Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
but that is a file not a directory. This is so frustrating, here someone's found a way to completely solve my spam problem but I can't figure out how to implement the solution in my qmail configuration. qmail was installed and configured by our dedicated server host and i think it was configured to work with a plesk online control panel (kind of like a webmin package). any other ideas for how i can implement this spam solution?
Maybe. Check the contents. It should be a plain text file. You may want to look at the /service directory and see if you have a bunch of symlinks in there that may help you find the run file.
If your system supports the "locate" command, just do...
could /var/mailman/bin/qrunner be significant or is mailman a different program entirely? i still think i could possibly use the /etc/init.d/qmail file but i have no idea where i should add the spam filer line. ugh i give up. ill just keep working with spam assassin.
Im sorry if this is a dumb question but would posting the contents of a run file be a security threat in anyway to my system? I'm not saying I dont trust you its just im a little weary about posting contents of scripts in a public discussion board. Im not linux security expert so i just thought id ask before I post the contents of the /etc/init.d/qmail file. Thanks.
Nah... there's nothing in there that people can really use to mess with your server. The file we're talking about should be nothing but a bunch of commands that are run when the system boots. The commands being issued are not showing anything critical. Just commands that will start and stop qmail.
#! /bin/sh
#
# This is /etc/rc.d/init.d file for Q-Mail
#
# chkconfig: 345 80 30
# description: qmail Mail Transfer Agent
# processname: qmail-send
#
#
### BEGIN INIT INFO
# Provides: sendmail qmail
# Required-Start: $network $named $syslog $remote_fs $time
# X-UnitedLinux-Should-Start:
# Required-Stop:
# Default-Start: 3 5
# Default-Stop:
# Description: start the qmail MTA
### END INIT INFO
# Source networking configuration.
if [ -f /etc/sysconfig/network ]; then
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
fi
# Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
fi
# this way is for SuSE Linux
test -s /etc/rc.status && . /etc/rc.status && rc_reset
if ! type status >/dev/null 2>/dev/null; then
status () {
/sbin/pidof >/dev/null qmail-send
}
fi
myname=qmail
qmail_dir=/var/qmail
subsys=/var/lock/subsys/$myname
PATH="$qmail_dir/bin:$PATH"
export PATH
proccess=qmail-send
# this function is designed to emulate RedHat-like service reporting on the SuSE Linux
report_action()
{
# $1 - text to put
# $2 - status of operation
case `type -t action` in
function)
action $"$1" $2
;;
*)
rc_reset
echo -n $"$1"
$2
rc_status -v
;;
esac
}
start()
{
qmail-start ./Maildir/ splogger qmail &
sleep 1
[ "`pidofproc $proccess`" ]
ret=$?
if [ $ret -eq 0 ]; then
report_action "Starting $myname: " /bin/true
else
report_action "Starting $myname: " /bin/false
fi
[ $ret -eq 0 ] && touch $subsys
return $ret
}
check_and_start()
{
if [ ! -f $subsys ]; then
start
fi
}
stop()
{
if [ -f $subsys ]; then
echo -n $"Stopping $prog: "
killproc $proccess
ret=$?
[ $ret -eq 0 ] && rm -f $subsys
return $ret
else
killall $proccess > /dev/null 2>&1
true
fi
}
restart(){
stop
start
}
condrestart(){
[ -e $subsys ] && restart || true
}
#reload(){
# [ -e /var/lock/subsys/$myname ] && mysqladmin reload
#}
# See how we were called.
case "$1" in
start)
start
;;
condstart)
check_and_start
;;
stop)
stop
;;
status)
status $proccess
;;
reload)
restart
# reload
;;
restart)
restart
;;
condrestart)
condrestart
;;
*)
echo $"Usage: $0 {start|stop|status|reload|condrestart|restart}"
exit 1
esac
exit $?
well there it is, ive already checked the qmail-smtpd, qmail-send and qmail-start files. theyre compiled files that i cant view in vi. hopefully this /etc/init.d/qmail file is the one i need to add the RML info. thanks again for all of your help.
Oh my god. You have some bizarre installation of qmail going here. It appears you aren't running qmail with daemontools or ucspi-tcp. You said qmail came pre-installed on this computer?? Geez, the people who set this up should be lined up and shot.
It appears that qmail is indeed located under /var/qmail. Maybe you can poke around under there somewhere and see if you can find your run file.
Try...
find /var/qmail/* -name *run*
And see what comes up. If nothing comes up, I'm afraid I may not be able to help you. You should forget what I said earlier and give up and go hide under the bed.
