qmail & greylisting spam control

[Hal9000]

dude... plesk 7.5.4 != plesk 8
just look in this forum and you will find a post with instructions and qmail sources for plesk 7.5.4

 

[guybrush]

Greylist for qmail 7.5.4

Hello Hal9000

Thanks for your fast answer.

I had the link to the 7.5.4 qmail greylist source. But after the upgrade of this thead to Plesk 8 i have lose it.

I'll be grateful if you could send me the package an the instructions, or the link.

Thanks!!

 

[rtwick]

Re: Greylist for qmail 7.5.4

Originally posted by guybrush
Hello Hal9000

Thanks for your fast answer.

I had the link to the 7.5.4 qmail greylist source. But after the upgrade of this thead to Plesk 8 i have lose it.

I'll be grateful if you could send me the package an the instructions, or the link.

Thanks!!

May be this one? http://utkalika.net/projects/qmail/

Instructions are on page one or two of this thread

 

[Thratchen]

Re: Problem compiling ...

Originally posted by JoaoCorreia
I install all the needed devel packages but I het this while compiling ...


[root@ns1 qmail-1.03]# make
./load qmail-envelope-scanner -lz -lm local_scan.o /usr/lib/mysql/libmysqlclient.a
/usr/lib/mysql/libmysqlclient.a(client.o)(.text+0x1515): In function `mysql_close_free_options':
: undefined reference to `SSL_CTX_free'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0x34): In function `report_errors':
: undefined reference to `ERR_get_error_line_data'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0x79): In function `vio_ssl_read':
: undefined reference to `SSL_read'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0x9a): In function `vio_ssl_read':
: undefined reference to `SSL_get_error'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0xce): In function `vio_ssl_write':
: undefined reference to `SSL_write'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0x29f): In function `vio_ssl_close':
: undefined reference to `SSL_shutdown'
/usr/lib/mysql/libmysqlclient.a(viossl.o)(.text+0x2af): In function `vio_ssl_close':
: undefined reference to `SSL_free'


....

/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x49e): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_CTX_set_session_id_context'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x4cb): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_CTX_load_verify_locations'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x4f4): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_CTX_ctrl'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x4fc): In function `new_VioSSLAcceptorFd':
: undefined reference to `DH_free'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x50f): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_CTX_set_default_verify_paths'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x535): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_load_error_strings'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x546): In function `new_VioSSLAcceptorFd':
: undefined reference to `SSL_library_init'
/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0x54b): In function `new_VioSSLAcceptorFd':
: undefined reference to `OPENSSL_add_all_algorithms_noconf'
collect2: ld returned 1 exit status
make: *** [qmail-envelope-scanner] Error 1
[root@ns1 qmail-1.03]#

What can be wrong ?

Regards
Joao Correia

Make sure you have openssl-devel installed.

 

[Effektor]

Hey PPL,

I tried to compile the qmail-1.03 using the howto of meshier:

http://meshier.com/2006/09/18/addin...mail-on-plesk-8

I died anything till I got to the compilation.
I used make, after the compilation was finished I
got the first error. Caused by a wrong link in Makefile.

Make tried to use /usr/lib/mysql/libmysqlclient.a instead of
/usr/lib/libmysqlclient.a

I fixed the link in the Makefile.

At the end of the second try there where several errors because
of "main" was no "int".

First of all, mysql-devel and openssl-devel aren't available for Debian Sarge anymore. I install libmysqlclient12 and libmysqlclient12-dev instead of mysql-devel.

Instead of openssl-devel I installed libssl-dev hope anything is right. Now I'm not shure if I should going on with the tutorial.

Whats your oppinion of the error I talked about above?

 

[cyber_jo]

unable to get any results

hi all,
i followed howto: http://meshier.com/2006/09/18/adding-greylisting-support-to-qmail-on-plesk-8/

no errors and install went great.
but when executing perl /etc/cron.daily/greylist

i get no errors, /tmp/greylist_dbg.txt is created but no inserts what so ever.

i also created db with user in the plesk control panel.

so my question is, since if i have no error and no entry in /tmp/greylist_dbg.txt and db, what would be the next step

using plesk 8.0.0 Centos4.2

thnx in advance

 

[eugenevdm]

I have a similar problem...everything went great...but I have no /tmp/greylist_dbg...please help!

 

[cyber_jo]

#define BLOCK_EXPIRE

i've a question about the #define BLOCK_EXPIRE part.

what is the definition of it, if i'm correct this is the time that the second attempt has been done(help me when iam wrong)

at the latest tar this time is 2 min??
isnt this a bit short.

allot of customers are complaining mail is delivered at there email 1 week late just after a second message that was send today?? what can i do about this??

must i set the #define BLOCK_EXPIRE time longer, if so how is this done?

thnx in advance,
Joe

running CentOs4.2 plesk 8.0.0

 

[cyber_jo]

Originally posted by eugenevdm
I have a similar problem...everything went great...but I have no /tmp/greylist_dbg...please help!

then something went wrong with permissions. what i have done is the sql querie gives a other user then given in the local_scan.c i just gave that user rights as well?? that fixed it for me

the /tmp/greylist_dbg... will be created now.

 

[grandmoffjake]

421 unable to read controls (#4.3.0)

I'm very excited about your greylisting technique, but I've run into a strange problem.

Following the other comments here, I got the Makefile to compile, but when I installed the qmail-smtpd file and restarted qmail, it started responding to requests with this:

421 unable to read controls (#4.3.0)

This happens immediately as a connection is opened. I tried adjusting the permissions for qmail-smtpd and qmail-envelope-scanner, but it didn't work.

Brent, I'd just like to say thanks for all the support you've provided for your implementation thus far, it's really cool of you to keep helping people with this.

By the way, I'm doing this on a FreeBSD 5.4 system using some strange pathing.. for example, the qmail program itself is in /usr/local/psa/rc.d/qmail, while the other qmail components are in /usr/local/psa/qmail/bin/

I'm wondering if this odd pathing has anything to do with it? Unfortunately, I inherited this system and all its quirks, so I'm not really sure what to do from here.

Thanks in advance for any help you can give.

 

[jean-david]

I think qmail can't read the control files (on debian /var/qmail/control/*)

Probably, either the path in qmail binaries are wrong, either the control files are not readable.

 

[grandmoffjake]

That was exactly the nudge I needed.

I started poking through the config and Makefiles.. I didn't know about the conf-* files. I had to adjust my path in the conf-qmail file and it's working like magic.

Thanks a bunch!

 

[dasmo]

I put this on my production debian server and it is all working great. There was a little bit of messing around to get it going, but it's all good. Haven't had one opt-out from the customers on the server (around 600 domains) so I think I'm going to put this on the rest of the servers. Thanks Brent!

 

[tdrpic]

I would appreciate if you could provide help to set up the greylisting for 7.5.4. I currently have the greylist working but for a previous qmail source, which wont include the reject mail to non-existent user feature.

While trying to build the new version, I have a lot of the following and similar messages:

/usr/lib/mysql/libmysqlclient.a(viosslfactories.o)(.text+0200): In function `vio_verify_callback:
: undefined reference to `X509_NAME_oneline

Packages:
mysql-4.1.21-2.rhel4.art
mysql-devel-4.1.21-2.rhel4.art
psa-7.5.4-rhel4.build75050824.12
openssl-0.9.7a-43.8
openssl-devel-0.9.7a-43.8

CentOS release 4.3

Thanks,

Tomislav

___________________________

http://www.somethingforit.com/ - Linux, security and programming.

 

[euro_gedimas]

Hi,

I installed greylisting for Plesk 8.0.0 on FreeBSD 6.0. It works. But sometimes delaying is too long (30min.) or my customers didn't get mails at all. Is it normal? The greylist_dbg.txt is always empty, when I run greylisting.pl script? Why?

PS: My qmail dir is /usr/local/psa/qmail

Maybe problem with long delay can be these:

Nov 15 09:16:23 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:23 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:23 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:23 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:23 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:23 asas pop3d:
Nov 15 09:16:23 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:24 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:24 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:24 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:24 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:24 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:24 asas pop3d:
Nov 15 09:16:24 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:25 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:25 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:25 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:25 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:25 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:25 asas pop3d:
Nov 15 09:16:25 asas pop3d: System error 2: No such file or directory

Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: mail from 195.14.168.70:4413 (gw.gereja.lt)
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas pop3d: db_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database
Nov 15 09:16:19 asas pop3d:
Nov 15 09:16:19 asas last message repeated 23 times
Nov 15 09:16:19 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:19 asas last message repeated 5 times
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:19 asas last message repeated 41 times

 

[jean-david]

greylisting delay

You can configure a delay for greylisting.
This delay is the amount of time before your mail server accepts incoming mail from a not already seen email enveloppe.

The effective delay is always bigger than the one you configure, because sender doesn't know how long your server will respond the temporary error failure message used by greylisting. It depends on the sender's configuration, which is often 1 hour (but only for the first mail from this sender).

It's one thing to think about before using greylisting.

 

[euro_gedimas]

Maybe problem with long delay can be these:

Nov 15 09:16:23 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:23 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:23 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:23 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:23 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:23 asas pop3d:
Nov 15 09:16:23 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:24 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:24 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:24 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:24 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:24 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:24 asas pop3d:
Nov 15 09:16:24 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:25 asas pop3d: Connection, ip=[213.197.172.30]
Nov 15 09:16:25 asas pop3d: IMAP connect from @ [213.197.172.30]db_connect: failed to connect to database: Error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
Nov 15 09:16:25 asas pop3d: System error 2: No such file or directory
Nov 15 09:16:25 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:25 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:25 asas pop3d:
Nov 15 09:16:25 asas pop3d: System error 2: No such file or directory

Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: mail from 195.14.168.70:4413 (gw.gereja.lt)
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas pop3d: db_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database: Error: Lost connection to MySQL server during querydb_connect: failed to connect to database
Nov 15 09:16:19 asas pop3d:
Nov 15 09:16:19 asas last message repeated 23 times
Nov 15 09:16:19 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:19 asas last message repeated 5 times
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas relaylock: /usr/local/psa/qmail/bin/relaylock: Unable to connect to the mysql database, relay will work in closed mode & white list will not work
Nov 15 09:16:19 asas pop3d: Unable to connect to the mysql database
Nov 15 09:16:19 asas last message repeated 41 times

It's from maillog. The 1-5min of delay is OK, but 30-60min. I think it's not good. My local_scan.c config:


BLOCK_EXPIRE 2
RECORD_EXPIRE 480
RECORD_EXPIRE_GOOD 36

 

[usbusi]

such a delay could backup legitimate mail too could it not?

such a "delay" would backup legitimate mail though too wouldn't it? and if you have a busy mailserver, this backup could be too large to handle?

(referring to the suggestion two posts above about setting a delay for unknown connections.)

regarding the immediate post above, i have found greylisting to need a week to settle down. during the first week you implement it, there will be calls from customers regarding delayed mail (and even some bounced mail the first few days.)

 

[euro_gedimas]

Can anybody share a PHP script for Greylisting statistic?

 

[JoaoCorreia]

Manual blacklist ...

Hello,

Anyone can point me how to blacklist a specific sender ?

I tried to add a line with MANUAL and * or % in rcpt_to.

Regards
Joao Correia