• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Manage QMail with SNMP / Restrict number of recipients

E

eugenevdm

Regular Pleskian
I need to urgently do the following in order to avoid having my QMail server attacked by spammers who steal my client's e-mail usernames and passwords and who use these usernames and passwords against our QMail SMTP server for relaying SPAM. Bear in mind I have no control of what passwords are changed to so no matter what I do our clients can and will always change their passwords to their own choice.

1. Monitor QMail queue lengths using SNMP.

I need to add SNMP management to QMail so that I can use my early warning system that is based on SNMP and a SMS alert system to give me early warning messages when the remote queue length is greater than a certain amount of messages. This way I can at least in real-time try and trace the offending IP, block it on our firewall, and contact the client.

I have done research on Google to try and find out how the hell to manage QMail using SNMP for Plesk but my research led nowhere. 4PSA has a great product that appears to work with SNMP and Plesk but because I can't integrate it with my own SMS system for the warnings I can't use it.

2. Limit the Maximum Amount of Recipients for a Single Message in QMail.

Either I'm missing something very obvious or whoever thought of QMail never thought of including by default a function to restrict the amount of recipients that a single message may be addressed to. I need this functionality for my Plesk QMail server. Again my research went nowhere, and it appears to SW-Soft has never included the flag(s) that control this. Can anybody tell me how to restrict the maximum number of recipients a single message may be addressed to in QMail? Without being able to do that a single connection might relay hundreds or thousands of messages in one shot. 5 Seconds for the SPAMmer and minutes or hours of frustration for me.

Please assist,
 
use the search feature of the DB for your second query, that part has been answered already.

Unfortunately I cant help with the first part.
 
Thanks for your reply. Can you tell me how to "compile QMail with maxrcpt patch" and still maintain functionality provided by QMail with Greylisting as per this Greylisting solution?:
http://meshier.com/2006/09/18/adding-greylisting-support-to-qmail-on-plesk-8/

I really need both and I would not want to sacrifice either. Is there a guide to using both QMail with Greylisting and compiling the maxrcpt patch? Do I have to pay someone to get "advanced linux administration skills?"
 
To get alert on SMS or mail for larger queue, you can use qmque -s command and write a small shell script which read the result and if larger the numer, send a SMS.
Is not the best solution, but should work.
 
To be honest Im not sure, I dont use QMail, or even mail on linux so I havent tried. But I would imagine that they should work in tandem as your just patching source code, and adding those functionalities with each patch.

I would test it on a dev machine before rolling to production, but it should work.
 
Qmail maxrcpt patch does work with Brent Meshier's Greylisting Solution

I bit the bullet and recompiled Qmail after having applied the Qmail maxrcpt patch to Brent Meshier's Greylisting solution and I'm happy to say it worked. It's much easier than I thought. Just add the lines from the Code below to smtpd.c from Brent's sources and then follow the rest of the instructions on his page. All the lines with a "+" needs to be added to smtpd.c. Remember to create the maxrcpt text file with a default value in your /var/qmail/control folder. The error returned when someone uses the server's SMTP server to send to more people than specified in the maxrcpt file's value is "555 syntax error (#5.5.4)".

Code: 
# diff -C 4 -c qmail-smtpd.c qmail-smtpd.c.new 
*** qmail-smtpd.c       Thu Nov  2 10:13:38 2000
--- qmail-smtpd.c.new   Thu Nov  2 13:15:04 2000
***************
*** 26,33 ****
--- 26,35 ----
  
  #define MAXHOPS 100
  unsigned int databytes = 0;
  int timeout = 1200;
+ int rcptcounter = 0;
+ int maxrcpt = -1;
  
  int safewrite(fd,buf,len) int fd; char *buf; int len;
  {
    int r;
***************
*** 108,115 ****
--- 110,118 ----
    liphostok = control_rldef(&liphost,"control/localiphost",1,(char *) 0);
    if (liphostok == -1) die_control();
    if (control_readint(&timeout,"control/timeoutsmtpd") == -1) die_control();
    if (timeout <= 0) timeout = 1;
+   if (control_readint(&maxrcpt,"control/maxrcpt") == -1) die_control();
  
    if (rcpthosts_init() == -1) die_control();
  
    bmfok = control_readfile(&bmf,"control/badmailfrom",0);
***************
*** 238,245 ****
--- 241,249 ----
    out("250 flushed\r\n");
  }
  void smtp_mail(arg) char *arg;
  {
+   rcptcounter = 0 ;
    if (!addrparse(arg)) { err_syntax(); return; }
    flagbarf = bmfcheck();
    seenmail = 1;
    if (!stralloc_copys(&rcptto,"")) die_nomem();
***************
*** 247,255 ****
--- 251,261 ----
    if (!stralloc_0(&mailfrom)) die_nomem();
    out("250 ok\r\n");
  }
  void smtp_rcpt(arg) char *arg; {
+   rcptcounter++;
    if (!seenmail) { err_wantmail(); return; }
+   if (checkrcptcount() == 1) { err_syntax(); return; }
    if (!addrparse(arg)) { err_syntax(); return; }
    if (flagbarf) { err_bmf(); return; }
    if (relayclient) {
      --addr.len;
***************
*** 417,421 ****
--- 423,433 ----
    smtp_greet("220 ");
    out(" ESMTP\r\n");
    if (commands(&ssin,&smtpcommands) == 0) die_read();
    die_nomem();
+ }
+ 
+ int checkrcptcount() {
+   if (maxrcpt == -1) { return 0;}
+   else if (rcptcounter > maxrcpt ) { return 1;}
+   return 0;
  }
 
Good information, if others can confirm this patch this thread should be made sticky to help others.
 
You must log in or register to reply here.

Similar threads

T
Question incoming mail DMARC failure - need expert eyes
Replies
5
Views
1K
TomBoB
T
M
Resolved Postfix Not Delivering to Local Mailbox
Replies
2
Views
4K
Matt Sonnentag
M
D
Issue Server is sending spam
Replies
5
Views
4K
Bitpalast
Bitpalast
F
Issue Amavis (10024: Connection refused) no transport
Replies
7
Views
13K
cambrantskv
C
C
Issue Plesk doesn't let out my mails to my email client!?
Replies
3
Views
2K
centredeformationfrance
C
Back
Top