Default gentoo qmail + vpopmail ebuilds allows mails for each domain defined /var/qmail/users/assign which is clearly not optimal when a mailbox does not exist. With the increase of spam lately this only generates more and more processing (since mail enters system: rbl check, spamd check, bounce message, rebounce because of very likely faked address). qmail-smtpd-chkusr patch (http://www.interazioni.it/qmail/) allows to check the existance of a mailbox at the qmail level, allowing a faster and still rfc compliant implementation. I was wondering if this patch has already been assessed to enter the portage tree to be incorporated in the qmail ebuild when vpopmail is already emerged.
i have no objections to the concept of chkusr, but the implementation is not suitable. the gentoo qmail package must be able to function WITHOUT vpopmail, and this patch is not suitable for that. somebody else has asked previously about such functionality (I can't find the bug number), and I said then that if somebody came up with an EXTENSIBLE system that didn't break under any cases, and could be easily configured for the many different methods possible, then I'd consider putting it in. it must support things both with and without vpopmail, all the qmail backends (mysql, ldap) and (ideally) be general enough that other MTAs could consider plugging it in without too much work.
Yes, I agree completely on you comment. I had searched bugentoo if someone submitted this type of request, but it seems to have dropped out of the database? I had thought you might answer like this, you are right. I will see if I can contact the author of the patch to see if he can some kind of other proggie that could sit between qmail & vpopmail. I was thinking about maybe re-writing his patch into a proggie similar to rblsmtpd, so it can be put in QMAIL_SMTP_PRE in /var/qmail/control/conf-smtpd. Would that make it generic enough you reccon?
So before I started writing my thingy, I stumbled upon the qmail-check-rcpt patch: https://mail.adirondack.net/phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=20 It seems to have been coded with Gentoo ebuilding in mind. I have read the patch (only 62 LOCs) which indeed wouldn't affect the vanilla qmail (much) at all. Imho this is not a worse implementation than the QMAILQUEUE variable solution used for qmail-scanner. It works in the exact same way. Solving the problem. I'm not sure if the vpopaccountexists should be put in the qmail ebuild, it probably belong more in the vpopmail build. I think this was a good enough reason to re-open this bug. My apologies if i was wrong, but I think this solves a major shortcoming of qmail+virtual mailboxes. Credits of course to the owner of the patch: pendor
My little patch made it to Gentoo's Bugzilla all on its own. Cool! I'd absolutely love to see my patch included in Portage. The qmail portion of things is 100% ready, I think. The vpopmail side (the check user binary) needs a little bit of help. I have some patches from users that would improve things a bit, but I'm not sure it properly handles all of the ways you can make qmail deliver mail. My present usage of the patch (on Gentoo) concentrates only on vpopmail accounts & database aliases plus .qmail-alias redirects. It also handles the catch-all account with a few caveats which are listed on the patch's home page. I think my qmail patches are quite ready for inclusion. It's been over a month now of solid mail delivery with them installed. Perhaps the check user binary could be added as a separate package, along with other future packages to check against other types of account databases. I'm entirely supportive of my patches going into Portage if anyone else is game. If for some reason the license I've released under doesn't work, let me know and I'll gladly pop it out under something else. Best regards to all, Zachary Bedell (aka pendor)
that is a lot closer to what I was looking for :-). i did originally have a client+server in mind, but this is a step better, as it's more flexible. (/me imagines a caching server that the vpopaccountexists tool can use).
Zachary: Here is something similar to yours I stubmled upon: http://netdevice.com/qmail/ It has a nice added feature of providing both the sender and recipient to the tester program, and does a nice temporary failure if the fork fails (I think this is better than just accepting the mail if the fork fails). Would you mind merging the two to create the best possible result?
Zachary: do you have any more checkuser binaries, for: - qmail local deliveries - [low priority] vmailmgr (I know vpopmail is better, but some still use it...)
Isn't the qmail-realrcptto an better patch for Gentoo? I also have the problem with alot of mail getting through that should easily be stopped with any checkuser patch out there. This one has nothing to do with vpopmail, but locals and virtualdomains. And doesn't seem to affect other stuff. "The qmail-realrcptto patch copies logic from qmail-send, qmail-lspawn, qmail-getpw, and qmail-local into qmail-smtpd and qmail-qmtpd, so that if a local delivery (i.e., one for a domain in /var/qmail/control/locals or virtualdomains) would eventually bounce due to a missing .qmail file, then that recipient address is rejected during the SMTP or QMTP protocol conversation. (This means that addresses which use the default delivery instructions are never rejected by this patch, because they would never be bounced due to the lack of a .qmail file.)" http://multivac.cwru.edu/qmail/ http://multivac.cwru.edu/qmail/qmail-1.03-realrcptto-2004.09.14.patch
See Bug 40486 for SPP (SMTP framework) for an ebuild with http://qmail-spp.sourceforge.net/ included.
i'm considering going with the SPP framework option for this, as all of the other ideas/implementations of chkusr/checkrcpt are trivial to implement within that framework. i'll mark this as a dupe of 40486 as that's the SPP framework bug. *** This bug has been marked as a duplicate of 40486 ***
Agreed :)
