[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.99.51-pre2

> After upgrading our Z-mailer installation to the latest 2.99.51pre2 at
> a couple of different installations, some questions have come up.  First,
> I wonder what the following message appearing in /var/log/mail/scheduler
> means:
> Resyncing file "T/132957-22096" (ino=132957) .. in processing db
> It appeared repeatedly until making a more than 500 Megabyte log file,
> filling up the disk.  It only happened on one installation, a Debian
> 'hamm' system with libc6 2.0.6.  Is it an indication something is wrong
> or should I shut off that message and ignore it?

	It is usually indicative that scheduling configurations aren't
	quite complete; usually I have had it as:

			command="smtp -s"

	what is wrong ?  'smtp' program's default channel is 'smtp'!
	command definition must be:

			command="smtp -s -c smtpx"

	Things like that are possible problem sources.
	Checking the spoolfile might tell something usefull too.
	( Check all '^r' lines. )

> My other questions have to do with relay protection.  With the Z-mailer
> upgrade, I finally really got around to tightening up our relay protection.
> It worked fine until the case of an employee using an outside ISP had
> her mail client set to use our SMTP server to send out all her mail.  Of
> course, I know the real answer is to find out that ISP's SMTP gateway and
> tell her to use that.  But, in the meanwhile, would it be possible to
> do something like:
> cuser@press-gopher.uchicago.edu relaycustomer +
> in smtp-policy.src to allow only that user to use us for a relay?  I
> tried, but to no avail.

	No, I took "relaycustomer +" based on domain-name away..

> An alternative I was considering, since I found out this user's mail client
> is M$ Outlook Express, is to try using the new authenticated SMTP method.
> Once authentication successful, I trust that arbitrary relaying is
> allowed?  Anyway, I couldn't get it to work.  I enabled

	Yes, it should be.  I think I *did* try it without TLS wrapper
	also "way back" when I was developing it.  With a Netscape,
	of course..

> PARAM smtp-auth
> PARAM AUTH-LOGIN-also-without-TLS
> entries in 'smtpserver.conf' but the authentication always fails when
> sending with an Outlook Express client here:
> 10726IOUBr      EHLO press226187
> 10726IOUBw      250-press.uchicago.edu expected "EHLO press-187.uchicago.edu"
> 10726IOUBw      250-AUTH=LOGIN
> 10726IOUBw      250-AUTH LOGIN
> 10726IOUBw      250-ETRN
> 10726IOUBw      250 HELP
> 10726IOUBr      AUTH LOGIN
> 10726IOUBw      334 VXNlcm5hbWU6
> 10726IOUBr      Ymhi
> 10726IOUBw      334 UGFzc3dvcmQ6
> 10726IOUBr      **base64-password**
> 10726IOUBw      535 Authentication failed.
> Any ideas there?

	PARAM tls-loglevel 4

	Will show you (at log) decoded username, and password.
	( smtpserver/smtpauth.c, at the end... )

> Thanks,
> -- 
> Roy Bixler
> The University of Chicago Press
> rcb@press-gopher.uchicago.edu

/Matti Aarnio