Facebook
Twitter
R
rvdmeer
Guest
Yes it is compatible. But! make always backups before you start playing and if possible, use a test server 
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
S
SecondPhase
Guest
Did it!
Hello, unfortunately i don't have a test server but luckily it went smooth, thanks to the database tips above!
Yes i've got it running and it does work very well, i'm watching, have had one good email take over an hour to retry and one still sitting there but it is blocking a lot of traffic.
The one big negative is that my original Plesk Qmail with Fedora 2 has reject of non existant users built into qmail-smtpd and so now i've lost that very nice feature with the new build. This reject non-existant users on connect completely foils the dictionary attacks and it is very bad to be trying to bounce these messages.. I had one spammer requeue and get through greylist but was non-existant user and it bounced.. so i'm missing this feature. Can we get that patch from sw-soft to add to the distribution?! The new build qmail-smtpd is quite a bit smaller than my original..
Thanks for the info! Please let us know if you find out anything more regarding gmail.
Hello, unfortunately i don't have a test server but luckily it went smooth, thanks to the database tips above!
Yes i've got it running and it does work very well, i'm watching, have had one good email take over an hour to retry and one still sitting there but it is blocking a lot of traffic.
The one big negative is that my original Plesk Qmail with Fedora 2 has reject of non existant users built into qmail-smtpd and so now i've lost that very nice feature with the new build. This reject non-existant users on connect completely foils the dictionary attacks and it is very bad to be trying to bounce these messages.. I had one spammer requeue and get through greylist but was non-existant user and it bounced.. so i'm missing this feature. Can we get that patch from sw-soft to add to the distribution?! The new build qmail-smtpd is quite a bit smaller than my original..
Thanks for the info! Please let us know if you find out anything more regarding gmail.
B
bmeshier
Guest
Re: Did it!
I actually just came across sw-soft's most recent patches for qmail the other day. I'll work on getting a new build out there soon.
R
rvdmeer
Guest
Re: Re: Did it!
Still i have one question.. howto whitelist with this package. Can i use wildcards? and is there any more information about this package?
Still i have one question.. howto whitelist with this package. Can i use wildcards? and is there any more information about this package?
B
bmeshier
Guest
Re: Re: Re: Did it!
Whitelist the entire 24.63.100.x subnet
Whitelist sender [email protected]
Basically, whatever you want to wildcard, leave as NULL. It's important that it's NULL and not empty. You can also use this method to blacklist by setting block_expires to some far date in the future.
You can white list by relaying IP, recipient email or sender email or a combination of all three. Sorry I didn't post this sooner, here are some examples:
Whitelist the entire 24.63.100.x subnet
Code:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES ('24.63.100', NULL, NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())Whitelist sender [email protected]
Code:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, '[email protected]', NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())Basically, whatever you want to wildcard, leave as NULL. It's important that it's NULL and not empty. You can also use this method to blacklist by setting block_expires to some far date in the future.
R
rvdmeer
Guest
Thanks, this was the information i needed.
B
bmeshier
Guest
Here are some whitelist entries you may wish to include:
http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt
http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt
S
SecondPhase
Guest
whitelisting
Hi, i've been playing with the white listing and not too successfull so far but i thought i'd post a couple of things i've learned.
First i noticed that White List by Sender Address is not supported by checking the source and the SQL output in the log file.
I went ahead and added another function and check to the source for White List Sender.. (i had emailed a copy to Brent but that one was preliminary and buggy, i'll send another once i'm sure it's working well, the SQL looks right in the log but i haven't had enough white listers come through yet)..
Previously only White List by Sender IP (great option, thanks for the link to clean senders).. and White List by Recipient Domain name (not full email address) is supported.
The other thing i realized is that the block_expires field is also very important if it is less than NOW the entry is whitelisted. if it is greater than now (blocked) then it is determined BlackListed.
The Examples listed above are correct for whitelisting (except the second one whitelist by sender address wasn't supported).. the now in the block_expire will immediately be expired and considered White (not blocked), you can also put an older date in here.
Edited: i've got the additional White List by Sender Address option working now, let me know if you want this update.
Hi, i've been playing with the white listing and not too successfull so far but i thought i'd post a couple of things i've learned.
First i noticed that White List by Sender Address is not supported by checking the source and the SQL output in the log file.
I went ahead and added another function and check to the source for White List Sender.. (i had emailed a copy to Brent but that one was preliminary and buggy, i'll send another once i'm sure it's working well, the SQL looks right in the log but i haven't had enough white listers come through yet)..
Previously only White List by Sender IP (great option, thanks for the link to clean senders).. and White List by Recipient Domain name (not full email address) is supported.
The other thing i realized is that the block_expires field is also very important if it is less than NOW the entry is whitelisted. if it is greater than now (blocked) then it is determined BlackListed.
The Examples listed above are correct for whitelisting (except the second one whitelist by sender address wasn't supported).. the now in the block_expire will immediately be expired and considered White (not blocked), you can also put an older date in here.
Edited: i've got the additional White List by Sender Address option working now, let me know if you want this update.
S
SecondPhase
Guest
temp failure code
i've been working some more adding whitelist IPs and analyzing the results so far. working great to control spam, but have had two known cases where the 'legitimate' mail server never retried. i white listed them but i've got a question for you guys.
The puremagic site emphasizes returning a temporary failure code of 451, this build is returning the envelope failure 421. Is there a preference one over another?
I'm testing a build using 451 currently and have re-run one of the problem mailers at it.. no second response so far this way either..
i've been working some more adding whitelist IPs and analyzing the results so far. working great to control spam, but have had two known cases where the 'legitimate' mail server never retried. i white listed them but i've got a question for you guys.
The puremagic site emphasizes returning a temporary failure code of 451, this build is returning the envelope failure 421. Is there a preference one over another?
I'm testing a build using 451 currently and have re-run one of the problem mailers at it.. no second response so far this way either..
H
hesham55
Guest
Hi all
when i made make
this is result
van any one help me??????
./compile qmail-remote.c
In file included from /usr/include/openssl/ssl.h:179,
from qmail-remote.c:36:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
In file included from /usr/include/openssl/ssl.h:179,
from qmail-remote.c:36:
/usr/include/openssl/kssl.h:134: parse error before "krb5_enctype"
/usr/include/openssl/kssl.h:136: parse error before '*' token
/usr/include/openssl/kssl.h:137: parse error before '}' token
/usr/include/openssl/kssl.h:149: parse error before "kssl_ctx_setstring"
/usr/include/openssl/kssl.h:149: parse error before '*' token
/usr/include/openssl/kssl.h:150: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:152: parse error before '*' token
/usr/include/openssl/kssl.h:153: parse error before "kssl_ctx_setprinc"
/usr/include/openssl/kssl.h:153: parse error before '*' token
/usr/include/openssl/kssl.h:155: parse error before "kssl_cget_tkt"
/usr/include/openssl/kssl.h:155: parse error before '*' token
/usr/include/openssl/kssl.h:157: parse error before "kssl_sget_tkt"
/usr/include/openssl/kssl.h:157: parse error before '*' token
/usr/include/openssl/kssl.h:159: parse error before "kssl_ctx_setkey"
/usr/include/openssl/kssl.h:159: parse error before '*' token
/usr/include/openssl/kssl.h:161: parse error before "context"
/usr/include/openssl/kssl.h:162: parse error before "kssl_build_principal_2"
/usr/include/openssl/kssl.h:162: parse error before "context"
/usr/include/openssl/kssl.h:165: parse error before "kssl_validate_times"
/usr/include/openssl/kssl.h:165: parse error before "atime"
/usr/include/openssl/kssl.h:167: parse error before "kssl_check_authent"
/usr/include/openssl/kssl.h:167: parse error before '*' token
/usr/include/openssl/kssl.h:169: parse error before "enctype"
In file included from qmail-remote.c:36:
/usr/include/openssl/ssl.h:909: parse error before "KSSL_CTX"
/usr/include/openssl/ssl.h:931: parse error before '}' token
qmail-remote.c: In function `main':
qmail-remote.c:591: warning: return type of `main' is not `int'
make: *** [qmail-remote.o] Error 1
when i made make
this is result
van any one help me??????
./compile qmail-remote.c
In file included from /usr/include/openssl/ssl.h:179,
from qmail-remote.c:36:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
In file included from /usr/include/openssl/ssl.h:179,
from qmail-remote.c:36:
/usr/include/openssl/kssl.h:134: parse error before "krb5_enctype"
/usr/include/openssl/kssl.h:136: parse error before '*' token
/usr/include/openssl/kssl.h:137: parse error before '}' token
/usr/include/openssl/kssl.h:149: parse error before "kssl_ctx_setstring"
/usr/include/openssl/kssl.h:149: parse error before '*' token
/usr/include/openssl/kssl.h:150: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:152: parse error before '*' token
/usr/include/openssl/kssl.h:153: parse error before "kssl_ctx_setprinc"
/usr/include/openssl/kssl.h:153: parse error before '*' token
/usr/include/openssl/kssl.h:155: parse error before "kssl_cget_tkt"
/usr/include/openssl/kssl.h:155: parse error before '*' token
/usr/include/openssl/kssl.h:157: parse error before "kssl_sget_tkt"
/usr/include/openssl/kssl.h:157: parse error before '*' token
/usr/include/openssl/kssl.h:159: parse error before "kssl_ctx_setkey"
/usr/include/openssl/kssl.h:159: parse error before '*' token
/usr/include/openssl/kssl.h:161: parse error before "context"
/usr/include/openssl/kssl.h:162: parse error before "kssl_build_principal_2"
/usr/include/openssl/kssl.h:162: parse error before "context"
/usr/include/openssl/kssl.h:165: parse error before "kssl_validate_times"
/usr/include/openssl/kssl.h:165: parse error before "atime"
/usr/include/openssl/kssl.h:167: parse error before "kssl_check_authent"
/usr/include/openssl/kssl.h:167: parse error before '*' token
/usr/include/openssl/kssl.h:169: parse error before "enctype"
In file included from qmail-remote.c:36:
/usr/include/openssl/ssl.h:909: parse error before "KSSL_CTX"
/usr/include/openssl/ssl.h:931: parse error before '}' token
qmail-remote.c: In function `main':
qmail-remote.c:591: warning: return type of `main' is not `int'
make: *** [qmail-remote.o] Error 1
M
masterkain
Guest
hi hesham55,
if on redhat or similar try
and then make again.
if on redhat or similar try
Code:
ln -s /usr/kerberos/include/com_err.h /usr/include/
ln -s /usr/kerberos/include/profile.h /usr/include/
ln -s /usr/kerberos/include/krb5.h /usr/include/and then make again.
H
hesham55
Guest
thanks for your replay
now its installed and i think its working
but
can you tell me how can i test it?
now its installed and i think its working
but
can you tell me how can i test it?
B
bmeshier
Guest
Originally posted by hesham55
thanks for your replay
now its installed and i think its working
but
can you tell me how can i test it?
Code:
tail -f /tmp/greylist_dbg.txt
H
hesham55
Guest
thanks again for your help its great...
Re: whitelisting
how do i get a hole domain of a recipient white listed?? is this OK:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, NULL, 'DOMAIN.COM', NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
if so, its not working for me :-(
how do i get a hole domain of a recipient white listed?? is this OK:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, NULL, 'DOMAIN.COM', NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
if so, its not working for me :-(
P
pretender
Guest
Finally! It works! Thanks for the help from everybody! Especially bmeshier and rvdmeer! You won´t believe what the reason was! Some libraries were ****ed so it compiled mysql support but some lib´s were just bullshit and greylist could obviously not connect to the mysql server. I compiled it on another server and now it works
Now I check out the whitelist option but also have still problems with wildcards for email addresses like gmail.com or others
I use the following command:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, 'gmail.com', NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
Merry Christmas!!
Now I check out the whitelist option but also have still problems with wildcards for email addresses like gmail.com or others
I use the following command:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, 'gmail.com', NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
Merry Christmas!!
S
SecondPhase
Guest
whitelisting
---------------------------------------------------------
how do i get a hole domain of a recipient white listed?? is this OK:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, NULL, 'DOMAIN.COM', NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
if so, its not working for me :-(
--------------------------------------------
Likely you need to use lower case 'domain.com' for your whitelist recipient domain. Also make sure the NOW(), which is a function is putting the current datetime in the field, otherwise replace this with an actual date older than current, like you have specified for the expire date.
---------------------------------------------------------
how do i get a hole domain of a recipient white listed?? is this OK:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, NULL, 'DOMAIN.COM', NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
if so, its not working for me :-(
--------------------------------------------
Likely you need to use lower case 'domain.com' for your whitelist recipient domain. Also make sure the NOW(), which is a function is putting the current datetime in the field, otherwise replace this with an actual date older than current, like you have specified for the expire date.
S
SecondPhase
Guest
whitelisting
----------------------------------------------------
Now I check out the whitelist option but also have still problems with wildcards for email addresses like gmail.com or others
I use the following command:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, 'gmail.com', NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
---------------------------------------------------
There is currently no option to whitelist by FROM domain. This option could be added however, i could do this after the new year if it's needed, as i'll be out of town for a few days, yea!
FYI, i've not had a problem with gmail deliveries to my users.. so i do believe gmail handles mail queueing in a way that is fine for greylisting..
----------------------------------------------------
Now I check out the whitelist option but also have still problems with wildcards for email addresses like gmail.com or others
I use the following command:
INSERT INTO relaytofrom (relay_ip, mail_from, rcpt_to, block_expires, record_expires, origin_type, create_time) VALUES (NULL, 'gmail.com', NULL, NOW(), '2099-12-31 23:59:59', 'MANUAL', NOW())
---------------------------------------------------
There is currently no option to whitelist by FROM domain. This option could be added however, i could do this after the new year if it's needed, as i'll be out of town for a few days, yea!
FYI, i've not had a problem with gmail deliveries to my users.. so i do believe gmail handles mail queueing in a way that is fine for greylisting..
R
rvdmeer
Guest
I'm wondering how greylisting is working for the people who are currently using it (after this thread). I'm working with it 1 month now and i must say; no spam is delivered anymore.'
What is your experience...
What is your experience...
B
bmeshier
Guest
As the thread starter, naturally I'm an advocate, but only because of greylisting's success rate. I've been using it for 2-3 years now, I can't remember exactly. Simply put, I couldn't survive email without it. It would be like having a broadband connection and having to use dialup.
