmin-1.2.0_rc2-r1.ebuild qmailadmin-1.2.1.ebuild

vi qmailadmin-1.2.1.ebuild

[diff]

        econf ${myopts} \

+       --enable-valias \

        --enable-vpopmaildir=${dir_vpopmail} \

[/diff]

ebuild qmailadmin-1.2.1.ebuild digest

emerge qmailadmin-1.2.1.ebuild

```

or, for the lazy, i submitted an ebuild here.

----------

## SpoKKe

HI, 

great tutorial, my server whit this istructions work great, but i've a little question  :Smile: 

The RBL check it's implemented? 

In the file /etc/tcp.smtp

# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                         

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                         

The term RBLSMTPD="" means that it's disabled the RBL check?

And if it's not disabled where i can declare a list of RBL ?

Sorry for my BAD english please  :Smile: 

Tnks SPK

----------

## battlex

hi, my authentification doesn't work. what is the username and password for qmailadmin? and why does my pop3 / imap mail not work either? please help   :Crying or Very sad: 

----------

## sabrex

 *SpoKKe wrote:*   

> HI, 
> 
> great tutorial, my server whit this istructions work great, but i've a little question 
> 
> The RBL check it's implemented? 
> ...

 

Why would you want to run an RBL check on local ips?  The RBL checks are performed when mail originates from any IP other than the local network or localhost ips.

----------

## SpoKKe

yes i know but i've make  a mistake   :Embarassed: 

Now i've resolved my problem with this line in the /var/qmail/control/config-smtp

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r sbl-xbl.spamhaus.org"

tnks and sorrrry for the mistake  :Smile: 

spk

----------

## ARC2300

Okay, I've read this and read the old guide, and have a working mail server.

The only problem being, though, that to log in (with SquirrelMail or remotely from something like thunderbird), I have to login as user@domain.net.  Why?

----------

## darkweaseljedi

On a side note, if you are using ".maildir" instead of Maildir.

I could not get qmailadmin to work.  I discovered it's a code issue:  qmailadmin is hardcoded to assume "Maildir".  I'm not sure how common either ".maildir" or "Maildir" is but I am using ".maildir".

In order to get qmailadmin to work, I needed to change the code so that it was hardcoded to look at ".maildir" instead.

Obviously the better solution would be to enable qmailadmin to read some sort of config file where you can tell it what to look for.

----------

## sabrex

 *darkweaseljedi wrote:*   

> In order to get qmailadmin to work, I needed to change the code so that it was hardcoded to look at ".maildir" instead.

 

Strange.  When I compiled 1.2.1, it worked without needing to change anything.  I used the valias flag, so that may have made the difference.  I also believe emerging 1.2.0_rc2 also worked without needing to change anything.

----------

## darkweaseljedi

Are you using .maildir?  You're howto doesn't mention it this time, but the previous howto I believe mentioned Maildir.  If you are using "Maildir" you shouldn't have any problems.

----------

## sabrex

 *darkweaseljedi wrote:*   

> Are you using .maildir?  You're howto doesn't mention it this time, but the previous howto I believe mentioned Maildir.  If you are using "Maildir" you shouldn't have any problems.

 

The new vpopmail (5.4.0) automatically uses .maildir, so at this point I am using .maildir and not Maildir.  However, since I upgraded from a system in which I was using .maildir, and ran the vpopmail-Maildir-dotmaildir-fix.sh script, then it may be that qmailadmin is still using Maildir, but since there is now a symlink from Maildir to .maildir for each user, that may explain why it is still working.

----------

## image

 *Quote:*   

> "setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl -g"

 

i think it would be better to do the following (also, the quotes were kinda messed up):

```

#recursively change the owner of the directory

chown qmaild:nofiles -R /var/spool/qmailscan

#set original permissions on symlinked viruslog

chown root:root /var/spool/qmailscan/viruses.log

#do default first actions with scanner

setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl" -z

setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl" -g

```

edit: ok, found out that you need to set it to the user that qmail-smtpd is running at, which is qmaild. edited accordingly. also, if you do a 

```
ps aux | grep tcpserver
```

you'll see that the guide is wrong, and we should be editing /etc/tcprules.d/tcp.qmail-smtp instead of /etc/tcp.smtp in step 6. took me forever to figure out why my mail wasn't being scanned.

```

#add accept rules

vi /etc/tcprules.d/tcp.qmail-smtp

...

#apply the tcprules changes to the files

tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp

chmod 644 /etc/tcprules.d/tcp.qmail-smtp*

#restart the service to apply changes to daemon

/etc/init.d/svscan restart

```

and may i suggest commenting each complicated step, because some ppl actually want to know what each command does. if we wanted mindless installing, we'd be using windows =)Last edited by image on Sun May 16, 2004 1:32 am; edited 4 times in total

----------

## darkweaseljedi

 *Quote:*   

> 
> 
> The new vpopmail (5.4.0) automatically uses .maildir, so at this point I am using .maildir and not Maildir. However, since I upgraded from a system in which I was using .maildir, and ran the vpopmail-Maildir-dotmaildir-fix.sh script, then it may be that qmailadmin is still using Maildir, but since there is now a symlink from Maildir to .maildir for each user, that may explain why it is still working.

 

You're probably right.  Do newly created accounts have the Maildir -> .maildir symlink created or do you have to do that manually?

----------

## image

argh, even more troubles. spamassassin wasn't being used by qmail-scanner, AND doing it manually (spamc -c -f < spamexample.eml)resulted in scores of 0.0. after a whole day of troubleshooting, i found out that it was the 

```
'-C /etc/mail/spamassassin/local.cf'
```

in /etc/conf.d/spamd

-C changes the default paths, which includes the default databases and checks. also, -v (which enable vpopmail indiviual configs) and -x (which disable user configs) are contrary to each other. if you want user-specific learning, then remove -x, if you want it only to be domainwide, use remove -v.

my final /etc/conf.d/spamd ended up to be the following:

```
SPAMD_OPTS="-v -u vpopmail --siteconfigpath=/etc/mail/spamassassin/local.cf"
```

then re-emerge qmail-scanner to pick up the differences

```
#refresh spamd

/etc/init.d/spamd restart

#qmail-scanner checks score in its ./configure, so you have to rebuild

emerge qmail-scanner
```

after all this, spam checking FINALLY works.

edit: added blurb about -v and -xLast edited by image on Sun May 16, 2004 3:14 pm; edited 1 time in total

----------

## mlow

I had the mail server up and running with everything working.  Yesterday I started to get bounce backs saying:

```

has encountered a delivery problem.

Reason: Bad destination mailbox address

The mailbox specified in the address does not exist.

This means the address portion to the left of the @ sign is invalid.

Transcript of session:

RCPT TO:<*@*.com>

550 <*@*.com>, Recipient unknown

```

The asterisk being the user and domain names.  I can see the entries in the mysql database, so they haven't been corrupted.  I cannot figure out what is causing this.  Any suggestions would be appreciated.

----------

## Crymson

I'm having the error where I can't add a domain or user, because it gives me "SQL server has gone away" crap.  I double checked my /etc/vpopmail.conf file, and the password is correct, and I'm using vpopmail 5.4.0.  Just for fun, I changed the password in the /etc/vpopmail.conf file, and tried to add another domain.

IT STILL TRIES TO DO IT!!!  (It also gives me the same errors).  It doesn't tell me it can't log in using that user, or any of that.  So where's the error?  Is there some file I haven't edited or something?

I'm considering starting over, (which would suck, considering I've spent two days on this already), and if I *DO* need to start over, what do I need to remove, and what is the best, most complete way to do it?

TIA

----------

## darkweaseljedi

And now for something completely different:

Relaying.  I'd like to enable any sort of relay where users can send after they've checked email, or have to log into send email.  Anything that allows anyone that has logged in to send, regardless of IP.  Right now it's reading "/etc/tcprules.d/tcp.qmail-smtp" and I have to manually add IPs and rebuild the thing.

----------

## darkweaseljedi

Crymson:

I did a search and found this link, it might help you:

http://www.mail-archive.com/vchkpw@inter7.com/msg17169.html

darkweasel

----------

## sabrex

 *darkweaseljedi wrote:*   

> You're probably right.  Do newly created accounts have the Maildir -> .maildir symlink created or do you have to do that manually?

 

No, they have to be created manually for each new account.  The easiest way is definitely to modify qmailadmin to use .maildir as the mail folder instead of Maildir.  As of 1.2.1 compiled from source, it still is using Maildir instead of .maildir.  What is the procedure for modifying qmailadmin's source or ebuilds to use .maildir?

----------

## darkweaseljedi

I did it the hard way:

grep Maildir *

then manually changed file by file.

there were about 6 .c files that needed to be changed.

If I had time I was going to and make it a define or a ./configurable (though I don't have much experience with that, most of my C/C++ is windows based)

darkweasel

----------

## Crymson

Well, the post you gave me said to modify a source code file.. which I can't find.  Where is the source for this?  I used the ebuild, so I'm not even sure what steps I need to take to recomplie it.  (Thoughts of totally screwing this up are floating through my head)

I kept searching the archives, there was stuff about vlimits.default not existing, and all this other stuff.  Well, it exists, but I still can't get it to work.

So I'm back to square one, and seriously considering starting 100% over.  What's the best method to remove all the stuff, and start over completely, making certain there aren't any conf files or some such left over?  I really want to run my own email server, but this is just *NOT* worth it.  Otherwise, the tutorial works great.

Is it possible my version of mysql is f*cked up?

Any help would be greatly appreciated.

----------

## darkweaseljedi

Crymson: Can you log in to mysql as vpopmail on the command line?

ie :   mysql -u vpopmail -p vpopmailspassword

as for the frustration factor:  I know what you're feeling.  I actually redid my setup as well.  unix mail seems to be this giant clusterf of different programs that all work together *sometimes* if you ask them right.  It would be nice to have one program that did everything you needed, and had a plugin feature that allowed growth.

----------

## Crymson

 *darkweaseljedi wrote:*   

> Crymson: Can you log in to mysql as vpopmail on the command line?
> 
> ie :   mysql -u vpopmail -p vpopmailspassword

 

Yes.  See following:

```

mysql -u vpopmail -p vpopmail

Enter password:

Welcome to the MySQL monitor... etc etc

```

So, I log in as user vpopmail to the database vpopmail.  Everything works most excellently.

----------

## larry

Hi guys,

I am installing qmail, mysql, vpopmail, courier-imap...  I was following the guide on ths website:

http://www.gentoo.org/doc/en/qmail-howto.xml

When I change the password in /etc/vpopmail.conf, and add the database vpopmail as per the instructions, I get this error with vpopmail cmmands like vadddomain my.domain.com:

 *Quote:*   

> could not connect to mysql update server Access denied for user: 'vpopmail@localhost' (Using password: YES)

 

but when I switch back to the default password "secret" and remake the vpopmail database, everything works fine.  Can somebody give me a clue on how to fix this?  Thanks.

----------

## Crymson

 *larry wrote:*   

> Hi guys,
> 
> I am installing qmail, mysql, vpopmail, courier-imap...  I was following the guide on ths website:
> 
> http://www.gentoo.org/doc/en/qmail-howto.xml
> ...

 

My guess is, you didn't set a password for the vpopmail user in MySQL when you created the vpopmail database.  In the tutorial, it talks about setting the privileges for the user using 'Your Password' or whatever.  Whatever you type in there, must match what is in the /etc/vpopmail.conf file.  I believe it is case sensitive.  Try that, and you should be ok.

----------

## ryker

```
Please log into the "qmaild" account  and run

/var/qmail/bin/qmail-scanner-queue.pl -g
```

How do I log into qmaild account?  I've tried and I'm asked for a password.  Nothing I enter will work for the password, plus I never set one.  Can I reset the password for qmaild somehow?

----------

## darkweaseljedi

ryker: su qmaild

will make you qmaild

darkweasel

----------

## ryker

 *darkweaseljedi wrote:*   

> ryker: su qmaild
> 
> will make you qmaild
> 
> darkweasel

 

Thanks.  I guess I should have known that by now.   :Embarassed: 

I ran

```
/var/qmail/bin/qmail-scanner-queue.pl -g
```

no prob.

I followed everything in the install, but I can't get it working.  I really wanted to use horde-imp so I followed the instructions for installing it from the official doc here.  Per the instructions I can ssh username@mybox.org and run mutt.  It shows my mail sent by the system daemons.  When I try to login to horde-imp it won't let me.  I can't log into horde-imp at all.  I also can't log into qmail.

Since I have succesfully used squirrelmail before, I decided to install that and see if that would work.  I couldn't log into that either.  I'm stumped.

I can log into mysql with username vpopmail no prob.

I set up the following from the howto

apache2

mysql

qmail

mutt

vpopmail

courier-imap

horde-imp

spam database clients/usr/portage/dev-python/pyzor/pyzor-0.4.0-r1.ebuild

/usr/portage/net-mail/razor/razor-2.40.ebuild

/usr/portage/net-mail/dcc/dcc-1.2.28.ebuildf-prot

mail-spamassassin

qmail-scanner

qmailadmin

squirrelmail

Anyone have any ideas?

----------

## ryker

bump

----------

## Crymson

 *Crymson wrote:*   

>  *darkweaseljedi wrote:*   Crymson: Can you log in to mysql as vpopmail on the command line?
> 
> ie :   mysql -u vpopmail -p vpopmailspassword 
> 
> Yes.  See following:
> ...

 

Ok, I didn't mean to throw everyone off the scent.  In reply to your post darkweaseljedi, I can log in via the command line using the vpopmail user.  The "everything works" line was stating that as the vpopmail user, mysql works as it should, when logged in from the command line.  I still can't use vadddomain, or vadduser without the aforementioned errors.

Is there anywhere else I can look for the solution to this problem?  This is really getting annoying.  As before, if I need to start over, do I just start from the very beginning, and overwrite the config files?  Is there a better way to "uninstall" everything before starting again??

About ready to put a bullet through the screen...

----------

## darkweaseljedi

ryker: I'd fix 1 thing at a time.  Before you worry about the spam addins, make sure you can log in via imap/pop3.  I have no expirence with horde-imp: what is it?

Crymson:

What does your /etc/vpopmail.conf look like?

here's mine:

```

# Note:

#   The value of host may be either a hostname or an IP address.

#   If host is 'localhost', then sockets (Unix) or named pipes (Windows)

#   will be used instead of TCP/IP to connect to the server.

# Read-only DB

localhost|0|vpopmail|secret|vpopmail

# Write DB

localhost|0|vpopmail|secret|vpopmail

```

Where secret has replaced my password.

Under /var/vpopmail/etc I have modified 2 files.

1: defaultdomain, which only contains the default mail domain.

2: ln -s /etc/vpopmail.conf vpopmail.mysql

And the last thing I can think of:

Is mysql in your USE flags?

```

# emerge vpopmail -pv

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild     UD] net-mail/vpopmail-5.2.2-r1 [5.4.0] -clearpasswd -ipalias +mysql

```

(i have 5.4.0 installed, not 5.2.2)

darkweasel

----------

## ryker

 *darkweaseljedi wrote:*   

> ryker: I'd fix 1 thing at a time.  Before you worry about the spam addins, make sure you can log in via imap/pop3.  I have no expirence with horde-imp: what is it?

 

Horde-imp is a web based email program.  My school (Purdue) uses it and it's very nice.

I usually do one thing at a time and check everything as I am going along; however, this time I just followed the guide from top to bottom.

I checked if IMAP is working by using Evolution.  I set up the imap account in evolution using ssl and it connects to the imap account and asks me for the password for my account, but it won't accept the password.  I know absolutely for sure that I am using the correct password, because it works fine in mutt locally.

Just to clarify:

The mailserver etc that I just set up that isn't working properly is on another box.  I am using ssh to log in and install everything remotely.  If I ssh into my box with 'ssh username@mybox.org' I can log in fine.  SSH asks for my password and accepts it.  I can then type 'mutt' and see that I have messages.  If I am at another machine and try to use evolution to access my IMAP account it doesn't accept my password.  I also tried pop in evolution and it didn't like my password as well.  Both were using ssl, I set it up to require ssl.  I also can't log in using squirrelmail or horde-imp from any box.  I can't check if it works using squirrelmail or horde-imp locally because I don't have/want X on that box.

Thanks for your help so far darkweaseljedi.

----------

## darkweaseljedi

So horde-imp is much like squirrelmail.

It doesn't matter if you run either locally or remotely, they use local-imap to access your mail. (as it's actually running on the mail server box I assume).

First try to get either horde or squrrielmail working.  Once either/both are working, then you know for sure that local imap is working.  (I'm not familiar with mutt either, it's possible it uses local imap.)

I'll talk about squrrielmail cause that's what I know.

Did you run the ./configure in the squirrelmail directory?  

If you do, under option 2 check that the domain is set correctly, and that A) is set to localhost:143  (unless you're running squrrielmail on a different box)

In /etc/smtp.tcp look for 

```

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

```

and make sure it's not commented out.

(if you have qmailscanner going like I do, it looks like this)

```

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

```

The other piece is courier-imap

You mentioned you're using SSL?  Have you tried non-ssl or is that not an option?

(in order to use ssl you need to get a signed cert, which was more work than I cared to do)

In /etc/courier-imap

authdaemonrc should have the line

```

authmodulelist="authvchkpw"

```

And that's it.  That's all I changed in that file.

In the imapd file, make sure IMAPDSTART=YES.  (also, make sure the MAILDIRPATH= whatever you are calling Maildir/.maildir)

I assume it's very similar for imapd-ssl

Obviously if you change any of these files, make sure to do a /etc/init.d/servicename restart.

Hope this helps.

----------

## ryker

darkweaseljedi

Thanks for all of your suggestions.  Unfortunately, none of them worked.  The only thing is, you said to check /etc/smtp.tcp and I only have /etc/tcp.smtp.  I assume that was just a typo.  My tcp.smtp does have the lines you suggested, which is also what the howto said to put in their.  I found another thread with someone with similiar problems.  He reemerged vpopmail and courier-imap and said it worked.  I tried the same but no dice.  :Sad: 

I also can't login to qmailadmin.

You asked if I really need ssl.  I don't, but why not use it?  I successfully setup another mail server with ssl using postfix instead of qmail and qmail-scanner and I didn't have any problem.  I suppose I could just remove everything and use postfix, but I want to try out qmail.  Just a learning experience.

I also restarted the computer as a last resort to see if that made any difference, it didn't.  I thought maybe I might have made some config changes and didn't restart the right services.

Thank you again for your time and help so far.  If you or anyone else has any further suggestions I would appreciate it.

----------

## Crymson

 *darkweaseljedi wrote:*   

> 
> 
> Crymson:
> 
> What does your /etc/vpopmail.conf look like?
> ...

 

Ok, first off, using 5.4.0 as well.

```

/etc/vpopmail.conf

# Spaces and tabs are fine.  Just don't use them

# In the password or usernames

MYSQL_UPDATE_SERVER   localhost

MYSQL_UPDATE_USER   vpopmail

MYSQL_UPDATE_PASSWD   secret #secret replaces my password

MYSQL_READ_SERVER   localhost

MYSQL_READ_USER      vpopmail

MYSQL_READ_PASSWD   secret #secret replaces my password

```

I have seen that type of file before, as you posted, but that is not what my install had me change.  Should I comment out the stuff I have, and go with what you use?

Under /var/vpopmail/etc, I don't have a defaultdomain file.  The symlink for the vpopmail.conf file is there, however.  The contents of my directory look like this:

```

/var/vpopmail/etc

-rw-r--r--   1 root      root     inc_deps

-rw-r--r--   1 root      root     lib_deps

-rwxrwxrwx   1 vpopmail   vpopmail  vlimits.default

lrwxrwxrwx   1 vpopmail   vpopmail  vpopmail.mysql -> /etc/vpopmail.conf

```

Yes, mysql is in my USE flags.  If I run what you showed, the emerge vpopmail -pv I get the exact same output.

----------

## ryker

OK.  I went through the whole guide again and double checked everything again.  It seems I have a vpopmail/mysql problem.  There is a step in this guide that says to do the following:

```
# source /etc/profile

(You only have to do this if the vadddomain step below results in "command not found")

# vadddomain wh0rd.org postpass

(Now quickly verify the domain is setup properly)

# printf "postmaster@wh0rd.org\0postpass\0blah\0" | vchkpw `which id` 3<&0

uid=89(vpopmail) gid=89(vpopmail) groups=0(root)

(If you don't see something similar to above, then permissions somewhere are incorrect)

# vadduser vapier@wh0rd.org vappw
```

When I do the printf ... step I get the following error:

```
albertsrouter etc # printf "postmaster@albertsrouter.dyndns.org\0secret\0blah\0" | vchkpw `which id` 3<&0

could not create vlog table CREATE TABLE vlog ( id BIGINT PRIMARY KEY AUTO_INCREMENT,       user char(32), passwd CHAR(32),       domain CHAR(64), logon VARCHAR(200),       remoteip char(18), message VARCHAR(255),       timestamp bigint default 0 NOT NULL, error INT,       INDEX user_idx (user),       INDEX domain_idx (domain), INDEX remoteip_idx (remoteip),       INDEX error_idx (error), INDEX message_idx (message) )

error inserting into vlog table
```

Of course I get an error on the vadduser step as well.  I have tried dropping the vpopmail database and recreating it and get the same error.

 :Confused: 

----------

## darkweaseljedi

Crymson:  Try commenting it out and trying it my way.  Can't hurt anything.

Ryker:  did you do in mysql:  

```

GRANT ALL on vpopmail.* to vpopmail identified by "password"

```

where password is the same password as the password you chose in your "/etc/vpopmail.conf" file.

darkweasel

----------

## ryker

Actually I originally did

```
grant select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'your password';
```

 but I just tried this

```
drop database vpopmail;

create database vpopmail;

use mysql;

grant all on vpopmail.* to vpopmail@localhost identified by 'your password';

flush privileges;

quit;
```

I then tried

```
printf "postmaster@albertsrouter.dyndns.org\0gotohell2\0blah\0" | vchkpw `which id` 3<&0
```

and got the same error.

----------

## darkweaseljedi

No easy answers.   :Smile: 

If you log in to mysql as vpopmail (mysql -u vpopmail -p ) and use the vpopmail database, can you create tables?

darkweasel

----------

## ryker

 *darkweaseljedi wrote:*   

> No easy answers.  
> 
> If you log in to mysql as vpopmail (mysql -u vpopmail -p ) and use the vpopmail database, can you create tables?
> 
> darkweasel

 

yep

I just tried the following

```
mysql -u vpopmail -p

Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 3 to server version: 4.0.18

 

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

 

mysql> use vpopmail;

Database changed

mysql> show tables;

Empty set (0.00 sec)

 

mysql> CREATE TABLE employee_data

    -> (

    -> emp_id int unsigned not null auto_increment primary key,

    -> f_name varchar(20),

    -> l_name varchar(20),

    -> title varchar(30),

    -> age int,

    -> yos int,

    -> salary int,

    -> perks int,

    -> email varchar(60)

    -> );

Query OK, 0 rows affected (0.01 sec)

 

mysql> show tables;

+--------------------+

| Tables_in_vpopmail |

+--------------------+

| employee_data      |

+--------------------+

1 row in set (0.00 sec)

 

mysql>

```

should there already be some tables in vpopmail or should it just initially be an empty database?

----------

## darkweaseljedi

From the howto:

```
> emerge /usr/portage/net-mail/vpopmail/vpopmail-5.4.0.ebuild

First log into mysql as your mysql root user and pass. Then:

> create database vpopmail;

> use mysql;

> grant select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'your password';

> flush privileges;

 

If you have problems with vpopmail not accepting mail properly,

please ensure that /etc/vpopmail.conf is chmod 600 and

owned by vpopmail:vpopmail
```

I'd assume that the vpopmail database starts empty and the vpopmail program creates the tables it needs.

I'm out of ideas.   :Sad: 

----------

## ryker

Thanks darkweaseljedi for all of your help.  Right now I am starting from scratch at the beginning of the howto.  Maybe I will have better luck this time.  :Smile: 

----------

## Crymson

Still no luck.  I did the following:

```

mysql -u root -p

mysql> drop database vpopmail;

Query OK, 0 rows affected (0.00 sec)

mysql> create database vpopmail;

Query OK, 1 row affected (0.00 sec)

mysql> use mysql;

Database changed

mysql> GRANT select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'password';

Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

mysql> quit

Bye

```

Now, I'm fairly certain the single quotes when defining the password up above are *NOT* part of the actual password.  Needless to say, I then went in to the /etc/vpopmail.conf file, and changed the password to password.

Now that that is finished, I once again tried to insert a record in to the vpopmail database, by using the command "vadddomain mydomain.org"

Here's a transcript of the full error:

```

enterprise etc # vadddomain crymson.org

Please enter password for postmaster: 

enter password again:

enterprise etc #

```

And now it works???  Wow.  I dunno what the hell I did, but now it works.  Thanks so much jedi!!!!

I can't quite figure out WHAT was not properly working... but at least I can add users now.  Now to go back in there, and change the password ...  :Smile: 

----------

## Crymson

It's set up (I think?) but I can't seem to do anything with it.

I have another machine running Win XP, with Eudora 6.  I was kinda hoping my mail server would be mail.mydomain.org, which I could then send/receive mail from.

I added my domain via vadddomain, and added a user (myself) using vadduser.  So now my question is, what do I need to set up in Eudora so it'll check it?  I like the idea of vpopmail because I can use it as a POP server instead of IMAP (in case I decide to dish out email addresses to other people, which also in my intention).

So, I create a new profile, add my username, tell Eudora it's a POP server, at address mail.mydomain.org, and all that fun stuff.  Then it tries to connect.  Connection refused.  Weird, so I change the server to my local network address (192.168.1.2) and then it says that it's rejecting the SSL something because it's less than 0 (-1).  (Also note that my username is crymson@mydomain.org, so it was trying to connect as crymson@mydomain.org@mail.mydomain.org originally, then crymson@mydomain.org@192.168.1.2).

I'm pretty much stupid in this area, am I doing something wrong?  If I can't get it working for myself, I'll never get it working for other people.  It is important that they be able to connect from outside.

To quash any questions before they come, my DNS stuff is set up to where all sub-domains point to my gentoo machine (www, ns, ftp, mail, etc).  I figured that the port number would tell it which service it needs to run, and with web/ftp, it has been working.  mail seems to be another beast.

Is there another HOWTO or anything I can look at that might help me?  Sorry to blather on, but I'm so close to being finished!!!

----------

## ryker

Crymson:

I'm not familiar with Eudora, but it seems like you've configured it that crymson@mydomain.org is your username and mail.mydomain.org is the incoming/outgoing server name.  It looks like you should verify in Eudora your username is just crymson and the incoming/outgoing server is mydomain.org.

----------

## pmgas

Hi

I wanted to create a domain with vadddomain and got following message:vmysql: sql error[c]: MySQL server has gone away

vmysql: sql error[b]: MySQL server has gone away

vmysql: sql error[3]: MySQL server has gone away

could not create limits table CREATE TABLE limits ( domain CHAR(64) PRIMARY KEY,       maxpopaccounts           INT(10) NOT NULL DEFAULT -1,       maxaliases               INT(10) NOT NULL DEFAULT -1,       maxforwards              INT(10) NOT NULL DEFAULT -1,       maxautoresponders        INT(10) NOT NULL DEFAULT -1,       maxmailinglists          INT(10) NOT NULL DEFAULT -1,       diskquota                INT(12) NOT NULL DEFAULT 0,       maxmsgcount              INT(12) NOT NULL DEFAULT 0,       defaultquota             INT(12) NOT NULL DEFAULT 0,       defaultmaxmsgcount       INT(12) NOT NULL DEFAULT 0,       disable_pop              TINYINT(1) NOT NULL DEFAULT 0,       disable_imap             TINYINT(1) NOT NULL DEFAULT 0,       disable_dialup           TINYINT(1) NOT NULL DEFAULT 0,       disable_passwordchanging TINYINT(1) NOT NULL DEFAULT 0,       disable_webmail          TINYINT(1) NOT NULL DEFAULT 0,       disable_relay            TINYINT(1) NOT NULL DEFAULT 0,       disable_smtp             TINYINT(1) NOT NULL DEFAULT 0,       perm_account             TINYINT(2) NOT NULL DEFAULT 0,       perm_alias               TINYINT(2) NOT NULL DEFAULT 0,       perm_forward             TINYINT(2) NOT NULL DEFAULT 0,       perm_autoresponder       TINYINT(2) NOT NULL DEFAULT 0,       perm_maillist            TINYINT(4) NOT NULL DEFAULT 0,       perm_quota               TINYINT(2) NOT NULL DEFAULT 0,       perm_defaultquota        TINYINT(2) NOT NULL DEFAULT 0 )

vmysql: sql error[p]: MySQL server has gone away

Error: (vadduser) can't read domain limits

I am sure, that the mysql user is valid with the correct password. In console, i can log in with that account ...

Has anyone a solution?

thanxs, peda

----------

## Crymson

 *ryker wrote:*   

> Crymson:
> 
> I'm not familiar with Eudora, but it seems like you've configured it that crymson@mydomain.org is your username and mail.mydomain.org is the incoming/outgoing server name.  It looks like you should verify in Eudora your username is just crymson and the incoming/outgoing server is mydomain.org.

 

To be honest, I was just guessing at what it should be in Eudora.  A better question would be, how does the server expect the addresses/servers to be formatted?  If the server expects a username of 'crymson' and a mail server of 'mail.mydomain.org' (which is apparently doesn't since, it rejects all connections), then I could set up Eudora properly.

----------

## Crymson

 *pmgas wrote:*   

> Hi
> 
> I wanted to create a domain with vadddomain and got following message:vmysql: sql error[c]: MySQL server has gone away
> 
> vmysql: sql error[b]: MySQL server has gone away
> ...

 

I was having this exact error up until yesterday.  To quote my own message, with my solution, attempt the following:

1)  Make CERTAIN mysql is in your USE flags.

2)  Edit your /etc/vpopmail.conf file to contain the following:

```

# Read-only DB 

localhost|0|vpopmail|secret|vpopmail 

# Write DB 

localhost|0|vpopmail|secret|vpopmail 

```

where "secret" is your vpopmail password

3) type the following:  mysql -u root -p

Supply the root password.

Once you are in mysql, type the following:

```

mysql> drop database vpopmail; 

Query OK, 0 rows affected (0.00 sec) 

mysql> create database vpopmail; 

Query OK, 1 row affected (0.00 sec) 

mysql> use mysql; 

Database changed 

mysql> GRANT select, insert, update, delete, create, drop on vpopmail.* to vpopmail@localhost identified by 'password'; 

Query OK, 0 rows affected (0.00 sec) 

mysql> flush privileges; 

Query OK, 0 rows affected (0.00 sec) 

mysql> quit 

Bye 

```

NOTE THAT THE ABOVE IS EXACTLY WHAT YOU SHOULD SEE ONSCREEN!!

Replace the word "password" (in single quotes) with the password you used in the /etc/vpopmail.conf file.  I believe it helps if it is entirely lowercase.  The single quotes MUST be in the mysql command, but are NOT in the /etc/vpopmail.conf file.

Once I did this, mine began to work.

Good luck.

----------

## pmgas

Ok, problem solved .... I changed the syntax in vpopmail.conf to 

# Read-only DB

localhost|0|vpopmail|secret|vpopmail

# Write DB

localhost|0|vpopmail|secret|vpopmail

and it worked!  :Wink:  strange ...

Ok, another question, I am still a n00b......

I used this tutorial, installed everything and how can i create

a user account for squirrelmail?????? where do i write my

domain into, in which file, .....??

sorry guys for asking that stupid questions!  :Wink: 

thanxs

----------

## Crymson

This one I don't know- I'm not using Squirrelmail myself.

If I had to venture a guess, I would say "vadddomain mydomain.com" which I'm assuming you did.  Then, "vadduser user@mydomain.com".  That will set up the .maildir.

How you get that to work with squirrelmail...?  I don't know.

----------

## Crymson

Ok, so I do the following:

```

vadddomain mydomain.org password

vadduser crymson@mydomain.org password

```

Then, making sure that both port 25 and 110 are forwarded to my server, I go to Win XP, and set up the following:

smtp server: mail.mydomain.org

pop server:  mail.mydomain.org

username: crymson

password: password

I then try to check the mail.  If it's using SSL, it gives me an error about the checksum being -1 so it bails.  So I turn off SSL.

It finds the pop server, tries to log in, asks for my password, so I supply it.  Then it gives me this error:

```

mydomain.org, Logging into POP Server, PASS [04:50:38 PM]

There has been an error transferring your mail.  I said:  PASS <shhhh! Don't tell anyone.>  and then the POP server (crymson@mail.mydomain.org) said:  ERR Login failed.

```

Where are the log files for this?  Maybe I can figure out what's wrong by looking at them.  There's some stuff in /var/log/qmail/qmail-pop3d/ but the current gives a bunch of hashes (at lesat, that's what they look like) followed by tcpserver: fatal: unable to bind: address already used.

Any ideas??

----------

## Crymson

I was thinking about the port already in use error... I can't restart the courier-pop3d service.  If I do, BIND tells me that the port is already in use.  In order to get it to start at all, I had to move pop3d in to the boot run level, instead of default.

The weird thing is, when I took a look at what ports were being used by what process, things kept filling the 110 hole.  I'd turn off pop3d, something would take its place on 110.  Shut that down, something else would take its place, and so on.  I suppose that pop3d isn't actually working as it should, which could explain why I can't login.

Has anyone else had this problem and been able to rectify it?

----------

## ryker

 :Rolling Eyes: 

I had the same exact problem as pmgas.  Tried struggling through it for several days with some help from darkweaseljedi.  I wish I had seen Crymson's post earlier.  I just finished completely removing my setup and am starting from scratch.  I'll bet if I had changed those lines in vpopmail.conf, it would have worked for me too.  I wonder why the default conf is so different?  I'll try again and post my outcome.

----------

## gcasillo

Got it! Just one obstacle that I had to figure out. I use kmail. I had everything set up, but I couldn't seem to log in to check my mail. It kept telling me that my password was wrong, but it wasn't.

Finally, I figured out that I needed to use my e-mail address as my login, not my username. Everything is good-to-go now that I'm doing that. Just in case others run into the same snag.

----------

## ryker

OK.  I got farther than before so far.  Before I couldn't add a domain without database errors, even though I was following the commented format of the vpopmail.conf file.  I changed my used flags from 'x86' to '~x86' and started from the beginning.  When I went to edit the vpopmail.conf file, the comments in the file showed the new format

```
# Read-only DB

localhost|0|vpopmail|secret|vpopmail

# Write DB

localhost|0|vpopmail|secret|vpopmail 
```

I guess the older stable version 'x86' in portage wasn't quite as good as the '~x86' in portage.    :Confused: 

I haven't finished installing everything yet, but I'm confident now that it will work.

For anyone using 'x86' in their use flags, this will be a problem.

----------

## Crymson

I'm really pissed now, I can't log in to send OR receive mail, under any circumstances.  I installed qmailadmin, just for, and it works great.  I can log in to postmaster, view all the accounts, add, delete, etc.

I sent a test message to crymson@mydomain.org, and browsed to the new folder, and it's there, waiting for me.  I even sent a message to a bogus address, and it bounced back like it should.

Has anyone else had any kind of auth problems for both sending and receiving?  Where does vpopmail keep logs??  If I could figure out what the hell is going on, this would be much more worthwhile.

Ask for any file, and directory listing, anything, I am completely out of ideas, and this is VERY frustrating.  Maybe I'm not even approaching this correctly, but I really need some direction here.  PLEASE!!!  :Smile: 

----------

## ryker

Crymson:

I've been struggling with this for a while and I think I have it working, but not like the how to suggests.  I had to make 3 changes to be able to log in at all.

1. In /etc/courier-imap/imapd leave AUTHMODULES="authdaemon"

2. In /etc/courier-imap/pop3d leave AUTHMODULES="authdaemon"

3. In /etc/courier-imap/authdaemonrc set authmodulelist="authpam"

I wasn't able to log in with authvchkpw.  I've set the group and permissions per the how to instructions, but it wouldn't work.  Now it works fine.

I'm new to setting up an email server so I'm not sure what the difference is between authpam and authvchkpwd.  Could someone enlighten me on this?

At least I can log in now!

----------

## Crymson

 *ryker wrote:*   

> Crymson:
> 
> I've been struggling with this for a while and I think I have it working, but not like the how to suggests.  I had to make 3 changes to be able to log in at all.
> 
> 1. In /etc/courier-imap/imapd leave AUTHMODULES="authdaemon"
> ...

 

Well, I changed the stuff you mentioned, but I still can't log in.

What syntax are you using?  Can you log in via telnet, and post a copy of the output here?  I'd really like to know what the hell I'm doing wrong (still)

----------

## larry

 *Crymson wrote:*   

>  *larry wrote:*   Hi guys,
> 
> I am installing qmail, mysql, vpopmail, courier-imap...  I was following the guide on ths website:
> 
> http://www.gentoo.org/doc/en/qmail-howto.xml
> ...

 

Thanks, you were right,  I had only changed one of the two instances of the password in the file   :Embarassed: 

But now, I have a new problem.  When I try adding a user with vadduser, I get this error: 

 *Quote:*   

> vmysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist
> 
> Error: User's directory already exists?
> 
> 

 

I tried following all the steps.  I re-emerged the latest vpopmail and recreated the vpopmail database.  I can login into the vpopmail database with the vpopmail password.  This is what I get:

 *Quote:*   

> mysql> show tables;
> 
> +--------------------+
> 
> | Tables_in_vpopmail |
> ...

 

Thanks for the help.

----------

## ryker

 *Crymson wrote:*   

> What syntax are you using?  Can you log in via telnet, and post a copy of the output here? ...

 

one thing I forgot to mention is I'm using ssl so I actually edited imapd-ssl and pop3d-ssl as well.  What output do you want?  Do you want me to post the complete contents of the files I changed?

Let me know what you need and I will post it for you.

----------

## Crymson

 *ryker wrote:*   

>  *Crymson wrote:*   What syntax are you using?  Can you log in via telnet, and post a copy of the output here? ... 
> 
> one thing I forgot to mention is I'm using ssl so I actually edited imapd-ssl and pop3d-ssl as well.  What output do you want?  Do you want me to post the complete contents of the files I changed?
> 
> Let me know what you need and I will post it for you.

 

I'd like to be using SSL, but I can't get the SSL to work, so until it does work without, I'm not even going to screw with it.  The output I'd like to see is this:

```

telnet mail.yourdomain.com 110

+OK Hello There

USER <user>

+OK Password required

PASS <pass>

???

```

When I try to login, all I get is 

```

-ERR Login failed

```

So- my user is crymson.  So here's what I would type, and this is what's failing on me:

```

telnet mail.mydomain.org 110

+OK Hello there

USER crymson

+OK Password required

PASS password

-ERR Login failed

```

Am I not using the correct user name syntax?  Does yours have a log?  My /var/log/messages says that pop3d is getting a connection, and that I failed my authorization, but beyond that, I can't figure anything else out.  Maybe I'm using the wrong syntax.  Just spell it out for me.  Please  :Smile: 

----------

## Crymson

How did you create your .pem files for the POP3/IMAP server?  I just noticed that I don't have any under the /etc/courier-imap directory.  I bet that would be why I can't log in via SSL/TLS in Eudora  :Smile: 

Of course, being able to auth would be good too.  Can you post your imapd-ssl and your pop3-ssl files?

----------

## ryker

I have never tried to telnet into my pop3 account.  But I gave it a try.  I don't think it worked right though because I am using pop3 w/ssl so the port should be 995.  Here's my output using 110 and then 995:

```
alberts4 root # telnet something.dyndns.org 110

Trying 4.15.110.4...

Connected to something.dyndns.org.

Escape character is '^]'.

+OK <5169.1085485785@something.dyndns.org>

USER alberts

+OK

PASS <mypassword>

+OK

ls

-ERR unimplemented

help

-ERR unimplemented

HELP

-ERR unimplemented

USER

-ERR unimplemented

dir

-ERR unimplemented

quit

+OK

Connection closed by foreign host.

-----------------

alberts4 root # telnet something.dyndns.org 995

Trying 4.15.110.4...

Connected to something.dyndns.org.

Escape character is '^]'.

USER alberts

Connection closed by foreign host.
```

As you can see, I didn't know what to do after I got in on port 110.  :Sad: 

 Here's the relevant lines from my /var/log/messages when I connected using pop3 and imap. I usually use imap and it works fine as well

```
May 25 06:56:25 albertsrouter pop3d-ssl: Connection, ip=[4.15.109.169]

May 25 06:56:25 something pop3d-ssl: LOGIN, user=alberts, ip=[4.15.109.169]

May 25 06:56:26 something pop3d-ssl: LOGOUT, user=alberts, ip=[4.15.109.169], top=0, retr=115268

May 25 06:45:45 something imapd-ssl: Connection, ip=[4.15.109.169]

May 25 06:45:45 something imapd-ssl: LOGIN, user=alberts, ip=[4.15.109.169], protocol=IMAP
```

I only attempted to get things working using ssl not without.  All I did was follow this threads howto and the official how to as another reference.

As for ssl I followed the instructions from the official howto.  Specifically the following section

```
Code Listing 4.2: Out-of-the-box setup for POP3/SSL

# cd /etc/courier-imap

# nano authdaemonrc

(Set the authmodulelist variable to only contain "authvchkpw")

# nano pop3d.cnf 

(Edit the [ req_dn ] section)

# mkpop3dcert

# rc-update add courier-pop3d-ssl default

# /etc/init.d/courier-pop3d-ssl start

Code Listing 4.3: Out-of-the-box setup for IMAP/SSL

# cd /etc/courier-imap

# nano imapd.cnf 

(Edit the [ req_dn ] section)

# mkimapdcert

# rc-update add courier-imapd-ssl default

# /etc/init.d/courier-imapd-ssl start

Your mail client should now be able to login to the host running courier and retrieve mail for the virtual host. In my case, I am now able to login with the username 'vapier@wh0rd.org' and password 'vappw'.

5. qmail (talking to the world)

Let's get SMTP up and running while making sure we don't create another spam hole for people to abuse.

Code Listing 5.1: Start qmail SMTP service

# cd /var/qmail/control/

# nano conf-smtpd

(Uncomment the SMTP-AUTH variables and set QMAIL_SMTP_CHECKPASSWORD to /var/vpopmail/bin/vchkpw)

# nano servercert.cnf 

(Edit the [ req_dn ] section)

# mkservercert

# cd /service

# ln -s /var/qmail/supervise/qmail-smtpd qmail-smtpd

# /etc/init.d/svscan restart
```

In addition, I also did the following

```
> nano -w /etc/courier-imap/imapd-ssl

  IMAPDSSLSTART=YES

> nano -w /etc/courier-imap/pop3d-ssl

  POP3DSSLSTART=YES

> rc-update add courier-imapd-ssl default

> rc-update add courier-pop3d-ssl default

> /etc/init.d/courier-imapd-ssl start

> /etc/init.d/courier-pop3d-ssl start
```

I also did the the same for the /etc/courier-imap/imapd and /etc/courier-imap/pop3d file.  The only thing is I didn't put

```
AUTHMODULES="authvchkpw"
```

 like this threads howto suggested.  It wouldn't work for me.  So I used

```
AUTHMODULES="authdaemon"
```

 which the comments in the files say to leave anyway.  I also changed in the file /etc/courier-imap/authdaemonrc the line for authmodulelist to

```
authmodulelist="authpam"
```

  It was the only thing that would work.  Also after you change everything, don't forget to do

```

/etc/init.d/svscan restart

/etc/init.d/authdaemond restart
```

Hope this helps.

----------

## petterg

I have the same problem with smtp-auth as I've had using the official howto and the old howto written by sabrex.

I've followed every single step in this howto.

Here's the thing, using mozilla mailclient:

If I set up the client to use a username, it will ask for password. If I provide a wrong user/password combination, it will not send mail. If I provide a correct user/password it will send mail. So far so good.

However, if I setup the client to NOT provide any username I'm also able to send mail!

To investigate this furter I installed mozilla on a pc that that has never been running any mailclient before - gave it an ip adress that haven't been used in my localnet before, and sat it up with an non existing mail account. And there was the same thing: it is able to send mail without providing any username/password.

This is the case nomatter which address is the sender or which is the reciever. Like I can have the sender address = fake@hotmail.com and reciever address = myself@yahoo.com and it will send trough my smtpserver!

Anyone got any ideas of how to solve this problem?

Could someone else please check if they are able to use their smtp-server if they don't provide any username/password?

It's like smtp-auth works, but it's not forced by the server.

----------

## sabrex

 *petterg wrote:*   

> I have the same problem with smtp-auth as I've had using the official howto and the old howto written by sabrex.
> 
> I've followed every single step in this howto.
> 
> Here's the thing, using mozilla mailclient:
> ...

 

That's probably because you're allowing your local network to relay mail, which is what the HOWTO tells you to do.

```
 From step 8 of the new howto:

> nano -w /etc/tcp.smtp

# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                         

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                         

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

save tcp.smtp and then:

> tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp

> chmod 644 /etc/tcp.smtp*
```

The line starting with 192.168.1.:allow... is the one that allows the local network (in this case 192.168.1.0/0) to send mail via smtp.

----------

## larry

[quote="larry"][quote="Crymson"] *larry wrote:*   

> Hi guys,
> 
>  *Quote:*   vmysql: sql error[3]: Table 'vpopmail.vpopmail' doesn't exist
> 
> Error: User's directory already exists?
> ...

 

OK, I fixed this by manually removing the domains from /var/vpopmail/domains.  Then I had to use the vdeldomain to remove them from the database.  This gave some errors, like "could not access directory /var/vpopmail/domains/my.domain but then I could do vadddomain and vadduser without any more errors.

----------

## petterg

 *sabrex wrote:*   

> That's probably because you're allowing your local network to relay mail, which is what the HOWTO tells you to do.
> 
> 

 

Ah! Thats it! Thank you!

I've wasted so many hours - installed this stuff 6 or 7 times on 3 different servers.

Now everything should be working

----------

## lorano

I keep getting this when I do vadddomain.

mysql: sql error[c]: MySQL server has gone away

vmysql: sql error[b]: MySQL server has gone away

vmysql: sql error[3]: MySQL server has gone away

could not create limits table CREATE TABLE limits ( domain CHAR(64) PRIMARY KEY,       maxpopaccounts           INT(10) NOT NULL DEFAULT -1,       maxaliases               INT(10) NOT NULL DEFAULT -1,       maxforwards              INT(10) NOT NULL DEFAULT -1,       maxautoresponders        INT(10) NOT NULL DEFAULT -1,       maxmailinglists          INT(10) NOT NULL DEFAULT -1,       diskquota                INT(12) NOT NULL DEFAULT 0,       maxmsgcount              INT(12) NOT NULL DEFAULT 0,       defaultquota             INT(12) NOT NULL DEFAULT 0,       defaultmaxmsgcount       INT(12) NOT NULL DEFAULT 0,       disable_pop              TINYINT(1) NOT NULL DEFAULT 0,       disable_imap             TINYINT(1) NOT NULL DEFAULT 0,       disable_dialup           TINYINT(1) NOT NULL DEFAULT 0,       disable_passwordchanging TINYINT(1) NOT NULL DEFAULT 0,       disable_webmail          TINYINT(1) NOT NULL DEFAULT 0,       disable_relay            TINYINT(1) NOT NULL DEFAULT 0,       disable_smtp             TINYINT(1) NOT NULL DEFAULT 0,       perm_account             TINYINT(2) NOT NULL DEFAULT 0,       perm_alias               TINYINT(2) NOT NULL DEFAULT 0,       perm_forward             TINYINT(2) NOT NULL DEFAULT 0,       perm_autoresponder       TINYINT(2) NOT NULL DEFAULT 0,       perm_maillist            TINYINT(4) NOT NULL DEFAULT 0,       perm_quota               TINYINT(2) NOT NULL DEFAULT 0,       perm_defaultquota        TINYINT(2) NOT NULL DEFAULT 0 )

vmysql: sql error[p]: MySQL server has gone away

Error: (vadduser) can't read domain limits

When I use Mutt to try and send I get

qmail-inject: fatal: qq trouble creating files in queue (#4.3.0)

And I can't login from my domain at all says invalid user. Any help ould be appreciatted!

----------

## petterg

I'd like to mention a couple of things about using qmail-scanner to check for spam and virus.

There is a test-script included with the distribution. Here is the way to unpack and run it:

```

# cd /usr/portage/distfiles 

# tar -xzvf qmail-scanner-1.16 

# cd qmail-scanner-1.16/contrib 

# ./test_installation.sh -doit

```

This script will send 4 e-mails to root@localhost. 1 normal mail, 2 containing a virus (it doesn't do any harm), and 1 being spam. If you'd like to send the mails to some other mailaddress do this:

```

# nano -w test_installation.sh -doit

go down to line 93 and add this:

RECIP="username@domain.net"

```

If you set the mailadress to early in the file, it might not stay that way when it comes to the sending part of the script. Originally line 94 looks like this: 

```
echo "Sending standard test message - no viruses..."
```

If qmail-scanner doesn't do anything, make sure spamd is running and re-emerge it.

```

# /etc/init.d/spamd start

# emerge qmail-scanner

```

----------

## petterg

 *lorano wrote:*   

> I keep getting this when I do vadddomain.
> 
> mysql: sql error[c]: MySQL server has gone away
> 
> vmysql: sql error[b]: MySQL server has gone away
> ...

 

Crysome answered the very same question half a page above your question.

----------

## lorano

I just saw that =/ I was in a hurry to post since my boss was coming down my row apologies =( Crymson's post fixed the mysql problem. However...

I'm still gettig qmail-inject: fatal: qq trouble creating file in queue (#4.3.0) when I try to send mail. And i just don't recieve anything at all unfortunately.

----------

## Crymson

Ok, I'm tired of this, so I'm going to start over, since maybe I missed something.

What's the best way to do it?  emerge -C all the programs from both tutorials, or can I simply start at Step 1, and emerge everything again, etc etc?  If that's the case, do I need to stop all the daemons running?  A clean slate is what I think I need, since I can't get POP to auth at all.

A good uninstaller HOWTO might be welcome too, for those of us who continually f*ck it up.

----------

## Crymson

Ok, so I unmerged everything, started again.  Now it works- kinda.  I'm having two problems, possibly three.

1)  My Eudora client has "If available, STARTTLS"  I leave this checked, and then it complains that the value is -1, and it's set to ignore anything less than zero.  Since I don't have ssl or anything like that running, is there a reason that it would try to run over a secure connection?

2)  Once I turn off STARTTLS, I can log in, and pop checks, and things are cool.  I can not, however, send mail, and yes, I followed step 8.  Here's the error from /var/log/messages

```

May 26 00:26:48 enterprise vpopmail[5372]: vchkpw-smtp: password fail crymson@mydomain.org:192.168.1.1

```

I was thinking this could have something to do with that fact that I can't log in unless I use the full name, i.e. crymson@mydomain.org instead of just crymson.  How can I set the default domain, so users can log in with just their username instead of the FQN?

Problem 3 may not be a problem at all, so I'll wait.

----------

## Crymson

Ok, previous problem solved.  Turns out it's a problem with IPv6, if anyone else is having that problem.  The solution is the following:

```

/etc/init.d/svscan stop

emerge -C ucspi-tcp

env USE="-ipv6 -ssl" emerge sys-apps/ucspi-tcp

/etc/init.d/svscan start

```

But NOW, I'm getting another stupid error.  The error I get from the client is this:

```

There has been an error transferring your mail.  I said:        .  and then the SMTP server [mail.mydomain.org] said:   451 qq temporary problem (#4.3.0)

```

The error in /var/log/messages is:

```

May 26 01:10:05 emterprise X-Qmail-Scanner-1.16: [enterprise108553380542620231] Unable to close pipe to /var/qmail/bin/qmail-queue (#4.3.0) - Broken pipe

May26 01:10:05 enterprise X-Qmail-Scanner-1.16:

[enterprise108553380542620231] Unable to queue message (111). (#4.3.0) - Illegal seek

```

Any ideas?

----------

## Crymson

Ok, got the previous fixed.  From the original poster, here's the quick fix.

(Problem is, the qmail/queue directory didn't exist).

```

emerge queue-fix

cd /var/qmail

mkdir queue

chmod 777 queue

bin/queue-fix queue

```

After this, it should work.

----------

## Crymson

Sorry to be dominating this part of the forum, but these are my last two questions.

1)  As I said before, Eudora complains when I turn on "If available STARTTLS".  I'm not running ssl, so why is it doing this?  I'm trying to make things as easy as possible for the other people I'll be giving out email addresses to.

2)  Every user needs to log in using user@domain.com instead of just user.  Since I only have ONE domain that I'm running email for, is there a way I can avoid this?  A simple/quick fix would be great.

Thanks for all your help and support!!

----------

## gcasillo

For some reason, qmail is wanting to deliver mail to ~/.maildir instead of /var/vpopmail/domain/username/.maildir. I'm not very knowledgeable about all of this mail stuff, so can someone tell me where I should look to figure out why it is doing this. I followed sabrex's guide to the letter, and I had it working initially. But apparently, I changed something (?).

I figured this out by creating a ~/.maildir in my user directory and restarted the services. Bang, it finally starting delivering to that directory. Before, my log at /var/log/qmail/qmail-send/current looked like this:

```
@4000000040b456d5091d4e2c starting delivery 1: msg 56490 to local gregg@teamchemistry.com

@4000000040b456d5091e30bc status: local 1/10 remote 0/20

@4000000040b456d511a56afc delivery 1: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/

@4000000040b456d511a6361c status: local 0/10 remote 0/20

@4000000040b456dd11928edc starting delivery 2: msg 56580 to local gregg@teamchemistry.com

@4000000040b456dd11929a94 status: local 1/10 remote 0/20

@4000000040b456dd11b0965c delivery 2: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/

@4000000040b456dd11b0a214 status: local 0/10 remote 0/20

@4000000040b4573a10d94d14 starting delivery 3: msg 56490 to local gregg@teamchemistry.com

@4000000040b4573a10d958cc status: local 1/10 remote 0/20

@4000000040b4573a10f750ac delivery 3: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/

```

Lots of #4.2.1 errors. Everything else is working fine. I just need to figure out how to get qmail to deliver mail into /var/vpopmail/... instead of my user directory.

----------

## lorano

 *Quote:*   

> Ok, got the previous fixed. From the original poster, here's the quick fix.
> 
> (Problem is, the qmail/queue directory didn't exist).
> 
> Code:
> ...

 

That worked for the qq problem. Now that I have it up and running, I can send but I can't recieve. I have ports 25 and 143 open is there some other port I need open? Or some config file I need to try and change?

Edit: 

At this point I don't care if I can login from the web or get thunderbird to work with it (neither works as of right now), if I can ssh in and use mutt that will make me happy =p

----------

## Nazzy

I'd just like to point out that squirrelmail needs a version change to reflect the security advisory.

----------

## petterg

 *lorano wrote:*   

> 
> 
> That worked for the qq problem. Now that I have it up and running, I can send but I can't recieve. I have ports 25 and 143 open is there some other port I need open? Or some config file I need to try and change?
> 
> 

 

I'll help out to break up Crymsons monolouge.

To solve this problem I think we need to know what happens when you telnet into your mailserver on port 25. Post the output you get from it.

----------

## Crymson

 *lorano wrote:*   

> 
> 
> That worked for the qq problem. Now that I have it up and running, I can send but I can't recieve. I have ports 25 and 143 open is there some other port I need open? Or some config file I need to try and change?

 

You want to receive?  25 is the SMTP port, 110 is the POP port.  Granted, I'm not using SSL or anything, but that strikes me as odd.  There was an earlier post by Ryker I believe, that spoke about ssl, and their respective ports.  993 or something was the SSL POP port.  Check back on page 3 of this topic, and see if that fixes your problem.  Unfortunately, you're out of my realm.

----------

## gcasillo

Regarding my problem stated above, is it /var/qmail/control/defaultdelivery that tells qmail what directory to deliver my messages? It currently reads:

```
# Uncomment the next line for .forward support

#|dot-forward .forward

./.maildir/
```

I see the messages that I've sent and received in various subdirectories under /var/qmail/queue/. But qmail wants to move those to ~/.maildir, i.e. in a user's home directory. I want them moved under /var/vpopmail/domain/username.

----------

## Crymson

 *gcasillo wrote:*   

> Regarding my problem stated above, is it /var/qmail/control/defaultdelivery that tells qmail what directory to deliver my messages? It currently reads:
> 
> ```
> # Uncomment the next line for .forward support
> 
> ...

 

No, the defaultdelivery file should stay as it is.  About the rest, I'm curious if you're trying to deliver to a pop users account, or not?  vpopmail allows you to send mail to a NON-SYSTEM account.  So, you'd have to vadddomain yourdomain <password>, then vadduser <user> <password>.  Then, when you send to that address, it'll be delivered to the vpopmail .maildir like you want.  Otherwise, qmail thinks you are delivering to a system account, in which case it tries to deliver the mail to the location you are specifying.

----------

## lorano

Ok so, I changed the ports that I had open to 25 and 110 and 993 I get this output when I try to telnet in:

telnet mydomain.org 110

+OK Hello there.

telnet mydomain.org 25

220 mydomain.org ESMTP

No other output at all from either one. I can still send just not recieve. On a side note, I can't send locally either. So it's not just external to the box. 

*Runs off and rips his hair out*

----------

## gcasillo

I did add two domains and a couple users for one of those domains using the method you describe with vadddomain and vadduser. I'm using IMAP only; no POP accounts. I added the accounts via qmailadmin. Here's a look at my vpopmail MySQL table:

```

+-----------------+-------------------+------------------------------------+--------+--------+---------------+---------------------------------------------------------+----------+

| pw_name         | pw_domain         | pw_passwd                          | pw_uid | pw_gid | pw_gecos      | pw_dir                                                  | pw_shell |

+-----------------+-------------------+------------------------------------+--------+--------+---------------+---------------------------------------------------------+----------+

| postmaster      | teamchemistry.com | (password)|      0 |      0 | Postmaster    | /var/vpopmail/domains/teamchemistry.com/postmaster      | NOQUOTA  |

| gregg           | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/gregg           | NOQUOTA  |

| domains         | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/domains         | NOQUOTA  |

| newegg          | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/newegg          | NOQUOTA  |

| amazon          | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/amazon          | NOQUOTA  |

| landsend        | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/landsend        | NOQUOTA  |

| webmaster       | teamchemistry.com | (password) |      0 |      0 | webmaster     | /var/vpopmail/domains/teamchemistry.com/webmaster       | NOQUOTA  |

| ebay            | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/ebay            | NOQUOTA  |

| video           | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/video           | NOQUOTA  |

| ket             | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/ket             | NOQUOTA  |

| gentoo          | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/gentoo          | NOQUOTA  |

| performancebike | teamchemistry.com | (password) |      0 |      0 | Gregg Casillo | /var/vpopmail/domains/teamchemistry.com/performancebike | NOQUOTA  |

| slashdot        | teamchemistry.com | (password) |      0 |      0 | slashdot      | /var/vpopmail/domains/teamchemistry.com/slashdot        | NOQUOTA  |

+-----------------+-------------------+------------------------------------+--------+--------+---------------+---------------------------------------------------------+----------+

13 rows in set (0.00 sec)

```

I have legit passwords; though encrypted, I didn't want them to appear here. Maybe I should try deleting the domains and users and adding them again?

----------

## Crymson

 *lorano wrote:*   

> Ok so, I changed the ports that I had open to 25 and 110 and 993 I get this output when I try to telnet in:
> 
> telnet mydomain.org 110
> 
> +OK Hello there.
> ...

 

Ok, when you telnet in to port 110, it's expecting something.  Try logging in-

```

USER <user>

PASS <pass>

```

If it gives you an "ERR- login failed" then either the password you supplied is wrong (not likely) or your username is incorrect.  I know for me, I have to login with the FQDN of my account - i.e. crymson@mydomain.org.  Just using crymson doesn't work.

If you still can't login, you can do what I did- emerge -C everything you've done so far, and start over from scratch, from step 1 in this howto.  I did last night, and miraculously, it works now.  God only knows what I was doing wrong.

----------

## Crymson

 *gcasillo wrote:*   

> I did add two domains and a couple users for one of those domains using the method you describe with vadddomain and vadduser. I'm using IMAP only; no POP accounts. I added the accounts via qmailadmin. <snip>
> 
> I have legit passwords; though encrypted, I didn't want them to appear here. Maybe I should try deleting the domains and users and adding them again?

 

I'm not using this for IMAP, so again, I don't know.  As I understand this however, vpopmail allows virtual accouts for POP users, hence the name, vPOPmail  :Smile:   I seem to recall reading somewhere (but god only knows where) that qmail has its own handler for IMAP, and user accounts.

My suggestion would be to look at the lifewithqmail website (don't know the addy offhand, google it), and see if there's something there that talks about imap, and directories.  Sorry I couldn't be of more help.

----------

## Crymson

To my earlier question post ... if someone knows and just isn't speaking up, is there an RTFM around that might answer those questions for me?  I like to consider myself fairly resourceful, but damn.

Yeah... an RTFM would be good...anybody?

----------

## ryker

Ok.  I'm back with problems again.  I originally had authentication problems using authvchkpw so I used authpam instead.  That seemed to work fine until I started adding virtual users.  It seems that I can only authenticate with local user accounts when using authpam.  I tried authvchkpw again and I can only authenticate with local accounts but no virtual accounts.  I have created 1 virtual account with qmailadmin and also 1 at the command line with vadduser.  I can see a total of 4 accounts in qmailadmin now: 2 virtual, 1 local, and postmaster.

I tried using 

```
telnet mydomain 110
```

 and I can get in with only the 1 local account.  The postmaster and 2 virtual accounts login fail through telnet.  I can login to all 4 accounts using qmailadmin.  Anyone have any ideas?

 :Confused: 

----------

## ryker

 *Crymson wrote:*   

> To my earlier question post ... if someone knows and just isn't speaking up, is there an RTFM around that might answer those questions for me?  I like to consider myself fairly resourceful, but damn.
> 
> Yeah... an RTFM would be good...anybody?

 

Sorry, but I don't have any answers for you.  I would probably check your files in the following from the original howto

```
Code Listing 2.6: Example /var/qmail/control/ files for a 2nd level domain

 

# hostname --fqdn

wh0rd.org

# cat me

wh0rd.org

# cat defaultdomain

wh0rd.org

# cat plusdomain

wh0rd.org

# cat locals

wh0rd.org

# cat rcpthosts

wh0rd.org

 

Code Listing 2.7: Example /var/qmail/control/ files for a 3rd level domain

 

# hostname --fqdn

mail.wh0rd.org

# cat me

mail.wh0rd.org

# cat defaultdomain

wh0rd.org

# cat plusdomain

wh0rd.org

# cat locals

mail.wh0rd.org

# cat rcpthosts

mail.wh0rd.org
```

Maybe the defaultdomain is incorrect on yours?

Sorry I can't be of more help.

----------

## ryker

Crymson:

Your problem actually helped me solve my problem with logging in.  I wasn't putting 'user@mydomain', I was just using 'user'.  Now I can log in fine with all accounts.  I tried changing the defaultdomain file and it didn't help me.  If I find a solution to OUR problem I will let you know.

----------

## ryker

Well, according to this guide, it says that the defaultdomain file I mentioned earlier is for specifying a default domain.  So users should be able to just user their username and not username@domain.  I tried it again, restarted services, and it didn't work.  Rebooted the machine for the heck of it, still didn't work.  I'm giving up for tonight, but I'll let you know if I find a fix.

----------

## Crymson

 *ryker wrote:*   

> Crymson:
> 
> Your problem actually helped me solve my problem with logging in.  I wasn't putting 'user@mydomain', I was just using 'user'.  Now I can log in fine with all accounts.  I tried changing the defaultdomain file and it didn't help me.  If I find a solution to OUR problem I will let you know.

 

I wonder if you need to restart the qmail service for the new stuff to take effect?  Did you reboot/restart the services?

----------

## Crymson

Spoke too soon- my files in /qmail/control are like those shown- except my hostname isn't "mail", it's "enterprise".  Anyway, the rest is the same, so defaultdomain isn't misconfigured.  Next guess?   :Smile: 

----------

## batchicken

Great how-to.

Dumb question though. How do I configure the rest of my system, I have looked through a number of howto's and docs and have tired a few things to create mailboxes and get the mail delivered to the corresponding maildirs but to no avail. Can you point me in the right direction - to a doc that explicates the process.

Thanks.

----------

## vcihon

A couple of questions:

1. I know this is probably obvious to most however I can't tell given this setup how to whitelist good users which are marked as spam.  Most docs say it is in the /home/user/.spamassain file however that doesn't apply here.

2.  The spam is being correctly delivered to a Spam directory in the virtual users mailbox.  This is accessible via IMAP but not POP3 (there is no spam folder).  How can I make this available to all users?

3.  Is there a gui front end, similar to Roaring Penguin's Canit that allows users to manage their spam (mark email as either spam or not effecting Bayes scoring etc.) and the ability to whitelist good email accounts etc?

Thanks as always!

----------

## vesik

For me it looks like /etc/conf/spamd.conf should be /etc/conf/spamd.  

Also, I'm running this setup on a hardened box using the hardened-sources with Grsecurity set to "High" and all the "Hardened" patches enabled.  This causes clamav to barf with a:

@4000000040b714cc13f060b4 X-Qmail-Scanner-1.16:[minh10857402254265790] clam_scanner: corrupt or unknown ClamAV scanner error or memory/resource/perms problem - exit status 50

or something similar.

What I had to do to remedy the problem was to edit my /var/qmail/control/conf-common and up the SOFTLIMIT_OPTS to around 20000000.

----------

## splooge

I'm having a weird issue.  The subject and bodies of my e-mail seem to be getting stripped before they reach .maildir.  Here's a copy of a new e-mail I just sent to myself in my .maildir/new folder:

```
new # cat 1085778979.7304.fw\,S\=323

Return-Path: <cstevens@homestore.com>

Delivered-To: cstevens@pwned.com

Received: (qmail 7302 invoked by uid 204); 28 May 2004 14:16:19 -0700

Received: from cstevens@homestore.com by fw by uid 201 with qmail-scanner-1.16

 (.  Clear:.

 Processed in 1.622812 secs); 28 May 2004 21:16:19 -0000

Received: from unknown (HELO pwned.com) (206.131.160.44)

  by 0 with SMTP; 28 May 2004 14:16:17 -0700
```

As you can see, there's no subject or body.  Any idea what the problem might be?  I'm totally not sure where to start looking.  ;(

They all show up blank in squirrelmail.

----------

## ghost_recon

need help when i do this 

```

emerge /usr/portage/net-mail/qmail-scanner/qmail-scanner-1.16-r2.ebuild 

```

i get this error

```

cannot write to /var/spool/qmailscan/qmail-scanner-queue-version.txt - Permissio

n denied at /var/qmail/bin/qmail-scanner-queue.pl line 1193.

perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachmen

ts.txt

X-Qmail-Scanner-1.16:[] cannot open for write /var/spool/qmailscan/quarantine-at

tachments.db.tmp - Permission denied

```

Fixed the above ^ I think I dont see the errors anymore i emerged qmail-scanner-1.20

Now I have a new problem I finished the tutorial. When I use QmailAdmin or SquirrelMail I cant login in on either. Ive tried every combination of user names and passwords for the past 5 hours and still no luck.

I can still send and receive mail using mutt. Which is a pain to ssh into my server every few hours. But at least thats working.Last edited by ghost_recon on Sun May 30, 2004 3:37 pm; edited 2 times in total

----------

## lorano

Well, I rebuilt my entire system just to do it since I couldn't find all the damn files to clean out after an installation and I had the time to kill. I followed this guide exactly step by step and I again I can't send or recieve mail. I think god doesn't want me to have an email server. Beyond frustrated at this point. Excellent guide but it doesn't work for me unfortunately.

I have the proper use flags set as per the guide, I went so far as to cut and paste the instructions out of the document into my system in case I was fat fingering something and still it doesn't work.

Edit: Forgot the important part of this post...

I GIVE UP.

----------

## vesik

Get mutt working with this setup.

I near tore my hair out trying to get mutt to put "sent" messages into the INBOX/sent folder.

This is how you do it.

set record = =INBOX.sent

YES!!!!!!!!!!!

This works with any folder you want and also with the 'set postponed' directive.

----------

## Crymson

Tried to get Squirrelmail set up last night, the last little thing I had left to do.  Just a few hints/tips that I discovered, that aren't really covered anywhere else.

First off, you need apache2 installed.  (Which I'm assuming most of you have already).  Secondly, you need php, and mod_php emerged.

```

> emerge php

> emerge mod_php

```

You then need to configure php if you want, but the defaults work for most people.  The file is located in 

```

/etc/apache2/conf/php.ini

```

All you need to do then, to make sure that php is recognized by apache2, and running, is uncomment, and set the following line:

```

in /etc/conf.d/apache2

APACH2_OPTS="-D PHP4"

```

You also need to edit the /etc/apache2/conf/mime.types

```

application/x-httpd-php          php

```

Restart apache2, and if you had problems parsing php code, it'll work after this.  I have not had any problems with USE flags of IPv6, ssl, or mysql like some other programs.  Alls well that ends well.

G'luck!

----------

## mobiusproject

 *Crymson wrote:*   

> First off, you need apache2 installed.  (Which I'm assuming most of you have already).  Secondly, you need php, and mod_php emerged.
> 
> ```
> > emerge php
> 
> ...

 No, just emerge mod_php, this will install php as well, which really isn't needed for mod_perl, but anyways...

 *Crymson wrote:*   

> All you need to do then, to make sure that php is recognized by apache2, and running, is uncomment, and set the following line:
> 
> ```
> in /etc/conf.d/apache2
> 
> ...

 

Nice catch, this one actually took me a while the first time I set up apache on my machine.  If you want to have perl installed too, remember to

```
ACCEPT_KEYWORDS="~x86" emerge mod_perl

 (or just add mod_perl to your /etc/portage/packages.keywords file and plain emerge mod_perl)

in /etc/conf.d/apache2

APACH2_OPTS="-D PHP4 -D PERL"
```

 *Crymson wrote:*   

> You also need to edit the /etc/apache2/conf/mime.types
> 
> ```
> application/x-httpd-php          php
> ```
> ...

 

Not true.  Gentoo actually has all of this already set up for you.  Take a look at file:/etc/apache2/conf/modules.d/70_mod_php.conf.  I thought that the config files in this directory were really cool the first time I saw them, and they are also all loaded when apache2 starts.

----------

## ryker

When ever I add a new virtual user for a virtual domain, there are none of the common folders you would expect (ie. Trash, Sent, Outbox, ...) created in the .maildir.  Does anyone know how to have these created by default for each new user?  I am able to add them for each user manually through the mua, but I would like this to be automatic.

----------

## darkcoder

I installed my server following the steps in the official Gentoo qmail howto.  Then after it was working, made the changes that were described in this howto (thanks btw), but I think that the scanning of viruses is not done, since I send two test messages, one with eicar.com and other with a variant of Netsky and both attachments arrive unharmed to a hotmail and yahoo accounts.

While I have not performed a spam test probably is not working also.  Tryied these two spamd settings without success:

```
SPAMD_OPTS="-d -u vpopmail -v -x -C /etc/mail/spamassassin/local.cf"

SPAMD_OPTS="-v -u vpopmail --siteconfigpath=/etc/mail/spamassassin/local.cf"

```

Have f-prot installed in /opt/f-prot and was detected by the qmail-scanner as this shows:

```
my $fprot_binary='/opt/f-prot/f-prot';

my $fsecure_binary='';

my $inocucmd_binary='';

my $ravlin_binary='';

my $clamscan_binary='';

my $spamc_binary='/usr/bin/spamc';

my $spamc_options=' -c -f';

my $spamc_subject='*****SPAM*****';

my $spamassassin_binary='/usr/bin/spamassassin';

my ($sa_comment,$tag_score);

```

and the output of ps aux | grep tcpserver

```

qmaild    3139  0.0  0.1  1592  876 pts/1    S    03:31   0:00 /usr/bin/tcpserver -H -R -l -0 -R -x /etc/tcp.smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd pop.mundolink.net /var/vpopmail/bin/vchkpw /bin/true

root      3230  0.0  0.1  1552  824 pts/1    S    03:45   0:00 grep tcpserver

```

----------

## mobiusproject

darkcoder -

I do believe that when you send e-mail from the machine that you install all of this on, the default config says to not scan for virii and spam.  Take a look at either /etc/tcp.smtp or /etc/tcprules.d/tcp.qmail-smtp and look for the line starting

```
127.0.0.1:
```

My line is

```
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
```

and thus it doesn't check for virii and spam when coming from my machine.  It will scan for every other machine because of the line

```
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

This might be the reason why you have virii getting through the scanner, because its not actually scanning it.

----------

## petterg

 *mobiusproject wrote:*   

>  *Crymson wrote:*   All you need to do then, to make sure that php is recognized by apache2, and running, is uncomment, and set the following line:
> 
> ```
> in /etc/conf.d/apache2
> 
> ...

 

You should probably use a secure connection when sending passwords over the internett. Then do it this way:

```
APACH2_OPTS="-D SSL -D PHP4 -D PERL"
```

And take a look at this instructionfile:

/var/www/localhost/htdocs/squirrelmail/plugins/secure_login/INSTALL

(Step 1 of the instructions was automatically done for you when you emerged squirrelmail.)

----------

## ryker

Anyone have any ideas about my default folders question, or is this one of those RTFM things that I just couldn't find?  :Smile: 

----------

## Nazzy

I'd just like to point out the net-mail/f-prot is now in apps-antivirus/f-prot

----------

## petterg

 *ryker wrote:*   

> Anyone have any ideas about my default folders question, or is this one of those RTFM things that I just couldn't find? :)

 

Your question is quite interesting. It would be nice to have some kind of skeletondir with files (and dirs) that will be copied into the new users maildir folder. That way you can include a default .qmail file, a welcome mail and default folders.

The easiest way I see to do this automatically is to make a bash script that creates the account and copies the files.

----------

## petterg

A few things I would like to add to my mailsystem:

If the from field in a mail matches POSTMASTER@* or *DEAMON@* and the reciever account is [unknown_account]@mydomain.net the mail should be DROPED BEFORE it takes up any resources for spamchecking or virus scanning.

Anyone got any ideas of how to do this?

This kind of mail should not bounce. Just be dropped.

The reason I'm asking is that I experienced for about 10days in March that my old server recieved 30.000 mails like that, DAILY! The mailsystem totally broke down. (I'm running a mailserver with only 5 users including myself.)

----------

## moscher

hi.

First of all this is a great howto.

imap works fine pop3 works fine, i can login to squirrelmail and qmailadmin, can create accounts and so on, the only thing not working seems to be the smtp server.

It gives me this error in squirrelmail:

```

Requested action not taken: mailbox name not allowed

Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

```

would be great if you could give me some more advices what to do  :Smile: 

----------

## petterg

 *moscher wrote:*   

> 
> 
> ```
> 
> Requested action not taken: mailbox name not allowed
> ...

 

One of two things is wrong. If the computer you're sending the mail from is on the same localnet as the server, you probably would like it to be able to send mail without having to authorize. (Your webserver running squirrelmail should also be able to send mail without having to authorize.)

Make sure you have the /etc/tcp.smtp file right. Go over the last half of step 8 of the howto again, to make sure you did it right.

You may also recieve that error if your email client is not set up to authorize itself when the computer you're sending from has an IP adress outside the range of ip's you've listed in /etc/tcp.smpt. Set the client to authorize (provide a username and password) when sending mail, and you should do fine.

----------

## petterg

I just discovered that I have a small problem when it comes to SSL certificates when hosting multiple domains. What happens is that every time someone connects using a SSL connection they get a warning saying that the certificate is of a different domain than the address they connect to. Is there a way to have one server certificate for each virtual domain?

----------

## moscher

ok, went over step 8 again, now things seem to be ok, but now i get anohter error:

```

X-Qmail-Scanner-1.20:[h4048108618545546127488] Unable to open pipe to /var/qmail/bin/qmail-queue [16777215]

+(#4.3.0) - Broken pipe

X-Qmail-Scanner-1.20:[h4048108618545546127488] Unable to close pipe to /var/qmail/bin/qmail-queue [255]

+(#4.3.0) - Broken pipe

qmail-inject: fatal: qq temporary problem (#4.3.0)

```

this error comes up when i try to send a mail to another local user

ok, ran queue-fix, and everything is ok now

----------

## Crymson

I'm still having problems with smtp-auth.  Users can't send to any address that is not part of my domain.  They get a 553 error - that domain isn't on my allowed list of rcpthosts (#5.7.1).  The qmail-smtpd and qmail-send logs don't have anything to say about it, but the messages does:

```

Jun 2 16:50:31 enterprise vpopmail[2210]: vchkpw-smtp: password fail shiva@mydomain.org:xxx.xxx.xxx.xxx
```

I would expect the password to be the same as the password they use to check their mail, but am I wrong in this assumption?  I've double checked the perms on /etc/vpopmail.conf and /var/vpopmail/bin/vchkpw, and they are as they should be (root:vpopmail, 640, and root:vpopmail 4711 respectively).  I have also chown'd them to be vpopmail:vpopmail, didn't make a difference.

Am I correct in assuming that what is supplied, isn't matching what's in the sql database?  If that's the case, is it a problem with authdaemon.plain?  Is there a way I can see what is being transmitted vs. what is being checked?  I don't have ssl or anything like that running.  I really need to fix this, as noone on my domain can send mail to anyone that isn't also on my domain, and to be honest, it's PISSING ME OFF.  Thanks in advance...

----------

## petterg

 *Crymson wrote:*   

> I'm still having problems with smtp-auth.  Users can't send to any address that is not part of my domain.  They get a 553 error - that domain isn't on my allowed list of rcpthosts (#5.7.1).  The qmail-smtpd and qmail-send logs don't have anything to say about it, but the messages does:
> 
> ```
> 
> Jun 2 16:50:31 enterprise vpopmail[2210]: vchkpw-smtp: password fail shiva@mydomain.org:xxx.xxx.xxx.xxx
> ...

 

Are you able to send mail to ppl outside your domain using squirrelmail (or other webmail)?

Are you able to log into your mysql server using the server, username, password and port number entered in you /etc/vpopmail.conf file?

Do you get any error when you try to add / delete users?

If you enter

```
**ipadress**:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
```

where **ipadress** is the ip of the pc you'll try to send mail from.

And run

```
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
```

Then set the mailclient on the pc to not send any username/password to smtp auth. Are you able to send mail?

----------

## Crymson

 *petterg wrote:*   

> Are you able to send mail to ppl outside your domain using squirrelmail (or other webmail)?

 

Yes.  It all works as it should.

 *petterg wrote:*   

> Are you able to log into your mysql server using the server, username, password and port number entered in you /etc/vpopmail.conf file?

 

Not sure you what you mean here - if you mean can I do the following -

```
# mysql -u vpopmail -p

Enter password: ****

Welcome to the MySQL monitor....

```

Yes.  It accepts my password for vpopmail.  I do not, however, know how to show the tables.

 *petterg wrote:*   

> Do you get any error when you try to add / delete users?

 

No, no errors.

 *petterg wrote:*   

> 
> 
> If you enter
> 
> ```
> ...

 

Ok, I added that line to the bottom of tcp.smtp, and as an aside, does it matter that you told me to input qmail-queue.pl when my other line has qmail-scanner-queue.pl?  Anyway, no, he was unable to send mail with no username/pass.  The error he gets was:

```
Error while performing operation: 

RCPT TO <crymson@****.org> failed: Requested action not taken: mailbox name not allowed
```

I looked in my /var/log/messages file, and I didn't even see a connection form him.  When I had him test out using a username/pass, I got the vchkpw-smtp error again.  (auth failed for user...)  He got the same 553 error, about not being in the allowed list of rcpthosts.

Not really sure if that helps you.  If you need me to post a config file, just name it.  Thanks!!

----------

## Crymson

Ok, here's an error log from the person I had testing this out.

To begin, here's my tcp.smtp file:

```

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

:allow

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

68.xxx.69.xxx:allow,REPLAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue.pl"

```

The last line in the above is the IP for the computer trying to send mail through me.

Per your instructions, I ran the tcprules command, even rebooted the machine.

Now on to his error: (Names have been changed, and IPs have been edited)

```

name@trogdor src $ telnet mail.****.org 25 

Trying xx.121.xx.160... 

Connected to mail.****.org. 

Escape character is '^]'. 

220 enterprise.****.org ESMTP 

helo 68.xxx.69.xxx 

250 enterprise.****.org 

user temp1234@****.org 

502 unimplemented (#5.5.1) 

passwd temp1234 

502 unimplemented (#5.5.1) 

mail from: XXX.YYY@68.xxx.69.xxx 

250 ok 

mail to: crymson@syscraft.org 

250 ok 

data 

503 RCPT first (#5.5.1) 

rcpt to: crymson@syscraft.org 

553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 

mail from: XXX.YYY@68.xxx.69.xxx 

250 ok 

rcpt to: crymson@syscraft.org 

553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) 

quit 

221 enterprise.****.org 

Connection closed by foreign host.

```

No user/passwd stuff is implemented?  Obviously, the standard 553 error is in there, when he tries to give it a rcpt- so where does the smtp-auth come in?  Since he couldn't indentify himself, shouldn't the server have let him send mail anyway, since he's on the relay list?

I'm not really sure what to make of this.  If there's something else I need to post/do, please let me know, I'll be happy to do it.

Thanks!!

----------

## petterg

Does it matter if the line

:allow

is on to or bottom of the /etc/tcp.smtp file?

Sorry I don't have a lot of ideas of what's gone worng for you. But I'm sure I've never seen the :allow in the middle of the file before.

----------

## petterg

Now I'm fucked!

For some reason mail is nolonger delivered into the mailboxes.

It's been working great for the past 2 weeks. All of a sudden it stopped.

All I've done with the system today is to install NTP.

I can see in the log that incomming mails are checked by clamav and spamd, but then they disapare!

Any ideas of where to start debugging?

----------

## Crymson

I took out the :allow line that was just sitting there- didn't seem to do anything.

I suppose the problem could be in /var/qmail/control/conf-smtpd - the HOWTO isn't very explicit on what it should look like.  There are several QMAIL_SMTP_POST lines.  There's one at the beginning, there's two in the section you're supposed to uncomment at the bottom to enable SMTP-AUTH.

Maybe someone who has this working could post their conf-smtpd file?

----------

## nuxman

 *ARC2300 wrote:*   

> Okay, I've read this and read the old guide, and have a working mail server.
> 
> The only problem being, though, that to log in (with SquirrelMail or remotely from something like thunderbird), I have to login as user@domain.net.  Why?

 

how to change this??

----------

## Crymson

 *nuxman wrote:*   

>  *ARC2300 wrote:*   Okay, I've read this and read the old guide, and have a working mail server.
> 
> The only problem being, though, that to log in (with SquirrelMail or remotely from something like thunderbird), I have to login as user@domain.net.  Why? 
> 
> how to change this??

 

Your guess is as good as ours-  if you read the previous pages, you'll know that Ryker and I are both trying to figure out why this is the case, and that we still don't have an answer.

----------

## nuxman

 *Crymson wrote:*   

>  *nuxman wrote:*    *ARC2300 wrote:*   Okay, I've read this and read the old guide, and have a working mail server.
> 
> The only problem being, though, that to log in (with SquirrelMail or remotely from something like thunderbird), I have to login as user@domain.net.  Why? 
> 
> how to change this?? 
> ...

 

maybe i know, the squirrelmail has a file redirect.php, in this file change a line 98 $username = $login_username; for $username = $login_username . "@yourdomain.com"; maybe work

----------

## Crymson

That may work in squirrelmail, but it won't for any other mail client.  It would be a setting in courier, or qmail I'd guess.  Maybe even vpopmail.  I've seen some stuff about "default domain" - but I haven't been able to figure out how to set it.

All in all, it's a small problem.

----------

## nuxman

 *Crymson wrote:*   

> That may work in squirrelmail, but it won't for any other mail client.  It would be a setting in courier, or qmail I'd guess.  Maybe even vpopmail.  I've seen some stuff about "default domain" - but I haven't been able to figure out how to set it.
> 
> All in all, it's a small problem.

 

Yes my squirrelmail is work fine ...

change this line 81 in redirect.php for imapd connection 

 *Quote:*   

> $imapConnection = sqimap_login($login_username."@yourdomain.com", $key, $imapServerAddress, $imapPort, 0);
> 
> 

 

change this line 90 for 

 *Quote:*   

> $username = $login_username. "@yourdomain.com";

 

vhost  for all clients.. work is fine  :Smile: 

[/quote]

----------

## Crymson

You're saying that now you can use ANY client (not just squirrelmail) and only supply the user, instead of user@host.com for login, and it works??  Wow, who knew?

----------

## nuxman

 *Crymson wrote:*   

> You're saying that now you can use ANY client (not just squirrelmail) and only supply the user, instead of user@host.com for login, and it works??  Wow, who knew?

 

no i say work is fine only imapd  :Smile: 

----------

## Crymson

 *nuxman wrote:*   

> no i say work is fine only imapd 

 

If you can get this working for pop3d as well, then I'll join in on the merryment.

----------

## Crymson

HOO-RAH!  I found the problem with smtp-auth.  Sabrex was half-right.  SMTP-AUTH *was* working, kinda.  As it turns out, with the newest release of vpopmail (5.4.0) which he has us install in this HOWTO, plain, and login authentication is supported.  CRAM-MD5 is *NOT*.  The only reason I'm having a problem, and noone else seems to be, is because Eudora (my fav winbloz client) uses CRAM-MD5 for authentication.  Many of the program for linux use LOGIN.  After searching the inter7 website for hours on end, I found this:

 *inter7.com wrote:*   

> IF USING SMTP AUTH PATCH TO QMAIL-SMTPD
> 
>   * This release of vpopmail includes fixes for vchkpw that may break
> 
>     certain SMTP AUTH implementations.  If SMTP AUTH fails after 
> ...

 

Now, the said patch file is where the guy said it should be, but I have *NO* clue how to install it.  In fact, I believe there's a newer version.  0.4.3 now- at least according to http://www.fehcom.de/qmail/smtpauth.html

So here's my question, since I've been brought up the craptastic world of windows.  How the hell do I install this patch?  It's talking about re-making qmail.  Since I used the ebuild, is this even possible?

Maybe someone with lots of smarts can educate me on how to install this patch, which would allow CRAM-MD5 auth to work with the current ver of vpopmail.

TIA

----------

## Crymson

This is utterly stupid.  I haven't been able to patch qmail, since the patch screws up the ebuild, and you can't even get a make install to work.

So, I tried turning off CRAM-MD5 authentication on the Eudora side, and then the log shows two errors that I can't readily explain, maybe someone else can:

```

Jun 5 15:34:33 enterprise vpopmail[7717]: vchkpw-smtp: (PLAIN) login success crymson@mydomain.org:192.168.1.1

Jun 5 15:34:33 enterprise vpopmail[7717]: vchkpw-smtp: null user name given :192.168.1.1

```

And then it gives me the typical 553 error, because I didn't auth properly.  First I do, then it tries again, with a null user name?

I'm getting really pissed off here.  Maybe someone should add in the vchkpw patch to vpopmail 5.4.0 ebuild so those of us who use CRAM-MD5 for auth can actually USE this.  No offense Sabrex, but this is turning in to a nightmare.

----------

## petterg

The last incomming mail to my server last friday came at 9.01am. At 9.17am I started ntp-client and ntpd for the first time. After that all incomming mail got deleted. From the log I could see incomming mail go through spamassassin before disaparing.

Stopping ntp and rebooting did not help.

I reemerged qmail and vpopmail, but still it didn't help.

Finally I unemerged all packages emerged in this guide, and emerged them all over. Now incomming mail works again. I have no clue what happened, but it must have something to do with ntp.

I'm not going to start ntp again before I have a complete system backup.

Anyone else got any experience with using NTP with the mailsystem in this guide?

----------

## phaidros

first of all thanx very much for that nice HOWTO.

Its all running fine for me, except using an remote smtp for delivery.

adding my smtpserver into /var/qmail/control/smtproutes [as recommended by documentation]

:mail.domain.tld

I get in the logs:

[..]

@4000000040c4514d1e0d2b2c status: local 0/10 remote 1/20

@4000000040c4514d1e0d2f14 end msg 767803

@4000000040c4514d1e2961d4 delivery 2: deferral: Unable_to_read_control_files._(#4.3.0)/

[..]

same result when I replace servername by ip ..

any suggestions?

----------

## blubbi

checked the propper permissions on the file?

```
chmod 644 /var/qmail/control/smtproutes
```

----------

## blubbi

 *Crymson wrote:*   

> You're saying that now you can use ANY client (not just squirrelmail) and only supply the user, instead of user@host.com for login, and it works??  Wow, who knew?

 

 I recommend to install the vlogin plugin its really coooool

Try this out. You'll find this plugin on the squirrelmail hompage.

----------

## petterg

Where's a list of stuff I'd like to change on my system.  If anyone knows how to do any of these, please let me know.

1) Disable spamcheck of outgoing mail sent from foreign ip adresses. (Sender authorized by smpt-auth)

2) Mail sent to a non-existing-user@mydomain should bounce without any spam or viruscheck - unless the return adress is postmaster@anydomain or some-deamon@anydomain.

3) If the server receives several mails to random-non-existing-users@mydomain within a timeframe - just drop them. (Don't waste resources on bouncing or spam / virus check.)

4) This guide installs a spamfilter capable of learning what is and what is not spam. How to teach it? Which IMAP clients provide the user with a 'this is spam' button that teaches the server? (Most of them just teach a local filter on the clientside)

5) Why did the server start to drop all incomming mail (after spamcheck)after I ran ntpd? (Stoping ntpd didn't make it stop droping mail.)

Think that was all for now.

----------

## darkcoder

 *image wrote:*   

>  *Quote:*   "setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl -g" 
> 
> i think it would be better to do the following (also, the quotes were kinda messed up):
> 
> ```
> ...

 

After I do that, on the next step 

```
#setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl" -z
```

I got this 

```
cannot write to /var/spool/qmailscan/qmail-scanner-queue-version.txt - Permission denied at /var/qmail/bin/qmail-scanner-queue.pl line 1193.
```

----------

## darkcoder

Excellent guide.  Everything is working now.  But there are some steps that should be included / or modified.

1. the SOFTLIMIT_OPTS value in /var/qmail/control/conf-common must be increased to 10MB at least for this setup of f-prot/spamassassin or the qmail-scanner will fail with the error:  

```
X-Qmail-Scanner-1.16: cannot open  /var/spool/qmailscan/quarantine-attachments - No such file or directory

```

2.  the spamassassin options described on one of the first post, if use the options described in the guide, qmail-scanner will not find spamassassin.

But otherwise, excellent guide.

----------

## darkcoder

I have one question.  Qmail-scanner is filtering my mails, and send the emails infected back to the sender, which are received normally, but in addition also I got an email error from postmaster with this text:

```
Subject: failure notice

                                                                                

Hi. This is the qmail-send program at pop.mydomain.net.

I tried to deliver a bounce message to this address, but the bounce bounced!

                                                                                

<root@localhost.mydomain.net>:

Sorry, I couldn't find any host named localhost.mydomain.net. (#5.1.2)

```

The body is the same rejected notice that was send to the sender's email address.

Since I am receiving the notice on my sender's account, why I´m getting this error here?

----------

## darkcoder

There is safe to do a cron job that calls a script to erase contents of the subfolders under quarantine folder (the email copies only)?

----------

## Crymson

 *darkcoder wrote:*   

> There is safe to do a cron job that calls a script to erase contents of the subfolders under quarantine folder (the email copies only)?

 

Not sure what you mean here- if you mean Is there a safe way, then I would think so.  Set up a normal cron job to empty out that folder.  Depending on the permissions of the contents of that folder, the job may have to run as root, but I could be mistaken (don't have that problem myself)

Keep in mind though, whatever you erase, is gone for good.  Don't erase your inbox on accident!

----------

## darkcoder

No is not the inbox, its a place qmail-scanner use to store copies of the mails that it found infected.  So I think it should be a good idea to create a cron job to erase the contents of those folders, i.e.  the contents of /var/spool/qmailscan/quarantine/new that right now with my tests there are aprox. 15 emails stored.

----------

## darkcoder

I found something interesting.  Emails comming from the outside world are checked, but not emails going to the outside world.  While spamimng going outside is not an interest, viruses going out do are.

I changed the tcp.smtp rules for those:

```
# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

196.12.161.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                                                           

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay$:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

Do I need to change something else?

----------

## Tenser

I have read through the forums this time before deciding to post or pm anyone lol. And it seems no one has had this problem that i could find. Any access to either port 25, or the qmail-smtp program, Ie in a bash shell typing in qmail-smtp, or, telneting to port 25, gives me this error.

421 unable to read controls (#4.3.0). I started installing this setup 2 days ago, and i was able to recieve email before ever being able to login to get it. Now, I cant recieve email, but, i can login. 

That is the full error it gives me. 

```
bash-2.05b# telnet 192.168.1.254 25

Trying 192.168.1.254...

Connected to 192.168.1.254.

Escape character is '^]'.

421 unable to read controls (#4.3.0)

Connection closed by foreign host.

bash-2.05b#

```

Before I switched to gentoo I was runnign redhat 9 on my server with sendmail and there were no problems what so ever.. 

Nothing appears in /var/log/mail/current about what is going on

```

(12:03:36) Tenser Root: Jun 13 03:29:22 [imapd] LOGIN, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], protocol=IMAP

Jun 13 03:29:22 [imapd] LOGOUT, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], headers=0, body=0

Jun 13 03:34:55 [imapd] Connection, ip=[::ffff:127.0.0.1]

Jun 13 03:34:55 [imapd] LOGIN, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], protocol=IMAP

Jun 13 03:34:55 [imapd] LOGOUT, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], headers=0, body=0

Jun 13 03:40:30 [imapd] Connection, ip=[::ffff:127.0.0.1]

Jun 13 03:40:30 [imapd] LOGIN, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], protocol=IMAP

Jun 13 03:40:30 [imapd] LOGOUT, user=tenser@tenserq.net, ip=[::ffff:127.0.0.1], headers=0, body=0

Jun 13 03:45:57 [imapd] Connection, ip=[::ffff:127.0.0.1]

```

my /var/qmail/control/conf-smtpd looks like 

```
 

# Configuration file for qmail-smtpd

# $Header: /home/cvsroot/gentoo-x86/mail-mta/qmail/files/1.03-r13/conf-smtpd,v 1.1 2004/05/30 10:50:13 robbat2 Exp $

# Stuff to run before tcpserver

#QMAIL_TCPSERVER_PRE=""

# Stuff to run qmail-smtpd

#QMAIL_SMTP_PRE=""

# Stuff to after qmail-smtpd

QMAIL_SMTP_POST="mail.tenserq.net /var/vpopmail/bin/vchkpw /bin/true"

# this turns off the IDENT grab attempt on connecting

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

# You might want to use rblsmtpd with this, but you need to fill in a RBL server here first

# see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more details

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"

# If you are interested in providing POP or IMAP before SMTP type relaying,

# emerge relay-ctrl, then uncomment the next 2 lines

#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

# In /etc/courier-imap/authdaemonrc add the next line to the end:

#authmodulelist="${authmodulelist} relay-ctrl-allow"

# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}

# Add this at the end

#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"

# This next block is for SMTP-AUTH 

# This provides the LOGIN, PLAIN and CRAM-MD5 types

# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5

# and reads it's data from /etc/poppasswd

# see the manpage for cmd5checkpw for details on the passwords

# uncomment the next four lines to enable SMTP-AUTH

#QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

#[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"

#QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

```

/var/qmail/defaultdelivery looks like

```

# Uncomment the next line for .forward support

#|dot-forward .forward

./Maildir/

```

I dont know what else i could post..

[/code]

----------

## petterg

 *Tenser wrote:*   

> I have read through the forums this time before deciding to post or pm anyone lol. And it seems no one has had this problem that i could find. Any access to either port 25, or the qmail-smtp program, Ie in a bash shell typing in qmail-smtp, or, telneting to port 25, gives me this error.
> 
> 

 

Why are you posting IMAP parts of the log when SMTP is your problem? Is smtp running? Are you sure you did step 2 of the guide correctly?

I think I had the same error number first time I tried this. Then the problem was that it couldn't log into mysql. However I got the error when I was adding a domain / user. Never tried SMTP before it was fixed.

Did you use the qmail and vpopmail versions described in the guide? Vpopmail prior to this version uses a different format of vpopmail.conf. You could try the universal vpopmail.conf:

```
# Read-only DB

localhost|0|vpopmail|your_passwd|vpopmail

# Write DB

localhost|0|vpopmail|your_passwd|vpopmail

 

# Old style 

MYSQL_UPDATE_SERVER     localhost

MYSQL_UPDATE_USER       vpopmail

MYSQL_UPDATE_PASSWD     your_passwd

 

MYSQL_READ_SERVER       localhost

MYSQL_READ_USER         vpopmail

MYSQL_READ_PASSWD       your_passwd

```

If this doesn't help my next guess would be to check that /var/qmail/queue is correct. Run the queue-fix prosedure dexcribed somewhere earlier in this thread.

----------

## nepenthe

I am afraid I do not know the login for qmail admin... as well I am missing the command vadddomain

----------

## Tenser

Petterg, I used the same emerges as listed, I know it can log into mysql, It created the users and everything for it. They authenticate using mysql.  What i posted was the tail end of my mail log. It was just showing that there were no smtp connections or errors shown at all.

----------

## darkcoder

Anyone who got this project working had made some test sending outgoing email.

I only got filtered incoming email.  Even after making the changes specified in the qmail-scanner FAQ

 *Quote:*   

> Q-S doesn't work with Vpopmail Vpopmail - when used in its "pop-before-smtp" configuration - basically strips out environment variables set within the tcpserver SMTP rules file - specifically the QMAILQUEUE environment variable. As it is responsible for starting qmail-smtpd, that means Qmail-Scanner never gets called. This is really a bug with Vpopmail, but a workaround is to set QMAILQUEUE within /service/smtpd/run instead.

 

Anyone has tried relay-ctrl?

----------

## barefootcoder

I notice that earlier in this (long!) thread, someone else had the same problem I have.  From my /var/qmail/qmail-send/current (email address changed to protect the innocent):

```
@4000000040ce59aa106ea464 starting delivery 42: msg 1666458 to local xxx@yyy.net

@4000000040ce59aa106edb14 status: local 1/10 remote 0/20

@4000000040ce59aa125415d4 delivery 42: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/

```

However, I didn't see anywhere in the thread where someone reported the solution.  Any thoughts?

BTW, this was a fully working setup before a week ago.  The hard drive containing /var crapped out and some (but not all) files were lost.  To fix, I re-emerged qmail, courier, and vpopmail and tweaked configurations where necessary.  I think I've done everything as the original how-to suggests, although this ebuild is a newer version of courier (w/o separate directories for courier-imap, e.g.) and maybe a newer version of vpopmail, so I'm not entirely sure.  I did, as someone suggested, run the Maildir/.maildir fix script (the name of which escapes me now).  But I think if I could just fix this one qmail error, I'd be set.  (I can log in and see existing mail via IMAP, but new mail just sits in the queue and never gets delivered.)

----------

## Tenser

For some reason i thought that all mail related items would go in mail / current

Stupid me.

This is the log for /var/qmail/qmail-smtpd/current

Its been doing this for the last 30k or so of the file.

```
 

@4000000040cd427e17b47d34 qmail-smtpd: Unable to read controls!

@4000000040cd427e17bf23c4 tcpserver: end 11343 status 256

@4000000040cd427e17bf8954 tcpserver: status: 0/40

@4000000040cd508534433044 tcpserver: status: 1/40

@4000000040cd508534439da4 tcpserver: pid 29051 from 204.127.202.56

@4000000040cd508b2d991a74 tcpserver: ok 29051 :::ffff:192.168.1.254:25 sccrmhc12.comcast.net:::ffff:204.127.202.56::34655

@4000000040cd508b2df68484 qmail-smtpd: Unable to read controls!

@4000000040cd508b2e01754c tcpserver: end 29051 status 256

@4000000040cd508b2e019c5c tcpserver: status: 0/40

@4000000040cd559d0d9fadb4 tcpserver: status: 1/40

@4000000040cd559d0da02ab4 tcpserver: pid 2981 from 156.56.111.197

@4000000040cd55a403273294 tcpserver: ok 2981 :::ffff:192.168.1.254:25 smtp.gentoo.org:::ffff:156.56.111.197::40402

@4000000040cd55a40389d494 qmail-smtpd: Unable to read controls!

@4000000040cd55a403946b84 tcpserver: end 2981 status 256

@4000000040cd55a40394d114 tcpserver: status: 0/40

@4000000040cd9cd2266ab1a4 tcpserver: status: 1/40

@4000000040cd9cd2266ae46c tcpserver: pid 9497 from 156.56.111.197

@4000000040cd9cdb0aabf0f4 tcpserver: ok 9497 :::ffff:192.168.1.254:25 smtp.gentoo.org:::ffff:156.56.111.197::54451

@4000000040cd9cdb0d3497a4 qmail-smtpd: Unable to read controls!

@4000000040cd9cdb0d3ec51c tcpserver: end 9497 status 256

@4000000040cd9cdb0d3f2e94 tcpserver: status: 0/40

@4000000040cdd85f2e6835fc tcpserver: status: 0/40

@4000000040cdf11011b1da94 tcpserver: status: 1/40

@4000000040cdf11011b9588c tcpserver: pid 5180 from 156.56.111.197

@4000000040cdf115167e4b0c tcpserver: ok 5180 :::ffff:192.168.1.254:25 smtp.gentoo.org:::ffff:156.56.111.197::36744

@4000000040cdf115191dd134 qmail-smtpd: Unable to read controls!

@4000000040cdf115192b3acc tcpserver: end 5180 status 256

@4000000040cdf115192cd10c tcpserver: status: 0/40

@4000000040ce5212053bab14 tcpserver: status: 1/40

@4000000040ce5212053ecfc4 tcpserver: pid 30140 from 156.56.111.197

@4000000040ce5216197e15bc tcpserver: ok 30140 :::ffff:192.168.1.254:25 smtp.gentoo.org:::ffff:156.56.111.197::39449

@4000000040ce521619d9f92c qmail-smtpd: Unable to read controls!

@4000000040ce521619e4690c tcpserver: end 30140 status 256

@4000000040ce521619e48c34 tcpserver: status: 0/40

```

and before that for about 460k or so of the file it was doing

```

@4000000040ca527336324674 tcpserver: illegal option -- M

@4000000040ca52733632b3d4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52743802e7c4 tcpserver: illegal option -- M

@4000000040ca52743805b29c tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52753927d40c tcpserver: illegal option -- M

@4000000040ca5275392a5894 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52763b7c4774 tcpserver: illegal option -- M

@4000000040ca52763b7ed7b4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca5278027376dc tcpserver: illegal option -- M

@4000000040ca52780276071c tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527903bcbbd4 tcpserver: illegal option -- M

@4000000040ca527903bf2504 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527a0514878c tcpserver: illegal option -- M

@4000000040ca527a0517564c tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527b0665c394 tcpserver: illegal option -- M

@4000000040ca527b06684fec tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527c07edc324 tcpserver: illegal option -- M

@4000000040ca527c07f01cb4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527d08fa4d3c tcpserver: illegal option -- M

@4000000040ca527d08fcb66c tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527e0a9e25b4 tcpserver: illegal option -- M

@4000000040ca527e0aa09e84 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca527f0bde9cc4 tcpserver: illegal option -- M

@4000000040ca527f0be109dc tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52800cc9bc2c tcpserver: illegal option -- M

@4000000040ca52800ccc3ccc tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52810e1af44c tcpserver: illegal option -- M

@4000000040ca52810e1d80a4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca52820f78328c tcpserver: illegal option -- M

@4000000040ca52820f7b99a4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca5283116b117c tcpserver: illegal option -- M

@4000000040ca5283116d28a4 tcpserver: usage: tcpserver [ -461UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] [ -I interface ] host port program

@4000000040ca528412199544 tcpserver: illegal option -- M

```

Still dont know what is going on...

Any help is appreciated..

----------

## darkcoder

 *barefootcoder wrote:*   

> this was a fully working setup before a week ago

 

Can be a problem with the qmail-queue.  In order to qmail be able to work, it needs qmail-queue-fix , and probably the changes it performs were also lost.   AFAIK qmail-queue-fix is applied before qmail installation  My suggestion is to unmerge qmail, and qmail-queue, and re-emerge them again (with emerge qmail).   I see a post before that running the qmail-queue-fix script fix it, but it doesn't work for me, so I decided to start over, and then it works.

----------

## petterg

 *barefootcoder wrote:*   

> 
> 
> ```
> @4000000040ce59aa106ea464 starting delivery 42: msg 1666458 to local xxx@yyy.net
> 
> ...

 

I would try to reemerge qmail-scanner and run the queue-fix as described somewhere else in this thread.

----------

## petterg

 *Tenser wrote:*   

> For some reason i thought that all mail related items would go in mail / current
> 
> Stupid me.
> 
> This is the log for /var/qmail/qmail-smtpd/current
> ...

 

Clear out the log files, restart svscan. Get a mail. If the tcpserver usage errors apare again you should check if you acedently did some mistakes when setting the tcp options for smtp.

----------

## glawe

I followed the howto, but i have some problem.. now when i try to telnet to port 25 i get the following error:

```

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

421 unable to read controls (#4.3.0)

Connection closed by foreign host.

```

anyone have any idea ?

/Glawe

----------

## davec333

I've tried to follow this among the actual Gentoo walk through and I keep ending up with this error:

^[[A^[[Alocalhost control # vadddomain theseventhsun.net

Please enter password for postmaster:

enter password again:

vmysql: sql error[c]: MySQL server has gone away

vmysql: sql error[b]: MySQL server has gone away

vmysql: sql error[3]: MySQL server has gone away

could not create limits table CREATE TABLE limits ( domain CHAR(64) PRIMARY KEY,       maxpopaccounts           INT(10) NOT NULL DEFAULT -1,       maxaliases               INT(10) NOT NULL DEFAULT -1,       maxforwards              INT(10) NOT NULL DEFAULT -1,       maxautoresponders        INT(10) NOT NULL DEFAULT -1,       maxmailinglists          INT(10) NOT NULL DEFAULT -1,       diskquota                INT(12) NOT NULL DEFAULT 0,       maxmsgcount              INT(12) NOT NULL DEFAULT 0,       defaultquota             INT(12) NOT NULL DEFAULT 0,       defaultmaxmsgcount       INT(12) NOT NULL DEFAULT 0,       disable_pop              TINYINT(1) NOT NULL DEFAULT 0,       disable_imap             TINYINT(1) NOT NULL DEFAULT 0,       disable_dialup           TINYINT(1) NOT NULL DEFAULT 0,       disable_passwordchanging TINYINT(1) NOT NULL DEFAULT 0,       disable_webmail          TINYINT(1) NOT NULL DEFAULT 0,       disable_relay            TINYINT(1) NOT NULL DEFAULT 0,       disable_smtp             TINYINT(1) NOT NULL DEFAULT 0,       perm_account             TINYINT(2) NOT NULL DEFAULT 0,       perm_alias               TINYINT(2) NOT NULL DEFAULT 0,       perm_forward             TINYINT(2) NOT NULL DEFAULT 0,       perm_autoresponder       TINYINT(2) NOT NULL DEFAULT 0,       perm_maillist            TINYINT(4) NOT NULL DEFAULT 0,       perm_quota               TINYINT(2) NOT NULL DEFAULT 0,       perm_defaultquota        TINYINT(2) NOT NULL DEFAULT 0 )

vmysql: sql error[p]: MySQL server has gone away

Error: (vadduser) can't read domain limits

localhost control #

YES I can do mysql -u vpopmail -p vpopmail

and i can log in, i checked vpopmail.conf and it has the right uname and pword...any help directed on this forum or to my IM would be greatly appreciated....I'd possibly worship the ground you walked on...Thanks

AIM: TDPDaveC

Email: davec@theseventhsun.net

Thanks...

Dave

----------

## ryker

 *davec333 wrote:*   

> I've tried ...

 

Are you sure you are using the correct format for /etc/vpopmail.conf?  The format is different from the official howto.  It should look like the following for the latest version of vpopmail:

```
localhost|0|vpopmail|vpopmailpassword|vpopmail

# Write DB

localhost|0|vpopmail|vpopmailpassword|vpopmail

```

----------

## ryker

Sorry about the above post.  I haven't checked this thread in a while.  I just noticed petterg already suggested checking /etc/vpopmail.conf.

On another note... 

Just a thought here.  The latest qmail-scanner says to use the wrapper 'qmail-scanner-queue' and not 'qmail-scanner-queue.pl'

Shouldn't tcp.smtp use:

```
# Qmail-Scanner disabled for mail from localhost, relay allowed 

127.0.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"                                                                                

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed 

196.12.161.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"
```

and not

```
# Qmail-Scanner disabled for mail from localhost, relay allowed 

127.0.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed 

196.12.161.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

?

I've tried both and they seem to both work.

----------

## petterg

 *davec333 wrote:*   

> [...]
> 
> YES I can do mysql -u vpopmail -p vpopmail
> 
> and i can log in, i checked vpopmail.conf and it has the right uname and pword...
> ...

 

I'm quite sure you have some kind of a bug with vpopmail.conf. Did you try using the vpopmail.conf that I posted earlier? (The one that is compatible with both the new and the older versions of qmail/vpopmail/courier? (Which versions of those programs did you install?)

For further help please post your vpopmail.conf

----------

## darkcoder

 *sabrex wrote:*   

> 3) install vpopmail
> 
> ```
> > emerge /usr/portage/net-mail/vpopmail/vpopmail-5.4.0.ebuild
> 
> ...

 

This is a real problem, vpopmail 5.4 has disabled roaming users, and do not use the tcp rules explained in this faq.  That's why I'm having problems with emails not filtered.  Now the question is:

Anyone knows how to configure relay-ctrl?

----------

## ryker

I keep getting this message sent my root account from the cron daemon.

```
replace SIGN.ASC? [y]es, [n]o, [A]ll, [N]one, [r]ename:  NULL

(assuming [N]one)

Error trying to unzip: fp-def.zip.

Make sure unzip is installed and it's location is within your PATH variable

Fatal error.   Exiting...
```

I have unzip 5.50 installed and it's in the sym is in /usr/bin.  I can call from anywhere at the command line just fine.  Not sure what to do.

Any ideas?

----------

## darkcoder

I think probably that was due to fetch errors since the job is done hourly and I got one error every 3-5 days.  Just in case, I check manually if f-prot was up to date with:

```
 /opt/f-prot/check-updates.pl

***************************************

* F-Prot Antivirus Updater            *

***************************************

Nothing to be done...

```

 and as you see, it is up to date.  :Very Happy: 

----------

## ryker

 *darkcoder wrote:*   

> I think probably that was due to fetch errors since the job is done hourly and I got one error every 3-5 days.  Just in case, I check manually if f-prot was up to date with:
> 
> ```
>  /opt/f-prot/check-updates.pl
> 
> ...

 

I think you're right.  I checked manually with check-updates.pl as well.  Nothing to be done.

Thanks.

----------

## thoughtform

ebuild /var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild config

returns error:

!!! doebuild: /var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild not found for config

help?

----------

## cdunham

This may be obvious to some, and not others, but these are a couple of problems I ran into following this excellent HOWTO. Perhaps my workarounds are not correct, but they worked.

First, I wasn't able to log into qmailadmin for the life of me. Finally fixed it by creating an initial domain, which also creates it's 'postmaster' user (was this supposed to have been done somewhere else?):

```
/var/vpopmail/bin/vadddomain example.com
```

Also, I wasn't able to log into POP3 or IMAP, because I was using a bare username, not username@domain.com . Duh.

I was clearly not thinking in a vhost way. Hope this helps others...

----------

## ryker

I've never had any luck getting Spam Assassin to work using this how to.  I know you are supposed to emerge qmail-scanner afer f-prot and spam assassin, so qmail-scanner will pick them up and use them.  For some reason, qmail-scanner is ignoring spam assassin.  When I emerge qmail-scanner I get the following message:

```
Something like the SpamAssassin spamc is present, but is not capable of

detecting a serious piece of spam (didn't include a "X-Spam-Status: Yes"

line in output) - ignoring...

```

f-prot works fine.  I can see mail is scanned by f-prot by looking at the mail header.  But there's nothing in the header about spam asssassin.

Anyone have any ideas?

----------

## ryker

anyone?

----------

## cdunham

I know I ran into the same thing, but I can't remember what it was that fixed it. I do know that it was just a matter of the correct configuration for spamassasin, then emerging qmail-scanner again. It may be that you need to double-check the steps there, like

```
SPAMD_OPTS="-v -u vpopmail --siteconfigpath=/etc/mail/spamassassin/local.cf"
```

in /etc/spamd.conf

Sorry that's not too specific...

----------

## flashingcurser

1.  I can create accounts with vadduser -- except for the accounts to actualy work I have to ln -s .maildir with Maildir -- anyone found a way around this?

2.  Recieving email works -- Ya!

3.  QmailAdmin works except you cannot create accouts because you have to   work around in #1

4.  Cannot send emails--In outlook exspress I get the error 

```
The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '????dan@sbcglobal.net'. Subject 'asdf', Account: '????.????.org', Server: '192.168.2.254', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79
```

(Names have been changed to protect the guilty)

I have somewhat narrowed the problem down and maybe some of you can help me from here. 

If I put sbcglobal.net in the /var/qmail/control/rcpthosts it sends just fine

Before someone asks--

```
# Qmail-Scanner disabled for mail from 127.0.0.1

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

# Qmail-Scanner enabled (virus only) for mail from local network

192.168.2.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.2:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.3:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.4:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.5:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.6:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

# Qmail-Scanner enabled (virus and spam) for mail from external internet

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

Any thoughts guys?

Thanks[/b]

----------

## rjreb

I've tried to search this but didn't find anything. Is anyone else having problems where people try to check their email via POP and get as far as (for example) downloading 3 of 20 messages and it just stops. If they turn off their email scanner (seems to be a Nortons issue) running locally it will then download okay. I've tried to convince them it's not necessary to run an email scanner locally but that's unacceptable for a few. Is there something in the headers that Nortons doesn't like?

----------

## xkb

Hi, since my last upgrade to ~86 qmail-scanner and vpopmail the cronjob of qmail-scanner fails:

```

cannot write to /var/spool/qmailscan/qmail-scanner-queue-version.txt.tmp - Permission denied at /var/qmail/bin/qmail-scanner-queue.pl line 1589.

```

Problem seems to be incorrect permissions on the qmail-scanner /var/spool dir. Anyone else having this problem? How did you solve it?

----------

## ryker

 *xkb wrote:*   

> Hi, since my last upgrade to ~86 qmail-scanner and vpopmail the cronjob of qmail-scanner fails:...

 

I had the same problem.  The problem was permissions for qmail-scanner.  Did you follow the part of the howto below: 

```
Please log into the "qmaild" account  and run 

/var/qmail/bin/qmail-scanner-queue.pl -g 

  

If you see the error "Can't do setuid", or "Permission denied", then 

refer to the FAQ. 

  

(e.g.  "setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl -g" 

or "su qmaild -c "/var/qmail/bin/qmail-scanner-queue.pl -g") 

```

----------

## ryker

 *flashingcurser wrote:*   

> 1.  I can create accounts with vadduser -- except for the accounts to actualy work I have to ln -s .maildir with Maildir

 The only way I could get maildir to work properly for me was to put "maildir -mbox" in my use flags.  Maybe try putting those in your use flags and re-emerge qmail and vpopmail.

Not sure about your other problem.

----------

## Tilly

Hey

I am having the smae problem.

```
The SMTP server returned an error. Subject 'asdf', Account: '192.168.1.100', Server: '192.168.1.100', Protocol: SMTP, Server Response: 'Permission denied', Port: 25, Secure(SSL): No, Error Number: 0x800CCC60
```

I followed all the things that i should do to solve the problem but it doesnt work. And what FAQ do i look at.

Tilly

----------

## petterg

 *flashingcurser wrote:*   

> 1.  I can create accounts with vadduser -- except for the accounts to actualy work I have to ln -s .maildir with Maildir -- anyone found a way around this?
> 
> 

 

Make sure you have the correct use flags in /etc/make.conf. (maildir, mbox, ...)

Also make sure you emerged the correct versions of the packages used by this guide. Older pakkages has problems with maildir.

 *flashingcurser wrote:*   

> 
> 
> 4.  Cannot send emails--In outlook exspress I get the error 
> 
> ```
> ...

 

You got a lot of local ip adresses in your /etc/tcp.smtp. Are your sure the pc you're sending from is included among them? Did you run the tcp rules update after updating the file?

----------

## petterg

 *rjreb wrote:*   

> I've tried to search this but didn't find anything. Is anyone else having problems where people try to check their email via POP and get as far as (for example) downloading 3 of 20 messages and it just stops. If they turn off their email scanner (seems to be a Nortons issue) running locally it will then download okay. I've tried to convince them it's not necessary to run an email scanner locally but that's unacceptable for a few. Is there something in the headers that Nortons doesn't like?

 

I haven't had that problem with the qmail/courier server, but had something similar with an other mailserver. Disabeling local virus check is probably not a good idea as e-mail is only one of many way a virus comes.

----------

## petterg

 *Tilly wrote:*   

> Hey
> 
> I am having the smae problem.
> 
> ```
> ...

 

Is the computer your sending mail from included in the /ect/tcp.smtp ?

Try to switch on or off (depending on current state) SSL in your client.

----------

## Tilly

Hey

That is the error i get when i try to send mail with qmail-scanner enabled in tcp.smtp. When i have it disabled, I can send email just fine.

Tilly

----------

## petterg

 *Tilly wrote:*   

> Hey
> 
> That is the error i get when i try to send mail with qmail-scanner enabled in tcp.smtp. When i have it disabled, I can send email just fine.
> 
> Tilly

 

Try to reemerge qmail-scanner. The reconfigure it like the howto say.

----------

## maxulanhot

well , it is a wonderful guide.

But I'm wondering how to use mutt to read/send mail?

Anybody has idea?

----------

## Tilly

Hey

I remerged qmail-scanner. And i stil lget the cant do setuid. WTF is up this. And what FAQ is the guy refering to in the tutorial. Am i missing a perl module. 

Tilly

----------

## maxulanhot

faint!

The qmail-scanner didn't work .

I got the error of log:

```

 cannot open /var/spool/qmailscan/qmail-scanner-queue-version.txt - did you initialise the system by running "qmail-scanner-queue.pl -z"? - Permission denied

```

```

root qmailscan # ls -la

total 64

drwxr-xr-x  6 qmaild nofiles   416 Jul 10 17:41 ./

drwxr-xr-x  8 root   root      232 Jul 10 17:39 ../

-rw-r--r--  1 qmaild nofiles     0 Jul 10 17:39 .keep

drwxr-xr-x  5 qmaild nofiles   120 Jul 10 17:39 archive/

-rw-------  1 qmaild nofiles   635 Jul 10 17:39 qmail-queue.log

-rw-rw----  1 qmaild root       23 Jul 10 17:39 qmail-scanner-queue-version.txt

drwxr-xr-x  5 qmaild nofiles   120 Jul 10 17:39 quarantine/

-rw-r-----  1 qmaild nofiles 49152 Jul 10 17:41 quarantine-attachments.db

-rw-r--r--  1 qmaild nofiles  4279 Jul 10 17:39 quarantine-attachments.txt

-rw-r--r--  1 qmaild nofiles     0 Jul 10 17:39 quarantine.log

drwxr-xr-x  2 qmaild nofiles    72 Jul 10 17:39 tmp/

lrwxrwxrwx  1 root   root       14 Jul 10 17:39 viruses.log -> quarantine.log

drwxr-xr-x  5 qmaild nofiles   120 Jul 10 17:39 working/

```

Did above correctly?

----------

## Tilly

Hey

What version of qmail scanner are you running.

Tilly

----------

## ryker

Looks like your permissions are messed up maxulanhot.

Mine are:

```
drwxr-xr-x  6 qscand qscand      448 Jul 10 03:12 .

drwxr-xr-x  8 root   root        224 Jun 18 18:07 ..

-rw-r--r--  1 root   root          0 Jul  5 23:54 .keep

drwxr-xr-x  5 qscand qscand      120 May 24 23:35 archive

-rw-------  1 qscand nofiles   53710 Jul  8 23:21 mailstats.csv

-rw-------  1 qscand qscand  1079598 Jul 10 03:12 qmail-queue.log

-rw-------  1 qscand root         43 Jul 10 03:12 qmail-scanner-queue-version.txt

drwxr-xr-x  5 qscand qscand      120 May 24 23:35 quarantine

-rw-r-----  1 qscand qscand    49152 Jul  6 00:10 quarantine-attachments.db

-rw-r--r--  1 qscand qscand     4279 Jul  5 23:54 quarantine-attachments.txt

-rw-r--r--  1 qscand qscand        0 Jul 10 13:20 quarantine.log

drwx------  2 qscand qscand       48 Jul  9 03:11 tmp

lrwxrwxrwx  1 root   root         14 Jul  5 23:54 viruses.log -> quarantine.log

drwxr-xr-x  5 qscand qscand      120 May 24 23:35 working
```

my version of qmail-scanner is 1.20

----------

## petterg

 *Tilly wrote:*   

> Hey
> 
> I remerged qmail-scanner. And i stil lget the cant do setuid. WTF is up this. And what FAQ is the guy refering to in the tutorial. Am i missing a perl module. 
> 
> Tilly

 

You have quite a few options to run stuff as the qmail user. The easiest for you might be to edit /etc/passwd. Make a backup of it before you edit! Goto the line with the username you want to run as (qmail). Replace /bin/false with /bin/bash. Save, exit.

Then run "su qmail"

Run the script

exit

restore /etc/passwd from the backup.

----------

## petterg

 *maxulanhot wrote:*   

> faint!
> 
> The qmail-scanner didn't work .
> 
> I got the error of log:
> ...

 

Well, did you initialise the system by running "qmail-scanner-queue.pl -z"?

----------

## capitanjackal

I'have a little question about spamassassin:

If I use default options it works (SPAMD_OPTS="-a -c"), but if I change the /etc/conf.d/spamd in:

SPAMD_OPTS="-a -v -x -u vpopmail -C /var/vpopmail/.spamassassin/local.cf"

It gives 0 points to all email.

any idea ?

thanks 

Giacomo

----------

## ryker

 *capitanjackal wrote:*   

> I'have a little question about spamassassin:
> 
> If I use default options it works (SPAMD_OPTS="-a -c"), but if I change the /etc/conf.d/spamd in:
> 
> SPAMD_OPTS="-a -v -x -u vpopmail -C /var/vpopmail/.spamassassin/local.cf"
> ...

 

I had a hard time getting it to work too.  Try:

```
SPAMD_OPTS="-v -u vpopmail --siteconfigpath=/etc/mail/spamassassin/local.cf"
```

----------

## Benji-Boy

Dear SaberX,

This is my first post!

I have not had to ask a question so far having converted from Win XP because of this forum.

Thanks for the great tutorial so far.

I am running an email server to collect legitimate and spam emails for research i am doing at uni.

One little problem i have had so far:

step 4) last line

```

bash-2.05b# /etc/init.d/courier-imapd start

 * Starting authdaemond.plain...                                          [ ok ]

 * Starting courier-imapd...                                              [ ok ]

bash-2.05b# /etc/init.d/courier-pop3d start

 * Starting courier-pop3d...

bind: Address already in use

ll_daemon_start: Resource temporarily unavailable                         [ !! ]

```

any ideas? I believe others have the same problem...

Gentoo has the best forums!

Thanks for all being so helpful and patient.

----------

## Benji-Boy

Just one other thing:

mutt

which package do i emerge it from?

I assume it is a command line exe but I haven't installed it yet.

Cheers,

Benji-Boy

----------

## Benji-Boy

Ok so the first part of the last post was really dumb   :Embarassed: 

emerge mutt  :Wink: 

Next (silly) question what are the config steps, where does one pont mutt to the maildirectory/database?

 *nepenthe wrote:*   

> I am afraid I do not know the login for qmail admin... as well I am missing the command vadddomain

 

I've read about vadddomain and vadduser being used to creat accounts but I wanted to point out these commands are not in /usr/bin THE ARE located in.

```
 /var/vpopmail/bin
```

or alterntively

```
 source /etc/profile 
```

Also on a security note:

I want to get all email passed through on this server as it is for research purposes and I don't want any spamassassination or virus filtering on incoming mail, ( it is part of the solution that we're working on). 

However as i am not suicidal either  :Cool:  are their any recommendations of virus software & installation that i should have running to protect the rest of the system from the nasty emails?

Thanks Guys.[/code]

----------

## xkb

Hi,

I dug up a new problem. After getting a working mailsystem by following the HOWTO, I wanted to filter spam-tagged mail automatically server based. I choose Maildrop for it as it got installed allready with qmail-scanner.

I'm not having any luck though. I searched google where someone stated I should run makeuserdb and vchkpw2userdb. I did.

I created a .qmail file in the users virtual home dir under /var/vpopmail/domains/mydomain.net/user/.qmail

It contains:

|/usr/bin/maildrop

the users virtual dir contains a .mailfilter file thats vpopmail:vpopmail 600

So far so good. However maildrop keeps complaining about the following:

```

@4000000040f4e7743248a864 delivery 95: deferral: /usr/bin/maildrop:_Invalid_home_directory_permissions_-_world_writable./

```

Whereas the virtual homedir of the user is:

```

cp15766-b user # ls -l /var/vpopmail/domains/mydomain.net/

total 1

drwx------  3 vpopmail vpopmail 136 Jul 14 10:00 user

```

Any clues how to solve this?

----------

## ievil

Everything (!?!?!?) works perfectly when my server is delivering mail...

But when I try to collect it through imap or pop3 I get some strange behavior.  

```
Jul 15 13:39:23 trance imapd: Connection, ip=[::ffff:1.2.3.4]

Jul 15 13:39:23 trance imapd: LOGIN: DEBUG: ip=[::ffff:1.2.3.4], command=CAPABILITY

Jul 15 13:39:23 trance imapd: LOGIN: DEBUG: ip=[::ffff:1.2.3.4], command=LOGIN

Jul 15 13:39:23 trance imapd: LOGIN: DEBUG: ip=[::ffff:1.2.3.4], username=arnvid@mydomain.com

Jul 15 13:39:23 trance imapd: LOGIN: DEBUG: ip=[::ffff:1.2.3.4], password=mypass

Jul 15 13:39:28 trance imapd: LOGIN FAILED, ip=[::ffff:1.2.3.4]

Jul 15 13:39:28 trance imapd: LOGIN: DEBUG: ip=[::ffff:1.2.3.4], command=LOGOUT

Jul 15 13:39:28 trance imapd: LOGOUT, ip=[::ffff:1.2.3.4]
```

Not really to much information here at all  :Sad: 

[/code]

----------

## flashingcurser

Well with hours of screwing aroung with no real direction hehe -- I have managed to get the thing to SEND mail. 

Now the problem is recieving mail--I get no errors sending to my address (from yahoo) and get no errors recieving in outlook -- The mail disapears, poof lol

Can anyone point me in the right direction?

Oh by the way maildir was in use flags--re-emerged with ~x86 and I still have the same problem -- anyone using a bash script that will automate the symlinks?

----------

## flashingcurser

Oh and one more thing--- the only thing that seemed to make any difference is when I started messing with the files in:

/etc/tcprules.d

Can anyone with a working set up check the files in there and tell me what you have set up in there? there are several .cdb files in there

----------

## karoto

Guyz ... great tutors but i have a seriously problem over there  :Sad: 

i am at the step of qmail-scanner installation and look what i get

```

root@patataki / # id

uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)

```

```

root@patataki / # emerge qmail-scanner

Calculating dependencies ...done!

>>> emerge (1 of 1) net-mail/qmail-scanner-1.16-r2 to /

>>> md5 src_uri ;-) qmail-scanner-1.16.tgz

>>> Unpacking source...

>>> Unpacking qmail-scanner-1.16.tgz to /var/tmp/portage/qmail-scanner-1.16-r2/work

 * Replacing obsolete head/tail with POSIX compliant ones

>>> Source unpacked.

Building Qmail-Scanner 1.16...

Sorry, but this must be run as root, as several operations require - well

root access :-)

yes: standard output: Broken pipe

yes: write error

!!! ERROR: net-mail/qmail-scanner-1.16-r2 failed.

!!! Function src_compile, Line 39, Exitcode 1

!!! ./configure failed!

```

How about that? i have already search all the forums about this , no answer..i wonder if is there a solution couse i wanna complete this tutorial  :Sad: 

----------

## karoto

Nevermind guyz i found it..

i had the userpriv enabled at /etc/make.conf

so that's why it didn't compile it as root..

----------

## Gweniviere

Hello   :Smile: 

First let me begin by thanking everyone that has contributed to this HOWTO. It has been immeasurably helpful to me.

Now, onto my problem. I had a  qmail/vpopmail/qmailscanner/qmailadmin setup that was working just wonderfully. It was up and running for over a month. However, due to a power outage I had to down the server this morning. When the server came back up, no one was able to authenticate and recieve mail.

The only message that is out of the ordinary is this...

```

Jul 19 17:25:52 topflite pop3d-ssl: Connection, ip=[1.2.3.4]

Jul 19 17:25:57 topflite pop3d-ssl: LOGIN FAILED, ip=[1.2.3.4]

Jul 19 17:25:57 topflite pop3d-ssl: Disconnected, ip=[1.2.3.4]

```

I've been fiddling with config files all day and this is what I discovered. If I have the old style username/password information in the /etc/vpopmail.conf file 

```

#####################  OLD VERSION  #####################

MYSQL_UPDATE_SERVER      localhost

MYSQL_UPDATE_USER      vpopmail

MYSQL_UPDATE_PASSWD      secret

MYSQL_READ_SERVER      localhost

MYSQL_READ_USER         vpopmail

MYSQL_READ_PASSWD      secret

```

then people are able to authenticate and pickup mail. This is great except that all mail that is delivered while the file is in this format get's lost somewhere and is never delivered.

Now if the /etc/vpopmail.conf file is in the 'new style' 

```

#####################  NEW VERSION  #####################

# Read DB

localhost|0|vpopmail|secret|vpopmail

# Write DB

localhost|0|vpopmail|secret|vpopmail

```

people are unable to pickup their mail, however it is delivered to the /var/vpopmail/domain/mydomail/gwen/.maildir/new with no problems but the authentication error comes back when people to get their email.

I should also note that is seems as if spamd is working correctly in either case..

```

Jul 19 17:37:30 topflite spamd[13565]: connection from localhost [127.0.0.1] at port 33792

Jul 19 17:37:30 topflite spamd[18836]: checking message <q5OC108$5OCbuwyNn3w-Uz9UzC@dpe.ImANaughtySpammer.com> for qmailq:89.

Jul 19 17:37:31 topflite spamd[18836]: identified spam (8.2/5.0) for qmailq:89 in 1.2 seconds, 6733 bytes.

```

It would seem to me that different portions of the system are at differing versions and this is what causes the strange behaviour with the logging into mysql. That's just my guess. Does anyone have any idea what I might do to fix this?

Thanks in advance for any assistance.

Gwen

p.s. I don't know why I protected the identity of that spammer. Oh well.

----------

## flashingcurser

Is "secret" really your password to the database, or has it been changed?

----------

## Gweniviere

 *flashingcurser wrote:*   

> Is "secret" really your password to the database, or has it been changed?

 

It's been changed.

Gwen

----------

## Gweniviere

Ok, after playing around with it more and turning on the debug messages  I am now getting this type of error...

```

Jul 20 00:34:01 grip pop3d-ssl: Connection, ip=[192.168.0.69]

Jul 20 00:34:01 grip pop3d-ssl: LOGIN: DEBUG: ip=[192.168.0.69], command=USER

Jul 20 00:34:01 grip pop3d-ssl: LOGIN: DEBUG: ip=[192.168.0.69], command=PASS

Jul 20 00:34:01 grip pop3d-ssl: LOGIN: DEBUG: ip=[192.168.0.69], username=cindy@mydomain.com

Jul 20 00:34:01 grip pop3d-ssl: LOGIN: DEBUG: ip=[192.168.0.69], password=cindy

Jul 20 00:34:01 grip pop3d-ssl: could not connect to mysql update server Access denied for user: 'root@localhost' (Using password: YES) with database

Jul 20 00:34:01 grip pop3d-ssl: could not connect to mysql update server Access denied for user: 'root@localhost' (Using password: YES)

Jul 20 00:34:06 grip pop3d-ssl: LOGIN FAILED, ip=[192.168.0.69]

```

The username/password pair that is displayed in the log are a correct set. (And yes, the password and user name have been changed to protect the innocent  :Smile:  )

I have no idea where it is picking up root as the login id. Should it not be  vpopmail as the user id? That is what is in the /etc/vpopmail.conf file. It's also linked at /var/vpopmail/etc/vpopmail.mysql

Gwen

----------

## sdalberg

 *Quote:*   

> Ok, after playing around with it more and turning on the debug messages I am now getting this type of error... 
> 
> Code: 
> 
> Jul 20 00:34:01 grip pop3d-ssl: Connection, ip=[192.168.0.69] 
> ...

 

Gwen, not just you, I'm having the same problem...  Where is it getting root@localhost from?  My guess is that this isn't liking the new format of the /etc/vpopmail.conf

```

Jul 20 10:34:58 duff pop3d: Connection, ip=[67.171.42.213]

Jul 20 10:34:58 duff pop3d: could not connect to mysql update server Access denied for user: 'root@localhost' (Using password: YES) with database

Jul 20 10:34:58 duff pop3d: could not connect to mysql update server Access denied for user: 'root@localhost' (Using password: YES)

Jul 20 10:35:03 duff pop3d: LOGIN FAILED, ip=[67.171.42.213]

```

imapd fails similarly...

----------

## Gweniviere

Well, I'm sorry to report that I was not able to resolve the problem with the root user being used to log into the mysql database. 

Instead I shut down the courier and svscan services. Then I removed and reinstalled the qmail, daemontools, ucspi-tcp, courier-imap, qmailscanner and vpopmail packages. I removed the /etc/vpopmail.conf and /etc/tcp.* files. I made a copy of the /var/vpopmail/domains/mydomain.com directory and then removed the /var/qmail and /var/vpopmail directories.

I left the spam, virus, qmailadmin and squirrelmail packages installed.

I then generated new certificates, edited the misc /var/qmail/control and /etc/tcp.* files, ran the qmailscanner script and recreated my domain with vadddomain. Finally I recreated my users with vadduser (by the way adding the domain and users produced errors as they were already in the mysql database) and copied the mydomain.com directory back to /var/vpopmail/domains and started up the the services again and low and behold the system behaved properly. Whew! I was pretty happy about that!  :Very Happy:  The entire process took about an hour.

I'd be interested to know if the problem and solution is uncovered to this little gotcha. Anyways, good luck with your setup.

Gwen

----------

## ryker

Gwen,

Have you rebooted your newly installed mail server?  Hopefully you don't have the same problem.

----------

## Gweniviere

Oh I most certainly did. Twice, just to make sure. I sure do not want a repeat of this episode.

Gwen

----------

## petterg

 *Gweniviere wrote:*   

> 
> 
> ```
> 
> #####################  OLD VERSION  #####################
> ...

 

Use them both! (As I've posted 2-3 times earlier in this thread.) In some cases you need to make it:

```

#####################  NEW VERSION #####################

# Read DB

localhost|0|vpopmail|secret|vpopmail

# Write DB

localhost|0|vpopmail|secret|vpopmail

#####################  OLD VERSION #####################

MYSQL_UPDATE_SERVER      localhost

MYSQL_UPDATE_USER      vpopmail

MYSQL_UPDATE_PASSWD      secret

MYSQL_READ_SERVER      localhost

MYSQL_READ_USER         vpopmail

MYSQL_READ_PASSWD      secret

```

----------

## Gweniviere

 *petterg wrote:*   

> 
> 
> Use them both! (As I've posted 2-3 times earlier in this thread.) In some cases you need to make it:
> 
> 

 

I tried that. It did not work for me.   :Sad: 

Gwen

----------

## petterg

 *Gweniviere wrote:*   

>  *petterg wrote:*   
> 
> Use them both! (As I've posted 2-3 times earlier in this thread.) In some cases you need to make it:
> 
>  
> ...

 

If you set the mysql password for root to be the same as for vpopmail, does it log in?

----------

## Skubidoo

I have a question, when I try to establish a pop3 connection it won't let me in.

the log says:

[pop3d] vmysql: can't read settings from /home/vpopmail/etc/vpopmail.mysql

what does this error mean? Access rights to that file seem to be alright.

----------

## Skubidoo

Ok, I can receive and send email using my account on the host machine (with default user login and mutt). But it won't let me login using Outlook, smtp authentication and pop authentication don't work (which is everything that requires a password).  I really tried hard, but I don't see the problem  :Sad: .

By the way:

printf "postmaster@wh0rd.org\0postpass\0blah\0" | vchkpw `which id` 3<&0

returns nothing!

```

Jul 25 15:56:36 [imapd-ssl] Connection, ip=[127.0.0.1]

Jul 25 15:56:51 [imapd-ssl] LOGIN FAILED, ip=[127.0.0.1]

Jul 25 15:56:53 [imapd-ssl] Unexpected SSL connection shutdown.

```

the same happens with pop3d-ssl

I did set the authmodulelist to authvchkpw. The passwords I use ARE be correct.

update

problem resolved after reemerging everything with the right USE flags set.

NOW.... everything works, except that I can't download the emails from outside, they stay on the server. What has to be done to do it?

Thx.

----------

## petterg

 *Skubidoo wrote:*   

> NOW.... everything works, except that I can't download the emails from outside, they stay on the server. What has to be done to do it?
> 
> 

 

Good thing you solved the first problem while discussing with yourself on the forum :)

Most mail clients (outlook in your case) have a setting if it should leave messages on server. Look around the account settings. I think it's called "leave mail on server" when you're using pop and "download mailbody on check" if you're using imap. (I don't have access to outlook at the moment)

----------

## Skubidoo

Hehe, yes, I was talking to myself   :Very Happy:  .

My problem is really nasty, the mails don't get saved in the /home/vpopmail/users/domain.tld/user/cur/.maildir....

but in the user's folder in the home directory instead, like /home/user, the user which you would add using useradd instead of the user added with vadduser (but if i create such a folder there they will be saved in it but obviously not obtained from it).

Now all the incoming mails are ending up in the queue (that's why I thought sending would work), or when forwarding switched on, I get a reply message that such a user wouldn't exist. Of course I can't download anything if it's not in the user's maildir. I've seen some posts concerning this issue in the gentoo forums, but no solution which would have worked for me. 

When I use mutt it will ask me whether I want to create a '/home/user//.maildir'

It looks like if there's something that might possibly not work under any kind of unliekely conditions, then you can tell that for me it certainly won't.   :Embarassed: 

----------

## ryker

Skubidoo

I had similiar problems with vpopmail getting confused between the local user accounts and virtual ones.  It was because I had a virtual domain with the same name as my machine.  Everything worked fine once I made sure the machine name was unique from any of the virtual domain names.

----------

## flashingcurser

Anyone know of a replacement for qmail-scanner? Nothing I do will make it work.

Its probably a permissions problem 

```
root@gerbil dan # setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl" -g

perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt

X-Qmail-Scanner-1.22:[] cannot open for write /var/spool/qmailscan/quarantine-attachments.db.tmp - Permission denied
```

```
root@gerbil dan # su qmaild

qmaild@gerbil dan $ /var/qmail/bin/qmail-scanner-queue.pl -g

perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt

perlscanner: total of 9 entries.

qmaild@gerbil dan $
```

Everything works fine if I take every:

MAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

Out of  /etc/tcprules.d/tcp.qmail-smtp

Anyone have any Ideas? Or an alternate for qmail-scanner?

----------

## naitram

First, thanks so much for the information here.  I was able to set up a server in a short period of time that does incredible things with ease, and I'm very appreciative.

I had the same root@localhost problem with the mysql.  Never tracked it down, but the only package i had to re-emerge was courier-imap and everything worked fine.  

Lastly, my question.  Since this server is an smtp server for multiple domains, I've got a problem with my server cert.  During the qmail setup, I configured the cert for the hostname of the machine.  I have everything set with aliases in the dns config for each domain so that mail.domain.tld points to the hostname of this machine.  This causes (at least in thunderbird) a message box to pop up saying that I'm attempting to send to box mail.domain.tld but the connection is being made to mail.otherdomain.tld, and is this okay with me?  Is there a way to specify (preferably) multiple certificates, or multiple hostnames on one cert so this message does not occur?  That I've been unable to find any information about it leads me to think that it may be just my configuration.  But i'm kinda at a loss.

----------

## feffi

Hey,

have a look at 

"HOWTO: qmail vpopmail courier-imap qmail-scanner etc"

at the Gentoo-Wiki-Wanted pages:  :Shocked: 

http://gentoo-wiki.com/Wanted#Articles_on_the_forums_to_be_copied_over

It would be cool to have your Howto there...

If you like I can copy it over..

----------

## Tazok

I always get the error:

```
Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
```

when trying to send mail to my domain.

What am I doing wrong?

----------

## TheSlab

Reject on SMTP...

This patch will only accept email if it can find a valid account on the server.

http://www.interazioni.it/qmail/

I'm just getting into Gentoo so I haven't figured out how to get that to nicely install yet. Will look at it tonight I hope. But that should solve one of your problems petterg.

Maybe someone could point me to a thread on adding patches and creating ebuilds?

----------

## quink

I was able to get qmail, vpopmail etc all setup and working, but my local email(for users of the machine) isn't accessable remotely through imap/pop3. I can't make them forward to the vpopmail box that gets setup for the local machine and i can't figure out how to make this work.

Any ideas?

----------

## TheSlab

Need a little more info.. How are you trying to forward the mail? What is in your control/locals file? Where do you want the mail forwarded?

On my setup I have an empty locals file and just setup what would be in there as a virtual domain in vpopmail. Downside is each user has to have another account just for email but that's ok since I don't want all my local users to get email.

----------

## quink

Well my main complaint is system email that goes to root. I can't figure out how to forward it to my vpopmail mail box for my default user.

----------

## TheSlab

a .qmail file in the root directory doesn't work?

----------

## petterg

 *flashingcurser wrote:*   

> Anyone know of a replacement for qmail-scanner? Nothing I do will make it work.
> 
> Its probably a permissions problem 
> 
> ```
> ...

 

Running the quefix might solve your problem. It's posted somewhere earlier in this thread.

(Sorry if somebody already said that. I've been away for a while. I've not yet read all the new posts.)

----------

## petterg

 *Tazok wrote:*   

> I always get the error:
> 
> ```
> Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
> ```
> ...

 

Did you put your domain in the /var/qmail/control/rcpthosts ?

I think it should got there automatically when you add a domain using vadddomain, but if it's not try to put it there.

----------

## petterg

 *quink wrote:*   

> Well my main complaint is system email that goes to root. I can't figure out how to forward it to my vpopmail mail box for my default user.

 

I used qmailadmin to make aliases and forwards. That way it worked for me.

----------

## petterg

 *TheSlab wrote:*   

> Reject on SMTP...
> 
> This patch will only accept email if it can find a valid account on the server.
> 
> http://www.interazioni.it/qmail/
> ...

 

I would need something like that! Did you try it?

Maybe it's included in one of the qmail ebuilds.. The ebuild we're installing by using this guide includes a lot of patches, and there are also newer ebuilds masked by ~. If it's included we just need to figure out how to enable it.

----------

## TheSlab

I haven't looked at other ebuilds. I've used it on systems where I did all the work putting stuff together and it works great, using it for the mailserver at work. I got a patch to work with the ebuild this document says but I guess I'm getting some conflicts with other patches. Appears to be some sort of memory access problem I haven't been able to track down. I plan to look at it more on Sunday when I get back. It's the only thing keeping me from flipping the switch to my new gentoo server right now  :Sad: 

----------

## devourment77

I have read this over and over.. and not sure what is wrong.  My vpop config password is right.. and it seems to write to mysql.. but when i do this vadddromain hidden-leaf.ath.cx 

```

hidden-leaf devourment77 # vadddomain hidden-leaf.ath.cx

Please enter password for postmaster:

enter password again:

Failure while attempting to remove_line() the locals file

Error. Failed to add domain to assign file

Error: Could not update file

```

not sure what it is doing.. what files is it talking about... I can login to mysql with vpopmail just fine.  I cannot vadduser to this domain either because of these errors.

and then when i try to delete this domain i get

```
vdeldomain hidden-leaf.ath.cx

Warning: Could not access (/var/vpopmail/domains/hidden-leaf.ath.cx)

Warning: Failed while attempting to delete domain from auth backend

Warning: Failed to delete directory tree: hidden-leaf.ath.cx

```

any help will be good.. i am just getting frustrated.

thx

----------

## TheSlab

 *devourment77 wrote:*   

> I have read this over and over.. and not sure what is wrong.  My vpop config password is right.. and it seems to write to mysql.. but when i do this vadddromain hidden-leaf.ath.cx 
> 
> 

 

```

vdeldomain hidden-leaf.ath.cx

### ignore the error

touch ~qmaild/control/locals

vadddomain hidden-leaf.ath.cx

```

That should fix your problem.

----------

## devourment77

problem solved.....

reason = i am a dumb ass lol

just tip for anyone else trying to do this.. read instructions carefully, and follow everyline.

thx for the help all

----------

## TheSlab

 *devourment77 wrote:*   

> problem solved.....
> 
> reason = i am a dumb ass lol
> 
> just tip for anyone else trying to do this.. read instructions carefully, and follow everyline.
> ...

 

It happens  :Smile: 

----------

## TheSlab

Okay, I got it all working. I was being stupid and forgot to run qmail-smtpd as the vpopmail user, along with testing it incorrectly. Duh!

It is now running on my server beautifully. I'll touch up the patch a little and post it tonight.

----------

## skyfolly

Thanks a lot.

----------

## TheSlab

Sorry I didn't get this last night, going on vacation tomorrow and have been packing.

Here's the patch I got working. It will assume you set all your virtual domains to bounce non-existant.

http://www.spaceballs.net/files/qmail/qmail-smtpd-chkusr-1.0.patch

I just added it to the ebuild around line 143 and emerged it. After that you need to modify the qmail-smtpd startup script 

/var/qmail/supervise/qmail-smtpd/run

and set the user and group it will execute as to vpopmail

Isn't much more I can tell ya as this is the first "patch" I've dealt with for gentoo. I'd appreciate someone telling me how to submit for inclusion in the ebuild for qmail. I just wanna know how to do that stuff for later on. Thanks!

After you get it all installed and qmail-smtpd running you test it by doing

220 somemailserver.com ESMTP

mail theslab@somemailserver.com

250 ok

rcpt to: theslab@somemailserver.com

250 ok

rcpt to: asdf@somemailserver.com

550 sorry, no mailbox here by that name (#5.1.1 - chkusr)

quit

221 somemailserver.com

I was forgetting to do "to: " before and wanted to take myself to the back alley at night and beat myself with a bat when I figured out what I was doing wrong  :Smile: 

----------

## LodBot

I went to setup my qmailadmin login by doing the following:

```
/var/vpopmail/bin/vadddomain mydomain.com
```

 and was returned with this:  *Quote:*   

> Please enter password for postmaster:
> 
> enter password again:
> 
> vmysql: sql error[c]: MySQL server has gone away
> ...

   Mysql is running and I can connect to it fine through a php script.  Any idea what's going on?  I also tried to use localhost instead of mydomain.com.

Thanks in advance.

----------

## TheSlab

 *LodBot wrote:*   

> I went to setup my qmailadmin login by doing the following:

 

Try this post:

https://forums.gentoo.org/viewtopic.php?t=171499&postdays=0&postorder=asc&start=54

Most problems have already been answered in this long thread.

----------

## LodBot

I'm getting somewhere... I followed those steps and now here's the output: *Quote:*   

> root@lodbot1 forums # /var/vpopmail/bin/vadddomain mydomain.com
> 
> Please enter password for postmaster:
> 
> enter password again:
> ...

 

Any ideas how to somehow erase my domain so I can readd it?

Thanks for the help.

----------

## TheSlab

vdeldomain domain.com

ignore the errors then add it back. All better now.

----------

## LodBot

 *TheSlab wrote:*   

> All better now.

 That it is.  Thanks.

----------

## blubbi

got an interesting problem:

everything works, except valias....

```
@4000000041234149166861ac new msg 821403

@40000000412341491668714c info msg 821403: bytes 532 from <anonymous@mail.xyz.de> qp 29857 uid 0

@400000004123414a1d314a1c starting delivery 84: msg 821403 to local mail.xyz.de-root@mail.xyz.de

@400000004123414a1d315da4 status: local 1/10 remote 0/20

@400000004123414a2570c52c delivery 84: success: vdelivermail:_valiases_processed/did_0+0+1/

@400000004123414a2570d8b4 status: local 0/10 remote 0/20

@400000004123414a2570dc9c end msg 821403
```

the mail seems to be delivered corrct.. but it appears nowhere...

The entrie in the database seems to be allright...

by the way, vacation messages don't work either... no error messages or anything is generated...

----------

## LodBot

When I send an email from squirrelmail, the header on the receiving end is Received: from MYHOSTNAME (bdsl.MYIP.gte.net [MYIP]).  My question is how can I get that to say Received: from MYDOMAIN.COM (MYDOMAIN.COM [MYDOMAIN.COM])?  I'm assuming I need to setup some sort of DNS software?

Thanks in advance.

----------

## petterg

[quote="LodBot"]When I send an email from squirrelmail, the header on the receiving end is Received: from MYHOSTNAME (bdsl.MYIP.gte.net [MYIP]).  My question is how can I get that to say Received: from MYDOMAIN.COM (MYDOMAIN.COM [MYDOMAIN.COM])?  I'm assuming I need to setup some sort of DNS software?

You'll probably need read this thread more carefully regarding setup of squirrelmail

----------

## LodBot

 *petterg wrote:*   

> You'll probably need read this thread more carefully regarding setup of squirrelmail

 I guess I took the easy way out by just posting.  I'll look around.

Thanks.

----------

## petterg

I'm trying to install the smtp reject patch TheSlab posted, but can't figure out how to include it in the ebuild.

I added

```
epatch ${DISTDIR}/qmail-smtpd-chkusr-1.0.patch
```

between

```
epatch ${DISTDIR}/qmail-limit-bounce-size.patch.txt

epatch ${FILESDIR}/${MY_PVR}/qmail-smtpd-esmtp-size-gentoo.patch

```

and

```
epatch ${FILESDIR}/${MY_PVR}/qmail-smtpd-relay-reject.gentoo.patch

epatch ${DISTDIR}/qmail-gentoo-1.03-r12-badrcptto-morebadrcptto-accdias.diff.bz2
```

in qmail-1.03-r15.ebuild. (If I try with r13 I get the same error.) 

To me it seems like a problem with the patch file. That the patch is trying to patch the wrong files or so. All the other patches in the ebuild applies fine. Anyone got any idea of what I do wrong?

It's supposed to patch qmail, right? (Not to patch vpopmail?)

Here is the first part of /var/tmp/portage/qmail-1.03-r15/temp/qmail-smtpd-chkusr-1.0.patch-4001.out :

```
 

***** qmail-smtpd-chkusr-1.0.patch *****

 

========================================

 

PATCH COMMAND:  patch -p0 -d /var/tmp/portage/qmail-1.03-r15/work/qmail-1.03 < /usr/portage/distfiles/qmail-smtpd-chkusr-1.0.patch

 

========================================

can't find file to patch at input line 5

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|Only in qmail-1.03/: .qmail-smtpd.c.swp

|diff -uBbwr qmail-1.03.orig/Makefile qmail-1.03/Makefile

|--- qmail-1.03.orig/Makefile   2004-08-04 12:19:00.000000000 -0700

|+++ qmail-1.03/Makefile        2004-08-14 17:21:45.000000000 -0700

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

can't find file to patch at input line 19

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|Only in qmail-1.03/: Makefile.orig

|Only in qmail-1.03/: Makefile.rej

|diff -uBbwr qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c

|--- qmail-1.03.orig/qmail-smtpd.c      2004-08-04 06:52:22.000000000 -0700

|+++ qmail-1.03/qmail-smtpd.c   2004-08-16 14:11:54.000000000 -0700

--------------------------

No file to patch.  Skipping patch.

5 out of 5 hunks ignored

========================================

 

PATCH COMMAND:  patch -p1 -d /var/tmp/portage/qmail-1.03-r15/work/qmail-1.03 < /usr/portage/distfiles/qmail-smtpd-chkusr-1.0.patch

 

========================================

patching file Makefile

Hunk #1 succeeded at 1584 (offset -25 lines).

patching file qmail-smtpd.c

Hunk #2 succeeded at 376 (offset -75 lines).

Hunk #3 succeeded at 656 (offset -105 lines).

Hunk #4 FAILED at 667.

Hunk #5 succeeded at 925 (offset -112 lines).

1 out of 5 hunks FAILED -- saving rejects to file qmail-smtpd.c.rej

========================================

 

PATCH COMMAND:  patch -p2 -d /var/tmp/portage/qmail-1.03-r15/work/qmail-1.03 < /usr/portage/distfiles/qmail-smtpd-chkusr-1.0.patch

 

========================================

missing header for unified diff at line 5 of patch

can't find file to patch at input line 5

Perhaps you used the wrong -p or --strip option?

```

(there are lots of more errors. This is the first part.)

----------

## sucarino

hey, is it normal that when i tried

spamc -c -f < sample-spam2.txt

it takes more than 3 minutes for a simple file ????????

I've unmerged pyzor, razor, dcc ... i set skip_rbl_checks to 1 but spamc is still delaying a lot

what should i do? do i have something wrong?  :Sad: 

----------

## sucarino

7) install f-prot and Mail-SpamAssassin.  they must be running before installing qmail-scanner.

[code]> emerge /usr/portage/app-antivirus/f-prot/f-prot-4.4.2.ebuild

> emerge /usr/portage/dev-perl/Mail-SpamAssassin/Mail-SpamAssassin-2.63.ebuild

I found another post in this forum saying:

"But, as far as I know, implemeting a program as spamassassin on a virtual mailhost system is not going to work."

So, is it true that I can't filter my virtual domains mails with spamassassin???

 :Crying or Very sad: 

----------

## sucarino

 *ryker wrote:*   

> I've never had any luck getting Spam Assassin to work using this how to.  I know you are supposed to emerge qmail-scanner afer f-prot and spam assassin, so qmail-scanner will pick them up and use them.  For some reason, qmail-scanner is ignoring spam assassin.  When I emerge qmail-scanner I get the following message:
> 
> ```
> Something like the SpamAssassin spamc is present, but is not capable of
> 
> ...

 

I have the same problem, did you find a solution?

thanx

----------

## petterg

I'm sure the guide tells you how to edit spamassassin config files to tag spam mails. If you also read the manual it will tell you how to add aditional headers. However this additional headers does not seem to apare in the mail.

Edit:

Regarding time issues, my petium 166 mmx spends 20-40 seconds pr. mail. The P4 server spends 1-2 seconds. I don't know how to solve it. Maybe unemerge spamassassin and qmailscanner, reemerge spamass. configure it as the guide tell you to (read all the text!) then reemerge qmailscanner

----------

## sucarino

 *petterg wrote:*   

> I'm sure the guide tells you how to edit spamassassin config files to tag spam mails. If you also read the manual it will tell you how to add aditional headers. However this additional headers does not seem to apare in the mail.
> 
> Edit:
> 
> Regarding time issues, my petium 166 mmx spends 20-40 seconds pr. mail. The P4 server spends 1-2 seconds. I don't know how to solve it. Maybe unemerge spamassassin and qmailscanner, reemerge spamass. configure it as the guide tell you to (read all the text!) then reemerge qmailscanner

 

thank you very much for your reply. unfortunately i've forced to restart all the process again from scratch. i will try to be more careful this time (i can't imagine how) so cross your fingers for me.   :Laughing: 

By the way..just want comment that my experience was really weird. I unmerged all ebuilds and emerge againg without success. Every time when i tried to emerge qmail-scanner it spend about 5-8 minutes doing nothing.... just after ask for a confirmation on installation. And unbelievable,  spamassassin spent like 4-5 minutes in a message with size less than 5kb.... ON A DUAL PENTIUM 4 at 2.0Mhz with 1Gb RAM.   :Shocked: 

I have installed spamassassin in another less powerful PC running Red Hat, same file took about 0.992 sec.  I really hope have more luck this time b/c I'm convinced that gentoo is my next affair, absolutly.

 :Wink: 

(and sorry for my terrible english please)

----------

## petterg

 *sucarino wrote:*   

> Every time when i tried to emerge qmail-scanner it spend about 5-8 minutes doing nothing.... just after ask for a confirmation on installation. 

 

Same thing here... well at the mmx166 I guess it took about 40 minutes "doing nothing". I believe this "nothing" is searching for programs to include in the script, run some tests to see if the programs works and generate the script based on the gathered information.

----------

## petterg

 *sucarino wrote:*   

>  spamassassin spent like 4-5 minutes in a message with size less than 5kb.... ON A DUAL PENTIUM 4 at 2.0Mhz with 1Gb RAM. 

 

Maybe that delay is related to what is described in step 5 of the guide?

----------

## TheSlab

 *petterg wrote:*   

> I'm trying to install the smtp reject patch TheSlab posted, but can't figure out how to include it in the ebuild.
> 
> 

 

Sorry I've been out of town. Here is where I put it 

```

    epatch ${DISTDIR}/qmail-gentoo-1.03-r12-badrcptto-morebadrcptto-accdias.diff.bz2

    EPATCH_SINGLE_MSG="Add support for qmail-smtpd-chkusr" \

    epatch ${DISTDIR}/qmail-smtpd-chkusr-1.0.patch

    # TODO TESTING NEEDED

    EPATCH_SINGLE_MSG="Enable stderr logging from checkpassword programs" \

```

----------

## petterg

Thank you, TheSlab. Somehow it patched now.

I have no idea of why it failed before.

I'm using r15 now, a patches that seems force encrypted passwords in smtp-auth. (affected by the NOTLSBEFOREAUTH use flag)

Also I installed qmail-scanner 1.23. It seems to work better with spamassassin. (Add the SPAMASSASSIN use flag.)

However, I can't get this stuff tested as I'm out of public IP adresses. Before I can set this server into action I have to figure out how to move a virtual domain from one server to another.  By 'move' I mean transfer all mail, all usernames, aliasses, passwords, etc. That way I can take down one server and release an ip.

I copied /var/vpopmail/domains and /var/lib/mysql/vpopmail from one of the servers to this server. I also added the virtual domain into the /var/qmail/control files. 

Now, if I do a /var/vpopmail/bin/vdominfo mydomain.net I get "domain does not exist".

What else do I need to do to get the domain moved?

I'll guess this will also be a problem when restoring a mailsystem from a backup.

Edit:

I figured out how to move domain from one server to another. Here's how:

copied /var/vpopmail/domains/mydomain.net 

renamed source mysql db vpopmail -> oldvpop 

copied /var/lib/mysql/oldvpop 

merged mysql db: oldvpop tables into vpopmail tables 

ran /var/vpopmail/bin/vadddomain mydomain.net 

ignored errors 

copied /var/vpopmail/domains/mydomain.net again

----------

## Jack_Sparrow

Hi,

Its a good doc.

but i have a problem with dcc ebuild!

i receive this error :

```

root@tux etc # emerge /usr/portage/net-mail/dcc/dcc-1.2.28.ebuild

Calculating dependencies \!!! aux_get(): ebuild for 'net-mail/dcc-1.2.28' does not exist at:

!!!            /usr/portage/net-mail/dcc/dcc-1.2.28.ebuild

emerge: create(): aux_get() error on net-mail/dcc-1.2.28; aborting...

```

in the old doc, you say that we must force-emerged dcc ebuild. but can you tell me how i can do this? i try emerge -O  /usr/portage/net-mail/dcc/dcc-1.2.28.ebuild

and no success.. thanks for your help!

----------

## petterg

 *Jack_Sparrow wrote:*   

> Hi,
> 
> Its a good doc.
> 
> but i have a problem with dcc ebuild!
> ...

 

# ACCEPT_KEYWORDS="~x86" emerge dcc

----------

## petterg

Regarding the smtpd-chkusr patch.

I'm installing my second mailserver for the day. It seems like qmail and vpopmail has to get emerged without the patch before you can add the patch to the ebuild and reemerge qmail!

Regarding the qmail-scanner 1.23 (this is probably the case for all > 1.20)

There is a clamscan / clamdscan issue. I found a workarround that apared to work, but it turned out that virus files passed unaffected trough the scanner! - Well, this might be a clamav issue. Posible just configuration. Last time I used clamav was version 0.70. This time I used 0.75.

(I chose clamav over f-prot because of the f-prot licence.)

----------

## petterg

I still have issues with clamav 0.75 and qmail-scanner 1.23, but here is thing I don't understand regarding timeconsumation about the scanning prosess with spamassassin:

Pentium 3, 800MHz, 384MB ram, spamassassin 2.64, runing mailserver only, no traffic, avg cpuload=0:

* Identify clean message: 6-7 seconds

* Identify spam message: 48-54 seconds!!

Celeron 400MHz, 220MB ram, spamassassin 2.64, running mailserver only, no traffic,  avg cpuload=0:

* Identify clean message: 20-23 seconds

* Identify spam message: 25-30 seconds

Pentium 166mmx, 112MB ram, spamassassin 2.63, active webserver,  mailserver, mysql server, router, some load,  avg cpuload=0.3:

* Identify clean message: 20-30 seconds

* Identify spam message: 20-30 seconds

So, the slowest computer, having the least amount of ram, having the highest work load is the fastes to indentify spam!

They are all running with same /etc/mail/spamassassin/local.cf

Why did I even think about replacing the 166mmx?

Edit: I also downgraded qmail-scanner to 1.16 on the P3 and celeron. It did not affect the timeconsumation.

----------

## petterg

Have debugged a bit now. Spamd log shows:

----/var/log/messages - cutout ----

Aug 29 22:15:03 lux spamd[6451]: debug: received-header: parsed as [ ip=193.120.211.219 rdns=mail.webnote.net helo=webnote.net by=mail.netnoteinc.com ident= ]

Aug 29 22:15:03 lux spamd[6451]: debug: received-header: parsed as [ ip=24.226.157.50 rdns=USR-157-050.dr.cgocable.ca helo=netsvr.Internet by=webnote.net ident= ]

Aug 29 22:15:03 lux spamd[6451]: debug: received-header: parsed as [ ip=216.214.106.173 rdns=max1-45.losangeles.corecomm.net helo=R00UqS18S by=netsvr.Internet ident= ]

Aug 29 22:15:53 lux spamd[6451]: debug: received-header: relay 193.120.211.219 trusted? no

Aug 29 22:15:53 lux spamd[6451]: debug: received-header: relay 24.226.157.50 trusted? no

Aug 29 22:15:53 lux spamd[6451]: debug: received-header: relay 216.214.106.173 trusted? no

Aug 29 22:15:53 lux spamd[6451]: debug: running header regexp tests; score so far=0

------- end cutout ------------

What is this a part of the logfile when the 4th qmail-scanner testmessage is passed to spamd.

What is the header stuff good for? 

If I add the -L option to spamd the spamcheck is done in 0.3 seconds! Is it a bad idea to pass the -L to spamd?

Is there any kind of timeout setting that could affect this?

----------

## TheSlab

Yeah, you need vpopmail files for the chkusr patch. So that qmail knows how to lookup account information. Sucks but that's just how it is. I remember the first time I compiled all this stuff by hand the docs said to compile qmail, vpopmail then recompile qmail with the patch. *shrug*

I'm not sure about the head part in your log. Using the -L flag doesn't seem to me to be a big deal. If you really wanna know the dns name of an IP you can just look it up yourself. My opinion is it's just for logging purposes. Maybe used in a blanked *.somedomain.com rule for spamassassin. I wouldn't worry about it too much.

----------

## petterg

The -L option in spamd seems to disable razor, pyzor and dcc, even when they are enabled in local.cf. I'm not sure how much use I have of these programs. (The wierdest thing is why the 166mmx behaves faster than the P3@800.)

Anyone tried the magic-smtpd with qmail? How should I go around to install it?

----------

## petterg

The chkusr patch makes a conflict with smtp using tsl.

The chkusr patch requires qmail-smtpd to run as "vpopmail". However tsl does not work if qmail-smtpd is running as anyone but "qmaild"!

This conflic is the same for qmail.1.03-r13 and ..-r15.

Aparently the best solution for running clamav with Qmail-scanner > 1.20 is to run clamd as the qscand user. (Edit /etc/clamav.conf and run chown -R qscand:qscand /var/lib/clamav)

----------

## shira

qmail-scanner-queue doesn't run for some reason

I get this error msg in the logs:

Insecure directory in $ENV{PATH} while running with -T switch at /var/qmail/bin/qmail-scanner-queue.pl line 1750, <STDIN> line 19.

I tried disabling taint mode for perl by deleting the -T in front of #/usr/bin/perl (I had to in order to run qmail-scanner-queue -z)

I don't know how to fix this one

----------

## petterg

 *shira wrote:*   

> qmail-scanner-queue doesn't run for some reason
> 
> I get this error msg in the logs:
> 
> Insecure directory in $ENV{PATH} while running with -T switch at /var/qmail/bin/qmail-scanner-queue.pl line 1750, <STDIN> line 19.
> ...

 

Guess you're running QmS > 1.2 .... there is a reason why it's masked :)

I got the same thing when I was running clamav as clamav:qscand. Check if you're running spamassassin and f-prot/clamav as the wrong user and/or group.

(And post in the forum if you get the QmS > 1.2 running. I strugeled a lot to get 1.23 to run with clamav. Finaly got it working it turned out to let mails pass as clean if a X-Spam header is present in incoming mail!)

----------

## shira

even with QmS 1.16 it spits out that error

during the merge:

>>> /usr/share/doc/qmail-scanner-1.16-r2/contrib/sub-sender-cache.pl.gz

>>> /usr/share/doc/qmail-scanner-1.16-r2/README.gz

>>> /usr/share/doc/qmail-scanner-1.16-r2/COPYING.gz

>>> /usr/share/doc/qmail-scanner-1.16-r2/CHANGES.gz

Insecure directory in $ENV{PATH} while running with -T switch at /var/qmail/bin/qmail-scanner-queue.pl line 1083.

SA and clamav are both owned by root and NOT world writable:

# ls -l /usr/bin/spamc /usr/bin/clamscan  

-rwxr-xr-x    1 root     root        42812 Sep  5 13:42 /usr/bin/clamscan

-r-xr-xr-x    1 root     root        20516 Sep  1 20:03 /usr/bin/spamc

----------

## petterg

 *shira wrote:*   

> SA and clamav are both owned by root and NOT world writable:
> 
> 

 

You have to look in their conf files to see what they run as. If you followed the guide you should have spamd running as vpopmail. For QmS 1.16 you don't need clamd running - it's not being used as a deamon by QmS. (By default only the updater is running.)

And btw: make sure spamd IS running before emerging QmS.

However, I don't think any of this will solve your problem as it's related to emerge, not the filtering itself

----------

## shira

the error that gets spit out during the merge isn't portage's fault

it's something to do with perl and taint mode, though I don't know what

----------

## catalinux

[take a look at http://www3.sympatico.ca/humungusfungus/code/validrcptto.html

 patched r15 qmail ebuild with:

	EPATCH_SINGLE_MSG="qmail-pop3d fix for top output so Evolution doesn't barf" \

	epatch ${FILESDIR}/${PVR}/qmail-pop3d-top-outputfix.patch

 line new       EPATCH_SINGLE_MSG="validrcptto  patch" \

 line new       epatch ${FILESDIR}/${PVR}/va.patch

 and put this patch named va.patch in /usr/portage/mail-mta/qmail/files/1.03-r15/

or maybe /usr/local/portage/mail-mta/qmail/files/1.03-r15/

patch begin  :Smile: 

diff -ur qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c

--- qmail-1.03.orig/qmail-smtpd.c	2003-08-11 20:37:16.000000000 -0700

+++ qmail-1.03/qmail-smtpd.c	2003-08-11 20:39:52.000000000 -0700

@@ -150,6 +150,7 @@

 }

 void err_bmf() { out("553 sorry, your envelope sender has been denied (#5.7.1)\r\n"); }

+void err_vrt() { out("553 sorry, this recipient is in my badrecipientto list (#5.7.1)\r\n"); }

 void err_brt() { out("550 sorry, this message is not deliverable (#5.7.1)\r\n"); }

 void err_bmt() { out("533 sorry, your envelope recipient has been denied (#5.7.1)\r\n"); }

 void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)\r\n"); }

@@ -214,6 +215,9 @@

 int bmfok = 0;

 stralloc bmf = {0};

 struct constmap mapbmf;

+int vrtok = 0;

+stralloc vrt = {0};

+struct constmap mapvrt;

 int brtok = 0;

 stralloc brt = {0};

 struct constmap mapbrt;

@@ -244,7 +248,10 @@

   bmfok = control_readfile(&bmf,"control/badmailfrom",0);

   if (bmfok == -1) die_control();

   if (!constmap_init(&mapbmf,bmf.s,bmf.len,0)) die_nomem();

-

+  vrtok = control_readfile(&vrt,"control/validrcptto",0);

+  if (vrtok == -1) die_control();

+  if (vrtok)

+  if (!constmap_init(&mapvrt,vrt.s,vrt.len,0)) die_nomem();

   bmtok = control_readfile(&bmt,"control/badmailto",0);

   if (bmtok == -1) die_control();

   if (!constmap_init(&mapbmt,bmt.s,bmt.len,0)) die_nomem();

@@ -441,7 +448,16 @@

   }

   return 0;

 }

-

+int vrtcheck()

+{

+  int j;

+  if (!vrtok) return 0;

+  if (constmap(&mapvrt,addr.s,addr.len - 1)) return 1;

+  j = byte_rchr(addr.s,addr.len,'@');

+  if (j < addr.len)

+    if (constmap(&mapvrt,addr.s + j,addr.len - j - 1)) return 1;

+  return 0;

+}

 int addrallowed()

 {

   int r;

@@ -609,6 +625,11 @@

     flagbrt = 1;

     log_deny("BAD RCPT TO", mailfrom.s,addr.s);

   }

+  if (!env_get("RELAYCLIENT") && !vrtcheck()) {

+    strerr_warn4("qmail-smtpd: badrcptto: ",addr.s," at ",remoteip,0);

+    err_vrt();

+    return;

+  }

   if (!stralloc_cats(&rcptto,"T")) die_nomem();

   if (!stralloc_cats(&rcptto,addr.s)) die_nomem();

   if (!stralloc_0(&rcptto)) die_nomem();

----------

## petterg

 *catalinux wrote:*   

> [take a look at http://www3.sympatico.ca/humungusfungus/code/validrcptto.html
> 
>  patched r15 qmail ebuild with:
> 
> 

 

And your point is?

There's quite a few nice patches in the r15, but none of them does the job of chkusr patch, which will save the server quite a bit of load in case of spammails to [random chars]@domain.net. To bad it makes a conflict with the smtp-auth over tsl!

The magic-smtpd seems to be even better on stopping spam before arrival, but I haven't figured out the correct way to install it.

----------

## slim

Anyone have feedback on qmail-scanner-1.23-r3 with perl-5.8.4-r1?

I foolishly emerged perl-5.8.4-r1 without reading the change log close enough, and I can confirm that's a really bad idea. It broke qmail-scanner since /usr/bin/suidperl has been removed. Now that I've downgraded back to 5.8.4, I'm sitting here reflecting on the error of my ways. I don't think I'll have a chance to test on that server for 2 weeks, so maybe someone could test the new combo and post the results.

----------

## radulucian

same situation and same problem here.

i am now downgrading perl and libperl too, since i cannot afford to test it further with my mail server practically down.

if anyone has a chance to solve it in a reasonable manner please post your conclusions and you fix here.

----------

## radulucian

also, i now see that 

```

emerge /usr/portage/dev-perl/Mail-SpamAssassin/Mail-SpamAssassin-2.63.ebuild 

```

from the original post by sabrex can no longer work since Mail-SpamAssassin was completely removed from portage and replaced by spamassassin which is configured a little bit different

also, even after downgrading perl, my installation is now really messed up (though it is working, but only after disabling clamd), so maybe someone who can test it thoroughly can repost the tutorial in an updated form.

----------

## catalinux

 *petterg wrote:*   

>  *catalinux wrote:*   [take a look at http://www3.sympatico.ca/humungusfungus/code/validrcptto.html
> 
>  patched r15 qmail ebuild with:
> 
>  
> ...

 

thid patch is a kind of generic chkusr patch ( i need that 'cause i do not use vpopmail , i use vmailmgr)

ideea is -populate /control/validrcptto with  user mail adresses on your server and qmail-smtpd wiill check against this file rcptto from header-BEFORE DATA  being sent in SMTP session

----------

## petterg

 *catalinux wrote:*   

> ideea is -populate /control/validrcptto with  user mail adresses on your server and qmail-smtpd wiill check against this file rcptto from header-BEFORE DATA  being sent in SMTP session

 

Would be good if vpopmail would add/remove users in that file when users are added/remomed using the the vadduser vdeluser. Allthough it could be done by a script... how would we get around to make qmailadmin work with this?

Guess vmailmgr already does this?

----------

## petterg

A question for those of you who are using qmail-scanner 1.23:

How is it working?

I tried it, with the result that incomming mail carying a header "X-Spam-Status:No..." passed unchecked through the scanner. This also happened if it carryed virus!

Also, random mails came through unchecked!

Are you experiencing any of these problemes?

How did you set it up?

If you're running with clamav, are you running clamd as the clamav, qscand or vpopmail user?

----------

## stripe

well I made it to work, but I think it is bug as a cow...

I use:

perl-5.8.4-r1

qmail-1.03-r13

qmail-scanner-1.23-r3

spamassassin-2.64

so after doing emerge -u world and restarting the daemons I noticed that the mailserver stopped to send the emails with some "qq problem"

after half a day tracing the log files, I figured how to run out from that and here are my issues:

a) UID+GID qscand, under which is supposed qmail-scanner to run, is absolutely useless and misleading. qmailscanner runs still under qmaild, so you have to set back again the dir and file permissions recursively, typically by:

```

chown qmaild:nofiles -R /var/spool/qmailscan

```

b) in qmail-scanner 1.23 is implementation of checking the Razor, Pyzor, F-Prot. Clavam, etc, solved somehow different, so without update won´t it to run. so you have to reinitialise the database by:

```

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -g

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z

```

EDIT ON MY PREVIOUS POST, READ THE CHANGES BELLOW!

c) qmail-scanner is reinitialising it´s database within the cron job. however this cronjob from qmail-scanner 1.16 sets UID+GID to root of file /var/spool/qmail-scanner-queue-version.txt with 0700 mask, which causes qmail-scanner of 1.23 version from ability to read the file and again rejects to send the mails.

you have to find /etc/cron.daily/qmail-scanner, edit and change the content:

from:

```

/var/qmail/bin/qmail-scanner-queue -z

```

to:

```

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z

```

now everything is doing just fine....

----------

## radulucian

thank you stripe. 

tonight i will try the procedures you described on both my servers and check back here to confirm.

----------

## stripe

ok, try it.... If you´ll be successful, I´m gonna to write a bug report about qmail-scanner-1.23-r3.ebuild thus I really don´t have an idea why would be qmail-scanner run as qsand, when in fact is called by qmaild and therefore must be accessible for qmaild

----------

## radulucian

regarding the permissions problem you might want to see neonsamurai answer here : https://forums.gentoo.org/viewtopic.php?t=221865&highlight=qmailscannerqueue

and if you have problems with spamassassin not working anymore you might want to consider this: https://forums.gentoo.org/viewtopic.php?t=217463&highlight=qmailscannerqueue

maybe sabrex could take these new changes into consideration and edit the howto to reflect the current situation.

----------

## stripe

```

Get rid of 

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" 

from /etc/tcp.smtp, Watch the add! It's not ".pl" anymore
```

I had this already in my config, but the problems with ebuild of qmail-scanner 1.23-r3 I had to solve:

a) chowns whole directory /var/spool/qmailscan to qscand without noticing you about that.

b1) setting wrapper in /var/qmail/conf/common-conf is not issue, if qmail scanner cannot work with it´s directory, when called under qmaild

b2) the same situation fixing tcp.smtp and eding the .PL issue

c) you have to chown whole directory back again

d) if it works finaly, in the night (on my box aprox. at 3AM) will qmail-scanner reinitialise database, but with bad UID+GID and mask 0700, so you are back again where you´ve been. so you have to finaly edit /etc/cron.daily/qmail-scanner

 .....simply utopia.....

and one day of SMTP malfunction 

I THINK IT IS SOLVED NOW, just do the things in my little howto above and you can go to sleep peacefuly without waking up by nervous users, like me.....   :Cool: 

----------

## tecknojunky

I have a server to rebuild.  I think I'm finally going to give Debian a try.

This is the second time I do an update that creates major problems for the whole network (in this case, no email server).

You got to admit, Gentoo as a long way to go to make it into enterprises.  I don't know which of the Perl or qmail-scanner maintainers is to blame, but someone did not do his job properly for allowing them to reach stable status together.

I had enough and I'm now seriously thinking to use a REAL distro, not one made by script kiddies.

PS.  I may sound crude and harsh?  You think I should apologize?  In your dreams.  I don't appreciate the pressures I get because I relied on the works made by amateurs and incompetents, so let me get some steam out.

----------

## radulucian

techknojunky, i am a little embarassed by your message. you should be too as you came out of nowhere on this thread to criticize a distribution you are not able to understand even after more than 900 posts on these forums.

you should proceed to work for your new debian server and stop poluting forum threads with off-topic messages. 

the reason i am using (and i will keep use) gentoo is exactly the fact that this forum helps me solve things EVERY SINGLE TIME i have a minor problem like this one. and i wish you good luck in getting the same prompt response with you next distribution.

and remember: we are very fortunate to be able to choose among this many excelent distributions, so you should be happy every time you are able to make such a choice.

best regards.

radu

----------

## stripe

offtopic: agreed, I used Slackware 8.1 in the past and it used to work well from installation without much changes. any other software compilaton which was not included on CD was breaknecking and without much possibility to upgrade the package. anyway package upgrade was much rather hell, then a peaceful operation. plus the init scripts, resp. rc. scripts are the piece of disgust..... if I striked to a problem, I was completely helpless. I don´ know what is Slack 10 about now, but you can visit it´s homesite to confirm it´s "support".

so that´she reason I moved from Slackware and I´m happy with Gentoo since that time. OK sometime it´s released a breaknecking ebuild, but therefore you have this forums you can turn around. That´s the point.

PS: thanks this forums and structure of Gentoo I think I have understood linux to the level I can friendly go with and therefore I can do proudly my job, eg. I´m able to satisfy what really the company I work wishes ....

----------

## tecknojunky

 *radulucian wrote:*   

> techknojunky, i am a little embarassed by your message. you should be too as you came out of nowhere on this thread to criticize a distribution you are not able to understand even after more than 900 posts on these forums.

 When you get there, maybe you too you'll want to let some steam out when a "minor mistake" affect everybody (like Perl and qmail-scanners that don't play well with each others).

 *radulucian wrote:*   

> you should proceed to work for your new debian server and stop poluting forum threads with off-topic messages. 

 Well, I'm not that off topic.  I've found this because qmail-scanner now has permissions problems for which you provided two links.  I will admit that I did fall in like a hair in a soup.  I apologize for that.  

My post polution?  And threads like this one with 24 zillions of posts is not polution?  You never noticed that when you search something, the first few results are always the ones that have gazillions of posts in it.  Some get so big that they must be close to enclose every words of the dictionnary.  No wonder it ends up in your search result.

 *radulucian wrote:*   

> the reason i am using (and i will keep use) gentoo is exactly the fact that this forum helps me solve things EVERY SINGLE TIME i have a minor problem like this one. and i wish you good luck in getting the same prompt response with you next distribution.

 Thank god, you can also rant on the forums.  I heard Debian also has a good support base.  I personally think that the forum, however useful it might be, is no excuse to bad implemented or insuffisiently tested releases of ebuilds.  Sure, you can sometime forget things, but it should happen in the unstable stage, not during stable, and surely not produce massive demand for support.

 *radulucian wrote:*   

> and remember: we are very fortunate to be able to choose among this many excelent distributions, so you should be happy every time you are able to make such a choice.

 and that's why when someone among the Gentoo maintainers does a poor job, I get hangry because I expect a minimal decent QA.  stable/unstable is not there to qualify the soldity of the desk the computer is on.  My point is, I love Gentoo but I question the release process to ensure things work properly.

If you look at qmail-scanner's ebuild, notice that 1.23-r3 is marked stable while 1.23-r2 is marked unstable.  It's the first I notice that and it would not surprise me if someone made the mistake of marking the r3 stable while it should have been unstable.  That would be a dumb mistake that can have huge repercussions for some users.  

Thanks for this.

----------

## defined

 *tecknojunky wrote:*   

> ...

 

i can only agree, after spending 4hours figuring out how to get my mailserver back up(had been down for almost a day before i found out  :Sad: )

debian never let me down during upgrades in the stable branch AND it was much smarter dealing with config files..

----------

## petterg

 *tecknojunky wrote:*   

> ....

 

 *defined wrote:*   

> ....debian never let me down during upgrades in the stable branch...

 

As the topic for this thread has been Qmail-Scanner 1.23 I assume your bitching is somewhat related to upgrading to this package.

Iæll just remind you that this package is masked by the ~keyword. That means it's not yet stable! It's not fear to the guys who make the ebuilds to bitch their newest unstable releases and compare to stable releases from other distros!

If you want to be bitchy at least you could start you own thread and stick to the stable releases!

----------

## nianderson

If i had a large group of users relying on a mail server I was maintaining I would have an identical one that is used for uprage testing. regardless of what OS its running things sometimes break. So it sounds more like your mistake than the maintainers. Yeah i get frustrated when i make the same mistake ( i have before and im sure i will again) seriously go install xp sp2 something breaks you cus microsoft things break its inevitable the only thing you can do is to be a smart admin and run identical boxen when there are critical services envolved.

that said. im on a fresh install i hope all the answers are here  :Smile: 

----------

## nianderson

I had to echo "hostname.domain.tld" > /var/qmail/control/me to be able to send mail

----------

## nianderson

I ran /usr/portage/distfiles/qmail-scanner-1.16/contrib/test_instal -doit after adding RECIP="me@mydomain.com" on line 94 and I got 3 of the 4 test messages

someone want to help me tune this up? and figure out whats up?

l

----------

## nianderson

 *stripe wrote:*   

> 
> 
> b) in qmail-scanner 1.23 is implementation of checking the Razor, Pyzor, F-Prot. Clavam, etc, solved somehow different, so without update won´t it to run. so you have to reinitialise the database by:
> 
> ```
> ...

 

when i do  setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -g   i get 

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -z

setuidgid: fatal: unable to run /var/qmail/bin/qmail-scanner-queue-pl: file does not exist

also in your tcp.smtp do you have qmail-scanner.pl or qmail-scanner? i see both files exist and hear the at qmail-scanner is supposed to eb a wrapper for qmail-scanner.pl

----------

## radulucian

there is a typo there. if you use the setuidgid solution then you should change the qmail-scanner-queue-pl to qmail-scanner-queue.pl. the difference is the .pl instead of -pl at the end.

however,   i am using the qmail-scanner-queue wrapper (in both tcp.smtp and the conf file) and it works ok.

----------

## sucarino

people!

after several headaches and a few tricks you correctly explain here I finally have a well robusted mail server  :Smile: 

i'm just now a little afraid of next updates, i read your former posts....   :Rolling Eyes: 

but i still need your help... i have a minor problem here. Everytime a tried to smtp-auth from an external network, the mail client delay exactly 5 seconds to auth and then the message is accepted and sended. This is what i have in my mail.log files everytime i tried: 

Sep 18 18:11:24 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171

Sep 18 18:11:29 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171

Sep 18 18:11:48 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171

Sep 18 18:11:53 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171

other thing, smtp-auth accept my e-mails using TLS or not. so is letting me authenticate even when the session is not encrypted. 

Is that correct? Any ideas?

thanx

Frodo

----------

## nianderson

 *radulucian wrote:*   

> there is a typo there. if you use the setuidgid solution then you should change the qmail-scanner-queue-pl to qmail-scanner-queue.pl. the difference is the .pl instead of -pl at the end.
> 
> however,   i am using the qmail-scanner-queue wrapper (in both tcp.smtp and the conf file) and it works ok.

 

which conf file?

and to clarify for anyone else if you use the wrapper script qmail-scanner-queue then you need to do the following

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z 

and in the cron file add 

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z

and does anyone know if 

