Yes lets fight with spam.
These days spammers are in love with my server, damn.
I just realize it, when I keep getting email bounced from the recipient guardian, such as barracuda.
When I check and recheck, the mail server is running as open relay server.
Here is what I did to protect.
Firstable, I already have Qmail + Vpopmail running properly and compiled as enabled roaming user that mean is smtp authenticate feature is enabled.
Secondly, You dont need to create secure connection using CRAMD5, AUTH PLAIN, AUTH LOGIN. Dont missunderstood, these secure connections are nothing to do with open relay, if you want to enable this feature that will be great.
Third, you must edit your /etc/tcp.smtp . tcp.smtp is a file to manage connection to your smtp port. Do google about this. You will find dozen knowledge about it.
The point is you must add these line :
127.:allow,RELAYCLIENT=”"
:allow,SMTPAUTH=”"
:deny
That means, allways allow connection from localhost and always allow incoming connection that using smtp authentication and deny the rest except the “rcpt to: ” is in the /var/qmail/control/rcpthosts file.
# service qmail stop
# service qmail cdb
# service qmail start
November 25th, 2009
Posted by
admin |
CentOS, Email, Ubuntu |
no comments
It has been 4 days trying change_pass plugin to work, even every search in google is allways comes with dead end.
I almost gave up, now I want to share this with all of you.
Mail server specs.
OS mandriva, Qmail+vpopmail, courier-imap, courier-authlib
Goog it for each details, I dont want to explain one-by-one, go for ‘life with qmail’. you will get all the information needed for qmail and components.
After searching with google for days and I tried all method and step-by-step told by people around the world but goes for nothing. The point is, the change_pass plugin always mention poppassd as daemon to verify user-password, and poppassd always mention pam authentication. That’s why change_pass plugin never work at my mail server.
The solution is, DO NOT use poppassd, use courierpassd because the authentication module is by courier-authlib
I use courierpassd-1.1.0-RC1.tar.gz , included in qmailrocks. You can search with new version.
How to Install courierpassd ?
Easy. Here is the step from courierpassd INSTALL file
REQUIREMENTS:
The Courier authentication library.
A super-server such as tcpserver or xinetd.
INSTALLATION:
Before building courierpassd, build and install the Courier
authentication library.
To build and install courierpassd, unpack the tarball and follow these
commands.
cd /path/to/courierpassd-<version>
./configure
make
su root
make install
That’s it. If you installed the authentication library in a non-standard
place, the configure script will complain. Just follow the instructions to
tell it where to find courierauthconfig, a program that is installed as
part of the authentication library.
Courierpassd configure options are:
–with-minuid[=UID]
Sets the minimum uid for which courierpassd
will change the password. Below this uid,
attempts to change a password will always
fail. If this option is not used, or a uid
not indicated, the value defaults to 100.
–with-badpassdelay[=sec]
Sets the time in seconds that courierpassd
will sleep after a failed attempt to change
a password. This option is intended to make
brute force attacks against passwords harder
to perform. This value defaults to 3.
Use ./configure –help to see the full range of available configure
options.
If make fails on your FreeBSD system, try using gmake. Gmake is available
in the FreeBSD ports tree.
Courierpassd is installed in /usr/local/sbin.
The courierpassd man page is installed in /usr/local/man.
Courierpassd has been successfully built on:
Mandrake Linux 10.1
For courierpassd to be of any use, the Courier authentication library
must be installed and user accounts set up which can be accessed by the
installed authentication modules. See the library documentation for
details on how to do this.
SUPER-SERVER SETUP:
Because courierpassd relies on a super-server to handle network connections, it is easy to set up courierpassd to listen on whatever port is desired.
Since courierpassd uses the poppassd protocol to talk to clients, however,the use of port 106 is recommended unless there is a compelling reason to
do otherwise.
A typical xinetd entry ( /etc/xinetd.conf ) for courierpassd would look like this:
service courierpassd
{
port = 106
socket_type = stream
protocol = tcp
user = root
server = /usr/local/sbin/courierpassd
server_args = -s imap
wait = no
instances = 4
disable = no
}
open /etc/services and change the line
poppassd 106/tcp # Eudora
with
courierpassd 106/tcp
# service xinetd restart
check the daemon :
# netstat -an | grep 106
you should see something like :
tcp 0 0 0.0.0.0:106 0.0.0.0:* LISTEN
then test to change your email password by telnet.
# telnet localhost 106
Trying 127.0.0.1…
Connected to DOMAINNAMEYAHOO(127.0.0.1).
Escape character is ‘^]’.
200 courierpassd v1.1.0-RC1 hello, who are you?
user admin@domainnameyahoo.info
200 Your password please.
pass mypassword
200 Your new password please.
newpass mynewpassword
200 Password changed, thank-you.
Last step, installing the change_pass plugin for squirrelmail
Download the plugin here
Extract it and put it at yourwebmail folder
# tar zxvf change_pass-3.0-1.4.0.tar.gz
# mv change_pass yourwebmailfolder/plugins
activate the plugin. and done. thats it.
October 1st, 2009
Posted by
admin |
Email |
no comments
I dont know why my SquirrelMail is suddenly has problem. MTA is qmail
I login to the squirrelmail successfully, reading email is fine, also any other operation with it, except sending email.
I do compose for new email and write them normally, when I click ’send’ button the email sending very slow, then appear some kind of error mesage :
Message not sent. Server replied:
354
Email is delivered eventhough there is problem.
After googling here-there, I found the problem maker.
run ./configure within your squirrelmail web folder.
then choose :
2. Server Settings
3. Sendmail or SMTP
change the value to sendmail
Then choose
B. Change Sendmail Config : /usr/sbin/sendmail
4. Sendmail Path : /usr/sbin/sendmail
Change the value into your sendmail file.
To locate where your sendmail file is # locate sendmail | grep bin | grep qmail
You will find /var/qmail/bin/sendmail as your sendmail path.
Save Data then exit
Thats all.
March 24th, 2009
Posted by
admin |
Email |
no comments
article source : newcreations.net
There are many ways in which spammers can get your email address. The ones I know of are :
1. From posts to UseNet with your email address.
Spammers regularily scan UseNet for email address, using ready made programs designed to do so. Some programs just look at articles headers which contain email address (From:, Reply-To:, etc), while other programs check the articles’ bodies, starting with programs that look at signatures, through programs that take everything that contain a ‘@’ character and attempt to demunge munged email addresses.
There have been reports of spammers demunging email addresses on occasions, ranging from demunging a single address for purposes of revenge spamming to automatic methods that try to unmunge email addresses that were munged in some common ways.
As people who where spammed frequently report that spam frequency to their mailbox dropped sharply after a period in which they did not post to UseNet, as well as evidence to spammers’ chase after ‘fresh’ and ‘live’ addresses, this technique seems to be the primary source of email addresses for spammers.
2. From mailing lists.
Spammers regularily attempt to get the lists of subscribers to mailing lists [some mail servers will give those upon request], knowing that the email addresses are unmunged and that only a few of the addresses are invalid.
A different technique used by spammers is to request a mailing lists server to give him the list of all mailing lists it carries (an option implemented by some mailing list servers for the convenience of legitimate users), and then send the spam to the mailing list’s address, leaving the server to do the hard work of forwarding a copy to each subscribed email address.
[I know spammers use this trick from bad experience - some spammer used this trick on the list server of the company for which I work, easily covering most of the employees, including employees working well under a month and who’s email addresses would be hard to find in other ways.]
December 22nd, 2008
Posted by
admin |
Email |
no comments
taken from http://en.wikipedia.org/wiki/DomainKeys
DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender and the message integrity. The DomainKeys specification has adopted aspects of Identified Internet Mail to create an enhanced protocol called DomainKeys Identified Mail (DKIM). This merged specification is the basis for an IETF Working Group which guided the specification toward becoming an IETF standard.
The DKIM standard was issued in May 2007. The DomainKeys draft was also issued under “historical” status at the same time.
July 30th, 2008
Posted by
admin |
Domain, Email |
no comments
