Courier Mail Server

Hi!

I am currently using a server with a setup that uses the
QMAILQUEUE-patch and qmail-scanner (http://qmail-scanner.sf.net). I like
this setup, but it has a few drawbacks that I think Maildrop could do
better.=20

I've experimented with different settings on who runs what, etc., but I
can't seem to get Maildrop to deliver anything, or log anything at all.=20
I tried to set maildrop setuid root and chown the filter file to root,
chmod'ing it to 600. I asked it to run a simple "touch" upon starting
the filter, logging to a file, or delivering mail to a single user only.
It does not seem to want to process at all.

I'm not too known with maildrop, but it works as a delivery
program/filter on the other server here, which is my personal one. And,
I know that it's a bit picky here and there.

This might be a bit vague, but it's what I've got :-)

Did anyone touch upon this earlier, and could lead me the right way?

Thanks=20

--=20
Christoffer Olsen
co@...

On 28 Nov 2003, Han Boetes spake thusly:

> Hi,
>
> In procmail you can set `MAILDIR=$HOME/Mail' and then you can:
>
> |maildir dir
>
> instead of
>
> |maildir $HOME/Mail/dir
>
> which would convert in maildrop to
>
> to Mail/dir
>
> But I haven't found out how to make it like:
>
> to dir
>
> I have quite a few folders and now I have to specify them all with
> the ``Mail/'' prefix.
>
>


What I tend to do is define the default, ie DEFAULT=/home/sean/Maildir

and use $DEFAULT/Pers for delivery. You could just set it to A

Sean

-- 
  GPG Key Id 120A02FB ICQ: 679813  Jabber: tcobone@...
SuSE 9.0 for when you want to spend time doinmg and not rebooting

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 27 November 2003 10:37 pm, Han Boetes wrote:
> What is wrong with this recipy?
>
> # dump all kind of m$ crap (99.99% virusses)
> if (/^Content-Type:.*multipart/ && \
> =A0 =A0
> /^Content-Type:.*(audio/x-|application).*name=3D.*\.(ad[ep]|asd|ba[st]|ch=
m|cm
>d|cpl|crt|dll|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[betw]|ms[cipt]|nws|oc=
x|
>ops|pcd|p[ir]f|reg|sc[frt]|sh[bsm]|swf|url|vb[esx]?|vxd|ws[cfh])/:b) to
> Mail/zspam
>
> maildrop complains about a missing ')', while emacs says they match
> fine.
not sure about this one han but I did add anomy-sanitizer to cooker contrib=
s=20
so you should be able to grab it from there. Then I have a filter set up li=
ke=20
this.=20

this is only hte pertinate parts my .mailfilter is much larger than this an=
d=20
does a bunch of other goodies also. For the most part does waht you want to=
=20
do but it also defangs bad html. It also has variable filter levels. Anyway=
=20
enjoy.

LOGS =3D 1
SANITIZE =3D 1
CCSANITIZE =3D 1

LMB=3D"Maildir"
UNSANITIZED=3D"Maildir/.Unsanitized"
SANITIZED=3D"Maildir/.Sanitized"
ANOMY=3D/usr/lib/perl5/vendor_perl/5.8.1/

`test -d $LMB`
if( $RETURNCODE =3D=3D 1)
{
	`maildirmake++ $LMB`
}

if($LOGS)
{
logfile "$HOME/.maildrop.log"

log "=3D=3D=3D=3D=3D=3D=3D=3D"
}
#####################################
#
# Running Anomy-sanitizer=20
# This only works if SANITIZE=3D1 above=20
#
#####################################

if($SANITIZE)
{
	if( $LOGS =3D=3D 1)
	{
		log "------------------------------------------------------------- Send t=
o=20
Anomy"
	}
	# Set up the environment variable ANOMY to keep Anomy happy.
	#
	# Filter the message via stdin to Anomy, with the config
	# file specified, logging output being appended to the
	# Maildrop log file and then the output being piped to
	# cat so cat's stdout sends it back to Maildrop.  The use
	# of "2>>" for appending stderr with the log material means
	# we need the "| cat".
	#
	# If Anomy's conf file has:
	#
	#   feat_log_inline =3D 0
	#   feat_log_stderr =3D 1
	#
	# Then a report of Anomy's progress in working on the message
	# will be appended to the Maildrop log file.  This seems to
	# work fine, so presumably each "log" line for Maildrop
	# means it opens and closes the log file.

	if($CCSANITIZE)
	{
		if($LOGS)
		{
			log "------------------------------------------------------------- Save=
=20
unsanitized."
		}
		`test -d $UNSANITIZED`
		if( $RETURNCODE =3D=3D 1)
		{
			`maildirmake++ -f Unsanitized $LMB`
			cc "$UNSANITIZED"
		}
		exception {
			# Only uncomment this if you mail program can handle it.
			#DELTAG=3D1
			cc "$UNSANITIZED"
		}
	}

	if($LOGS)
	{
		xfilter "/usr/bin/sanitizer.pl /etc/anomy-sanitizer.conf 2>>~/.maildrop.l=
og=20
| cat"
	}=20
	exception {
		xfilter "/usr/bin/sanitizer.pl /etc/anomy-sanitizer.conf 2>>/dev/null"
	}

	if($LOGS)
	{
		log "------------------------------------------------------------- Anomy=
=20
done."
	}
=09
	# Watch out for text added to body by Anomy Sanitizer
	# when it *drops* a file, not just when it renames
	# or in some other way defangs one.  This is a part
	# of the drop message I added.
	# ":b" means look in the body, rather then the headers.
=09
	if (   /^*** Attached file dropped ***/:b)
	{
		if($LOGS)
		{
			log "------------------------------------------------------------- VIRUS=
=2E "
		}     =20
		# To make it not go to the Inbox, this "cc" into a "to"
		# and comment out the next three lines.
		#cc "Maildir/.Virus"
		#DELTAG=3D1
		xfilter "subjadd -----[VIRUS]----- "
		`test -d $SANITIZED`
		if( $RETURNCODE =3D=3D 1)
		{
			`maildirmake++ -f Sanitized $LMB`
			to "$SANITIZED"
		}
		exception {
			to "$SANITIZED"
		}
	}
}


=2D --=20
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-
                                      Brook Humphrey          =20
        Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107       =20
http://www.webmedic.net, bah@..., bah@...  =20
                                 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/yUwKnT1TkA6FgPgRAosvAKCAXV/4e1xTL8hrJcq6i2TZmynCzQCfaplA
vQ72RGzbO2Bxkp5A4PH+XgQ=3D
=3DiUS+
=2D----END PGP SIGNATURE-----

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 27 November 2003 10:37 pm, Han Boetes wrote:
> Hi,
>
> In procmail you can set `MAILDIR=3D$HOME/Mail' and then you can:
>
> =A0 |maildir dir
>
> instead of
>
> =A0 |maildir $HOME/Mail/dir
>
> which would convert in maildrop to
>
> =A0 to Mail/dir
>
> But I haven't found out how to make it like:
>
> =A0 to dir

sorry forgot I also  gave an example for this is my other emial.

=2D --=20
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-
                                      Brook Humphrey          =20
        Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107       =20
http://www.webmedic.net, bah@..., bah@...  =20
                                 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/yUxinT1TkA6FgPgRAifSAJ4gPmL6qCcHg9uQqF5IZ0bSlURI1gCdFRiD
jFRxEsBBlc1AwPVBKxTCqa8=3D
=3D8yr+
=2D----END PGP SIGNATURE-----

On Friday 21 November 2003 07:05 am, scalex wrote:
> Can anyone suggest me a good howto about how to add to my present config
> spamassasin? I read good things about spamassasin. So, how can i
> itegrate it keeping my current configuration... I read the install doc
> found on spamassasin source code, but is not expalined to much about my
> sql needs.

Tell you what i have been wondering about the other only I was looking at 
ldap. I do however have spamassassin working great through maildrop. Wheather 
you share you info or not I'll show you how to do it through 
your .mailfilter.

>
> Any help will be appreciated.
>
> Regards,
> Alex

-- 
New and improved with advanced outlook crash handler. 
<!--><input type -->
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
                                      Brook Humphrey           
        Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107        
http://www.webmedic.net, bah@..., bah@...   
                                 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-

My pages on Postfix, Maildrop, Anomy Sanitizer and SpamAssasin might be
helpful - but I didn't use MySQL:

  http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
  http://www.firstpr.com.au/web-mail/RH90-Postfix-Courier-Maildrop-IMAP/

Are there any other mini-HowTo or "How-I-Did-It" pages for Maildrop?  I
would like to link to them.


     - Robin

On Fri, 2003-11-21 at 07:05, scalex wrote:
> Hello all,
> 
> My message could be a little oftopic here, but i ask because there are 
> other peoples which use the same or almost the same config as me. So, i 
> am using postfix-2.x + mysql + smtp-auth via pam_maysql + maildrop as 
> LDA and for extended quota support. All is working fine and all 
> configurations are virtuals (no shell acounts, only sql users), multiple 
> virtual domains, etc.
> 
> Can anyone suggest me a good howto about how to add to my present config 
> spamassasin? I read good things about spamassasin. So, how can i 
> itegrate it keeping my current configuration... I read the install doc 
> found on spamassasin source code, but is not expalined to much about my 
> sql needs.
> 
Have you considered Dspam? It's relatively unknown, but I'm finding it
incredible--and it plugs straight into your system. All you have to do
is configure postfix to deliver to Dspam, configure Dspam to deliver to
Maildrop, set up a token database in MySQL, and optionally set up a CGI
script to view the quarantine (optional because you can also have Dspam
just add a header, like SpamAssassin).

I've tried SpamAssassin in the past, but found it a bear to keep up to
date, especially managing a mix of virtual and local users, and it
caught way too many false positives. I've also tried Bogofilter, but it
seemed to decline in effectiveness after a few weeks.

I've been using it for a little over a month. It's consistently catching
90% of my spam, with no false positives since the first week. And I'm
still in the training period...

http://nuclearelephant.com/projects/dspam
-- 
John Locke
Open Source solutions for small business problems
http://freelock.com

John Locke wrote:

>On Fri, 2003-11-21 at 07:05, scalex wrote:
>  
>
>>Hello all,
>>
>>My message could be a little oftopic here, but i ask because there are 
>>other peoples which use the same or almost the same config as me. So, i 
>>am using postfix-2.x + mysql + smtp-auth via pam_maysql + maildrop as 
>>LDA and for extended quota support. All is working fine and all 
>>configurations are virtuals (no shell acounts, only sql users), multiple 
>>virtual domains, etc.
>>
>>Can anyone suggest me a good howto about how to add to my present config 
>>spamassasin? I read good things about spamassasin. So, how can i 
>>itegrate it keeping my current configuration... I read the install doc 
>>found on spamassasin source code, but is not expalined to much about my 
>>sql needs.
>>
>>    
>>
>Have you considered Dspam? It's relatively unknown, but I'm finding it
>incredible--and it plugs straight into your system. All you have to do
>is configure postfix to deliver to Dspam, configure Dspam to deliver to
>Maildrop, set up a token database in MySQL, and optionally set up a CGI
>script to view the quarantine (optional because you can also have Dspam
>just add a header, like SpamAssassin).
>
>I've tried SpamAssassin in the past, but found it a bear to keep up to
>date, especially managing a mix of virtual and local users, and it
>caught way too many false positives.
>
Hi John,

Thanks for sugestion....The answer is no. I finished to setup 
spamassasin.....and sql queries is working fine....exact as i wish.... 
This is first step. Also, spam emails are delivered in a Spam directory 
(read from sql). Indeed, spamassasin + sql si less documented....but it 
knows to handle per user spam settigs, no matter how many domains you 
have.... I am using just maildrop for LD....

Alex

On Friday 21 November 2003 03:35 pm, Robin Whittle wrote:
> My pages on Postfix, Maildrop, Anomy Sanitizer and SpamAssasin might be
> helpful - but I didn't use MySQL:
>
> =A0 http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/
> =A0 http://www.firstpr.com.au/web-mail/RH90-Postfix-Courier-Maildrop-IMAP/
>
> Are there any other mini-HowTo or "How-I-Did-It" pages for Maildrop? =A0I
> would like to link to them.
Well I'm getting ready to do a write up kind of like yours. I have it all=20
working under mandrake though and have done a few more maildrop things than=
=20
you have.=20

=46or now it is Postfix, Maildrop, Anomy-saitizer, Spamassassin, Dovecot, a=
nd=20
Squirrelmail.=20

I'm quite happy with the setup but Next I'm thinking about doing it with ld=
ap=20
so that I can ad virtual accounts without the need for a shell account.

I learned allot from your pages I have been trying to use maildrop for year=
s=20
and could never get it working right but now it all seems to be working wel=
l.=20
Thanks.=20

It has even inspired me to make anomy rpm's for mandrake which are now in=20
contribs and soon I'm doing another set of rpm's that will have a set of sk=
el=20
files including .mailfilter, and .spamassassin files so that the bayes is=20
pre-primed for users on the system and things wil be working right out of t=
he=20
box by installing this rpm. Thanks again for the pointers.=20
>
>
> =A0 =A0 =A0- Robin



=2D-=20
New and improved with advanced outlook crash handler.=20
<!--><input type -->
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-
                                      Brook Humphrey          =20
        Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107       =20
http://www.webmedic.net, bah@..., bah@...  =20
                                 Holiness unto the Lord
 -~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'=
~-

On Mon, 2003-11-17 at 14:08, scott leonard wrote:
> i've been using postfix's 'mailbox_command' directive to have it 
> forward mail to the maildrop local transport agent, but i'm interested 
> in using the "mailbox_transport" directive which uses the pipe command 
> in postfix's master.cf.  however, all the howto's show this pipe 
> command setting the user to "vmail" or something for the purpose of 
> virtual accounts.  anyway to generalize this so it will use vmail for 
> virtual and the users name for local accounts?
> _

Use both. I use a MySQL transport_map that sends mail for the local
users to the "local:" transport, and for my virtual domains, to
"maildrop:". The Local transport delivers to the mailbox_command as the
local user. The Maildrop transport delivers to a virtual mailbox as
whatever Unix user specified in the master.cf file.

The Pipe delivery agent forces you to choose a non-root UID to drop
privileges, before it hands off to the MDA.

The other option, of course, is to then have Maildrop run setuid, allow
the mail user to switch users by specifying it when you compile
Maildrop, and provide some sort of map to Maildrop to specify the UID.
You can do this, too, in MySQL--and I'm pretty sure you can with LDAP
too.

Cheers,
-- 
John Locke
Open Source solutions for small business problems
http://freelock.com

On Mon, 2003-11-17 at 23:08, scott leonard wrote:
> i've been using postfix's 'mailbox_command' directive to have it=20
> forward mail to the maildrop local transport agent, but i'm interested=20
> in using the "mailbox_transport" directive which uses the pipe command=20
> in postfix's master.cf.  however, all the howto's show this pipe=20
> command setting the user to "vmail" or something for the purpose of=20
> virtual accounts.  anyway to generalize this so it will use vmail for=20
> virtual and the users name for local accounts?
> _
> scott

You will have to take into consideration, when you start using maildrop
in as the transport, that the aliases table will not get parsed for the
users you deliver by maildrop transport.

Beyond that it should be possible to deliver to unix accounts that way
also.

If you are going for a virtual-user setup, the transport is unavoidable.

Regards,
Martin List-Petersen
martin at list-petersen dot se
--
FROZEN ENTREES may be flung by members of opposing SWANSON SECTS ...

Fabiano Sidler wrote:

>Hello!
>
>I'm installing a standard spamfilter setup with fetchmail->postfix->maildrop.
>All components already work fine, except maildrop, which can't create a
>logfile in my ~/.maildir:
>
>  Nov 16 20:26:22 floatkiller maildrop[5841]: Unable to create log file.
>
>This is my /etc/maildroprc:
>
>  MAILDIR="$LOGNAME/.maildir"
>  logfile "~/.maildir/maildrop.log"
>  
>  echo $LOGNAME
>  xfilter "/usr/bin/spamc -f"
>  
>  if (/^X-Spam-Status: Yes/)
>    to $MAILDIR/.Spam/ 
>
>But it doesn't echo the $LOGNAME. maildrop is set to suid root.
>Since this problem, the mail stays in the queue, and without maildrop it 
>works, but then I get flooded with spam!
>
>I hope that this is not a FAQ, but if yes, please give me a link to the home-
>page. (I was "googling" for 2 hours)
>
>Greetings,
>Fabiano
>  
>
Try changing your logfile line to:

logfile "$HOME/.maildir/maildrop.log"

I just tried the tilde in my .maildropfilter file and when i send myself 
a message, i
get the "Unable to create log file" error.Using $HOME works for me.

>Try changing your logfile line to:
>
>logfile "$HOME/.maildir/maildrop.log"
>
>I just tried the tilde in my .maildropfilter file and when i send myself
>a message, i
>get the "Unable to create log file" error.Using $HOME works for me.

Ok, this problem is solved, thanks!
But now I always got "Unable to create dotlock"-errors.
So I recompiled maildrop with '--enable-use-dotlock=0', and then it says:
"Unable to open mailbox". The directory exists and permissions should work.

What's wrong? :(
Fabiano

Sebastian Grewe writes:

> The Logfile of maildrop says:
> 
> 
> Date: Mon Nov 17 15:26:46 2003
> From: [Mail Protected]
> Subj: test
> !Err: | /home/vpopmail/bin/vdelivermail.log '' bounce-no-mailbox       
> (1116)
> 
> as an example. Now I would like to know why mails are not delivered by
> vpdelivermail, which obviously returns an exit status != 0 .

Ok, but why are you asking this on this mailing list?  The vpopmail mailing 
list is down the hall, last door on your right.

Courier User <courier@...> writes:

> Even though maildrop appears to treat these two cases identically,
> child processes invoked via xfilter and other means could have
> problems with this.  This happens because environment variables are
> inherited by child processes, which in the general case cannot be
> counted on to look at these two instances as being equivalent ...
> and in quite a few common cases, they do not.
...
> Thoughts?

Check out the env(1) command.

Untested:

xfilter 'env VARIABLE= /usr/local/bin/your-command'

-- 
Matthias Andree

Encrypt your mail: my GnuPG key ID is 0x052E7D95

Matthias Andree <ma+courm@...> writes:

> Courier User <courier@...> writes:
>
>> Even though maildrop appears to treat these two cases identically,
>> child processes invoked via xfilter and other means could have
>> problems with this.  This happens because environment variables are
>> inherited by child processes, which in the general case cannot be
>> counted on to look at these two instances as being equivalent ...
>> and in quite a few common cases, they do not.
> ...
>> Thoughts?
>
> Check out the env(1) command.
>
> Untested:
>
> xfilter 'env VARIABLE= /usr/local/bin/your-command'

Yes, this works.  And in fact, I'm already doing this as a workaround to
the current maildrop behavior.

However, I still think that it is misleading that the following
statement causes the environment variable to be deleted intead of
being bound to an empty string:

  VARIABLE=""

Also, it becomes quite unwieldy to use this 'env' method when there are
a number of variables that are set to "" ... each one has to be
mentioned multiple times: once in the maildroprc or .mailfilter file if
the variable is referenced there; and the second through n-th times
after 'env' on the command line of every xfilter command which might use
the variables.

It seems to me that it would be a lot clearer, and less in violation of
"The Principle of Least Surprise", if maildrop's behavior is changed
the way I described in my previous email.


-- 
 Courier User
 courier@...