```

QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r sbl-xbl.spamhaus.org"

```

turns on checking from spamhaus? or how would i be able to tell?

if im wrong someone please correct me.

what happens when you run the test_install.sh script?

----------

## stripe

My apologies, there is type mistake, of course it is qmail-scanner-queue.pl.

The wrapper works too, but anyway setgiduid within cron job (at least for me) must be used, anyway the file qmail-scanner-queue-version.txt is made with mask 0600 and root:root permissions which causes qmail from the work.

----------

## slaapkop

Hello,

Nice howto, i think i will install it, i currently run postfix with imap-ssl. I post this question in the first version of this howto, but i didn't get an answer.

My question is: Is an ' emerge -C postfix ' eneogh to delete my entire email settings. Every thing works great tho, but currently my email users are system users as wel. That and the fact that i want to learn about different MTA's as wel (got to keep the brain in shape) are the reasons why i want to change my MTA. And i read Qmail is good.

Thanks

p.s Sorry for the bad English.

----------

## nianderson

It just dosnt look like anything is working other than sending and recieving mail. 

currently running 

I use: 

dev-lang/perl-5.8.4-r1

mail-mta/qmail-1.03-r13

mail-filter/qmail-scanner-1.23-r3

mail-filter/spamassassin-2.64

app-antivirus/f-prot-4.3.1

tcp.smtp has

```

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue

```

so im sending and recieving all mail fine it appears. can anyone help further?

side note http://www.testvirus.org every single test virus came through so something isnt happening  :Smile: 

----------

## nianderson

UPDATE on it not detecting spamassassin.

the following is ripped from another thread im putting it here to save on the jumping around

 *Quote:*   

> 
> 
> I had the same issue - finally found a forum thread that mentioned it. 
> 
>  Change your spamd configuration file (mine is /etc/conf.d/spamd) to use the --siteconfigpath option instead of the -C option 
> ...

 

So now qmail-scanner detects spamassassin. 

Now i need to get qmail-scanner scanning my stinkin emails!  :Smile: 

----------

## nianderson

GOT IT hope this helps some other blind soul.

make sure you comment out :allow line in tcp.smtp like it says  :Smile: 

----------

## nianderson

never mind .... now no mail seems to be getting delivered. heh at least i blocked the virii  :Smile: 

----------

## BlackCat73

This thread helped me tremendously during the installation of my e-mail server, now it can send/receive mails. And SMTP AUTH works too.   :Smile: 

I managed to install qmailadmin and squirrelmail as well but when I tried to login via squirrelmail page with the full e-mail address admin@somehost.org I get an error message 

```

ERROR:

ERROR : Connection dropped by imap-server

```

and it just stops there.

I'm using the correct username, correct password because I can send and recieve e-mail using this account via outlook.

Any ideas why it doesn't work? Couple of things from the HOWTO that I have not done, 1.) the SSL cert creation and vpopmail plugin for squirrelmail. The reason why I haven't done that is because the HOWTO says that using vpopmail account to run apache2 is a potential security risk.

Do I need those elements to allow my virtual domain users to check their e-mail via squirrel?

Help is very much appreciated.

Thank you.

----------

## nianderson

I got the same exact error but it had to do with vpopmail.conf file i forgot to put the password for the database in there. you may want to check your squirrelmail config and make sure its set to localhost.

oh your other question. no you dont need vpopmail plugin. basically it will allow you to have mail.domain1.com and mail.domain2.com and webmail.domain3.com ect ...

and your users can goto whatever domain and just enter thier username instead of full email.

so jim@domain1.com could goto the url mail.domain1.com or domain1.com/mail ect ... you get the picture and then just enter jim for username ... note that only works with squirrelmail. for all other mail clients you need to specify the entire email for the username. sometimes its best not to confuse users. .... one other cool thing that plugin allows you to do is have different graphics appear instead of the squirrel for each domain depending on what domain they visit. 

you can see an example here mail.actionphotousa.com vs mail.jordanphotography.com

 :Smile: 

anyone have any clues why now none of my mail is getting delivered?

----------

## BlackCat73

Hi nianderson,

Thank you very much for the very fast response. Sadly, changing the servername to localhost didn't solve my problem. What log files can I open to find out what's going on and where is the file located?

I saw the webite you posted, and I must day, damn! That looks very very nice. Now I'm tempted to install the plug-in   :Razz:   hehehehe

What kind of security risk am I going to face by installing this plug-in? Is it severe? Can something be done to overcome or minimise it?

Thanks.

----------

## nianderson

just makin sure ... you can use imap to check mail with other mail clients right? like kmail and the like. 

logs? 

you chould check apache log i suppose maybe imap log if its seperate .... but i seem to remember i saw stuff in the current file ... i use metalog though

----------

## slaapkop

Hello,

maybe a bit stupid but I 'm asking the same question for the 3th time now.

I currently run Postfix as MTA. I followed the instructions here: 

https://forums.gentoo.org/viewtopic.php?t=56633&highlight=howto+postfix

It works well, but I want to learn about other MTA's as well. and I hear alot of good things about Qmail. And I 'm f****** bored I broke a leg 2 weeks ago, so i want to play around with my server, plenty of time now.

Is it eneogh to just do an 'emerge -C postfix' to delete my current MTA properties?(thigs like imap squirrelmail settings and stuff.....) I don't want to install my installation al over again if i mess up. This can't be a to hard question and if it is a stupid one, sorry... Bit if some can give me one I can get to work..

Thanks.

----------

## BlackCat73

Hi nianderson,

Actually I have never tested the IMAP server from a normal client. So after I read your post, I went to test it and true enough, I failed to connect.

The error message from outlook is

```

Task 'Synchronizing Hierarchy...' reported error (0x800CCC0E) : 'Outlook is unable to download folder (null) from the IMAP e-mail server for account somehost.org (IMAP). Error: Unable to connect to the server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).'

```

At least I found my starting point, do you have tips and trick regarding courier-imap? There aren't much discussion about the IMAP server in this thread.

Thanks again.

----------

## stripe

this message I got from Outlook 2003 "only" one beautiful day in my office, and after charming morning "one and only" help was to delete that IMAP account from Outlook and setting it again.....

don´t know if it helps again in that case.

----------

## nianderson

BlackCat73 check and make sure you have authvchkpw spelled right.  :Smile:  also check your vpopmail.conf and make sure you havea working pasword in there and that your using the correct format

----------

## tagore

thx for the grat how to, work fine for me.

Cheers.

----------

## nianderson

I got it workin now for real this time  :Smile: 

[EDIT]

well i had it  :Razz: 

mysterously stopped workin sometime last night. so im thinkin maybe a permissions thing?

dont know. anyone have any ideas?

[/EDIT]

couple questions again:

what happens when there is a virus though? no notification? can i turn some sort of notification on? if so how?

----------

## BlackCat73

Wohoooo   :Very Happy:   it finally works! I was checking /var/mail/log/current

and saw this entry in the log file

```

Sep 21 20:54:58 [imapd] /usr/lib/courier-imap/authlib/authvcheckpw: No such file or directory

```

Then I start checking couple of files, the one responsible for the error above was an entry in the file /etc/courier-imap/imapd I had an entry that read 

```

AUTHMODULES="authvcheckpw"

```

which is obviously wrong, so I had that corrected to 

```

AUTHMODULES="authvchkpw"

```

 and everything fell into place and squirrel works beautifully but outlook still refuses to receive/send mail from IMAP server (I'll debug that later) but at least the webmail was working  :Smile:  hehehe

Thanks again nianderson

----------

## nianderson

hehe no problem i has similar error ... i had authvckpw missing the h took me like 45 minutes to find it super pita

----------

## f1n4rf1n

 *Quote:*   

> but i still need your help... i have a minor problem here. Everytime a tried to smtp-auth from an external network, the mail client delay exactly 5 seconds to auth and then the message is accepted and sended. This is what i have in my mail.log files everytime i tried:
> 
> Sep 18 18:11:24 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171
> 
> Sep 18 18:11:29 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171
> ...

 

Same here...

```

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

```

any ideas?

----------

## petterg

 *f1n4rf1n wrote:*   

>  *Quote:*   Sep 18 18:11:24 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171
> 
> Sep 18 18:11:29 mail vpopmail[2481]: vchkpw-smtp: (PLAIN) login success fredo@hold***.com:***.**.61.171
> 
> Sep 18 18:11:48 mail vpopmail[2479]: vchkpw-smtp: password fail fredo@hold***.com:***.**.61.171
> ...

 

I also have a delay when sending mail from an external IP. Seems like the delay is not caused by the failing vchkpw-smtp, but by spamassassin. Qmail-scanner is checking checking all mail from external ip's, nomatter if they are sent with smtp-auth or not.

----------

## 1admfle

Hi!!

Seems that like many people over there, i'm having headache with SMTP-AUTH. 

I'm using qmail-1.03-r13 with vpopmail-5.4.6-r1 but no spam / virus handling.

My email client is outlook / oulook express

My network is as follows :

A : lan side

B : dmz where my mail server is

C : Internet (public ip translated to B network tcp/smtp)

192.168.A.0 ||     192.168.B.0   ||     Internet

SMTP-AUTH is working when sending mail from A network. (I can see a vchkpw-smtp into vpopmail logs). (PLAIN AUTH)

SMTP-AUTH fails when connecting from Internet (nothing into vpopmail logs)... and sent mail gives me the famous unable to relay (not in rcpthosts)

I don't understand why it works from A and not from Internet... 

For tcp.smtp stuffs (in /etc) I just have a single line in tcp.smtpd :

:allow

I'm working on this for 6 hours, without finding anything...

Last, I have a lot of"aborted connection errors" messages in mysqld.err. But it seems it's vchkpw not closing properly the connection... a small issue I guess

Any idea ?

Thanks !!!!!

----------

## nianderson

OK looks like my nightly crons or something jacks up permissions. 

cause i cant get mail this morning until i do 

```

chown qscand:qscand /var/spool/qmailscan/qmail-scanner-queue-version.txt

```

now im not sure that thats the correct ownership i just know it works. anyone know whats wrong and why every morning i cant recieve mail because of qmailscanner?

THANKS

----------

## stripe

you didn´t pay atention, scroll back to 12th list and read my post...

 *nianderson wrote:*   

> OK looks like my nightly crons or something jacks up permissions. 
> 
> cause i cant get mail this morning until i do 
> 
> ```
> ...

 

----------

## nianderson

 *stripe wrote:*   

> you didn´t pay atention, scroll back to 12th list and read my post...
> 
> 

 

I did pay attention  :Smile:  i am just either stupid or it dosnt seem to be working for me

```

root@bigdaddy etc # chown qmaild:nofiles -R /var/spool/qmailscan

root@bigdaddy etc # setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -g

perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt

X-Qmail-Scanner-1.23st:[] cannot open for write /var/spool/qmailscan/quarantine-attachments.db.tmp - Permission denied

root@bigdaddy etc # setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z

cannot write to /var/spool/qmailscan/qmail-scanner-queue-version.txt.tmp - Permission denied at /var/qmail/bin/qmail-scanner-queue.pl line 1981.

```

----------

## stripe

you must chown whole directory /var/spool/qmailscan to qmaild:nofiles recursively coz ebuild changes it without noticing you about that...

----------

## nianderson

Isnt that what happens when i do 

```

chown qmaild:nofiles -R /var/spool/qmailscan

```

----------

## stripe

 *nianderson wrote:*   

> Isnt that what happens when i do 
> 
> ```
> 
> chown qmaild:nofiles -R /var/spool/qmailscan
> ...

 

yeap that is exactly how to change needful permissions to make it work.....

----------

## nianderson

Thats what I did. see copy paste from my terminal window

i changed the ownership then tried to generate the DB file ect ... not workin

```

root@bigdaddy etc # chown qmaild:nofiles -R /var/spool/qmailscan 

root@bigdaddy etc # setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -g 

 perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt 

 X-Qmail-Scanner-1.23st:[] cannot open for write /var/spool/qmailscan/quarantine-attachments.db.tmp - Permission denied 

root@bigdaddy etc # setuidgid qmaild /var/qmail/bin/qmail-scanner-queue -z 

 cannot write to /var/spool/qmailscan/qmail-scanner-queue-version.txt.tmp - Permission denied at /var/qmail/bin/qmail-scanner-queue.pl line 1981. 

```

----------

## stripe

what UID+GID and mask do you have on /var/qmail/bin/qmail-scanner?

----------

## nianderson

-rwsr-xr-x  1 qscand qscand 3236 Sep 21 10:25 /var/qmail/bin/qmail-scanner-queue

----------

## stripe

well change the qmail-scanner-queue to qmaild:root and try it again....

----------

## nianderson

now your commands work .... should it be qmaild:root or qmaild:nofiles?

----------

## stripe

rather set the same permissions as the rest of qmail binaries. permisions of /var/spool/qmailscan I have set as they were firsttime I have installed first qmailscanner on my box, don´t remember which version it was one year ago....

----------

## nianderson

Humm ok thanks. Ill have to do another server load and see if i can keep better track of everything that needs done so i dont have this issue persisting. Thanks for your help.

----------

## nianderson

so spamassassin 3 is out now. 

time to upgrade soon

----------

## nianderson

what about bayesian filtering? anyone using it with this setup? what should i do

----------

## mobiusproject

nianderson,

/var/qmail/qmail-queue-scanner and qmail-queue-scanner.pl should both be owned by qscand:qscand.  I have qmail installed on a couple of servers as just installed it on a new server.  All of these servers have the same permissions and I never personally changed them, thus thats how the ebuilds set them.  I do believe that /var/spool/qmailscanner folder just recently changed to qscand:qscand from qmaild:nofiles, so depending on the versions of the programs you have installed it could go either way, but I am assuming you are using the latest ebuilds (qmail-1.03-r15, qmail-scanner-1.23-r3, vpopmail-5.4.6-r1).  As stripe said, he installed a version from a year ago.  Things have changed since then.  The latest ebuilds for qmail-scanner does an explicit chown -R /var/spool/qmailscanner/*  and it works perfectly for me because qmail-queue-scanner and .pl are both qscand:qscand as well.  The is also a sticky set on /var/qmail/qmail-queue-scanner.pl so if you just run /var/qmail/qmail-queue-scanner.pl -{g|z} as root it will keep the permissions of the files it creates corrent (owned by qscand, not root, thus readable by qscand).

I would be happy to help you further unless you want to stick with what you have if it already works.

----------

## petterg

 *mobiusproject wrote:*   

> nianderson,
> 
> /var/qmail/qmail-queue-scanner and qmail-queue-scanner.pl should both be owned by qscand:qscand.  I have qmail installed on a couple of servers as just installed it on a new server.  All of these servers have the same permissions and I never personally changed them, thus thats how the ebuilds set them.  I do believe that /var/spool/qmailscanner folder just recently changed to qscand:qscand from qmaild:nofiles, so depending on the versions of the programs you have installed it could go either way, but I am assuming you are using the latest ebuilds (qmail-1.03-r15, qmail-scanner-1.23-r3, vpopmail-5.4.6-r1).  As stripe said, he installed a version from a year ago.  Things have changed since then.  The latest ebuilds for qmail-scanner does an explicit chown -R /var/spool/qmailscanner/*  and it works perfectly for me because qmail-queue-scanner and .pl are both qscand:qscand as well.  The is also a sticky set on /var/qmail/qmail-queue-scanner.pl so if you just run /var/qmail/qmail-queue-scanner.pl -{g|z} as root it will keep the permissions of the files it creates corrent (owned by qscand, not root, thus readable by qscand).
> 
> I would be happy to help you further unless you want to stick with what you have if it already works.

 

I'm running the packages you're mentioning - at least trying to.

I also run spamassassin 2.64 and clamav 0.75.

The problems are:

1) Qmail-scanner / Clamd returns:

```
X-Qmail-Scanner-1.23st:[some numbers] clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2

qmail-inject: fatal: qq temporary problem (#4.3.0)
```

2) The workaround for #1 that apared best to me was to run clamd as qscand user and chown qscand:qscand all clamav files. However random mails containing virus comes trough undetekted!

3) If a incomming mail have a "X-Spam-Status: No" header before it arrives, Qmail-scanner does not check it!

Downgrading to QmS 1.16-r2 made everything work well. Can anyone with a working QmS 1.23 and clamav instalation please post how they made it work?

Because of these problems I'm surpriced that 1.23-r3 got unmasked resently. In particilar problem #3. Could someone else try this out?

----------

## mobiusproject

 *petterg wrote:*   

> I'm running the packages you're mentioning - at least trying to.
> 
> I also run spamassassin 2.64 and clamav 0.75.

 I am running spamassassin 2.64 and f-prot 4.4.2.  I tried getting clamav working but failed.  f-prot worked right away. *petterg wrote:*   

> The problems are:
> 
> ...
> 
> 3) If a incomming mail have a "X-Spam-Status: No" header before it arrives, Qmail-scanner does not check it!
> ...

 

I never noticed that...  I will have to send myself an e-mail with that header already in it and check out the logs to see what QmS does.  And if that is a problem, I agree that they unmasked QmS 1.23-r3 so quickly.

I would suggest just unmerging clamav and emerging f-prot.  It was very easy to set up.

----------

## petterg

 *mobiusproject wrote:*   

> I never noticed that... I will have to send myself an e-mail with that header already in it and check out the logs to see what QmS does.

 

I realized that problem when I forwarded a mail account on one server to the other. The first one (which I'm not in control of) requires a spamlevel of 10 to mark mail as spam, the second (my server) requires spamlevel of 3.

I'm not sure which of the spam headers that makes QmS skip the check, but I'm quite sure it's one of them.

 *mobiusproject wrote:*   

> I would suggest just unmerging clamav and emerging f-prot.  It was very easy to set up.

 

I though about that too, but then I would need to buy a licence... I used f-prot until I realized it was not open source.

----------

## flow666

Hi,

I've installed my Server as described in the Howto but qmailadmin doesn't works. I cannot login in the Webinterface. The Apache-Log doesn't tell anything.

I've checked the content of the MySQL DB, there is an entry for the Postmaster of my domain with a password. But Qmailadmin tells me "Invalid Login"

Any Ideas?

Thanks,

flow

----------

## petterg

 *flow666 wrote:*   

> but qmailadmin doesn't works. I cannot login in the Webinterface.

 

Are you able to create users using the vadduser in /var/vpopmail/bin ?

----------

## flow666

Yep, that works, I can even send and receive Mails after doing that. But the login in qmailadmin doesn't :/

I've had an error before, that the user which runs apache doesn't had access to the vpopmail.conf file but I fixed that and gave him access. But that helped not either.

flow

----------

## flow666

Okay, Problem fixed now, but I don't understand why. I cleared the Postmaster Password in the Database and then I logged in with a blank Password. In the qmailadmin Frontend i changed the Password to my old Password and now it works... I don't understand it but...  :Smile: 

----------

## petterg

 *flow666 wrote:*   

> Okay, Problem fixed now, but I don't understand why. I cleared the Postmaster Password in the Database and then I logged in with a blank Password. In the qmailadmin Frontend i changed the Password to my old Password and now it works... I don't understand it but... :)

 

Sounds like you had a typo in the postmaster password

 *flow666 wrote:*   

> I've had an error before, that the user which runs apache doesn't had access to the vpopmail.conf file but I fixed that and gave him access. But that helped not either.

 

Only vpopmail should have access to the vpopmail.conf. After all your db password is stored there in clear text. You don't want that published on the web! (Whoever have access to store a website on your server will also be able to read all files that apache has access to.)

----------

## BlackB1rd

Can someone help me out with this one? I get the following message in qmail-queue.log once an hour or so:

```

Tue, 28 Sep 2004 07:24:37 CEST:23691: error_condition: X-Qmail-Scanner-1.23st: d_m: output spotted from /usr/bin/ripmime  --unique_names -i - -d /var/spool/qmailscan/tmp/server2109634907066023691/ (mime.c:2230:MIME_generate_multiple_hardlink_filenames:WARNING: While trying to create '/var/spool/qmailscan/tmp/server2109634907066023691/Muppet Show/Freggels.doc' link to '/var/spool/qmailscan/tmp/server2109634907066023691/Freggels.doc' (No such file or directory)

) - that shouldn't happen!

```

As you can see, that shouldn't happen  :Wink:  But what could be the cause of this?

----------

## flow666

Hi,

I have qmailadmin working now, but here's the next Problem: I can't send mail to external Servers. Internal Messaging works fine, Receiving Messages also, but everytime I send a mail to e.g. gmx, I get the following reply from the Server:

```
Die Nachricht konnte nicht gesendet werden, da einer der Empfänger vom Server nicht akzeptiert wurde. Die nicht akzeptierte E-Mail-Adresse ist "florianflachmeier@gmx.de". Betreff 'test', Konto: 'test2.gfs.diepholz.de', Server: 'test2.gfs.diepholz.de', Protokoll: SMTP, [color=red]Serverantwort: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)'[/color], Port: 25, Secure (SSL): Nein, Serverfehler: 553, Fehlernummer: 0x800CCC79 
```

The interesting Part is marked red. I fear, that the server isn't able to send to any external host. I have searched google and the forum already, but all whats described as solution isn't helping me.

I have looked into my /etc/tcp.smtp, there's this:

```

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

:allow

62.157.195.196:allow,RELAYCLIENT="",RBLSMTPD=""

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

And in my /var/qmail/conf/qmail-smtpd is the following:

```

QMAIL_SMTP_POST="test2.gfs.diepholz.de /var/vpopmail/bin/vchkpw /bin/true"

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

```

Does anybody has an idea?

Thanks, 

flow

----------

## flow666

okay, problem solved now... If you're using smtp-auth you should make sure, that you enable smtp-auth in your client... :/

Thanks, 

flow

----------

## karoto

I can't make my vpopmail + qmail work  :Sad:  the mail it stores at .maildir/new ( i can see the files) but if i use the kmail to receive the mail , then NO NEW mail is received  :Sad:  i don't know where to search for my problem  :Sad:  is there some issue with the .maildir ??? i have upgrade all the patches . qmail + maildir + courier .. but i can't find theproblem !  :Sad: ((

----------

## petterg

 *karoto wrote:*   

> I can't make my vpopmail + qmail work :( the mail it stores at .maildir/new ( i can see the files) but if i use the kmail to receive the mail , then NO NEW mail is received :( i don't know where to search for my problem :( is there some issue with the .maildir ??? i have upgrade all the patches . qmail + maildir + courier .. but i can't find theproblem ! :(((

 

Sounds like courier don't find the mail. Check log for errors.

Take a look in squirrel mail. It tends to be better to post errors than most mail clients.

----------

## karoto

 *petterg wrote:*   

>  *karoto wrote:*   I can't make my vpopmail + qmail work  the mail it stores at .maildir/new ( i can see the files) but if i use the kmail to receive the mail , then NO NEW mail is received  i don't know where to search for my problem  is there some issue with the .maildir ??? i have upgrade all the patches . qmail + maildir + courier .. but i can't find theproblem ! (( 
> 
> Sounds like courier don't find the mail. Check log for errors.
> 
> Take a look in squirrel mail. It tends to be better to post errors than most mail clients.

 

And if i am not use squirelmail and i use horde? 

well how should i look for logs?? under /var/log/qmail/supervice?? can you tell me exaclty the file ? couse no file shows me anything..

thanx for the fast reply

----------

## karoto

..i have start the postfix installation , is much easier , and for virtual domains , i have install the vmail package.. is pretty faster , and flexible (and yes it play)

----------

## tagore

blubbi:

Your howto is offline?

Cheers.

----------

## cron0

I did the HOWTO exactly as said.

Everything seems to work but:

If I try to login via telnet or with a pop3 client, I have to enter USERNAME@DOMAIN as my username..

Am I not supposed to be able to login using ONLY the USERNAME ?

Thanks

----------

## cron0

Ok I've figured I need to use the defaultdomain file.

What I'm unable to understand is why I can't connect to SMTP port 25 using telnet and IMAP port 143 using a mail client.....

The ports are open and LISTENING:

```

tcp     0    0.0.0.0:143     0.0.0.0:*    LISTEN

tcp     0    0.0.0.0:25     0.0.0.0:*    LISTEN

```

Any clues why?

----------

## Gandalf the White

Are you connecting locally or over the internet? If you are connecting over the net then it is possible your isp blocks those ports?

----------

## astano

I read almost everything in this forum, and find a reference for my problem, but it didn't get answered....  :Sad: 

I'm using qmail-scanner 1.23rc3 and the perlscanner module seens not to be working. When I do the test_installation from the qmail-scanner 1.16, 3 messages get passed just fine (one being tagged as a virus by the clamav, one as spam by the spamassassin e another "normal" e-mail). The problem is the second e-mail (the one who should be caught by the perlscanner module): it isn't caught.

It's not a permission problem, cause I can recrate the perlscanner DB and get no erros in the logs...

Anyone can help me?

Thanks

----------

## eltech

should qmail-scaner be scanning like this only

```

Thu, 04 Nov 2004 14:53:50 EST:6257: +++ starting debugging for process 6257 by uid=201

Thu, 04 Nov 2004 14:53:50 EST:6257: w_c: elapsed time from start 0.002877 secs

Thu, 04 Nov 2004 14:53:50 EST:6257: return-path='gentoo-user-return-90563-gentoolist=pcnetsources.com@lists.gentoo.org', recips='gentoolist@pcnetsources.com'

Thu, 04 Nov 2004 14:53:50 EST:6257: from='Ajai Khattri <ajai@bway.net>', subj='Re: [gentoo-user] Configuring Kudzu', via SMTP from 156.56.111.196

Thu, 04 Nov 2004 14:53:51 EST:6257: clamdscan: finished scan in 0.667695 secs

Thu, 04 Nov 2004 14:53:52 EST:6257: SA: finished scan in 1.122849 secs - hits=0.0

Thu, 04 Nov 2004 14:53:52 EST:6257: p_s: finished scan in 0.019003 secs

Thu, 04 Nov 2004 14:53:52 EST:6257: ini_sc: finished scan of "/var/spool/qmailscan/tmp/pcns.pcnetsources.com10995980306606257"...

Thu, 04 Nov 2004 14:53:52 EST:6257: ------ Process 6257 finished. Total of 1.923153 secs

```

I recall seeing a whole mess of info when qmail-scanner scanned before... 

in viewing the logs i see SA & clamd are working, but what about qmail-scanner .. is it scanning short of the job?

BTW this thread has helped a whole lot .. thanks to everyone..

----------

## eltech

 *stripe wrote:*   

> 
> 
> ```
> 
> Get rid of 
> ...

 

Also i would like to confirm that my settings are correct..

my /var/qmail/control/conf-common looks like so:

```

# We don't have anything to set QMAILQUEUE to at the moment, so we leave it alone

export QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"
```

My tcp.smtp looks like so

```
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

The permissions on /var/spool/qmailscan is as follows:

```

drwxr-xr-x   6 qmaild qmail 496 Nov  4 14:07 qmailscan
```

the inside of /var/spool/qmailscan have permissions as below:

```

root@pcns qmailscan # ls -al

total 926672

drwxr-xr-x  6 qmaild qmail         496 Nov  4 14:07 .

drwxr-xr-x  6 root   root          176 Nov  4 12:41 ..

-rw-r--r--  1 root   root            0 Nov  4 13:25 .keep

drwxr-xr-x  5 qmaild qscand        120 Dec  2  2003 archive

-rw-------  1 qmaild nofiles     23712 Nov  4 15:49 mailstats.csv

-rw-------  1 qmaild qscand  948845759 Nov  4 15:49 qmail-queue.log

-rw-------  1 qmaild nofiles        57 Nov  4 14:07 qmail-scanner-queue-version.txt

drwxr-xr-x  5 qmaild qscand        120 Dec  2  2003 quarantine

-rw-r-----  1 qmaild nofiles     12288 Nov  4 14:05 quarantine-attachments.db

-rw-r--r--  1 qmaild qscand       7414 Nov  4 13:25 quarantine-attachments.txt

-rw-r--r--  1 qmaild qscand       7414 Nov  4 12:39 quarantine-attachments.txt.bak

-rw-r--r--  1 qmaild qscand        337 Nov  4 15:11 quarantine.log

drwxr-xr-x  2 qmaild qscand         72 Nov  4 15:49 tmp

lrwxrwxrwx  1 qmaild qscand         14 Nov  4 13:25 viruses.log -> quarantine.log

drwxr-xr-x  5 qmaild qscand        120 Dec  2  2003 working

```

My /etc/cron.daily/qmailscan looks like so:

```
cat qmail-scanner

#!/bin/bash

#/var/qmail/bin/qmail-scanner-queue -z

setuidgid qmaild /var/qmail/bin/qmail-scanner-queue-pl -z
```

I think thats it, i have been readign for a while .. and applying these fixes from the pieced together and linked threads i find .. Its all working now.. and i see SA scoring mail, so SA is working .. 

Aside form the single question above.. do my files look correct?

I forgot to add my /etc/conf.d/spamd file:

```
cat /etc/conf.d/spamd

# Config file for /etc/init.d/spamd

# Some options:

#

# -a for auto-white-list

# -c to create a per user configuration file

# -L if you want to suppress DNS lookup 

# -u USER to run as a user other than root

#

# for more help look in man spamd

SPAMD_OPTS="-a -c --siteconfigpath=/etc/mail/spamassassin/local.cf"
```

----------

## eltech

Few more questions..

i keep seeing this in the log.

```

Nov  4 18:54:26 pcns spamd[11032]: connection from localhost.localdomain [127.0.0.1] at port 33066

Nov  4 18:54:26 pcns spamd[5051]: handle_user: unable to find user 'intel@domain.org'!

Nov  4 18:54:26 pcns spamd[5051]: Still running as root: user not specified with -u, not found, or set to root.  Fall back to nobody.

Nov  4 18:54:26 pcns spamd[5051]: checking message <cmeh88+djom@eGroups.com> for intel@domain.org:65534.
```

Why doesnt it find the user? the user exists and the mail is delivered ..

and about the "-u" option, when i fill that in the /etc/conf.d/spamd with

```
SPAMD_OPTS="-a -u spamd -c --siteconfigpath=/etc/mail/spamassassin/local.cf"
```

and try to restart it i get

```
/etc/init.d/spamd restart

  [ ok ]ing spamd...

 * Starting spamd...

Can't determine home directory for user 'spamd'!

  [ !! ]d to start spamd

```

so what shall i do with both issues..?

----------

## petterg

 *eltech wrote:*   

> 
> 
> ```
> SPAMD_OPTS="-a -u spamd -c --siteconfigpath=/etc/mail/spamassassin/local.cf"
> ```
> ...

 

Does spamd start when you restart the pc?

I think I'd unemerge spamassassin, delete all files related to it, then emerge it again

----------

## gabio

I can't get smtp to work.

I installed

qmail

mysql

vpopmail

courier-imap without ssl auth.

and did all the config as said in the howto in this tread and in the howto here:http://www.gentoo.org/doc/en/qmail-howto.xml

With a mozilla client, on an other pc of the network i try to get mail by pop, no problem

I try to send mail by smtp , set to tls in the client, and it keep asking me for a password. if i don't enter anything it give me the error messgage: connexion failed or refused.

----------

## gabio

Corrected, stupid me, the option "user name:" was on. now it send mail witout any complain.

if you have problem testing with an external client. check you acount info more than once:

-must have good server name.

-must have good authentification mode

-good port

-good username( hint, qmail expect name@domain.com)

-good server adresse.

----------

## eltech

 *petterg wrote:*   

>  *eltech wrote:*   
> 
> ```
> SPAMD_OPTS="-a -u spamd -c --siteconfigpath=/etc/mail/spamassassin/local.cf"
> ```
> ...

 I think its funny no one replied to confirm my settings ..

anyway, i think because i dont specify a user in the /etc/conf.d/spamd file it just runs as root. Im not sure am just guessing... spamd is running fine, identifying spam, etc. but that line still tickles my curiosity.

----------

## spdmnd

I followed the qmail/vpopmail-howto on gentoo's main page and encountered some difficulties. My mail isn't delivered to /var/vpopmail/domains/myDomain/user/.mail but to ~/.mail. However I can login in fine in Horde and Evolution (IMAP+SSL) to send mail over SMTP.

Another thing that fails, is the printf command from step 3.3 of the how-to. It doesn't return anything, although permissions seem to be set correct.

 *Quote:*   

> Code Listing 3.3: Adding a domain
> 
> [...]
> 
> # vadddomain wh0rd.org postpass
> ...

 

Hope someone can help.

----------

## Strowi

hi,

great howto, after some bugging around i finally got it completely working (btw some of the spam-related package-names seem to outdated/renamed, like dcc, Mail-Spamassassin).

Since I'm having trouble getting horde-imp working, i decided to stay with squirrelmail. 

But there is one problem no one could tell me, so i'll try it here:

qmail is running on our home-server with dynamic IP. So i registered a dyndns.org-account which gets automatically updated. Now i can even send mail to the outside world. :Wink: 

Every account fetches severel external POP-Accounts (gmx..).

Now the PROBLEM is, how can i get the FROM-field to be like strowi@gmx.de instead of strowi@yggdrasill.dyndns.org, which is the dynip for that server...

The best way would be if i could dynamically change the FROM field..

Thx in advance!

----------

## shadowteller

Okies I took 3 weeks going through this tutorial and the one located here   http://www.gentoo.org/doc/en/qmail-howto.xml and going through this tutorial...I got all the way done and it just bombs on me...qmailadmin at least shows the login screen.  I have no clue what my user account settings are (username, domainname, password) seriously I tried every combination...I think I hosed a setup somewhere.

Next when I try to run squirrelmail by going to its url all I get is wonderful php code...the code to forward to the /src/login.php page.

I am setting up this server as a small project cause I thought it would be a good idea and it has given me nothing but headaches.  Can anyone please help.  

IM session and ssh has helped in the past when I was old school redhat.

Maybe it will again.

thanx

----------

## Strowi

hi,

since i am just in the process of buiding our own small mail-server, mybe i can help you a little..

At first it seems you have done sth wrong with your apache/php-setup (maybe you forgot to restart?). Wihtout more info (a look at the config-files) it's hard to say more about that, just follow an apache/php tutorial (there are others in these forums) to the dot.

As for the squirrelmail-login-data..

Remember when you did "vadddomain.." and vadduser x@domain pass" ? That is your login, you have to enter it including domain (since it is possible to create another x@domain2).

I myself haven't really finished yet, and have some trouble figuring out where to put my fqdn-domain, and where to put my local-domain, but if you need any more help, i will be glad if i can help.

----------

## shadowteller

 *Strowi wrote:*   

> hi,
> 
> since i am just in the process of buiding our own small mail-server, mybe i can help you a little..

 

Hope you don't get heartburn from it like I am.

 *Quote:*   

> As for the squirrelmail-login-data..
> 
> Remember when you did "vadddomain.." and vadduser x@domain pass" ? That is your login, you have to enter it including domain (since it is possible to create another x@domain2).

 

Thats the one I am using....arggghhhhhhhhh   :Mad: 

 *Quote:*   

> I myself haven't really finished yet, and have some trouble figuring out where to put my fqdn-domain, and where to put my local-domain, but if you need any more help, i will be glad if i can help.

 

I think that is where I am screwing things up as well and where it says in the vearious conf files...localhost I am not sure if you should change those lines to your own fqdn or not.  None of the tutorials on here explain that.

----------

## shadowteller

More errors...I unmerged vpopmail, courier-imap, horde-imp and squirrelmail.  Did not unmerge Qmail since it is working I can send myself email all day....

So I remerged vpopmail changed the conf to 

 *Quote:*   

> # Read-only DB
> 
> localhost|0|vpopmail|mypassword|vpopmail
> 
> # Write DB
> ...

 

I then started up mysql...

then did this...

 *Quote:*   

> Leto ~ # mysql -p << EOF
> 
> > drop database vpopmail;
> 
> > create database vpopmail;
> ...

 

If this sh!@ keeps up I am just going to dump the box reinstall windows, sell my domain name if I can, and reinstall everquest.

I am serious I have spent so many hours scouring these forums...and Google and the gentoo-wiki site that my wife is threatening to divorce me.  I work a fultime job and a seocnd part-time job.  And my little project is going to get me divorced.  Its also keeping me from sleeping.

Someone PLEASE help!!!!

----------

## eltech

There is no need to use mysql to use vpopmail..

I host many domains and have many mail accounts accross these domains .. i run vpopmail, squirrelmail, and much more .. no need to run mysql for vpopmail. I run mysql for other applications but  not vpopmail. I actually dont even see the benefit; anyone mind displaying them? i have not seen any performance issues with my vpopmail setup. I have other issues but none are exclusively with vpopmail.

----------

## radulucian

yes, here's the first benefit that comes to mind: i run several websites that have webmail and it's VERY easy for me to alter everything in the mysql tables (the mail users details) from the website scripts (php) without having to use any shell commands

good enough ? so you can also use mysql and make your life easier if you host some freemail service for example, and you want to register your users from the web interface directly. it's waaay easier and more elegant.

if you don't have any particular use for the msyql db feature, it may be better to not use mysql, as mysql becomes a single point of failure, and if mysql goes down for other reasons, your mail is down completely as well.

----------

## eltech

Well put and also the reason why i dont use mysql for vpopmail, eventhough i do run mysql for my blog.

----------

## Smilez:)

Why do I go about adding a domain to be blocked by qmail or spamassassin after I have everything working? ie I don't want mail from dealzcity.net getting through.

----------

## petterg

 *Smilez:) wrote:*   

> Why do I go about adding a domain to be blocked by qmail or spamassassin after I have everything working? ie I don't want mail from dealzcity.net getting through.

 

Look for "blacklisting" in spamassassin maual

----------

## ill_brain

i become this error:

 *Quote:*   

> 
> 
> @4000000041ae7f541051e11c X-Qmail-Scanner-1.24st:[www110195488868031469] Unable to open pipe to /var/qmail/bin/qmail-queue [16777215] (#4.3.0) - Broken pipe
> 
> @4000000041ae7f54114568dc X-Qmail-Scanner-1.24st:[www110195488868031469] Unable to close pipe to /var/qmail/bin/qmail-queue [255] (#4.3.0) - Illegal seek
> ...

 

what can i do?

----------

## petterg

 *ill_brain wrote:*   

> i become this error:
> 
>  *Quote:*   
> 
> @4000000041ae7f541051e11c X-Qmail-Scanner-1.24st:[www110195488868031469] Unable to open pipe to /var/qmail/bin/qmail-queue [16777215] (#4.3.0) - Broken pipe
> ...

 

That is a know error. There is a fix for it earlier in this thread or in this thread: https://forums.gentoo.org/viewtopic.php?t=111817&highlight=

Look for the string "#4.3.0"

----------

## aamonten

after following the steps, is everything just ready? or should I still configure something else (maybe apache)

regards aamonten

----------

## petterg

this guide assumes you already have apache, php and pearl already set up and running. There are other guides for that.

----------

## blueribbon

I'm using this kind of setup (although only the simple things, no qmail-scanner nor spamassassin, etc...) and everything is going alright, except for the smtp auth.

When a user tries to authenticate itself, the first time vchkpw fails

```
Dec  6 21:50:08 [vpopmail] vchkpw-smtp: password fail
```

but then it succeeds immediatly after

```
Dec  6 21:50:13 [vpopmail] vchkpw-smtp: (PLAIN) login success
```

This is very annoying, besides the fact that this only happens with Thunderbird, with other e-mail clients they give an error message and the connection is terminated. Is there any way to solve this thing?

----------

## petterg

Maybe you need to set the client to use tsl / ssl before sending password. Maybe thunderbird tries without tls first, then when it fails it will retry with tls.

----------

## blueribbon

 *petterg wrote:*   

> Maybe you need to set the client to use tsl / ssl before sending password. Maybe thunderbird tries without tls first, then when it fails it will retry with tls.

 

No, unfortunately, that's not the problem, but thank you for the suggestion.

Didn't it happen with any of you?

----------

## petterg

 *blueribbon wrote:*   

> No, unfortunately, that's not the problem, but thank you for the suggestion.
> 
> 

 

What happens if you telnet to your smtp server and try to run authentication without using tls?

(Someone wrote earlier in this thread how to do the telnet)

----------

## blueribbon

Well, I've restricted the problem. It seems that the issue in on CRAM-MD5 authentication... Is there anything I should know about it?

----------

## petterg

 *blueribbon wrote:*   

> Well, I've restricted the problem. It seems that the issue in on CRAM-MD5 authentication... Is there anything I should know about it?

 

Maybe that you should use vchkpw as the guide tell to?

----------

## blueribbon

I found that the only solution to use CRAM-MD5 authentication is to have clear password stored... well, I've just removed CRAM-MD5 from the available authentication protocols.

----------

## stripe

 *ill_brain wrote:*   

> i become this error:
> 
>  *Quote:*   
> 
> @4000000041ae7f541051e11c X-Qmail-Scanner-1.24st:[www110195488868031469] Unable to open pipe to /var/qmail/bin/qmail-queue [16777215] (#4.3.0) - Broken pipe
> ...

 

please go back and read through my posts. It´s a directory permissions issue. I´ve tuned the method to be as much easier, as can be....

----------

## stripe

and for you all guys who solve the problem with spamassassin recently, if you have upgraded perl, just edit

```

/usr/bin/spamd

/usr/bin/spamassassin

```

find and change the value from "5.8.4" to 5.8.5" and restart the spamd daemon. This issue resolves the spam technics back to work.

----------

## petterg

 *stripe wrote:*   

> and for you all guys who solve the problem with spamassassin recently, if you have upgraded perl, just edit
> 
> ```
> 
> /usr/bin/spamd
> ...

 

I upgraded qmail-scanner to 1.24 (from 1.16) and that fixed my problem after upgrading perl. (But clamd need to run as root to work!)

Is it the reference to /usr/lib/perl5/vendor_perl/5.8.4 you're saying we should change to /usr/lib/perl5/vendor_perl/5.8.5 ?

I don't have any /usr/lib/perl5/vendor_perl/5.8.5, but I do have a /usr/lib/perl5/5.8.5/ is that the one it should point to?

----------

## stripe

 *petterg wrote:*   

> 
> 
> I upgraded qmail-scanner to 1.24 (from 1.16) and that fixed my problem after upgrading perl. (But clamd need to run as root to work!)
> 
> Is it the reference to /usr/lib/perl5/vendor_perl/5.8.4 you're saying we should change to /usr/lib/perl5/vendor_perl/5.8.5 ?
> ...

 

if you reemerged qmail-scanner after perl, it is not necessary to change anything. This I recommended for guys who upgraded perl after qmail-scanner, how it was released in portage, cuz I do not think reemrge whole scanner is required, when you can fix it in a second by hand.

clamav runs of course as an user of your choice. I recommend to use the same user for whole mail system - e.g. qmaild...

----------

## petterg

 *stripe wrote:*   

> if you reemerged qmail-scanner after perl, it is not necessary to change anything. This I recommended for guys who upgraded perl after qmail-scanner, how it was released in portage, cuz I do not think reemrge whole scanner is required, when you can fix it in a second by hand.

 

The changes you mentioned were for spamassassin, right? I did not reemerge spamassassin, only the scanner.

 *stripe wrote:*   

> 
> 
> clamav runs of course as an user of your choice. I recommend to use the same user for whole mail system - e.g. qmaild...

 

See, that's a problem when it comes to qmail-scanner 1.2x ... it runs as qscand with a wrapper. Combined with clamd running as clamav this does make permissions and fileownership tricky. The clamav faq recomende to run clamd as qscand, but that makes this error when mail got attachments:

```
X-Qmail-Scanner-1.24:[some numbers] clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2
```

Running clamd as root works, but I don't like it.

Also - downgrading qmail-scanner to 1.16 after upgrading perl results in smtp sessions timing out.

Aparently I'm the only one with this problem, but I'm making up for it by having the same problem on 3 servers.

----------

## eltech

ok .. upgrades create headaches ..

I have done everythign this thread has going.. but i still get the error below.. any ideas?

```
2004-12-16 13:02:45.032028500 X-Qmail-Scanner-1.24st:[pcns.pcn.com110322016568014737] /var/spool/qmailscan/tmp/pcns.pcn.com110322016568014737 exists - try again later...
```

----------

## eltech

Well i used the fixes below .. 

Anyone see any future problems with this?

2004-12-16 13:29:38.080895500 X-Qmail-Scanner-1.24st:[pcns.pcn.com110322177568027871] clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2

The fix is.

mv /usr/bin/clamdscan /usr/bin/clamdscan.orig

ln -s /usr/bin/clamscan /usr/bin/clamdscan

@40000000418a6b310a1b49b4 tcpserver: ok 24751 :192.168.2.100:25 lists.gentoo.org:156.56.111.196::39106

@40000000418a6b312d0788d4 X-Qmail-Scanner-1.23st:[pcns.mydomain.com109959043966024752] /var/spool/qmailscan/tmp/pcns.mydomain.com109959043966024752 exists - try again later...

the fix is

chown qmaild:nofiles -R /var/spool/qmailscan

----------

## petterg

 *eltech wrote:*   

> 
> 
> 2004-12-16 13:29:38.080895500 X-Qmail-Scanner-1.24st:[pcns.pcn.com110322177568027871] clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2
> 
> 

 

My fix was to comment out the User clamav from clamd.conf. (It is commented by default.) The result is that clamd will run as root.

clamdscan is supposed to be better than clamscan in some way. (I don't know why it's better.) I also tried the clamscan->clamdscan replacement. It seemed to work, but sometimes mails containing virus passed the scanner undetected.

The clamav FAQ tell us to run clamd as qscand - it's been working for some, not for me.

So far running as root seems to be the way to go.

----------

## Lokheed

Added to wiki: http://gentoo-wiki.com/HOWTO_Setup_QMAIL_VPOPMAIL_and_Other_Mail_Servers

----------

## sucarino

i've been following this thread and still have some questions. I have all of this installed in a production server working for more than 6 months without major problems even when i needed to updated/fixed any kind of bugs or incompatibilities. My questions are   :Rolling Eyes: :

1- what user should "spamd" run under? i've seen descriptions of /etc/conf.d/spamd in this thread using spamd, qscand, qmaild and vpopmail user. I'm using vpopmail (SPAMD_OPTS="-v -r -i -m 5 -u vpopmail siteconfigpath=/etc/mail/spamassassin/local.cf") . Is this the recommended user?

2- i've seen in some other forums indications to run a cron.daily with "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z". Is this recommended? What exactly does it initialize?

3- i've recently update my spamassassin from 2.64 to 3.02. Everything is up & running except that i can't restart /etc/init.d/spamd because there is no spamd.pid file. I read that i need to include option "-r" in spamd conf in order to create the pid file (due to new architecture of SA), but the script can't write in /var/run/ folder. Any ideas? How can I restart the service when i need to change someting ie. local.cf ??. I don't want restart computer, of course   :Shocked: 

/etc/init.d/spamd restart

* Stopping spamd...

* Failed to stop spamd

as you may note, sorry for my english   :Embarassed:  ... and thanks to all of you!!!   :Laughing: 

----------

## petterg

 *sucarino wrote:*   

> 
> 
> 1- what user should "spamd" run under? i've seen descriptions of /etc/conf.d/spamd in this thread using spamd, qscand, qmaild and vpopmail user. I'm using vpopmail (SPAMD_OPTS="-v -r -i -m 5 -u vpopmail siteconfigpath=/etc/mail/spamassassin/local.cf") . Is this the recommended user?

 

I'm also running it as vpopmail. Don't think it really matters as long as it works. The correct would probably be to run as spamd, but maybe that would make a conflict with other parts of the system.

 *sucarino wrote:*   

> 
> 
> 2- i've seen in some other forums indications to run a cron.daily with "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z". Is this recommended? What exactly does it initialize?
> 
> 

 

From the doc: "-z - gather virus scanner/DAT versions and cleanup old temp files"

I only run it after upgrading the system.

 *sucarino wrote:*   

> 
> 
> 3- i've recently update my spamassassin from 2.64 to 3.02. Everything is up & running except that i can't restart /etc/init.d/spamd because there is no spamd.pid file. 
> 
> 

 

I guess I'll upgrade tonight. Have you noticed any changes from the 2.64?

 *sucarino wrote:*   

> 
> 
> I read that i need to include option "-r" in spamd conf in order to create the pid file (due to new architecture of SA), but the script can't write in /var/run/ folder. Any ideas? How can I restart the service when i need to change someting ie. local.cf ??. I don't want restart computer, of course  
> 
> 

 

Is there any spamd process running on your system? If not it might just have gotten confused after the upgrade. What if you create a folder /var/run/spamd and give it world write access (777), then modify the startup script to place the pid file in that folder. Then try to start spamd.

If it starts, look at the pid-file. Modify ownership of the folder so that the user the pid was created as gets write access, and remove world write access to the folder.

----------

## petterg

sucarino:

I've installed spamassassin 3.02 now, and here's the way to make it stop:

```

# mkdir /var/run/spamd

# nano -w /etc/init.d/spamd

```

modify the pidfile location. Make it read 

```
pidfile=/var/run/spamd/spamd.pid
```

save and exit

find out the PID spamd has at the moment. One way to do this is

```

# tail --lines=200 /var/log/messages |grep spamd |grep write |grep PID

```

(you may need to increase the number of lines. Also if you're rotating the logs, you should search the logfile for the day you first had the problem (probably the day you upgraded spamassassin).)

There you should find a line reading

```

Dec 28 20:28:54 lux spamd[16518]: Can't write to PID file: Permission denied

```

then run (16518 is the pid in this example)

```

# echo 16518 > /var/run/spamd/spamd.pid

# chown vpopmail:vpopmail /var/run/spamd

```

(Assuming you're running spamd as vpopmail user.)

Then you should be able to stop/start/restart spamd again.

Regarding which user to run spamd as... this is my guessing: after qmail-scanner 1.20+ I think it can as whoever it wants. With qmail-scanner 1.16 it had to run as vpopmail if you were using vpopmail and qmaild if you did not run vpopmail.

I've had mine running as vpopmail all the time, even with QmS 1.24. Changed it to qscand - did some testing - seems to work fine. I'll keep it that way until I find something that doesn't work. Thought there would be some files somewhere that spamd use with the autolearn functionality that would be owned by vpopmail, but I can't find any. I guess these (if I find them) should change ownership to qscand.

Edit: Think it might be a good idea to reemerge QmS after upgrading spamassassin. Eventhoug it seems to work without.

----------

## petterg

Turns out that the spam-score depends on the user spamd is running as!

Until tonight I've been running spamd as vpopmail. Now it runs as qscand. When running as vpopmail the score for spam is higher and the score for ham is lower than when running as qscand! 

Asumed this is casued by permissions to autolearn data - does anyone know where those files are located so that I can change the ownership of them?

(files in /usr/share/spamassassin are owned by root - hence access to them should not be affected by spamd running as vpopmail or qscand)

----------

## radulucian

has anyone managed to get DSPAM (de-spam) to work with the configuration discussed here or something even close to this one ?

my Spamassassin is geting more and more stupid, not to speak about its slowness, and i would really like to give dspam a try, but i am having a really hard time getting it to work with qmail-scanner.... 

any hints appreciated!

----------

## petterg

Based on just a few mails I've got tonight, it seems like spamassassin 3.02 is 10-20% faster than SA 2.64 - so that's good. But I agree with you, it's slow. If any other program would do the same job faster I would switch.

Figured out where the data for Bayes is stored: ~/.spamassassin.

Where ~ is the homedir of the user spamd is running as.

(That was the end of a night discussing spamassassin with myself here. Hope someone will find it usefull.)

----------

## stripe

well at present time I try to solve how to get mailserver to work in vserver environment - without loopback interface and within binding the spamd on the  eth interface issues the "required_hits: ?" and "hits: ?" messages in qmail-scanner logs and spam comes completely through.

If anybody got this to work, I would appreciated that as radulucian´s appeal...

----------

## sucarino

 *petterg wrote:*   

> Based on just a few mails I've got tonight, it seems like spamassassin 3.02 is 10-20% faster than SA 2.64 - so that's good. But I agree with you, it's slow. If any other program would do the same job faster I would switch.
> 
> Figured out where the data for Bayes is stored: ~/.spamassassin.
> 
> Where ~ is the homedir of the user spamd is running as.
> ...

 

What should I say... thanks a lot [petterg] for all your help!   :Wink:   This forum rocks!

----------

## petterg

 *stripe wrote:*   

> well at present time I try to solve how to get mailserver to work in vserver environment - without loopback interface and within binding the spamd on the  eth interface issues the "required_hits: ?" and "hits: ?" messages in qmail-scanner logs and spam comes completely through.
> 
> If anybody got this to work, I would appreciated that as radulucian´s appeal...

 

Why would you want to bind spamd to eth and run without loopback?

----------

## stripe

because I don´t have a loopback interface in v-host environment...

----------

## radulucian

weren't you talking about DSPAM (and not spamd!) ??

i've been doing a lot of research on DSPAM and apparently its A LOT better than SA, but that is IF you get it to work as you need it to work

my configuration is almost identical to the one described in this tutorial, and if i could integrate DSPAM so that all my users could just forward their spam to one unique address like spam@domain.xx that would be EXCEPTIONAL, especially if DSPAM could be applied to ALL incoming email regardless of their destination.

so, again, if anyone manages to advance in geting DSPAM to work in this configuration please leave a message...

for the record: dspam is NOT spamd (notice the D at the begining not at the end)... see more here: http://www.nuclearelephant.com/projects/dspam/ if you need to be convinced

----------

## petterg

I haven't tried dspam, and I don't know much about perl, but here is an idea of how to make it work.

I asume there is a commandline syntax you can use to manualy feed dspam with mail of the same format as they are stored in maildir. Then dspam will give you output as some kind of spamlevel and an exit code.

Then - if you make a bash script that takes a mail as input on STDIN and passes it to dspam. dspam will give it's output back to the script and the script will have to transform the format to look as if it came from spamc. Also exitcodes will have to be manipulated.

Then edit qmail-scanner.pl - change the $spamc_binary to read the path of your bash script. Qmail-scanner will be fooled to think it works with spamassassin.

(Or if you know perl you could probably modify the sub spamassassin in qmail-scanner.pl)

----------

## gamezfreak

I've been trying to setup qmail/vpopmail and I can succesfully recieve email bu I can't send any mail.  I am using Thuderbird and it logs the messges as sent, but I don't recieve them in my yahoo account.

I get the following message in /var/log/qmail/qmail-send/current saying that it can't establish an SMTP connection.

```

@4000000041d5a0053181a32c new msg 3192270

@4000000041d5a005318423cc info msg 3192270: bytes 670 from <gamezfreak@fusion-net.dyndns.org> qp 7063 uid 201

@4000000041d5a0053274408c starting delivery 12: msg 3192270 to remote account@yahoo.com

@4000000041d5a00532751b4c status: local 0/10 remote 1/20

@4000000041d5a0060ef4f0fc delivery 12: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/

@4000000041d5a0060ef5103c status: local 0/10 remote 0/20

```

Any suggestions?

Edit: 

Forgot to mention, I can send to my own qmail account just no others.

----------

## petterg

 *gamezfreak wrote:*   

> I've been trying to setup qmail/vpopmail and I can succesfully recieve email bu I can't send any mail. 

 

What happens if try to send a mail using the qmail-inject? Send to an account on your system, see if it shows up, and to the yahoo-account and see if it shows up there.

What happens if you telnet to port 25 and pretent to be sending a mail?

Try to disable qmail-scanner in tcp.smtp - does it make any difference?

----------

## petterg

 *gamezfreak wrote:*   

> 
> 
> ```
> 
> @4000000041d5a0060ef4f0fc delivery 12: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
> ...

 

#4.4.1 - Wasn't that what came up when there was a problem with connection to mysql? Do you get any mysql-error in /var/log/messages?

Are you able to log in to mysql using the info in /etc/vpopmail.conf?

----------

## radulucian

hi petterg

i've been looking arround in the qmail-scanner.pl script and i think it can be done even more elegantly than that if you know perl well enough to design that subroutine you are talking about.

so, if you think you can do the subroutine for qmail-scanner.pl to work with dspam, let's try to make it work, and i will adapt qmail-scanner to use it as an alternative and not necesarily as a replacement of spamc...

so... what do you say ? feel up to take this challenge ?

----------

## gamezfreak

petterg,

I tried the following

```

qmail-inject me@mydomain.com < message

qmail-inject me@yahoo.com < message

```

me@mydomain.com is sent and recieved succesfully

me@yahoo.com fails to send with the same error message

When telneting to port 25 I get

```

220 Arctic-Server.FusionNet ESMTP 

```

Here is my tcp.smtp file

```

#-----------------------------------------------------------------

# ALLOW THESE IPS TO RELAY MAIL THROUGH OUR SERVER

#

# Local class-c's from our LAN are allowed to relay,

# and we wont bother doing any RBL checking.

#123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""

#123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""

#

# Connections from localhost are allowed to relay

# (because the WebMail server runs on localhost),

# and obviously there is no point trying to perform an RBL check.

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

#

#-----------------------------------------------------------------

# ALLOW EVERYONE ELSE TO SEND US MAIL

#

# Everyone else can make connections to our server,

# but not allowed to relay

# RBL lookups are performed

:allow

# If you are using qmail-scanner, this line here is the correct one to use

# instead (comment out the above ':allow' line FIRST) and applies that script

# to any mail coming in that is not from a host allowed to relay. You can

# change the value of the variable to any other value you desire to use custom

# scripts for example.

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.2.81:allow,RELAYCLIENT="",RBLSMTPD=""

```

There are no error messages in /var/log/messages

I get a sucessful LOGIN and LOGOUT from pop3-ssl when I receive mail but nothing about failed sends

I can login to mysql using the same info as in vpopmail.conf  without any problems.

----------

## petterg

 *radulucian wrote:*   

> feel up to take this challenge ?

 

I would If I had the time. I'm filled up with projects for the next few weeks. I'll see if I can find a slot for it some day.

----------

## petterg

 *gamezfreak wrote:*   

> When telneting to port 25 I get
> 
> ```
> 
> 220 Arctic-Server.FusionNet ESMTP 
> ...

 

Look somewhere earlier in this thread for what to do while logged in with telnet. Basicaly you have to do everything qmail-inject does, just step by step to see what fails. Someone did post this stuff before.

----------

## gamezfreak

Ok I did the following in telnet:

```

mail from: me@mydomain.com

250 ok

rcpt to: me@yahoo.com

250 ok

data

354 go ahead

test message

.

250 ok 1104665754 qp 7825

```

Now in /var/log/qmail/qmail-send/current I get

```

@4000000041d7dca40d6a97dc new msg 3192224

@4000000041d7dca40d6ab334 info msg 3192224: bytes 208 from <me@mydomain.com> qp 7825 uid 201

@4000000041d7dca40db9159c starting delivery 123: msg 3192224 to remote me@ya

hoo.com

@4000000041d7dca40db92924 status: local 0/10 remote 1/20

@4000000041d7dca42f1780fc delivery 123: deferral: Sorry,_I_wasn't_able_to_establ

ish_an_SMTP_connection._(#4.4.1)/

@4000000041d7dca42f179c54 status: local 0/10 remote 0/20

```

----------

## petterg

 *gamezfreak wrote:*   

> ...

 

Is it posible that you have a firewall blocking smtp? Or maybe your isp blocks smtp?

----------

## gamezfreak

I allowd both inbound and outbound traffic on port 25 in Iptables.  I did a google search to check if my ISP, Earthlink, blocked it.  It turns out Earthlink has been blocking SMTP traffic since 2000.  

Can I change the port that the smtp server runs on?

----------

## petterg

At least the problem is located now.

I'm afraid there is not much you can do about it - other than ask the isp to open the port for you, or get a new isp.

You may change the port for the server. That would help some, but not much. You'll be able to send mail out, but lots of spamfilters will try to contact the smtp server on port 25, and if it cannot reach the server the mail will be rejected.

Also all incomming mail will try to goto port 25.

To get around this you would need to inform the smtp server that tries to send you mail. The only place it looks for info before trying to contact your server is the dns server. I don't think it's posible to include a port number in the mx record of a domain.

----------

## f1n4rf1n

 *Quote:*   

> To get around this you would need to inform the smtp server that tries to send you mail. The only place it looks for info before trying to contact your server is the dns server. I don't think it's posible to include a port number in the mx record of a domain.

 

But there is another solution: many providers of  www.dyndns.org services also offer a port 25 solution - check if they could help you!

----------

## petterg

Great!

http://www.dyndns.org/services/mailhop/relay.html

You can even take your server down and it will cache mails for you.

But still... Eventho there are way to work around this, you ISP should know that you will switch to another isp if they don't open that port for you. (We don't like isp's that limits our services!)

----------

## Nazzy

First off, a big thanks to the people in this thread for the tutorial and also for fixing problems to help me diagnose problems in my deployments.

However this collision of software is producing headache after headache ... at the moment the work around I had to use to get qmail scanner to work with clamav seems to be creating run away processes ... joy!

Anyone here familiar enough perl and with spam assassin to be able to tell me how complex the code is?  I've got a mind to build myself a new mail program in the not to distant future ... one that doesn't involve hacking programs together and building a house of cards *mutter*

----------

## astano

I've installed qmail, vpopmail, qmail-scanner and squirrelmail following this great tutorial. Everything is working just fine, execpt for one thing. 

If I send e-mail via Outlook it get passed through qmail-scanner. But if I send it using squirrelmai it is sent, but dont get checked by qmail-scanner. 

Mt tcp.smtp looks like this:

```
# Qmail-Scanner disabled for mail from localhost, relay allowed 

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                          

# Qmail-Scanner enabled (virus only) for mail from local network,relay allowed 

192.168.1.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                          

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied 

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" 
```

The squirrelmail is configured to use smtp.

I really need to get this working, because the intention is to use just webmail, and the e-mails must get checked by qmail-scanner.

Any idea of what is going on?

Qmail-scanner 1.24

squirrelmail 1.4.3.a

----------

## stripe

you have to set qmail-scanner for the loopback than, because squirrelmail sends the mail to lo smtp.

```
# Qmail-Scanner disabled for mail from localhost, relay allowed 

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"                                                                                                                          

```

 *astano wrote:*   

> I've installed qmail, vpopmail, qmail-scanner and squirrelmail following this great tutorial. Everything is working just fine, execpt for one thing. 
> 
> If I send e-mail via Outlook it get passed through qmail-scanner. But if I send it using squirrelmail it is sent, but dont get checked by qmail-scanner. 
> 
> Mt tcp.smtp looks like this:
> ...

 

----------

## Gatak

Has anyone tried replacing the Qmail-smtp/send part with Courier's ESMTP? Would it not be much cleaner to use Courier for both SMTP and IMAP/POP instead of splitting it up?

Not to forget, Courier also support IPv6, where Qmail does not fully.

----------

## ramsesii

hi everybody!

i fail to get qmail working on my adm64 (~amd64) system. first i tried stable version, but failes - changed use - and cflags (-fPIC).

i finally made vpopmail to compile against libs from mysql-4.0.22 (package.masked - next higher version did NOT compile)... but with courier-authlib im @ the end.

the error on compiling courier-authlib is: /usr/lib/gcc/x86_64-pc-linux-gnu/3.4.3/../../../../x86_64-pc-linux-gnu/bin/ld: /var/vpopmail/lib/libvpopmail.a(cdb_seek.o): relocation R_X86_64_PC32 against `read@@GLIBC_2.2.5' can not be used when making a shared object; recompile with -fPIC

/usr/lib/gcc/x86_64-pc-linux-gnu/3.4.3/../../../../x86_64-pc-linux-gnu/bin/ld: final link failed: Bad value

collect2: ld returned 1 exit status

make[2]: *** [libauthvchkpw.la] Error 1

my emerge info: emerge info

Portage 2.0.51-r8 (default-linux/amd64/2004.3, gcc-3.4.3, glibc-2.3.4.20041102-r0, 2.6.10-gentoo-r1 x86_64)

=================================================================

System uname: 2.6.10-gentoo-r1 x86_64 AMD Opteron(tm) Processor 248

Gentoo Base System version 1.4.16

Python:              dev-lang/python-2.3.4 [2.3.4 (#1, Oct 28 2004, 08:02:56)]

dev-lang/python:     2.3.4

sys-devel/autoconf:  2.59-r6, 2.13

sys-devel/automake:  1.8.5-r2, 1.5, 1.4_p6, 1.6.3, 1.7.9, 1.9.3

sys-devel/binutils:  2.15.92.0.2-r2

sys-devel/libtool:   1.5.2-r7

virtual/os-headers:  2.6.8.1-r1

ACCEPT_KEYWORDS="amd64 ~amd64"

AUTOCLEAN="yes"

CFLAGS="-march=k8 -mmmx -msse -msse2 -m3dnow -m64 -O3 -mfpmath=sse -fPIC"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/fax /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control /var/spool/fax/etc"

CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"

CXXFLAGS="-march=k8 -mmmx -msse -msse2 -m3dnow -m64 -O3 -mfpmath=sse -fPIC"

DISTDIR="/usr/portage/distfiles"

FEATURES="autoaddcvs autoconfig ccache distlocks sandbox"

GENTOO_MIRRORS="http://gentoo.inode.at ftp://gentoo.inode.ad/sources/ ftp://mirror.nutsmaas.nl/gentoo/ ftp://ftp.snt.utwente.nl/pub/os/linux/gentoo http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/"

LDFLAGS=""

MAKEOPTS="-j5"

PKGDIR="/usr/portage/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY=""

SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"

USE="X aalib acpi alsa amd64 apache2 aspell audiofile avi berkdb bitmap-fonts bonobo bzlib cdr crypt cups directx divx4linux dvb dvd esd f77 fam foomatic foomaticdb fortran ftp gdbm gif gnome gpm gstreamer gtk gtk2 gtkhtml gzlib icq imagemagic imap imlib innodb ispell jabber java jp2 jpeg junit kerberos krb4 ldap libclamav libwww lzw lzw-tiff maildir mozilla msdn msn mysql ncurses nls oav opengl pam pda perl php png posix postgres ppds python qmail quotas readline samba ssl tcltk tcpd tiff truetype truetype-fonts type1-fonts usb userlocales xinerama xml xml2 xmms xpm xrandr xv xvid yahoo zlib linguas_de linguas_pl linguas_en"

thank your very much for help.

mario

----------

## cyphz0r

 *Quote:*   

> > nano -w /etc/conf.d/spamd.conf
> 
>   SPAMD_OPTS="-d -u vpopmail -v -x -C /etc/mail/spamassassin/local.cf"

 

If I have that line in my spamd.conf file the spamd gets executed as /usr/bin/perl -w /usr/sbin/spamd <opts> and qmail-scanner won't pick it up.

However, if I take out hte -C option it works fine.

Anyone else experience this? It scans and works fine without that option there but I was just wondering as it might be worthwhile to get the instructions changed if others have that issue also.

----------

## seriousmoose

I was using this configuration for quite some time when I did an emerge sync and emerge -uD world -- well for some reason, it broke the whole thing.

I don't see anything horribly wrong in the qmail logs, however, when I try "telnet mail.myserver.com 25" -- it tells me that the host isn't responding, but I can get a promt on port 143, and I can use qmail-admin still, but I cannot send any mail... maybe other things wrong after that, but that's as far as I got.

I verified the config files are exactly like in the tutorial.

Am I missing something? Anyone else had this problem?

----------

## Gatak

 *seriousmoose wrote:*   

> I was using this configuration for quite some time when I did an emerge sync and emerge -uD world -- well for some reason, it broke the whole thing.
> 
> I don't see anything horribly wrong in the qmail logs, however, when I try "telnet mail.myserver.com 25" -- it tells me that the host isn't responding, but I can get a promt on port 143, and I can use qmail-admin still, but I cannot send any mail... maybe other things wrong after that, but that's as far as I got.
> 
> I verified the config files are exactly like in the tutorial.
> ...

 check your messages log and see if qmail (svscan) is starting at all.

You can do a netstat -anp|grep 25 to see if anything is listening on port 25.

I have learned the hard way too that upgrading qmail, qmail-queue or spamassassin or perl can be bad. Perl is needed for both spamassassin and qmail-queue/qmail-scanner. In more recent versions, they have added security features making qmail-queue to fail. You should check into that.

----------

## stripe

 *seriousmoose wrote:*   

> I was using this configuration for quite some time when I did an emerge sync and emerge -uD world -- well for some reason, it broke the whole thing.
> 
> 

 

check the logs, mail.err mail.log, qmail-queue.log, if there are some "permission denied" items, if so, please go back in this thread and concern on my posts about upgrading....

----------

## seriousmoose

thanks for taking time to help!

Yes, it seems weird that it's listening on 0.0.0.0:

```
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      25631/couriertcpd

tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      25867/couriertcpd

tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      25787/couriertcpd

tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      25709/couriertcpd

tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      25950/tcpserver
```

I remember when installing it, it detected ... the ips it should be listening on... I'll look at that to see if there's a problem.

I've only looked at the logs in /var/log/qmail for errors... I'll check the others if I get nothing.

thanks again

----------

## seriousmoose

actually, that's not really the problem

-------------------

I looked into /etc/tcprules.d/tcp.qmail-smtp and everything looked good there...

specifically, this is the error I get when trying to connect with outlook express:

Your 'Inbox' folder was not polled for its unread count. Your IMAP server has closed the connection. This may occur if you have left the connection idle for too long. Account: 'mail.ushcare.com', Server: 'mail.ushcare.com', Protocol: IMAP, Server Response: 'Temporary problem, please try again later', Port: 993, Secure(SSL): Yes, Error Number: 0x800CCCDD

I get the same error when using plain (nonssl) on 143.

EDIT:

Errors fixed (I think):

there was a broken table in vpopmail database

Errors outstanding:

#1 --- /etc/init.d/spamd restart doesn't work -- no way for me to test this yet

#2 --- I still cannot connect to imap or smtp -- still can't figure out why

----------

## petterg

seriousmoose: May it helps to unemerge and reemerge qmail?

It worked for me when I had similar problems. (Can't remember if I did the same with vpopmail.)

----------

## seriousmoose

many times I've done it.

I even did

rm -rf /var/qmail/*

and recreated everything... still no go

does anyone have this configuration running on qmail-1.03-r15 and the latest vpopmail and courier???

if I can't figure out in a few more hours, I'm going to try downgrading to see if it's the packages that are causing the problems....

------------------------------

/var/log/qmail doesn't have any errors

/var/log/messages doesn't have any errors

am I missing something?

------------------------------

edit: making progress... I got courier-imap working and authenticating with vpopmail now. still qmail is not cooperating (if anyone cares, the courier-authlib needs to be recompiled, then don't make same mistake as me and forget to restart the service)

emerge courier-authlib

/etc/init.d/courier-authlib restart

----------

## sucarino

 :Sad: 

Recently, i've upgraded several packages on my system BIG STUPIDITY! because it's a production server. One of this package was ucspi-tcp-0.88-r8 to  sys-apps/ucspi-tcp-0.88-r9

When finished upgrade show me the message:

* We have started a move to get all tcprules files into

* /etc/tcprules.d/, where we have provided a Makefile to

* easily update the CDB file.

I found the Makefile but I can't do nothing with it (dunno). I only copied /etc/tcp.* to /etc/tcprules.d folder and did 

#make *.cdb

make: `tcp.pop3.cdb' is up to date.

make: `tcp.qmqp.cdb' is up to date.

make: `tcp.qmtp.cdb' is up to date.

make: `tcp.smtp.cdb' is up to date.

What else should i do with this file ???  :Confused: 

Now i can't relay neither from any of my LAN computers  nor localhost via Squirrelmail. Everytime it show me the message:

553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

The only way my users can send email is trough smtp-auth. However when I tried the following everything seems ok:

#TCPREMOTEIP="127.0.0.1" tcprulescheck tcp.smtp.cdb

rule 127.0.0.1:

set environment variable RELAYCLIENT=

set environment variable RBLSMTPD=

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-queue

allow connection

Actually my /etc/tcp/tcp.smtp.cdb and /etc/tcprules.d/tcp.smtp.cdb, both look like:

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

X.Y.Z.64-95:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

Ohhhh, almost forget this, when i tried:

#/etc/init.d/svscan restart

it only increases the curse, getting this error again and again, forever:

supervise: fatal: unable to acquire qmail-send/supervise/lock: temporary failure

supervise: fatal: unable to acquire qmail-send/supervise/lock: temporary failure

supervise: fatal: unable to acquire qmail-send/supervise/lock: temporary failure

Pleeeeaseeee, what can i do? I'm really desperate.  My web users wanna kill me. They can't send email for the last 2 days.  :Crying or Very sad: 

Any ideas?

----------

## Gatak

perhaps it is a permissions failure so that it cannot creat or open the lock files? check them.

----------

## seriousmoose

if it makes you feel better, I have a lot of the same errors as you !!!

----------------------

So far, all I've fixed the courier-imap so I can download mail from the server though pop3 and imap, then I fixed qmail so it can get receive email, and such, but I cannot, under any circumstances fix the server my users can send mail either. I'll let you know if I fix that one.

After I get this working, I'm going to rewrite the howto, because the steps have changed so much with the new qmail, and some general changes in courier-imap.

----------------------

I can help you with some of your errors though...

For the supervise: fata: one, I had to fix that one, by unmerging qmail, deleting the /services directory, then deleting the /var/qmail/* directories too. (remember to backup your /var/qmail/users/ directory first though... you may want to just move the dir, instead of deleting it)

Then, I applied the patch found in this bug:

https://bugs.gentoo.org/show_bug.cgi?id=71571

After that, I emerged qmail, and then I had to redo my control configs (no big deal) then, there may have been a few other retarded bugs, but nothing that can't be solved by running the appropriate vpopmail utils.

EDIT:

also, when I update my .cdb files, they have differnt names:

srv1 tcprules.d # make *.cdb

make: `tcp.qmail-pop3.cdb' is up to date.

make: `tcp.qmail-qmqp.cdb' is up to date.

make: `tcp.qmail-qmtp.cdb' is up to date.

make: `tcp.qmail-smtp.cdb' is up to date.

----------

## sucarino

 *Quote:*   

> 
> 
> For the supervise: fata: one, I had to fix that one, by unmerging qmail, deleting the /services directory, then deleting the /var/qmail/* directories too. (remember to backup your /var/qmail/users/ directory first though... you may want to just move the dir, instead of deleting it)

 

I really appreciate it. But i don't want to take that risk yet. I will try to reemerge qmail in worse case.

 *Quote:*   

> 
> 
> Then, I applied the patch found in this bug:
> 
> https://bugs.gentoo.org/show_bug.cgi?id=71571

 

The patch applies to qmail-1.03-r15 and I'm using qmail-1.03-r13. Anyway i found that my /var/qmail/supervise directories were already owned by root . I tried chowning to root:qmail but didn't work either.

 *Quote:*   

> also, when I update my .cdb files, they have differnt names:
> 
> srv1 tcprules.d # make *.cdb
> 
> make: `tcp.qmail-pop3.cdb' is up to date.
> ...

 

Are you ACCEPTING_KEYWORDS="~x86" ??? because i remember one time i did something like that  in other server and my tcp files look like yours.  After hours of experiments and headaches i decided to keep my productions servers as stable as possible and far away of last updates. That's why I never updated my qmail-scanner 1.23-r3+ f-prot TO qmail-scanner 1.24 + clamav. 

This time i broke that rule with uscpi-tcp  and these are the consequences.  I'm really tired of all that stress with gentoo-updates. At least everything else is working fine.

----------

## Gatak

Are you sure you have the right name for the tcp*.cdb files?

I have seen two variants:

```

-rw-r--r--  1 root root  335 Apr  4  2004 /etc/tcp.pop3

-rw-r--r--  1 root root 2072 Apr  4  2004 /etc/tcp.pop3.cdb

-rw-r--r--  1 root root   90 Apr  4  2004 /etc/tcp.qmqp

-rw-r--r--  1 root root 2168 Apr  4  2004 /etc/tcp.qmqp.cdb

-rw-r--r--  1 root root   90 Apr  4  2004 /etc/tcp.qmtp

-rw-r--r--  1 root root 2168 Apr  4  2004 /etc/tcp.qmtp.cdb

-rw-r--r--  1 root root  684 Sep 11 03:01 /etc/tcp.smtp

-rw-r--r--  1 root root 2408 Jan  3 01:00 /etc/tcp.smtp.cdb
```

```

-rw-r--r--  1 root root  335 Apr  4  2004 /etc/tcprules.d/tcp.qmail-pop3

-rw-r--r--  1 root root 2072 Apr  4  2004 /etc/tcprules.d/tcp.qmail-pop3.cdb

-rw-r--r--  1 root root   90 Apr  4  2004 /etc/tcprules.d/tcp.qmail-qmqp

-rw-r--r--  1 root root 2168 Apr  4  2004 /etc/tcprules.d/tcp.qmail-qmqp.cdb

-rw-r--r--  1 root root   90 Apr  4  2004 /etc/tcprules.d/tcp.qmail-qmtp

-rw-r--r--  1 root root 2168 Apr  4  2004 /etc/tcprules.d/tcp.qmail-qmtp.cdb

-rw-r--r--  1 root root  588 Jan  2 22:25 /etc/tcprules.d/tcp.qmail-smtp

-rw-r--r--  1 root root 2408 Jan  3 00:59 /etc/tcprules.d/tcp.qmail-smtp.cdb
```

The tcp.qmail-smtp looks like this:

```

# Qmail-Scanner disabled for mail from 127.0.0.1

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

::1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

# Qmail-Scanner enabled (virus only) for mail from local network

192.168.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

# Qmail-Scanner enabled (virus and spam) for mail from external internet

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

----------

## seriousmoose

Well, I really have no idea what is wrong for me...

btw, I just downgraded to qmail-1.03-r13 and it doesn't give me the error that you had. I don't understand why it's not working:

listening:

```
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      9444/couriertcpd

tcp        0      0 0.0.0.0:2401            0.0.0.0:*               LISTEN      2452/cvsd

tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      9600/couriertcpd

tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1876/mysqld

tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      2661/smbd

tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      9522/couriertcpd

tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      9366/couriertcpd

tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN      4120/local.cf
```

-r13 seems to not use the tcprules.d:

```
# ps aux | grep tcpserver

qmaild   15458  0.0  0.1   2864   812 pts/1    S    23:03   0:00 /usr/bin/tcpserver -p -v -R -x /etc/tcp.smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd mail.ushcare.com /var/vpopmail/bin/vchkpw /bin/true
```

my servers seem to be running fine:

```
# svstat /service/qmail-smtpd /service/qmail-smtpd/log

/service/qmail-smtpd: up (pid 15556) 83 seconds

/service/qmail-smtpd/log: up (pid 15567) 83 seconds
```

telnet doesn't work though:

```
telnet mail.ushcare.com 25

Connecting To mail.ushcare.com...Could not open connection to the host, on port

25: Connect failed
```

no configuration errors:

```
# /etc/init.d/svscan stop

 * Stopping service scan ...    [ ok ]

 * Stopping services ...          [ ok ]

 * Stopping service logging ...[ ok ]

# qmail-start

status: local 0/10 remote 0/20

# /usr/bin/tcpserver -p -v -R -x /etc/tcp.smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd mail.ushcare.com /var/vpopmail/bin/vchkpw /bin/true

tcpserver: status: 0/40
```

my tcp rules are identical to yours, which are (I think) identical to the suggested ones in this post.

I don't get it... everything looks as if it's working. There are no errors in the logs that I know of either. 

ACCEPT_KEYWORDS -- more like unmasked package to try and see if it helps to have a different version... doesn't though. I'm gonna mask the latest "ucspi-tcp" and see if that helps...

>I will try to reemerge qmail in worse case.

If that doesn't work, try renaming all the dirs inside of /var/qmail besides "queue" and "users" -- as those are essential. Then just setup the "control"  configs again

-------------------------

yes, once this works, I'm gonna either never run sync again, or mask all the packages greater than the ones that I have that work in /etc/portage

----------

## Gatak

There is nothing listening on port 25/SMTP for you. This is a problem!

I am also using qmail-1.03-r13.

My tcpserver is running like this.

```
 /usr/bin/tcpserver -p -v -R -x /etc/tcp.smtp.cdb -c 40 -u 201 -g 200 ::0 smtp /var/qmail/bin/qmail-smtpd mail.tnonline.net /var/vpopmail/bin/vchkpw /bin/true
```

netstat -anp|grep tcpserver

```
tcp        0      0 :::25                   :::*                    LISTEN      8531/tcpserver
```

----------

## sucarino

 *Gatak wrote:*   

> There is nothing listening on port 25/SMTP for you. This is a problem!
> 
> I am also using qmail-1.03-r13.
> 
> My tcpserver is running like this.
> ...

 

well, in my case everything looks fine ... can you see something wrong? I'm running qmail-1.03-r13 too. Simply my tcpserver it's not working but it's working  :Shocked: 

```

/usr/bin/tcpserver -H -l 0 -p -v -R -x /etc/tcp.smtp.cdb -c 128 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd mail.group.com /var/vpopmail/bin/vchkpw /bin/true

#netstat -anp|grep tcpserver

tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      4137/tcpserver   
```

----------

## seriousmoose

ARRRRRRRRRRRRRRGGGGGGGGGGGGGGHHHHHHHHHHHHHHHHHHHH!!!!!!!!!!!

Wow, am I pissed...

I'm debugging remotely from a different location and I was telneting remotely to the host, and the reason why I can't send mail is because the stupid ISP I'm on right now blocks port 25...

UGH

well, the good news is, -r15 works fine, even with the new tcprules.d and ucspi-tcp-0.88-r9, sorry for wasting people's time.

EDIT:

actually, it was listening... I just copied and pasted the wrong part... I've been working on this a while, sorry about that.

----------

## seriousmoose

sucarino, do this:

/etc/init.d/svscan stop

qmail-start

and see if there are configuration errors...

also,what is the output of "telnet localhost 25" ??? (you get telnet by netkit-telnetd)

test to see if authentication is working ok... see if you can log into qmailadmin

I also used queue-repair -- I don't know if that had an effect or not...

http://www.qcc.ca/~charlesc/software/queue_repair/

I actually recommend upgrading qmail to -15 -- it seems to install a little cleaner than the previous ... you only have to worry about tcprules.d directory, which matches the the other one -r9

lemme know... I'm pretty adept at troubleshooting this stuff now  :Smile: Last edited by seriousmoose on Tue Jan 11, 2005 8:04 am; edited 1 time in total

----------

## sucarino

 *seriousmoose wrote:*   

> ARRRRRRRRRRRRRRGGGGGGGGGGGGGGHHHHHHHHHHHHHHHHHHHH!!!!!!!!!!!
> 
> Wow, am I pissed...
> 
> I'm debugging remotely from a different location and I was telneting remotely to the host, and the reason why I can't send mail is because the stupid ISP I'm on right now blocks port 25...
> ...

 

 Well i already tried any kind of tricks... reemerging didn't work. If you say r-15 works i will try a last time.... i'm glad to hear your systems works, one less stres out!   :Very Happy: 

----------

## sucarino

ok, it only shows:

# qmail-start

status: local 0/10 remote 0/20

 *Quote:*   

> also,what is the output of "telnet localhost 25" ??? (you get telnet by netkit-telnetd)

 

# telnet localhost 25

Trying 127.0.0.1...

Connected to mail.group.com.

Escape character is '^]'.

220 mail.group.com ESMTP

 *Quote:*   

> 
> 
> test to see if authentication is working ok... see if you can log into qmailadmin
> 
> 

 

both are working ok, i can auth in qmailadmin (???) and can send emails from home remotely via SMTP-AUTH

 *Quote:*   

> I actually recommend upgrading qmail to -15 -- it seems to install a little cleaner than the previous ... you only have to worry about tcprules.d directory, which matches the the other one -r9
> 
> 

 

Anyway i will try r15....

----------

## seriousmoose

what exactly is going wrong then??? everything looks good from here.

----------

## sucarino

 *seriousmoose wrote:*   

> what exactly is going wrong then??? everything looks good from here.

 

i tried qmail-1.03-r15 .. didn't work. I'm getting crazy... tcpserver is working fine, everything is working fine ...  just I can't relay without auth from my trusted networks, localhost included

my webmail users need relaying from localhost, of course.... i can't send emails from mutt either!

as i stated before, tcprules are working perfect:

#TCPREMOTEIP="127.0.0.1" tcprulescheck /etc/tcprules.d/tcp.qmail-smtp.cdb

rule 127.0.0.1:

set environment variable RELAYCLIENT=

set environment variable RBLSMTPD=

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-queue

allow connection

qmail is just looking at rcphost....everytime i get same error:

Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

this is from  qmail-smtpd log file, everytime i try to relay:

@4000000041e396e2048fb78c tcpserver: status: 1/128

@4000000041e396e20496379c tcpserver: pid 17300 from 127.0.0.1

@4000000041e396e204a9a82c tcpserver: ok 17300 localhost:::ffff:127.0.0.1:25 localhost:::ffff:127.0.0.1::32781

@4000000041e396e206ecc614 tcpserver: end 17300 status 256

@4000000041e396e206ecd5b4 tcpserver: status: 0/128

and my #ps aux

qmaild ...  /usr/bin/tcpserver -p -v -R -x /etc/tcprules.d/tcp.qmail-smtp.cdb -c 128 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd mail.group.com /var/vpopmail/bin/vchkpw /bin/true

root     ... supervise qmail-smtpd

root     ... supervise log

root     ... supervise qmail-send

root     ... supervise log

Other ideas? Could be something with user "qmaild".???

----------

## sucarino

i deleted the rcpthosts file... at least it works for the web people off at my workplace  :Sad: 

from now on i oficially declare my server as another open relay !

 :Twisted Evil: 

----------

## seriousmoose

ok... I'm not totally sure how to check to see if I'm an open relay, but I did manage to get ssl tunneling with TLS authentication required, so I doubt that it's open (cause I think it need a username and password)

Well, I'm unable to check to see how port 25 responds, but I just installed SSL tunneling so I can send on a different port that my stupid isp doesn't block.

my rcpthosts contains my fqdn -- eg. if your domain is domain.com and the mailserver is mail.domain.com, then my rcpthosts file contains just "domain.com"

I can send to any domain I please.

as for your settings you posted... they are all exactly the same as mine...

EDIT:

if you want info on how to tunnel ssmtp, I'll post the settings

EDIT:

abuse.net has a relay tester... pretty cool

http://www.abuse.net/relay.html

EDIT:

some more info on rcpthosts...

http://www.palomine.net/qmail/relaying.html

----------

## sucarino

 *Quote:*   

> ok... I'm not totally sure how to check to see if I'm an open relay, but I did manage to get ssl tunneling with TLS authentication required, so I doubt that it's open (cause I think it need a username and password)

 

from point i deleted the rcpthosts file, automatically qmail starts to act as an open relay ... i have no more ideas, maybe i will try POP before SMTP but i'm not sure if this will work with webmail (squirrelmail)

i already test my server, i'm 100% an open relay now... for some weird reason Qmail is actually circunvent tcpserver.... or should I use something like relay-ctrl?

please any help?

----------

## seriousmoose

I don't really know what to tell you... for me, all I had to do is put my domain in the rcpthosts file, and that's it... the reason why it works is because -r15 seems to require TLS auth before you can send the message. Try it out, but this means that all of your users will have to go into their outlook settings and enable (I can't remember exactly) the setting that sends username and password when sending mail.

That's the best I got for now... I'm kinda unable to test open/closed relays because my port 25 is blocked, so I can only tunnel to it through SSL.

----------

## sucarino

guys, this is completely unusual... my qmail+vpopmail+qmail-scanner+SA, etc is working very well,. just that something is really happening causing that tcpserver is unable to match the right rule. look at this:

when a normal email arrives from outside, /var/log/qmail/qmail-smtpd/current shows:

```
@4000000041e5c8ff1ac497ac tcpserver: status: 1/128

@4000000041e5c8ff1ac9e324 tcpserver: pid 3202 from 209.200.129.5

@4000000041e5c8ff1ad52dc4 tcpserver: ok 3202 mail.xxxxxx.com:::ffff:196.x.y.z:25 :::ffff:209.200.129.5::54402

@4000000041e5c90434006e6c X-Qmail-Scanner-1.23st: We have reasons to believe this mail is SPAM

@4000000041e5c90501be115c tcpserver: end 3202 status 0

@4000000041e5c90501be20fc tcpserver: status: 0/128

```

but when i try to send an email using webmail, or just without auth from my internal network then  i can see:

```
@4000000041e5cb510f2cd1ac tcpserver: status: 1/128

@4000000041e5cb510f32f014 tcpserver: pid 3458 from 127.0.0.1

@4000000041e5cb510f47200c tcpserver: ok 3458 localhost:::ffff:127.0.0.1:25 localhost:::ffff:127.0.0.1::32841

@4000000041e5cb511145e1f4 tcpserver: end 3458 status 256

@4000000041e5cb511145f194 tcpserver: status: 0/128

```

Note status 0 vs. status 256

In my /etc/tcp.smtp.cdb i have the rules :

```
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
```

what is happening to me is that tcpserver never match the first rule for localhost, that's the reason why my webmail users can't relay... no matter where the connection came from tcpserver is assigning the last values all the time

if i add RELAYCLIENT="" to the second line then every user, no matter where they are, could send/relay  emails without problems . Of course i don't want that because then qmail-scanner-queue.pl do nothing regarding SPAM because  that  implies the email is coming from a trusted user. 

However, testing tcpserver is ok as you can see:

```

mail etc #  TCPREMOTEIP="127.0.0.1" tcprulescheck /etc/tcp.smtp.cdb 

rule 127.0.0.1:

set environment variable RELAYCLIENT=

set environment variable RBLSMTPD=

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-queue

allow connection
```

if i write down anything on this test, let's say "schemp" it always match the second rule:

```
mail etc # TCPREMOTEIP="schemp" tcprulescheck /etc/tcp.smtp.cdb 

rule :

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl

allow connection
```

So, IMHO tcpserver is receiving wrong values when my users try to connect  on port 25 from trusted locations. That's why when they authenticate can send emails without problems, as they were at opposite side of the earth.

But if you guys double check what i wrote above, /var/log/qmail/qmail-smtp/current is saying that tcpserver is receiving the connection from 127.0.0.1     :Sad: 

```
localhost:::ffff:127.0.0.1:25 localhost:::ffff:127.0.0.1::32841
```

and as far as i know my tcpserver is running with right parameters:

```
mail etc # ps aux | grep tcpserver

qmaild    4078  0.0  0.1  2648  808 pty/s1   S    20:25   0:00 /usr/bin/tcpserver -H -P -v -R -x /etc/tcp.smtp.cdb -c 128 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd mai.xxxxx.com /var/vpopmail/bin/vchkpw /bin/true
```

SO, WHAT THE HELL IS HAPPENING? I already remerge every single package, i even compiled the kernel again avoiding any non usual option at network or security categories... nothing i can do fix this fuc*^*& problem....

Please, any help will be appreciated!

----------

## sucarino

wait, wait, wait !

i can't understand some differences. if i use tcprulescheck that way it doesn't work as expected.... do not let relay

```
mail etc # tcprulescheck tcp.smtp.cdb 127.0.0.1   

rule :

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl

allow connection
```

that is exactly as same on my server...but how can i fix that? 

and why in the following  way it show me other results:

```
mail etc # TCPREMOTEIP="127.0.0.1" tcprulescheck /etc/tcp.smtp.cdb 

rule 127.0.0.1:

set environment variable RELAYCLIENT=

set environment variable RBLSMTPD=

set environment variable QMAILQUEUE=/var/qmail/bin/qmail-queue

allow connection
```

????????????

 :Rolling Eyes: 

----------

## sucarino

Finally it is working....  the solution was posted here:

https://forums.gentoo.org/viewtopic.php?t=276084&highlight=tcpserver

uscpi-tcp should be emerged with "-ipv6" if you are not using ipv6 at all. 

ahhhhhhh... i'm really tired

 :Mad: 

----------

## petterg

In this post I'll write notes as I read, so please don't kill me If I write something that has already been said.

Something general on upgrading: emerge world might not be the smartest thing to do when you're not doing it every month. What I do is run a emerge -pvUD world. Then I look for the first package listed that I know I've emerged. Then I run emerge -pvUD packagename > /root/emergelog/worldxxxxxxx (xxxxx is a number I increase by one every time).

Then I run emerge -UD packagename.

When done I update configs using etc-update in interactive mode, and I test if the system works. If everything works I do the same thing over again, until all packages are updated.

I do not use the ~x86 keyword unless I know it's useful in one particular package - and then I do leave all packages I would like to use the ~keyword until the everything else is updated. That's the thing with the -U parameter to emerge - it does not downgrade packages that was emerged with the ~keyword in the first place.

If you had qmail-1.03-r15 and did an emerge world without the ~keyword and without the -U parameter you will have r13 installed now! That WILL make trouble with the tcprules!

If you did do an emerge world with the ~keyword .... oh man! You might as well delete all your systemfiles and start installing the OS and all programs all over!

If the perl package was updated you should / have to recompile everything that is using perl...  i.e. qmail-scanner.

If change between qmail-1.03-r13 and qmail-1.03-r15 you have to check out your tcprules. It might not be reading the files you think it is reading. (/etc/tcp* or /etc/tcprules.d/*)

When updating Qmail-scanner from 1.1X to 1.2X QMAILQUEUE in tcp.smtp (or whatever it's correct name is) should be changed from /var/qmail/bin/qmail-queue.pl to /var/qmail/bin/qmail-queue

If you get temporary problem when sending / recieving mail or when logging in on pop/imap there is probably a problem with the vpopmail - mysql communication. Eigther the /etc/vpopmail.conf does not contain the correct information, or it's format is wrong. Old versions of vpopmail reads one parameter per line, the new version reads all parameters at only two lines. If in doubt use both formats in the file at the same time - for details read one of my posts earlier in this thread.

This is important to check when upgrading vpopmail

 *sucarino wrote:*   

> 
> 
> #/etc/init.d/svscan restart 
> 
> it only increases the curse, getting this error again and again, forever: 
> ...

 

That might be the problem for the relay problem. Does the symlionks in /service point to the correct place? The lockfile might be something that is made when a service is started, then should be removed when service is stoped - if it exists the service should not start - try rename it or as Gatak say check it's permission and the folders permission.

 *sucarino wrote:*   

> 
> 
> from point i deleted the rcpthosts file, automatically qmail starts to act as an open relay ... i have no more ideas, maybe i will try POP before SMTP but i'm not sure if this will work with webmail (squirrelmail)
> 
> 

 

My rcpthosts file contains

```

domain.net

213.x.x.x <- server public ip adress

```

 *sucarino wrote:*   

> 
> 
> Note status 0 vs. status 256
> 
> In my /etc/tcp.smtp.cdb i have the rules :
> ...

 

Dude! You have a setuid and/or permission and/or ownership problem on qmail-scanner, AND faulty tcprules. Try this:

# emerge -C qmail-scanner. 

# rm /var/qmail/bin/qmail-scanner*

# rm -Rf /var/spool/qmail-scanner

edit your smtp tcprules to read QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

NOT qmail-queue, NOT qmail-scanner-queue.pl

Run the tcprules update

restart tcpserver

# emerge qmail-scanner

restart tcpserver

Good for you, sucarino, that it started to work. But you should still fix the qmail-queue parameter and qmail-scanner permissions. (If not you might get a problem in the future.)

One more thing regarding systemwide updates: If you're not intending to use ipv6 add "-ipv6" to your USE flags in /etc/make.conf. Somewhere during the update it will get enabled as default, so you have to force it to not be enabled!

ALWAYS, when you emerge something, do a -pv first to see which USE flags it will use - you may need to change something!

----------

## petterg

One more thing to add - qmail-scanner 1.2X will skip spamcheck for mail sent from localhost, so it's not wasting much resourses to have 

127.0.0.1:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"

in tcprules.

(it will do virus check)

Is there any way to make it skip spamcheck when mail is comming in trough smtp-auth?

----------

## sucarino

 *Quote:*   

> In my /etc/tcp.smtp.cdb i have the rules :
> 
> ```
> 127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
> 
> ...

 

Thanks, petterg... for all your support. But i still have a question: why do you think i have a permission problems with my qmail-scan* files? Everything is up and running now. Furthermore i run a daily cron with "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -z" to check these rights keep safe. Currently my files list looks like:

```
mail bin # cd /var/qmail/bin/

mail bin # ls -la qmail-scan*

-rwsr-xr-x  1 qscand qscand   3236 Sep 18 20:50 qmail-scanner-queue

-rwxr-xr-x  1 qscand qscand 131591 Jan 13 14:36 qmail-scanner-queue.pl

```

Is that correct?

----------

## seriousmoose

sucarino, to quote the qmail-scanner ebuild,

 * Please note that it was a call to qmail-scanner-queue.pl before,

 * but this is now changed to use a wrapper to improve security!

 * Once you have changed to the wrapper, you can remove the setuid

 * bit on qmail-scanner-queue.pl

so, for future, it would probably be best to use the wrapper

----------

## petterg

sucarino:

```

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

If this code works as you intend it to work there is something wrong. (Assumed you use qmail-scanner 1.2X)

----------

## cybris

Hey all I followed this How-to straight through and i'm testing my server I keep getting this when trying to recieve or send mail to any e-mail at another domain such as yahoo and msn.

This is what i get when trying to send from my server to yahoo

The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '(my yahoo address here)@yahoo.com'. Subject 'test', Account: '(my outlook account name is here)', Server: '(my domain name is here)', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): Yes, Server Error: 553, Error Number: 0x800CCC79

When I try to send from yahoo to my server I get this as a bounced message in yahoo.

(my servers ip) does not like recipient.

Remote host said: 553 sorry, that domain isn't in my list of allowed 

rcpthosts (#5.7.1)

Giving up on (my servers ip)

----------

## petterg

When you send from an ip-adress listed to allow relay from, you'll need to provide username and password for smtp auth. (from the client).

First check that you're able to send from localhost to localhost. Then from localhost to yahoo.

Are you able to login using pop or imap?

----------

## cybris

ok i can log in pop3 using SSL on localhost or externally

what I can't do is log in via smtp using SSL on either localhost or external so something is wrong in my smtp-auth configuration I assume then.

any ideas on what i should check?

----------

## petterg

redo the smtp-auth part of the guide to make sure you've got it right.

But there is probably something more wrong too.

What does the files in qmail/control look like?

----------

## cybris

well I checked my conf-smtp file in controls and the only line it that is not commented out is the one mentioned above.

QMAIL_SMTP_POST="(my domain name is here) /var/vpopmail/bin/vchkpw /bin/true"

and the only thing i changed in conf-common was the line to say

TCPSERVER_OPTS="-H -R -l 0"

all the other files mentioned just have my hostname in them which is my fqdn

ok other things i have done i noticed SSL needs to use port 465 so I did a telnet localhost 465 

got a connection refused which indicated it's not open.

I also tried

Telnet localhost 25 

mail from: who@whomever.com

rcpt to: alocaluser

data

<body of message here>

<carriage return>

.

got this error

qq temporary problem (*4.3.0)

which means that it did not authenticate which I believe is what is supposed to happen when using SSL becuase it should connect and authenticate through port 465 if I understand correctly?

I also did this 

netstat -a | grep smtp

and got

tcp 0 0 *:smtp *:* LISTEN

tcp 0 0 localhost:smtp localhost:32900 TIME_WAIT

i'm not sure but I beleive that last line is because of qmail-scanner? cause I issued that command before and never got the second line til I setup and ran qmail-scanner?

I also tried this 

netstat -a | grep smtps

and got nothing if SSL is runngin correctly I should have gotten a LISTEN result.

also tried this 

openssl s_client -connect localhost:465 -state 

and got

connect:Connection refused

connect:erno=29

So what I've gathered from this is i have a problem somewhere with my SSL port not being open correctly for smtp? 

btw I followed the old guide here http://www.gentoo.org/doc/en/qmail-howto.xml  in section 5 to setup SSL for smtp excetp the part about changing the conf-smtp file instead I did what this how-to said

I'm pretty sure I know what the problem is I know in using the tcpserver command you can set the the port it uses with a flag of smtp or smtps but i'm not sure where i need to set this at?

thanks for the help btw.

----------

## petterg

What's the output of 

```
# ls -l /var/vpopmail/bin/vchkpw
```

?

If your're following the guide I don't think you get SMTP-SSL. What you do get is TLS which is still using port 25. TLS is encryption on transport level, while ssl is no protocol / connection level. (This means that the connection is established before encryption is turned on.)

Where did you get the idea of using port 465?

 *Quote:*   

> 
> 
> rcpt to: alocaluser
> 
> 

 

You did remember to enter @domain.tld after the username?

My conf-smtp looks like this

```

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

```

This requires the file ${QMAIL_CONTROLDIR}/me to contain your domainname.

Your domainname must also be included in ${QMAIL_CONTROLDIR}/locals and ${QMAIL_CONTROLDIR}/defaultdomain.

${QMAIL_CONTROLDIR}/rcpthosts should look like this:

```

yourdomain.tld:yourdomain.tld

yourdomain.tld

youripadress

```

${QMAIL_CONTROLDIR}/virtualdomains should look like this:

```

yourdomain.tld:yourdomain.tld

youripadress:youripadress

```

If those files doesn't look like that you may have done a mistake when installing vpopmail. (Maybe the ipadresses are not required. I'm using ip as alias for domain.)

You do know you need to use user@domain.tld when authenticating?

----------

## sucarino

 *seriousmoose wrote:*   

> sucarino, to quote the qmail-scanner ebuild,
> 
>  * Please note that it was a call to qmail-scanner-queue.pl before,
> 
>  * but this is now changed to use a wrapper to improve security!
> ...

 

Sorry... i'm just a noob on this, really don't know how to use the tcp wrappers... can you help me or give me some tips/links?

my last question.. i noted that Spam Assassin is not identifying dirty strings in "only text" message bodies. It's just doing RBL checkouts, Razor , etc.  However on HTML messages it make a very deep inspection with a higher rate of efectivity. Is that normal?

----------

## seriousmoose

sucarino, it just means that you should use "qmail-scanner-queue" instead of "qmail-scanner-queue.pl" from now on   :Very Happy:  np

-------------------------

SSL was very easy for me to setup... here is how I did it:

# emerge stunnel

# nano -w /etc/stunnel/stunnel.conf

```
# location of pid file

pid = /etc/stunnel/stunnel.pid

# user to run as

setuid = stunnel

setgid = stunnel

CAfile = /usr/etc/stunnel/certs.pem

cert = /var/qmail/control/servercert.pem

[ssmtp]

accept  = 465

connect = 25
```

make sure your certs are generated properly... they should be, if you filled out the information wile doing the ebuild config for qmail

# rc-update add stunnel default

# /etc/init.d/stunnel start

peace

----------

## shadowteller

In mid-November I posted because I was having trouble installing this tutorial by Sabrex.  

Unfortunately on a RAID 10 when you blow a PS and over half of your HDs, it reaks severe havoc.  

So, I ended up replacing parts (got a redudant PS and a Better UPS).

Onward to the problems...I got Qmail and Vpopmail working no problems.  I can send mail back and forth between local users.  I however can not send to yahoo, hotmail or as far as I can tell anyone out side of my network.  How do I fix this?  I also presume since it fails on outgoing - it will fail incoming as well.

Secondly I installed courier-imap.  Here's where my problems begin.  (I noticed things have changed here since November)  At first I thought everything was working okies.

I got squirrelmail installed...no problems there.  When I try logging into squirrelmail it gives me the "ERROR : Connection dropped by imap-server" 

So I went back and checked using Outlook to see if I can connect...same thing.

So I tried to telnet on ports 143 and 993

 *Quote:*   

> Trying 127.0.0.1...
> 
> Connected to leto.freelancephotography.org.
> 
> Escape character is '^]'.
> ...

 

So I have no clue how to fix this...also the new authmysqlrc kind of confuses me to what I am supposed to place in where.

This is what I have so far...

 *Quote:*   

> 
> 
> MYSQL_SERVER		localhost
> 
> MYSQL_USERNAME		vpopmail
> ...

 

I think thats it....

Also I am a little confused as to whether or not once things are up and running...if users that have a /home/username directory will have mail there or if you have to create a symlink from /var/vpopmail/domains/domain.name/user/

Hope someone can help me and help me soon...cause this has been frustrating me.

----------

## petterg

 *shadowteller wrote:*   

> So I have no clue how to fix this...also the new authmysqlrc kind of confuses me to what I am supposed to place in where.
> 
> This is what I have so far...
> 
>  *Quote:*   
> ...

 

If you're thinking about vpopmail.conf it's a totaly diffrent setup now

```

# Line 1 defines the connection to use for database reads,

# Line 2 defines the connection to use for database updates/writes.

# settings for each line:

# host|port|user|password|database

# Read-only DB

localhost|0|vpopmail|password|vpopmail

# Write DB

localhost|0|vpopmail|password|vpopmail

```

----------

## shadowteller

Petterg:

Nope not thinking of vpopmail...

----------

## seriousmoose

you shouldn't be using authmysqlrc... vchkpw instead... When you use vchkpw, then you will need to set vpopmail.conf just petterg said

----------

## Skywacker

had working server until updating world. rebuilt new system on new pc and followed this howto. everything working, EXCEPT I can NOT send mail from outside my LAN. 

 I'm extremely tired and would greatly appreciate it if someone could suggest where I should start looking when I get up tomorrow (been at this since sunday 9am.) 

i can not even telnet port 25 remotely with firewall completely relaxed, yet it works fine internally. I've enabled pop-before-smtp instead of smtp-auth(which I have NEVER had working).  

Where should I look for something that is only blocking access from the internet?

Thanks,

-Sky

----------

## cybris

my config files look exactly like yours petterg.

I did ls -l /var/vpopmail/bin/vchkpw and got 

-rws--x--x 1 vpopmail vpopmail 74796 Jan 14 07:26 /var/vpopmail/bin/vchkpw

465 is the port used to authorize SSL over SMTP.

I also installed stunnel as seriousmoose suggested this did open the port to listen but it still is not working.  I still get errors saying it can't authorize the password when I try to send mail through Kmail on localhost

and yes I am running Kmail on the same box as the server hehe.

one i did do is I re-did using alocaluser@mydomain.tld

Telnet localhost 25 

mail from: who@mydomain.tld 

rcpt to: alocaluser@mydomain.tld 

data 

<body of message here> 

<carriage return> 

. 

250 ok 1105028372 qp 31048

i then checked mutt and it showed up,  i also tested using qmail-inject and that showed up in my inbox in mutt as well.

So now i'm thinking it's something wrong with how kmail is configured?  cause when I check the inbox in kmail using the same user name and password it says it checks and no new messages are found and I get no errors. but when I try to send one through Kmail I get errors saying it can't authorize and yes I made sure for the username to put user@mydomain.tld

still need help arrgggh pulling out my hair LOL

----------

## seriousmoose

cybris,

yes, kmail is probably misconfigured.

The best way I can tell you to configure kmail (without taking screenshots of my own) would be to refer you to the gmail settings (if you have gmail), as they are identical (or at least should be) to yours:

Incoming POP3/IMAP server settings:

mail.yourdomain.com

UseSSL: Yes (put it on there, it's better for everyone  :Smile: )

Port:995

Outgoing SMTP server settings:

mail.yourdomain.com

use authentication: Yes

Use TLS (Or SSL for some): Yes

Port: 465

account name: username@yourdomain.com (REMEMBER that it's the full email address for the username)

Those settings should work. good luck.

Skywacker,

Ok, open the rcpthosts file, and type in domain.com (where domain.com is the domain that you are running). Of course, if you have multiple domains, place each of those on its own line. Next, add your ip, just for good measure.

Go to your email account settings, and be sure that you have the same settings as the above. TLS should get rid of the rcpthosts error. The only difference is, for you, you probably don't have SSL enabled, so TLS will probably have to go on port 25. also, make sure you don't have the use variable set... I think notlsbeforeauth or something like that.

Shoot, my memory is getting foggy. I hope the info I gave is correct.

-------------------------

There seems to be a surge in questions. I think I'm going to rewrite the howto, using all the new qmail settings... gimme a few days though

----------

## petterg

cybris: You should not configure kmail to use smtp-auth when running on localhost!

Edit: (I mean when klient and server is on the same pc)

----------

## cybris

I'm just using kmail to test the settings on the localhost at the moment eventually i will be using the mail sever externally.  Still having problems tho and Kmail is setup up properly with the settings metioned above.  i'm still getting authorization failed (#5.7.0).  I'm stuck I don't know what else to try unless i just redo the whole box but I really don't want to do that cause KDE took 3 days to compile  :Sad: 

----------

## Skywacker

Help,

I can smtp-auth while on my LAN, meaning my pc at work can send mail to everyone in and outside of my virtual domains. 

BUT, squirrelmail barfs if I try to email outside of my virtual domains.   

```
Requested action not taken: mailbox name not allowed

Server replied: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
```

squirrelmail sends to people on my virtual domains just fine.

For reference:

I have mailserver with 3 virtual domains. All 4 have their own IP address (aliases on 1 NIC).

Squirrelmail is running on the same machine. Squirrelmail is set to use SMTP.

my /etc/tcp.smtp has undergone MANY alterations. Yes I update tcprules everytime I change things. here it is:

```

:allow

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

128.252.77.206:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

128.252.77.215:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

128.252.77.164:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

#128.252.77.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

Any suggestions?

Thanks for any help. I HAVE to get this solved tomorrow before half my department is traveling and need remote access to their mail.

-skywacker

----------

## Gatak

You could use SMTP auth with squirrelmail too.

----------

## petterg

 *Skywacker wrote:*   

> Help,
> 
> I can smtp-auth while on my LAN, meaning my pc at work can send mail to everyone in and outside of my virtual domains. 
> 
> BUT, squirrelmail barfs if I try to email outside of my virtual domains.   
> ...

 

Looks like your server doesn't read the tcprules.

Also it looks like you've used some never packages than the guide.

So I believe the server is looking for tcprules in the /etc/tcprules.d folder, and you're talking about /etc/tcp.*. Guess you've been playing with the wrong files!

----------

## petterg

 *cybris wrote:*   

> I'm just using kmail to test the settings on the localhost at the moment eventually i will be using the mail sever externally.  Still having problems tho and Kmail is setup up properly with the settings metioned above.  i'm still getting authorization failed (#5.7.0). 

 

Try Telnet localhost 25 and do

mail from: alocaluser@alocaldomain.tld 

rcpt to: aNONElocaluser@NOTalocaldomain.tld 

data 

<body of message here> 

<carriage return> 

.

If you get error on this you may have same problem as Gatak (read my post a few minutes before this one)

 *cybris wrote:*   

> I'm stuck I don't know what else to try unless i just redo the whole box but I really don't want to do that cause KDE took 3 days to compile :(

 

Thats why I never install any DE on my servers. KDE also needs to be recompiled quite often when doing emerge world. For home server I rathe pull a Pentium 2 out of some garbage container than use my home pc.

----------

## Skywacker

 *Gatak wrote:*   

> You could use SMTP auth with squirrelmail too.

 

how?

----------

## Gatak

 *Skywacker wrote:*   

>  *Gatak wrote:*   You could use SMTP auth with squirrelmail too. 
> 
> how?

 

Run the configure script and go to SMTP settings. There you can change the SMTP Authentication options. You have four options: none, login, cram-md5, or digest-md5.

```
SMTP Settings

-------------

4.   SMTP Server           : 127.0.0.1

5.   SMTP Port             : 25

6.   POP before SMTP       : false

7.   SMTP Authentication   : login

8.   Secure SMTP (TLS)     : false

A.  Update IMAP Settings   : 127.0.0.1:8143 (courier)

H.  Hide SMTP Settings

R   Return to Main Menu

C.  Turn color off

S   Save data

Q   Quit

Command >> 7

If you have already set the hostname and port number, I can try to

automatically detect the mechanisms your SMTP server supports.

Auto-detection is *optional* - you can safely say "n" here.

Try to detect auth mechanisms? [y/N]: n

What authentication mechanism do you want to use for SMTP connections?

none - Your SMTP server does not require authorization.

login - Plaintext. If you can do better, you probably should.

cram-md5 - Slightly better than plaintext.

digest-md5 - Privacy protection - better than cram-md5.

*** YOUR SMTP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***

If you don't understand or are unsure, you probably want "none"

none, login, cram-md5, or digest-md5 [login]:
```

----------

## Skywacker

My god, I could kiss you. I did not even see that you could go into the SMTP settings.  This has totally saved my day/job.

----------

## Skywacker

You ever get this to work? Outlook, OE work fine. Thunderbird pauses 5 seconds because it fails the first try, but then works. Eudora fails outright.

thunderbird auth's look like this:

```

Jan 19 14:18:56 mailserver vpopmail[26868]: vchkpw-smtp: password fail user@email.com:xxx.xxx.xxx.xxx

Jan 19 14:19:01 mailserver vpopmail[26870]: vchkpw-smtp: (PLAIN) login success user@email.com:xxx.xxx.xxx.xxx

```

it fails, but then works. 

outlook just works:

```

Jan 19 12:47:57 mailserver vpopmail[24561]: vchkpw-smtp: (PLAIN) login success user@email.com:xxx.xxx.xxx.xxx

```

eudora fails:

```

Jan 19 14:25:02 mailserver vpopmail[27214]: vchkpw-smtp: password fail user@email.com:xxx.xxx.xxx.xxx

```

 *Crymson wrote:*   

> HOO-RAH!  I found the problem with smtp-auth.  Sabrex was half-right.  SMTP-AUTH *was* working, kinda.  As it turns out, with the newest release of vpopmail (5.4.0) which he has us install in this HOWTO, plain, and login authentication is supported.  CRAM-MD5 is *NOT*.  The only reason I'm having a problem, and noone else seems to be, is because Eudora (my fav winbloz client) uses CRAM-MD5 for authentication.  Many of the program for linux use LOGIN.  After searching the inter7 website for hours on end, I found this:
> 
>  *inter7.com wrote:*   IF USING SMTP AUTH PATCH TO QMAIL-SMTPD
> 
>   * This release of vpopmail includes fixes for vchkpw that may break
> ...

 

Thanks for your help,

Skywacker

[/code]

----------

## sucarino

 *Skywacker wrote:*   

> You ever get this to work? Outlook, OE work fine. Thunderbird pauses 5 seconds because it fails the first try, but then works. Eudora fails outright.
> 
> thunderbird auth's look like this:
> 
> ```
> ...

 

Sky, have a look at https://forums.gentoo.org/viewtopic.php?t=262841&. The solution works very well for me.

----------

## Skywacker

Thanks for the link. However I could not qmail ebuild to unpack nicely, so I found a different fix.

I turned off Cram-MD5 in Eudora by adding this line to the eudora.ini file: 

```
SMTPAuthBanished="CRAM-MD5" 
```

I only have one user who uses Eudora,  so this works for me.  The other thread may be a better fix for a large number of users running Eudora. Thunderbird has a few second delay because of the same problem. I'll see if I can get it fixed. 

-Skywacker

----------

## seriousmoose

skywacker, try filing a bug report in bugs.gentoo.org seeing if they can't add another use variable to turn that define on and off.

Otherwise, it should be straightforward...

ebuild ...qmail.ebuild unpack

[edit the files/install the patch]

ebuild ...qmail.ebuild install

of course, once you do that, you will probably want to ... quickpkg it so you don't have to go through that again, if you ever run in to problems. You can also bzip the source up if you are really paranoid  :Smile: 

----------

## kswtch

Can anyone tell me how to use procmail with this qmail/vpopmail setup? 

I want to use fetchmail to get some mails from other accounts and use procmail to deliver them in different folders. It's working fine for the .maildir/ in my users home folder, but not with the vpopmail one in /var/vpopmail/domains/<domain>/<user>/.maildir/

-kswtch

----------

## superscotty19

Hello everyone!

I am a (very) recent convert to Gentoo, and from what I've seen, I think we're going to have a *beautiful* relationship  :Very Happy: 

I have followed this tutorial, alongside the original, to a tee. I am now at the stage of testing the completed system but, as suggested in this tutorial, I am having problems a few steps back, stemming from right here:

 *Quote:*   

>  install qmail-scanner. for this to work, you may have to force the install of maildrop.
> 
> Code:
> 
> > emerge /usr/portage/net-mail/maildrop/maildrop-1.5.3-r1.ebuild
> ...

 

The error I am getting when I run:

```
setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl -g
```

is:

```
perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt

X-Qmail-Scanner-1.24st:() cannot open for write /var/spool/qmailscan/quarantine-attachments.db.tmp - Permission Denied
```

And when I run:

```
su qmaild -c "/var/qmail/bin/qmail-scanner-queue.pl -g
```

Abolutely nothing happens.

So I guess this is a good(?) thing because I was warned this might happened. Now, the tutorial refers to a FAQ for the solution, but I don't know what FAQ it's referring to, and even after scouring Google, I'm still getting nothing. I'm sure this is a simple problem, but don't know what to do (and I'm so close to being done!) Could someone please help me?

Thanks!

-Scott.

----------

## superscotty19

Looks like I've found the solution (and another great tutorial to boot!)

http://www.olausson.de/content/view/13/40/

-Scott.

----------

## seriousmoose

awesome...

You can get around the section in his article about the qmail-scanner  by running:

setuidgid qscand qmail-scanner-queue -g

setuidgid qscand qmail-scanner-queue -z

This (combined with a few other things) will make it so you don't have to chown your dirs. Well, you probably should follow his example perfect  :Smile: 

----------

## Gatak

I was using the qmail setup that this thread is a guide to. I always thought it a little odd that so many programs are needed to make email work.

So, I removed qmail, qmail-scanner, vpopmail and courier-imap and installed mail-mta/courier instead. It contains a full SMTP and IMAP/POP server and has MySQL support built in. It handles virtual domains and aliases easy. Not to mention courier uses less resources than qmail =) Another benefit is that you can use SMTP AUTH with various crypto schemes like CRAM-MD5. Qmail+vpopmail was limited in this respect.

You can get help from #courier on irc.freenode.net. There is a Gentoo guide at http://www.brianandsara.net/gentoo/docs/courier-vmail-howto.php and another at http://perlstalker.amigo.net/courier/ (very good resource!).

Spamassassin integration is very easy too. There is a script called vuser that makes it easier to add users and aliases to your MySQL database. It is not difficult to do manually though.

Good Luck!

ps.

You need to remove/uninstall vpopmail from your system before installing courier.

ds.

----------

## seriousmoose

now that my system works, I think I'll leave it until it breaks (prob never because I won't be doing any sync/update for a while)... when it breaks, I'll try courier. good to know though  :Smile: 

----------

## cybris

Ok well I re-installed gentoo from the start fresh install nothing else on it.  Followed the how to straight thru.  I can send email locally just find but when I try to send it externally to yahoo.  i get that stupid error that server isn't in my allowed list of rcpthosts.

now i setup my tcp.smtp rules just as the guide has it. it looks exactly the same.  and no I don't even have a /etc/tcprules.d directory so I know I'm using the correct tcprules file.  

How do I setup my tcp.smtp file so i can send mail to places like yahoo, msn, and other domains without making a long list in my rcpthosts file.

----------

## Gatak

cybris, try SMTP AUTH (plain/login) with your clients.

----------

## cybris

nm duh I fell stupid didn't have the checkbox selected for my sever requires authentication in outlook.

----------

## shadowteller

 *Gatak wrote:*   

> I was using the qmail setup that this thread is a guide to. I always thought it a little odd that so many programs are needed to make email work.
> 
> 

 

I did as well....so I started playing with this install type.

I was following the "brianandsara" howto and I got locked up on this

5. Setup maildir's 

```
for every user's directory you need to change to the directory and run: 

$ maildirmake .maildir 

$ you need to set ownership to the uid and gid of the courier user (normally "mail")
```

This fails to make sense...if I change the uid to say webmaster...thenwebmaster is no longer owner of his onw directory.  I mean I can make hime a member of the group users and mail.  But changing his uid?

Someone ought to wrtie a good current howto for this....maybe I will once I debug my own problems....

----------

## boaworm

Excellent guide, it's a setup which is quite similar to what I'm running in a production environment. Although, I have a "serious" problem.

Evertime I do an emerge sync or an etc-update, gentoo runs "find" to locate files that are updated and so on. This process takes extremely long time on a loaded email system with millions of files (emails) in /var/vpopmail/domains, because the "find" process obviously wants to look through that directory.

Have you, or anyone else, come up with a solution to remove certain paths from the etc-update and emerge sync "procedures" ?

----------

## cybris

thanks to everyone so much espcially petterg for his advice.  I finally have a working webserver/mailserver with mysql and php.  This is my first time really using Gentoo although i've used linux for awhile now. Everything is runinning smooth now  :Smile: 

----------

## newtonian

Hi-

I bought a cheap certificate for my domain from public CA.  I installed the certificate on apache and everything works fine. 

Can I use the same cert with my qmail (SMTPS) vpopmail(pop3s) setup from this tutorial?

I'm currently using these files for apache:

/etc/apache2/conf/ssl/mydomain.tld.key

/etc/apache2/conf/ssl/mydomain.tld.crt

/etc/apache2/conf/ssl/sf_issuing.crt

Cheers,

----------

## petterg

newtonian: I would guess you could just copy the certificate files to where the other applications are looking for it.

----------

## Gatak

 *newtonian wrote:*   

> I bought a cheap certificate for my domain from public CA.  I installed the certificate on apache and everything works fine. 

 Which CA did you buy from, and what did it cost?  :Smile: 

----------

## newtonian

 *Gatak wrote:*   

> Which CA did you buy from, and what did it cost? 

 

It was a cheap cert from godaddy.com $30.00 US.

----------

## newtonian

 *petterg wrote:*   

> newtonian: I would guess you could just copy the certificate files to where the other applications are looking for it.

 

in the qmail/vpopmail Virtual Mail Hosting System Guide

http://www.gentoo.org/doc/en/qmail-howto.xml

 is says to:

```
# cd /etc/courier-imap

# nano authdaemonrc

(Set the authmodulelist variable to only contain "authvchkpw")

# nano pop3d.cnf 

(Edit the [ req_dn ] section)

# mkpop3dcert

```

The mkpop3dcert creates a pem file, but I've got 2 .crt files and a key file.  How do I go convert my cert and key files into a pem?  Do you use openssh?

Can you just tell courier to look for the crt and key files instead of the pem?

Cheers,

----------

## Rooney

I am unable to relay from external or even localhost.

I have setup /etc/tcp.smtp as below, 

```

# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-que$

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

10.0.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scann$

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay$

:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

when i telnet to it from the localhost i get the following.

```

# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to 127.0.0.1.

Escape character is '^]'.

220 core ESMTP

mail from:user@domain.tld

250 ok

rcpt to:user@domain.tld

250 ok

data

354 go ahead

this is a test

.

451 qq temporary problem (#4.3.0)

quit

221 core

Connection closed by foreign host.

```

Help please

----------

## newtonian

==> Rooney

```

451 qq temporary problem (#4.3.0)

```

I found this at: http://www.gossamer-threads.com/lists/qmail/users/121828

 *Quote:*   

> 
> 
> I suggest reading the documentation for qmail-scanner-queue.pl. This
> 
> condition is addressed to some degree in the docs. It is usually a
> ...

 

Another suggestion would be to:

```

vim /var/qmail/bin/qmail-scanner-queue.pl

```

and search for  *Quote:*   

> 4.3.0 and or temporary problem 

  What is the code that comes up just before the error message in the perl code?  

What version of  qmail-scanner are you running?

Cheers,

----------

## Rooney

Thanks for that but i have just managed to fix it by re-emerging /etc/tcp.smtp  with out ipv6 my problem now is mail isent coming in from the internet

 *newtonian wrote:*   

> ==> Rooney
> 
> ```
> 
> 451 qq temporary problem (#4.3.0)
> ...

 

----------

## newtonian

==> Rooney

Just curious, what command did you use to re-emerge /etc/tcp.smtp?

```

emerge ??????????????

```

Cheers,

----------

## Rooney

 *newtonian wrote:*   

> ==> Rooney
> 
> Just curious, what command did you use to re-emerge /etc/tcp.smtp?
> 
> ```
> ...

 

first 

```
 emerge -C sys-apps/ucspi-tcp 
```

then 

```
 env USE="-ipv6 -ssl" emerge sys-apps/ucspi-tcp
```

----------

## newtonian

==>Rooney

Thanks

----------

## sutko

Hi,

I followed this instructions and my mail server works fine, but I have one problem.

If I get e-mail with Microsoft Excel document in attachement this document is renamed to .att ... sometimes is attachement correct but sometimes is renamed ... I think so do that when is some macros in document.

I don`t know what part of mail server do that.

Is here anybody who can help me?

... sorry for my bad english ...

----------

## petterg

There is a bug with ClamAV, ppl should upgrade to 0.81.

https://forums.gentoo.org/viewtopic.php?t=288286

However - after upgrading the eicar testvirus is detected as usual, but NetSky D infected files does not get detected!

Anyone had success with 0.81?

(I upgraded from 0.80)

----------

## sarge

Hello, i need help or little advice. More than year my setup was qmail+spamassassin+clamav+dcc+courier-imap. Everything works fine, POP3,POP3S,IMAP,IMAPS and SMTP-AUTH. 

It was more than 20 users, all with shell account. Now we decided that we need another domain for email but without shell access..virtual domain. I`ve follow this guide to setup vpopmail, make all as been wrote here except 

```
authmodulelist="authvchkpw"
```

 Instead i leave 

```
authmodulelist="authvchkpw authcustom authmysql authpam"
```

In qmail`s confs i changed 

```
QMAIL_POP3_CHECKPASSWORD to "/var/vpopmail/bin/vchkpw" instead of old "/bin/checkpassword"

and QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
```

Virtual domain is set folowing this guide and working. Local domain is host.domain.com and virtual domain is virtualdoman.com (2nd level domain names are different)

So, its my setup and now go for problems. Now courier`s stuff works for both local and virtual users, all can do IMAP,POP3S,IMAPS. 

With this setup local shell users can`t get into their mailboxes through POP3 and they can`t send any email coz SMTP-AUTH seems to validate only virtual users with vchkpw!!

Okay, i can send qmail-pop3 to hell and use courier`s pop3 daemon, but what i can do with smtp ?? If i change QMAIL_SMTP_CHECKPASSWORD to checkpassword, then users in virtual domain can`t send messages  :Sad: 

Is anu workaround for this circle ? something like multi authentication in courier-imap ? Or only i can do is replace qmail with courier mail server ??

Thanx for reply and help.

Rene

----------

## petterg

sarge: If your goal was to have some accounts with shell access, and other accounts without shell you could have added the users to not allow shell access to a usersgroup. Then you use PAM to block login for users in the group.

I don't think you can combine virtual and not virtual domains. I think you need to add the nonvirtual domain as a virtual domain, and set it up as any other virtual domains. You would need to use user@domain.tld as username even at the nonvirtual domain.

----------

## sarge

 *petterg wrote:*   

> sarge: If your goal was to have some accounts with shell access, and other accounts without shell you could have added the users to not allow shell access to a usersgroup. Then you use PAM to block login for users in the group.
> 
> I don't think you can combine virtual and not virtual domains. I think you need to add the nonvirtual domain as a virtual domain, and set it up as any other virtual domains. You would need to use user@domain.tld as username even at the nonvirtual domain.

 

Strange is that courier use multi-authentication so it`s possible, i dunno why is it not implemented by vpopmail .. 

some of my friends still use old way to work with email like ssh login and mutt. I think its not posible to check mail on virtual domain this way.

vpopmail can be compiled only for /etc/passwd or mysql but not for both.. is it really that hard to code something like if username is name only then look in /etc/passwd and if contains something like @ or % then check against mysql ?? suck

----------

## Smilez:)

I have a problem with the qmailscan directory. I followed the how to on qmail/vpopmail/courier/spamassassin exactly, as well as I've read 98% of the posts in the thread. Yet still every-now-and-then the qmail-scanner-queue-version.txt file changes it's permissions and my smtp function stops working.  I've tried everything I know to fix this for good, but it continues to happen.  Can someone suggest something that hasn't already been said in this thread, short of making a cron job that runs hourly to change the permissions. 

Thanks,

Ian

----------

## sarge

Okay guys, my problem is now solved. Only thing to get my local and virtual domains work together was simply to install latest stable version (5.4.9) with custom ebuild taken from 5.4.6.  Seems to be a bug in vesrsion in gentoo portage and i think its time to bump from old 5.4.6 to something newer  :Smile: 

my log now say:

```
Feb  9 22:40:56 xwx vpopmail[5307]: vchkpw-pop3: system password login success timelord:195.168.30.89
```

and im happy  :Smile: 

----------

## petterg

Smilez: What's the permissions (and ownership) it gets after update? And what's the permissions (and ownership) you need it to have in order to work?

----------

## Smilez:)

 *petterg wrote:*   

> Smilez: What's the permissions (and ownership) it gets after update? And what's the permissions (and ownership) you need it to have in order to work?

 

qscand:root

after update

owner can read/write and that's it

to get it to work i just set it at chmod 777

----------

## petterg

qmail-scanner-queue-version.txt has rw permission for qscand here, and it works.

MAybe your qmail-scanner is not running as qscand?

What's the ownership of files in the quarantine folder? That may tell you which user qmail-scanner is running as. Try to change ownership of qmail-scanner-queue-version.txt to be the same as those files, and keep the 600 permission. Does it work then?

Are you sure you're smtp server is calling the qmail-scanner wrapper, not the perl script file directly?

----------

## lcidw

While running ebuild /var/db/pkg/mail-mta/qmail-1.03-r15/qmail-1.03-r15.ebuild config i got the following error.. what should i do about it?

```
/var/db/pkg/mail-mta/qmail-1.03-r15/qmail-1.03-r15.ebuild: line 521:    

/etc/cron.daily/qmail-genrsacert.sh: No such file or directory
```

Then the installation says:

If you have problems with vpopmail not accepting mail properly,

please ensure that /etc/vpopmail.conf is chmod 640 and

owned by root:vpopmail

```
# chmod 640 /etc/vpopmail.conf

# ls -al /etc/vp*              

-rw-r-----  1 root vpopmail 633 Feb 14 16:03 /etc/vpopmail.conf
```

The root:vpopmail thing is good.. But i can do what i want, it doesn't become chmodded 640, or i'm doing something very wrong..

And then this manual wants it to be owned by vpopmail too, and not even 640 but 600.. Strange.

Anyway, i'm at the end of my installation, and all works.. sometimes  :Smile:  So, good enough, let's not spend time on this, more important things to discuss.Last edited by lcidw on Tue Feb 15, 2005 4:29 am; edited 1 time in total

----------

## Smilez:)

 *petterg wrote:*   

> qmail-scanner-queue-version.txt has rw permission for qscand here, and it works.
> 
> MAybe your qmail-scanner is not running as qscand?
> 
> What's the ownership of files in the quarantine folder? That may tell you which user qmail-scanner is running as. Try to change ownership of qmail-scanner-queue-version.txt to be the same as those files, and keep the 600 permission. Does it work then?
> ...

 

okay, pretty sure I got it all fixed.

1. removed the QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" from the /etc/tcprules.d/tcp.qmail-smtp file and re-established the tcprules database.

2. added export QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue" to the /var/qmail/control/conf-common file

now the only thing I'm wondering is if I'm a global relay for the internet? is there a way of telling if people outside my network can relay mail through my server? A log file maybe?

----------

## lcidw

What i still don't get is..

..i got all from this manual installed, all the anti-spam daemons, qmail-scanner, etc. And i'm running a webserver, so the people who want to make use of the mail service, can have any host. And they should be able to mail any host they want. With this qmail-scanner and the anti-spam protections, is it safe to put all hosts (.com .net .org etc..) in rcpthosts?

Or should'nt the mailserver even look at rcpthosts and skip the file?

And like Smilez:) said, how can you know how badly you are an open relay?

----------

## dausha

Here's one for you . . .

After beating my head for almost 16 hours, I finally got qmail and vpopmail to hold hand again. I had uninstalled qmail, then re-installed. It still did not work. I removed the virtual domains in the vpopmail, then added them back. Then, I ran dotqmail2valias, and it worked. I changed the .qmail-default to point to the email address 'everybody@domain.org'.

Now, when I sent messages from my gmail account, I get the following message in the qmail log:

```
 new msg 3457029

@400000004216cb9a28cf808c info msg 3457029: bytes 1808 from <dausha@gmail.com> qp 21934 uid 89

@400000004216cb9a2aeba5e4 starting delivery 37: msg 3457029 to local bclr.org-ben.riley@bclr.org

@400000004216cb9a2aebb584 status: local 1/10 remote 0/20

@400000004216cb9a2b9904b4 delivery 37: failure: message_is_looping_everybody@bclr.org/mail_is_looping/

@400000004216cb9a2b99183c status: local 0/10 remote 0/20

@400000004216cb9a2fccd2f4 bounce msg 3457029 qp 21938

@400000004216cb9a2fcce67c end msg 3457029

@400000004216cb9a2fdc191c new msg 3457717

@400000004216cb9a2fdc28bc info msg 3457717: bytes 2337 from <> qp 21938 uid 206

@400000004216cb9a32ab561c starting delivery 38: msg 3457717 to remote dausha@gmail.com

@400000004216cb9a32ab69a4 status: local 0/10 remote 1/20

@400000004216cb9b1acc4c54 delivery 38: success: (dausha@gmail.com)_64.233.171.27_accepted_message./Remote_host_said:_250_2.0.0_OK_1108790162/

@400000004216cb9b1acc5fdc status: local 0/10 remote 0/20

@400000004216cb9b1acc6b94 end msg 3457717

```

Mind you, it did deliver, then it choaked and sent this log message. It also kicked the error to my gmail account. It seemed to stop when the email was removed from the vpopmail mail directory.

Any hints as to what the likely culprit is?

Ben

----------

## petterg

There are major changes in config files from Courier-imap 3.x to 4.x. Be careful when updating config files. Use etc-update!

There is also a bug in the courier-authlib-0.5*.ebuild when it's looking for vpopmail (compiling support for authvchkpw). Read the workaround here: https://bugs.gentoo.org/show_bug.cgi?id=85794

Clamav >= 0.81 still does not detect NetSky D infected mails. Calmav <= 0.80 does. However <= 0.80 has some kind of bug that may cause the daemon to die. I've chosen to stick with 0.80. After 12 months of using 0.7x and 0.80 it still hasn't died.

----------

## TheCat

 *ramsesii wrote:*   

> hi everybody!
> 
> i fail to get qmail working on my adm64 (~amd64) system. first i tried stable version, but failes - changed use - and cflags (-fPIC).
> 
> i finally made vpopmail to compile against libs from mysql-4.0.22 (package.masked - next higher version did NOT compile)... but with courier-authlib im @ the end.
> ...

 

have same problem. did you fix it?

----------

## Letus

I think something's wrong with the 2.6 kernel, AMD64 and this dooooooomed program. I'm trying to make it work for 3 weeks now, but not completly successful  :Sad:  (having AMD64 and gentoo about 2 months old).

1) I wasnt able to just install it. 

emerge qmail

followed the steps of this tutorial

svscan start

 *Quote:*   

> 
> 
> @40000000424c0afe0e8b1754 tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist
> 
> 

 

go to hell you stupid user, Im not willing to cooperate ...

ok

2) I downloaded the source codes

make, install

followed the steps from lifewithqmail

qmailctl start

and, guess what, the same error

3) I deleted UCSPI / tcpserver package, emerged, unmerged, deleted, maked, deleted, emerged, unmerged, maked,

on and on, and one day, SOMETHING happend. I really can not say WHAT, IT just stopped throwing the damned error about 0.0.0.0 (dont make fool of me, I really tried to put any other IP address there, FQDN, no change) and started working ! I was using the qmail-send, qmail-smtpd locally for about a week.

Ok. Now lets move to "relay just for authorized users, no damned spammers" machine. Ehm. Uch. Problem. Couldnt get the damned relaying to work ! SMTP-AUTH, SMTP-after-POP3, no change. Until I found a note, that for some reason, if tcpserver is copiled with +ipv6, it WILL NOT RELAY. Hell.

4) I unmerged UCSPI, emerged again, with USE="-ipv6", and guess what ?

 *Quote:*   

> 
> 
> @... tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist
> 
> 

 

And until now, I wasnt able to make it work again  :Sad: 

Can ANYONE help me ?

----------

## petterg

 *Letus wrote:*   

> 
> 
> @... tcpserver: fatal: temporarily unable to figure out IP address for 0.0.0.0: file does not exist
> 
> 

 

Reinstall everything with -ipv6.

(If ipv6 is on you have to enter v6 IP's all over - or without ipv6 you have to use v4 ip's all over. Mixing is probably not any good idea.)

----------

## Letus

thank you for answer !

what do you mean by "everything", how far do I have to go ? UCSPI, for sure. QMAIL ? what else ?

(this error you see is generated by tcpserver already compiled WITHOUT IPV6, thats why I ask  :Sad:  )

----------

## petterg

 *Letus wrote:*   

> thank you for answer !
> 
> what do you mean by "everything", how far do I have to go ? UCSPI, for sure. QMAIL ? what else ?
> 
> (this error you see is generated by tcpserver already compiled WITHOUT IPV6, thats why I ask :( )

 

I don't know. After you've disabled the ipv6 flag you could do an "emerge -pvD world |grep ipv6" to see all packages that would be affected by the ipv6 and reemerge them. (I think the -pvD would be the right parameter to use. If not, read the manual.)

----------

## Decibels

I have been trying on a amd64 system also to get qmail working and it doesn't. Emerged -r15 on the amd64.

Have -r13 on the x86 and is working fine there.

So I don't know if it is borked and wasting my time on the wrong thing or not. All I want is for my cronjobs

to be mailed to me. 

One question I have is: I keep seeing about emerging vpopmail now. I don't think I have to have that to just get

qmail to work now do I? Just want my cronjobs mailed, and this works on the x86 system just fine.

Set this one up the same on the amd64 and it's not mailing them. I check the logs and getting a:

```
delivery 9: failure: User_over_quota._(#5.1.1)/

status: local 0/10 remote 0/20

triple bounce: discarding bounce/748655

end msg 748655
```

I have googled,... and can't find the answer on any of it or on the quota issue either. Everybody says: check your disk quota.

I don't have quota installed, it has something to do with qmail and ??? drawing a blank.

----------

## BlackB1rd

I didn't follow this guide, but this one: http://gentoo-wiki.com/HOWTO_Setup_QMAIL_RELAY-CTRL_VPOPMAIL_&_QMAILADMIN_with_a_minimum_amount_of_fuss

It seems almost identical. But now I'm getting these messages in /var/log/qmail/qmail-send/current:

```

@4000000042735b4022a8eeb4 status: local 1/10 remote 0/20

@4000000042735b4022eaaebc delivery 18: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/

```

(Almost) all email stay in queue and cannot be delivered. It seems to unable to locate the maildirs, but this should be handled by the vpopmail package I think?

----------

## petterg

 *BlackB1rd wrote:*   

> I didn't follow this guide, but this one: http://gentoo-wiki.com/HOWTO_Setup_QMAIL_RELAY-CTRL_VPOPMAIL_&_QMAILADMIN_with_a_minimum_amount_of_fuss
> 
> 

 

That guide is the same as the one in this thread: https://forums.gentoo.org/viewtopic-t-310719-highlight-.html

I don't think it's a very good idea to follow that guide. Read my comments in the linked thread. (Also take note of the threadstarters reaction to my comments. He might not have the best intentions when he wrote the guide.)

I recomend you follow the guide Sabrex wrote in this thread.

----------

## Decibels

I forgot to say. I just unmerged and remerged qmail and got it working. Must have been

something from copying over some of my previous configs from the x86 system.

Mails local mail just fine now.

----------

## BlackB1rd

 *petterg wrote:*   

> That guide is the same as the one in this thread: https://forums.gentoo.org/viewtopic-t-310719-highlight-.html
> 
> I don't think it's a very good idea to follow that guide. Read my comments in the linked thread. (Also take note of the threadstarters reaction to my comments. He might not have the best intentions when he wrote the guide.)
> 
> I recomend you follow the guide Sabrex wrote in this thread.

 

Thanks, I tried to fix my configuration by using this thread, but I still getting these messages. I'm not sure if the permissions are correct, should qmail not be running as vpopmail user? I just can't get it working  :Sad: 

[edit]

I'm not sure what I exactly did, but it seems to work fine now  :Smile:  Hopefully I don't have to reconfigure this thing ever again  :Wink: 

[/edit]

----------

## petterg

 *BlackB1rd wrote:*   

> 
> 
> Thanks, I tried to fix my configuration by using this thread, but I still getting these messages. I'm not sure if the permissions are correct, should qmail not be running as vpopmail user? I just can't get it working :(
> 
> 

 

Qmail should not be running as vpopmail.

There are a lot of security problems that turns up with the guide you followed. If you're not 100% sure what you've done all the way during install you should try to undo everything and start over using this guide. For details on the problems, read my post in the thread linked in my previous posting.

----------

## yc

I have followed the instructions and procedures to setup my qmail or other relevant packages. I can send emails to out side of the world with no problems. But I dont' received any reply messages or new messages sent from out side at all. Any suggestions?

Also instead of using mutt to check emails, is there any other better email client??

Thanks in advance!

----------

## petterg

 *yc wrote:*   

> I have followed the instructions and procedures to setup my qmail or other relevant packages. I can send emails to out side of the world with no problems. But I dont' received any reply messages or new messages sent from out side at all. Any suggestions?
> 
> Also instead of using mutt to check emails, is there any other better email client??
> 
> Thanks in advance!

 

First, check your system by running the qmailscanner test:

Extract the files from /usr/portage/distfiles/qmail-scanner-xxxx

In the folder contrib there is a script called test_instalation. Run it!

If no error - check for files in /var/vpopmail/domains/YOURDOMAIN/USERNAME/.maildir/new

If no files in the folder - modify the testscript:

insert

```
RECIP="username@yourdomain.tld"
```

before the line

```
echo "Sending standard test message - no viruses..."
```

Should be at line 112 or something like that.

Then run the script again and look for files in the folder.

If still no files in the folder - check for errors in your logfiles.

If you get files in the folder - but no mail using mutt (or other clients) make sure the client is configured correctly - you may also have a problem with your imap server.

If you get mail using mutt when you're testing, but not when someone are sending you mails you may have a firewall problem - maybe your ISP is kind enough to block port 25?

Try send mail from mutt to yourself on localhost.

Does sending mail from the outside produce any errormessages?

----------

## yc

I couldn't locate "/usr/portage/distfiles/qmail-scanner-xxxx". No such file found.

Where or how can I get it?

----------

## petterg

 *yc wrote:*   

> I couldn't locate "/usr/portage/distfiles/qmail-scanner-xxxx". No such file found.
> 
> Where or how can I get it?

 

emerge -f qmail-scanner

(xxx is a version number, not the letters xxx!)

----------

## emeraldv45

I have been searching for a while on how to get .qmailadmin-limits to work with a standard vpopmail install.

So far I have concluded that vpopmail needs to be installed with 

```
--disable-mysql-limits
```

  I have changed the ebuilds to reflect this, but Mysql still creates a limits table when someone logs into qmailadmin.  All I changed in the ebuild was one line stating 

```
--enable-mysql-limits
```

 in

```
          use mysql \

                                && myopts="${myopts} --enable-auth-module=mysql \

                                            --enable-libs=/usr/include/mysql \

                                            --enable-libdir=/usr/lib/mysql \

                                            --enable-mysql-logging=y \

                                            --enable-auth-logging=y \

                                            --enable-valias=y \

                                            --enable-mysql-replication=n \

                                            --enable-mysql-limits"

```

to 

```
--disable-mysql-limits
```

  I noticed that some of the commands using vmoddomlimits work like maxpopaccounts but I can't get non-postmaster account flags to work.  I am trying to setup vpopmail so clients can log in and create their own accounts.  I just want to limit the number of accounts per domain as well as user quotas.  I am using vpopmail-5.4.6-r1.  Any ideas?  If you need it, I have a write up of my entire install.

----------

## emeraldv45

I have also tried:

```
          use mysql \ 

                                && myopts="${myopts} --enable-auth-module=mysql \ 

                                            --enable-libs=/usr/include/mysql \ 

                                            --enable-libdir=/usr/lib/mysql \ 

                                            --enable-mysql-logging=y \ 

                                            --enable-auth-logging=y \ 

                                            --enable-valias=y \ 

                                            --enable-mysql-replication=n \ 

                                            --enable-mysql-limits=n"
```

I had no luck with this either

This is how I setup my server

```
Qmail

#emerge -C ssmtp

#emerge qmail

#ebuild /var/db/pkg/mail-mta/qmail*/qmail* config

#ln -s /var/qmail/supervise/qmail-send /service/qmail-send

#ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd

#rc-update add svscan default

#/etc/init.d/svscan start

Vpopmail

#emerge vpopmail

#ebuild /var/db/pkg/dev-db/mysql*/mysql* config

#/etc/init.d/mysql start

#/usr/bin/mysqladmin -u root -h localhost password password

#/usr/bin/mysqladmin -u root -p password password

#mysql -u root -p

>create database vpopmail;

>use mysql;

>grant select, insert, update, delete, create, drop

>on vpopmail.*

>to vpopmail@localhost

>identified by vpopmail password;

>flush privileges;

>exit

#nano /etc/vpopmail.conf

(change secret to vpopmail password on 2 lines)

Courier-imap

#emerge courier-imap

#nano /etc/courier/authlib/authdaemonrc

authmodulelist=authvchkpw

#nano /etc/courier-imap/imapd

IMAPDSTART=YES

AUTHMODULES=authvchkpw

#nano /etc/courier-imap/pop3d

POP3DSTART=YES

AUTHMODULES=authvchkpw

#rc-update add courier-imapd default

#rc-update add courier-pop3d default

#/etc/init.d/courier-imapd start

#/etc/init.d/courier-pop3d start

Pure_ftpd

#emerge pure-ftpd

#rc-update add pure-ftpd default

#groupadd ftpgroup

#useradd ftpuser -g ftpgroup -d /dev/null -s /etc

#nano /etc/conf.d/pure-ftpd

Uncomment IS_CONFIGURED=yes

AUTH=-lpuredb:/etc/pureftpd.pdb

Squirrelmail

#emerge squirrelmail

#webapp-config -I -h localhost -d mail squirrelmail 1.4.4

#emerge qmailadmin

#emerge bind

#rc-update add named default

#emerge iptables

#rc-update add iptables default

#emerge apache php mod-php

#nano /etc/conf.d/apache2

APACHE2_OPTS=-D PHP4

```

My Use Flags

```
-gtk -gnome -quicktime X apache2 ethereal imap jpeg kde libwww maildir mpeg mysql php samba sasl ssl vhosts nls xml xml2
```

My CFLAGS

```
CFLAGS=-march=athlon-xp -msse2 -02 -pipe -ftracer
```

---------------------------

AMD64-3500

1GB OZC

2x250GB SATA WD RE

MSI K8N Neo2

----------

## AxelTerizaki

Hello.

Recently there has been an update of qmail (-r13 to -r15) so I decided to upgrade it, along with courier-imap which I left at version 3.x when 4 was out.

The transition from courier-imap 3 to 4 went more smoothly than I expected, but qmail... that's another story.

Now:

- qmail-smtp doesn't do SMTP-Auth at all anymore. It was supposed to do so via vpopmail. It just lets everyone use the server as an open relay without auth. Which is bad, of course.

- Also, the smtp server forbids me from sending mail to anything but the domains in rcpthosts, while it was working perfectly before.

I'm trying for nearly 4 hours now and I'm really out of ideas, so I'm trying this forum. I've used it for help many times, having found similar problems to mine most of the time, but there, I have absolutely no clue of what is going on. I'd like to try switching to another virtual domain hosting/MTA couple, like some people suggested (using courier, postfix...) but I have yet to find a tutorial for gentoo that would allow me to do all that the original tutorial of this thread allowed me to. For now I'm trying to keep qmail, if I can solve this.

So, back to my problem, I'll try to provide as much info as possible.

Contents of /var/qmail/control/conf-smtpd

```

# Configuration file for qmail-smtpd

# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/conf-smtpd,v 1.4 2005/01/28 08:15:18 hansmi Exp $

# Stuff to run before tcpserver

#QMAIL_TCPSERVER_PRE=""

# Stuff to run qmail-smtpd

#QMAIL_SMTP_PRE=""

# Stuff to after qmail-smtpd

#QMAIL_SMTP_POST=""

# this turns off the IDENT grab attempt on connecting

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

# fixcrio inserts missing CRs at the ends of lines. See:

# http://cr.yp.to/ucspi-tcp/fixcrio.html

# http://cr.yp.to/docs/smtplf.html

# DO NOT enable this, when you are using SSL/TLS (USE=ssl)!

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} fixcrio"

# You might want to use rblsmtpd with this, but you need to fill in a RBL server here first

# see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more details

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"

# If you are interested in providing POP or IMAP before SMTP type relaying,

# emerge relay-ctrl, then uncomment the next 2 lines

#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

# In /etc/courier-imap/authdaemonrc add the next line to the end:

#authmodulelist="${authmodulelist} relay-ctrl-allow"

# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}

# Add this at the end

#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"

# This next block is for SMTP-AUTH 

# This provides the LOGIN, PLAIN and CRAM-MD5 types

# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5

# and reads it's data from /etc/poppasswd

# see the manpage for cmd5checkpw for details on the passwords

# uncomment the next four lines to enable SMTP-AUTH

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

```

Contents of /etc/tcprules.d/tcp.qmail-smtp

```

# to update the database after changing this file, run:

# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp

#------------------------------------------------------

# DESCRIPTION OF THE RULES TO REMIND ME OF HOW THIS FILE WORKS

#

# If you set 'allow', this means that our mail server will allow

# the specified IP range to make a TCP connection to our server

#

# If you set 'deny', this means that our mail server will not allow

# the specified IP range to make a TCP connection to our server

#

# If you set RELAYCLIENT="", this means that the listed IP range is 

# allowed to relay mail through our server

#

# If you dont set RELAYCLIENT="", this means that the listed IP range

# will not be able to relay mail through our server

#

# If you set RBLSMTPD="", this means that the listed IP ranges will

# not be checked against any of the RBL databases

#

# If you set RBLSMTPD="some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 4xx temp error message

#

# If you set RBLSMTPD="-some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 5xx perm error message

#

# If you do not set RBLSMTPD="" or ="some text", then an RBL lookup

# will be performed. If the lookup is successful, then RBLSMTPD will

# return your custom error message (as specified in the -r parameter

# in smtpd supervise script)

#

#-----------------------------------------------------

# HERE ARE THE RULES! :

#-----------------------------------------------------

# BYPASS OPEN RELAY CHECKING FOR THESE IPS :

#

# These IPs are ones that we have setup so that they arent RBL checked.

# We have done this because these particular servers are RBL listed,

# and for whatever reason they can't/won't fix their open relay problem,

# and we still want to be able to receive mail from them.

# 

# reminder text goes here for this entry so we know the story...

#111.111.111.111:allow,RBLSMTPD=""

# reminder text goes here for this entry so we know the story...

#222.222.222.222:allow,RBLSMTPD=""

#

#-----------------------------------------------------------------

# DONT ALLOW THESE IPS TO SEND MAIL TO US :

#

# mailXX.offermail.net connecting regularly and sending invalid

# format messages causing exit with status 256 (bare linefeed normally)

# entry added 15/12/2001

# after looking at the mail coming from these servers it was found to be spam

#216.242.75.100-116:allow,RBLSMTPD="-Connections from this IP have been banned."

#

# heaps of spam from replyto of *@freeamateurhotties.com dec2001

#64.228.127.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#154.20.94.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#209.151.132.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#216.18.85.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#

#-----------------------------------------------------------------

# ALLOW THESE IPS TO RELAY MAIL THROUGH OUR SERVER

#

# Local class-c's from our LAN are allowed to relay,

# and we wont bother doing any RBL checking.

#123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""

#123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""

#

# Connections from localhost are allowed to relay 

# (because the WebMail server runs on localhost),

# and obviously there is no point trying to perform an RBL check.

#127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

#

#-----------------------------------------------------------------

# ALLOW EVERYONE ELSE TO SEND US MAIL

#

# Everyone else can make connections to our server,

# but not allowed to relay

# RBL lookups are performed

:allow

# If you are using qmail-scanner, this line here is the correct one to use

# instead (comment out the above ':allow' line FIRST) and applies that script

# to any mail coming in that is not from a host allowed to relay. You can

# change the value of the variable to any other value you desire to use custom

# scripts for example.

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

194.242.112.151:allow,RELAYCLIENT="",RBLSMTPD=""

# Qmail-Scanner disabled for mail from localhost, relay allowed

#127.0.0.1:allow,QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                         

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

#192.168.1.:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                         

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

# Qmail-Scanner disabled for mail from localhost, relay allowed

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"                                                                                                                         

# Qmail-Scanner enabled (virus only) for mail from local network, relay allowed

#:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"                                                                                                                         

# Qmail-Scanner enabled (virus and spam) for mail from external internet, relay denied

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

```

Is there something else I can add so you can help me? Thanks in advance  :Smile: 

----------

## Red-Drop

I and others have solved this issue in this post

https://forums.gentoo.org/viewtopic-t-339867-highlight-upgrade+qmail.html

----------

## petterg

The solution Red-Drop linked to has some security issues you should concider. Read my posting in the same thread, posted few minutes before this posting. Problem is on the clientside - not serverside!

----------

## AxelTerizaki

I thank you both for this, I'm in the process of modifying configuration to retry this, I believe it might be the solution alright  :Smile: 

As for the clientside problem, it's simple: none of my users use Outlook  :Razz: 

----------

## tbu

Hi!

I followed the guide successfully till the point when spamassassin rewrites the subjet header of the mail!

so everthing is working exept it wont rewrite the subject line. also i see in the header:

 (f-prot: 4.5.4/3.16.6. spamassassin: 3.0.2. perlscan: 1.25st.  

 Clear:RC:0(64.233.170.203):SA:1(1002.5/4.0):. 

 Processed in 1.687191 secs); 23 May 2005 20:35:48 -0000

X-Spam-Status: Yes, hits=1002.5 required=4.0

X-Spam-Level: ++++++++++++++++++++++++++++

my local.cf looks like this: 

required_hits  5.0

rewrite_header Subject *****SPAM*****

report_safe 2

report_header  1

use_bayes  1

auto_learn  1

skip_rbl_checks  0

use_razor2  1

use_dcc  1

use_pyzor  1

ok_languages  all

ok_locales  all

lock_method flock

any idea why spamassassin wont rewrite the header?

thanks

tbu

----------

## petterg

 *tbu wrote:*   

> Hi!
> 
> I followed the guide successfully till the point when spamassassin rewrites the subjet header of the mail!
> 
> 

 

This guide was written for spamassassin-2.6x.x and qmail-scanner-1.16. They had a problems with the subject rewrite. Sabrex found a workaround he included in step 8 (edit qmail-scanner.pl). As of >qmail-scanner-1.20 this is no longer nessesary.

Try to reemerge qmail-scanner and leave the .pl unchanged.

I'm going to setup a new mailserver soon. Probably by the end of next week. I'll log what I do and make an updated guide based on the great work Sabrex did on this one.

----------

## Crymson

Well, it's been a long time coming, but I finally have a FULL solution for people using cram-md5 auth, and are getting vchkpw errors with Eudora, and others.

I posted a bug on bugzilla, and can be viewed here.  The solution is a simple patch, and ebuild of qmail.

I still don't understand why this took OVER A YEAR to get solved, and not even by the developer, but hey.  It works for me.  Every mail client works exactly like it should now.

https://bugs.gentoo.org/show_bug.cgi?id=53117

Enjoy, I hope it fixes a lot of peoples problems out there.

-=Crymson

----------

## kostodo

Im getting this error when im trying to run test_installation.sh:

```
Sending bad spam message for anti-spam testing - In case you are using SpamAssassin...

X-Qmail-Scanner-1.25st: We have reasons to believe this mail is SPAM

qmail-inject: fatal: mail server permanently rejected message (#5.3.0)

Bad error. qmail-inject died
```

It seems this is a regular problem as i've set the subject to get modified to *****SPAM***** and i've yet to get a SPAM mail actually come through into the recipients inbox. If i send test spam, it just never gets delivered (the mailserver swallows it).

Any ideas?

----------

## petterg

 *kostodo wrote:*   

> Im getting this error when im trying to run test_installation.sh:
> 
> 

 

I think I remember seeing a setting somewhere regarding if the server should reject or drop spam. If set to 'reject' I would guess permanent error #5.3.0 is the correct message to return to sender. However, qmail-inject shouldn't die!?

Does spamassassin log any errors?

Does the user spamd and qmail-scanner run as have write access to the temporary mail file when checking for spam?

----------

## 805

Hello,

I've just brwosed through the forum but couldn't find an answer tomy problem...

I'm running qmail / vpopmail / qmail-scanner with clam and fast sa...

It was a hell setting up, but it runs, it discards all viruses and spam mails are identified all spam above 12 is deleted (I think this is by sa default) and all spam between 5 and 12 is tagged with *****SPAM**** in the subject.  When you see the headers of the emails sa writes it own headers to it with the correct sa score...  But I've looked everywhere to find a method to delete all those mails between 5 and 12.. is this doable.. so yes how ?

thx in advance

C.

----------

## petterg

 *805 wrote:*   

> 
> 
> ...
> 
> But I've looked everywhere to find a method to delete all those mails between 5 and 12.. is this doable.. so yes how ?
> ...

 

Make a backup of /var/qmail/bin/qmail-scanner.pl

Edit /var/qmail/bin/qmail-scanner.pl

Search for "my $sa_delete_site" (on my server it's on line 221)

Modify the value to whatever suites your needs. (read the comments!)

----------

## 805

thx for the reply peter...

my $sa_delete_site='5';

my $sa_delete='1';

 is my config...

sa_quarantine is set to 0

Could it be that it conflicts with the rewrite subject in the SA local.cf ?

greetz

C.

----------

## 805

I just double check it.. and saw that there is sill email coming through with spam level 5 or higher.. the subject is rewriten for those emails but still deliverd  :Sad: 

here is my local.cf:

```
required_hits 5

#rewrite_header Subject *****SPAM*****

report_safe 1

ok_languages nl

trusted_networks 192.168.254.254 127.0.0.1

# lock_method flock

skip_rbl_checks 0

dns_available yes

use_bayes 1

bayes_auto_learn 1

bayes_auto_learn_threshold_nonspam 1

bayes_auto_learn_threshold_spam 14.00

```

thx

----------

## petterg

 *805 wrote:*   

> I just double check it.. and saw that there is sill email coming through with spam level 5 or higher.. the subject is rewriten for those emails but still deliverd :(
> 
> ...

 

The comment reads

```
# st: Spam messages with a score higher than

# (required_hits + sa_delete) should be deleted (or rejected).

...
```

5+5 = 10, so with your current config mails with spamlevel 5..10 is tagged. spamlevel > 10 is deleted.

----------

## 805

oh thx peter.. I'm a dumbass... didn't now had to take the req hists from the local.cf + the ones in qmail-scanner scripts...

Won't it give trouble if I set requeired hits in local.cf to 0 or should it be better to set sa_delete to 1 and req hits to 4?

thx

----------

## petterg

 *805 wrote:*   

> oh thx peter.. I'm a dumbass... didn't now had to take the req hists from the local.cf + the ones in qmail-scanner scripts...
> 
> Won't it give trouble if I set requeired hits in local.cf to 0 or should it be better to set sa_delete to 1 and req hits to 4?
> 
> thx

 

i'm having req.hits=2.5 and delete=4.

The result (after a while with autolearn enabled) is 2-3 mails/week tagged as spam. That is good enough for my use.

----------

## 805

thx a lot for the help peter... This has sure pointed me to the right direction.. I should read more carefully.. thx!

----------

## geforce

Well, everything is okay with my qmail server except that I cannot send messages..

With squirrelmail there is no probleme, and the config is using smtp on port 25, but If i try to send an E-mail using a client on my computer (which is not on the same network as the server) it doesn't work..

I've tried to telnet on port 25 but I have no response.

Phil

----------

## 805

is firewall software or hardware active ?  What if you use a shell on the server and try to connect to localhost:25 ?

----------

## geforce

Well, really weird.

 *Quote:*   

> netrock ~ # telnet localhost 25
> 
> Trying 127.0.0.1...
> 
> Connected to localhost.
> ...

 

I'm looking for a few commands to test it's working well.

It's seems to work..

 *Quote:*   

> 
> 
> netrock ~ # ps aux | grep smtp | grep -v grep
> 
> root      6195  0.0  0.0   1280   272 ?        S    Jul15   0:00 supervise qmail-smtpd
> ...

 

EDIT: Wow , i've looked to make it work myself and now I get this error....

 *Quote:*   

> 
> 
> ERROR:
> 
> Requested action not taken: mailbox name not allowed
> ...

 

EDIT2:  Well i've tried to restart from the begi]ning but this command takes forever, normal ?

```

tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp

```

----------

## 805

hey geforce...

It looks like you'll have to read the qmail howto on the gentoo wiki.. there is still some configuration to do for qmail..

----------

## geforce

I re-folowed the guide from the begining, and SMTP still answer only from localhost.

But at least I can send E-mails trought Squirrelmail.

Phil

----------

## petterg

 *geforce wrote:*   

> I re-folowed the guide from the begining, and SMTP still answer only from localhost.
> 
> But at least I can send E-mails trought Squirrelmail.
> 
> 

 

Seems like you've forgot to enable smtp-auth eigther in the server config or in the client config (or both).

One way to test if smtp-auth is the problem is to enter a line in /etc/tcp-rules/smtp (or whatever the file is named) to allow the clients ip-adress to relay mails. Then run the tcprules update (as in the guide) and give it a 'hup' (also in the guide). This way smtp-auth should be bypassed for connections from that ip.

Note: this is for testing only. Restore the config after testing!

----------

## geforce

Well, I'm using smtp-auth..

I need any users be allowed to send mail..  

Here is my /etc/tcprules.d/tcp.qmail-smtp:

 *Quote:*   

> #to update the database after changing this file, run:
> 
> # tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
> 
> #-----------------------------------------------------
> ...

 

Thanks

Phil

----------

## petterg

 *geforce wrote:*   

> Well, I'm using smtp-auth..
> 
> I need any users be allowed to send mail..  
> 
> 

 

Again... try to allow one of the clients ip adresses to send mail without using smtp-auth. (by adding 123.123.123.123:allow,RELAYCLIENT="",RBLSMTPD="" to the tcp.qmail-smtp and regenerate cdb and hup acording to the guide.) If works without smtp-auth you know you have a authentication problem. If it does not work without smtp-auth you know the trouble is somewhere else.

----------

## geforce

Well, I've added my IP to the tcprules file and did the steps all the needed steps.

It don't work either with or without the autentification, it still connect, but I have no answer from the server.

Phil

EDIT: I've tried to login with telnet from localhost just to see... If that normal ?

 *Quote:*   

> 
> 
> Trying 127.0.0.1...
> 
> Connected to localhost.
> ...

 

Is it an error from me or really a problem from the server ?

----------

## petterg

EDIT: I've tried to login with telnet from localhost just to see... If that normal ?

 *Quote:*   

> 
> 
> Trying 127.0.0.1...
> 
> Connected to localhost.
> ...

 

Is it an error from me or really a problem from the server ?[/quote]

Your server is setup to force TLS. (Which is a good thing for security.) You've emerged qmail-1.03-r15 (or newer) with the NOTLSBEFOREAUTH use-flag disabled.

To make this work you need to set the client to use TLS!

Read my posting earlier in this thread regarding clients and TLS. Some clientes are buggy (like outlook XP (2k is ok!))

Also, do the same telnet commands from the a remote location - does the same ting happen? (you may have a problem with your isp)

----------

## geforce

Well, If a try from localhost, it works.

If a try on a machine with the same kind of IP (142.156.169.xx) it appears NetRock ESMTP.

But If i'm not on the network it wont work.. I've contacted my ISP.  They said there was no Firewall or blocked ports on my T1.

My server doesn't have any kind of firewall or port-blocking program.

Phil

----------

## petterg

Localhost works because the 127... ip is in your tcprules.

What do you mean by "get NetRock ESMTP"? No possible to type the auth login command? Buggy telnet client? (I've had some of those telnet clients that doesn't display what is typed in, but the still send commands to the server.)

----------

## geforce

Well, If I am on the same IP range (142.169.156.xx) it'll work, Same thing from localhost.

But if I am on any other network it won't work... It connect but I don't get the "220 netrock.ca ESMTP" thing... It only says "Connected" but no login prompt, nothing.

This is really weird...

Phil

----------

## petterg

 *geforce wrote:*   

> But if I am on any other network it won't work... It connect but I don't get the "220 netrock.ca ESMTP" thing... It only says "Connected" but no login prompt, nothing.
> 
> 

 

Add the GLOBAL ip-adress of the testclient on an "other network" to your tcprules. This should disable smtp-auth and verify / exclude smtp-auth as the problem.

Does incomming mail from other smtp servers work?

----------

## geforce

 *petterg wrote:*   

> 
> 
> Does incomming mail from other smtp servers work?

 

Yes

 *petterg wrote:*   

> 
> 
> Add the GLOBAL ip-adress of the testclient on an "other network" to your tcprules. This should disable smtp-auth and verify / exclude smtp-auth as the problem.
> 
> 

 

How do I do this ?

I've tried to comment the line :allow

and add this:

:allow,RELAYCLIENT="",RBLSMTPD=""

It didn't worked..

I've tried:

69.159.135.26:allow,RELAYCLIENT="",RBLSMTPD=""

And I still have the same problem;

The connection is etablished, but I have no prompt (with telnet (both windows & linux client)), or with mail client.

Phil

----------

## trickypicky75

All,

I ran through this How-to No problem... well except for Horde & Imp.  I've temporarily setup squirrel mail, but I would much rather have the flexibility Horde offers... BTW I am a NEWB to Horde and I am ignorant of all things PHP....   I've done everything accoring to the how-to but when I go to http://server.my.FQDN/horde I get the following error

Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Auth.php on line 81

Notice: Only variable references should be returned by reference in /var/www/localhost/htdocs/horde/lib/Prefs.php on line 144

If I go to http://server.my.fqdn/horde/test.php I get this

Horde Versions

    * Horde: 2.2.8

    * IMP: 3.2.8 (run IMP tests)

PHP Version

    * View phpinfo() screen

    * PHP Version: 4.4.0

    * PHP Major Version: 4.4

    * PHP Minor Version: 0

    * PHP Version Classification: release

    * You are running a supported version of PHP.

PHP Module Capabilities

    * DOM XML Support: Yes

    * FTP Support: Yes

    * Gettext Support: Yes

    * IMAP Support: Yes

    * LDAP Support: Yes

    * MCAL Support: No

    * Mcrypt Support: Yes

    * MySQL Support: Yes

    * PostgreSQL Support: No

    * XML Support: Yes

Miscellaneous PHP Settings

    * magic_quotes_runtime disabled: Yes

    * file_uploads enabled: Yes

    * safe_mode disabled: Yes

    * trans_sid disabled: Yes

PHP Sessions

    * Session counter: 1

    * To unregister the session: click here

PEAR

    * PEAR - Yes

    * Recent PEAR - Yes

    * Mail - Yes

    * Log - Yes

    * DB - No

    * Your version of DB is not recent enough.

    * Net_Socket - Yes

    * Date - Yes

    * HTML_Common/HTML_Select - No

    * Horde requires the HTML_Common and HTML_Select classes only for Kronolith 1.0 to display forms correctly.

The only thing I'm curious about is under PEAR -> DB ... But I don't know if that has anything to do with this problem.

Any help is appreciated....

----------

## trickypicky75

O.k. I solved my problem by going to the following files and making 1 change

/etc/php/apache2-php4/php.ini

/etc/php/cli-php4/php.ini

/etc/apache2/conf/php.ini

I ensured that the following was set in each file:

```

error_reporting = E_ALL & ~E_NOTICE

```

and change the following:

```

display_errors = On

```

To:

```

display_errors = Off

```

then I restarted Apache, that seemed to fix the problem.... I'm not sur that I had to make the change in all 3 files, but that seemed to do it.

----------

## St00

Hi, I set this system up nearly a year ago and it has been running great until recently, it has crashed gentoo entirely once, leaving a panic message refering to the spamd process.  I am sending test emails through and it seems to take about 20 mins to scan the mail before making it available for pickup.  Is this a known problem? Also, all of a sudden now the qmailadmin died and apache wont start, giving the message "Inconsistency detected by ld.so: ../sysdeps/i386/dl-machine.h: 642: elf_machine_rel_relative: Assertion `((reloc->r_info) & 0xff) == 8' failed!" :Crying or Very sad: 

What is happening to my mailserver? Please somebody help.  I would paste that first kernel panic message, but i dont know what log file to find it in.  

Thanks In Advance!  

St00

----------

## AC

```

root@jem-media vpopmail # vadddomain jem-media.de

Please enter password for postmaster:

enter password again:

Error: Domain already exists

```

Can you pleeeeeeeeeeeeeeeeeease help me out?

Why is it that the guide can't work for me? I did it at least 5 times.

Any help is sincerely apreciated.

----------

## St00

 *St00 wrote:*   

> Hi, I set this system up nearly a year ago and it has been running great until recently, it has crashed gentoo entirely once, leaving a panic message refering to the spamd process.  I am sending test emails through and it seems to take about 20 mins to scan the mail before making it available for pickup.  Is this a known problem? Also, all of a sudden now the qmailadmin died and apache wont start, giving the message "Inconsistency detected by ld.so: ../sysdeps/i386/dl-machine.h: 642: elf_machine_rel_relative: Assertion `((reloc->r_info) & 0xff) == 8' failed!"
> 
> What is happening to my mailserver? Please somebody help.  I would paste that first kernel panic message, but i dont know what log file to find it in.  
> 
> 

 

To answer my own question, it turned out the box was running out of RAM, I checked top and it was using 248/256mb, so I bumped the RAM up to 1 GB and now its using 440mbs, and running beautifully.  :Very Happy: 

----------

## GoofyHMG

I tried this but really didnt get too far ??? im not sure what all this even means...

 emerge /usr/portage/net-mail/qmail/qmail-1.03-r13.ebuild

Calculating dependencies

Traceback (most recent call last):

  File "/usr/bin/emerge", line 2969, in ?

    retval,favorites=mydepgraph.select_files(myfiles)

  File "/usr/bin/emerge", line 1025, in select_files

    if os.path.realpath(portage.db["/"]["porttree"].dbapi.findname(mykey)) != x:

  File "/usr/lib/python2.3/posixpath.py", line 406, in realpath

    filename = abspath(filename)

  File "/usr/lib/python2.3/posixpath.py", line 395, in abspath

    if not isabs(path):

  File "/usr/lib/python2.3/posixpath.py", line 49, in isabs

    return s.startswith('/')

----------

## petterg

 *St00 wrote:*   

>  *St00 wrote:*   Hi, I set this system up nearly a year ago and it has been running great until recently....
> 
>  
> 
> To answer my own question, it turned out the box was running out of RAM, I checked top and it was using 248/256mb, so I bumped the RAM up to 1 GB and now its using 440mbs, and running beautifully. :D

 

After a few weeks of learning you should turn off the autolearn in spamassassin.... before it learns too much!

----------

## petterg

 *AC wrote:*   

> 
> 
> ```
> 
> root@jem-media vpopmail # vadddomain jem-media.de
> ...

 

Eigther the domain exists in the mysql db or it exists in the /var/vpopmail/domains (or both places)

----------

## petterg

 *GoofyHMG wrote:*   

> I tried this but really didnt get too far ??? im not sure what all this even means...
> 
> 

 

I think you're supposed to type

# emerge qmail

If you wan't one particular version of the program you enter that in /etc/portage. Se the gentoo handbook for details.

----------

## GoofyHMG

I tried just emerging qmail but that just leads me to more problems like this below.

root # ebuild /var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild co nfig

!!! doebuild: /var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild not foun d for config

root # ebuild qmail config

 !!! Name error in : missing a version or name part.

!!! Error: PF is null ''; exiting.

root #

----------

## GoofyHMG

also I would have tried it in the path as stated above 

/var/db/pkg/net-mail/qmail-1.03-r13/qmail-1.03-r13.ebuild config

but after the net-mail folder I see no signs of qmail-*

----------

## petterg

What do you need to configure?

----------

## GoofyHMG

I am just trying to install this from scratch. But I cant even get passed the first step so I guess that means everything.

----------

## petterg

 *geforce wrote:*   

> 
> 
> I've tried:
> 
> 69.159.135.26:allow,RELAYCLIENT="",RBLSMTPD=""
> ...

 

I'm running out of ideas.

Do you have USE="-ipv6"? ipv6 has been enabled by default after the guide was written. That makes problems with ip-adresses in the tcprules. In that case try to disable ipv6 and reemerge qmail.

----------

## geforce

Well, may ucspi-tcp compiled with IPv6 be the problem ?

 *Quote:*   

> emerge -vp ucspi-tcp
> 
> These are the packages that I would merge, in order:
> 
> Calculating dependencies ...done!
> ...

 

I'll try to re-emerge it without and looks what it'll give ?

Phil

----------

## geforce

Well, I re-emerged ucspi-tcp with USE="-ipv6" and now if I emerge -vp ucspi-tcp:

 *Quote:*   

> emerge -vp ucspi-tcp
> 
> These are the packages that I would merge, in order:
> 
> Calculating dependencies ...done!
> ...

 

I think It really removed ipv6 thing because if I try to connect to smtp it don't says "Connected" and freeze there but really refuse connection..

If I manually add my ip in tcprules.d, It doesn't works.  But at least I receive the "connection refused " error, better signs of life than previous freezes

There is how tcpserver is running:

 *Quote:*   

> ps aux | grep tcpserver | grep -v "grep"
> 
> qmaild   24816  0.0  0.1   2676   800 pts/0    S    08:09   0:00 /usr/bin/tcpserver -p -v -R -x /etc/tcprules.d/tcp.qmail-smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp relay-ctrl-check /var/qmail/bin/qmail-smtpd netrock.ca /var/vpopmail/bin/vchkpw /bin/true
> 
> root     24833  0.0  0.1   2504   612 pts/0    S    08:09   0:00 tcpserver -vDRHl0 -x tcp.cdb -- 142.169.156.36 53 /usr/bin/axfrdns

 

I hope It'll work somedays.

Phil

----------

## petterg

 *geforce wrote:*   

> 
> 
> I think It really removed ipv6 thing because if I try to connect to smtp it don't says "Connected" and freeze there but really refuse connection..
> 
> If I manually add my ip in tcprules.d, It doesn't works.  But at least I receive the "connection refused " error, better signs of life than previous freezes
> ...

 

I guess you need to rerun the tcprules command as if you've mad changes to any of the /etc/tcprules/* files.

Maybe there are more packages that needs to be emerged with USE="-ipv6" ? Try

# USE="-ipv6" emerge -pv --newuse world

to see which packages are affected by the ipv6 flag

----------

## geforce

 *Quote:*   

> These are the packages that I would merge, in order:
> 
> Calculating world dependencies ...done!
> 
> [blocks B     ] <net-ftp/proftpd-1.2.10-r6 (is blocking net-ftp/ftpbase-0.00)
> ...

 

Do you see something related to the problem ??

Phil

----------

## petterg

Not really. Maybe the tcpdump could have something to do with it?

Doesn't look like you used the --newuse parameter when you got the list. Did you?

----------

## geforce

 *petterg wrote:*   

> Not really. Maybe the tcpdump could have something to do with it?
> 
> Doesn't look like you used the --newuse parameter when you got the list. Did you?

 

Yeah I used the --newuse parameter, I just copied the command you gave me last post.

I re-emerged tcpdump but still have nothing.. Guess I'll re-follow the guide and see what it does...

But it will not be the first time...

well..

I'll give feedback If I find something

Phi

----------

## petterg

 *geforce wrote:*   

> I re-emerged tcpdump but still have nothing.. Guess I'll re-follow the guide and see what it does...
> 
> 

 

I have no idea of how to help you.

If you would like to relax for a few days.... I'm planing to spend a couple of days next week in the office to come up with an updated guide. (Unexpected stuff tend to show up, so no guaranties.)

----------

## geforce

cool !   :Razz: 

Thanks

Phil

----------

## petterg

updated guide is written. Just need some testing/debuging before posting

----------

## geforce

Nice !

I'm waiting for it   :Cool: 

Phil

----------

## petterg

Updated guide posted at

https://forums.gentoo.org/viewtopic-p-2733096.html

----------

## geforce

sweet, thanks  :Razz: 

----------

## ramsesii

hi!

no chance so far - did u fix it?

regards,

----------

## geforce

No.

But after some manipulations I think the probleme is somewhere in tcprules.d/qmail-* files...

Also i'm dealing with an "Host is not in my rcpt" thing...

I'm busy right now but I'll continue on this in the hollidays ... If I haven't give up and installed postfix  :Razz: 

Phil

----------

## kiesa

Any ideas how qmail could be run for multiple ips with different hostnames?

i've tried duplicating qmail install and editing startup scripts so that it would

start two instances on different ips but whatever i do it always wants 

to answer like it was the original mail server installed.  :Smile: 

----------

## petterg

I guess you could chroot mulitiple installs into multiple jails

----------

## puke

Can anyone get qmail-scanner 2.01 to correctly pick up spamassassin?

Even with spamd running, it claims that it's not adding X-Spam-Status header, even when it is..

Anyone have any ideas?  Manually editing the qmail-scanner-queue.pl file is a nightmare.

----------

## ronbasset

Thanks for your help with that, I think I got it working.

Cheers

Ron Basset

----------

