cyradm --auth login --user mailadmin localhost
Then do "cm user.
Possibly "sq user.
The user must also exist in /etc/passwd. It would be nice if we could use
Kerberos for authentication via the saslauthd.
If the system log shows errors about "DBERROR: skiplist recovery..." and
"DBERROR: opening /var/imap/user/e/erl.seen: cyrusdb error", resulting in
the history of read messages not being saved, then the correct course of
action is to delete the file (erl.seen in this case). The Cyrus system will
create a new history file, and everything should be OK.
Go to www.openrbl.org and look up the IP
address. One interesting thing to look for here is both why the server is
blacklisted (not always easy to figure out).
You might want to consider E-mailing the postmaster of the block E-mail server,
and letting them know that they are blacklisted, so that they can try to get
themselves removed from the list. This will help the cause of stopping spam by
keeping the blacklists accurate.
If the server is listed as an Open Relay (if for instance it is listed in the
ordb.org blacklist), then you probably don't want to white-list it, because the
server will forward mail from anybody in the world.
Also, on openrbl.org, you will see the something like:
To actually do the whitelisting, you need root priveliges. You need to edit the
file /etc/mail/access. I have sorted it by IP addresses, to keep it organized.
For the example case, you want to add a line that looks like:
You can also blacklist addresses by writing REJECT instead of OK
to blacklist addresses.
To make the changes in /etc/mail/access have effect, you have to run the
command:
You might also want to send an E-mail to postmaster to notify me that you have
made changes.
Mail is now handled by a Virtual Private Server (VPS) rented from Oderland. It runs exim4.
In addition to the SMTP port 25, this service also listens for SMTP connections on port 587. This is to be able to
circumvent IP providers blocking port 25.
The script update-exim4.conf generates the main configuration files /var/lib/exim4/config.autogenerated
for Exim v4 by merging the data in
the template file /etc/exim4/exim4.conf.template or the ones in the
/etc/exim4/conf.d directory tree respectively and
/etc/exim4/update-exim4.conf.conf to the output file
/var/lib/exim4/config.autogenerated.
We use update-exim4.conf.conf (not a split configuration). When the configuration files have been changed, run:
Restart the exim4 service with:
Fixing corrupt Cyrus IMAP databases
Letting mail through the spam filter
If an E-mail is blocked by the blacklist spam filters, you will get an
automatic E-mail (generated from /var/log/mail) saying something like:
Recipient xyzzy@lewin.nu:
Apr 18 21:17:21 From freevo-users-admin@lists.sourceforge.net relay sc8-sf-fw2.sourceforge.net:66.35.250.201]:
The key here is the relay's IP address (in this case 66.35.250.201). The name
(in this case sc8-sf-fw2.sourceforge.net) can be forged, but the IP address
should be accurate.
Lookup 66.35.250.201 (sc8-sf-fw2.sourceforge.net) in 21+11 Zones
AS: 66.35.192.0/18 AS3967 Exodus Communication Santa Clara/California
Net 66.35.192-255 EC95-1 Santa Clara, California @exodus.net
This shows the address block that the IP address belongs to. You can use
this information to decide if you want to whitelist only the exact IP address
that bounced, or the entire blocklist (the sender may for instance have several
mail servers with different IP addresses, and it's a nuisance if you let one
through, and then get a bounce again from another mail server with a slightly
different IP address.
66.35.250.201 OK
To whitelist only this exact server, or:
66.35.250 OK
To whitelist all IP addresses starting with 66.35.250. If you want to whitelist
all the IP addresses associated with exodus.net, you would have to add several
lines:
66.35.192 OK
66.35.193 OK
...
66.35.255 OK
Please add a comment (starting lines with '#') before the addresses you add
with your date, name, and reason of whitelisting. See the examples in the file.
cd /etc/mail
/usr/sbin/makemap btree access < access
The changes will then have immediate effect, you will not have to restart
sendmail.
Exim administration
Useful commands:
stratus.lewin.nu
Exim configuration
sudo update-exim4.conf
to update the configuration.
sudo service exim4 restart
Add a user with the following command:
sudo /usr/share/doc/exim4-base/examples/exim-adduser