Seriously, if this doesn't work, you should consider getting a server with a "real" qmail install instead of this bastardized version you've been given. I recommend getting yourself a server and installing according to a howto like www.qmailrocks.org or the one in my sig.
Earlier I mentioned I was going to stick with Sorbs. In the past week I've had a bunch of Hotmail ip addresses blocked by Sorbs. I'm no fan of Hotmail and it's no surprise that spam originates from hotmail. However, this upsets clients and it verges on unacceptable to me. Anyone else experience this?
it includes some cool patches such as chkuser. it seems that works great against spams, no stupid mails in queue. "src.rpm" based installation also includes rblsmtpd check ( -r sbl.spamhaus.org ) by the default.
it might help ppl who want to install qmail with antispam features.
It's funny, I repeatedly bump into this thread when I am Googling for anything related to qmail and spam. Glad to see lots of people are using it. Anyway, it's been almost a year since my last post here. Thought I'd give an update.
I stopped using Sorbs because of Hotmail and Yahoo mail being blocked. I hate to alter my behaviour because of these corporate behemoths, but I have little choice. I do recognize they are in a difficult spot on this. I am now only using Spamhaus ... temporarily. Sorbs seems too aggressive and Spamhaus is not aggressive enough. I will eventually start using Sorbs again, but I need to tone it down a bit first. More on that later.
A new problem I am bumping into now is hammering of Spamhaus due delivery attempts from virus-infected machines at dynamic ip addresses. A typical scenario would be maybe 100 connections per minute from the same dynamic ip address each resulting in a query to Spamhaus from my server for the same ip address. 100 identical queries in a minute just seems a waste of resources (mine and Spamhaus'). When I was using Sorbs I didn't mind because I ran a local rsync copy of Sorbs. However, last time I checked rsync service was not available for free from Spamhaus. When I notice this happening I have been manually putting the ip address on my own local blacklist that gets checked prior to Spamhaus. This works, but it's very manual and not a very good solution.
I have a plan that will eventually solve these problems and allow me to start using Sorbs again. I have searched a bit, but have so far been unable to find any existing software and/or qmail patches, etc that exactly accomplish what I want. I think the coding is pretty simple and I will eventually do this myself. Here is my 2-step plan:
1. Capture ip addresses from positive Spamhaus queries and automatically place them on a local blacklist that gets checked prior to Spamhaus. Then run a cron job that clears or deletes this blacklist at regular intervals (every hour, 2 hours, 12 hours, whatever). This would prevent my server from needlessly querying Spamhaus when there has recently been a positive Spamhaus hit on an ip address. So, in the virus-infected scenario I described above, only the very first hit by the virus-spammer would query Spamhaus, then all remaining hits would be blocked by my local blacklist. Cycling of that blacklist would ensure that ip addresses that appear on Spamhaus and then get removed, would not be blocked by my local blacklist for long.
2. Use Sorbs for "greylisting" rather than blacklisting. I need to study up a bit more on this, but as I understand it, greylisting sends a temporary failure (temporary SMTP error 451) on the first attempt, then accepts subsequent delivery attempts. What does this accomplish? Apparently, many spamming methods will often give up after one attempt, whereas email originating at legitimate email servers will follow the standard schedule to re-deliver undelievered mail at regular intervals. So, mail from blacklisted Hotmail servers, for example, would be rejected on the first attempt, but then accepted 5 minutes later or whatever delay interval is used for the 2nd attempt.
A bit of research tells me Thomas Mangin's greylist solution may be a good place to start:
I plan to implement #1 and #2 in that order in my qmail run file. Essentially, this solution is a less aggressive blacklist (Spamhaus) followed by a very aggressive greylist (Sorbs). This should allow me to take advantage of the aggressiveness of Sorbs without as many false positives. So why even bother with the blacklist? I dunno, I just like the idea of the blacklist -- if you're listed, you're out. I also suspect a greylist alone will let more spam through than my 2-step blacklist/greylist solution.
I still need to work out the details, but I will post them when I have implemented this (weeks or months maybe).
Here's what I am thinking ... rblsmtpd in its current form has the -r and the -a options (blacklist and whitelist respectively). See: http://cr.yp.to/ucspi-tcp/rblsmtpd.html . Let's add the "-g" option which will allow greylisting also in the same manner as blacklisting and whitelisting. In fact, you could even list Sorbs or Spamhaus or any other list you like after the -g option and use the list for greylisting instead of blacklisting.
I nominate Dan Bernstein to modify the code. Please get on that right away, Dan. ... ok I am joking. Ok, half joking, half not. I will take a look but I don't think I the guy to write this code, but this is what we need. Somebody, write the code ... please.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
