The -x flag is for blacklists, not for the access file. Use the "--access-file" flag instead.
Also, spamdyke cannot read CDB files. Just use the plain text version: /etc/tcp.smtp -- Sam Clippinger Raj wrote: > hi > > i followed your suggestions but i am facing problems > > if i put line -x TCP_CDB below i am not able to smtp authenticate and send > any email with my own email id which is on the server. the connection simply > terminates. > > if i remove -x TCP_CDB then i can send emails from this id even if password > is not provided ... ie authentication is not checked properly. > > could you please chk and let me know what is wrong > > #!/bin/sh > QMAILDUID=`id -u vpopmail` > NOFILESGID=`id -g vpopmail` > MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` > BLACKLIST=`cat /var/qmail/control/blacklists` > SMTPD="/var/qmail/bin/qmail-smtpd" > TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" > RBLSMTPD="/usr/bin/rblsmtpd" > HOSTNAME=`hostname` > VCHKPW="/home/vpopmail/bin/vchkpw" > REQUIRE_AUTH=0 > > exec /usr/bin/softlimit -m 12000000 \ > /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x TCP_CDB -c "$MAXSMTPD" \ > -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ > /usr/local/bin/spamdyke \ > -l \ > -d /var/qmail/control/rcpthosts \ > -d /var/qmail/control/morercpthosts \ > --reject-missing-sender-mx \ > --smtp-auth-command > "/home/vpopmail/bin/vchkpw /bin/true" --hostname ns1.aaaonlinux.com \ > $SMTPD $VCHKPW /bin/true 2>&1 > > raj > > ---------- Original Message ---------------------------------- > From: Sam Clippinger <[EMAIL PROTECTED]> > Reply-To: spamdyke users <spamdyke-users@spamdyke.org> > Date: Sat, 08 Sep 2007 13:28:31 -0500 > >> To use both rcpthosts and morercpthosts, simply provide the -d flag twice: >> spamdyke -d /var/qmail/control/rcpthosts -d >> /var/qmail/control/morercpthosts ... >> >> To prevent all mail delivery except by authenticated users, I recommend >> blacklisting all IP addresses (-B) with an IP blacklist file like this: >> 0.0.0.0/0.0.0.0 >> Then use the --smtp-auth-command flag to enable SMTP AUTH. spamdyke >> will block all senders unless they authenticate. >> >> The --access-file flag is only needed when qmail has not been patched to >> provide SMTP AUTH. In that situation, spamdyke must control relaying >> because qmail will block remote senders who have authenticated. Because >> you're running qmail toaster, this isn't necessary for you. >> >> Because your password check shows vchkpw doesn't support CRAM-MD5, be >> sure to use the --smtp-auth-command flag, not >> --smtp-auth-command-encryption. Most likely, your vpopmail was compiled >> without cleartext password support, which makes challenge/response >> authentication impossible. >> >> -- Sam Clippinger >> >> Raj wrote: >>> hi >>> >>> i have qmail toaster which also incorporates chkuser in it and vpopmail >>> user mysql database for storing passwords. i have disabled chkuser in the >>> tcp.smtp file. i have also disable rblsmtpd and blacklists files since the >>> same is done by spamdyke >>> >>> where i am getting confused pertains to smtp authentication and relaying. >>> >>> -d /var/qmail/control/rcpthosts >>> now qmail installation has rcpthosts and morercpthosts ? how do i handle >>> that ? or should i create a seperate rcpthosts file specially for spamdyke >>> >>> concerning smtp authentication >>> what i need is every email user on my server who sends out emails should >>> smtp authenticate before sending email. >>> >>> do i need to use the flag >>> --access-file /etc/tcp.smtp >>> what should be the content of this file >>> >>> >>> help required please. >>> >>> >>> /var/qmail/supervise/smtp/run file >>> ######### >>> >>> #!/bin/sh >>> QMAILDUID=`id -u vpopmail` >>> NOFILESGID=`id -g vpopmail` >>> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >>> BLACKLIST=`cat /var/qmail/control/blacklists` >>> SMTPD="/var/qmail/bin/qmail-smtpd" >>> TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" >>> RBLSMTPD="/usr/bin/rblsmtpd" >>> HOSTNAME=`hostname` >>> VCHKPW="/home/vpopmail/bin/vchkpw" >>> REQUIRE_AUTH=0 >>> >>> exec /usr/bin/softlimit -m 12000000 \ >>> /usr/bin/tcpserver -v -R -H -l $HOSTNAME \ >>> -x $TCP_CDB -c "$MAXSMTPD" \ >>> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ >>> >>> /usr/local/bin/spamdyke \ >>> -l \ >>> --reject-missing-sender-mx \ >>> --smtp-auth-command-encryption "/home/vpopmail/bin/vchkpw /bin/true" >>> --hostname ns1.abc.com \ >>> --access-file /var/qmail/spamdyke/tcp.smtp \ >>> $SMTPD $VCHKPW /bin/true 2>&1 >>> >>> >>> ######### >>> >>> result of my password check >>> Beginning unencrypted password test. >>> Sending data to child process: [EMAIL PROTECTED] >>> Test result: SUCCESS >>> >>> Beginning CRAM-MD5 encrypted password test. >>> Sending data to child process: [EMAIL PROTECTED] >>> ERROR: Child process exited with an undocumented return code: 3 >>> Test result: FAILURE (perhaps /home/vpopmail/bin/vchkpw doesn't support >>> CRAM-MD5) >>> >>> ######## >>> tcp.smtp file >>> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",NOP0FCHECK="1",CHKUSER_START="NONE" >>> :allow,BADMIMETYPE="",BADLOADERTYPE="",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",DKVERIFY="DEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig", >>> NOP0FCHECK="1", CHKUSER_START="ALWAYS" >>> >>> >>> Thanks very much >>> >>> raj >>> _______________________________________________ >>> spamdyke-users mailing list >>> spamdyke-users@spamdyke.org >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
