Re: [vchkpw] Do hooks exist for vpopmail or its lib?
I would recommend a wrapper that does what you need. Rename vadduser or whatever your management calls, put a script in it's place that does the special stuff you need and also calls the real vadduser. --Doug Brian Feeny wrote: Does vpopmail have any hooks available so that when someone adds a domain or removes a domain, I can fire off an external script? qmailadmin had some hooks and they are nice, but I need to take some actions whenever a domain is added. I am going to have techs adding domains via vqadmin. Since I didn't know of any hooks, I have cron just looking in each domains directory (every 15 min) and if it doesn't see the files I want to be there, then it adds them. But I would rather have a mechinism that worked more like a trigger/hook. Brian - Brian Feeny, CCIE #8036, CISSP Network Engineer ShreveNet Inc.
Re: [vchkpw] php vpopmail daemon etc. - developing story
Iavor Raytchev wrote: [snip] X-Istence wrote: Now what i want to ask is, could we write it efficiently. As i would want to deploy this over multiple servers, and having everything written out in normal ASCII would be a waste of bandwidth (all bytes count), i think that we should make it binary communication, just like DJB is trying to do with IM2000. [snip] We must write it efficiently and with all (as many as possible) aspects in mind. If we create the next thing that 'works, but...' - it would be not very useful. Efficiency is good, but you lose a lot of debugging ease when you go to binary protocols. How many times have you used telnet to debug pop and smtp sessions? Converting to binary communications does not save that much bandwidth at all, and for a large price of complexity. --Doug
Re: [vchkpw] php vpopmail daemon etc. - developing story
Alejandro Borges wrote: That woudl be the best way. However, then we'd need a PHP API to use in web-apps [snip] Ken, actually how do you imagine php to talk to the daemon? With XML-RPC or SOAP! Or super-simple: over sockets using tcpserver. tcpserver is built for making these kinds of jobs easy. --Doug
Re: [vchkpw] OT: Radius server
Radiator (open.com.au) rules. You can do virtually anything, including custom SQL queries. --Doug - Original Message - From: Charles Sprickman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, March 31, 2004 5:42 PM Subject: [vchkpw] OT: Radius server Hi all, This is somewhat OT, but I'm curious what people here are using for radius authentication against the vpopmail mysql db? There are a number that support SQL auth, but the whole pw_gid thing in vpopmail is giving me some pains. I wish to use the dialup y/n flags that end up in the pw_gid field, but I'm also looking to use the user defined flags to also denote if a given user should be able to auth via radius for news or roaming dialup. So far this doesn't look possible (or let's say easy). FreeRadius, gnu-radius, openradius all lack the ability to alter the sql query based on which client NAS connects. How are other people solving this problem? I'd love to keep the vpopmail db as the master reference for all radius-authenticated services. Also, does anyone have some info on what exactly the values in pw_gid are? It's numeric, and it varies is about all I can gather from poking around. Thanks, Charles
Re: [vchkpw] Frontend to configure POP3 fetching?
Jens Benecke wrote: I am looking for a web frontend, that can authenticate against vpopmail users, and allows users to specify POP3 servers and logins, and will fetch (or call fetchmail/getmail/gotmail/fetchyahoo/... in the background) for the specified accounts, and sort mail into the right vpopmail boxes. Squirrelmail can do this. I don't remember if it's native or if it requires a third-party plugin or not. --Doug
Re: [vchkpw] Suggestions for improving performance
28000 mails in the queue and you're using the chkuser patch? My guess is
that over 27000 of those are spam double-bounces waiting to be delivered. I
might suggest setting up another machine to be a smart smtp host to handle
outgoing mail. Trying to resend all that mail takes non-trivial resources.
You might also consider lowering your queuelifetime, which will
double-bounce things quicker that will likely just sit in the queue until
they expire.
--Doug
Jeff Koch wrote:
Hi Jeremy:
Thanks for replying.
We're using spamc in a maildrop filter called for each pop account
(via qmailadmin's spam enable setting). User SA prefs are maintained
by. MySQL
Good suggestion on the catch-alls - we'll do a scan for accounts with
many emails. We do have some with 10 to 15,000 emails. ReiserFS was
not an option on RH8.0 unfortunately.
We've got 28,000 emails in the queue - not preprocessed is zero.
- concurrencyincoming = 30
- debugging is turned on for qmail-scan (seems to be the only way to
generate a log of all messages processed) but the log is closed and
zipped each night.
- smtpd log shows we're using about 15 of the 30 incoming connections.
- softlimit in /var/qmail/supervise/qmail-smtpd/run is 30MB
- vpopmail is configured for MySQL auth with all domains in one table.
- we use mfcheck and the checkuser patch (mysql) to drop questionable
connections.
I don't know what you mean by 'conf-split' or big-{ext-}.
At 02:01 PM 2/27/2004, you wrote:
On Fri, 2004-02-27 at 12:53, Jeff Koch wrote:
Does anybody have any suggestion for improving the performance of a
mailserver runnning
qmail/vpopmail/qmailadmin/qmail-scanner/spamassassin?
are you using spamd and having qmail-scanner call spamc? or is it
calling spamassassin. if the latter, change it to spamd/spamc model,
much more efficient.
We're using a 2.4Ghz P4 with 1GB RAM and a 40GB SCSI drive. The
operating system is a basic RH8.0 install with the ext3 journalling
file system. We're handling about 50K messages/day and seem to
exhausting the capabilities of the server. During peak periods CPU
idle time reaches 0% and load averages will exceed 10.0
with ext3 you have to be careful about catchall accounts, and
accounts that nobody checks that get a lot of email. If there are
say, 25000 messages in an account and it gets 100 messages per hour,
that will bring your server performance down quite a bit.
of course, using reiserfs on the mail store will fix that problem.
I've had over 150k emails in one account with reiserfs, and the
system wasn't even being phased as I pumped more mail at it (was
load testing for a customer)
We would welcome any suggestions or URL's that you could point to -
particularly with respect to performance tuning that will work with
qmail.
what is the approximate queue load, and what is your conf-split
value?
do you have big-{ext-,}todo?
-Jeremy
--
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE
Best Regards,
Jeff Koch
Re: [vchkpw] QS to reject misaddressed email at SMTP conversation
Jeremy Kitchen wrote: On Fri, 2004-01-16 at 14:35, Doug Clements wrote: Make sure you used his other big patch as well. it's not required for this. Maybe he doesn't want it. Please don't give him the impression that he NEEDS the other patch for this to work. You can however, recommend it, if you want. Actually, the patch Shupp has posted does in fact require his larger patch for it to apply cleanly. I just installed it today, I know :) --Doug
Re: [vchkpw] QS to reject misaddressed email at SMTP conversation
Russell Mann wrote: Perhaps he should make a patch against stock qmail so those of us who don't want to use his 'toaster' patch can use it anyways. -Jeremy Or he should at least say somewhere on his site that the chkuser patch requires the toaster. At least then I would have ignored it instead of trying to get it to work against vanilla qmail :) It does: Qmail chkuser patch Checks that the vpopmail recipient is valid before accepting the message. requires vpopmail to be installed first, and that the 0.5 patch above is applied to qmail. Please select the appropriate version: --Doug
Re: [vchkpw] QS to reject misaddressed email at SMTP conversation
Russell Mann wrote: Hello, Vpopmail, Qmail, Qmail Scanner. Sorry for the cross-list-post, but I'm not sure who to ask for this one, as I'm not sure which software isn't doing what I want! I've recently installed the chkuser patch found here: http://www.interazioni.it/qmail/#qmail-smtpd I tried the Bill Shupp one, but it didn't patch right, even on a vanilla Qmail 1.03. Qmail chkuser patch Checks that the vpopmail recipient is valid before accepting the message. requires vpopmail to be installed first, and that the 0.5 patch above is applied to qmail. Make sure you used his other big patch as well. --Doug
Re: [vchkpw] spam assassin enable/disable per domain flag
Ken Jones wrote: I was wondering where the best place to put a domain wide enable/disable flag for spamassassin would be. What do you folks think? The idea would be to have a file checked by vdelivermail. If spam assassin is enabled, vdelivermail calls spamc before dropping the email into the users Maildir. Then the setup would be backwardly compatible with current sites. And they could enable/disable spam assassin by just updating the configuration file. Instead of checking for a file, why not use the extra space in the vpopmail gecos fields to store spam settings for that user? I've already got a bunch of files hanging around in each home directory (hopefully less if this spamassassin integration works). Another thing to consider is where to put the spam. Some of our users like it to go to the Trash folder, some like it to go to the Spam folder. This should be customizable somehow for vdelivermail. Actually, now that I think about it, I probably wouldn't even use the vdelivermail integration for spamassassin. I already call a .qmail file to do all the maildrop filtering and everything that vdelivermail can't do, so there's no need to spawn another vdelivermail just to filter spam when I can call spamc from maildrop. I still think the setting should go in a gecos field though :) --Doug
Re: [vchkpw] Re: maildir++ patch doesn't solve the problem
On Sat, Sep 20, 2003 at 08:58:37AM -0700, Tim Hasson wrote: I do not use/like sqwebmail, but what you did simplifies a lot of things. sqwebmail doesn't do much special. The only thing I like about it is it access maildir's directly. Same here, and it can edit maildrop filters. I have on my todo list a maildrop filter editor web page so we can replace sqwebmail functionality, or at least give users a choice. It's pretty far down on my list, though. I would too, and I do. The authoritative source of info is in the database, and when the users file gets created, the database is consulted for the proper value. When it's updated, a script goes back to update the users file. This also allows for delivery should the database go down, and is less database load in general. This is very nice. Can you elaborate more on the above? Do you mind sharing your script(s)? I've been trying to make time to sanitize my scripts for publication, but I've just been so swamped. That's why it's taken so long to reply, and I apologize. What I basically have is wrapper around each vpopmail command. The billing system sets user preferences such as if they get spam filtering. Then the billing system inserts a task into a database that the mail cluster checks for. It picks up the tasks and runs the wrapper, which involves adding the user with the vpopmail vadduser command, then consulting the billing database for user preferences. The wrapper writes out all the default filters, and quota and spam preferences and all that fun. It's pretty simple, actually. When the spam preferences or the quota settings get changed, the billing system pushes out an update command. The mail cluster picks this up and re-writes the appropriate files. In this way, we have the authoritative source of info available for lookup by billing and tech support, yet the system still runs independantly of other systems. Yes, I agree. My excuse here was that the second command would only be run if the maildirsize file was not found. This still has the double exec effect on delivery to accounts with no quota :/ Yeah, that's a nice and straightforward way of doing it, and probably works fine for low-volume systems. I'm still trying to optimize further by reducing the number of filter files maildrop needs to open, but I haven't come up with a clean way of that yet. Really though, this is all a drop in the bucket when I'm running spamc for spam filtering customers =) --Doug
Re: [vchkpw] Re: maildir++ patch doesn't solve the problem
On Fri, Sep 19, 2003 at 03:57:26PM -0700, Tim Hasson wrote: I am not setting the environment variable MAILDIRQUOTA for some reasons: 1. If user has access to their maildrop filter, or they have shell access, then the MAILDIRQUOTA makes no sense. My users use sqwebmail to access their filter file. I solved the overwriting problem by having maildrop first call a mailfilter-standard file. It includes the mailfilter-quota file, then includes the mailfilter-sqwebmail file. sqwebmail is free to edit it's own filter without messing with the quota settings. None of my users have shell access, so I don't have to worry about that. You could make the case that they could still edit their maildrop filter and remove the part where they lookup the quota, as well. 2. I rather have all user information (including quotas) set in vpopmail's mysql db, for administration reasons. I would too, and I do. The authoritative source of info is in the database, and when the users file gets created, the database is consulted for the proper value. When it's updated, a script goes back to update the users file. This also allows for delivery should the database go down, and is less database load in general. 3. Eventually, I do not want to use maildrop at all, except maybe for filtering. But I'd like to find a better solution. I find maildrop to work great for final delivery. I call a single program in the users .qmail file, and it takes care of everything. No forking, no external calls, no nothing. I figure if you're going to use it in one place, you might as well standardize and use it everywhere. It's easier to keep up with a single delivery agent than 3, especially when maildrop does everything you need. And because I do not set the variable MAILDIRQUOTA, my mailfilter contains a section like so: VHOME=`/home/vpopmail/bin/vuserinfo -d [EMAIL PROTECTED] That's an external program that in my opinion doesn't need to be run for every single delivery. [...] `/home/vpopmail/bin/vuserinfo -Q [EMAIL PROTECTED] That's 2 extra programs per mail delivery, times how many ever mails a day you get. I guess maybe I'm anal about optimizing this sort of thing, but if I can avoid that (and I can) then I will (and I did). With regard to the url you posted in another message: http://www.geocrawler.com/archives/3/9569/2001/4/0/5564545/ Sqwebmail does have support for updating maildirsize, I knew that, but setting MAILDIRSIZE in the generated filter file doesn't seem to work on my system. No biggy, I don't need it anyway =) Hope your problems are closer to being solved! --Doug
Re: [vchkpw] Re: maildir++ patch doesn't solve the problem
On Thu, Sep 18, 2003 at 05:10:29PM -0700, Tim Hasson wrote: BTW, I had a problem before where if I changed a user quota using vpop's vsetuserquota, the maildirsize file in the user's maildir will automagically get deleted, but never recreated by maildrop (for the domain I was doing filtering for) So that's why i put the check in mailfilter script to see if maildirsize needs to be recreated. Shouldn't maildrop create the maildirsize file if it doesn't exist? I think when I used vdelivermail, it created maildirsize when a new message was received in the mailbox that didn't have maildirsize in place, but with quota limit on it. Now, as far as I recall, Bill Shupp made the maildir++ patch based on the code from maildrop, so I am not surprised it doesn't recreate the maildirsize file ;-) Respectfully, Tim Hasson Hm.. maildrop creates maildirsize for me. Are you sure you're setting the MAILDIRQUOTA environment variable when you run maildrop? When I create a user, it creates all the maildrop recipes for that user, including one that sets MAILDIRQUOTA (in addition to setting the quota with vsetuserquota, which only seems to set it in the database). I've tested multiple times, and the maildirsize file behavior is what you'd expect; the file gets created on first delivery, and it gets recreated when it gets big. Naturally I don't expect maildrop to directly use vpopmail quota settings, which is why I set the variable. --Doug
Re: [vchkpw] Re: maildir++ patch doesn't solve the problem
On Thu, Sep 18, 2003 at 05:13:32AM -0700, Tim Hasson wrote: Try using courier maildrop for delivery instead of vdelivermail. I just switched all my domains (on nfs) .qmail-default's to invoke maildrop instead of vdelivermail also because of problems with maildirsize not being rebuilt and/or getting really screwed up. The problem happened very randomly and cannot be duplicated easily, but happens over days to random accounts/domains that used vdelivermail. Tim, Let us know if this actually does fix your problems. Nobody can seem to confirm that vdelivermail or qmail-local will rewrite the maildirsize file, and my initial looking through the code of vdelivermail turns up nothing of the sort. --Doug
[vchkpw] Re: vpopmail and maildir standards
On Tue, Sep 16, 2003 at 10:43:59PM -0700, Tim Hasson wrote: Quoting Doug Clements [EMAIL PROTECTED]: On Tue, Sep 16, 2003 at 09:17:48PM -0700, Tim Hasson wrote: 1. Maildir++ doesn't work on NFS, or at least has serious issues with it, thus breaking the whole quota support thing. Works great here. What problems are you seeing? Please see my previous post (few hours ago): Re: Quota problem: negative values in Maildir/maildirsize http://article.gmane.org/gmane.mail.vpopmail/7924 Gotcha. I misread, thinking you were saying the Maildir++ format was problematic on NFS. It appears you mean that the Maildir++ implementation of vpopmail is broken. I use maildrop exclusively for delivery to mailboxes, if they have quotas or not, which is likely why I see no problems. Maildrop was written by Mr Sam, who as far as I know also came up with the Maildir++ spec, so I would hope it's a complete implementation. Maildir++ violates the spirit of Maildirs in that the maildirsize file that keeps track of the quota isn't atomically updatable, like the delivery and normal moving around of mail files is and is therefore succeptable to corruption when used over NFS sans-locking. In one of the referenced mails above, I make the case that this doesn't matter, since the file should be rebuilt regularly anyway, and any problems will be minor and corrected as a matter of course. You seem to be seeing other things, however. It looks possibly like either vdelivermail or the qmail-local patch doesn't rebuild the maildirsize file every so often like the Maildir++ spec requires. Does anyone know either of these? This is not quite desirable.. That looks like a genuine bug. I don't know why vaddomain would drop privilages before creating the directorys and setting appropriate permissions. That, or I don't understand how it's supposed to work. --Doug
Re: [vchkpw] maildir++ patch broken?
On Tue, Sep 16, 2003 at 09:45:10AM -0700, Paul Theodoropoulos wrote: the maildir specification; it also makes the maildir unsafe for use over NFS without locking, which is one of the basic reasons for the existence of thoughts? He's totally right, but if the quota file gets screwed up, it's really no big deal. It gets deleted and recreated. It's a simple way that self-corrects when the file gets hosed, which is about the best you can hope for over NFS. --Doug
Re: [vchkpw] Maildrop patch: mysql-based filtering rule support
On Tue, Sep 16, 2003 at 07:24:20PM -0400, Erik Bourget wrote: I've patched maildrop to read filtering rules out of a MySQL database. This is incredible. I would love to see vdelivermail replaced with something like this. Seems most people who want to do filtering use maildrop anyway, this would cut out the need for vdelivermail to lookup the user dir. It also seems a lot more flexible. Excellent work! --Doug
Re: [vchkpw] vpopmail and maildir standards
On Tue, Sep 16, 2003 at 09:17:48PM -0700, Tim Hasson wrote: 1. Maildir++ doesn't work on NFS, or at least has serious issues with it, thus breaking the whole quota support thing. Works great here. What problems are you seeing? 2. Because of default permissions on the domains folder, I cannot add new domains with a different system uid, vadddomain fails with permission denied. Well of course, you drop to user-uid, try to chdir into ~vpopmaildomains which is chown vpopmail, chgrp vchkpw, chmod 700, and it will fail. Are you adding them as root? I don't personally use system quotas with vpopmail, but I know I've seen other people talking on list about them, so I know they work. Did you check the archives on how to set it up? What documentation are you following for system quota setup? So the whole issue is a standard issue. Qmail/Maildir are designed to run on NFS. Why is vpopmail deviating from the standard? Again, it runs fine on NFS here. --Doug
[vchkpw] vpopmail and mysql replication
Greetings, I've got a working mysql and vpopmail setup going, with replication support. For those that don't know, replication support in vpopmail means that all updates go to a single server, where lookups can be sent to another server. I have a local copy of the replicated database on each machine to spread the load out and to be more robust in the face of other machine failure. Unfortunately, this makes each machine dependant on the mysql update server, since each login triggers an update to the lastauth table. How have other people solved this, without just disabling mysql logging? Has anyone used any of the more rare multiple-master ring topologys in mysql to let each server update? I really don't want to setup a dedicated mysql server just to handle updates like this. I'm also planning to start using spamassassin mysql preferences, so I'd like any server to be able to update the database with user preferences, and the change replicate around. Does anyone have any input on this? Anyone use squirrelmail with their preferences in the database as well? Thanks! --Doug
Re: [vchkpw] vpopmail and mysql replication
On Fri, Sep 05, 2003 at 02:31:39PM -0500, Nick Harring wrote: I'm about to tackle this same problem myself, since I'm about to ditch a pair of Solaris boxes for my NFS mounted mail spools and instead move to filers. My plan is to instead use Linux HA to have two machines as a failover cluster mounting the database via NFS. I think this'll be a lot cleaner, and will also integrate in a nicer fashion with the concept vpopmail has of mysql replication. Your other option, if you've got money to spend on the problem, is to get a database server which is both supported by vpopmail and supports more flexible replication. I'd recommend Sybase, since they support real two way replication, and their replication speed is amazing. Thanks for the input. I would assume Sybase also supports concurrent access to the DB files over NFS, since you're planning to use that. I know mysql specifically doesn't allow that (at least with MyISAM tables). Unfortunately, Sybase pricing is probably greater than the cost of labor in setting up a dedicated mysql server. What is a typical Sybase price for a setup like yours? --Doug
Re: [vchkpw] mysql gone away. Please help a noob.
You probably didn't run 'flush privelages' after adding the vpopmail user. --Doug - Original Message - From: jon kutassy [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 19, 2003 4:27 PM Subject: Re: [vchkpw] mysql gone away. Please help a noob. Thanks for the replies. I've been following Michael Bowe's excellent documentation on setting this up. http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm (I hope he doesnt mind the link) I took the windoze approach and restarted mysql, and its all working fine!! Thanks everyone for your input!! did you configure for your mysql user/password in vmysql.h? if not, amend the entries and recompile. also, did you create the tables or check that they were created? did you allow mysql access from within mysql? did you 'flush priviledges' to make the privs stick in mysql? Good luck jon kutassy wrote: I'd like to get vpopmail working with authenticating against mysql... I have a working version of mysql that Id rather not break: Excuse me if I include too much info : Im not sure what is and isnt relevent: mysql Ver 12.21 Distrib 4.0.14, for pc-linux (i686) Server version: 4.0.14-standard Protocol version: 10 Connection: Localhost via UNIX socket UNIX socket:/var/lib/mysql/mysql.sock I compiled with ./configure --enable-mysql=y when I run add domain I get: Please enter password for postmaster: enter password again: could not connect to mysql update server Access denied for user: '[EMAIL PROTECTED]' (Using password: YES) with database could not connect to mysql update server Access denied for user: '[EMAIL PROTECTED]' (Using password: YES) vmysql: sql error[c]: MySQL server has gone away vmysql: sql error[b]: MySQL server has gone away vmysql: sql error[3]: MySQL server has gone away I have a database called vpopmail and a user vpopmail that has (I believe got access to this db).. but looking at this error message makes me wonder... does Access denied for user: mean that the database has been found just that its not allowing the user to authenticate? Im lost.. Regards Jon _ Express yourself with cool emoticons - download MSN Messenger today! http://www.msn.co.uk/messenger v _ On the move? Get Hotmail on your mobile phone http://www.msn.co.uk/msnmobile
Re: [vchkpw] qmail quotas won't work
On Fri, Aug 15, 2003 at 02:47:17PM +0200, Chrigi Hartmann wrote: conclusio: qmail don't count up the quotas. he only count down when I erase messages. where are the quotas definied in qmail? i couldn't find any informations about these in the internet. They aren't defined in qmail, they're defined in vpopmail. The setting is kept in the user cdb file (or in the database if you're using mysql). Check your .qmail-default file and make sure you're using the vdelivermail program to deliver the mail. I use Maildrop to deliver with quota features, but I had to enable that and set the quota in the recipe file. --Doug
Re: [vchkpw] Authentication failed..
On Wed, Aug 06, 2003 at 02:15:20PM -0700, Tom Collins wrote: On Wednesday, August 6, 2003, at 01:38 PM, Doug Clements wrote: Yet again, the problem is with vpopmail. Solution: Fix vpopmail. This was fixed around release 5.3.5 (according to Michael Bowe's research), and vpopmail 5.3.20 and later should work fine with authdaemon. If it doesn't, then we need more information as to when it fails. Michael is working on a 5.2.2 release that backports major bugfixes from the 5.3 series. We hope to have a 5.4 release (i.e., a stable 5.3 release) of vpopmail ready by the end of August. Hooray! I'm definately looking forward to being able use authdaemon. Thanks for the reply. --Doug
Re: [vchkpw] Authentication failed..
On Tue, Jul 29, 2003 at 01:55:48PM -0400, Ajai Khattri wrote: [EMAIL PROTECTED] wrote: Hi, I have an qmail/vpopmail/courierimap/sqwebmail-server. And, I have a problem.. I?m not really sure if it is about the vchkpw -program, but that?s my guess The problem is, that if I start the imapserver, and/or the sqwebmailserver, the first minutes I can log in without any problems, or let?s say, the first time. But, when I try to login in again, with the same account or with another, authentication fails.. Whery strange. I uses plain-password style for authdaemond.plain for imap. For the local users /etc/passwd the problem inly apears sometimes. I think this problem is with authdaemond? Solution: Do not use authdaemond. Yet again, the problem is with vpopmail. Solution: Fix vpopmail. --Doug
Re: [vchkpw] Authentication failed..
- Original Message - From: Ajai Khattri [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 29, 2003 10:55 AM Subject: Re: [vchkpw] Authentication failed.. [EMAIL PROTECTED] wrote: Hi, I have an qmail/vpopmail/courierimap/sqwebmail-server. And, I have a problem.. I?m not really sure if it is about the vchkpw -program, but that?s my guess The problem is, that if I start the imapserver, and/or the sqwebmailserver, the first minutes I can log in without any problems, or let?s say, the first time. But, when I try to login in again, with the same account or with another, authentication fails.. Whery strange. I uses plain-password style for authdaemond.plain for imap. For the local users /etc/passwd the problem inly apears sometimes. I think this problem is with authdaemond? Solution: Do not use authdaemond. You think wrong. The problem is with vpopmail. See the archives, maybe it will get fixed someday. --Doug
Re: [vchkpw] Re: Authentication failed..
- Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 29, 2003 3:33 PM Well, thanks, but how do I get the archives? I´m a new user on the list. http://bluedot.net/mail/archive/list.php?f=2, linked from http://inter7.com/vpopmail.html --Doug
Re: [vchkpw] PATCH: alllow content directory to be specified adding a new domain
- Original Message - From: Mike Miller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 20, 2003 2:01 PM Subject: [vchkpw] PATCH: alllow content directory to be specified adding a new domain PATCH: alllow content directory to be specified adding a new domain -- Attached is a diff against 5.3.21 which adds the ability to utilize any directory as the content directory, rather than simply as the domains directory. We use this for a hosting provider who wants to store users mail in their homedirectories. This aids backup (as one can backup their homedirectory with all of their users and IMAP-stored mail), security (as users own their own mail folders) and means that users who operate ezmlm mailing lists (for example) can access their archives (formerly, they are restricted by the ~vpopmail/domains folder with it's 700 permissions as well as the user folder. It looks like a hack, however allowing a user to specify ~username/domain.com/mail as their domain folder is I'm sure a beneficial feature to many who use similar situations as myself. It could be easily integrated. The only other thing that would need moficiation would be vqadmin, as I added a parameter to vadddomain. Simply defaulting to a 0 in this parrameter when called in vqadmin would suffice in the short run to keep things working. qmailadmin doesn't add domains, and no other functions in the source appear to call this. Thoughts? Anyone else potentially find something like this useful to perfect and integrate? Definately useful, makes it even easier to scale across multiple NFS servers. Have one where you can specify the user directorys, as well? =) --Doug
[vchkpw] [mrsam@courier-mta.com: [sqwebmail] Re: Sqwebmail Authorization 2]
- Forwarded message from Sam Varshavchik [EMAIL PROTECTED] - Doug Clements writes: On Fri, Jul 18, 2003 at 09:47:14AM -0400, Sam Varshavchik wrote: Known bug in the vpopmail module. Try the vpopmail mailing list. If vpopmail people do not fix this bug, I'll simply pull the vpopmail module out. I don't want to deal with their bugs any more. I've seen this said many times for years now. vpopmail says it's a bug in authdaemon, you say it's a bug in vpopmail. How specifically does vpopmail act that is problematic for sqwebmail? It fails to clear the buffer where the username is copied to. Therefore, a subsequent authentication request for a username with fewer characters will get leftover crap appended to it, and the userid search against the database will fail. By disabling authdaemon, they're hacking around the bug by starting a new process for each authentication request, with all memory cleared at startup. There's nothing wrong with authdaemon. LDAP, PostgreSQL, or MySQL authentication is rock solid. Only vpopmail craps out, when using authdaemon. It's a vpopmail bug. This is the last time I'm going to address this issue. They'll either have to fix this bug, or if I continue to get their bug reports, I'll just drop the whole vpopmail module. And they also better do something about the broken permissions on the vpopmail library. Not a week goes by without someone whining that linking against -lvpopmail fails. That's because libvpopmail.a does not have group or world read permissions. You want to know why's that? That's because the administrator password to MySQL is hardcoded into the library, and some time ago someone correctly reported to Bugtraq that with vpopmail installed, anyone on the system can easily lift the admin password to MySQL out of libvpopmail.a. So how was that fixed? By removing read permissions on libvpopmail.a. End result? When building sqwebmail or courier-imap as non-root, the link against libvpopmail.a now fails. And I get the bug reports caused by the broken security model of vpopmail. - End forwarded message - It looks like there's 2 main problems he's detailing. The first he details looks pretty darn obviously a bug. Can anyone comment on why this buffer isn't cleared, and why it hasn't been fixed? I'm not sure how to address the library problem. I've come across it, and anyone who halfway knows what they're doing should know how to get around it, but we all (sqwebmail and vpopmail lists) still get people who have problems with it. This sounds fixable by the patch I just saw that keeps the authentication information in a seperate file. Are there any objections to doint this and relaxing the restrictions on the lib directory (at least make it executable) and the actual library file (make it readable)? The hard-coded login information was the only valid reason I remember for having the lib permissions like that. Anyone? I've never seen this problem really anaylzed and properly investigated on the vpopmail side. I really would like sqwebmail and vpopmail to work well together, it would be quite a shame to lose the interoperability over some bugs that should really be fixed regardless. --Doug
Re: [vchkpw] [mrsam@courier-mta.com: [sqwebmail] Re: Sqwebmail Authorization 2]
On Fri, Jul 18, 2003 at 05:23:58PM -0700, Tom Collins wrote: On Friday, July 18, 2003, at 03:55 PM, Doug Clements wrote: It looks like there's 2 main problems he's detailing. The first he details looks pretty darn obviously a bug. Can anyone comment on why this buffer isn't cleared, and why it hasn't been fixed? If someone can give me better guidance, I will go in and fix the problem on the vpopmail side. What functions does authdaemon make use of in libvpopmail? I would imagine it only uses the password lookup functions. vpopmail is pretty darn simple, there's not that many ways to lookup a password. libvpopmail may need a major overhaul and review for memory leaks, especially if it's like QmailAdmin. Since QmailAdmin runs as a CGI, no one has been very careful about freeing allocated memory when it's done being used. I'm not sure if similar coding practices are present in vpopmail. There doesn't appear to be from what I've seen, and random segfaults and crashes of various vpopmail processes strenthe my opinion. vpopmail seems to have more of a fix things when they cause problems way of going. Does anyone see a reason it should be hardcoded into the lib? The only one I can think of is speed, but really when you're using mysql, the hit of opening another file will be much lower than that of even connecting to the sql server and just logging in, not counting query time. I'm not intimately familiar with sqwebmail, but I'll commit to fixing whatever is broken in vpopmail. Should I just examine authvchkpw.c to see how it interfaces to vpopmail, and work on the parts of vpopmail that it touches? Otherwise, it will probably be necessary to review each function in vpopmail to make sure it could be called repeatedly, work properly, and not leak memory. I would just look through it.. I would love to get in there, but my to-do list is huge already. Seems some sort of regression testing app would be pretty easy to code up that does what you describe. Catching the bug he describes of reusing a buffer without clearing it should be pretty easy to find. He even tells us it's the username field, so good hunting! --Doug
Re: [vchkpw] Wrong reply-to in SqWebMail for virt domains
gjohnson wrote: Hi. I have vpopmail, courier-imap and sqwebmail running on OpenBSD 3.3 with apache NOT chrooted. I have two domains: real.domain and virtual.domain In SqWebMail, virtuser with virtual.domain logs on to SqWebMail thus virtuser%virtual.domain pass But once logged on they see themselves as [EMAIL PROTECTED] which also appears as their reply-to address (until/unless they change it). Naturally, many will not change it. Real users see [EMAIL PROTECTED] -- so they are fine. I would just like virtusers to see [EMAIL PROTECTED] both at the top of the page and for their reply-to. Is this possible? If so, how do I change the virt.domain setting? Set the sqwebmail prefs for the user when you create the account. They include the Reply-To address. --Doug
Re: [vchkpw] Wrong reply-to in SqWebMail for virt domains
gjohnson wrote: Doug Clements writes: Set the sqwebmail prefs for the user when you create the account. They include the Reply-To address. --Doug Thanks for your reply. I am working with sqwebmail-3_5_1, vpopmail-5_2_1, and vqadmin-2_3_2. When I create an account thus -- su - vpopmail vadduser [EMAIL PROTECTED] password exit -- I see no option for sqwebmail prefs. I can not change reply-to with vqadmin either. Neither do I see any reply-to or name-at-the-top option in the actual SqWebMail webpage itself. Only when I send a mail from the account in SqWebMail can I (permanently) change the reply-to address (by simply changing the reply-to on that email). What SqWebMail prefs were you referring to? Can they be applied domain-wide, or do I have to go to each virtual user after set up and change individually? Check a user account that you have logged into with sqwebmail. There should be a sqwebmail-prefs file there that is a plain text file. You can generate this file automatically with the correct preferences at the time you create the user. Make a script to fill this file in, and run it after you create the user. I have an elaborate wrapper system that sets up various aspects of each user after they get added, including setting initial sqwebmail prefs, creating extra folders, setting up Maildrop recipes, and some other fun stuff. You might consider creating the same sort of wrapper around vadduser so this becomes automatic to you. Cheers! --Doug
Re: [vchkpw] Wrong reply-to in SqWebMail for virt domains
gjohnson wrote: Thanks. I presume I can apply this patch as I did those for qmail: put in the source directory, use the patch command, and compile, etc. I will try that after I get a reponse on my next email. The content of another reponse confused me, and I need some clarification. I assume you mean my mail =) I prefer to create wrappers around vpopmail commands instead of patching the source like this. That makes it easier to upgrade when the time comes, and I know exactly what's going on with my modifications. Either way will work, I was just suggesting my preferredway. --Doug
Re: [vchkpw] Permission $vpopmail/lib directory
On Fri, Jul 04, 2003 at 11:58:43PM +, Mike Miller wrote: [vpopmail - 5.3.20] So I installed vpopmail and now I'm compiling courier-IMAP as a non-root user (like a good boy). Problem is, /var/vpopmail/lib and the libvpopmail.a library are chmodded 700 without permissions besides root. Maybe this should be 755 or 750 by default to allow such problems to link with the static library. I of course changed the permissions to allow group permissions, but I think the default should allow. -M 755 would be a bad idea, since there's potentially sensitive information statically compiled into the librarys (like sql passwords) that could be easily read by other users. I usually just compile courier up to the point where it fails on that, then go back as root and re-run gmake. It finishes compiling and I've never had a problem with it. I think the correct solution would be fixing courier-imap to compile properly as root, but that's just my personal opinion. --Doug
Re: [vchkpw] Repeated messages
On Fri, Jul 04, 2003 at 10:55:32PM +0100, S?rgio Manuel Rosa wrote: Hi list, For each message that someone send to the mailling list I'm receiving at least 10 copies of the same message. This is happening only with this mailling list. Any clues? My guess is that it has something to do with the W32/[EMAIL PROTECTED] virus. Try NAI's Stinger at http://vil.nai.com/vil/stinger/. --Doug
[vchkpw] What happened to the list?
I'm not sure what happened to the list to make it murder the To and CC headers, but can someone please fix it? --Doug
Re: [vchkpw] What happened to the list?
And my own message looks ok. Did everyone else just decide to start sending mails with BCCs? Here's some examples: From: Rudy G [EMAIL PROTECTED] Subject: RE: [vchkpw] vdelivermail can't deliver to domains added with -u option. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=--KIXNS1MBAUK38X Message-Id: [EMAIL PROTECTED] Date: Fri, 4 Jul 2003 19:32:04 +0100 X-Spam-Status: Spam: False ; 0.1 / 5.0 From: Michael R. Bagnall [EMAIL PROTECTED] Subject: [vchkpw] 5.3.20 Quota Problem MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=--JE6HKXSHNTWPAZ Message-Id: [EMAIL PROTECTED] Date: Fri, 4 Jul 2003 19:27:11 +0100 X-Spam-Status: Spam: False ; 1.1 / 5.0 From: Emris [EMAIL PROTECTED] Subject: Re: [vchkpw] Unvalid users? MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=--HZVSJ2XM9G21Y3 Message-Id: [EMAIL PROTECTED] Date: Fri, 4 Jul 2003 19:19:08 +0100 X-Spam-Status: Spam: False ; 0.6 / 5.0 --Doug - Original Message - From: Doug Clements [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 04, 2003 11:30 AM Subject: [vchkpw] What happened to the list? I'm not sure what happened to the list to make it murder the To and CC headers, but can someone please fix it? --Doug
Re: [vchkpw] What happened to the list?
How very odd.. Seems the mails that are hosed up for me all come from this telepac.pt place: Received: from NetClube05 ([213.13.72.80]) by fep06-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with SMTP id [EMAIL PROTECTED]; Fri, 4 Jul 2003 19:10:22 +0100 Received: from NetClube05 ([213.13.72.80]) by fep03-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with SMTP id [EMAIL PROTECTED]; Fri, 4 Jul 2003 19:24:27 +0100 etc, etc, I guess maybe it's just coincidence that it's the last 10 mails or so to the list came from that ISP? Maybe the inter7.com dns got their MX hijacked down in that part of the world? --Doug - Original Message - From: Mark Nicholas [EMAIL PROTECTED] To: Doug Clements [EMAIL PROTECTED] Sent: Friday, July 04, 2003 12:33 PM Subject: Re: [vchkpw] What happened to the list? I'm not sure what happened to the list to make it murder the To and CC headers, but can someone please fix it? Doug, Below is what I am seeing in my headers is this not what you are seeing? - Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 21380 invoked from network); 4 Jul 2003 18:16:50 - Received: from unknown (HELO ns1.inter7.com) (209.218.8.2) by host115.tbd with SMTP; 4 Jul 2003 18:16:50 - Received: (qmail 14274 invoked by uid 511); 4 Jul 2003 19:45:33 - Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Unsubscribe: mailto:[EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] Received: from unknown (HELO smtp2.linkline.com) (64.30.215.131) by evanston.inter7.com with SMTP; 4 Jul 2003 19:45:33 - Message-ID: [EMAIL PROTECTED] From: Doug Clements [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Fri, 4 Jul 2003 11:30:33 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: [vchkpw] What happened to the list? X-PM-PLACEHOLDER: - -- Blessed are they who have nothing to say, and who cannot be persuaded to say it. - James Russell Lowell *** * Mark Nicholas * MCSE MCP +I * Lawton Bros., Inc * [EMAIL PROTECTED] ***
Re: [vchkpw] Corrupted Delivered-To header?
On Wed, Jun 25, 2003 at 09:33:36PM -0700, Tom Collins wrote:
This is a bug in vdelivermail.c, in the section of code after the
following comment:
/* use the DTLINE variable, but skip past the dash in
* [EMAIL PROTECTED]
*/
Basically, it assumes the first dash separates the domain name from the
email address. The solution might be to find the '@' in DTLINE,
determine the length of the domain name (@ to trailing NULL) and skip
that many bytes from the beginning of the address.
Maybe it's better to use other environment variables (USER, HOST,
LOCAL, RECIPIENT?) to build the delivered-to header.
I'm looking at the code, and I see that this generation of Delivered-To seems to be
special. Other places generate that header use this:
/* Set the Delivered-To: header */
if ( strcmp( address, bounce) == 0 ) {
snprintf(DeliveredTo, AUTH_SIZE,
%sDelivered-To: [EMAIL PROTECTED], getenv(RPLINE),
TheUser, TheDomain);
What's wrong with using this way all the time? Is it because it's a catch-all address?
Is there anything wrong with just [EMAIL PROTECTED] in this special case?
Thanks for your help!
--Doug
Re: [vchkpw] Corrupted Delivered-To header?
On Thu, Jun 26, 2003 at 03:08:47AM +0100, Robin Szemeti wrote: On Thursday 26 June 2003 02:41, Doug Clements wrote: Greetings, We're getting a report of a bogus Delivered-To header from one of our customers. Apparently, Exchange relies on this in some way. it shouldn't. I agree :) The header lines are not normally used in mail routing. exchange *should* be using the smtp envelope (ie the RCPT [EMAIL PROTECTED] that is passed in the SMTP exchange) to route the message, rather than information in a message header, which is purely for post-event audit purposes. They're retrieving the mail via POP after it's been delivered to our mail system, so there's no RCPT for them to use, unfortunately. sadly I don't know of a 'fix' ... but there may be one ... I suspect this is a qmail issue rather than a vchkpw issue,( although really, all its doing is Well, the problem started when I moved from using a .qmail file for each user (which was calling Maildrop to deliver mail) to using vdelivermail. So I was pretty sure it had something to do with vpopmail.. Thanks for your input! I'll see if they can alias systems.com on their side while I try to figure out a better way to generate a Delivered-To header.. --Doug
[vchkpw] Corrupted Delivered-To header?
Greetings, We're getting a report of a bogus Delivered-To header from one of our customers. Apparently, Exchange relies on this in some way. You can see it here.. The real domain is linear-systems.com, but the delivered-to header doesn't complete the domain in the first part of the line and it ends up being systems.com. Has anyone seen this before, and know of a fix? Received: from exchange-pop3-connector.com (LSPROXY [192.168.0.2]) by lsproxy.linkline.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id 205XX740; Wed, 18 Jun 2003 15:13:04 -0700 Received: (qmail 94044 invoked by uid 1009); 18 Jun 2003 22:11:20 - Delivered-To: [EMAIL PROTECTED] Received: (qmail 94025 invoked by uid 0); 18 Jun 2003 22:11:20 - Thanks! --Doug
Re: [vchkpw] timestamp - readable
Check the archives from about 2 weeks ago. --Doug - Original Message - From: Alin Panait [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, June 01, 2003 4:27 AM Subject: [vchkpw] timestamp - readable There is a way to find out when last time a user read his email ? This ways should not care if was from pop or webmail ! Thanks
Re: [vchkpw] vpopmail extension modules
- Original Message - From: Jesse Guardiani [EMAIL PROTECTED] To: Doug Clements [EMAIL PROTECTED]; vpopmail [EMAIL PROTECTED] Sent: Sunday, February 23, 2003 6:47 PM Subject: Re: [vchkpw] vpopmail extension modules Most software development goes like this. I would be dissapointed at inter7 if they didn't have development and stable releases. Why do you want test code in a supposedly stable distribution? Well, yes and no. My point is that many successful projects release production code more quickly. I think vpopmail is unique in that it's very specialized and very small. There haven't been huge changes that require the more frequent updates other software packages have. While there are some bugs, they aren't usually very big, and since most of vpopmail is buffered by other software from potentially malicious users, the fixes typically aren't earth-shattering. New features aren't added often either, so there just doesn't seem to be much demand for more regular updates. While I think they could be a bit more often, making releases just because it feels like it's been a long time is not a good reason. Look at qmail, which hasn't had an official update in years. (On the flip side, look at the collections of patches that people have submitted for enchanced functionality and bug-fixing). My point here is that the developer had spent so much time in the development version code that he refers to the production release as 'back in the 5.2.x days'. That makes it sound like just a bit too much time has passed since a release, IMO. Gotcha. I stopped running a stable release a long time ago, so I guess I'm a bit insulated from that. 1.) Individual authentication storage and access mechanisms would make good modules. (LDAP, MySQL, flat file, etc...) 2.) Possibly mailbox read write code might make a good module. (One for maildir, one for mbox, etc) 3.) Quota management might make a good module 1) I think that authentication methods are generally just so darn simple that there's no incentive to go through the trouble of modulerizing. For any storage method you want to use, there's going to be easy-lookup and easy-update routines, which takes minimal implementation in the clients. You're also only going to be using one of these at a time on a given system, so it makes sense to compile it statically for the above reason as well as the minimal speed increase. Now if you wanted to for some reason mix authentication backends, there's potential. I can't come up with a real-world scenario for that off the top of my head, though. 2) Same argument for using only one at a time, with these exceptions: - Boxes with users that use different formats * but: vpopmail users are virtual, so users don't care what format their mailbox is in - I currently pass off mail delivery to Maildrop. I think you can also pass it off to procmail (if you really want mbox). This is already modular enough to pick the 2 most popular delivery and filtering mechanisms out there, in addition to straight delivery without filtering. 3) You mean lookup and setting of quota, or calculation? lookup and setting should go along with whatever authentication backend you use. Calculation pretty much depends on the mail storage format you use. I personally do quotas with Maildrop, which dropped in to replace vdelivermail with a little scripting. Now that vdelivermail does Maildir quotas and has .qmail file support, I think I'll change it back. From my view, the parts that need to be modular already are. Maybe others too. But I'm not so much thinking about how badly I hate the current implementation of vpopmail (because I don't), but how we might make it easier to extend vpopmail in the future. And possibly take some load off the inter7 team in the process. Each non-standard module could have it's own mailing list and programming team, making development progress a bit faster, and also making code a bit easier to follow (because it's modularized). Modularization does not automatically make code easier to follow. In fact, in this case, I think it would be harder. Also, I don't really believe in overengineering. What's the harm in thinking about how we might make things easier for ourselves in the future? No harm there. I think there are areas in which vpopmail could get better, I just don't think that modularization fits into how vpopmail works at this time. You typically pick one thing out of a list of choices and don't run different choices concurrently. Does GPL mean that you absolutely HAVE to distribute and publish your code? (I don't think it does... I could be wrong though...) If you change vpopmail (or any other GPL-licensed code), yes, you have to make it available to the public. (Under the assumption that I'm not wrong...) So, if a programmer makes a module for a company under the GPL, he has to give that company his code. But that doesn't mean he has to make it public domain, does it? (Man, I hope I'm
Re: [vchkpw] vpopmail as a daemon
If you don't mind my asking, why don't you care for NFS? --Doug - Original Message - From: Jesse Guardiani [EMAIL PROTECTED] To: Doug Clements [EMAIL PROTECTED]; vpopmail [EMAIL PROTECTED] Sent: Sunday, February 23, 2003 4:36 PM Subject: Re: [vchkpw] vpopmail as a daemon You're right. I don't care for NFS. That's why I suggested this.
Re: [vchkpw] vpopmail as a daemon
- Original Message - From: Jesse Guardiani [EMAIL PROTECTED] To: vpopmail [EMAIL PROTECTED] Sent: Sunday, February 23, 2003 10:03 AM Subject: [vchkpw] vpopmail as a daemon Greetings list, I'm sure people have considered this before, but I'd like to collect everyone's thoughts on the idea I'm about to present: VPopMail as a daemon What does everyone think about the possibility of turning vpopmail into a daemon? Complete with network ports and the like. It would allow for a much more distributed architecture, IMHO. Currently, if someone wants to run qmailadmin on a separate web server, they have to create an NFS share, right? What's wrong with that? Wouldn't it make a lot of sense to provide a vpopmail network protocol that allows connections from remote administrative utilities? You mean something that takes requests over the network and stores user information in a database? Possibly even implement support for vpopmail clusters (although I'm thinking you'd have to have a crazy amount of users to need a cluster! Vpopmail is pretty darn efficient.) I've already got a cluster. It works great. Programs like sqwebmail would benefit by not having to be recompiled every time vpopmail is upgraded. The port protocol wouldn't change much between versions, and developers could maintain backward compatibility. The only time you need to recompile sqwebmail is if the storage format for the users change. At this point, you'd also need to recompile the software that talks over the network. Either way you lose. Sqwebmail WOULDN'T be able to run on a separate server, as it accesses maildirs directly, but at least administration, upgrades, and general package stability would likely improve a bit. My sqwebmail install is distributed across machines. Works great. The general idea is less code is going to have less bugs, not more code is going to have less bugs. Who knows. One might even be able to implement a maildir access protocol. But that would probably just duplicate the functionality of the IMAP protocol. Now that would just be silly. Can anyone else think of a good reason why vpopmail might benefit from being made into a daemon? Only if you were for some reason religiously opposed to using NFS to accomplish all the things above. Then again, you could use samba or afs. So no, I can't think of a good reason. Can anyone think of a really good reason why it shouldn't? (Other than the time it would take to code everything.) It's too complicated for something that's already small, fast, and simple. None of the things you suggest can't already be done, or don't really need to be done. --Doug
Re: [vchkpw] vpopmail extension modules
- Original Message - From: Jesse Guardiani [EMAIL PROTECTED] To: vpopmail [EMAIL PROTECTED] Sent: Sunday, February 23, 2003 10:34 AM Subject: [vchkpw] vpopmail extension modules Greetings list, I've been thinking a bit about the architecture of vpopmail. It seems to me that the inter7 team is pretty busy making a living. (which is totally understandable) And new production releases don't come about very often. So what seems to be happening is that people who need new functionality submit patches to the vpopmail list, and the new patch gets implemented in the development version. These people now choose to run the development version rather than the production version, and a rift grows between the code base of the 'normal' users and the 'development' users. Most software development goes like this. I would be dissapointed at inter7 if they didn't have development and stable releases. Why do you want test code in a supposedly stable distribution? I recently saw someone who develops vpopmail write about how 'Back in the 5.2.x days' certain bugs existed, and these bugs are now fixed in the development version. This amazed me because I was STILL IN the 5.2.x days. I was running a production version on my server! Sounds like you need to upgrade. One solution I thought about was a sort of plugin module API. If new functionality were put into modules rather than intergrated into the main codebase, development would be MUCH more flexible. And if modules were developed in a way that multiple modules could be included to add just the functionality that the user needed, the code base could still be kept minimal. What extra functionality would you like to modulerize? Looking up a user's password? That's probably a 50 line routine at the moment. You're overengineering this entirely too much. In addition, companies would have the ability to create in-house extension modules without feeling the need to release them into the public domain. (And inter7 could create these modules for special customers at extra charge) Currently, anything planned for use in the long term MUST find it's way into the vpopmail source code, otherwise countless man hours will have to be wasted patching the source for each release. inter7 licensed vpopmail under the GPL, so I don't think this is the direction they wanted to take it. For the record, I've never had to spend countless wasted hours patching the source for any release at all. Sure, this type of architecture would probably slow vpopmail down a little bit. I mean, lets face it, anything that uses vpopmail right now just statically links in the vpopmail library. You can't get much faster than that. But we're talking about C here. I think the speed penalty could be kept at a minimum. Please realize that any speed hit is going to be multiplied by every user checking their mail (every 10 minutes) and for every mail delivery (of which we have many hundreds of thousands in a day). The module architecture could even be developed with self-descriptive data types that explain how to interact with a given module, making rewrites to the qmailadmin and vqadmin CGIs unnecessary. If you really want a module, create a new configure option that enables or disables a hook to whatever you want to implement in your code. It's a few line patch to the main distribution, and you can modify your code all you want. What exactly are you getting at? --Doug
Re: [vchkpw] install courier-imap and vpopmail
- Original Message - From: Viviane Correge [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, February 20, 2003 6:08 AM Subject: [vchkpw] install courier-imap and vpopmail I have installed vpopmail.5.2.1 and now I try to installed courier-imap. And In the installation I have a bug because a vpopmail library is not present. Does anyone know this problem ? Thanks a lot, Please either search the archives for the solution or provide better clues as to where your problem is. Some output of the errors your getting would be useful if this question wasn't asked so often here that I can probably guess what it is. --Doug
Re: [vchkpw] Check Space Usage
Michael Funk wrote: Is there a way to use vuserinfo to produce a report of user space utilization, per user, for all users in the domain? Most of the scripting stuff I have tried takes HOURS with 50,000 users. vuserinfo doesn't store that data.. you pretty much just have to either count up the mails, or look in the maildirquota file if you use those kinds of quotas. I think parsing the quota file would be a bit easier, but the perl script I use to look for abusive customers also takes quite a while with a large amount of uses. I've spent a bit of time optimizing my script, so if you want to post it, I'll take a look and see if it can sped up. --Doug
Re: [vchkpw] Check Space Usage
- Original Message -
From: Justin R. Miller [EMAIL PROTECTED]
To: vpopmail list [EMAIL PROTECTED]
Sent: Wednesday, October 09, 2002 5:43 PM
Subject: Re: [vchkpw] Check Space Usage
Is there an efficient way to do this if you _don't_ use quotas, ideally
something other than 'du'?
You can open a pipe to 'ls' since the mail sizes are in the name. Quite
easy, though it's up for debate if this is more efficient than du.
This also doesn't take into account other files in the Maildir that aren't
actually messages, but depending on your point of view, these files
shouldn't be included in the user quota anyways.
Snippet of ls pipe (haven't converted to native opendir and readdir yet,
which is probably a bit faster since it saves a process being launched):
open (IN, ls $homeDir/Maildir/$dir |);
while ($line = IN){
chomp $line;
($garbage,$size) = split(',', $line);
($garbage,$size) = split('=', $line);
# $filename = $homeDir/Maildir/$dir . $line;
$MailBoxSize += $size;
}
Even better would be native opendir() and readdir(), since it saves a
process being launched. At this point, savings are likely to be minimal,
even with thousands of mailboxes.
Depending on how you do backups and what your needs are for calculating used
space, you might be better analyzing last night's backups instead of live
data. We copy the main data store every night to a seperate disk as part of
our backup, so running analysis on this disk would be quite a bit faster
than on the live store. If you don't need live quota management, this
might be acceptable.
--Doug
Re: Manually updating virtualdomain databases
Hmm.. ok, that's one option. What do we do if the OSs aren't the same? I forsee moving to multiple platforms as clients in the future, and it'd be nice to have this all figured out. I realize I would have to change my setup from mount /home/vpopmail to just mounting /home/vpopmail/domains, and installing vpopmail locally on each machine, but this is ok. I looked through all the qmail documentation I could find, and qmail-newu was the closest thing to rebuilding the databases I could find, but it doesn't seem to work. Is there maybe a small perl script that uses the vpopmail API to just rebuild the databases from text? --Doug On Thursday 08 November 2001 07:58 pm, Ken Jones wrote: A slick way is to rsync almost the whole /var/qmail/control and /var/qmail/users directories. You can skip the control/me file if you want each server to tag emails with thier id. As long as the OS's are the same then the all the files will be compatible. On Thu, 2001-11-08 at 18:21, Doug Clements wrote: Greetings, I'm attempting to replicate vpopmail configurations across a cluster of machines. I can copy over the rcpthosts, morercpthosts, virtualdomains, and assign files to the slave server, but I can't figure out how to rebuild the binary databases from these files. The /home/vpopmail directory is NFS mounted from a central place to provide access to all domains to all servers, but I do not want to NFS mount /var/qmail. If I replace these files, then add/delete a domain using the vpopmail tools on the slave machine, it appears to update the binary files correctly, but I would like to know the correct way to do this. Anyone have some ideas? --Doug
