Posts about qmail (old posts, page 2)

2006-04-12 18:30

RASCAN 0.1.0

Yet another little program.

In this case, it's called rascan, and it's a rewrite of Inter7's simscan.

What does it do? It easily hooks clamav and spamassassin into your qmail-smtpd setup, so you will not accept viruses in your server, and tag spam.

It still lacks some features, like bouncing messages based on spamassassin hits, or blocking attachments, but it has at least one feature simscan lacks (adding footers to messages).

It's still alpha, so I wouldn't put it on a production server, but it may even work ;-)

2006-04-09 00:16

The RA SPP Plugin collection

After a very long time, I have decided to make one of my projects public.

It's a collection of qmail plugins, to be used with qmail-spp for diverse purposes.

It's C code, which I don't quite like, but I think it doesn't suck too much.

2006-04-01 13:19

Fighting Spam with Qmail (part III)

A new story in the "Fighting Spam with Qmail" series, after an over two year hiatus.

This one is about RBLs, qmail and a great tool called qmail-spp.

2006-01-11 12:36

2006 resolution

I will make some of my work public.

The best candidate is one that will probably not appeal to anyone: my personal linux distro.

I have it, I use it all the time. It's not published yet, though, since it consists of a base CentOS + a lot of work.

So, I will try to make it systematic, call it an installer, and drop it on the unsuspecting audience.

Don't hold your breath, though.

Here are some of the features:

  • Server oriented. I use it for my clients' servers.
  • Qmail+courier+vpopmail+roundcube+spamassassin+clamav mail system.
  • Squid proxy+fwbuilder firewall
  • Smart for package management
  • runit-based boot/services.
  • KDE as a GUI. Accssible via FreeNX/secure VNC.
  • OpenVPN for simple VPN management.
  • Custom cherrypy-based admin tools
  • No SeLinux (sorry, it's a pain in the butt. Secure, but a pain).
  • Bacula for backups
  • Custom tool to back the whole disk to a bootable DVD (System Rescue DVD)
  • /etc in SVN+Trac (yes, really, and the admin tools force you to use it)
  • Probably djbdns for DNS.

All in all, it's a pretty ordinary CentOS-based thing, except that the switch to runit makes service management way simpler and regular ( you can do things like having a non-root user that can manage some services, yay!)

On the other hand, the cherrypy-based tools would probably need a bit of a rewrite, since some are pretty cruddy.

Mostly, I have been gathering these pieces over the last 6 years as I really don't like the way any of the Linux server distros are built.

I based it on CentOS because doing the whole distro by hand is way too much work.

I can probably show it around June, if I don't get too sidetracked. Hopefully, someone will read this list and tell me "but graxzst linux already does all that!" ;-)

2005-10-25 14:48

vmysql: sql error[3]: MySQL server has gone away

Well, I am in the middle of migrating a rather large mail server, using qmail+vpopmail+mysql+courier-imap.

And just when it's starting into production usage, we find the error in the title.

A lot.

Sadly, since that error indicates a failed MySQL query, it means you get stuff like random auth failures. Which sucks a lot.

Googling gave a lot of hints. But nothing would fix it.

Until.... lucky strike.

So, I will put my solution here for future googlers.

If you see this:

vmysql: sql error[3]: MySQL server has gone away
vmysql: sql error[3]: MySQL server has gone away
vmysql: sql error[3]: MySQL server has gone away
vmysql: sql error[3]: MySQL server has gone away
vmysql: sql error[3]: MySQL server has gone away

Do the following:

  1. Check if you are exceeding mysql's max_connections parameter. The default is 100.
  2. Check if your cpu can take the load. (No, don't look at the load average. Look at the CPU usage).
  3. Make really sure that vpopmail and courier-authlib are built using the exact mysql you have installed. No, it doesn't matter if it's the same version. Go, and rebuild the things!

That fixed it for me.

On other bizarre news about this server, I have low CPU usage (95% idle), low IO (iostat reports under 1MB/sec, 40 tps), yet I have a load that can go up to 120.

Yet, interactive response is fine.

Weird.

2005-04-06 23:59

Simple password validation

I am writing a sort of web-based admin tool for a client, and I had this problem: How do you validate a system user from a script?

Well, this is how:

def validPass(name,password):
     p=os.popen('/usr/bin/checkpassword-pam -s login -- /bin/true 3<&0','w')
     s='%s\000%s\000xxx\000'%(name,password)
     p.write(s)
     r=p.close()
     if r==None: #Success
             return True
     else:
             return False

Just get checkpassword-pam from somewhere.

Or, if you use some other sort of authentication scheme, some other checkpassword. They are meant for qmail, but they are very handy :-)

2004-12-23 12:19

Why equation evolution and religion is wrong

Be it evolution in general, micro-evolution or macro-evolution.

Let's start with Gervase's three points:

  • It's a basic position that you hold about the nature of reality that's not provable - it's a faith position.
  • It's something that you put your trust in, and live your life on the basis of.
  • It's something you urge others to believe as the truth.

Perhaps the third applies to evolution, The other two are garbage.

Let's start with the first one. There's this nifty concept called falsifiability (sorry about the spelling). Something is falsifiable if it can be proven false.

Things that are unfalsifiable are not apt for rational discussion, since the truth value behind the proposition is unknowable.

Here's an example of something that's unfalsifiable: there is a supreme being that commands the whole universe, yet is not part of it, and can not be contacted.

Here's something that's not: random mutations get selected by the environment to prosper.

That is, because it can be proven false. If there were no mutations, it would be false. If exposing diferent breeds to environments causes no differential in survival rate, it is proven false.

Yes, this is the micro-evolution Gervase accepts. Macro-evolution simply extrapolates from this generally accepted theory into a larger one. Is it the right one? Not sure.

There is no imaginable experiment that can prove the inexistence of god. That's why god's existence is a religious matter, and not a scientific one. The existence of microevolution can be seen, and even experimented (ask any guy that happens to have a few hundred fruit flies in a bottle).

As for macroevolution, well, as mpyne says, there is a thnkable experiment. And even if it isn't technically feasible, there can be a rational discussion, regarding the recombination sppeds, and radiation levels producing mutations, and volumes, and timescales.

So, discussing it is a rational process.

As for the second point: I doubt anyone lives his life based on evolution, although it can provide some reasonable tips about how to expect things to happen, but that's mostly reasoning by analogy.

Now religion.. one of its purposes is usually to describe how you should live.

So, what Gervase is describing is religion. And by his definition, evolution ain't.

Evolution theory may be wrong. That's ok. It happens to almost all theories in one way or another, usually they end replaced by a slightly evolved new version.

But religion? Well, dude, that's just another name for who the hell knows. If you accept religion as a premise, you are into voodoo land.

Maybe the universe only exists since 1987, and everything earlier is a thought in god's mind. Who knows? Presummably only him.

Maybe he's cranky and we all die and go to hell tomorrow. He's many things but not reasonable, as evidenced by his alleged handywork.

So, what's the point in arguing a subject where no rational discourse is appropiate, a subject which is the very basis of irrational discourse?

I have no idea. That's why I'm an agnostic.

2004-06-16 11:21

Very hacked-up qmail

I have been installing qmail servers for a while.

I started by using Buruce Guenter's untroubled qmail+patches RPM set, which was good, but he seems to have abandoned them.

In the last year or so, I have kept working on them, and now they are somewhat more heavily patched.

I have added:

  • quota (bounce over-quota immediately)
  • realrcptto (bounce immediately unexistant addresses)
  • tarpitting (add delays over n recipients)
  • errno patch (to make it build on RH 9 or later)
  • smtp auth+tls (well, smtp auth and TLS ;-)

And miscelaneous changes to the default config so that, for example smtpsuth simply works by default.

I think this is probably the easiest way to install a traditional multi-UID qmail on Red Hat-like systems.

It has been a little (not too much) work, because when you pile patch over patch over patch, usually the third one doesn't apply, and this patchset has 22 patches in it.

But... the qmail source is pretty clean for C!

I think I am going to put it on sf.net or somesuch.

2004-06-04 21:51

Late congress report

Last week, I gave a conference [1] about KDE in the first free software congress of Argentina.

I can't even remember how many "first(whatever)linux" of "first(whatever)free software(mumble)" events I have attended. one of these days, I expect to attend a second, and in a decade or so a third, but it seems orgnizing one of these things, even when they work nicely, is tiring work.

This one was organized by Usuaria, a non-profit for computing diffusion [2] , and they had some interesting sponsors, including Red Hat, Sun, and Microsoft.

Yes, that Microsoft.

Sadly, I couldn't assist the conference by the MS executive, because I missed about half of the congress for work.

My KDE stuff was shown at a smaller room, about 35/40 people. Since there was very little time (45 minutes) and I wanted to keep some for Q&A, I mostly showed simple stuff, like DCOP, some of the new apps, like Quanta.

I spoke a lot about rather the philosophical thrust of KDE development, how KDE tends to search for a technological solution to the UI problems, on the grounds that later, when everyone is using the API, if the UI changes and the API doesn't everyone wins.

Nothing special, really, and not one of my best ones, so my earlier nerviosism was warranted ;-)

I attended some other conferences, I remember one about comparing MTAs (he called Qmail difficult, so I didn't like it much ;-), one about Free Software economics by a guy from Maastricht [3] which was quite good.

Another one was by a Novell executive, who spoke about J2EE and .NET from a free software perspective.

Or rather, spoke about J2EE for a while, then mentioned Mono because he was running out of time ;-)

I met my third KDE developer! [4] Pupeno was there. Pupeno: you look like a younger, redheaded RMS. And your pants made me dizzy.

I couldn't tell you that personally. I like them :-)

I could tell this was a Linux even because hlf the people there had longer hair and/or longer beards than I do, when in regular events it's unlikely 10% do.

Met a few of the old fellows from my LUG in Santa Fe, one of them seems to enjoy suits now ;-)

But I bet since a few paragraphs above everyone is still having the word Microsoft bouncing in his head.

Yes, they were a sponsor. Further: they were, by far, the largest one.

I got a Microsoft pen, a copy of Unix Services for Unix, a brochure, and a canvas bag with Microsoft's logo embroidered.

Said bag is now the bed of my new kitten, Nini, which I adopted monday (but that's another story).

UPDATE: Someone who was there reminded me that I also got a box containing a fairly nice tukey sandwich, a brownie, and a small bottle of coca cola, so, thank you, Microsoft!

And no, I didn't have to sign anything to get the sandwich, not a NDA, not a license, and no, it wasn't wrapped in a bag saying "if you open this bag you agree..."

[1] Is there a less pretentious word in english for this? In spanish I say I give a "charla" which means a conversation, a chat. Of course in english that's not right.
[2] No, I don't know what they do, although I gave classes in their classrooms for 6 months)
[3] Where D'Artagnan died (if he had existed, of course)
[4] Yes, I have only ever met three guys involved in KDE development. That makes one every 1.5 years.

Contents © 2000-2018 Roberto Alsina