LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-12-2006, 12:28 AM   #1
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
Help: Qmail unknown users spam


Hi,

I have qmail mailserver (Virtual Users & Domain). I have taken most of the anti-spam measures like spam assasin,qsheff(built-in ani-spam regex) scanner and clam av.

I'm also using RBLSMTPD (spamhaus SBL rules)

Quote:
exec softlimit -m 40000000 \
envdir /etc/relay-ctrl relay-ctrl-chdir \
tcpserver -v -H -R -l $HOSTNAME -x /etc/tcp.smtp.cdb \
-c200 -u5002 -g5000 0 smtp rblsmtpd \
-b -r relays.ordb.org rblsmtpd -r sbl.spamhaus.org \
fixcrio relay-ctrl-check qmail-smtpd 2>&1 \
| setuidgid qmaill \
multilog t n100 s1000000 /var/qmail/logs/smtp & \
I haven't compiled qmail-smtpd with SMTP AUTH patch due to compilation problem. so it's an SMTP after POP authentication (relay-control). This is a part of my tcprules.

Note: 192.168.1.2 is the Private IP of my mailserver.

Quote:
127.0.0.1:allow,DATABYTES="0",QMAILQUEUE="/var/qmail/bin/qmail-qsheff"
192.168.1.2:allow,DATABYTES="0",QMAILQUEUE="/var/qmail/bin/qmail-qsheff"
:allow,DATABYTES="0",QMAILQUEUE="/var/qmail/bin/qmail-qsheff"
I have certain users accessing mailserver from internet(dynamic IP) so thats why u see the last rule ":allow".

I get several spam emails quarantined and the from field contains non exsistent users and the recipient field contains both exsistent and non-exsistent users.. For eg.

From: non-exsistent.user@mydomain.com
To: exsistent.user@mydomain.com

I checked the qmail.org site and there is a patch called check user but i cannot mess my live qmail setup by recompiling it.

Is there any way i can stop this without requiring any recompilation ?

Last edited by ~=gr3p=~; 03-12-2006 at 12:29 AM.
 
Old 03-12-2006, 01:05 PM   #2
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Original Poster
Rep: Reputation: 30
Please any qmail master comment I'm taking an effort to understand things

ok i compiled qmail-smtpd with this smtp-auth patch over here:

http://members.elysium.pl/brush/qmail-smtpd-auth/

I use Vmailmgr with qmail and followed the instructions over here:

http://members.elysium.pl/brush/qmai...th/faq.html#a4

I telnet to my mailserver give EHLO command and see this:

250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-PIPELINING
250 8BITMIME

but the Authentication doesn't work at all.

this is how i changed my smtp startup script.

Quote:
exec softlimit -m 40000000 \
envdir /etc/relay-ctrl relay-ctrl-chdir \
tcpserver -v -H -R -l $HOSTNAME -x /etc/tcp.smtp.cdb \
-c200 -u5002 -g5000 0 smtp rblsmtpd \
-b -r relays.ordb.org rblsmtpd -r sbl.spamhaus.org \
fixcrio relay-ctrl-check qmail-smtpd mydomain.com checkvpw true Maildir 2>&1 \
| setuidgid qmaill \
multilog t n100 s1000000 /var/qmail/logs/smtp & \
In M$ Outlook it continuosly prompts me for the password !

I have also chmod ug+s checkvpw !

this is the POP3 entry in my startup script.

Quote:
exec softlimit -m 10000000 \
envdir /etc/relay-ctrl relay-ctrl-chdir \
tcpserver -v -H -R -l $HOSTNAME -x /etc/tcp.smtp.cdb \
-c200 -u0 -g0 0 110 qmail-popup localhost \
checkvpw relay-ctrl-allow qmail-pop3d Maildir 2>&1 \
| setuidgid qmaill \
multilog t n100 s1000000 /var/qmail/logs/pop3 &

thanks
 
Old 03-13-2006, 06:44 AM   #3
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Original Poster
Rep: Reputation: 30
ok no one has an answer. applied my mind and found a simple solution. What i did is since it is an SMTP after successful POP3 authentication which will then automatically allow the client to relay, i just remove the line "mydoamin.com" from the file /var/qmail/control/rcpthosts

Note: I can remove mydomain.com becoz I have an external Mail host service provider from whom i download messages using fetchmail and deliver local users.

Thanks all.

Last edited by ~=gr3p=~; 03-13-2006 at 07:17 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Blocking spam with qmail Apollo77 Linux - General 70 03-05-2009 02:22 AM
Spam Filtering in Qmail Joey.Dale Linux - Software 5 12-05-2004 01:29 PM
How to control Spam with Qmail dighorn Linux - General 4 11-17-2004 08:55 AM
Spam assassin with qmail Rhiannon Fedora 0 05-04-2004 04:57 AM
filtering spam in Qmail? IceNineJon Linux - Software 2 07-05-2003 02:35 PM


All times are GMT -5. The time now is 02:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration