Adjusting the tcprules files for qmail

Hi there,

Having installed the ucspi-tcp6-1.06.tgz, i noticed that tcprules ignores hosts and applies all the enviroment variable for all ( :allow...)

for example

if i have the tcp.submission file

x.x.x.x.x:allow,RBLSMTPD="",CHKUSER_WRONGRCPTLIMIT="3",SMTPD_GREETDELAY="0"

Then tcprules applies the rules to all hosts instead of x.x.x.x.x

I finaly managed to execute tcprules (ucspi-tcp6-1.02) , i produced the cdb and moved to the newest email server (ucspi-tcp6-1.06)

Is this a bug ?

And you didn't define a default rule at all? 

I don't know if it's a bug, we should look at the code to see what it does when a default rule is not defined... Anyway I think that defining a default rule such as

:allow

should be a good practice

i also tried with the

:allow

in the bottom of the file, but the result was the same.

Hosts are ignored and all the env variables are applied as if there were no hosts rules but just :allow

using ucspi-tcp6-1.02

# tcprulescheck tcp.submission.cdb
default:
allow connection

using ucspi-tcp6-1.06

# tcprulescheck tcp.submission.cdb
rule :
set environment variable RBLSMTPD=
set environment variable CHKUSER_WRONGRCPTLIMIT=3
set environment variable SMTPD_GREETDELAY=0
allow connection

you are not declaring TCPREMOTEIP, so it always prints the default rule. This is the usage as per man page:

# TCPREMOTEIP=1.2.3.4 tcprulescheck tcp.smtp.cdb  
rule 1.2.3.4: 
set environment variable RBLSMTPD= 
set environment variable SMTPD_GREETDELAY=0 
set environment variable RELAYCLIENT= 
allow connection

tcp.submission

x.x.x.x:allow,RBLSMTPD="",CHKUSER_WRONGRCPTLIMIT="3",SMTPD_GREETDELAY="0"
:allow

# TCPREMOTEIP=x.x.x.x tcprulescheck tcp.submission.cdb
rule :
set environment variable RBLSMTPD=
set environment variable CHKUSER_WRONGRCPTLIMIT=3
set environment variable SMTPD_GREETDELAY=0
allow connection

There is no host definition at all.

apparently this output is not compatible with your tcp source file, as that is not the default defined rule...

yes, that is the problem.

i did not missed anything during the qmail installation. I followed all the instructions in this web site.

Hopefully, i have an older installation of qmail and the other tools, as i referred in my first post and i can compile my tcprules there and move them back to the new one (new server)

did you recompile your tcprules after last modification?

#tcprules /home/vpopmail/etc/tcp.submission.cdb /home/vpopmail/etc/tcp.submission.cdb.tmp < /home/vpopmail/etc/tcp.submission

what i do whenever i make changes in  /home/vpopmail/etc/tcp.submission

i have followed all the instructions of this web site, page by page

did i miss something?

how can I know if you missed something :-)

Hello Roberto

Thanks for your job, you help many lost people, like me !

Is this line,

0.0.0.0:allow,RELAYCLIENT="",SMTPD_GREETDELAY="0" 

disable to all public internet IP, greetdelay effect ?

Is this disable greet delay, because you set to zero seconds ?

Thanks

Marco Varanda

It disables the greetdelay just for the mentioned IP 0.0.0.0 which is server's IP, because it has 0 value.

Edit: setting GREETDELAY in your tcp rules overwrites the default value in your qmail-smtpd run file

Sorry for insistence,

I think 0.0.0.0 is reference to any public IP.

In other words, if my IP try to send data before greetings, 0.0.0.0 will accept with no delay.

Am I wrong ?

- varanda

no, 0.0.0.0 is the IP of your localhost (if not sure you can google for it)