From Jules at Zend.To Thu Nov 1 12:10:48 2018 From: Jules at Zend.To (Jules Field) Date: Thu, 1 Nov 2018 12:10:48 +0000 Subject: [ZendTo] Issue with ZendTo AD authentication In-Reply-To: References: Message-ID: My top immediate guess would be to try removing the ":3268" from the names of your AD servers in authLDAPServers1. Cheers, Jules. On 01/11/2018 12:01, Igor David wrote: > Hi All, > > We are using ZendTo actively with AD authentication and it works well > for a few years. > > However, we are installing new ZendTo system on AWS EC2 instance > (trying with Ubuntu 18.4, Amazon Linux 2018.03 and RedHat7.5 distros) > which we can't make to work with AD authentication. > > This is our existing preferences.php (OURDOMAIN, USERNAME and PASSWORD > are replaced): > > *?'authenticator' => 'AD', > 'authLDAPBaseDN1' => 'DC=OURDOMAIN,DC=com', > 'authLDAPServers1' => array('AD_SERVER1:3268','AD_SERVER2:3268'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPOrganization1' => 'OUR ORGANIZATION', > 'authLDAPBaseDN2' => 'DC=soton,DC=ac,DC=uk', > 'authLDAPServers2' => array(), > 'authLDAPAccountSuffix2' => '@soton.ac.uk ', > 'authLDAPUseSSL2' => false, > 'authLDAPBindUser2' => 'SecretUsername2', > 'authLDAPBindPass2' => 'SecretPassword2', > 'authLDAPOrganization2' => 'University of Southampton',* > > > in that case, we can't connect and are getting an error on ZendTo > front-end page: > > /LDAP Error > ??? Check User: Unable to connect to any of the authentication > servers; could not authenticate user. Please notify the system > administrator. > ??? Authentication Error > ??? The username or password was incorrect./ > > Apache error: > > /[Thu Nov 01 11:28:32.666278 2018] [php7:warn] [pid 1397] [client > 10.254.48.252:58828 ] PHP Warning: > ldap_connect(): Could not create session handle: Bad parameter to an > ldap routine in /opt/zendto/lib/NSSADAuthenticator.php on line 527/ > > Zendto log: > > /2018-11-01 11:28:32 10.254.48.252 [ZendTo]: Warning: authorization > failed for USERNAME/ > > > We have also tried to remove ports in server names like this > > *'authenticator' => 'AD', > 'authLDAPBaseDN1' => 'DC=OURDOMAIN,DC=com', > 'authLDAPServers1' => array('AD_SERVER1','AD_SERVER2'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPOrganization1' => 'OUR ORGANIZATION', > 'authLDAPBaseDN2' => 'DC=soton,DC=ac,DC=uk', > 'authLDAPServers2' => array(), > 'authLDAPAccountSuffix2' => '@soton.ac.uk ', > 'authLDAPUseSSL2' => false, > 'authLDAPBindUser2' => 'SecretUsername2', > 'authLDAPBindPass2' => 'SecretPassword2', > 'authLDAPOrganization2' => 'University of Southampton',* > > > then we got just the following error on ZendTo webpage: > > > /Authentication Error/ > > /The username or password was incorrect./ > > > and no errors in Apache, Zendto log: > > /2018-11-01 11:32:56 10.254.48.252 [ZendTo]: Warning: authorization > failed for USERNAME/ > > > > > We have tried it also like this: > > *'authenticator' => 'AD', > 'authLDAPBaseDN1' => 'DC=OURDOMAIN,DC=com', > 'authLDAPServers1' => array('AD_SERVER1:3268','AD_SERVER2:3268'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPBaseOrganization1' => 'OUR ORGANIZATION', > 'authLDAPBaseDN2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPServers2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPAccountSuffix2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPUseSSL2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBindUser2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBindPass2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBaseOrganization2' => '', > //??? Leave blank if not using a 2nd forest. * > > It throws message on Zendto front-end page but keep users marked as > logged in: > > LDAP Error > > /Check User: Unable to connect to any of the authentication servers; > could not authenticate user. Please notify the system administrator./ > > > > Apache error: > / > / > /[Thu Nov 01 11:12:11.381516 2018] [php7:warn] [pid 903] [client > 10.254.48.252:58118 ] PHP Warning: > ldap_connect(): Could not create session handle: Bad parameter to an > ldap routine in /opt/zendto/lib/NSSADAuthenticator.php on line 527/ > > ZendTo log: > > /2018-11-01 11:13:56 10.254.48.252 [ZendTo]: Info: authorization > succeeded for USERNAME > 2018-11-01 11:13:56 10.254.48.252 [ZendTo]: Info: user authentication > verified user as 'USERNAME'/ > > > Also when we change AD servers like this (servers without :3268 at the > end): > > *'authenticator' => 'AD', > 'authLDAPBaseDN1' => 'DC=OURDOMAIN,DC=com', > 'authLDAPServers1' => array('AD_SERVER1','AD_SERVER2'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPBaseOrganization1' => 'OUR ORGANIZATION', > 'authLDAPBaseDN2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPServers2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPAccountSuffix2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPUseSSL2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBindUser2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBindPass2' => '', > //??? Leave blank if not using a 2nd forest. > 'authLDAPBaseOrganization2' => '', > //??? Leave blank if not using a 2nd forest. * > > > > then ANYONE can login and there is no ZendTo front end or Apache error. > > This is zendto.log in that case: > > /2018-11-01 11:18:17 10.254.48.252 [ZendTo]: Info: authorization > succeeded for USERNAME > 2018-11-01 11:18:17 10.254.48.252 [ZendTo]: Info: user authentication > verified user as USERNAME/ > > > When we try like this: > > *'authenticator' => 'AD', > 'authLDAPBaseDN1' => array('DC=OURDOMAIN,DC=com'), > 'authLDAPServers1' => array('AD_SERVER:3268'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPOrganization1' => 'OUR ORGANIZATION',* > > Then ANYONE can login but with the error on front-end Zendto page: > > > /LDAP Error/ > > /Check User: Unable to connect to any of the authentication servers; > could not authenticate user. Please notify the system administrator./ > > > Apache error: > > /[Thu Nov 01 11:49:21.846106 2018] [php7:warn] [pid 1397] [client > 10.254.48.252:59694 ] PHP Warning:? > ldap_connect(): Could not create session handle: Bad parameter to an > ldap routine in /opt/zendto/lib/NSSADAuthenticator.php on line 527/ > > zendto.log: > > /2018-11-01 11:49:21 10.254.48.252 [ZendTo]: Info: authorization > succeeded for USERNAME > 2018-11-01 11:49:21 10.254.48.252 [ZendTo]: Info: user authentication > verified user as 'USERNAME'/ > > > IF we try like this (without :3268 for server): > > *'authenticator' => 'AD', > 'authLDAPBaseDN1' => array('DC=OURDOMAIN,DC=com'), > 'authLDAPServers1' => array('AD_SERVER:'), > 'authLDAPAccountSuffix1' => '@OURDOMAIN.com', > 'authLDAPUseSSL1' => false, > 'authLDAPBindUser1' => 'USERNAME', > 'authLDAPBindPass1' => 'PASSWORD', > 'authLDAPOrganization1' => 'OUR ORGANIZATION', * > > then ANYONE can login and no error on Frontend Zendto page, no Apache > error, zendto log: > > /2018-11-01 11:55:17 10.254.48.252 [ZendTo]: Info: user authentication > verified user as 'USERNAME'/ > > > We have checked https://zend.to/activedirectory.php and I can query > LDAP with the command: > > /ldapsearch -x -LLL -E pr=200/noprompt -h AD_SERVER1:3268 -D > 'USERNAME' -w 'PASSWORD' -b 'DC=OURDOMAIN,DC=com' -s sub > '(sAMAccountName=*)' cn mail memberOf/ > > > Our software versions: > > PHP: 7.2.10 > Apache: 2.4.6 > Zendto: Version 5.15-1 > > Did anyone had the same issue maybe, is there any solution, does > anyone have configuration example for AD authentication? > > Thanks in advance! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'In Flanders fields the poppies blow Between the crosses, row on row, That mark our place: and in the sky The larks still bravely singing fly Scarce heard amid the guns below. We are the dead: Short days ago, We lived, felt dawn, saw sunset glow, Loved and were loved: and now we lie In Flanders fields! Take up our quarrel with the foe To you, from failing hands, we throw The torch: be yours to hold it high If ye break faith with us who die, We shall not sleep, though poppies grow In Flanders fields.' Lieutenant Colonel John McCrae Composed at the battlefront on May 3, 1915 during the second battle of Ypres, Belgium www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Thu Nov 1 16:29:40 2018 From: Jules at Zend.To (Jules Field) Date: Thu, 1 Nov 2018 16:29:40 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <8ede9f8c-b5df-df2e-4c24-9cf2403e45ad@Zend.To> Message-ID: Travis, If the students enter their entire email address (username at my.fsu.edu) into the ZendTo login "username" box, then set ??? 'authIMAPDomain' => '', in preferences.php. If they just enter their username, then something more subtle is happening which I will need to investigate further. Please let me know if that helps. Cheers, Jules. On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: > I realized I should mention that we are using e-mail addresses to login > to our ZendTo service to differentiate between our two domains. Don't > know if that would effect how e-mails are sent. Doesn't seem to be a > problem for our faculty/staff (AD, username at fsu.edu), just the students > (IMAP, username at my.fsu.edu). > > ------------------------------------------------------------------- > Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 > Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu > Information Technology Services, Florida State University > > On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >> I tried to use my university's AD for the students (there is a previous >> e-mail I sent to the ZendTo mailing list about a week ago), but due to >> how our Microsoft Admins configured it they needed to use an alternate >> attribute. >> >> Yes. When I login to LDAP or AD and drop off a file, the e-mail sent to >> the recipient will show my e-mail address in the From field. If I login >> using the IMAP auth the From field lists the servers default e-mail from >> zendto.conf and the Reply-To field has the IMAP account's e-mail address. >> >> ------------------------------------------------------------------- >> Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>> Travis, >>> >>> If you are authenticating users against Office365, then why not do >>> that with AD? >>> I don't quite see why you need to use the IMAP authenticator at all. >>> If it's a separate AD forest for some reason, then that's okay, ZendTo >>> will happily do 3 different AD forests with independent setups. >>> >>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>> LDAP or AD, but doesn't if they login via IMAP? >>> >>> What we do here for the "From" address is use an address whose email >>> is just automatically trashed, ie. a "no-reply" address. Then >>> automated stuff that is replying (incorrectly) to the "From:" or >>> (validly/correctly) to the envelope sender will just be thrown away. >>> Any human-generated replies will go to the right user. >>> >>> Thanks for the info about the option you need to pass to O365. I guess >>> that's going to need yet another preferences.php setting. >>> >>> Cheers, >>> Jules. >>> >>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>> I configured the IMAP authentication to allow my university's students >>>> to login to our ZendTo server, but when they drop off files the From >>>> field is showing the e-mail address configured in zendto.conf instead of >>>> the student's address. The student's address ends up in the Reply-To >>>> field, which normally wouldn't be a problem except sometimes automated >>>> systems reply back to the drop off e-mails and they ignore the Reply-To. >>>> >>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP or AD >>>> appear to work as expected. >>>> >>>> BTW I am using the IMAP authentication with Office365 and in order to >>>> get it to login correctly I had to change the imap_open line. >>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, $password, >>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>> >>>> So don't know if you want to add this to the documentation somewhere or >>>> incorporate into the NSSIMAPAuthenticator code. >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> _______________________________________________ >>>> ZendTo mailing list >>>> ZendTo at zend.to >>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>> >>> Jules >>> >> _______________________________________________ >> ZendTo mailing list >> ZendTo at zend.to >> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'A committee is a group of the unwilling, chosen from the unfit, to do the unnecessary.' - Anon www.Zend.To Twitter: @JulesFM From TZimmerman at fsu.edu Thu Nov 1 16:33:40 2018 From: TZimmerman at fsu.edu (Travis Zimmerman) Date: Thu, 1 Nov 2018 16:33:40 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <8ede9f8c-b5df-df2e-4c24-9cf2403e45ad@Zend.To> Message-ID: Yup, that's what I have authIMAPDomain set to already. ------------------------------------------------------------------- Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu Information Technology Services, Florida State University On 11/1/18 12:29 PM, Jules Field wrote: > Travis, > > If the students enter their entire email address (username at my.fsu.edu) > into the ZendTo login "username" box, then set > ??? 'authIMAPDomain' => '', > in preferences.php. > > If they just enter their username, then something more subtle is > happening which I will need to investigate further. > > Please let me know if that helps. > > Cheers, > Jules. > > On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >> I realized I should mention that we are using e-mail addresses to login >> to our ZendTo service to differentiate between our two domains. Don't >> know if that would effect how e-mails are sent. Doesn't seem to be a >> problem for our faculty/staff (AD, username at fsu.edu), just the students >> (IMAP, username at my.fsu.edu). >> >> ------------------------------------------------------------------- >> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>> I tried to use my university's AD for the students (there is a previous >>> e-mail I sent to the ZendTo mailing list about a week ago), but due to >>> how our Microsoft Admins configured it they needed to use an alternate >>> attribute. >>> >>> Yes. When I login to LDAP or AD and drop off a file, the e-mail sent to >>> the recipient will show my e-mail address in the From field. If I login >>> using the IMAP auth the From field lists the servers default e-mail >>> from >>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>> address. >>> >>> ------------------------------------------------------------------- >>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>> Information Technology Services, Florida State University >>> >>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>> Travis, >>>> >>>> If you are authenticating users against Office365, then why not do >>>> that with AD? >>>> I don't quite see why you need to use the IMAP authenticator at all. >>>> If it's a separate AD forest for some reason, then that's okay, ZendTo >>>> will happily do 3 different AD forests with independent setups. >>>> >>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>>> LDAP or AD, but doesn't if they login via IMAP? >>>> >>>> What we do here for the "From" address is use an address whose email >>>> is just automatically trashed, ie. a "no-reply" address. Then >>>> automated stuff that is replying (incorrectly) to the "From:" or >>>> (validly/correctly) to the envelope sender will just be thrown away. >>>> Any human-generated replies will go to the right user. >>>> >>>> Thanks for the info about the option you need to pass to O365. I guess >>>> that's going to need yet another preferences.php setting. >>>> >>>> Cheers, >>>> Jules. >>>> >>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>> I configured the IMAP authentication to allow my university's >>>>> students >>>>> to login to our ZendTo server, but when they drop off files the From >>>>> field is showing the e-mail address configured in zendto.conf >>>>> instead of >>>>> the student's address. The student's address ends up in the Reply-To >>>>> field, which normally wouldn't be a problem except sometimes >>>>> automated >>>>> systems reply back to the drop off e-mails and they ignore the >>>>> Reply-To. >>>>> >>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP or AD >>>>> appear to work as expected. >>>>> >>>>> BTW I am using the IMAP authentication with Office365 and in order to >>>>> get it to login correctly I had to change the imap_open line. >>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>> $password, >>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>> >>>>> So don't know if you want to add this to the documentation >>>>> somewhere or >>>>> incorporate into the NSSIMAPAuthenticator code. >>>>> >>>>> ------------------------------------------------------------------- >>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>> Information Technology Services, Florida State University >>>>> >>>>> _______________________________________________ >>>>> ZendTo mailing list >>>>> ZendTo at zend.to >>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>> >>>>> >>>> Jules >>>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>> >> _______________________________________________ >> ZendTo mailing list >> ZendTo at zend.to >> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >> > > Jules > From TZimmerman at fsu.edu Thu Nov 1 18:56:45 2018 From: TZimmerman at fsu.edu (Travis Zimmerman) Date: Thu, 1 Nov 2018 18:56:45 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> Message-ID: I don't know if I'm reading this correctly but I think maybe the problem is having the two domains and this part of the code. ????????? // If the sender domain and the from domain are the same ????????? // (and not blank, which signifies something went wrong!), ????????? // we can safely overwrite the From we set above, without ????????? // causing SPF/DKIM/DMARC problems. ????????? if ($senderDomain !== '' && ????????????? strcasecmp($senderDomain, $fromDomain) == 0) Could a possible solution be to switch from a strcasecmp to substring test or maybe a regex testing if the $senderDomain is part of the end of the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC problem. endswith($fromDomain, $senderDomain); function endswith($from, $sender) { ??? $fromlen = strlen($from); ??? $senderlen = strlen($sender); ??? if ($testlen > $strlen) return false; ??? return substr_compare($from, $sender, $fromlen - $senderlen, $senderlen) === 0; } This is just a code snippet I googled up and haven't tested. ------------------------------------------------------------------- Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu Information Technology Services, Florida State University On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: > Yup, that's what I have authIMAPDomain set to already. > > ------------------------------------------------------------------- > Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 > Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu > Information Technology Services, Florida State University > > On 11/1/18 12:29 PM, Jules Field wrote: >> Travis, >> >> If the students enter their entire email address (username at my.fsu.edu) >> into the ZendTo login "username" box, then set >> ??? 'authIMAPDomain' => '', >> in preferences.php. >> >> If they just enter their username, then something more subtle is >> happening which I will need to investigate further. >> >> Please let me know if that helps. >> >> Cheers, >> Jules. >> >> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>> I realized I should mention that we are using e-mail addresses to login >>> to our ZendTo service to differentiate between our two domains. Don't >>> know if that would effect how e-mails are sent. Doesn't seem to be a >>> problem for our faculty/staff (AD, username at fsu.edu), just the students >>> (IMAP, username at my.fsu.edu). >>> >>> ------------------------------------------------------------------- >>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>> Information Technology Services, Florida State University >>> >>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>> I tried to use my university's AD for the students (there is a previous >>>> e-mail I sent to the ZendTo mailing list about a week ago), but due to >>>> how our Microsoft Admins configured it they needed to use an alternate >>>> attribute. >>>> >>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail sent to >>>> the recipient will show my e-mail address in the From field. If I login >>>> using the IMAP auth the From field lists the servers default e-mail >>>> from >>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>> address. >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>> Travis, >>>>> >>>>> If you are authenticating users against Office365, then why not do >>>>> that with AD? >>>>> I don't quite see why you need to use the IMAP authenticator at all. >>>>> If it's a separate AD forest for some reason, then that's okay, ZendTo >>>>> will happily do 3 different AD forests with independent setups. >>>>> >>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>> >>>>> What we do here for the "From" address is use an address whose email >>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>> (validly/correctly) to the envelope sender will just be thrown away. >>>>> Any human-generated replies will go to the right user. >>>>> >>>>> Thanks for the info about the option you need to pass to O365. I guess >>>>> that's going to need yet another preferences.php setting. >>>>> >>>>> Cheers, >>>>> Jules. >>>>> >>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>> I configured the IMAP authentication to allow my university's >>>>>> students >>>>>> to login to our ZendTo server, but when they drop off files the From >>>>>> field is showing the e-mail address configured in zendto.conf >>>>>> instead of >>>>>> the student's address. The student's address ends up in the Reply-To >>>>>> field, which normally wouldn't be a problem except sometimes >>>>>> automated >>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>> Reply-To. >>>>>> >>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP or AD >>>>>> appear to work as expected. >>>>>> >>>>>> BTW I am using the IMAP authentication with Office365 and in order to >>>>>> get it to login correctly I had to change the imap_open line. >>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>> $password, >>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>> >>>>>> So don't know if you want to add this to the documentation >>>>>> somewhere or >>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>> >>>>>> ------------------------------------------------------------------- >>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>> Information Technology Services, Florida State University >>>>>> >>>>>> _______________________________________________ >>>>>> ZendTo mailing list >>>>>> ZendTo at zend.to >>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>> >>>>>> >>>>> Jules >>>>> >>>> _______________________________________________ >>>> ZendTo mailing list >>>> ZendTo at zend.to >>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>> >> Jules >> > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= From garry at glendown.de Fri Nov 2 09:18:46 2018 From: garry at glendown.de (Garry Glendown) Date: Fri, 2 Nov 2018 10:18:46 +0100 Subject: [ZendTo] Install in shared environment References: Message-ID: Hi, I've been using ZendTo quite a while, usually on stand-alone servers, but have now got to install in a shared environment ... that is, I need to put it in a sub-directory of a webserver... I'm not sure the install scripts will be "compatible" with the shared environment (which, additionally, is a pretty old Ubuntu 12 installation). What's the recommended course of action in such a case? Tnx, -garry -- PGP Fingerprint: A79F A33F 5B13 BEB7 A51D 274F F99C 3AE2 4BCB 7015 From pedrosi at millercanfield.com Fri Nov 2 15:33:41 2018 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Fri, 2 Nov 2018 15:33:41 +0000 Subject: [ZendTo] Zend.to ClamAV issue References: Message-ID: I?m still having this issue with ClamAV, and my *nix skill are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. [cid:image003.jpg at 01D4729F.E6E65BD0] Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users Cc: Keith Erekson Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 12883 bytes Desc: image003.jpg URL: From douglagm at gmail.com Fri Nov 2 16:38:32 2018 From: douglagm at gmail.com (Gregg Douglas) Date: Fri, 2 Nov 2018 18:38:32 +0200 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: Message-ID: Have you checked the filesystem rights of the ClamAV Socket file ? On Fri, Nov 2, 2018 at 5:34 PM Pedrosi, Derek G. via ZendTo wrote: > I?m still having this issue with ClamAV, and my *nix skill are horrible. > > > > Can I get the simple version of what I?m to do with "chsh www-data", as > I?ve been running without AV for several months. > > My apache users is indeed ?www-data?. > > > > Thanks, > > derek > > > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Keith > Erekson via ZendTo > *Sent:* Thursday, October 25, 2018 12:14 PM > *To:* ZendTo Users > *Cc:* Keith Erekson > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > > > *CAUTION EXTERNAL EMAIL:* DO NOT open attachments or click links from > unknown or unexpected emails. > > > > Easier to use "chsh www-data" or whatever your Apache user is. > > ~Keith > > > On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: > > Edit your /etc/passwd file to set the shell for your Apache user to > /bin/bash. > Then "pwconv" so the change takes effect. > Then try this > su - apache (or whatever user your Apache is running as) > clamdscan /var/zendto/* > clamdscan --fdpass /var/zendto/* > exit > What happened? Did the virus scans both complete successfully? > > If not, and you're running CentOS/RedHat 7, try this and then give the > above another try: > groupmems --group virusgroup --add apache > systemctl restart httpd > > I added that extra groupmems command to the Installer a day or two ago > when I discovered that RedHat/CentOS had changed their group membership > rules in an update. > > Any improvement? > > Cheers, > Jules. > > P.S. Otherwise, if you can give me remote ssh access I can login myself > and take a look for you. I would be interested to see what it is, if it's > not any of the above. > > On 25/10/2018 16:22, Ken Etter wrote: > > Yep, PHP 7.2 is installed. I've run through the installer multiple times > now. No change, still get the error. > > Ken > > >>> Jules Field 10/25/2018 11:15 AM >>> > > > Do you have PHP 7.2 installed? > > > > My Installer can be run in stages, and those stages can be run > independently. > > So you might want to download the Installer, unpack it and wander into it. > In what will obviously be the right sub-dir for your OS, you will see the > numbered scripts. > > # cd install.ZendTo/CentOS-RedHat/ > > > > # ls > > > > 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 > > > > 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 > > > > # > > > > If your web server is already working nicely, then you can probably skip > stage 1 (though it won't do any harm). > > If you haven't installed PHP 7.2 along with things like the sodium > extension, then run stage 2 which installs PHP. (Grab a backup copy of your > ZendTo installation first, as it may have to remove the *whole* of PHP > first which can also remove ZendTo and other PHP applications in the > process, before it can install the correct version). > > Stages 3 and 5 shouldn't do any damage, but will add any new settings they > need for PHP and so on. > > Stage 7 does the actual ZendTo installation itself, which it will do as an > upgrade if it finds a zendto RPM already installed. Well worth running. > > Stage 8 is only relevant if you are using SELinux, and won't do anything > if you're not. > > Since version 4, ZendTo no longer needs any form of custom-built PHP or > anything like that. So there's no recompiling to be done. > > Then if you have a previous preferences.php and/or zendto.conf, you need > to use > > /opt/zendto/bin/upgrade_preferences_php > > and > > /opt/zendto/bin/upgrade_zendto_conf > > to upgrade those files. > > Also, if you have done an RPM upgrade from ZendTo 4, you probably have a > whole stack of *.rpmnew files in /opt/zendto/templates. You want to move > each of those into place so they replace your old *.tpl files. > > As I said, it really is faster/easier/better to build v5 from scratch, its > requirements are so different from v4. > > Hope that helps, > > Jules. > > On 25/10/2018 15:59, Ken Etter wrote: > > None of that helps. I'm building a new system. This is a production > system. I never had problems in the past with upgrading so I went ahead and > did it. Bad move. Unless anyone has any other ideas, I will just keep > working on setting up the new system. I have to get something running again > for my users. > > > > Ken > > >>> Jules Field via ZendTo 10/25/2018 > 10:53 AM >>> > > > Yes, those directories do need to be writable by whatever user and group > your web server is running as. > > > > If you are using SELinux (most likely if you are using CentOS or RedHat), > then I would also advise > > restorecon -FRv /opt/zendto /var/zendto > > > > to reset all the SELinux attributes to the values configured by my > Installer. > > Also, if you think it might be an SELinux problem, you can switch it into > "permissive" mode by > > setenforce permissive > > > > systemctl restart httpd > > > > systemctl restart clamd at scan > > > > To switch it back to "enforcing", you then do > > setenforce enforcing > > > > systemctl restart httpd > > > > systemctl restart clamd at scan > > > > Cheers, > > Jules. > > On 25/10/2018 14:31, Gray McCord via ZendTo wrote: > > I?ve seen that message as well. Check the file permissions on the > /opt/zendto directories. Seems like I needed to make them writeable by the > apache user, but I could be mistaken. > > Gray McCord > > *Adapt, Mutate, Migrate, or Die* > > -C. Darwin > > *From:* ZendTo *On > Behalf Of *Ken Etter via ZendTo > *Sent:* Thursday, October 25, 2018 8:26 AM > *To:* ZendTo List > *Cc:* Ken Etter > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > Going back through the mailing list archives, I see that I am having > exactly the same problem as Kevin O'Connor in this thread: > http://jul.es/pipermail/zendto/2018-June/003208.html > > > Files are uploaded, but I get that error message and the email is not sent. > > There is no stated resolution in that thread. Any suggestions or do I have > to rebuild a brand new Zend.To server? > > Zend.To has been fairly solid for me...a bit of a pain to find this > upgrade to be so fragile. > > Ken > > >>> Ken Etter via ZendTo 10/25/2018 8:38 AM >>> > > I am running this on Ubuntu 16.04.5 LTS if that matters. > > > Ken > > >>> Ken Etter via ZendTo 10/25/2018 8:36 AM >>> > > Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything > appeared to go ok. But when I click drop-off files, I get an error that > states: "Sorry, I failed to drop-off your files! Note that you cannot > drop-off directories, only files." I'm not dropping off a directory, just a > single file. I tried a couple different file types - same error each time. > Any suggestions for fixing this? Thanks! > > > > > *Ken Etter*, System Administrator > > Architectural Group > > 260.432.9337 | msktd.com > > > > > > > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 > > > > Jules > > > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > > > 'The past is supposed to be a place of reference, not a place of > > residence! There is a reason why your car has a big windshield and > > a small rearview mirror. You are supposed to keep your eyes on where > > you are going, and just occasionally check out where you have been.' > > - Willie Jolley > > > > www.Zend.To > > Twitter: @JulesFM > > > > Jules > > > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > > > IMPORTANT: This email is intended for the use of the individual > > addressee(s) named above and may contain information that is > > confidential, privileged or unsuitable for overly sensitive persons > > with low self-esteem, no sense of humour or irrational religious > > beliefs. If you are not the intended recipient, any dissemination, > > distribution or copying of this email is not authorised (either > > explicitly or implicitly) and constitutes an irritating social faux > > pas. > > > > Unless the word absquatulation has been used in its correct context > > somewhere other than in this warning, it does not have any legal > > or no grammatical use and may be ignored. No animals were harmed > > in the transmission of this email, although the kelpie next door > > is living on borrowed time, let me tell you. Those of you with an > > overwhelming fear of the unknown will be gratified to learn that > > there is no hidden message revealed by reading this warning backwards, > > so just ignore that Alert Notice from Microsoft. > > > > However, by pouring a complete circle of salt around yourself and > > your computer you can ensure that no harm befalls you and your pets. > > If you have received this email in error, please add some nutmeg > > and egg whites, whisk and place in a warm oven for 40 minutes. > > > > www.Zend.To > > Twitter: @JulesFM > > > > Jules > > > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > > > 'It's very unlikely indeed he will ever recover consciousness, and > > if he does he won't be the Julian you knew.' > > - A hospital consultant I proved very wrong in 2007 :-) > > > > www.Zend.To > > Twitter: @JulesFM > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 12883 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 12883 bytes Desc: not available URL: From pedrosi at millercanfield.com Fri Nov 2 17:16:30 2018 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Fri, 2 Nov 2018 17:16:30 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: Message-ID: This file (I?m running Ubuntu 16)??? root at Z5:/var/run/clamav# ls -la srw-rw-rw- 1 clamav clamav 0 Oct 12 07:00 clamd.ctl root at Z5:/var/run/clamav# From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Gregg Douglas via ZendTo Sent: Friday, November 2, 2018 12:39 PM To: zendto at zend.to Cc: Gregg Douglas Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Have you checked the filesystem rights of the ClamAV Socket file ? On Fri, Nov 2, 2018 at 5:34 PM Pedrosi, Derek G. via ZendTo > wrote: I?m still having this issue with ClamAV, and my *nix skills are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. [cid:image003.jpg at 01D4729F.E6E65BD0] Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users > Cc: Keith Erekson > Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Fri Nov 2 17:23:30 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 2 Nov 2018 17:23:30 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: Message-ID: Derek, # Become root, properly sudo su - # Change Apache's login shell to /bin/bash chsh -s /bin/bash www-data # Become the Apache user su - www-data # Try virus-scanning the /var/zendto directory clamdscan /var/zendto/* # And the same again but just using file handles clamdscan --fdpass /var/zendto/* # Stop being Apache and revert to being root exit # Put Apache's login shell back to what it was chsh -s /sbin/nologin www-data # Stop being root exit Note the 2 clamav commands are clam*d*scan and not just clamscan. That's critical. clamdscan makes the clamd service/daemon do the actual scanning. Send us the output of the clamdscan commands. Then send us the output of "ls -al /var/zendto" and the lines in your /etc/group file that are anything to do with www-data, apache, virusgroup, clamd, anything like that. It's probably just the group membership is wrong. This causes a similar problem in CentOS/RedHat 7 as well, things changed there with ClamAV 100. 99 was fine, 100 wasn't. Cheers, Jules. On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: > > I?m still having this issue with ClamAV, and my *nix skill are horrible. > > Can I get the simple version of what I?m to do with "chsh www-data", > as I?ve been running without AV for several months. > > My apache users is indeed ?www-data?. > > Thanks, > > derek > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Keith > Erekson via ZendTo > *Sent:* Thursday, October 25, 2018 12:14 PM > *To:* ZendTo Users > *Cc:* Keith Erekson > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links from > unknown or unexpected emails. > > Easier to use "chsh www-data" or whatever your Apache user is. > > ~Keith > > > On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: > > Edit your /etc/passwd file to set the shell for your Apache user > to /bin/bash. > Then "pwconv" so the change takes effect. > Then try this > ??? su - apache (or whatever user your Apache is running as) > ??? clamdscan /var/zendto/* > ??? clamdscan --fdpass /var/zendto/* > ??? exit > What happened? Did the virus scans both complete successfully? > > If not, and you're running CentOS/RedHat 7, try this and then give > the above another try: > ??? groupmems --group virusgroup --add apache > ??? systemctl restart httpd > > I added that extra groupmems command to the Installer a day or two > ago when I discovered that RedHat/CentOS had changed their group > membership rules in an update. > > Any improvement? > > Cheers, > Jules. > > P.S. Otherwise, if you can give me remote ssh access I can login > myself and take a look for you. I would be interested to see what > it is, if it's not any of the above. > > On 25/10/2018 16:22, Ken Etter wrote: > > Yep, PHP 7.2 is installed. I've run through the installer > multiple times now.? No change, still get the error. > > Ken > > >>> Jules Field 10/25/2018 11:15 > AM >>> > > > Do you have PHP 7.2 installed? > > My Installer can be run in stages, and those stages can be run > independently. > > So you might want to download the Installer, unpack it and > wander into it. In what will obviously be the right sub-dir > for your OS, you will see the numbered scripts. > > # cd install.ZendTo/CentOS-RedHat/ > > # ls > > 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 > RHEL7 > > 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 > > # > > If your web server is already working nicely, then you can > probably skip stage 1 (though it won't do any harm). > > If you haven't installed PHP 7.2 along with things like the > sodium extension, then run stage 2 which installs PHP. (Grab a > backup copy of your ZendTo installation first, as it may have > to remove the *whole* of PHP first which can also remove > ZendTo and other PHP applications in the process, before it > can install the correct version). > > Stages 3 and 5 shouldn't do any damage, but will add any new > settings they need for PHP and so on. > > Stage 7 does the actual ZendTo installation itself, which it > will do as an upgrade if it finds a zendto RPM already > installed. Well worth running. > > Stage 8 is only relevant if you are using SELinux, and won't > do anything if you're not. > > Since version 4, ZendTo no longer needs any form of > custom-built PHP or anything like that. So there's no > recompiling to be done. > > Then if you have a previous preferences.php and/or > zendto.conf, you need to use > > /opt/zendto/bin/upgrade_preferences_php > > and > > /opt/zendto/bin/upgrade_zendto_conf > > to upgrade those files. > > Also, if you have done an RPM upgrade from ZendTo 4, you > probably have a whole stack of *.rpmnew files in > /opt/zendto/templates. You want to move each of those into > place so they replace your old *.tpl files. > > As I said, it really is faster/easier/better to build v5 from > scratch, its requirements are so different from v4. > > Hope that helps, > > Jules. > > On 25/10/2018 15:59, Ken Etter wrote: > > None of that helps. I'm building a new system. This is a > production system. I never had problems in the past with > upgrading so I went ahead and did it. Bad move. Unless > anyone has any other ideas, I will just keep working on > setting up the new system. I have to get something running > again for my users. > > Ken > > >>> Jules Field via ZendTo > 10/25/2018 10:53 AM >>> > > > Yes, those directories do need to be writable by whatever user > and group your web server is running as. > > If you are using SELinux (most likely if you are using > CentOS or RedHat), then I would also advise > > restorecon -FRv /opt/zendto /var/zendto > > to reset all the SELinux attributes to the values > configured by my Installer. > > Also, if you think it might be an SELinux problem, you can > switch it into "permissive" mode by > > setenforce permissive > > systemctl restart httpd > > systemctl restart clamd at scan > > To switch it back to "enforcing", you then do > > setenforce enforcing > > systemctl restart httpd > > systemctl restart clamd at scan > > Cheers, > > Jules. > > On 25/10/2018 14:31, Gray McCord via ZendTo wrote: > > I?ve seen that message as well. Check the file > permissions on the /opt/zendto directories. Seems like > I needed to make them writeable by the apache user, > but I could be mistaken. > > Gray McCord > > /Adapt, Mutate, Migrate, or Die/ > > -C. Darwin > > *From:*ZendTo > *On Behalf Of *Ken > Etter via ZendTo > *Sent:* Thursday, October 25, 2018 8:26 AM > *To:* ZendTo List > *Cc:* Ken Etter > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > Going back through the mailing list archives, I see > that I am having exactly the same problem as Kevin > O'Connor in this thread: > http://jul.es/pipermail/zendto/2018-June/003208.html > > > Files are uploaded, but I get that error message and > the email is not sent. > > There is no stated resolution in that thread. Any > suggestions or do I have to rebuild a brand new > Zend.To server? > > Zend.To has been fairly solid for me...a bit of a pain > to find this upgrade to be so fragile. > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:38 AM >>> > > I am running this on Ubuntu 16.04.5 LTS if that matters. > > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:36 AM >>> > > Just upgraded my Zend.To installation from 4.x to > 5.15-1. Everything appeared to go ok. But when I click > drop-off files, I get an error that states: "Sorry, I > failed to drop-off your files! Note that you cannot > drop-off directories, only files." I'm not dropping > off a directory, just a single file. I tried a couple > different file types - same error each time. Any > suggestions for fixing this? Thanks! > > > > > *Ken Etter*, System Administrator > > Architectural Group > > 260.432.9337 | msktd.com > > > > > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'The past is supposed to be a place of reference, not a > place of > > residence! There is a reason why your car has a big > windshield and > > a small rearview mirror. You are supposed to keep your > eyes on where > > you are going, and just occasionally check out where you > have been.' > > ? - Willie Jolley > > www.Zend.To > > Twitter: @JulesFM > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > IMPORTANT: This email is intended for the use of the individual > > addressee(s) named above and may contain information that is > > confidential, privileged or unsuitable for overly sensitive > persons > > with low self-esteem, no sense of humour or irrational religious > > beliefs. If you are not the intended recipient, any dissemination, > > distribution or copying of this email is not authorised (either > > explicitly or implicitly) and constitutes an irritating social > faux > > pas. > > Unless the word absquatulation has been used in its correct > context > > somewhere other than in this warning, it does not have any legal > > or no grammatical use and may be ignored. No animals were harmed > > in the transmission of this email, although the kelpie next door > > is living on borrowed time, let me tell you. Those of you with an > > overwhelming fear of the unknown will be gratified to learn that > > there is no hidden message revealed by reading this warning > backwards, > > so just ignore that Alert Notice from Microsoft. > > However, by pouring a complete circle of salt around yourself and > > your computer you can ensure that no harm befalls you and your > pets. > > If you have received this email in error, please add some nutmeg > > and egg whites, whisk and place in a warm oven for 40 minutes. > > www.Zend.To > > Twitter: @JulesFM > > > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'It's very unlikely indeed he will ever recover consciousness, and > > if he does he won't be the Julian you knew.' > > ? - A hospital consultant I proved very wrong in 2007 :-) > > www.Zend.To > > Twitter: @JulesFM > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 12883 bytes Desc: not available URL: From pedrosi at millercanfield.com Fri Nov 2 18:47:41 2018 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Fri, 2 Nov 2018 18:47:41 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: Message-ID: First? www-data at Z5:~$ clamdscan /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission denied. ERROR Many of these drops failed the same way, I omitted them. /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK Then? clamdscan --fdpass /var/zendto/* www-data at Z5:~$ clamdscan --fdpass /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs: OK /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 248.382 sec (4 m 8 s) www-data at Z5:~$ Heres this? root at Z5:/var/run# ls -al /var/zendto total 4512 drwxrwxr-x 8 root www-data 4096 Nov 2 14:37 . drwxr-xr-x 15 root root 4096 Mar 5 2018 .. drwxr-xr-x 3 www-data www-data 4096 May 18 13:32 cache drwxr-xr-x 98 www-data www-data 4096 Nov 2 12:37 dropoffs drwxr-xr-x 2 www-data www-data 4096 Nov 2 12:37 incoming drwxr-xr-x 2 www-data www-data 4096 Feb 27 2018 library drwxr-xr-x 2 www-data www-data 4096 May 31 09:28 rrd drwxr-xr-x 2 www-data www-data 4096 Jun 21 10:39 templates_c -rw-r--r-- 1 www-data www-data 4183705 Nov 2 14:37 zendto.log -rw-rw-r-- 1 www-data www-data 382976 Nov 2 14:37 zendto.sqlite root at Z5:/var/run# And /etc/group file entries? www-data:x:33:clamav clamav:x:118:www-data Thanx again, derek From: Jules Field [mailto:Jules at Zend.To] Sent: Friday, November 2, 2018 1:24 PM To: ZendTo Users Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Derek, # Become root, properly sudo su - # Change Apache's login shell to /bin/bash chsh -s /bin/bash www-data # Become the Apache user su - www-data # Try virus-scanning the /var/zendto directory clamdscan /var/zendto/* # And the same again but just using file handles clamdscan --fdpass /var/zendto/* # Stop being Apache and revert to being root exit # Put Apache's login shell back to what it was chsh -s /sbin/nologin www-data # Stop being root exit Note the 2 clamav commands are clamdscan and not just clamscan. That's critical. clamdscan makes the clamd service/daemon do the actual scanning. Send us the output of the clamdscan commands. Then send us the output of "ls -al /var/zendto" and the lines in your /etc/group file that are anything to do with www-data, apache, virusgroup, clamd, anything like that. It's probably just the group membership is wrong. This causes a similar problem in CentOS/RedHat 7 as well, things changed there with ClamAV 100. 99 was fine, 100 wasn't. Cheers, Jules. On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: I?m still having this issue with ClamAV, and my *nix skill are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. [cid:image001.jpg at 01D472B8.19D4C370] Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users Cc: Keith Erekson Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 12883 bytes Desc: image001.jpg URL: From kevin.miller at juneau.org Fri Nov 2 19:48:30 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Fri, 2 Nov 2018 19:48:30 +0000 Subject: [ZendTo] Install in shared environment In-Reply-To: References: Message-ID: I presume you're using apache - If you look in /etc/apache2/sites-available you should see some virtualhosts already defined. Configure Zendto it to point to whichever directory zendto is using, i.e., /opt/zendto normally. See https://httpd.apache.org/docs/2.4/vhosts/examples.html The install scripts should drop the zendto related things in place, and not clobber anything already there. The DocumentRoot and ServerName directives should keep things sorted for each site. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 -----Original Message----- From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Garry Glendown via ZendTo Sent: Friday, November 02, 2018 1:19 AM To: zendto at zend.to Cc: Garry Glendown Subject: [ZendTo] Install in shared environment Hi, I've been using ZendTo quite a while, usually on stand-alone servers, but have now got to install in a shared environment ... that is, I need to put it in a sub-directory of a webserver... I'm not sure the install scripts will be "compatible" with the shared environment (which, additionally, is a pretty old Ubuntu 12 installation). What's the recommended course of action in such a case? Tnx, -garry -- PGP Fingerprint: A79F A33F 5B13 BEB7 A51D 274F F99C 3AE2 4BCB 7015 _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto From bbrendon at gmail.com Fri Nov 2 20:02:17 2018 From: bbrendon at gmail.com (bbrendon at gmail.com) Date: Fri, 2 Nov 2018 13:02:17 -0700 Subject: [ZendTo] Install in shared environment In-Reply-To: References: Message-ID: It works. It?s a bit tricky. I have it running in a shared environment with nginx. I?m opposed to the current ?dedicate a VM to it? mantra but my voice is too small so it is what it is. Running it on Ubuntu 12 sounds like a bad idea but it must be possible. Just how hard is it going to be... is the the question. On Fri, Nov 2, 2018 at 02:19 Garry Glendown via ZendTo wrote: > Hi, > > I've been using ZendTo quite a while, usually on stand-alone servers, > but have now got to install in a shared environment ... that is, I need > to put it in a sub-directory of a webserver... I'm not sure the install > scripts will be "compatible" with the shared environment (which, > additionally, is a pretty old Ubuntu 12 installation). What's the > recommended course of action in such a case? > > Tnx, -garry > > > -- > PGP Fingerprint: A79F A33F 5B13 BEB7 A51D 274F F99C 3AE2 4BCB 7015 > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brian.Novogradac at utoronto.ca Mon Nov 5 14:07:33 2018 From: Brian.Novogradac at utoronto.ca (Brian Novogradac) Date: Mon, 5 Nov 2018 14:07:33 +0000 Subject: [ZendTo] SAML/Shibboleth for authentication? References: Message-ID: This was brought up in the past, but am just checking to see if anyone has successfully integrated SAML/Shibboleth SSO authentication in any of the current versions. Thanks Brian -------------- next part -------------- An HTML attachment was scrubbed... URL: From pedrosi at millercanfield.com Tue Nov 6 14:59:01 2018 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Tue, 6 Nov 2018 14:59:01 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: Message-ID: Looking to close the loop on this? Below I see that permission is denied on the /var/zendto/drop-offs folder. This is the permission settings for the failed directory. drwxr-xr-x 98 www-data www-data 4096 Nov 6 09:27 dropoffs This equates to 755 permissions, should I simply change this to 775 (rwxrwxr-x)? Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pedrosi, Derek G. via ZendTo Sent: Friday, November 2, 2018 2:48 PM To: Jules Field ; ZendTo Users Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. First? www-data at Z5:~$ clamdscan /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission denied. ERROR Many of these drops failed the same way, I omitted them. /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK Then? clamdscan --fdpass /var/zendto/* www-data at Z5:~$ clamdscan --fdpass /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs: OK /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 248.382 sec (4 m 8 s) www-data at Z5:~$ Heres this? root at Z5:/var/run# ls -al /var/zendto total 4512 drwxrwxr-x 8 root www-data 4096 Nov 2 14:37 . drwxr-xr-x 15 root root 4096 Mar 5 2018 .. drwxr-xr-x 3 www-data www-data 4096 May 18 13:32 cache drwxr-xr-x 98 www-data www-data 4096 Nov 2 12:37 dropoffs drwxr-xr-x 2 www-data www-data 4096 Nov 2 12:37 incoming drwxr-xr-x 2 www-data www-data 4096 Feb 27 2018 library drwxr-xr-x 2 www-data www-data 4096 May 31 09:28 rrd drwxr-xr-x 2 www-data www-data 4096 Jun 21 10:39 templates_c -rw-r--r-- 1 www-data www-data 4183705 Nov 2 14:37 zendto.log -rw-rw-r-- 1 www-data www-data 382976 Nov 2 14:37 zendto.sqlite root at Z5:/var/run# And /etc/group file entries? www-data:x:33:clamav clamav:x:118:www-data Thanx again, derek From: Jules Field [mailto:Jules at Zend.To] Sent: Friday, November 2, 2018 1:24 PM To: ZendTo Users > Cc: Pedrosi, Derek G. > Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Derek, # Become root, properly sudo su - # Change Apache's login shell to /bin/bash chsh -s /bin/bash www-data # Become the Apache user su - www-data # Try virus-scanning the /var/zendto directory clamdscan /var/zendto/* # And the same again but just using file handles clamdscan --fdpass /var/zendto/* # Stop being Apache and revert to being root exit # Put Apache's login shell back to what it was chsh -s /sbin/nologin www-data # Stop being root exit Note the 2 clamav commands are clamdscan and not just clamscan. That's critical. clamdscan makes the clamd service/daemon do the actual scanning. Send us the output of the clamdscan commands. Then send us the output of "ls -al /var/zendto" and the lines in your /etc/group file that are anything to do with www-data, apache, virusgroup, clamd, anything like that. It's probably just the group membership is wrong. This causes a similar problem in CentOS/RedHat 7 as well, things changed there with ClamAV 100. 99 was fine, 100 wasn't. Cheers, Jules. On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: I?m still having this issue with ClamAV, and my *nix skill are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. [cid:image001.jpg at 01D475B5.BD356330] Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users Cc: Keith Erekson Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 12883 bytes Desc: image001.jpg URL: From ssilva at sgvwater.com Tue Nov 6 17:17:31 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 6 Nov 2018 17:17:31 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F41FFE8ABE@FONEXCH01.sgvwc.local> Message-ID: As far as I remember, that user and or group needs at least r or x access up to the top level or it can?t get to that directory. Maybe I am remembering wrong? So would probably need at least group access all the way to /var I could be wrong, and if I am I?m sure someone will correct me? From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pedrosi, Derek G. via ZendTo Sent: Tuesday, November 6, 2018 7:00 AM To: ZendTo Users ; Jules Field Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue Looking to close the loop on this? Below I see that permission is denied on the /var/zendto/drop-offs folder. This is the permission settings for the failed directory. drwxr-xr-x 98 www-data www-data 4096 Nov 6 09:27 dropoffs This equates to 755 permissions, should I simply change this to 775 (rwxrwxr-x)? Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pedrosi, Derek G. via ZendTo Sent: Friday, November 2, 2018 2:48 PM To: Jules Field >; ZendTo Users > Cc: Pedrosi, Derek G. > Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. First? www-data at Z5:~$ clamdscan /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission denied. ERROR Many of these drops failed the same way, I omitted them. /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK Then? clamdscan --fdpass /var/zendto/* www-data at Z5:~$ clamdscan --fdpass /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs: OK /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 248.382 sec (4 m 8 s) www-data at Z5:~$ Heres this? root at Z5:/var/run# ls -al /var/zendto total 4512 drwxrwxr-x 8 root www-data 4096 Nov 2 14:37 . drwxr-xr-x 15 root root 4096 Mar 5 2018 .. drwxr-xr-x 3 www-data www-data 4096 May 18 13:32 cache drwxr-xr-x 98 www-data www-data 4096 Nov 2 12:37 dropoffs drwxr-xr-x 2 www-data www-data 4096 Nov 2 12:37 incoming drwxr-xr-x 2 www-data www-data 4096 Feb 27 2018 library drwxr-xr-x 2 www-data www-data 4096 May 31 09:28 rrd drwxr-xr-x 2 www-data www-data 4096 Jun 21 10:39 templates_c -rw-r--r-- 1 www-data www-data 4183705 Nov 2 14:37 zendto.log -rw-rw-r-- 1 www-data www-data 382976 Nov 2 14:37 zendto.sqlite root at Z5:/var/run# And /etc/group file entries? www-data:x:33:clamav clamav:x:118:www-data Thanx again, derek From: Jules Field [mailto:Jules at Zend.To] Sent: Friday, November 2, 2018 1:24 PM To: ZendTo Users > Cc: Pedrosi, Derek G. > Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Derek, # Become root, properly sudo su - # Change Apache's login shell to /bin/bash chsh -s /bin/bash www-data # Become the Apache user su - www-data # Try virus-scanning the /var/zendto directory clamdscan /var/zendto/* # And the same again but just using file handles clamdscan --fdpass /var/zendto/* # Stop being Apache and revert to being root exit # Put Apache's login shell back to what it was chsh -s /sbin/nologin www-data # Stop being root exit Note the 2 clamav commands are clamdscan and not just clamscan. That's critical. clamdscan makes the clamd service/daemon do the actual scanning. Send us the output of the clamdscan commands. Then send us the output of "ls -al /var/zendto" and the lines in your /etc/group file that are anything to do with www-data, apache, virusgroup, clamd, anything like that. It's probably just the group membership is wrong. This causes a similar problem in CentOS/RedHat 7 as well, things changed there with ClamAV 100. 99 was fine, 100 wasn't. Cheers, Jules. On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: I?m still having this issue with ClamAV, and my *nix skill are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. [cid:image001.jpg at 01D475B5.BD356330] Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users Cc: Keith Erekson Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo > 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 12883 bytes Desc: image001.jpg URL: From gdm at sangabriel.com Wed Nov 7 17:24:19 2018 From: gdm at sangabriel.com (Gray McCord) Date: Wed, 07 Nov 2018 11:24:19 -0600 Subject: [ZendTo] {Disarmed} Re: Zend.to ClamAV issue References: Message-ID: It?s likely that the clamscan user does not have write access to /var/zendto/drop-offs. I think it is clamd that actually writes the file to the drop-off folder once it?s been analyzed, and as such needs write permission to do so. I suggest two things Give the ?www-data? group write access to the drop-offs directory Add the ?clamscan? user to the ?www-data? group so that clamd can write to the drop-offs folder (check to make sure that ?clamscan? is your clam user.) Good Luck! Gray Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo on behalf of Scott Silva via ZendTo Reply-To: ZendTo Users Date: Tuesday, November 6, 2018 at 12:17 PM To: 'ZendTo Users' Cc: Scott Silva Subject: {Disarmed} Re: [ZendTo] Zend.to ClamAV issue As far as I remember, that user and or group needs at least r or x access up to the top level or it can?t get to that directory. Maybe I am remembering wrong? So would probably need at least group access all the way to /var I could be wrong, and if I am I?m sure someone will correct me? From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pedrosi, Derek G. via ZendTo Sent: Tuesday, November 6, 2018 7:00 AM To: ZendTo Users ; Jules Field Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue Looking to close the loop on this? Below I see that permission is denied on the /var/zendto/drop-offs folder. This is the permission settings for the failed directory. drwxr-xr-x 98 www-data www-data 4096 Nov 6 09:27 dropoffs This equates to 755 permissions, should I simply change this to 775 (rwxrwxr-x)? Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pedrosi, Derek G. via ZendTo Sent: Friday, November 2, 2018 2:48 PM To: Jules Field ; ZendTo Users Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. First? www-data at Z5:~$ clamdscan /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission denied. ERROR /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission denied. ERROR Many of these drops failed the same way, I omitted them. /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK Then? clamdscan --fdpass /var/zendto/* www-data at Z5:~$ clamdscan --fdpass /var/zendto/* /var/zendto/cache: OK /var/zendto/dropoffs: OK /var/zendto/incoming: OK /var/zendto/library: OK /var/zendto/rrd: OK /var/zendto/templates_c: OK /var/zendto/zendto.log: OK /var/zendto/zendto.sqlite: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 248.382 sec (4 m 8 s) www-data at Z5:~$ Heres this? root at Z5:/var/run# ls -al /var/zendto total 4512 drwxrwxr-x 8 root www-data 4096 Nov 2 14:37 . drwxr-xr-x 15 root root 4096 Mar 5 2018 .. drwxr-xr-x 3 www-data www-data 4096 May 18 13:32 cache drwxr-xr-x 98 www-data www-data 4096 Nov 2 12:37 dropoffs drwxr-xr-x 2 www-data www-data 4096 Nov 2 12:37 incoming drwxr-xr-x 2 www-data www-data 4096 Feb 27 2018 library drwxr-xr-x 2 www-data www-data 4096 May 31 09:28 rrd drwxr-xr-x 2 www-data www-data 4096 Jun 21 10:39 templates_c -rw-r--r-- 1 www-data www-data 4183705 Nov 2 14:37 zendto.log -rw-rw-r-- 1 www-data www-data 382976 Nov 2 14:37 zendto.sqlite root at Z5:/var/run# And /etc/group file entries? www-data:x:33:clamav clamav:x:118:www-data Thanx again, derek From: Jules Field [mailto:Jules at Zend.To] Sent: Friday, November 2, 2018 1:24 PM To: ZendTo Users Cc: Pedrosi, Derek G. Subject: Re: [ZendTo] Zend.to ClamAV issue CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Derek, # Become root, properly sudo su - # Change Apache's login shell to /bin/bash chsh -s /bin/bash www-data # Become the Apache user su - www-data # Try virus-scanning the /var/zendto directory clamdscan /var/zendto/* # And the same again but just using file handles clamdscan --fdpass /var/zendto/* # Stop being Apache and revert to being root exit # Put Apache's login shell back to what it was chsh -s /sbin/nologin www-data # Stop being root exit Note the 2 clamav commands are clamdscan and not just clamscan. That's critical. clamdscan makes the clamd service/daemon do the actual scanning. Send us the output of the clamdscan commands. Then send us the output of "ls -al /var/zendto" and the lines in your /etc/group file that are anything to do with www-data, apache, virusgroup, clamd, anything like that. It's probably just the group membership is wrong. This causes a similar problem in CentOS/RedHat 7 as well, things changed there with ClamAV 100. 99 was fine, 100 wasn't. Cheers, Jules. On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: I?m still having this issue with ClamAV, and my *nix skill are horrible. Can I get the simple version of what I?m to do with "chsh www-data", as I?ve been running without AV for several months. My apache users is indeed ?www-data?. Thanks, derek From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Keith Erekson via ZendTo Sent: Thursday, October 25, 2018 12:14 PM To: ZendTo Users Cc: Keith Erekson Subject: Re: [ZendTo] Zend.to error during drop-off CAUTION EXTERNAL EMAIL: DO NOT open attachments or click links from unknown or unexpected emails. Easier to use "chsh www-data" or whatever your Apache user is. ~Keith On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo wrote: Edit your /etc/passwd file to set the shell for your Apache user to /bin/bash. Then "pwconv" so the change takes effect. Then try this su - apache (or whatever user your Apache is running as) clamdscan /var/zendto/* clamdscan --fdpass /var/zendto/* exit What happened? Did the virus scans both complete successfully? If not, and you're running CentOS/RedHat 7, try this and then give the above another try: groupmems --group virusgroup --add apache systemctl restart httpd I added that extra groupmems command to the Installer a day or two ago when I discovered that RedHat/CentOS had changed their group membership rules in an update. Any improvement? Cheers, Jules. P.S. Otherwise, if you can give me remote ssh access I can login myself and take a look for you. I would be interested to see what it is, if it's not any of the above. On 25/10/2018 16:22, Ken Etter wrote: Yep, PHP 7.2 is installed. I've run through the installer multiple times now. No change, still get the error. Ken >>> Jules Field 10/25/2018 11:15 AM >>> > Do you have PHP 7.2 installed? My Installer can be run in stages, and those stages can be run independently. So you might want to download the Installer, unpack it and wander into it. In what will obviously be the right sub-dir for your OS, you will see the numbered scripts. # cd install.ZendTo/CentOS-RedHat/ # ls 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh CentOS6 RHEL7 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 # If your web server is already working nicely, then you can probably skip stage 1 (though it won't do any harm). If you haven't installed PHP 7.2 along with things like the sodium extension, then run stage 2 which installs PHP. (Grab a backup copy of your ZendTo installation first, as it may have to remove the *whole* of PHP first which can also remove ZendTo and other PHP applications in the process, before it can install the correct version). Stages 3 and 5 shouldn't do any damage, but will add any new settings they need for PHP and so on. Stage 7 does the actual ZendTo installation itself, which it will do as an upgrade if it finds a zendto RPM already installed. Well worth running. Stage 8 is only relevant if you are using SELinux, and won't do anything if you're not. Since version 4, ZendTo no longer needs any form of custom-built PHP or anything like that. So there's no recompiling to be done. Then if you have a previous preferences.php and/or zendto.conf, you need to use /opt/zendto/bin/upgrade_preferences_php and /opt/zendto/bin/upgrade_zendto_conf to upgrade those files. Also, if you have done an RPM upgrade from ZendTo 4, you probably have a whole stack of *.rpmnew files in /opt/zendto/templates. You want to move each of those into place so they replace your old *.tpl files. As I said, it really is faster/easier/better to build v5 from scratch, its requirements are so different from v4. Hope that helps, Jules. On 25/10/2018 15:59, Ken Etter wrote: None of that helps. I'm building a new system. This is a production system. I never had problems in the past with upgrading so I went ahead and did it. Bad move. Unless anyone has any other ideas, I will just keep working on setting up the new system. I have to get something running again for my users. Ken >>> Jules Field via ZendTo 10/25/2018 10:53 AM >>> > Yes, those directories do need to be writable by whatever user and group your web server is running as. If you are using SELinux (most likely if you are using CentOS or RedHat), then I would also advise restorecon -FRv /opt/zendto /var/zendto to reset all the SELinux attributes to the values configured by my Installer. Also, if you think it might be an SELinux problem, you can switch it into "permissive" mode by setenforce permissive systemctl restart httpd systemctl restart clamd at scan To switch it back to "enforcing", you then do setenforce enforcing systemctl restart httpd systemctl restart clamd at scan Cheers, Jules. On 25/10/2018 14:31, Gray McCord via ZendTo wrote: I?ve seen that message as well. Check the file permissions on the /opt/zendto directories. Seems like I needed to make them writeable by the apache user, but I could be mistaken. Gray McCord Adapt, Mutate, Migrate, or Die -C. Darwin From: ZendTo On Behalf Of Ken Etter via ZendTo Sent: Thursday, October 25, 2018 8:26 AM To: ZendTo List Cc: Ken Etter Subject: Re: [ZendTo] Zend.to error during drop-off Going back through the mailing list archives, I see that I am having exactly the same problem as Kevin O'Connor in this thread: MailScanner has detected a possible fraud attempt from "emea01.safelinks.protection.outlook.com" claiming to be http://jul.es/pipermail/zendto/2018-June/003208.html Files are uploaded, but I get that error message and the email is not sent. There is no stated resolution in that thread. Any suggestions or do I have to rebuild a brand new Zend.To server? Zend.To has been fairly solid for me...a bit of a pain to find this upgrade to be so fragile. Ken >>> Ken Etter via ZendTo 10/25/2018 8:38 AM >>> I am running this on Ubuntu 16.04.5 LTS if that matters. Ken >>> Ken Etter via ZendTo 10/25/2018 8:36 AM >>> Just upgraded my Zend.To installation from 4.x to 5.15-1. Everything appeared to go ok. But when I click drop-off files, I get an error that states: "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files." I'm not dropping off a directory, just a single file. I tried a couple different file types - same error each time. Any suggestions for fixing this? Thanks! Ken Etter, System Administrator Architectural Group 260.432.9337 | MailScanner has detected a possible fraud attempt from "emea01.safelinks.protection.outlook.com" claiming to be msktd.com _______________________________________________ ZendTo mailing list ZendTo at zend.to https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes. www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'It's very unlikely indeed he will ever recover consciousness, and if he does he won't be the Julian you knew.' - A hospital consultant I proved very wrong in 2007 :-) www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 12884 bytes Desc: not available URL: From gm.pawanthakur at gmail.com Thu Nov 8 07:36:16 2018 From: gm.pawanthakur at gmail.com (Pawan Thakur) Date: Thu, 8 Nov 2018 13:06:16 +0530 Subject: [ZendTo] LocalIPSubnets Configuration to define IP Ranges for users. References: <0379da3d-620b-680d-1462-ddc081b2ceaf@gmail.com> Message-ID: Hello All, I tried several things before asking this. I cannot configure LocalIPSubnets Settings. And the application looks like this. I have tried putting internal/external IP ranges in preferences.php like array("200.100.0.0"), array("200.100.","300.200"), and so on. What am I doing wrong ? Please help. Thanks, Pawan -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: mpofpckfdfjkmhlb.png Type: image/png Size: 62250 bytes Desc: not available URL: From klou at themusiclink.net Thu Nov 8 17:32:24 2018 From: klou at themusiclink.net (Kris Lou) Date: Thu, 8 Nov 2018 09:32:24 -0800 Subject: [ZendTo] LocalIPSubnets Configuration to define IP Ranges for users. In-Reply-To: References: <0379da3d-620b-680d-1462-ddc081b2ceaf@gmail.com> Message-ID: 'localIPSubnets' => array('200.100', '300.200'), This works for me (using your ranges.) I don't have a trailing dot (".") after the second octet, and use single quotes. I only put in internal IP's, but that's your call. Kris Lou klou at themusiclink.net On Wed, Nov 7, 2018 at 11:36 PM, Pawan Thakur via ZendTo wrote: > Hello All, > > I tried several things before asking this. I cannot configure > LocalIPSubnets Settings. And the application looks like this. > > I have tried putting internal/external IP ranges in preferences.php like > > array("200.100.0.0"), > > array("200.100.","300.200"), > > and so on. > > What am I doing wrong ? Please help. > > Thanks, > Pawan > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: mpofpckfdfjkmhlb.png Type: image/png Size: 62250 bytes Desc: not available URL: From ssilva at sgvwater.com Thu Nov 8 18:25:40 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Thu, 8 Nov 2018 18:25:40 +0000 Subject: [ZendTo] Released: LocalIPSubnets Configuration to define IP Ranges for users. In-Reply-To: References: <0379da3d-620b-680d-1462-ddc081b2ceaf@gmail.com> <54D3F6A07E3F2A4AAD4CBA73922025F4200098EF@FONEXCH01.sgvwc.local> Message-ID: Use a single quote ? not a double quote?. From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Pawan Thakur via ZendTo Sent: Thursday, November 8, 2018 9:29 AM To: Ken Etter via ZendTo Cc: Pawan Thakur Subject: Released: [ZendTo] LocalIPSubnets Configuration to define IP Ranges for users. Hello All, I tried several things before asking this. I cannot configure LocalIPSubnets Settings. And the application looks like this. [cid:image001.png at 01D4774D.648C7220] I have tried putting internal/external IP ranges in preferences.php like array("200.100.0.0"), array("200.100.","300.200"), and so on. What am I doing wrong ? Please help. Thanks, Pawan -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 62250 bytes Desc: image001.png URL: From djones at ena.com Sun Nov 11 18:36:54 2018 From: djones at ena.com (David Jones) Date: Sun, 11 Nov 2018 18:36:54 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top References: Message-ID: Just upgraded to latest RPM version on CentOS 7 and noticed the custom logo was behind the white box next to the new language selector. I had to replace the #logo section in the swish2.css with an older version to get it back to the foreground. Dave -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Mon Nov 12 16:48:42 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 12 Nov 2018 16:48:42 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top In-Reply-To: References: Message-ID: <88be72b8-ae88-8402-f598-a3bac9781555@Zend.To> Dave, Can you send me a screenshot please? Odd effects can be caused by your logo being too wide. If you temporarily replace your logo with (as shipped) the word "ZendTo", does it then look okay? Thanks! Jules. On 11/11/2018 18:36, David Jones via ZendTo wrote: > > Just upgraded to latest RPM version on CentOS 7 and noticed the custom > logo was behind the white box next to the new language selector.? I > had to replace the #logo section in the swish2.css with an older > version to get it back to the foreground. > > > Dave > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'There is silent poetry in the stillness of morning; in the calm, the cries & sighs of life sound like gentle music.' - @Astro_Wheels www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Mon Nov 12 16:55:36 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 12 Nov 2018 16:55:36 +0000 Subject: [ZendTo] LocalIPSubnets Configuration to define IP Ranges for users. In-Reply-To: References: <0379da3d-620b-680d-1462-ddc081b2ceaf@gmail.com> Message-ID: If you don't add a trailing dot, ZendTo does unless it's a full IP address. Just give the prefix. It's not a netmask or network address or anything, just a string prefix. Sorry, I should improve the code to do CIDR masks and so on, but this seems to have been good enough for everyone so far so was very low priority. Cheers, Jules. P.S. Sorry for my absence for the past few weeks, day job got really busy at which point ZendTo has to get put on hold. This is one of the main reasons I *don't* do commercial support contracts. My whole day can be re-arranged for over a month at a time, without warning. It just works like that. Which is why I like it! On 08/11/2018 17:32, Kris Lou via ZendTo wrote: > ? 'localIPSubnets'? ? ? ?=> array('200.100', '300.200'), > > This works for me (using your ranges.)? I don't have a trailing dot > (".") after the second octet, and use single quotes. > > I only put in internal IP's, but that's your call. > > > > Kris Lou > klou at themusiclink.net > > On Wed, Nov 7, 2018 at 11:36 PM, Pawan Thakur via ZendTo > > wrote: > > Hello All, > > I tried several things before asking this. I cannot configure > LocalIPSubnets Settings. And the application looks like this. > > I have tried putting internal/external IP ranges in > preferences.php like > > array("200.100.0.0"), > > array("200.100.","300.200"), > > and so on. > > What am I doing wrong ? Please help. > > Thanks, > Pawan > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'What happened in the past that was painful, has a great deal to do with what we are today.' - William Glasser www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: mpofpckfdfjkmhlb.png Type: image/png Size: 62250 bytes Desc: not available URL: From Jules at Zend.To Mon Nov 12 17:02:22 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 12 Nov 2018 17:02:22 +0000 Subject: [ZendTo] {Disarmed} Re: Zend.to ClamAV issue In-Reply-To: References: Message-ID: On 07/11/2018 17:24, Gray McCord via ZendTo wrote: > > It?s likely that the clamscan user does not have write access to > /var/zendto/drop-offs. I think it is clamd that actually writes the > file to the drop-off folder once it?s been analyzed, and as such needs > write permission to do so. > No it's not. ZendTo writes files. clamd only reads them. clamd needs to be able to read the contents of the /var/zendto/incoming directory (and the files in there). There was a change in ClamAV x.x.100 (can't remember what the values of x.x are, it's the 100 that's the important bit). You need to add a user to a group. On CentOS / RedHat, it's this: ??? groupmems --group virusgroup --add apache On Ubuntu / Debian, it should be something very similar. Check your /etc/group file for a "virusgroup" group. If that exists, then you probably want ??? groupmems --group virusgroup --add www-data Then restart Apache and clamd and see if that helps. Cheers, Jules. > I suggest two things > > Give the ?www-data? group write access to the drop-offs directory > > Add the ?clamscan? user to the ?www-data? group so that clamd can > write to the drop-offs folder (check to make sure that ?clamscan? is > your clam user.) > > Good Luck! > > Gray > > Gray McCord > > /Adapt, Mutate, Migrate, or Die/ > > -C. Darwin > > *From: *ZendTo on behalf of Scott Silva via > ZendTo > *Reply-To: *ZendTo Users > *Date: *Tuesday, November 6, 2018 at 12:17 PM > *To: *'ZendTo Users' > *Cc: *Scott Silva > *Subject: *{Disarmed} Re: [ZendTo] Zend.to ClamAV issue > > As far as I remember, that user and or group needs at least r or x > access up to the top level or it can?t get to that directory. Maybe I > am remembering wrong? > > So would probably need at least group access all the way to /var > > I could be wrong, and if I am I?m sure someone will correct me? > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Pedrosi, > Derek G. via ZendTo > *Sent:* Tuesday, November 6, 2018 7:00 AM > *To:* ZendTo Users ; Jules Field > *Cc:* Pedrosi, Derek G. > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > Looking to close the loop on this? > > Below I see that permission is denied on the /var/zendto/drop-offs folder. > > This is the permission settings for the failed directory. > > drwxr-xr-x 98 www-data www-data??? 4096 Nov? 6 09:27 dropoffs > > This equates to 755 permissions, should I simply change this to 775 > (rwxrwxr-x)? > > Thanks, > > derek > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Pedrosi, > Derek G. via ZendTo > *Sent:* Friday, November 2, 2018 2:48 PM > *To:* Jules Field >; ZendTo Users > > > *Cc:* Pedrosi, Derek G. > > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links from > unknown or unexpected emails. > > First? > > www-data at Z5:~$ clamdscan /var/zendto/* > > /var/zendto/cache: OK > > /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission > denied. ERROR > > /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission > denied. ERROR > > /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission > denied. ERROR > > Many of these drops failed the same way, I omitted them. > > /var/zendto/incoming: OK > > /var/zendto/library: OK > > /var/zendto/rrd: OK > > /var/zendto/templates_c: OK > > /var/zendto/zendto.log: OK > > /var/zendto/zendto.sqlite: OK > > Then? > > clamdscan --fdpass /var/zendto/* > > www-data at Z5:~$ clamdscan --fdpass /var/zendto/* > > /var/zendto/cache: OK > > /var/zendto/dropoffs: OK > > /var/zendto/incoming: OK > > /var/zendto/library: OK > > /var/zendto/rrd: OK > > /var/zendto/templates_c: OK > > /var/zendto/zendto.log: OK > > /var/zendto/zendto.sqlite: OK > > ----------- SCAN SUMMARY ----------- > > Infected files: 0 > > Time: 248.382 sec (4 m 8 s) > > www-data at Z5:~$ > > Heres this? > > root at Z5:/var/run# ls -al /var/zendto > > total 4512 > > drwxrwxr-x 8 root???? www-data??? 4096 Nov? 2 14:37 . > > drwxr-xr-x 15 root???? root??????? 4096 Mar? 5? 2018 .. > > drwxr-xr-x 3 www-data www-data??? 4096 May 18 13:32 cache > > drwxr-xr-x 98 www-data www-data??? 4096 Nov? 2 12:37 dropoffs > > drwxr-xr-x 2 www-data www-data??? 4096 Nov? 2 12:37 incoming > > drwxr-xr-x 2 www-data www-data??? 4096 Feb 27? 2018 library > > drwxr-xr-x 2 www-data www-data??? 4096 May 31 09:28 rrd > > drwxr-xr-x 2 www-data www-data??? 4096 Jun 21 10:39 templates_c > > -rw-r--r-- 1 www-data www-data 4183705 Nov? 2 14:37 zendto.log > > -rw-rw-r-- 1 www-data www-data? 382976 Nov? 2 14:37 zendto.sqlite > > root at Z5:/var/run# > > And /etc/group file entries? > > www-data:x:33:clamav > > clamav:x:118:www-data > > Thanx again, > > derek > > *From:* Jules Field [mailto:Jules at Zend.To] > *Sent:* Friday, November 2, 2018 1:24 PM > *To:* ZendTo Users > > *Cc:* Pedrosi, Derek G. > > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links from > unknown or unexpected emails. > > Derek, > > # Become root, properly > sudo su - > # Change Apache's login shell to /bin/bash > chsh -s /bin/bash www-data > # Become the Apache user > su - www-data > # Try virus-scanning the /var/zendto directory > clamdscan /var/zendto/* > # And the same again but just using file handles > clamdscan --fdpass /var/zendto/* > # Stop being Apache and revert to being root > exit > # Put Apache's login shell back to what it was > chsh -s /sbin/nologin www-data > # Stop being root > exit > > Note the 2 clamav commands are clam*d*scan and not just clamscan. > That's critical. clamdscan makes the clamd service/daemon do the > actual scanning. > > Send us the output of the clamdscan commands. > > Then send us the output of "ls -al /var/zendto" and the lines in your > /etc/group file that are anything to do with www-data, apache, > virusgroup, clamd, anything like that. > > It's probably just the group membership is wrong. This causes a > similar problem in CentOS/RedHat 7 as well, things changed there with > ClamAV 100. 99 was fine, 100 wasn't. > > Cheers, > Jules. > > On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: > > I?m still having this issue with ClamAV, and my *nix skill are > horrible. > > Can I get the simple version of what I?m to do with "chsh > www-data", as I?ve been running without AV for several months. > > My apache users is indeed ?www-data?. > > cid:image001.jpg at 01D475B5.BD356330 > > Thanks, > > derek > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of > *Keith Erekson via ZendTo > *Sent:* Thursday, October 25, 2018 12:14 PM > *To:* ZendTo Users > *Cc:* Keith Erekson > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links > from unknown or unexpected emails. > > Easier to use "chsh www-data" or whatever your Apache user is. > > ~Keith > > > On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > > wrote: > > Edit your /etc/passwd file to set the shell for your Apache > user to /bin/bash. > Then "pwconv" so the change takes effect. > Then try this > ??? su - apache (or whatever user your Apache is running as) > ??? clamdscan /var/zendto/* > clamdscan --fdpass /var/zendto/* > ??? exit > What happened? Did the virus scans both complete successfully? > > If not, and you're running CentOS/RedHat 7, try this and then > give the above another try: > ??? groupmems --group virusgroup --add apache > systemctl restart httpd > > I added that extra groupmems command to the Installer a day or > two ago when I discovered that RedHat/CentOS had changed their > group membership rules in an update. > > Any improvement? > > Cheers, > Jules. > > P.S. Otherwise, if you can give me remote ssh access I can > login myself and take a look for you. I would be interested to > see what it is, if it's not any of the above. > > On 25/10/2018 16:22, Ken Etter wrote: > > Yep, PHP 7.2 is installed.? I've run through the installer > multiple times now.? No change, still get the error. > > Ken > > >>> Jules Field > 10/25/2018 11:15 AM >>> > > > Do you have PHP 7.2 installed? > > My Installer can be run in stages, and those stages can be > run independently. > > So you might want to download the Installer, unpack it and > wander into it. In what will obviously be the right > sub-dir for your OS, you will see the numbered scripts. > > # cd install.ZendTo/CentOS-RedHat/ > > # ls > > 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh > CentOS6 RHEL7 > > 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 > > # > > If your web server is already working nicely, then you can > probably skip stage 1 (though it won't do any harm). > > If you haven't installed PHP 7.2 along with things like > the sodium extension, then run stage 2 which installs PHP. > (Grab a backup copy of your ZendTo installation first, as > it may have to remove the *whole* of PHP first which can > also remove ZendTo and other PHP applications in the > process, before it can install the correct version). > > Stages 3 and 5 shouldn't do any damage, but will add any > new settings they need for PHP and so on. > > Stage 7 does the actual ZendTo installation itself, which > it will do as an upgrade if it finds a zendto RPM already > installed. Well worth running. > > Stage 8 is only relevant if you are using SELinux, and > won't do anything if you're not. > > Since version 4, ZendTo no longer needs any form of > custom-built PHP or anything like that. So there's no > recompiling to be done. > > Then if you have a previous preferences.php and/or > zendto.conf, you need to use > > /opt/zendto/bin/upgrade_preferences_php > > and > > /opt/zendto/bin/upgrade_zendto_conf > > to upgrade those files. > > Also, if you have done an RPM upgrade from ZendTo 4, you > probably have a whole stack of *.rpmnew files in > /opt/zendto/templates. You want to move each of those into > place so they replace your old *.tpl files. > > As I said, it really is faster/easier/better to build v5 > from scratch, its requirements are so different from v4. > > Hope that helps, > > Jules. > > On 25/10/2018 15:59, Ken Etter wrote: > > None of that helps. I'm building a new system. This is > a production system. I never had problems in the past > with upgrading so I went ahead and did it. Bad move. > Unless anyone has any other ideas, I will just keep > working on setting up the new system. I have to get > something running again for my users. > > Ken > > >>> Jules Field via ZendTo > 10/25/2018 10:53 AM >>> > > > Yes, those directories do need to be writable by > whatever user and group your web server is running as. > > If you are using SELinux (most likely if you are using > CentOS or RedHat), then I would also advise > > restorecon -FRv /opt/zendto /var/zendto > > to reset all the SELinux attributes to the values > configured by my Installer. > > Also, if you think it might be an SELinux problem, you > can switch it into "permissive" mode by > > setenforce permissive > > systemctl restart httpd > > systemctl restart clamd at scan > > To switch it back to "enforcing", you then do > > setenforce enforcing > > systemctl restart httpd > > systemctl restart clamd at scan > > Cheers, > > Jules. > > On 25/10/2018 14:31, Gray McCord via ZendTo wrote: > > I?ve seen that message as well. Check the file > permissions on the /opt/zendto directories. Seems > like I needed to make them writeable by the apache > user, but I could be mistaken. > > Gray McCord > > /Adapt, Mutate, Migrate, or Die/ > > -C. Darwin > > *From:*ZendTo > *On Behalf Of *Ken > Etter via ZendTo > *Sent:* Thursday, October 25, 2018 8:26 AM > *To:* ZendTo List > > *Cc:* Ken Etter > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > Going back through the mailing list archives, I > see that I am having exactly the same problem as > Kevin O'Connor in this thread: *MailScanner has > detected a possible fraud attempt from > "emea01.safelinks.protection.outlook.com" claiming > to be* > http://jul.es/pipermail/zendto/2018-June/003208.html > > > Files are uploaded, but I get that error message > and the email is not sent. > > There is no stated resolution in that thread. Any > suggestions or do I have to rebuild a brand new > Zend.To server? > > Zend.To has been fairly solid for me...a bit of a > pain to find this upgrade to be so fragile. > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:38 AM >>> > > I am running this on Ubuntu 16.04.5 LTS if that > matters. > > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:36 AM >>> > > Just upgraded my Zend.To installation from 4.x to > 5.15-1. Everything appeared to go ok. But when I > click drop-off files, I get an error that states: > "Sorry, I failed to drop-off your files! Note that > you cannot drop-off directories, only files." I'm > not dropping off a directory, just a single file. > I tried a couple different file types - same error > each time. Any suggestions for fixing this? Thanks! > > > > > *Ken Etter*, System Administrator > > Architectural Group > > 260.432.9337 | *MailScanner has detected a > possible fraud attempt from > "emea01.safelinks.protection.outlook.com" claiming > to be* msktd.com > > > > > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'The past is supposed to be a place of reference, not > a place of > > residence! There is a reason why your car has a big > windshield and > > a small rearview mirror. You are supposed to keep your > eyes on where > > you are going, and just occasionally check out where > you have been.' > > ? - Willie Jolley > > www.Zend.To > > Twitter: @JulesFM > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > IMPORTANT: This email is intended for the use of the > individual > > addressee(s) named above and may contain information that is > > confidential, privileged or unsuitable for overly > sensitive persons > > with low self-esteem, no sense of humour or irrational > religious > > beliefs. If you are not the intended recipient, any > dissemination, > > distribution or copying of this email is not authorised > (either > > explicitly or implicitly) and constitutes an irritating > social faux > > pas. > > Unless the word absquatulation has been used in its > correct context > > somewhere other than in this warning, it does not have any > legal > > or no grammatical use and may be ignored. No animals were > harmed > > in the transmission of this email, although the kelpie > next door > > is living on borrowed time, let me tell you. Those of you > with an > > overwhelming fear of the unknown will be gratified to > learn that > > there is no hidden message revealed by reading this > warning backwards, > > so just ignore that Alert Notice from Microsoft. > > However, by pouring a complete circle of salt around > yourself and > > your computer you can ensure that no harm befalls you and > your pets. > > If you have received this email in error, please add some > nutmeg > > and egg whites, whisk and place in a warm oven for 40 minutes. > > www.Zend.To > > Twitter: @JulesFM > > Jules > > > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > > > 'It's very unlikely indeed he will ever recover consciousness, and > > if he does he won't be the Julian you knew.' > > ? - A hospital consultant I proved very wrong in 2007 :-) > > > > www.Zend.To > > Twitter: @JulesFM > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > http://jul.es/mailman/listinfo/zendto > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'If I were a Brazilian without land or money or the means to feed > my children, I would be burning the rain forest too.' - Sting > > www.Zend.To > Twitter: @JulesFM > > _______________________________________________ ZendTo mailing list > ZendTo at zend.to http://jul.es/mailman/listinfo/zendto > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'There is one thing stronger than all the armies in the world; and that is an idea whose time has come.' www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Mon Nov 12 17:24:24 2018 From: djones at ena.com (David Jones) Date: Mon, 12 Nov 2018 17:24:24 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top In-Reply-To: References: <88be72b8-ae88-8402-f598-a3bac9781555@Zend.To>, Message-ID: https://filedrop.clevelandmetroschools.org The logo was behind the white area until I put back the old #logo. ________________________________ From: Jules Field Sent: Monday, November 12, 2018 10:48 AM To: ZendTo Users Cc: David Jones Subject: Re: [ZendTo] Swish2.css logo on 5.15-1 not on top Dave, Can you send me a screenshot please? Odd effects can be caused by your logo being too wide. If you temporarily replace your logo with (as shipped) the word "ZendTo", does it then look okay? Thanks! Jules. On 11/11/2018 18:36, David Jones via ZendTo wrote: Just upgraded to latest RPM version on CentOS 7 and noticed the custom logo was behind the white box next to the new language selector. I had to replace the #logo section in the swish2.css with an older version to get it back to the foreground. Dave _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'There is silent poetry in the stillness of morning; in the calm, the cries & sighs of life sound like gentle music.' - @Astro_Wheels www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Tue Nov 13 10:36:14 2018 From: Jules at Zend.To (Jules Field) Date: Tue, 13 Nov 2018 10:36:14 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top In-Reply-To: References: <88be72b8-ae88-8402-f598-a3bac9781555@Zend.To> Message-ID: <6cbaefac-cc2b-20fb-ec7b-f0bc74685749@Zend.To> David, Ah, okay. So your logo is taller than the box provided. No problem. Can you send me a copy of the old #logo definition please? (I'm not very good with git, tend to treat it as "write only", but if I have a disaster I have loads of colleagues who know how to get previous versions out :-) Then I'll get the change in permanently for you. Cheers, Jules. On 12/11/2018 17:24, David Jones wrote: > > https://filedrop.clevelandmetroschools.org The logo was behind the > white area until I put back the old #logo. > > > ------------------------------------------------------------------------ > *From:* Jules Field > *Sent:* Monday, November 12, 2018 10:48 AM > *To:* ZendTo Users > *Cc:* David Jones > *Subject:* Re: [ZendTo] Swish2.css logo on 5.15-1 not on top > Dave, > > Can you send me a screenshot please? > Odd effects can be caused by your logo being too wide. If you > temporarily replace your logo with (as shipped) the word "ZendTo", > does it then look okay? > > Thanks! > Jules. > > On 11/11/2018 18:36, David Jones via ZendTo wrote: >> >> Just upgraded to latest RPM version on CentOS 7 and noticed the >> custom logo was behind the white box next to the new language >> selector.? I had to replace the #logo section in the swish2.css with >> an older version to get it back to the foreground. >> >> >> Dave >> >> >> _______________________________________________ >> ZendTo mailing list >> ZendTo at zend.to >> http://jul.es/mailman/listinfo/zendto > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'There is silent poetry in the stillness of morning; > in the calm, the cries & sighs of life sound like gentle music.' > - @Astro_Wheels > > www.Zend.To > Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'They went with songs to the battle, they were young. Straight of limb, true of eye, steady and aglow. They were staunch to the end against odds uncounted, They fell with their faces to the foe. They shall grow not old, as we that are left grow old: Age shall not weary them, nor the years condemn. At the going down of the sun and in the morning, We will remember them. They mingle not with their laughing comrades again; They sit no more at familiar tables of home; They have no lot in our labour of the day-time; They sleep beyond England's foam.' - Ode of Remembrance, Laurence Binyon www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Tue Nov 13 12:27:32 2018 From: djones at ena.com (David Jones) Date: Tue, 13 Nov 2018 12:27:32 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top In-Reply-To: References: <88be72b8-ae88-8402-f598-a3bac9781555@Zend.To> <6cbaefac-cc2b-20fb-ec7b-f0bc74685749@Zend.To>, Message-ID: # diff swish2.css.orig swish2.css 669,680c669,674 < float: right; < height: 60px; < line-height: 60px; < padding-left: 25px; < padding-right: 20px; < text-decoration: none; < font-weight: bold; < color: #a5abb0; < font-size: 3.5em; < text-shadow: 1px 1px 0px #fbfbfb; < max-width: 260px; < overflow: hidden; --- > height: 60px; > float:right; > padding-left:30px; > padding-right:30px; > line-height: 60px; > text-decoration: none; ________________________________ From: Jules Field Sent: Tuesday, November 13, 2018 4:36 AM To: David Jones; ZendTo Users Subject: Re: [ZendTo] Swish2.css logo on 5.15-1 not on top David, Ah, okay. So your logo is taller than the box provided. No problem. Can you send me a copy of the old #logo definition please? (I'm not very good with git, tend to treat it as "write only", but if I have a disaster I have loads of colleagues who know how to get previous versions out :-) Then I'll get the change in permanently for you. Cheers, Jules. On 12/11/2018 17:24, David Jones wrote: https://filedrop.clevelandmetroschools.org The logo was behind the white area until I put back the old #logo. ________________________________ From: Jules Field Sent: Monday, November 12, 2018 10:48 AM To: ZendTo Users Cc: David Jones Subject: Re: [ZendTo] Swish2.css logo on 5.15-1 not on top Dave, Can you send me a screenshot please? Odd effects can be caused by your logo being too wide. If you temporarily replace your logo with (as shipped) the word "ZendTo", does it then look okay? Thanks! Jules. On 11/11/2018 18:36, David Jones via ZendTo wrote: Just upgraded to latest RPM version on CentOS 7 and noticed the custom logo was behind the white box next to the new language selector. I had to replace the #logo section in the swish2.css with an older version to get it back to the foreground. Dave _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'There is silent poetry in the stillness of morning; in the calm, the cries & sighs of life sound like gentle music.' - @Astro_Wheels www.Zend.To Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'They went with songs to the battle, they were young. Straight of limb, true of eye, steady and aglow. They were staunch to the end against odds uncounted, They fell with their faces to the foe. They shall grow not old, as we that are left grow old: Age shall not weary them, nor the years condemn. At the going down of the sun and in the morning, We will remember them. They mingle not with their laughing comrades again; They sit no more at familiar tables of home; They have no lot in our labour of the day-time; They sleep beyond England's foam.' - Ode of Remembrance, Laurence Binyon www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Tue Nov 13 12:31:23 2018 From: Jules at Zend.To (Jules Field) Date: Tue, 13 Nov 2018 12:31:23 +0000 Subject: [ZendTo] Swish2.css logo on 5.15-1 not on top In-Reply-To: References: <88be72b8-ae88-8402-f598-a3bac9781555@Zend.To> <6cbaefac-cc2b-20fb-ec7b-f0bc74685749@Zend.To> Message-ID: <5bafd4d1-cc63-fecc-58e6-09efa33fabc1@Zend.To> In that case, it's more awkward. It should be the "overflow: hidden;" line that's causing you that trouble. But I added that with too-wide logos in mind, not too-tall. I'll take another look at it, as too-tall logos actually work okay provided they've got a transparent background. Cheers, Jules. On 13/11/2018 12:27, David Jones wrote: > > # diff swish2.css.orig swish2.css > 669,680c669,674 > < float: right; > < height: 60px; > < line-height: 60px; > < padding-left: 25px; > < padding-right: 20px; > < text-decoration: none; > < font-weight: bold; > < color: #a5abb0; > < font-size: 3.5em; > < text-shadow: 1px 1px 0px #fbfbfb; > < max-width: 260px; > < overflow: hidden; > --- > >? ? ? ? ?height: 60px; > >? ? ? ? ?float:right; > >? ? ? ? ?padding-left:30px; > >? ? ? ? ?padding-right:30px; > >? ? ? ? ?line-height: 60px; > >? ? ? ? ?text-decoration: none; > > > > > ------------------------------------------------------------------------ > *From:* Jules Field > *Sent:* Tuesday, November 13, 2018 4:36 AM > *To:* David Jones; ZendTo Users > *Subject:* Re: [ZendTo] Swish2.css logo on 5.15-1 not on top > David, > > Ah, okay. So your logo is taller than the box provided. No problem. > > Can you send me a copy of the old #logo definition please? > (I'm not very good with git, tend to treat it as "write only", but if > I have a disaster I have loads of colleagues who know how to get > previous versions out :-) > > Then I'll get the change in permanently for you. > > Cheers, > Jules. > > On 12/11/2018 17:24, David Jones wrote: >> >> https://filedrop.clevelandmetroschools.org The logo was behind the >> white area until I put back the old #logo. >> >> >> ------------------------------------------------------------------------ >> *From:* Jules Field >> *Sent:* Monday, November 12, 2018 10:48 AM >> *To:* ZendTo Users >> *Cc:* David Jones >> *Subject:* Re: [ZendTo] Swish2.css logo on 5.15-1 not on top >> Dave, >> >> Can you send me a screenshot please? >> Odd effects can be caused by your logo being too wide. If you >> temporarily replace your logo with (as shipped) the word "ZendTo", >> does it then look okay? >> >> Thanks! >> Jules. >> >> On 11/11/2018 18:36, David Jones via ZendTo wrote: >>> >>> Just upgraded to latest RPM version on CentOS 7 and noticed the >>> custom logo was behind the white box next to the new language >>> selector.? I had to replace the #logo section in the swish2.css with >>> an older version to get it back to the foreground. >>> >>> >>> Dave >>> >>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> http://jul.es/mailman/listinfo/zendto >> >> Jules >> >> -- >> Julian Field MEng CEng CITP MBCS MIEEE MACM >> >> 'There is silent poetry in the stillness of morning; >> in the calm, the cries & sighs of life sound like gentle music.' >> - @Astro_Wheels >> >> www.Zend.To >> Twitter: @JulesFM > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'They went with songs to the battle, they were young. > Straight of limb, true of eye, steady and aglow. > They were staunch to the end against odds uncounted, > They fell with their faces to the foe. > > They shall grow not old, as we that are left grow old: > Age shall not weary them, nor the years condemn. > At the going down of the sun and in the morning, > We will remember them. > > They mingle not with their laughing comrades again; > They sit no more at familiar tables of home; > They have no lot in our labour of the day-time; > They sleep beyond England's foam.' > - Ode of Remembrance, Laurence Binyon > > www.Zend.To > Twitter: @JulesFM Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Ever since the dawn of civilization, people have craved for an understanding of the underlying order of the world: why it is as it is, and why it exists at all. But even if we do find a complete theory of everything, it is just a set of rules and equations. What is it that breathes fire into the equations, and makes a universe for them to describe?' - Stephen Hawking www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Thu Nov 15 18:04:41 2018 From: Jules at Zend.To (Jules Field) Date: Thu, 15 Nov 2018 18:04:41 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> Message-ID: <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> Travis, That code snippet will only be run if you have ??? 'SMTPsetFromToSender' => TRUE, in preferences.php. The default is FALSE. What value are you using? Cheers, Jules. On 01/11/2018 18:56, Travis Zimmerman wrote: > I don't know if I'm reading this correctly but I think maybe the problem > is having the two domains and this part of the code. > > ????????? // If the sender domain and the from domain are the same > ????????? // (and not blank, which signifies something went wrong!), > ????????? // we can safely overwrite the From we set above, without > ????????? // causing SPF/DKIM/DMARC problems. > ????????? if ($senderDomain !== '' && > ????????????? strcasecmp($senderDomain, $fromDomain) == 0) > > Could a possible solution be to switch from a strcasecmp to substring > test or maybe a regex testing if the $senderDomain is part of the end of > the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC problem. > > endswith($fromDomain, $senderDomain); > > function endswith($from, $sender) { > ??? $fromlen = strlen($from); > ??? $senderlen = strlen($sender); > ??? if ($testlen > $strlen) return false; > ??? return substr_compare($from, $sender, $fromlen - $senderlen, > $senderlen) === 0; > } > > This is just a code snippet I googled up and haven't tested. > > ------------------------------------------------------------------- > Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 > Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu > Information Technology Services, Florida State University > > On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >> Yup, that's what I have authIMAPDomain set to already. >> >> ------------------------------------------------------------------- >> Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 11/1/18 12:29 PM, Jules Field wrote: >>> Travis, >>> >>> If the students enter their entire email address (username at my.fsu.edu) >>> into the ZendTo login "username" box, then set >>> ??? 'authIMAPDomain' => '', >>> in preferences.php. >>> >>> If they just enter their username, then something more subtle is >>> happening which I will need to investigate further. >>> >>> Please let me know if that helps. >>> >>> Cheers, >>> Jules. >>> >>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>> I realized I should mention that we are using e-mail addresses to login >>>> to our ZendTo service to differentiate between our two domains. Don't >>>> know if that would effect how e-mails are sent. Doesn't seem to be a >>>> problem for our faculty/staff (AD, username at fsu.edu), just the students >>>> (IMAP, username at my.fsu.edu). >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>> I tried to use my university's AD for the students (there is a previous >>>>> e-mail I sent to the ZendTo mailing list about a week ago), but due to >>>>> how our Microsoft Admins configured it they needed to use an alternate >>>>> attribute. >>>>> >>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail sent to >>>>> the recipient will show my e-mail address in the From field. If I login >>>>> using the IMAP auth the From field lists the servers default e-mail >>>>> from >>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>> address. >>>>> >>>>> ------------------------------------------------------------------- >>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>> Information Technology Services, Florida State University >>>>> >>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>> Travis, >>>>>> >>>>>> If you are authenticating users against Office365, then why not do >>>>>> that with AD? >>>>>> I don't quite see why you need to use the IMAP authenticator at all. >>>>>> If it's a separate AD forest for some reason, then that's okay, ZendTo >>>>>> will happily do 3 different AD forests with independent setups. >>>>>> >>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>> >>>>>> What we do here for the "From" address is use an address whose email >>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>>> (validly/correctly) to the envelope sender will just be thrown away. >>>>>> Any human-generated replies will go to the right user. >>>>>> >>>>>> Thanks for the info about the option you need to pass to O365. I guess >>>>>> that's going to need yet another preferences.php setting. >>>>>> >>>>>> Cheers, >>>>>> Jules. >>>>>> >>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>> I configured the IMAP authentication to allow my university's >>>>>>> students >>>>>>> to login to our ZendTo server, but when they drop off files the From >>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>> instead of >>>>>>> the student's address. The student's address ends up in the Reply-To >>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>> automated >>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>> Reply-To. >>>>>>> >>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP or AD >>>>>>> appear to work as expected. >>>>>>> >>>>>>> BTW I am using the IMAP authentication with Office365 and in order to >>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>> $password, >>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>> >>>>>>> So don't know if you want to add this to the documentation >>>>>>> somewhere or >>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>> >>>>>>> ------------------------------------------------------------------- >>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>> Information Technology Services, Florida State University >>>>>>> >>>>>>> _______________________________________________ >>>>>>> ZendTo mailing list >>>>>>> ZendTo at zend.to >>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>> >>>>>>> >>>>>> Jules >>>>>> >>>>> _______________________________________________ >>>>> ZendTo mailing list >>>>> ZendTo at zend.to >>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>> >>>> _______________________________________________ >>>> ZendTo mailing list >>>> ZendTo at zend.to >>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>> >>> Jules >>> >> _______________________________________________ >> ZendTo mailing list >> ZendTo at zend.to >> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM The current UK shipping forecast: Rockall: Southwest, backing south, 6 to gale 8, perhaps severe gale 9 later. Rough or very rough, becoming high later in west. Fair. Good. www.Zend.To Twitter: @JulesFM From TZimmerman at fsu.edu Thu Nov 15 18:16:33 2018 From: TZimmerman at fsu.edu (Travis Zimmerman) Date: Thu, 15 Nov 2018 18:16:33 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> <03754609-39f6-71f7-ba42-74d801d5bf50@fsu.edu> Message-ID: It's set to TRUE. [root at dropboxprd01 ~]# grep SMTPsetFromToSender /var/www/html/zendto/config/preferences.php ? 'SMTPsetFromToSender' => TRUE, To fix the problem for my users I just modified the line to below. if ($senderDomain !== '' && ??????????? ( strcasecmp($senderDomain, $fromDomain) == 0 || strcasecmp('my.fsu.edu', $fromDomain) == 0)) { If other people run into this problem, a possible general fix may be to have an array of allowed secondary domains, that match the SPF records for the SMTP server? Thanks for the help. ------------------------------------------------------------------- Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu Information Technology Services, Florida State University On 11/15/18 1:04 PM, Jules Field wrote: > Travis, > > That code snippet will only be run if you have > ??? 'SMTPsetFromToSender' => TRUE, > in preferences.php. > > The default is FALSE. What value are you using? > > Cheers, > Jules. > > On 01/11/2018 18:56, Travis Zimmerman wrote: >> I don't know if I'm reading this correctly but I think maybe the problem >> is having the two domains and this part of the code. >> >> ? ????????? // If the sender domain and the from domain are the same >> ? ????????? // (and not blank, which signifies something went wrong!), >> ? ????????? // we can safely overwrite the From we set above, without >> ? ????????? // causing SPF/DKIM/DMARC problems. >> ? ????????? if ($senderDomain !== '' && >> ? ????????????? strcasecmp($senderDomain, $fromDomain) == 0) >> >> Could a possible solution be to switch from a strcasecmp to substring >> test or maybe a regex testing if the $senderDomain is part of the end of >> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC problem. >> >> endswith($fromDomain, $senderDomain); >> >> function endswith($from, $sender) { >> ? ??? $fromlen = strlen($from); >> ? ??? $senderlen = strlen($sender); >> ? ??? if ($testlen > $strlen) return false; >> ? ??? return substr_compare($from, $sender, $fromlen - $senderlen, >> $senderlen) === 0; >> } >> >> This is just a code snippet I googled up and haven't tested. >> >> ------------------------------------------------------------------- >> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >>> Yup, that's what I have authIMAPDomain set to already. >>> >>> ------------------------------------------------------------------- >>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>> Information Technology Services, Florida State University >>> >>> On 11/1/18 12:29 PM, Jules Field wrote: >>>> Travis, >>>> >>>> If the students enter their entire email address (username at my.fsu.edu) >>>> into the ZendTo login "username" box, then set >>>> ? ??? 'authIMAPDomain' => '', >>>> in preferences.php. >>>> >>>> If they just enter their username, then something more subtle is >>>> happening which I will need to investigate further. >>>> >>>> Please let me know if that helps. >>>> >>>> Cheers, >>>> Jules. >>>> >>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>>> I realized I should mention that we are using e-mail addresses to >>>>> login >>>>> to our ZendTo service to differentiate between our two domains. Don't >>>>> know if that would effect how e-mails are sent. Doesn't seem to be a >>>>> problem for our faculty/staff (AD, username at fsu.edu), just the >>>>> students >>>>> (IMAP, username at my.fsu.edu). >>>>> >>>>> ------------------------------------------------------------------- >>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>> Information Technology Services, Florida State University >>>>> >>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>>> I tried to use my university's AD for the students (there is a >>>>>> previous >>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but >>>>>> due to >>>>>> how our Microsoft Admins configured it they needed to use an >>>>>> alternate >>>>>> attribute. >>>>>> >>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail >>>>>> sent to >>>>>> the recipient will show my e-mail address in the From field. If I >>>>>> login >>>>>> using the IMAP auth the From field lists the servers default e-mail >>>>>> from >>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>>> address. >>>>>> >>>>>> ------------------------------------------------------------------- >>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>> Information Technology Services, Florida State University >>>>>> >>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>>> Travis, >>>>>>> >>>>>>> If you are authenticating users against Office365, then why not do >>>>>>> that with AD? >>>>>>> I don't quite see why you need to use the IMAP authenticator at >>>>>>> all. >>>>>>> If it's a separate AD forest for some reason, then that's okay, >>>>>>> ZendTo >>>>>>> will happily do 3 different AD forests with independent setups. >>>>>>> >>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>>> >>>>>>> What we do here for the "From" address is use an address whose >>>>>>> email >>>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>>>> (validly/correctly) to the envelope sender will just be thrown >>>>>>> away. >>>>>>> Any human-generated replies will go to the right user. >>>>>>> >>>>>>> Thanks for the info about the option you need to pass to O365. I >>>>>>> guess >>>>>>> that's going to need yet another preferences.php setting. >>>>>>> >>>>>>> Cheers, >>>>>>> Jules. >>>>>>> >>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>>> I configured the IMAP authentication to allow my university's >>>>>>>> students >>>>>>>> to login to our ZendTo server, but when they drop off files the >>>>>>>> From >>>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>>> instead of >>>>>>>> the student's address. The student's address ends up in the >>>>>>>> Reply-To >>>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>>> automated >>>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>>> Reply-To. >>>>>>>> >>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP >>>>>>>> or AD >>>>>>>> appear to work as expected. >>>>>>>> >>>>>>>> BTW I am using the IMAP authentication with Office365 and in >>>>>>>> order to >>>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>>> $password, >>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>>> >>>>>>>> So don't know if you want to add this to the documentation >>>>>>>> somewhere or >>>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>>> >>>>>>>> ------------------------------------------------------------------- >>>>>>>> >>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>> Information Technology Services, Florida State University >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> ZendTo mailing list >>>>>>>> ZendTo at zend.to >>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> Jules >>>>>>> >>>>>> _______________________________________________ >>>>>> ZendTo mailing list >>>>>> ZendTo at zend.to >>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> ZendTo mailing list >>>>> ZendTo at zend.to >>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>>> >>>>> >>>> Jules >>>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= >>> > > Jules > From Jules at Zend.To Fri Nov 16 09:24:02 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 16 Nov 2018 09:24:02 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> <03754609-39f6-71f7-ba42-74d801d5bf50@fsu.edu> Message-ID: <8db6edde-9e98-fe04-0dd3-ab94110dfe5b@Zend.To> Travis, Okay, thanks for that. I will take a look and see what I can do. I would rather stick with the internaldomains.conf information than add another list of domains, if it can be avoided. Few people have that set to TRUE anyway, and I suspect I shouldn't have implemented it in the first place, as there are other ways of avoiding the problem it aims to solve. Cheers, Jules. On 15/11/2018 18:16, Travis Zimmerman wrote: > It's set to TRUE. > [root at dropboxprd01 ~]# grep SMTPsetFromToSender > /var/www/html/zendto/config/preferences.php > ? 'SMTPsetFromToSender' => TRUE, > > To fix the problem for my users I just modified the line to below. > if ($senderDomain !== '' && > ??????????? ( strcasecmp($senderDomain, $fromDomain) == 0 || > strcasecmp('my.fsu.edu', $fromDomain) == 0)) { > > If other people run into this problem, a possible general fix may be to > have an array of allowed secondary domains, that match the SPF records > for the SMTP server? > > Thanks for the help. > > ------------------------------------------------------------------- > Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 > Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu > Information Technology Services, Florida State University > > On 11/15/18 1:04 PM, Jules Field wrote: >> Travis, >> >> That code snippet will only be run if you have >> ??? 'SMTPsetFromToSender' => TRUE, >> in preferences.php. >> >> The default is FALSE. What value are you using? >> >> Cheers, >> Jules. >> >> On 01/11/2018 18:56, Travis Zimmerman wrote: >>> I don't know if I'm reading this correctly but I think maybe the problem >>> is having the two domains and this part of the code. >>> >>> ? ????????? // If the sender domain and the from domain are the same >>> ? ????????? // (and not blank, which signifies something went wrong!), >>> ? ????????? // we can safely overwrite the From we set above, without >>> ? ????????? // causing SPF/DKIM/DMARC problems. >>> ? ????????? if ($senderDomain !== '' && >>> ? ????????????? strcasecmp($senderDomain, $fromDomain) == 0) >>> >>> Could a possible solution be to switch from a strcasecmp to substring >>> test or maybe a regex testing if the $senderDomain is part of the end of >>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC problem. >>> >>> endswith($fromDomain, $senderDomain); >>> >>> function endswith($from, $sender) { >>> ? ??? $fromlen = strlen($from); >>> ? ??? $senderlen = strlen($sender); >>> ? ??? if ($testlen > $strlen) return false; >>> ? ??? return substr_compare($from, $sender, $fromlen - $senderlen, >>> $senderlen) === 0; >>> } >>> >>> This is just a code snippet I googled up and haven't tested. >>> >>> ------------------------------------------------------------------- >>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>> Information Technology Services, Florida State University >>> >>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >>>> Yup, that's what I have authIMAPDomain set to already. >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> On 11/1/18 12:29 PM, Jules Field wrote: >>>>> Travis, >>>>> >>>>> If the students enter their entire email address (username at my.fsu.edu) >>>>> into the ZendTo login "username" box, then set >>>>> ? ??? 'authIMAPDomain' => '', >>>>> in preferences.php. >>>>> >>>>> If they just enter their username, then something more subtle is >>>>> happening which I will need to investigate further. >>>>> >>>>> Please let me know if that helps. >>>>> >>>>> Cheers, >>>>> Jules. >>>>> >>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>>>> I realized I should mention that we are using e-mail addresses to >>>>>> login >>>>>> to our ZendTo service to differentiate between our two domains. Don't >>>>>> know if that would effect how e-mails are sent. Doesn't seem to be a >>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the >>>>>> students >>>>>> (IMAP, username at my.fsu.edu). >>>>>> >>>>>> ------------------------------------------------------------------- >>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>> Information Technology Services, Florida State University >>>>>> >>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>>>> I tried to use my university's AD for the students (there is a >>>>>>> previous >>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but >>>>>>> due to >>>>>>> how our Microsoft Admins configured it they needed to use an >>>>>>> alternate >>>>>>> attribute. >>>>>>> >>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail >>>>>>> sent to >>>>>>> the recipient will show my e-mail address in the From field. If I >>>>>>> login >>>>>>> using the IMAP auth the From field lists the servers default e-mail >>>>>>> from >>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>>>> address. >>>>>>> >>>>>>> ------------------------------------------------------------------- >>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>> Information Technology Services, Florida State University >>>>>>> >>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>>>> Travis, >>>>>>>> >>>>>>>> If you are authenticating users against Office365, then why not do >>>>>>>> that with AD? >>>>>>>> I don't quite see why you need to use the IMAP authenticator at >>>>>>>> all. >>>>>>>> If it's a separate AD forest for some reason, then that's okay, >>>>>>>> ZendTo >>>>>>>> will happily do 3 different AD forests with independent setups. >>>>>>>> >>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via >>>>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>>>> >>>>>>>> What we do here for the "From" address is use an address whose >>>>>>>> email >>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>>>>> (validly/correctly) to the envelope sender will just be thrown >>>>>>>> away. >>>>>>>> Any human-generated replies will go to the right user. >>>>>>>> >>>>>>>> Thanks for the info about the option you need to pass to O365. I >>>>>>>> guess >>>>>>>> that's going to need yet another preferences.php setting. >>>>>>>> >>>>>>>> Cheers, >>>>>>>> Jules. >>>>>>>> >>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>>>> I configured the IMAP authentication to allow my university's >>>>>>>>> students >>>>>>>>> to login to our ZendTo server, but when they drop off files the >>>>>>>>> From >>>>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>>>> instead of >>>>>>>>> the student's address. The student's address ends up in the >>>>>>>>> Reply-To >>>>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>>>> automated >>>>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>>>> Reply-To. >>>>>>>>> >>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP >>>>>>>>> or AD >>>>>>>>> appear to work as expected. >>>>>>>>> >>>>>>>>> BTW I am using the IMAP authentication with Office365 and in >>>>>>>>> order to >>>>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>>>> $password, >>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>>>> >>>>>>>>> So don't know if you want to add this to the documentation >>>>>>>>> somewhere or >>>>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------- >>>>>>>>> >>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>> Information Technology Services, Florida State University >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> ZendTo mailing list >>>>>>>>> ZendTo at zend.to >>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> Jules >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> ZendTo mailing list >>>>>>> ZendTo at zend.to >>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> ZendTo mailing list >>>>>> ZendTo at zend.to >>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>>>> >>>>>> >>>>> Jules >>>>> >>>> _______________________________________________ >>>> ZendTo mailing list >>>> ZendTo at zend.to >>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= >>>> >> Jules >> Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Always do sober what you said you'd do drunk. That will teach you to keep your mouth shut.' - Ernest Hemingway www.Zend.To Twitter: @JulesFM From Jules at Zend.To Fri Nov 16 09:38:52 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 16 Nov 2018 09:38:52 +0000 Subject: [ZendTo] Zend.to ClamAV issue In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F41FFE8ABE@FONEXCH01.sgvwc.local> Message-ID: If you are using ClamAV 0.100 or later, and have a group called "virusgroup" in your /etc/groups file, add your web server user (www-data on Ubuntu/Debian systems) to the "virusgroup" user with "groupadd". Then restart Apache and clamd and you will hopefully find things have improved. Cheers, Jules. On 06/11/2018 17:17, Scott Silva via ZendTo wrote: > > As far as I remember, that user and or group needs at least r or x > access up to the top level or it can?t get to that directory. Maybe I > am remembering wrong? > > So would probably need at least group access all the way to /var > > I could be wrong, and if I am I?m sure someone will correct me? > > *From:*ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Pedrosi, > Derek G. via ZendTo > *Sent:* Tuesday, November 6, 2018 7:00 AM > *To:* ZendTo Users ; Jules Field > *Cc:* Pedrosi, Derek G. > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > Looking to close the loop on this? > > Below I see that permission is denied on the /var/zendto/drop-offs folder. > > This is the permission settings for the failed directory. > > drwxr-xr-x 98 www-data www-data??? 4096 Nov? 6 09:27 dropoffs > > This equates to 755 permissions, should I simply change this to 775 > (rwxrwxr-x)? > > Thanks, > > derek > > *From:*ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Pedrosi, > Derek G. via ZendTo > *Sent:* Friday, November 2, 2018 2:48 PM > *To:* Jules Field >; ZendTo Users > > > *Cc:* Pedrosi, Derek G. > > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links from > unknown or unexpected emails. > > First? > > www-data at Z5:~$ clamdscan /var/zendto/* > > /var/zendto/cache: OK > > /var/zendto/dropoffs/5dycMCcTHEizrKuu: lstat() failed: Permission > denied. ERROR > > /var/zendto/dropoffs/Zhu56KMFUV7Rdabf: lstat() failed: Permission > denied. ERROR > > /var/zendto/dropoffs/GvdsUjMx7X7NKXPn: lstat() failed: Permission > denied. ERROR > > Many of these drops failed the same way, I omitted them. > > /var/zendto/incoming: OK > > /var/zendto/library: OK > > /var/zendto/rrd: OK > > /var/zendto/templates_c: OK > > /var/zendto/zendto.log: OK > > /var/zendto/zendto.sqlite: OK > > Then? > > clamdscan --fdpass /var/zendto/* > > www-data at Z5:~$ clamdscan --fdpass /var/zendto/* > > /var/zendto/cache: OK > > /var/zendto/dropoffs: OK > > /var/zendto/incoming: OK > > /var/zendto/library: OK > > /var/zendto/rrd: OK > > /var/zendto/templates_c: OK > > /var/zendto/zendto.log: OK > > /var/zendto/zendto.sqlite: OK > > ----------- SCAN SUMMARY ----------- > > Infected files: 0 > > Time: 248.382 sec (4 m 8 s) > > www-data at Z5:~$ > > Heres this? > > root at Z5:/var/run# ls -al /var/zendto > > total 4512 > > drwxrwxr-x 8 root???? www-data??? 4096 Nov? 2 14:37 . > > drwxr-xr-x 15 root???? root??????? 4096 Mar? 5? 2018 .. > > drwxr-xr-x 3 www-data www-data??? 4096 May 18 13:32 cache > > drwxr-xr-x 98 www-data www-data??? 4096 Nov? 2 12:37 dropoffs > > drwxr-xr-x 2 www-data www-data??? 4096 Nov? 2 12:37 incoming > > drwxr-xr-x 2 www-data www-data??? 4096 Feb 27? 2018 library > > drwxr-xr-x 2 www-data www-data??? 4096 May 31 09:28 rrd > > drwxr-xr-x 2 www-data www-data??? 4096 Jun 21 10:39 templates_c > > -rw-r--r-- 1 www-data www-data 4183705 Nov? 2 14:37 zendto.log > > -rw-rw-r-- 1 www-data www-data? 382976 Nov? 2 14:37 zendto.sqlite > > root at Z5:/var/run# > > And /etc/group file entries? > > www-data:x:33:clamav > > clamav:x:118:www-data > > Thanx again, > > derek > > *From:*Jules Field [mailto:Jules at Zend.To] > *Sent:* Friday, November 2, 2018 1:24 PM > *To:* ZendTo Users > > *Cc:* Pedrosi, Derek G. > > *Subject:* Re: [ZendTo] Zend.to ClamAV issue > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links from > unknown or unexpected emails. > > Derek, > > # Become root, properly > sudo su - > # Change Apache's login shell to /bin/bash > chsh -s /bin/bash www-data > # Become the Apache user > su - www-data > # Try virus-scanning the /var/zendto directory > clamdscan /var/zendto/* > # And the same again but just using file handles > clamdscan --fdpass /var/zendto/* > # Stop being Apache and revert to being root > exit > # Put Apache's login shell back to what it was > chsh -s /sbin/nologin www-data > # Stop being root > exit > > Note the 2 clamav commands are clam*d*scan and not just clamscan. > That's critical. clamdscan makes the clamd service/daemon do the > actual scanning. > > Send us the output of the clamdscan commands. > > Then send us the output of "ls -al /var/zendto" and the lines in your > /etc/group file that are anything to do with www-data, apache, > virusgroup, clamd, anything like that. > > It's probably just the group membership is wrong. This causes a > similar problem in CentOS/RedHat 7 as well, things changed there with > ClamAV 100. 99 was fine, 100 wasn't. > > Cheers, > Jules. > > On 02/11/2018 15:33, Pedrosi, Derek G. via ZendTo wrote: > > I?m still having this issue with ClamAV, and my *nix skill are > horrible. > > Can I get the simple version of what I?m to do with "chsh > www-data", as I?ve been running without AV for several months. > > My apache users is indeed ?www-data?. > > cid:image001.jpg at 01D475B5.BD356330 > > Thanks, > > derek > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of > *Keith Erekson via ZendTo > *Sent:* Thursday, October 25, 2018 12:14 PM > *To:* ZendTo Users > *Cc:* Keith Erekson > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > *CAUTION EXTERNAL EMAIL:*DO NOT open attachments or click links > from unknown or unexpected emails. > > Easier to use "chsh www-data" or whatever your Apache user is. > > ~Keith > > > On Oct 25, 2018, at 11:41 AM, Jules Field via ZendTo > > wrote: > > Edit your /etc/passwd file to set the shell for your Apache > user to /bin/bash. > Then "pwconv" so the change takes effect. > Then try this > ??? su - apache (or whatever user your Apache is running as) > ??? clamdscan /var/zendto/* > clamdscan --fdpass /var/zendto/* > ??? exit > What happened? Did the virus scans both complete successfully? > > If not, and you're running CentOS/RedHat 7, try this and then > give the above another try: > ??? groupmems --group virusgroup --add apache > systemctl restart httpd > > I added that extra groupmems command to the Installer a day or > two ago when I discovered that RedHat/CentOS had changed their > group membership rules in an update. > > Any improvement? > > Cheers, > Jules. > > P.S. Otherwise, if you can give me remote ssh access I can > login myself and take a look for you. I would be interested to > see what it is, if it's not any of the above. > > On 25/10/2018 16:22, Ken Etter wrote: > > Yep, PHP 7.2 is installed.? I've run through the installer > multiple times now.? No change, still get the error. > > Ken > > >>> Jules Field > 10/25/2018 11:15 AM >>> > > > Do you have PHP 7.2 installed? > > My Installer can be run in stages, and those stages can be > run independently. > > So you might want to download the Installer, unpack it and > wander into it. In what will obviously be the right > sub-dir for your OS, you will see the numbered scripts. > > # cd install.ZendTo/CentOS-RedHat/ > > # ls > > 1-devtools.sh 3-clamav.sh 5-httpd-php.sh 7-zendto.sh > CentOS6 RHEL7 > > 2-php.sh 4-firewall.sh 6-email.sh 8-selinux.sh RHEL5 > > # > > If your web server is already working nicely, then you can > probably skip stage 1 (though it won't do any harm). > > If you haven't installed PHP 7.2 along with things like > the sodium extension, then run stage 2 which installs PHP. > (Grab a backup copy of your ZendTo installation first, as > it may have to remove the *whole* of PHP first which can > also remove ZendTo and other PHP applications in the > process, before it can install the correct version). > > Stages 3 and 5 shouldn't do any damage, but will add any > new settings they need for PHP and so on. > > Stage 7 does the actual ZendTo installation itself, which > it will do as an upgrade if it finds a zendto RPM already > installed. Well worth running. > > Stage 8 is only relevant if you are using SELinux, and > won't do anything if you're not. > > Since version 4, ZendTo no longer needs any form of > custom-built PHP or anything like that. So there's no > recompiling to be done. > > Then if you have a previous preferences.php and/or > zendto.conf, you need to use > > /opt/zendto/bin/upgrade_preferences_php > > and > > /opt/zendto/bin/upgrade_zendto_conf > > to upgrade those files. > > Also, if you have done an RPM upgrade from ZendTo 4, you > probably have a whole stack of *.rpmnew files in > /opt/zendto/templates. You want to move each of those into > place so they replace your old *.tpl files. > > As I said, it really is faster/easier/better to build v5 > from scratch, its requirements are so different from v4. > > Hope that helps, > > Jules. > > On 25/10/2018 15:59, Ken Etter wrote: > > None of that helps. I'm building a new system. This is > a production system. I never had problems in the past > with upgrading so I went ahead and did it. Bad move. > Unless anyone has any other ideas, I will just keep > working on setting up the new system. I have to get > something running again for my users. > > Ken > > >>> Jules Field via ZendTo > 10/25/2018 10:53 AM >>> > > > Yes, those directories do need to be writable by > whatever user and group your web server is running as. > > If you are using SELinux (most likely if you are using > CentOS or RedHat), then I would also advise > > restorecon -FRv /opt/zendto /var/zendto > > to reset all the SELinux attributes to the values > configured by my Installer. > > Also, if you think it might be an SELinux problem, you > can switch it into "permissive" mode by > > setenforce permissive > > systemctl restart httpd > > systemctl restart clamd at scan > > To switch it back to "enforcing", you then do > > setenforce enforcing > > systemctl restart httpd > > systemctl restart clamd at scan > > Cheers, > > Jules. > > On 25/10/2018 14:31, Gray McCord via ZendTo wrote: > > I?ve seen that message as well. Check the file > permissions on the /opt/zendto directories. Seems > like I needed to make them writeable by the apache > user, but I could be mistaken. > > Gray McCord > > /Adapt, Mutate, Migrate, or Die/ > > -C. Darwin > > *From:*ZendTo > *On Behalf Of *Ken > Etter via ZendTo > *Sent:* Thursday, October 25, 2018 8:26 AM > *To:* ZendTo List > > *Cc:* Ken Etter > *Subject:* Re: [ZendTo] Zend.to error during drop-off > > Going back through the mailing list archives, I > see that I am having exactly the same problem as > Kevin O'Connor in this thread: > http://jul.es/pipermail/zendto/2018-June/003208.html > > > Files are uploaded, but I get that error message > and the email is not sent. > > There is no stated resolution in that thread. Any > suggestions or do I have to rebuild a brand new > Zend.To server? > > Zend.To has been fairly solid for me...a bit of a > pain to find this upgrade to be so fragile. > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:38 AM >>> > > I am running this on Ubuntu 16.04.5 LTS if that > matters. > > > Ken > > >>> Ken Etter via ZendTo > > 10/25/2018 8:36 AM >>> > > Just upgraded my Zend.To installation from 4.x to > 5.15-1. Everything appeared to go ok. But when I > click drop-off files, I get an error that states: > "Sorry, I failed to drop-off your files! Note that > you cannot drop-off directories, only files." I'm > not dropping off a directory, just a single file. > I tried a couple different file types - same error > each time. Any suggestions for fixing this? Thanks! > > > > *Ken Etter*, System Administrator > > Architectural Group > > 260.432.9337 | msktd.com > > > > > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fjul.es%2Fmailman%2Flistinfo%2Fzendto&data=01%7C01%7CJules%40ecs.soton.ac.uk%7Ca244c38af7594fe02f4008d63a8489e3%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&sdata=xP3P4EW7oR3QO73%2Bha6sE0Qt7F6lTIDgT%2B09ppjkZZ0%3D&reserved=0 > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'The past is supposed to be a place of reference, not > a place of > > residence! There is a reason why your car has a big > windshield and > > a small rearview mirror. You are supposed to keep your > eyes on where > > you are going, and just occasionally check out where > you have been.' > > ? - Willie Jolley > > www.Zend.To > > Twitter: @JulesFM > > Jules > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > IMPORTANT: This email is intended for the use of the > individual > > addressee(s) named above and may contain information that is > > confidential, privileged or unsuitable for overly > sensitive persons > > with low self-esteem, no sense of humour or irrational > religious > > beliefs. If you are not the intended recipient, any > dissemination, > > distribution or copying of this email is not authorised > (either > > explicitly or implicitly) and constitutes an irritating > social faux > > pas. > > Unless the word absquatulation has been used in its > correct context > > somewhere other than in this warning, it does not have any > legal > > or no grammatical use and may be ignored. No animals were > harmed > > in the transmission of this email, although the kelpie > next door > > is living on borrowed time, let me tell you. Those of you > with an > > overwhelming fear of the unknown will be gratified to > learn that > > there is no hidden message revealed by reading this > warning backwards, > > so just ignore that Alert Notice from Microsoft. > > However, by pouring a complete circle of salt around > yourself and > > your computer you can ensure that no harm befalls you and > your pets. > > If you have received this email in error, please add some > nutmeg > > and egg whites, whisk and place in a warm oven for 40 minutes. > > www.Zend.To > > Twitter: @JulesFM > > Jules > > > > -- > > Julian Field MEng CEng CITP MBCS MIEEE MACM > > > > 'It's very unlikely indeed he will ever recover consciousness, and > > if he does he won't be the Julian you knew.' > > ? - A hospital consultant I proved very wrong in 2007 :-) > > > > www.Zend.To > > Twitter: @JulesFM > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > _______________________________________________ > > ZendTo mailing list > > ZendTo at zend.to > > http://jul.es/mailman/listinfo/zendto > > Jules > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > 'If I were a Brazilian without land or money or the means to feed > my children, I would be burning the rain forest too.' - Sting > www.Zend.To > Twitter: @JulesFM > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If I were a Brazilian without land or money or the means to feed my children, I would be burning the rain forest too.' - Sting www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 12883 bytes Desc: not available URL: From Jules at Zend.To Fri Nov 16 11:00:37 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 16 Nov 2018 11:00:37 +0000 Subject: [ZendTo] Install in shared environment In-Reply-To: References: Message-ID: The snag with Ubuntu 12 is finding PHP 7 and the sodium libraries for it. On 02/11/2018 20:02, bbrendon--- via ZendTo wrote: > It works. It?s a bit tricky. I have it running in a shared environment > with nginx. I?m opposed to the current ?dedicate a VM to it? mantra > but my voice is too small so it is what it is. > > Running it on Ubuntu 12 sounds like a bad idea but it must be > possible. Just how hard is it going to be... is the the question. > > On Fri, Nov 2, 2018 at 02:19 Garry Glendown via ZendTo > wrote: > > Hi, > > I've been using ZendTo quite a while, usually on stand-alone servers, > but have now got to install in a shared environment ... that is, I > need > to put it in a sub-directory of a webserver... I'm not sure the > install > scripts will be "compatible" with the shared environment (which, > additionally, is a pretty old Ubuntu 12 installation). What's the > recommended course of action in such a case? > > Tnx, -garry > > > -- > PGP Fingerprint: A79F A33F 5B13 BEB7 A51D 274F F99C 3AE2 4BCB 7015 > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'In Flanders fields the poppies blow Between the crosses, row on row, That mark our place: and in the sky The larks still bravely singing fly Scarce heard amid the guns below. We are the dead: Short days ago, We lived, felt dawn, saw sunset glow, Loved and were loved: and now we lie In Flanders fields! Take up our quarrel with the foe To you, from failing hands, we throw The torch: be yours to hold it high If ye break faith with us who die, We shall not sleep, though poppies grow In Flanders fields.' Lieutenant Colonel John McCrae Composed at the battlefront on May 3, 1915 during the second battle of Ypres, Belgium www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From TZimmerman at fsu.edu Fri Nov 16 14:37:08 2018 From: TZimmerman at fsu.edu (Travis Zimmerman) Date: Fri, 16 Nov 2018 14:37:08 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> <03754609-39f6-71f7-ba42-74d801d5bf50@fsu.edu> <8db6edde-9e98-fe04-0dd3-ab94110dfe5b@Zend.To> Message-ID: For what it's worth my team is pretty happy about the feature, as we get a consistent number of auto-replies from a system that doesn't pay attention to the Reply-To field. ------------------------------------------------------------------- Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu Information Technology Services, Florida State University On 11/16/18 4:24 AM, Jules Field wrote: > Travis, > > Okay, thanks for that. I will take a look and see what I can do. I > would rather stick with the internaldomains.conf information than add > another list of domains, if it can be avoided. Few people have that > set to TRUE anyway, and I suspect I shouldn't have implemented it in > the first place, as there are other ways of avoiding the problem it > aims to solve. > > Cheers, > Jules. > > On 15/11/2018 18:16, Travis Zimmerman wrote: >> It's set to TRUE. >> [root at dropboxprd01 ~]# grep SMTPsetFromToSender >> /var/www/html/zendto/config/preferences.php >> ? ? 'SMTPsetFromToSender' => TRUE, >> >> To fix the problem for my users I just modified the line to below. >> if ($senderDomain !== '' && >> ? ??????????? ( strcasecmp($senderDomain, $fromDomain) == 0 || >> strcasecmp('my.fsu.edu', $fromDomain) == 0)) { >> >> If other people run into this problem, a possible general fix may be to >> have an array of allowed secondary domains, that match the SPF records >> for the SMTP server? >> >> Thanks for the help. >> >> ------------------------------------------------------------------- >> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 11/15/18 1:04 PM, Jules Field wrote: >>> Travis, >>> >>> That code snippet will only be run if you have >>> ???? 'SMTPsetFromToSender' => TRUE, >>> in preferences.php. >>> >>> The default is FALSE. What value are you using? >>> >>> Cheers, >>> Jules. >>> >>> On 01/11/2018 18:56, Travis Zimmerman wrote: >>>> I don't know if I'm reading this correctly but I think maybe the >>>> problem >>>> is having the two domains and this part of the code. >>>> >>>> ?? ????????? // If the sender domain and the from domain are the same >>>> ?? ????????? // (and not blank, which signifies something went >>>> wrong!), >>>> ?? ????????? // we can safely overwrite the From we set above, without >>>> ?? ????????? // causing SPF/DKIM/DMARC problems. >>>> ?? ????????? if ($senderDomain !== '' && >>>> ?? ????????????? strcasecmp($senderDomain, $fromDomain) == 0) >>>> >>>> Could a possible solution be to switch from a strcasecmp to substring >>>> test or maybe a regex testing if the $senderDomain is part of the >>>> end of >>>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC >>>> problem. >>>> >>>> endswith($fromDomain, $senderDomain); >>>> >>>> function endswith($from, $sender) { >>>> ?? ??? $fromlen = strlen($from); >>>> ?? ??? $senderlen = strlen($sender); >>>> ?? ??? if ($testlen > $strlen) return false; >>>> ?? ??? return substr_compare($from, $sender, $fromlen - $senderlen, >>>> $senderlen) === 0; >>>> } >>>> >>>> This is just a code snippet I googled up and haven't tested. >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >>>>> Yup, that's what I have authIMAPDomain set to already. >>>>> >>>>> ------------------------------------------------------------------- >>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>> Information Technology Services, Florida State University >>>>> >>>>> On 11/1/18 12:29 PM, Jules Field wrote: >>>>>> Travis, >>>>>> >>>>>> If the students enter their entire email address >>>>>> (username at my.fsu.edu) >>>>>> into the ZendTo login "username" box, then set >>>>>> ?? ??? 'authIMAPDomain' => '', >>>>>> in preferences.php. >>>>>> >>>>>> If they just enter their username, then something more subtle is >>>>>> happening which I will need to investigate further. >>>>>> >>>>>> Please let me know if that helps. >>>>>> >>>>>> Cheers, >>>>>> Jules. >>>>>> >>>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>>>>> I realized I should mention that we are using e-mail addresses to >>>>>>> login >>>>>>> to our ZendTo service to differentiate between our two domains. >>>>>>> Don't >>>>>>> know if that would effect how e-mails are sent. Doesn't seem to >>>>>>> be a >>>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the >>>>>>> students >>>>>>> (IMAP, username at my.fsu.edu). >>>>>>> >>>>>>> ------------------------------------------------------------------- >>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>> Information Technology Services, Florida State University >>>>>>> >>>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>>>>> I tried to use my university's AD for the students (there is a >>>>>>>> previous >>>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but >>>>>>>> due to >>>>>>>> how our Microsoft Admins configured it they needed to use an >>>>>>>> alternate >>>>>>>> attribute. >>>>>>>> >>>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail >>>>>>>> sent to >>>>>>>> the recipient will show my e-mail address in the From field. If I >>>>>>>> login >>>>>>>> using the IMAP auth the From field lists the servers default >>>>>>>> e-mail >>>>>>>> from >>>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>>>>> address. >>>>>>>> >>>>>>>> ------------------------------------------------------------------- >>>>>>>> >>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>> Information Technology Services, Florida State University >>>>>>>> >>>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>>>>> Travis, >>>>>>>>> >>>>>>>>> If you are authenticating users against Office365, then why >>>>>>>>> not do >>>>>>>>> that with AD? >>>>>>>>> I don't quite see why you need to use the IMAP authenticator at >>>>>>>>> all. >>>>>>>>> If it's a separate AD forest for some reason, then that's okay, >>>>>>>>> ZendTo >>>>>>>>> will happily do 3 different AD forests with independent setups. >>>>>>>>> >>>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they >>>>>>>>> login via >>>>>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>>>>> >>>>>>>>> What we do here for the "From" address is use an address whose >>>>>>>>> email >>>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>>>>>> (validly/correctly) to the envelope sender will just be thrown >>>>>>>>> away. >>>>>>>>> Any human-generated replies will go to the right user. >>>>>>>>> >>>>>>>>> Thanks for the info about the option you need to pass to O365. I >>>>>>>>> guess >>>>>>>>> that's going to need yet another preferences.php setting. >>>>>>>>> >>>>>>>>> Cheers, >>>>>>>>> Jules. >>>>>>>>> >>>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>>>>> I configured the IMAP authentication to allow my university's >>>>>>>>>> students >>>>>>>>>> to login to our ZendTo server, but when they drop off files the >>>>>>>>>> From >>>>>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>>>>> instead of >>>>>>>>>> the student's address. The student's address ends up in the >>>>>>>>>> Reply-To >>>>>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>>>>> automated >>>>>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>>>>> Reply-To. >>>>>>>>>> >>>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP >>>>>>>>>> or AD >>>>>>>>>> appear to work as expected. >>>>>>>>>> >>>>>>>>>> BTW I am using the IMAP authentication with Office365 and in >>>>>>>>>> order to >>>>>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>>>>> $password, >>>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>>>>> >>>>>>>>>> So don't know if you want to add this to the documentation >>>>>>>>>> somewhere or >>>>>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>>>>> >>>>>>>>>> ------------------------------------------------------------------- >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>>> Information Technology Services, Florida State University >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> ZendTo mailing list >>>>>>>>>> ZendTo at zend.to >>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> Jules >>>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> ZendTo mailing list >>>>>>>> ZendTo at zend.to >>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> ZendTo mailing list >>>>>>> ZendTo at zend.to >>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>>>>> >>>>>>> >>>>>>> >>>>>> Jules >>>>>> >>>>> _______________________________________________ >>>>> ZendTo mailing list >>>>> ZendTo at zend.to >>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= >>>>> >>>>> >>> Jules >>> > > Jules > From Jules at Zend.To Fri Nov 16 16:58:20 2018 From: Jules at Zend.To (Jules Field) Date: Fri, 16 Nov 2018 16:58:20 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <44d40ef9-a21b-c6ed-ebd6-d663c4f839fd@fsu.edu> <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> <03754609-39f6-71f7-ba42-74d801d5bf50@fsu.edu> <8db6edde-9e98-fe04-0dd3-ab94110dfe5b@Zend.To> Message-ID: <8cc39709-66f4-287f-cc6b-51c4b7dd6488@Zend.To> Does that system pay attention to "Errors-To:"? On 16/11/2018 14:37, Travis Zimmerman wrote: > For what it's worth my team is pretty happy about the feature, as we get > a consistent number of auto-replies from a system that doesn't pay > attention to the Reply-To field. > > ------------------------------------------------------------------- > Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 > Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu > Information Technology Services, Florida State University > > On 11/16/18 4:24 AM, Jules Field wrote: >> Travis, >> >> Okay, thanks for that. I will take a look and see what I can do. I >> would rather stick with the internaldomains.conf information than add >> another list of domains, if it can be avoided. Few people have that >> set to TRUE anyway, and I suspect I shouldn't have implemented it in >> the first place, as there are other ways of avoiding the problem it >> aims to solve. >> >> Cheers, >> Jules. >> >> On 15/11/2018 18:16, Travis Zimmerman wrote: >>> It's set to TRUE. >>> [root at dropboxprd01 ~]# grep SMTPsetFromToSender >>> /var/www/html/zendto/config/preferences.php >>> ? ? 'SMTPsetFromToSender' => TRUE, >>> >>> To fix the problem for my users I just modified the line to below. >>> if ($senderDomain !== '' && >>> ? ??????????? ( strcasecmp($senderDomain, $fromDomain) == 0 || >>> strcasecmp('my.fsu.edu', $fromDomain) == 0)) { >>> >>> If other people run into this problem, a possible general fix may be to >>> have an array of allowed secondary domains, that match the SPF records >>> for the SMTP server? >>> >>> Thanks for the help. >>> >>> ------------------------------------------------------------------- >>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>> Information Technology Services, Florida State University >>> >>> On 11/15/18 1:04 PM, Jules Field wrote: >>>> Travis, >>>> >>>> That code snippet will only be run if you have >>>> ???? 'SMTPsetFromToSender' => TRUE, >>>> in preferences.php. >>>> >>>> The default is FALSE. What value are you using? >>>> >>>> Cheers, >>>> Jules. >>>> >>>> On 01/11/2018 18:56, Travis Zimmerman wrote: >>>>> I don't know if I'm reading this correctly but I think maybe the >>>>> problem >>>>> is having the two domains and this part of the code. >>>>> >>>>> ?? ????????? // If the sender domain and the from domain are the same >>>>> ?? ????????? // (and not blank, which signifies something went >>>>> wrong!), >>>>> ?? ????????? // we can safely overwrite the From we set above, without >>>>> ?? ????????? // causing SPF/DKIM/DMARC problems. >>>>> ?? ????????? if ($senderDomain !== '' && >>>>> ?? ????????????? strcasecmp($senderDomain, $fromDomain) == 0) >>>>> >>>>> Could a possible solution be to switch from a strcasecmp to substring >>>>> test or maybe a regex testing if the $senderDomain is part of the >>>>> end of >>>>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC >>>>> problem. >>>>> >>>>> endswith($fromDomain, $senderDomain); >>>>> >>>>> function endswith($from, $sender) { >>>>> ?? ??? $fromlen = strlen($from); >>>>> ?? ??? $senderlen = strlen($sender); >>>>> ?? ??? if ($testlen > $strlen) return false; >>>>> ?? ??? return substr_compare($from, $sender, $fromlen - $senderlen, >>>>> $senderlen) === 0; >>>>> } >>>>> >>>>> This is just a code snippet I googled up and haven't tested. >>>>> >>>>> ------------------------------------------------------------------- >>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>> Information Technology Services, Florida State University >>>>> >>>>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >>>>>> Yup, that's what I have authIMAPDomain set to already. >>>>>> >>>>>> ------------------------------------------------------------------- >>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>> Information Technology Services, Florida State University >>>>>> >>>>>> On 11/1/18 12:29 PM, Jules Field wrote: >>>>>>> Travis, >>>>>>> >>>>>>> If the students enter their entire email address >>>>>>> (username at my.fsu.edu) >>>>>>> into the ZendTo login "username" box, then set >>>>>>> ?? ??? 'authIMAPDomain' => '', >>>>>>> in preferences.php. >>>>>>> >>>>>>> If they just enter their username, then something more subtle is >>>>>>> happening which I will need to investigate further. >>>>>>> >>>>>>> Please let me know if that helps. >>>>>>> >>>>>>> Cheers, >>>>>>> Jules. >>>>>>> >>>>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>>>>>> I realized I should mention that we are using e-mail addresses to >>>>>>>> login >>>>>>>> to our ZendTo service to differentiate between our two domains. >>>>>>>> Don't >>>>>>>> know if that would effect how e-mails are sent. Doesn't seem to >>>>>>>> be a >>>>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the >>>>>>>> students >>>>>>>> (IMAP, username at my.fsu.edu). >>>>>>>> >>>>>>>> ------------------------------------------------------------------- >>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>> Information Technology Services, Florida State University >>>>>>>> >>>>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>>>>>> I tried to use my university's AD for the students (there is a >>>>>>>>> previous >>>>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but >>>>>>>>> due to >>>>>>>>> how our Microsoft Admins configured it they needed to use an >>>>>>>>> alternate >>>>>>>>> attribute. >>>>>>>>> >>>>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail >>>>>>>>> sent to >>>>>>>>> the recipient will show my e-mail address in the From field. If I >>>>>>>>> login >>>>>>>>> using the IMAP auth the From field lists the servers default >>>>>>>>> e-mail >>>>>>>>> from >>>>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>>>>>> address. >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------- >>>>>>>>> >>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>> Information Technology Services, Florida State University >>>>>>>>> >>>>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>>>>>> Travis, >>>>>>>>>> >>>>>>>>>> If you are authenticating users against Office365, then why >>>>>>>>>> not do >>>>>>>>>> that with AD? >>>>>>>>>> I don't quite see why you need to use the IMAP authenticator at >>>>>>>>>> all. >>>>>>>>>> If it's a separate AD forest for some reason, then that's okay, >>>>>>>>>> ZendTo >>>>>>>>>> will happily do 3 different AD forests with independent setups. >>>>>>>>>> >>>>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they >>>>>>>>>> login via >>>>>>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>>>>>> >>>>>>>>>> What we do here for the "From" address is use an address whose >>>>>>>>>> email >>>>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>>>>>> automated stuff that is replying (incorrectly) to the "From:" or >>>>>>>>>> (validly/correctly) to the envelope sender will just be thrown >>>>>>>>>> away. >>>>>>>>>> Any human-generated replies will go to the right user. >>>>>>>>>> >>>>>>>>>> Thanks for the info about the option you need to pass to O365. I >>>>>>>>>> guess >>>>>>>>>> that's going to need yet another preferences.php setting. >>>>>>>>>> >>>>>>>>>> Cheers, >>>>>>>>>> Jules. >>>>>>>>>> >>>>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>>>>>> I configured the IMAP authentication to allow my university's >>>>>>>>>>> students >>>>>>>>>>> to login to our ZendTo server, but when they drop off files the >>>>>>>>>>> From >>>>>>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>>>>>> instead of >>>>>>>>>>> the student's address. The student's address ends up in the >>>>>>>>>>> Reply-To >>>>>>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>>>>>> automated >>>>>>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>>>>>> Reply-To. >>>>>>>>>>> >>>>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP >>>>>>>>>>> or AD >>>>>>>>>>> appear to work as expected. >>>>>>>>>>> >>>>>>>>>>> BTW I am using the IMAP authentication with Office365 and in >>>>>>>>>>> order to >>>>>>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>>>>>> $password, >>>>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>>>>>> >>>>>>>>>>> So don't know if you want to add this to the documentation >>>>>>>>>>> somewhere or >>>>>>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>>>>>> >>>>>>>>>>> ------------------------------------------------------------------- >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>>>> Information Technology Services, Florida State University >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> ZendTo mailing list >>>>>>>>>>> ZendTo at zend.to >>>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> Jules >>>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> ZendTo mailing list >>>>>>>>> ZendTo at zend.to >>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> ZendTo mailing list >>>>>>>> ZendTo at zend.to >>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> Jules >>>>>>> >>>>>> _______________________________________________ >>>>>> ZendTo mailing list >>>>>> ZendTo at zend.to >>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= >>>>>> >>>>>> >>>> Jules >>>> >> Jules >> Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'People will believe a big lie sooner than a little one, and if you repeat it frequently enough people will sooner or later believe it.' - Walter Langer www.Zend.To Twitter: @JulesFM From TZimmerman at fsu.edu Fri Nov 16 17:29:10 2018 From: TZimmerman at fsu.edu (Travis Zimmerman) Date: Fri, 16 Nov 2018 17:29:10 +0000 Subject: [ZendTo] Using the IMAP auth and e-mails don't show up from users' address In-Reply-To: References: <2c4ce7d5-448a-d5e3-f5cb-af9117a28c8d@fsu.edu> <908fdf50-251b-a677-e6fe-c24d0b9d9d00@Zend.To> <03754609-39f6-71f7-ba42-74d801d5bf50@fsu.edu> <8db6edde-9e98-fe04-0dd3-ab94110dfe5b@Zend.To> <8cc39709-66f4-287f-cc6b-51c4b7dd6488@Zend.To> <7855df79-873b-2213-9a2b-372b66267918@fsu.edu> Message-ID: Don't know about Errors-To. I just ran a test to double check that our current version (4.28) used the Reply-To, which it doesn't so it's possible that it may but I'm pretty sure I remember someone telling me the Talisma system didn't use Reply-To. We're going to take ZendTo version 5.15-1 live next week, so we'll see how things go. Sometimes files are dropped off to the Talisma system from external e-mail addresses, so we'll see if those bounce back to the default address or go to external address in the Reply-To. ------------------------------------------------------------------- Travis Zimmerman tzimmerman at fsu.edu 850-645-8030 Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu Information Technology Services, Florida State University On 11/16/18 11:58 AM, Jules Field wrote: > Does that system pay attention to "Errors-To:"? > > On 16/11/2018 14:37, Travis Zimmerman wrote: >> For what it's worth my team is pretty happy about the feature, as we get >> a consistent number of auto-replies from a system that doesn't pay >> attention to the Reply-To field. >> >> ------------------------------------------------------------------- >> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >> Information Technology Services, Florida State University >> >> On 11/16/18 4:24 AM, Jules Field wrote: >>> Travis, >>> >>> Okay, thanks for that. I will take a look and see what I can do. I >>> would rather stick with the internaldomains.conf information than add >>> another list of domains, if it can be avoided. Few people have that >>> set to TRUE anyway, and I suspect I shouldn't have implemented it in >>> the first place, as there are other ways of avoiding the problem it >>> aims to solve. >>> >>> Cheers, >>> Jules. >>> >>> On 15/11/2018 18:16, Travis Zimmerman wrote: >>>> It's set to TRUE. >>>> [root at dropboxprd01 ~]# grep SMTPsetFromToSender >>>> /var/www/html/zendto/config/preferences.php >>>> ?? ? 'SMTPsetFromToSender' => TRUE, >>>> >>>> To fix the problem for my users I just modified the line to below. >>>> if ($senderDomain !== '' && >>>> ?? ??????????? ( strcasecmp($senderDomain, $fromDomain) == 0 || >>>> strcasecmp('my.fsu.edu', $fromDomain) == 0)) { >>>> >>>> If other people run into this problem, a possible general fix may >>>> be to >>>> have an array of allowed secondary domains, that match the SPF records >>>> for the SMTP server? >>>> >>>> Thanks for the help. >>>> >>>> ------------------------------------------------------------------- >>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>> Information Technology Services, Florida State University >>>> >>>> On 11/15/18 1:04 PM, Jules Field wrote: >>>>> Travis, >>>>> >>>>> That code snippet will only be run if you have >>>>> ????? 'SMTPsetFromToSender' => TRUE, >>>>> in preferences.php. >>>>> >>>>> The default is FALSE. What value are you using? >>>>> >>>>> Cheers, >>>>> Jules. >>>>> >>>>> On 01/11/2018 18:56, Travis Zimmerman wrote: >>>>>> I don't know if I'm reading this correctly but I think maybe the >>>>>> problem >>>>>> is having the two domains and this part of the code. >>>>>> >>>>>> ??? ????????? // If the sender domain and the from domain are the >>>>>> same >>>>>> ??? ????????? // (and not blank, which signifies something went >>>>>> wrong!), >>>>>> ??? ????????? // we can safely overwrite the From we set above, >>>>>> without >>>>>> ??? ????????? // causing SPF/DKIM/DMARC problems. >>>>>> ??? ????????? if ($senderDomain !== '' && >>>>>> ??? ????????????? strcasecmp($senderDomain, $fromDomain) == 0) >>>>>> >>>>>> Could a possible solution be to switch from a strcasecmp to >>>>>> substring >>>>>> test or maybe a regex testing if the $senderDomain is part of the >>>>>> end of >>>>>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC >>>>>> problem. >>>>>> >>>>>> endswith($fromDomain, $senderDomain); >>>>>> >>>>>> function endswith($from, $sender) { >>>>>> ??? ??? $fromlen = strlen($from); >>>>>> ??? ??? $senderlen = strlen($sender); >>>>>> ??? ??? if ($testlen > $strlen) return false; >>>>>> ??? ??? return substr_compare($from, $sender, $fromlen - $senderlen, >>>>>> $senderlen) === 0; >>>>>> } >>>>>> >>>>>> This is just a code snippet I googled up and haven't tested. >>>>>> >>>>>> ------------------------------------------------------------------- >>>>>> Travis Zimmerman??? tzimmerman at fsu.edu???? 850-645-8030 >>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>> Information Technology Services, Florida State University >>>>>> >>>>>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote: >>>>>>> Yup, that's what I have authIMAPDomain set to already. >>>>>>> >>>>>>> ------------------------------------------------------------------- >>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>> Information Technology Services, Florida State University >>>>>>> >>>>>>> On 11/1/18 12:29 PM, Jules Field wrote: >>>>>>>> Travis, >>>>>>>> >>>>>>>> If the students enter their entire email address >>>>>>>> (username at my.fsu.edu) >>>>>>>> into the ZendTo login "username" box, then set >>>>>>>> ??? ??? 'authIMAPDomain' => '', >>>>>>>> in preferences.php. >>>>>>>> >>>>>>>> If they just enter their username, then something more subtle is >>>>>>>> happening which I will need to investigate further. >>>>>>>> >>>>>>>> Please let me know if that helps. >>>>>>>> >>>>>>>> Cheers, >>>>>>>> Jules. >>>>>>>> >>>>>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote: >>>>>>>>> I realized I should mention that we are using e-mail addresses to >>>>>>>>> login >>>>>>>>> to our ZendTo service to differentiate between our two domains. >>>>>>>>> Don't >>>>>>>>> know if that would effect how e-mails are sent. Doesn't seem to >>>>>>>>> be a >>>>>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the >>>>>>>>> students >>>>>>>>> (IMAP, username at my.fsu.edu). >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------- >>>>>>>>> >>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>> Information Technology Services, Florida State University >>>>>>>>> >>>>>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote: >>>>>>>>>> I tried to use my university's AD for the students (there is a >>>>>>>>>> previous >>>>>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but >>>>>>>>>> due to >>>>>>>>>> how our Microsoft Admins configured it they needed to use an >>>>>>>>>> alternate >>>>>>>>>> attribute. >>>>>>>>>> >>>>>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail >>>>>>>>>> sent to >>>>>>>>>> the recipient will show my e-mail address in the From field. >>>>>>>>>> If I >>>>>>>>>> login >>>>>>>>>> using the IMAP auth the From field lists the servers default >>>>>>>>>> e-mail >>>>>>>>>> from >>>>>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail >>>>>>>>>> address. >>>>>>>>>> >>>>>>>>>> ------------------------------------------------------------------- >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu >>>>>>>>>> Information Technology Services, Florida State University >>>>>>>>>> >>>>>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote: >>>>>>>>>>> Travis, >>>>>>>>>>> >>>>>>>>>>> If you are authenticating users against Office365, then why >>>>>>>>>>> not do >>>>>>>>>>> that with AD? >>>>>>>>>>> I don't quite see why you need to use the IMAP authenticator at >>>>>>>>>>> all. >>>>>>>>>>> If it's a separate AD forest for some reason, then that's okay, >>>>>>>>>>> ZendTo >>>>>>>>>>> will happily do 3 different AD forests with independent setups. >>>>>>>>>>> >>>>>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they >>>>>>>>>>> login via >>>>>>>>>>> LDAP or AD, but doesn't if they login via IMAP? >>>>>>>>>>> >>>>>>>>>>> What we do here for the "From" address is use an address whose >>>>>>>>>>> email >>>>>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then >>>>>>>>>>> automated stuff that is replying (incorrectly) to the >>>>>>>>>>> "From:" or >>>>>>>>>>> (validly/correctly) to the envelope sender will just be thrown >>>>>>>>>>> away. >>>>>>>>>>> Any human-generated replies will go to the right user. >>>>>>>>>>> >>>>>>>>>>> Thanks for the info about the option you need to pass to >>>>>>>>>>> O365. I >>>>>>>>>>> guess >>>>>>>>>>> that's going to need yet another preferences.php setting. >>>>>>>>>>> >>>>>>>>>>> Cheers, >>>>>>>>>>> Jules. >>>>>>>>>>> >>>>>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote: >>>>>>>>>>>> I configured the IMAP authentication to allow my university's >>>>>>>>>>>> students >>>>>>>>>>>> to login to our ZendTo server, but when they drop off files >>>>>>>>>>>> the >>>>>>>>>>>> From >>>>>>>>>>>> field is showing the e-mail address configured in zendto.conf >>>>>>>>>>>> instead of >>>>>>>>>>>> the student's address. The student's address ends up in the >>>>>>>>>>>> Reply-To >>>>>>>>>>>> field, which normally wouldn't be a problem except sometimes >>>>>>>>>>>> automated >>>>>>>>>>>> systems reply back to the drop off e-mails and they ignore the >>>>>>>>>>>> Reply-To. >>>>>>>>>>>> >>>>>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP >>>>>>>>>>>> or AD >>>>>>>>>>>> appear to work as expected. >>>>>>>>>>>> >>>>>>>>>>>> BTW I am using the IMAP authentication with Office365 and in >>>>>>>>>>>> order to >>>>>>>>>>>> get it to login correctly I had to change the imap_open line. >>>>>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname, >>>>>>>>>>>> $password, >>>>>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN')); >>>>>>>>>>>> >>>>>>>>>>>> So don't know if you want to add this to the documentation >>>>>>>>>>>> somewhere or >>>>>>>>>>>> incorporate into the NSSIMAPAuthenticator code. >>>>>>>>>>>> >>>>>>>>>>>> ------------------------------------------------------------------- >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Travis Zimmerman??? tzimmerman at fsu.edu 850-645-8030 >>>>>>>>>>>> Linux Enterprise Applications & Systems >>>>>>>>>>>> its-linuxadmins at fsu.edu >>>>>>>>>>>> Information Technology Services, Florida State University >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> ZendTo mailing list >>>>>>>>>>>> ZendTo at zend.to >>>>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> Jules >>>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> ZendTo mailing list >>>>>>>>>> ZendTo at zend.to >>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> ZendTo mailing list >>>>>>>>> ZendTo at zend.to >>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> Jules >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> ZendTo mailing list >>>>>>> ZendTo at zend.to >>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= >>>>>>> >>>>>>> >>>>>>> >>>>> Jules >>>>> >>> Jules >>> > > Jules > From ssilva at sgvwater.com Fri Nov 16 19:25:30 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Fri, 16 Nov 2018 19:25:30 +0000 Subject: [ZendTo] New Zendto install References: <54D3F6A07E3F2A4AAD4CBA73922025F42021B980@FONEXCH01.sgvwc.local> Message-ID: I have a new Zendto install. Old one had too many errors trying to upgrade.. I can send as a logged in user fine. But testing from outside fails. I get the confirmation mail, it lets me add destination email, which I used my internal address, it lets me add files, and when I click dropoff I get... Upload Error You must be logged in as a San Gabriel Valley Water/Fontana Water user in order to drop-off a file for a non-San Gabriel Valley Water/Fontana Water user. Return to the ZendTo main menu to log in and then try again. It must be choking on the authentication, but actually logging in sends fine... It is only outside users failing -- Scott Silva Network Administrator Fontana Water Company 15966 Arrow Blvd. Fontana CA 92335 909.201.7325 Direct ssilva at sgvwater.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From gm.pawanthakur at gmail.com Mon Nov 19 13:00:30 2018 From: gm.pawanthakur at gmail.com (Pawan Thakur) Date: Mon, 19 Nov 2018 18:30:30 +0530 Subject: [ZendTo] Need Help with AD and/or MySQL Setup for Authentication References: <51cdef47-b1dd-dd57-3d25-6cf5ed2a0261@gmail.com> Message-ID: Hello, Story looks simple and straight forward, but it just doesn't work. I collected AD settings from my the admin using the steps mentioned in the document. Added the retrieved settings as in the preferences file, No Luck. I installed Maria DB on the server, so that we can use the DB and can use a web based interface to create users. But while Importing the DB zendto.MySQL I am getting these random errors. *zendto.MySQL** ** **ERROR 1091 (42000) at line 177: Can't DROP 'PRIMARY'; check that column/key exists** **ERROR 1061 (42000) at line 178: Duplicate key name 'usernameI'** * What am I doing wrong ? Any help appreciated. We have a working server which is not usable just because we don't have a user friendly Authentication implemented. Cheers, Pawan -------------- next part -------------- An HTML attachment was scrubbed... URL: From marcos.parrell at deiser.com Thu Nov 22 15:42:06 2018 From: marcos.parrell at deiser.com (=?iso-8859-1?Q?Marcos_Parrell_Sol=E0?=) Date: Thu, 22 Nov 2018 15:42:06 +0000 Subject: [ZendTo] Drop-off issues References: Message-ID: Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Guy.Bertrand at banctec.ca Thu Nov 22 16:26:35 2018 From: Guy.Bertrand at banctec.ca (Bertrand, Guy) Date: Thu, 22 Nov 2018 16:26:35 +0000 Subject: [ZendTo] ZendTo Digest, Vol 98, Issue 21 In-Reply-To: References: <9E8FF5130DE9CD4D895AF10041C1085B040AF1C604@BTIEXCH04.BTec.ad.banctec.com> Message-ID: Hi, Just to add a quick note in regards to Marcos' issue with drop-offs and the error message "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files" I have seen this twice in the past 2 weeks. I can confirm that both times, the users were NOT trying to drop-off a directory. Only files. I currently have a fresh install of ZendTo 5.11-3 on Centos 7. For my first user with this issue, he was at a remote site, using a VPN back into our corporate network, then using our internal IP address for our Zendto server. I asked him to disconnect from the VPN, and connect directly to the internet side of our server. Worked perfectly. For my second user with this issue, he was using IE11, trying to upload 3 files for a total of 10Gb. I asked him only to upload one file at a time. It started to work. I see nothing exciting in the log files, and I have no information that I can use to continue troubleshooting this. Any suggestions?? Regards, Guy Guy Bertrand, M.Ing Directeur informatique / IT Manager EXELA TECHNOLOGIES b: +1.514.392.4999 400, boul. De Maisonneuve Ouest, bureau 1120 | Montr?al (Qu?bec),? CANADA H3A 1L4 www.ExelaTech.com | EXELA LinkedIn Message: 3 Date: Thu, 22 Nov 2018 15:42:06 +0000 From: Marcos Parrell Sol? To: "zendto at zend.to" Subject: [ZendTo] Drop-off issues Message-ID: Content-Type: text/plain; charset="iso-8859-1" Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: ------------------------------ Subject: Digest Footer _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto ------------------------------ End of ZendTo Digest, Vol 98, Issue 21 ************************************** From djones at ena.com Thu Nov 22 16:33:14 2018 From: djones at ena.com (David Jones) Date: Thu, 22 Nov 2018 16:33:14 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , Message-ID: I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo on behalf of Marcos Parrell Sol? via ZendTo Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From marcos.parrell at deiser.com Thu Nov 22 17:30:48 2018 From: marcos.parrell at deiser.com (=?iso-8859-1?Q?Marcos_Parrell_Sol=E0?=) Date: Thu, 22 Nov 2018 17:30:48 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , Message-ID: It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users Cc: Marcos Parrell Sol? Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailinglists at pcfreak.de Thu Nov 22 19:06:28 2018 From: mailinglists at pcfreak.de (Mailing Lists) Date: Thu, 22 Nov 2018 20:06:28 +0100 Subject: [ZendTo] Drop-off issues In-Reply-To: References: Message-ID: Hi, maybe just the disk is full? Regards Peter via Smartphone > Am 22.11.2018 um 16:42 schrieb Marcos Parrell Sol? via ZendTo : > > Hello and sorry if this issue has been addressed before, > > We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: > > Sorry, I failed to drop-off your files! > Note that you cannot drop-off directories, only files > > The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. > > I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? > > I keep investigating but any clue will be appreciated!. > > Best regards and many thanks in advance, > Marcos. > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Thu Nov 22 20:30:57 2018 From: djones at ena.com (David Jones) Date: Thu, 22 Nov 2018 20:30:57 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , , Message-ID: Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? ________________________________ From: Marcos Parrell Sol? Sent: Thursday, November 22, 2018 11:30 AM To: David Jones Cc: ZendTo Users Subject: RE: Drop-off issues It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users Cc: Marcos Parrell Sol? Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kle at msktd.com Thu Nov 22 21:10:34 2018 From: kle at msktd.com (Ken Etter) Date: Thu, 22 Nov 2018 16:10:34 -0500 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , , <5BF71B52020000130012ED0E@mail.msktd.com> Message-ID: How are you accessing the site? I was testing by IP address and got this error. I was doing that because I hadn't moved dns from the existing production site to the new one. After adjusting dns and accessing the site by name instead of ip, things worked correctly. Ken Sent from my iPhone > On Nov 22, 2018, at 3:31 PM, David Jones via ZendTo wrote: > > Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? > > > From: Marcos Parrell Sol? > Sent: Thursday, November 22, 2018 11:30 AM > To: David Jones > Cc: ZendTo Users > Subject: RE: Drop-off issues > > It seems not to be the problem this time, what I have in /etc/groups is: > > > > apache:x:48:clamscan > > clamupdate:x:995: > > virusgroup:x:994:clamupdate,clamscan,apache > > clamscan:x:993:clamupdate,apache > > > > Permissions on /var/zendto/ > > > > drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . > > drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. > > drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache > > drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs > > drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming > > drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library > > drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd > > drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c > > -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log > > -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite > > > > > > From: David Jones > Sent: Thursday, November 22, 2018 5:33 PM > To: ZendTo Users > Cc: Marcos Parrell Sol? > Subject: Re: Drop-off issues > > > > I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. > > /etc/group > > ========= > > virusgroup:x:XXX:clamupdate,clamscan,apache > > From: ZendTo on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM > To: zendto at zend.to > Cc: Marcos Parrell Sol? > Subject: [ZendTo] Drop-off issues > > > > Hello and sorry if this issue has been addressed before, > > > > We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: > > > > Sorry, I failed to drop-off your files! > > Note that you cannot drop-off directories, only files > > > > The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. > > > > I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? > > > > I keep investigating but any clue will be appreciated!. > > > > Best regards and many thanks in advance, > > Marcos. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Thu Nov 22 22:48:57 2018 From: djones at ena.com (David Jones) Date: Thu, 22 Nov 2018 22:48:57 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: <5BF71B52020000130012ED0E@mail.msktd.com> References: , , , <5BF71B52020000130012ED0E@mail.msktd.com> Message-ID: If you need to test a website before changing DNS, put a local /etc/hosts file to test by name to make sure host headers are matching what you expect. Dave Jones ________________________________ From: Ken Etter Sent: Thursday, November 22, 2018 3:10:34 PM To: zendto at zend.to Cc: marcos.parrell at deiser.com; David Jones Subject: Re: [ZendTo] Drop-off issues How are you accessing the site? I was testing by IP address and got this error. I was doing that because I hadn't moved dns from the existing production site to the new one. After adjusting dns and accessing the site by name instead of ip, things worked correctly. Ken Sent from my iPhone On Nov 22, 2018, at 3:31 PM, David Jones via ZendTo > wrote: Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? ________________________________ From: Marcos Parrell Sol? > Sent: Thursday, November 22, 2018 11:30 AM To: David Jones Cc: ZendTo Users Subject: RE: Drop-off issues It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones > Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users > Cc: Marcos Parrell Sol? > Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From marcos.parrell at deiser.com Fri Nov 23 07:24:11 2018 From: marcos.parrell at deiser.com (=?iso-8859-1?Q?Marcos_Parrell_Sol=E0?=) Date: Fri, 23 Nov 2018 07:24:11 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , , , <5BF71B52020000130012ED0E@mail.msktd.com> Message-ID: Many thanks for your answers Ken and David, Nothing to do with DNS, we have set the hostname and fqdn resolutions on /etc/hosts (also on client side), also hostname is set on /etc/hostname. We are running ZendTo over SSL using wildcard certificates... same configuration works properly with previous versions of ZendTo. I also have find another problem, some action malformed the url... https://zendto.mydomain.com/zendto.mydomain.com/pickup https:// zendto.mydomain.com/ zendto.mydomain.com/verify I faced this problem previously when using logo link and home button but it has been resolved once I have updated the /etc/hostname file, however, actions like pickup or verify, do not know if there are others, are generating the problem. From: David Jones Sent: Thursday, November 22, 2018 11:49 PM To: zendto at zend.to; Ken Etter Cc: Marcos Parrell Sol? Subject: Re: [ZendTo] Drop-off issues If you need to test a website before changing DNS, put a local /etc/hosts file to test by name to make sure host headers are matching what you expect. Dave Jones ________________________________ From: Ken Etter > Sent: Thursday, November 22, 2018 3:10:34 PM To: zendto at zend.to Cc: marcos.parrell at deiser.com; David Jones Subject: Re: [ZendTo] Drop-off issues How are you accessing the site? I was testing by IP address and got this error. I was doing that because I hadn't moved dns from the existing production site to the new one. After adjusting dns and accessing the site by name instead of ip, things worked correctly. Ken Sent from my iPhone On Nov 22, 2018, at 3:31 PM, David Jones via ZendTo > wrote: Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? ________________________________ From: Marcos Parrell Sol? > Sent: Thursday, November 22, 2018 11:30 AM To: David Jones Cc: ZendTo Users Subject: RE: Drop-off issues It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones > Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users > Cc: Marcos Parrell Sol? > Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Guy.Bertrand at banctec.ca Fri Nov 23 18:26:00 2018 From: Guy.Bertrand at banctec.ca (Bertrand, Guy) Date: Fri, 23 Nov 2018 18:26:00 +0000 Subject: [ZendTo] ZendTo Digest, Vol 98, Issue 25 In-Reply-To: References: <9E8FF5130DE9CD4D895AF10041C1085B040AF1DC1D@BTIEXCH04.BTec.ad.banctec.com> Message-ID: Hi, Just to confirm the fix for the CLAMAV and /etc/group permissions issue for APACHE on Centos 7 after an upgrade from zendto 5.11-3 to 5.15-1. Two thumbs up to David Jones for the catch and fix. And Jules of course! In the ZendTo system log, you will see entries like this: 2018-11-23 09:18:32 10.21.100.7 [some name]: Error: Virus scan of dropped-off files /home/zendto/incoming/phpJVeY5B for user1 failed with ERROR: Could not connect to clamd on LocalSocket /var/run/clamd.scan/clamd.sock: Permission denied ----------- SCAN SUMMARY ----------- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) # cat /etc/redhat-release CentOS Linux release 7.5.1804 (Core) # sudo yum list installed | grep zendto zendto.noarch 5.15-1 @ZendTo zendto-repo.noarch 1.1-1 installed or # sudo rpm -qa | grep zendto zendto-repo-1.1-1.noarch zendto-5.15-1.noarch # grep virusgroup /etc/group virusgroup:x:986:clamupdate,clamscan # usermod -G virusgroup apache # grep virusgroup /etc/group virusgroup:x:986:clamupdate,clamscan,apache Regards, Guy Guy Bertrand, M.Ing Directeur informatique / IT Manager EXELA TECHNOLOGIES b: +1.514.392.4999 400, boul. De Maisonneuve Ouest, bureau 1120 | Montr?al (Qu?bec),? CANADA H3A 1L4 www.ExelaTech.com | EXELA LinkedIn From Guy.Bertrand at banctec.ca Fri Nov 23 18:29:40 2018 From: Guy.Bertrand at banctec.ca (Bertrand, Guy) Date: Fri, 23 Nov 2018 18:29:40 +0000 Subject: [ZendTo] ZendTo Digest, Vol 98, Issue 25 In-Reply-To: References: <9E8FF5130DE9CD4D895AF10041C1085B040AF1DC5A@BTIEXCH04.BTec.ad.banctec.com> Message-ID: Hi all, To Marco's drop-off issue, "Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files" This happens as the user has just selected files to be sent and clicks on "drop-off". No files have been sent to the server yet. The virus scan fix mentionned is when the upload has actually finished. So I believe that we are talking about two different issues. Regards, Guy Guy Bertrand, M.Ing Directeur informatique / IT Manager EXELA TECHNOLOGIES b: +1.514.392.4999 400, boul. De Maisonneuve Ouest, bureau 1120 | Montr?al (Qu?bec),? CANADA H3A 1L4 www.ExelaTech.com | EXELA LinkedIn From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload? and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. From marcos.parrell at deiser.com Mon Nov 26 11:45:44 2018 From: marcos.parrell at deiser.com (=?iso-8859-1?Q?Marcos_Parrell_Sol=E0?=) Date: Mon, 26 Nov 2018 11:45:44 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , , , <5BF71B52020000130012ED0E@mail.msktd.com> Message-ID: So sorry guys, all the problems came due a typo in zendto preferences... From: Marcos Parrell Sol? Sent: Friday, November 23, 2018 8:24 AM To: David Jones ; Ken Etter Cc: zendto at zend.to Subject: RE: [ZendTo] Drop-off issues Many thanks for your answers Ken and David, Nothing to do with DNS, we have set the hostname and fqdn resolutions on /etc/hosts (also on client side), also hostname is set on /etc/hostname. We are running ZendTo over SSL using wildcard certificates... same configuration works properly with previous versions of ZendTo. I also have find another problem, some action malformed the url... https://zendto.mydomain.com/zendto.mydomain.com/pickup https:// zendto.mydomain.com/ zendto.mydomain.com/verify I faced this problem previously when using logo link and home button but it has been resolved once I have updated the /etc/hostname file, however, actions like pickup or verify, do not know if there are others, are generating the problem. From: David Jones > Sent: Thursday, November 22, 2018 11:49 PM To: zendto at zend.to; Ken Etter > Cc: Marcos Parrell Sol? > Subject: Re: [ZendTo] Drop-off issues If you need to test a website before changing DNS, put a local /etc/hosts file to test by name to make sure host headers are matching what you expect. Dave Jones ________________________________ From: Ken Etter > Sent: Thursday, November 22, 2018 3:10:34 PM To: zendto at zend.to Cc: marcos.parrell at deiser.com; David Jones Subject: Re: [ZendTo] Drop-off issues How are you accessing the site? I was testing by IP address and got this error. I was doing that because I hadn't moved dns from the existing production site to the new one. After adjusting dns and accessing the site by name instead of ip, things worked correctly. Ken Sent from my iPhone On Nov 22, 2018, at 3:31 PM, David Jones via ZendTo > wrote: Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? ________________________________ From: Marcos Parrell Sol? > Sent: Thursday, November 22, 2018 11:30 AM To: David Jones Cc: ZendTo Users Subject: RE: Drop-off issues It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones > Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users > Cc: Marcos Parrell Sol? > Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Massimo.Forni at turboden.it Mon Nov 26 12:18:58 2018 From: Massimo.Forni at turboden.it (Massimo Forni) Date: Mon, 26 Nov 2018 12:18:58 +0000 Subject: [ZendTo] Drop-off issues In-Reply-To: References: , , , <5BF71B52020000130012ED0E@mail.msktd.com> <0A6BAE18ABEE3E4ABF2F406E9A6BB978017CBF64@MailBox.turboden.local> Message-ID: As 95% of the posts in this mailinglist :) From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Marcos Parrell Sol? via ZendTo Sent: 26 November 2018 12:46 To: David Jones ; Ken Etter Cc: Marcos Parrell Sol? ; zendto at zend.to Subject: Re: [ZendTo] Drop-off issues So sorry guys, all the problems came due a typo in zendto preferences... From: Marcos Parrell Sol? Sent: Friday, November 23, 2018 8:24 AM To: David Jones >; Ken Etter > Cc: zendto at zend.to Subject: RE: [ZendTo] Drop-off issues Many thanks for your answers Ken and David, Nothing to do with DNS, we have set the hostname and fqdn resolutions on /etc/hosts (also on client side), also hostname is set on /etc/hostname. We are running ZendTo over SSL using wildcard certificates... same configuration works properly with previous versions of ZendTo. I also have find another problem, some action malformed the url... https://zendto.mydomain.com/zendto.mydomain.com/pickup https:// zendto.mydomain.com/ zendto.mydomain.com/verify I faced this problem previously when using logo link and home button but it has been resolved once I have updated the /etc/hostname file, however, actions like pickup or verify, do not know if there are others, are generating the problem. From: David Jones > Sent: Thursday, November 22, 2018 11:49 PM To: zendto at zend.to; Ken Etter > Cc: Marcos Parrell Sol? > Subject: Re: [ZendTo] Drop-off issues If you need to test a website before changing DNS, put a local /etc/hosts file to test by name to make sure host headers are matching what you expect. Dave Jones ________________________________ From: Ken Etter > Sent: Thursday, November 22, 2018 3:10:34 PM To: zendto at zend.to Cc: marcos.parrell at deiser.com; David Jones Subject: Re: [ZendTo] Drop-off issues How are you accessing the site? I was testing by IP address and got this error. I was doing that because I hadn't moved dns from the existing production site to the new one. After adjusting dns and accessing the site by name instead of ip, things worked correctly. Ken Sent from my iPhone On Nov 22, 2018, at 3:31 PM, David Jones via ZendTo > wrote: Not sure then. Anything show up in the /var/log/httpd/* logs when this happens? Have you tried "display_errors = On" in /etc/php.ini and restarting httpd? ________________________________ From: Marcos Parrell Sol? > Sent: Thursday, November 22, 2018 11:30 AM To: David Jones Cc: ZendTo Users Subject: RE: Drop-off issues It seems not to be the problem this time, what I have in /etc/groups is: apache:x:48:clamscan clamupdate:x:995: virusgroup:x:994:clamupdate,clamscan,apache clamscan:x:993:clamupdate,apache Permissions on /var/zendto/ drwxrwxr-x. 8 root apache 135 Nov 22 18:14 . drwxr-xr-x. 21 root root 4096 Nov 22 11:26 .. drwxr-xr-x. 3 apache apache 62 Nov 22 11:34 cache drwxr-xr-x. 2 apache apache 6 Nov 22 16:23 dropoffs drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 incoming drwxr-xr-x. 2 apache apache 6 Nov 22 11:26 library drwxr-xr-x. 2 apache apache 4096 Nov 22 11:26 rrd drwxr-xr-x. 2 apache apache 4096 Nov 22 17:04 templates_c -rw-rw-r--. 1 apache apache 87 Nov 22 11:34 zendto.log -rw-r--r--. 1 apache apache 23552 Nov 22 11:34 zendto.sqlite From: David Jones > Sent: Thursday, November 22, 2018 5:33 PM To: ZendTo Users > Cc: Marcos Parrell Sol? > Subject: Re: Drop-off issues I think this could be the same clamav problem that I had and Jules recently posted about so look back in the recent archives. The ClamAV package on C7 changed recently causing the apache user to be added to the virusgroup. Add it and restart httpd to see if that solves your problem. /etc/group ========= virusgroup:x:XXX:clamupdate,clamscan,apache ________________________________ From: ZendTo > on behalf of Marcos Parrell Sol? via ZendTo > Sent: Thursday, November 22, 2018 9:42 AM To: zendto at zend.to Cc: Marcos Parrell Sol? Subject: [ZendTo] Drop-off issues Hello and sorry if this issue has been addressed before, We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: Sorry, I failed to drop-off your files! Note that you cannot drop-off directories, only files The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? I keep investigating but any clue will be appreciated!. Best regards and many thanks in advance, Marcos. -- Massimo Forni ICT Specialist, Advisor to Managing Director for ICT ________________________________ Turboden S.p.A. I via Cernaia 10 I 25124 Brescia I Italy t. +390303552001 I f. +390303552011 www.turboden.com Confidentiality notice: this message, together with its attachments, may contain strictly confidential and/or legally privileged information and it is destined solely to the intended addressee(s), who only may use it under his/their responsibility. Opinions, conclusions and other information contained in this message, that do not relate to the official business of this firm, shall be considered as not given or endorsed by it. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Any use, disclosure, copying or distribution of the contents of this communication by a not-intended recipient or in violation of the purposes of this communication is strictly prohibited and may be unlawful. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Mon Nov 26 15:46:57 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 26 Nov 2018 15:46:57 +0000 Subject: [ZendTo] ZendTo Digest, Vol 98, Issue 21 In-Reply-To: References: <9E8FF5130DE9CD4D895AF10041C1085B040AF1C604@BTIEXCH04.BTec.ad.banctec.com> Message-ID: On 22/11/2018 16:26, Bertrand, Guy via ZendTo wrote: > Hi, > > Just to add a quick note in regards to Marcos' issue with drop-offs and the error message > > "Sorry, I failed to drop-off your files! > Note that you cannot drop-off directories, only files" > > I have seen this twice in the past 2 weeks. I can confirm that both times, the users were NOT trying to drop-off a directory. Only files. I currently have a fresh install of ZendTo 5.11-3 on Centos 7. > > For my first user with this issue, he was at a remote site, using a VPN back into our corporate network, then using our internal IP address for our Zendto server. I asked him to disconnect from the VPN, and connect directly to the internet side of our server. Worked perfectly. Might your VPN service be doing application-level checks (e.g. malware scans) on files sent via HTTP? (There are plenty of corporate VPN services that do a MITM attack to be able to scan HTTPS traffic without the user realising). In that case, it's highly likely the file was too large for the scanner in the middle to cope with. > > For my second user with this issue, he was using IE11, trying to upload 3 files for a total of 10Gb. I asked him only to upload one file at a time. It started to work. Any upload over 2GB is asking an awful lot of IE11. Over 4GB, definitely asking for trouble. There are compatility settings in IE11 that are used by many corporate sites in order for their ancient in-house web apps to work. (Otherwise why is anyone still trying to use IE?). These compatilibity settings can and do make IE break in circumstances like large uploads, where a "vanilla" installation behaves fine. > > I see nothing exciting in the log files, and I have no information that I can use to continue troubleshooting this. > > Any suggestions?? > > Regards, > > Guy > > Guy Bertrand, M.Ing > Directeur informatique / IT Manager > EXELA TECHNOLOGIES > b: +1.514.392.4999 > 400, boul. De Maisonneuve Ouest, bureau 1120 | Montr?al (Qu?bec),? CANADA H3A 1L4 > www.ExelaTech.com | EXELA LinkedIn > > > > Message: 3 > Date: Thu, 22 Nov 2018 15:42:06 +0000 > From: Marcos Parrell Sol? > To: "zendto at zend.to" > Subject: [ZendTo] Drop-off issues > Message-ID: > > > Content-Type: text/plain; charset="iso-8859-1" > > Hello and sorry if this issue has been addressed before, > > We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: > > Sorry, I failed to drop-off your files! > Note that you cannot drop-off directories, only files > > The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. > > I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? > > I keep investigating but any clue will be appreciated!. > > Best regards and many thanks in advance, Marcos. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > > ------------------------------ > > End of ZendTo Digest, Vol 98, Issue 21 > ************************************** > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Find a place inside where there's joy, and the joy will burn out the pain.' - Joseph Campbell www.Zend.To Twitter: @JulesFM From Jules at Zend.To Mon Nov 26 15:49:04 2018 From: Jules at Zend.To (Jules Field) Date: Mon, 26 Nov 2018 15:49:04 +0000 Subject: [ZendTo] ZendTo Digest, Vol 98, Issue 21 In-Reply-To: References: <9E8FF5130DE9CD4D895AF10041C1085B040AF1C604@BTIEXCH04.BTec.ad.banctec.com> Message-ID: Sorry, thumped Send to early... You won't see anything in the log files, as the files never made it to the ZendTo server. Sending 1 file at a time will have kept the max upload size below 4GB, at which point IE11 stands a better chance of working. Particularly if someone is using the compatilibity settings in IE11. Someone using IE11 in an organisation would have absolutely no idea if their organisation was doing this or not. The best answer by far is "don't use IE, use anything better". Cheers, Jules. On 22/11/2018 16:26, Bertrand, Guy via ZendTo wrote: > Hi, > > Just to add a quick note in regards to Marcos' issue with drop-offs and the error message > > "Sorry, I failed to drop-off your files! > Note that you cannot drop-off directories, only files" > > I have seen this twice in the past 2 weeks. I can confirm that both times, the users were NOT trying to drop-off a directory. Only files. I currently have a fresh install of ZendTo 5.11-3 on Centos 7. > > For my first user with this issue, he was at a remote site, using a VPN back into our corporate network, then using our internal IP address for our Zendto server. I asked him to disconnect from the VPN, and connect directly to the internet side of our server. Worked perfectly. > > For my second user with this issue, he was using IE11, trying to upload 3 files for a total of 10Gb. I asked him only to upload one file at a time. It started to work. > > I see nothing exciting in the log files, and I have no information that I can use to continue troubleshooting this. > > Any suggestions?? > > Regards, > > Guy > > Guy Bertrand, M.Ing > Directeur informatique / IT Manager > EXELA TECHNOLOGIES > b: +1.514.392.4999 > 400, boul. De Maisonneuve Ouest, bureau 1120 | Montr?al (Qu?bec),? CANADA H3A 1L4 > www.ExelaTech.com | EXELA LinkedIn > > > > Message: 3 > Date: Thu, 22 Nov 2018 15:42:06 +0000 > From: Marcos Parrell Sol? > To: "zendto at zend.to" > Subject: [ZendTo] Drop-off issues > Message-ID: > > > Content-Type: text/plain; charset="iso-8859-1" > > Hello and sorry if this issue has been addressed before, > > We have installed ZendTo from scratch over a new installation of CentOS 7 minimal and using the ZendTo installer, everything goes fine but we are experiencing issues when dropping-off the files, does not matter whatever you try to send, we always receive the same failure message and the logs does not through any error: > > Sorry, I failed to drop-off your files! > Note that you cannot drop-off directories, only files > > The error appears when the drop-off progress bar reach the 100% but I have note that no file is placed on incoming folder during the upload... and ff course, we are not sending folders. > > I have seen someone reporting on last march the same issue ( http://jul.es/pipermail/zendto/2018-March/003156.html ) but he receive not answer, do you noticed this issue before?, is there anything I can check? > > I keep investigating but any clue will be appreciated!. > > Best regards and many thanks in advance, Marcos. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > > > ------------------------------ > > End of ZendTo Digest, Vol 98, Issue 21 > ************************************** > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Teach a man to reason, and he will think for a lifetime.' - Phil Plait www.Zend.To Twitter: @JulesFM From ssilva at sgvwater.com Tue Nov 27 18:34:11 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 27 Nov 2018 18:34:11 +0000 Subject: [ZendTo] New Zendto install In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F42021B980@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025A128@FONEXCH01.sgvwc.local> Message-ID: Still poking at this... Used a little larger file just to see if it was virus related... I get the progress bar and then the below error... Tested with sending a request for dropoff from internal address to same external and that works. So it is only in the part where an outside user tries to drop off unsolicited and gets the authentication email. From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Scott Silva via ZendTo Sent: Friday, November 16, 2018 11:26 AM To: ZendTo Users Cc: Scott Silva Subject: [ZendTo] New Zendto install I have a new Zendto install. Old one had too many errors trying to upgrade.. I can send as a logged in user fine. But testing from outside fails. I get the confirmation mail, it lets me add destination email, which I used my internal address, it lets me add files, and when I click dropoff I get... Upload Error You must be logged in as a San Gabriel Valley Water/Fontana Water user in order to drop-off a file for a non-San Gabriel Valley Water/Fontana Water user. Return to the ZendTo main menu to log in and then try again. It must be choking on the authentication, but actually logging in sends fine... It is only outside users failing -- Scott Silva Network Administrator Fontana Water Company 15966 Arrow Blvd. Fontana CA 92335 909.201.7325 Direct ssilva at sgvwater.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From klou at themusiclink.net Tue Nov 27 18:54:14 2018 From: klou at themusiclink.net (Kris Lou) Date: Tue, 27 Nov 2018 10:54:14 -0800 Subject: [ZendTo] New Zendto install In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F42021B980@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025A128@FONEXCH01.sgvwc.local> Message-ID: What are you settings for the following in preferences.php? // Allow external users (who can't login) to upload files? > // Regardless of this setting, they always can if they've been given > // a request code. > // Setting this to FALSE stops external users sending files that > // the recipient had not asked for. > 'allowExternalUploads' => TRUE, // You should check that senders who are not members of your organisation > // (and so cannot login to ZendTo) are really the owner of the email > // address they are sending from. So when they try to send you files, > // you have some confidence they are who they say they are. > // However, some sites are only expecting files from occasional people, > // and don't want the senders to have to do the extra step. > // Setting this to FALSE disables the email address confirmation step. > 'confirmExternalEmails' => TRUE, Kris Lou klou at themusiclink.net On Tue, Nov 27, 2018 at 10:34 AM Scott Silva via ZendTo wrote: > Still poking at this? Used a little larger file just to see if it was > virus related? I get the progress bar and then the below error? > > > > Tested with sending a request for dropoff from internal address to same > external and that works. So it is only in the part where an outside user > tries to drop off unsolicited and gets the authentication email. > > > > > > > > *From:* ZendTo [mailto:zendto-bounces at zend.to] *On Behalf Of *Scott Silva > via ZendTo > *Sent:* Friday, November 16, 2018 11:26 AM > *To:* ZendTo Users > *Cc:* Scott Silva > *Subject:* [ZendTo] New Zendto install > > > > I have a new Zendto install. Old one had too many errors trying to > upgrade.. > > > > I can send as a logged in user fine. > > But testing from outside fails. I get the confirmation mail, it lets me > add destination email, which I used my internal address, it lets me add > files, and when I click dropoff I get... > > > > Upload Error > > You must be logged in as a San Gabriel Valley Water/Fontana > Water user in order to drop-off a file for a non-San Gabriel Valley > Water/Fontana Water user. > > > > Return to the ZendTo main menu to log in and then try again. > > > > It must be choking on the authentication, but actually logging in sends > fine? > > It is only outside users failing > > > > > > > > -- > > Scott Silva > > Network Administrator > > Fontana Water Company > > 15966 Arrow Blvd. Fontana CA 92335 > > > > 909.201.7325 Direct > > ssilva at sgvwater.com > > > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ssilva at sgvwater.com Tue Nov 27 19:04:38 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 27 Nov 2018 19:04:38 +0000 Subject: [ZendTo] New Zendto install In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F42021B980@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025A128@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025B213@FONEXCH01.sgvwc.local> Message-ID: Both set to TRUE. Baffling me.. Not seeing any error in the Zendto logs either? I guess next will be showing the php dialogs? From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Kris Lou via ZendTo Sent: Tuesday, November 27, 2018 10:55 AM To: ZendTo Users Cc: Kris Lou Subject: Re: [ZendTo] New Zendto install What are you settings for the following in preferences.php? // Allow external users (who can't login) to upload files? // Regardless of this setting, they always can if they've been given // a request code. // Setting this to FALSE stops external users sending files that // the recipient had not asked for. 'allowExternalUploads' => TRUE, // You should check that senders who are not members of your organisation // (and so cannot login to ZendTo) are really the owner of the email // address they are sending from. So when they try to send you files, // you have some confidence they are who they say they are. // However, some sites are only expecting files from occasional people, // and don't want the senders to have to do the extra step. // Setting this to FALSE disables the email address confirmation step. 'confirmExternalEmails' => TRUE, Kris Lou klou at themusiclink.net On Tue, Nov 27, 2018 at 10:34 AM Scott Silva via ZendTo > wrote: Still poking at this? Used a little larger file just to see if it was virus related? I get the progress bar and then the below error? Tested with sending a request for dropoff from internal address to same external and that works. So it is only in the part where an outside user tries to drop off unsolicited and gets the authentication email. From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Scott Silva via ZendTo Sent: Friday, November 16, 2018 11:26 AM To: ZendTo Users > Cc: Scott Silva > Subject: [ZendTo] New Zendto install I have a new Zendto install. Old one had too many errors trying to upgrade.. I can send as a logged in user fine. But testing from outside fails. I get the confirmation mail, it lets me add destination email, which I used my internal address, it lets me add files, and when I click dropoff I get... Upload Error You must be logged in as a San Gabriel Valley Water/Fontana Water user in order to drop-off a file for a non-San Gabriel Valley Water/Fontana Water user. Return to the ZendTo main menu to log in and then try again. It must be choking on the authentication, but actually logging in sends fine? It is only outside users failing -- Scott Silva Network Administrator Fontana Water Company 15966 Arrow Blvd. Fontana CA 92335 909.201.7325 Direct ssilva at sgvwater.com _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: From ssilva at sgvwater.com Tue Nov 27 19:16:41 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 27 Nov 2018 19:16:41 +0000 Subject: [ZendTo] New Zendto install In-Reply-To: References: <54D3F6A07E3F2A4AAD4CBA73922025F42021B980@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025A128@FONEXCH01.sgvwc.local> <54D3F6A07E3F2A4AAD4CBA73922025F42025B26B@FONEXCH01.sgvwc.local> Message-ID: Found it! Had 'emailDomainRegexp' => '/opt/zendto/config/internaldomains.conf' But the 2 domains in internaldomains.conf were separated by a space instead of a return It now works. Not sure if the installer created that file with spaces instead of CR or not? Or if it is an artifact coming from the old Centos 6 server that didn?t upgrade properly. From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Kris Lou via ZendTo Sent: Tuesday, November 27, 2018 10:55 AM To: ZendTo Users Cc: Kris Lou Subject: Re: [ZendTo] New Zendto install What are you settings for the following in preferences.php? // Allow external users (who can't login) to upload files? // Regardless of this setting, they always can if they've been given // a request code. // Setting this to FALSE stops external users sending files that // the recipient had not asked for. 'allowExternalUploads' => TRUE, // You should check that senders who are not members of your organisation // (and so cannot login to ZendTo) are really the owner of the email // address they are sending from. So when they try to send you files, // you have some confidence they are who they say they are. // However, some sites are only expecting files from occasional people, // and don't want the senders to have to do the extra step. // Setting this to FALSE disables the email address confirmation step. 'confirmExternalEmails' => TRUE, Kris Lou klou at themusiclink.net On Tue, Nov 27, 2018 at 10:34 AM Scott Silva via ZendTo > wrote: Still poking at this? Used a little larger file just to see if it was virus related? I get the progress bar and then the below error? Tested with sending a request for dropoff from internal address to same external and that works. So it is only in the part where an outside user tries to drop off unsolicited and gets the authentication email. From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Scott Silva via ZendTo Sent: Friday, November 16, 2018 11:26 AM To: ZendTo Users > Cc: Scott Silva > Subject: [ZendTo] New Zendto install I have a new Zendto install. Old one had too many errors trying to upgrade.. I can send as a logged in user fine. But testing from outside fails. I get the confirmation mail, it lets me add destination email, which I used my internal address, it lets me add files, and when I click dropoff I get... Upload Error You must be logged in as a San Gabriel Valley Water/Fontana Water user in order to drop-off a file for a non-San Gabriel Valley Water/Fontana Water user. Return to the ZendTo main menu to log in and then try again. It must be choking on the authentication, but actually logging in sends fine? It is only outside users failing -- Scott Silva Network Administrator Fontana Water Company 15966 Arrow Blvd. Fontana CA 92335 909.201.7325 Direct ssilva at sgvwater.com _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto -------------- next part -------------- An HTML attachment was scrubbed... URL: From rbrumm at kleentest.com Wed Nov 28 22:21:51 2018 From: rbrumm at kleentest.com (Brumm, Robert) Date: Wed, 28 Nov 2018 16:21:51 -0600 Subject: [ZendTo] (no subject) References: Message-ID: Hi there. Hopefully an easy question. I after I finished up my installation I decided to change the URL of my server. I updated the name in the preferences.php file under 'serverRoot' but the old URL is still running. Where else do I go to change it? Robert -- CONFIDENTIALITY NOTICE: This e-mail may contain trade secrets or privileged, undisclosed or otherwise confidential information. If you have received this e-mail in error, you are hereby notified that any review, copying or distribution of this message in whole or in part is strictly prohibited. Please inform the sender immediately and destroy the original transmittal. Thank you for your cooperation. From m.a.young at durham.ac.uk Wed Nov 28 22:42:33 2018 From: m.a.young at durham.ac.uk (YOUNG, MICHAEL A.) Date: Wed, 28 Nov 2018 22:42:33 +0000 Subject: [ZendTo] (no subject) In-Reply-To: References: Message-ID: On Wed, 28 Nov 2018, Brumm, Robert via ZendTo wrote: > Hi there. Hopefully an easy question. I after I finished up my installation I > decided to change the URL of my server. I updated the name in the > preferences.php file under 'serverRoot' but the old URL is still running. > Where else do I go to change it? serverRoot is just what ZendTo thinks it is called for when it needs to refer to itself. The URL server names that actually work are configured by your web server, probably in something like /etc/httpd/conf.d/zendto.conf for apache httpd. Michael Young From rbrumm at kleentest.com Wed Nov 28 22:57:23 2018 From: rbrumm at kleentest.com (Brumm, Robert) Date: Wed, 28 Nov 2018 16:57:23 -0600 Subject: [ZendTo] (no subject) In-Reply-To: References: <08880244-1673-3c4f-ac01-f321da0f3b32@kleentest.com> Message-ID: I updated the server name in etc/apache2/sites-enabled/001-zendto.conf and ...ssl.conf. Still going to the old URL. On 11/28/2018 4:42 PM, YOUNG, MICHAEL A. wrote: > On Wed, 28 Nov 2018, Brumm, Robert via ZendTo wrote: > >> Hi there. Hopefully an easy question. I after I finished up my installation I >> decided to change the URL of my server. I updated the name in the >> preferences.php file under 'serverRoot' but the old URL is still running. >> Where else do I go to change it? > serverRoot is just what ZendTo thinks it is called for when it needs to > refer to itself. The URL server names that actually work are configured by > your web server, probably in something like /etc/httpd/conf.d/zendto.conf > for apache httpd. > > Michael Young -- CONFIDENTIALITY NOTICE: This e-mail may contain trade secrets or privileged, undisclosed or otherwise confidential information. If you have received this e-mail in error, you are hereby notified that any review, copying or distribution of this message in whole or in part is strictly prohibited. Please inform the sender immediately and destroy the original transmittal. Thank you for your cooperation. From ssilva at sgvwater.com Wed Nov 28 23:31:01 2018 From: ssilva at sgvwater.com (Scott Silva) Date: Wed, 28 Nov 2018 23:31:01 +0000 Subject: [ZendTo] (no subject) In-Reply-To: References: <08880244-1673-3c4f-ac01-f321da0f3b32@kleentest.com> <54D3F6A07E3F2A4AAD4CBA73922025F4202634F5@FONEXCH01.sgvwc.local> Message-ID: Did you update the name in your DNS and clear any caching? -----Original Message----- From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Brumm, Robert via ZendTo Sent: Wednesday, November 28, 2018 2:58 PM To: YOUNG, MICHAEL A. ; Brumm, Robert via ZendTo Cc: Brumm, Robert Subject: Re: [ZendTo] (no subject) I updated the server name in etc/apache2/sites-enabled/001-zendto.conf and ...ssl.conf. Still going to the old URL. On 11/28/2018 4:42 PM, YOUNG, MICHAEL A. wrote: > On Wed, 28 Nov 2018, Brumm, Robert via ZendTo wrote: > >> Hi there. Hopefully an easy question. I after I finished up my >> installation I decided to change the URL of my server. I updated the >> name in the preferences.php file under 'serverRoot' but the old URL is still running. >> Where else do I go to change it? > serverRoot is just what ZendTo thinks it is called for when it needs > to refer to itself. The URL server names that actually work are > configured by your web server, probably in something like > /etc/httpd/conf.d/zendto.conf for apache httpd. > > Michael Young -- CONFIDENTIALITY NOTICE: This e-mail may contain trade secrets or privileged, undisclosed or otherwise confidential information. If you have received this e-mail in error, you are hereby notified that any review, copying or distribution of this message in whole or in part is strictly prohibited. Please inform the sender immediately and destroy the original transmittal. Thank you for your cooperation. _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto