Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Qmail>
  3. users
s/qmail vs qmail with John Simpson's combined patch
niamh at fullbore
Jan 27, 2019, 6:14 AM
Post #1 of 15 (4240 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Hello,

Currently in the process of replacing a server that was running qmail with
John Simpson's combined patch.

As far as I can tell John's combined patch is no longer being maintained
https://qmail.jms1.net/patches/combined-details.shtml so I'm wondering
whether s/qmail would be a suitable replacement in terms of functionality
and management?

We're currently using greylisting and on some sending IP addresses Bruce
Guenter's qmail-qfilter.

Don't think there's anything else out of the ordinary in the run scripts.

- --
Best regards,
Niamh mailto:niamh@fullbore.co.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iEYEARECAAYFAlxNvMYACgkQjFUB2JvnEPnHzACgmX2fhIst/EBNeP9lyjl33ct4
mn0An10S/+9MIt4wtLJzMgluPgRhhGyW
=uLte
-----END PGP SIGNATURE-----
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
niamh at fullbore
Feb 6, 2019, 5:18 AM
Post #2 of 15 (4228 views)
Permalink
NH> Currently in the process of replacing a server that was running qmail with
NH> John Simpson's combined patch.

NH> As far as I can tell John's combined patch is no longer being maintained
NH> https://qmail.jms1.net/patches/combined-details.shtml so I'm wondering
NH> whether s/qmail would be a suitable replacement in terms of functionality
NH> and management?

NH> We're currently using greylisting and on some sending IP addresses Bruce
NH> Guenter's qmail-qfilter.

NH> Don't think there's anything else out of the ordinary in the run scripts.

No one have a view?

--
Best regards,
Niamh mailto:niamh@fullbore.co.uk
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
feh at fehcom
Feb 6, 2019, 10:10 AM
Post #3 of 15 (4228 views)
Permalink
Hi Niamh,

since I'm the author of s/qmail ... I'm not entitled to give an advice..

What I get from my users however, is this:

- Switching to a different 'platform' requires a steep learning curve.
- Processes and scripts/setup needs to be accustomed.

I tried to keep binary + API compatibility as close as possible to vanilla qmail.
But for the rest ...

Thus: Do some tests on a VM and get accustomed to s/qmail. Your own experience is certainly the most reliable source.

Regards.
--eh.

PS. Currently, I'm working on release 3.4.



> Am 06.02.2019 um 14:18 schrieb Niamh Holding <niamh@fullbore.co.uk>:
>
>
> NH> Currently in the process of replacing a server that was running qmail with
> NH> John Simpson's combined patch.
>
> NH> As far as I can tell John's combined patch is no longer being maintained
> NH> https://qmail.jms1.net/patches/combined-details.shtml so I'm wondering
> NH> whether s/qmail would be a suitable replacement in terms of functionality
> NH> and management?
>
> NH> We're currently using greylisting and on some sending IP addresses Bruce
> NH> Guenter's qmail-qfilter.
>
> NH> Don't think there's anything else out of the ordinary in the run scripts.
>
> No one have a view?
>
> --
> Best regards,
> Niamh mailto:niamh@fullbore.co.uk
>
>

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id 7E4034BE
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
jjohnstone at tridentusa
Feb 6, 2019, 10:29 AM
Post #4 of 15 (4228 views)
Permalink
On 2/6/19 8:18 AM, Niamh Holding wrote:
>
> NH> Currently in the process of replacing a server that was running qmail with
> NH> John Simpson's combined patch.
>
> NH> As far as I can tell John's combined patch is no longer being maintained
> NH> https://qmail.jms1.net/patches/combined-details.shtml so I'm wondering
> NH> whether s/qmail would be a suitable replacement in terms of functionality
> NH> and management?
>
> NH> We're currently using greylisting and on some sending IP addresses Bruce
> NH> Guenter's qmail-qfilter.
>
> NH> Don't think there's anything else out of the ordinary in the run scripts.
>
> No one have a view?

I meant to respond awhile ago so the prompt was worthwhile.

I've been evaluating s/qmail and so far it looks good. Some features of
the combined patch aren't available in s/qmail but of course there are
other features unique to s/qmail. In my case there has been enough
similarity so far that it's been a fairly straightforward process.

If you haven't subscribed, there is a s/qmail mailing list.

-
John J.
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
schmonz at schmonz
Feb 6, 2019, 10:35 AM
Post #5 of 15 (4228 views)
Permalink
On 27 Jan 2019, at 9:14, Niamh Holding wrote:

> Currently in the process of replacing a server that was running qmail
> with
> John Simpson's combined patch.
> [...]
> We're currently using greylisting and on some sending IP addresses
> Bruce
> Guenter's qmail-qfilter.

I haven't used either John Simpson's patch or s/qmail, so can't directly
answer your question. s/qmail might well suit your needs.

I can suggest that you get pkgsrc and try its qmail-run. greylisting-spp
and qmail-qfilter are both included and very easily enabled. The package
probably supports your host OS:
https://schmonz.com/qmail/pkgsrc-qmail-run/

If you do try it, let us know how it goes.

- Amitai
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
muir at fastmail
Feb 6, 2019, 10:50 AM
Post #6 of 15 (4228 views)
Permalink
On Wed, Feb 6, 2019, at 12:01 PM, Niamh Holding wrote:
> NH> Currently in the process of replacing a server that was running qmail with
> NH> John Simpson's combined patch.
>
> NH> As far as I can tell John's combined patch is no longer being maintained
> NH> https://qmail.jms1.net/patches/combined-details.shtml so I'm wondering
> NH> whether s/qmail would be a suitable replacement in terms of functionality
> NH> and management?
>
> NH> We're currently using greylisting and on some sending IP addresses Bruce
> NH> Guenter's qmail-qfilter.
>
> NH> Don't think there's anything else out of the ordinary in the run scripts.
>
> No one have a view?

If you're replacing a server running qmail and want something very close to it but with modern features, I'd check out Amitai Schleier's qmail patches:

https://schmonz.com/qmail/

Lewis
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
niamh at fullbore
Feb 7, 2019, 12:44 AM
Post #7 of 15 (4227 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello Erwin,

Wednesday, February 6, 2019, 6:10:56 PM, you wrote:

EH> since I'm the author of s/qmail ... I'm not entitled to give an advice..

Sure, but can s/qmail do what I'm currently doing-

greylisting
qmail-qfilter

And just remembered-

greetdelay

- --
Best regards,
Niamh mailto:niamh@fullbore.co.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iEYEARECAAYFAlxb8AkACgkQjFUB2JvnEPktzwCfZhP+p2mcncRG5lGShOsLaYyK
GLMAoOwalVVsHLNdlCaPzm54eHah8XPw
=L/NP
-----END PGP SIGNATURE-----
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
niamh at fullbore
Feb 7, 2019, 12:48 AM
Post #8 of 15 (4227 views)
Permalink
Hello Amitai,

Wednesday, February 6, 2019, 6:35:53 PM, you wrote:

AS> I can suggest that you get pkgsrc and try its qmail-run.

"If you?re looking to run qmail without adopting DJB?s daemon-supervision
lifestyle"

I'm not, I'm used to doing the run scripts the DJB way.

--
Best regards,
Niamh mailto:niamh@fullbore.co.uk
RE: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
thibs at thibs
Feb 7, 2019, 1:50 AM
Post #9 of 15 (4226 views)
Permalink
Hello,

>Some features of the combined patch aren't available in s/qmail

For my information which features exist in Simpson's patch that do not exist is s/qmail ?

Best Regards

Thibault
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
feh at fehcom
Feb 7, 2019, 2:44 AM
Post #10 of 15 (4226 views)
Permalink
Hi,

just having a quick look on JMS web site:

https://qmail.jms1.net

> Am 07.02.2019 um 10:50 schrieb Thibault Richard <thibs@thibs.com>:
>
> Hello,
>
>> Some features of the combined patch aren't available in s/qmail
>
> For my information which features exist in Simpson's patch that do not exist is s/qmail ?

From the usage point of view, it is the 'validrcptto' instead of s/qmail+Spamcontrol's 'recipients' extension.

However, given my additional

https://www.fehcom.de/sqmail/man/qmail-vmailuser.html

add-on, the difference is purely convenience.

Regards.
--eh.

PS: I don't know, if the JMS patch collection supports TLS 1.3 on both sides.

>
> Best Regards
>
> Thibault
>
>

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id 7E4034BE
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
schmonz at schmonz
Feb 7, 2019, 4:56 AM
Post #11 of 15 (4226 views)
Permalink
On 7 Feb 2019, at 3:48, Niamh Holding wrote:

> "If you’re looking to run qmail without adopting DJB’s
> daemon-supervision
> lifestyle"
>
> I'm not, I'm used to doing the run scripts the DJB way.

That's a fair reading, so I've fixed the text. You can freely ignore
qmail-run's rc.d scripts and take advantage of the other stuff it
provides, including daemontools.

There may well be plenty of other reasons pkgsrc and/or qmail-run aren't
a fit for you, but I promise this isn't one. :-)

- Amitai
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
feh at fehcom
Feb 7, 2019, 6:52 AM
Post #12 of 15 (4226 views)
Permalink
Hi,

same with s/qmail ;-)

Actually, I've included some description to make it run using Poettering's systemd :-)

Regards.
--eh.

> Am 07.02.2019 um 13:56 schrieb Amitai Schleier <schmonz@schmonz.com>:
>
> On 7 Feb 2019, at 3:48, Niamh Holding wrote:
>
>> "If you’re looking to run qmail without adopting DJB’s daemon-supervision
>> lifestyle"
>>
>> I'm not, I'm used to doing the run scripts the DJB way.
>
> That's a fair reading, so I've fixed the text. You can freely ignore qmail-run's rc.d scripts and take advantage of the other stuff it provides, including daemontools.
>
> There may well be plenty of other reasons pkgsrc and/or qmail-run aren't a fit for you, but I promise this isn't one. :-)
>
> - Amitai
>

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id 7E4034BE
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
amb-sendok-1552320242.khghpggmhgfhffoldmoe at bradfo
Feb 9, 2019, 8:04 AM
Post #13 of 15 (4214 views)
Permalink
Thus said Niamh Holding on Thu, 07 Feb 2019 08:44:49 +0000:

> And just remembered-
>
> greetdelay

Speaking of greetdelay, from my statistics it still seems like a fairly
effective method as 17.9% of all connections in my environment hit it. I
use two delays, a 10 second and a 30 second, however, I'm not able to
easily distinguish which is more effective without additional work.

Of those that hit a greet delay problem, 8.3% disconnect prematurely,
and 91.6% are dropped because they sent data before the banner was
presented.

Andy
--
TAI64 timestamp: 400000005c5efa17
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
niamh at fullbore
Feb 10, 2019, 12:47 AM
Post #14 of 15 (4214 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello Andy,

Saturday, February 9, 2019, 4:04:02 PM, you wrote:

AB> Speaking of greetdelay, from my statistics it still seems like a fairly
AB> effective method as 17.9% of all connections in my environment hit it. I
AB> use two delays, a 10 second and a 30 second, however, I'm not able to
AB> easily distinguish which is more effective without additional work.

AB> Of those that hit a greet delay problem, 8.3% disconnect prematurely,
AB> and 91.6% are dropped because they sent data before the banner was
AB> presented.

Are you implementing that with s/qmail?

- --
Best regards,
Niamh mailto:niamh@fullbore.co.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iEYEARECAAYFAlxf5TwACgkQjFUB2JvnEPn0oACg+eA9LLGomvMDY7WulkYKHL21
UU0AoOKOrNpMGXbE9uhGxlVQFeNI/FzI
=u1Q5
-----END PGP SIGNATURE-----
Re: s/qmail vs qmail with John Simpson's combined patch [ In reply to ]
feh at fehcom
Feb 10, 2019, 6:23 AM
Post #15 of 15 (4214 views)
Permalink
Hi Niamh,

> Am 10.02.2019 um 09:47 schrieb Niamh Holding <niamh@fullbore.co.uk>:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello Andy,
>
> Saturday, February 9, 2019, 4:04:02 PM, you wrote:
>
> AB> Speaking of greetdelay, from my statistics it still seems like a fairly
> AB> effective method as 17.9% of all connections in my environment hit it. I
> AB> use two delays, a 10 second and a 30 second, however, I'm not able to
> AB> easily distinguish which is more effective without additional work.
>
> AB> Of those that hit a greet delay problem, 8.3% disconnect prematurely,
> AB> and 91.6% are dropped because they sent data before the banner was
> AB> presented.
>
> Are you implementing that with s/qmail?

Greetdelay comes with my rblsmtpd implementation as part of ucspi-tcp6.

It can bei used with any version of qmail.


https://www.fehcom.de/ipnet/ucspi-tcp6.html

Best reagards.
--eh.

>
> - --
> Best regards,
> Niamh mailto:niamh@fullbore.co.uk
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
>
> iEYEARECAAYFAlxf5TwACgkQjFUB2JvnEPn0oACg+eA9LLGomvMDY7WulkYKHL21
> UU0AoOKOrNpMGXbE9uhGxlVQFeNI/FzI
> =u1Q5
> -----END PGP SIGNATURE-----
>
>

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id 7E4034BE

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal