Mailing List Archive: Qmail: users

Consulting quotes needed

Index | Next | Previous | View Threaded

sschreiber at interlogusa

Sep 7, 2009, 5:32 PM

Post #1 of 5 (1587 views)
Permalink

Consulting quotes needed

Well, I need quotes for consulting on my problem.

I'm running qmail with daemontools (I think) on freBSD.

The problem is that we started noticing that outbound emails were not being delivered. This began early last Thursday.

When I looked into it, I saw many messages in the queue where the From field was empty. When I look at the log(qmail-send), I see that the max number of concurrent remote connections is full, 20/20.

Inbound emails and internal emails (local messages) are delivered ok, but nothing goes out. The queue continues to grow with these outbound messages.

Our mx records point to a third-party spam filter provider which does not allow mail for boxes that don't exist, so whoever is doing this has stumbled upon our IP address somehow. We don't have rcptto checking on the server.

I need someone who can log in remotely or on-site in Minneapolis, MN.

Need to know rates so I can get approval from the boss.

Thanks,

Scott W. Schreiber
Microsoft Certified Systems Administrator
Microsoft Certified Professional
Microsoft Certified Technology Specialist
Senior PC Support
Interlog USA
5700 Lee Road South
Maple Heights, OH 44137
p:(216)220-4234
f: (216)823-5004
(Sent from my Blackberry)

kyle-qmail at memoryhole

Sep 7, 2009, 5:54 PM

Post #2 of 5 (1472 views)
Permalink

Re: Consulting quotes needed [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tuesday, September 8 at 12:32 AM, quoth Scott Schreiber:
> Well, I need quotes for consulting on my problem.

Since I don't do consulting, I can't give you quotes. But I've got
opinions aplenty, and they're free! ;) And probably worth exactly what
you pay for them.

> Our mx records point to a third-party spam filter provider which
> does not allow mail for boxes that don't exist, so whoever is doing
> this has stumbled upon our IP address somehow. We don't have rcptto
> checking on the server.

Why do you allow mail delivery from anyone other than this third-party
provider? You could easily prevent any spammer who knows your address
from touching you by simply fiddling with your tcp.smtp rules to only
allow incoming connections from this filter provider.

~Kyle
- --
In all affairs it's a healthy thing now and then to hang a question
mark on the things you have long taken for granted.
-- Bertrand Russell
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iQIcBAEBCAAGBQJKpatVAAoJECuveozR/AWeCx0P/RTYEZOwuoc5H8akuLFpp9eI
BsTNzyDMJVG05SCkOoMn2RgsXIfEYuUO3AHxqOtM4GacHUCtK1DFUPyFY2oh2Q0R
pYtWFwSAr8aVVUenXU7lh9aM68EQyZNpEqzc/24YVh/1EvuUmcH1r13RC8lI6fZt
VgmL1v6Zlz/bTSqCj3b8HW0J6p0bx0UalRUIaWFKZpMPE2Ect+DyaN7vfWLFV05A
gwwB0ISWwUWsEsl4KZTVkak5uIU8oEGdIQ8x2/OoaN7sKZHuV6P7svpl8yoPfRU8
LHW49Cli5Ez48xUvv2teyXGXwzH3gyfnxPEkr680ghfXa0s2VFPviMDgN5i83gZQ
QqhjSfXwQpjbBaL1w/QewnHygBj3UfTqGX8bTOvOiCJtXCrABZpXVGMizRsROAbb
YbRwhjTv+RwMm5RAEZ72ixOF83zzOJZZaCJBWzeKrVPiaCA9OsRuiVmlwMfVEbop
C6fIxzLfUCX8sVIEmWsUbeKv1KWUIHL/O8TNO104bXzHZibEkMgjp4Pt+6gNNbdK
LMi9Sh3sn00pcLsit3qrdcS8XHvyYQTIlNkP8eZroynmSy/yS1nv3XqvV9nI/kJp
RRZQo/jVPUPfYk+YVCtfx8/Uijg9qO0kxHwB73V+0ZM2bsDMfIC9K6u6noD0K/ps
iF/klLOK5Jzs/Y05zNQr
=iCES
-----END PGP SIGNATURE-----

up at 3

Sep 8, 2009, 5:15 AM

Post #3 of 5 (1476 views)
Permalink

Re: Consulting quotes needed [In reply to]

On Tue, 8 Sep 2009, Scott Schreiber wrote:

> Our mx records point to a third-party spam filter provider which does
> not allow mail for boxes that don't exist, so whoever is doing this has
> stumbled upon our IP address somehow. We don't have rcptto checking on
> the server.

Why are you accepting SMTP connections from any source other than the
filtering service?

You need to set up tcpserver to accept email from their IP(s) and deny
everything else. Problem solved. You can also patch qmail to allow much
larger concurrencies.

James Smallacombe PlantageNet, Inc. CEO and Janitor
up [at] 3 http://3.am
=========================================================================

scott at schreibnet

Sep 8, 2009, 5:49 AM

Post #4 of 5 (1458 views)
Permalink

Re: Consulting quotes needed [In reply to]

On Tue, Sep 8, 2009 at 8:15 AM, <up [at] 3> wrote:

> Why are you accepting SMTP connections from any source other than the
> filtering service?

You guys underestimate the depths of my ignorance! heh...

I found that the tcp.smtp file that was in use was in the vpop
directory structure, so I edited it, hashing out the ":allow" and
adding the last two lines below:

#
# No Qmail-Scanner at all for mail from 127.0.0.1
127.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
# Use Qmail-Scanner without SpamAssassin on any mail from the local network
# [it triggers SpamAssassin via the presence of the RELAYCLIENT var]
#10.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
10.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
#
# Use Qmail-Scanner with SpamAssassin on any mail from the rest of the world
#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
216.250.188.210-211:allow,QMAILQUEUE="/var/qmail/bin/qmail-queue"
:deny

I rebooted the server. The queue is not filling with messages from
"<>" right now, but there is some real mail in there that is not going
out. The log shows a lot of
"CNAME_lookup_failed_temporarily._(#4.4.3)/"

Scott

scott at schreibnet

Sep 8, 2009, 6:08 AM

Post #5 of 5 (1471 views)
Permalink

Re: Consulting quotes needed [In reply to]

> I rebooted the server. �The queue is not filling with messages from
> "<>" right now, but there is some real mail in there that is not going
> out. �The log shows a lot of
> "CNAME_lookup_failed_temporarily._(#4.4.3)/"

So I put new DNS servers in resolv.conf....
Mail is going out!. I guess the old name servers were taken offline
or something. Awesome.

Thanks to all for your help. Esp. Dave Johnson, who did a lot of hand
holding throughout the weekend.

Scott

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads