LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-24-2005, 09:28 PM   #1
inaki
Member
 
Registered: Mar 2005
Posts: 94

Rep: Reputation: 15
qmail control


Hi all,
I know that qmail can control the policy at /var/qmail/control/* such as badmailfrom, badmailto rcpthost blabla... Badmailto can be used to list a deny mail account. But it is a lot of account that spammers can create. For example:
my domain is test.com and user mail account is abc@test.com.
The question is how can i block all unregistered account and allow only listed account.
 
Old 08-24-2005, 11:13 PM   #2
DaHammer
Member
 
Registered: Oct 2003
Location: Planet Earth
Distribution: Slackware, LFS
Posts: 561

Rep: Reputation: 30
There is a patch for qmail that does does that. It's called chkuser. It's been so long since I setup my server I couldn't begin to tell you how it works though. But there is a number of toasters like the one at http://www.shupp.org/toaster/ that includes it.

And yeah, I recall that was the most annoying thing about qmail...All those dang bounced emails to non-existant usernames.

Last edited by DaHammer; 08-24-2005 at 11:14 PM.
 
Old 08-25-2005, 10:13 AM   #3
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Quote:
Originally posted by DaHammer
And yeah, I recall that was the most annoying thing about qmail...All those dang bounced emails to non-existant usernames.
If you configure qmail to dump mail to non-existant addresses, that problem goes away.
Quote:
Originally posted by inaki
The question is how can i block all unregistered account and allow only listed account.
There are several ways to do this. There is the chkuser patch, as DaHammer mentioned. There is the goodrcptto patch. There is also a patch that allows you to check for vpopmail virtual users (although, I hear this one is a bit messy and not recommended).

You can search the qmail list archives at http://msgs.securepoint.com/qmail/ for "block unknown address" as a good starting point. Do *NOT* post this question to the qmail list unless you want to get flamed like you have never been flamed before, as it has been posted hundreds of times.

All of the recommended solutions require you to update a file that is consulted on every mail delivery anytime you add a new user. Most folks who use these patches simply script the process of updating the neccesary file.

Personally, I use the goodrcptto patch and a PHP script I wrote run every ten minutes via cron to update the ~qmail/control/moregoodrcpt file. I believe that the goodrcptto patch differs from the chkuser patch in that the goodrcptto patch checks *all* recipients of an email and validates them, whereas the chkuser patch only validates some email addresses (although I could be mistaken about this).
 
Old 03-03-2007, 08:17 PM   #4
kmashraf
Member
 
Registered: May 2001
Location: Madras, India
Distribution: Mandrake, Vector, Fedora, Slackware-Live, CentOS, Ubuntu, Kubuntu, PCLOS, Sabayon
Posts: 34

Rep: Reputation: 15
Dire straits!

I have setup qmail on 2 boxes with the help of http://www.qmailtoaster.com/centos/c...CentOS-4.3.txt
There are two separate domains running on these boxes. The reason for choosing this is the ease of installation and integration of other mail server related packages. They have been running for now approx a month and a half. One of the boxes is also behind a firewall. Suddenly over the last two days both the boxes failed with the following bounce message to all incoming as well as local mail 'Remote host said: 553 sorry, your envelope sender has been denied (#5.7.1)'. Which means the mail servers have effectively failed.
Since I have little experience with qmailtoaster (have installed and managed vanilla qmail installs) I am at a loss to explain the problem. In my investigation of the same the feeling I get is that chkusr/chkuser seems to be the problem. It is bouncing all mail with the above message. Neither is there much information on the problem when googling for it.
I am in rather dire straits regarding the same.
All help appreciated.

Last edited by kmashraf; 03-03-2007 at 08:21 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
qmail /service/qmail-send: unable to open supervise mangueJOE Linux - Networking 20 04-19-2016 11:27 PM
How to control Spam with Qmail dighorn Linux - General 4 11-17-2004 08:55 AM
Qmail-Ldap Control Panel nimish Linux - Software 1 10-31-2004 11:47 PM
Qmail traffic control chtthies Linux - Software 2 09-16-2004 05:24 AM
qmail +qmail-qfilter + qmail-scanner-queue+qmail-user-masq.pl problem countcobolt Linux - Networking 0 07-08-2004 11:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration