Author Archives: Dave Warren (everything-mdaemon.com)

Script to sort aliases

Posted on by No Comments ↓

Some years ago I developed a script to sort aliases, placing wildcarded aliases at the bottom.  It was updated to support the new $LOCALDOMAIN$ format of wildcards.

Why would you want this?  Well, two reasons.  First, a sorted list makes it a lot easier to find what you’re looking for.  Second, if you add a non-wildcard alias below a wildcarded alias, the wildcarded alias may take effect first — If you’re manually adding aliases, you can hopefully remember to fix the order, but if you add aliases via a script, it’s important to get the sort order right.

I ran this on an hourly basis for several years, but please test this before deploying as I pulled it from some notes and not a live batch file.

@ECHO OFF
:MDSortAliases
C:
CD C:\MDaemon\App
FIND “$LOCALDOMAIN$” < ALIAS.DAT > ALIAS-WILD1.BAK
FIND “*” < ALIAS.DAT > ALIAS-WILD2.BAK
FIND “*” /v < ALIAS.DAT | FIND “$LOCALDOMAIN$” /v /i> ALIAS-NONW.BAK
SORT < ALIAS-NONW.BAK > ALIAS.DAT
SORT < ALIAS-WILD1.BAK >> ALIAS.DAT
SORT < ALIAS-WILD2.BAK >> ALIAS.DAT
DEL alias-wild1.bak
DEL alias-wild2.bak
DEL alias-nonw.bak
echo. > alias.sem

The above will sort aliases into three groups, non-wildcarded aliases, $LOCALDOMAIN$ aliases, then other wildcard aliases.  You can change the order by changing the names of the files in the SORT lines above.  Again, please backup and test first, I take no responsibility if your system bursts into flame after trying the above.

I make the potentially dangerous assumption that MDaemon is installed at C:\MDaemon\ — If not, please change the path.

Understanding DomainPOP duplicates

Posted on by 14 Comments ↓

DomainPOP relies on retrieving mail from your ISP and delivering it to local users based on parsing the available headers and essentially guessing at the best recipient or recipients.  This is very different then SMTP which has a well defined RCPT TO command which defines exactly who the message is addressed to.

To create an analogy, imagine I write a letter addressed to Bob, and courtesy copied to Frank and Henry.

Inside the envelopes, the letters are identical, they’re all addressed to Bob, and courtesy copied to both Frank and Henry.  However, on the envelope I only write the one recipient who is to receive that copy of the message.  When the messages are delivered to your ISP via SMTP, there is both an envelope and the a body (the “letter” in this analogy)

In the case of DomainPOP, it’s like someone opens all the envelopes and throws them out, all you receive is the letter.  Without the envelope, you don’t know exactly who the message should be delivered to.  You can guess based on the available data, the TO and CC headers, but this won’t help you with BCC’d recipients (blind carbon copy, by definition, doesn’t have the recipient’s address in the TO or CC Fields)

By default MDaemon takes the safest route and delivers one copy to everyone mentioned in the various headers MDaemon reviews, taking the approach that it is better to deliver multiple copies then none at all.

Depending on your upstream ISP’s capabilities it may be possible to avoid these duplicates entirely.  There are two options, start with #1 and if that fails, go to #2.

1) A unique header.

Some ISPs are kind enough to insert the RCPT TO command of the SMTP session into the message.  MDaemon, for example, does this in both the X-MDRcpt-To and X-Rcpt-To headers, as well as a Received header (in most cases).

To test if this is the case, you’ll need an off-site email address, one that has nothing to do with your domain.  Gmail/Hotmail are perfect.  If you don’t have access to one, let me know and I’ll send the test message from here.  For the purposes of this article, I’ll use [email protected] as the address which is receiving duplicates and [email protected] as the off-site address.

In MDaemon, go to Setup –> DomainPOP –> [Security] tab, enable the “Place an extra copy” option, and set the directory to a known path.  C:\MDaemon\DomainPOP would be great as this directory doesn’t exist and is easy to find.

Go to your off-site (Gmail) mailbox, and send a message addressed to itself (it should be FROM [email protected] and TO [email protected]), and then BCC yourself ([email protected] in this example)

Once it is received by your server, go to the C:\MDaemon\DomainPOP directory and find the message, open it in Notepad.  Look for the [email protected] address, and if you find it, check out the header that contains the address.

If it’s a X-Delivered-To or X-Rcpt-To or something like that, then it means your ISP likely creates a header showing the actual recipients of the message.

Once you find a header you want to test with, go to the MDaemon –> DomainPOP dialog again, this time to the [Parsing] tab, remove all the headers in the list and add the header you found (unless it happens to be a Received header, if so, there is a checkbox for the Received header above as this header needs some special handling)

Now, you’ll want to test this before proceeding, you need to make sure that your ISP added the headers and not the sender.  If possible, test from Gmail, Hotmail and Yahoo, or have a couple friends or coworkers try emailing you and make sure it works.

2) DomainPOP’s de-dupe feature

You should only use this if #1 doesn’t reveal an appropriate header to use.

To use this feature, in the DomainPOP dialog’s parsing tab, enable the Dedupe feature.  I’d suggest using the Message-ID header, this is the safest, but some mail clients don’t generate a Message-ID so you’ll still see some duplicates.

Another possible header is the Date header, virtually all mail has a Date header, but if two senders happened to send mail at exactly the same second, from the same timezone, it’s possible that one of the messages could get lost, so there is a bit of risk involved with this choice.

Windows XP sp2 (And Vista) – Connection Limits

Posted on by 2 Comments ↓

There is a lot of misinformation and confusion about how the 10-connection limit applies to XP sp2.  I can discuss the technical limitations, although not any EULA implications, nor hacks around this restriction.  The same restrictions apply to Vista’s TCP stack as well.

From a technical point of view, there are NO new restrictions on simultaneous users, or even TCP sessions. Rather, it’s the number of half-complete outbound TCP sessions which are allowed simultaneously. Windows XP sp2 will throttle you if you attempt to have more then 10 half-open sessions at once.

So what is a half-open session?  This is where a connection has been attempted, but not yet actively accepted or refused by the server.  This most commonly occurs when you connect to a server which isn’t online, or when the recipient is running a firewall configured to DROP or “stealth” ports, rather then simply refusing the connection.

So in terms of MDaemon running on a Windows XP sp2 or Vista machine as a service, inbound connections (other PCs accessing SMTP/POP3/IMAP sessions, or WorldClient/WebAdmin) aren’t counted or throttled at all, only outbound connections by MDaemon (SMTP-out, MultiPOP, DomainPOP, Dequeue, LDAP) will be affected, and then only if at least 10 sessions are in the process of connecting but not completing connections fast enough.

UDP traffic is not delayed at all, so neither DNS look ups nor minger are affected.

In a practical implementation, if you intend to use MDaemon on Windows XP, turn the number of SMTP threads down to 8 or below (lower if there are users or other applications/servers on the same machine) and you won’t be affected in most circumstances.

When it does occur, a new event, with ID 4226, appears in the system’s event log. Once throttling has started, outbound connections may still succeed, but you’ll see delays or potentially even connection timeouts.

For more details on how the implementation works, why it is effective against malware and other technical details, please see Microsoft’s write-up.