Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Qmail: users

mkvalidrcptto issues.

  

 
Qmail users RSS feed   Index | Next | Previous | View Threaded


mhutchinson at manux

Apr 17, 2008, 9:22 PM

Post #1 of 3 (263 views)
Permalink
mkvalidrcptto issues.
Hi Everyone,



As you've seen lately, there has been a large response to my queries
about Valid RCPTTO.



Thank You everyone for your informative replies :-)



I have been testing a few things related to this, and have come across a
configuration problem with Qmail.



When I run the "mkvalidrcptto" script from the qmail.jms1.net site, I
get errors saying:



ERROR: domain1.co.nz is listed in rcpthosts/morercpthosts.cdb but is not
handled by the server.



^^ there are 5 of these. As I understand it, these are happening because
the domains are not listed in the virtualdomains file.



My question is, what possible reason would there be to leave these
domains out of that file? I am pretty sure we do not host the domains in
question, but accept relay delivery to them for Authenticated users. -
would populating virtualdomains with these domains break something I am
not expecting it to?



I would have quite happily populated virtualdomains with these domains,
but breaking mail delivery here is a big no no, even if it is for a few
minutes.



Thanks for any info,



Cheers,

Michael Hutchinson

Manux Solutions Ltd

Phone: 0800 328 324 | Email: mhutchinson[at]manux.co.nz
<mailto:234mhutchinson[at]manux.co.nz>

http://www.manux.co.nz/


jms1 at jms1

Apr 19, 2008, 6:45 PM

Post #2 of 3 (219 views)
Permalink
Re: mkvalidrcptto issues. [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2008-04-18, at 0022, Michael Hutchinson wrote:
>
> When I run the "mkvalidrcptto" script from the qmail.jms1.net site, I
> get errors saying:
>
> ERROR: domain1.co.nz is listed in rcpthosts/morercpthosts.cdb but is
> not
> handled by the server.
>
> ^^ there are 5 of these. As I understand it, these are happening
> because
> the domains are not listed in the virtualdomains file.

to be more precise, it's becuase they are not listed in the
virtualdomains, locals, or "me" file.

in this situation, qmail-smtpd will ACCEPT the incoming messages
(because the domain is listed in "rcpthosts" or "morercpthosts.cdb")
and qmail-send will classify it as a REMOTE message.

i've seen people who "play with" their control files make the mistake
of trying to set a domain up for virtual or local service by only
changing the rcpthosts file, then becoming confused when qmail-send
tries to send the message to another server (or bomb with the
"Although I am listed as the best-preference host in the MX record..."
message.)

so i added a check to the script which looks for this very situation.
the message you describe is because these five domains are set up that
way. the idea is to make you look at how the domain is configured to
begin with.

IF the domain should be delivered locally (i.e. on the same machine)
then you need to add the domain to the virtualdomains or locals file,
so qmail-send will know what to do with it.

IF the domain should be delivered to some other machine, adding an
appropriate entry to your "smtproutes" file will make the script
happy, because it can then see evidence that you are aware of the
domain, and have made a conscious decision about how it should be
handled (in other words, that it's not an accidental oversight.)

you could always comment out that bit of the script as well, although
you would then not have the protection against accidentally forgetting
to add a local (or virtual) domain to the appropriate control file.


> My question is, what possible reason would there be to leave these
> domains out of that file? I am pretty sure we do not host the
> domains in
> question, but accept relay delivery to them for Authenticated users.

then your control files are technically correct, and you can make the
script happy by adding an appropriate line to your "smtproutes" file.


> would populating virtualdomains with these domains break something I
> am
> not expecting it to?

yes. it would cause qmail-send to try and deliver the messages to
whatever local (or virtual) userid you entered after the ":" on the
virtualdomains line.


> I would have quite happily populated virtualdomains with these
> domains,
> but breaking mail delivery here is a big no no, even if it is for a
> few
> minutes.

then it's a good thing you didn't.

it is never a good idea to muck about with qmail's control files
unless you understand the consequences of what you're doing.

- --------------------------------------------------------
| John M. Simpson -- KG4ZOW -- Programmer At Large |
| http://www.jms1.net/ <jms1[at]jms1.net> |
- --------------------------------------------------------
| Hope for America -- http://www.ronpaul2008.com/ |
- --------------------------------------------------------





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFICqA/EB9RczMG/PsRAp1tAKDvG/FpALykx+/dfxspH9MCSux4GACgjJUT
+WwAKL7XRbAkV95K6HO9u/c=
=s+lC
-----END PGP SIGNATURE-----


mhutchinson at manux

Apr 29, 2008, 4:25 PM

Post #3 of 3 (155 views)
Permalink
RE: mkvalidrcptto issues. [In reply to]
> -----Original Message-----
> From: John Simpson [mailto:jms1[at]jms1.net]
> Sent: 20 April 2008 1:46 p.m.
> To: qmail[at]list.cr.yp.to
> Subject: Re: mkvalidrcptto issues.
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2008-04-18, at 0022, Michael Hutchinson wrote:
> >
> > When I run the "mkvalidrcptto" script from the qmail.jms1.net site,
I
> > get errors saying:
> >
> > ERROR: domain1.co.nz is listed in rcpthosts/morercpthosts.cdb but is
> > not
> > handled by the server.
> >
> > ^^ there are 5 of these. As I understand it, these are happening
> > because
> > the domains are not listed in the virtualdomains file.
>
> to be more precise, it's becuase they are not listed in the
> virtualdomains, locals, or "me" file.
>
<<SNIP>>
> IF the domain should be delivered to some other machine, adding an
> appropriate entry to your "smtproutes" file will make the script
> happy, because it can then see evidence that you are aware of the
> domain, and have made a conscious decision about how it should be
> handled (in other words, that it's not an accidental oversight.)

This sounds exactly like what I need to do. I have used the smtproutes
before to fix broken CNAME DNS lookups - probably should have thought of
this sooner to fix the current issue.

> you could always comment out that bit of the script as well, although
> you would then not have the protection against accidentally forgetting
> to add a local (or virtual) domain to the appropriate control file.

Protection is good, so I won't be breaking the script like that :)

> then your control files are technically correct, and you can make the
> script happy by adding an appropriate line to your "smtproutes" file.

Ok, sounds good to me, off to do it now!

> > I would have quite happily populated virtualdomains with these
> > domains,
> > but breaking mail delivery here is a big no no, even if it is for a
> > few
> > minutes.
>
> then it's a good thing you didn't.
>
> it is never a good idea to muck about with qmail's control files
> unless you understand the consequences of what you're doing.

I agree with that, hence the extensive use of mailing lists :)

Thanks for your help John, you've been wonderfully informative, I have
understood everything you've said and now have a solution

Thanks again!

Cheers,
Mike

Qmail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.