Re: [courier-users] [problem with vpopmail & open relay]

Fri, 08 Nov 2002 16:22:17 -0800 

--->[Quoting Sergiusz Pawlowicz <[EMAIL PROTECTED]>:]

> Hello,
> I have to extend my service with imapd server, so I am trying
> to add courier-imap to existing and working pop3 and webmail
> services based on vpopmail.
> 
> Everything works but not open relay. Yes, I've read vpopmail FAQ.
> 
> When a user authenticates via pop3 run from tcpserver, mysql
> stores:
> 
> user  domain  remote_ip    timestamp  
> -------------------------------------
> xxx   xxx.xxx 176.10.10.10 1036428359
> 
> When it do the same via webmail, it looks like:
> 
> user  domain  remote_ip    timestamp
> -------------------------------------
> xxx   xxx.xxx webmail      1036428359
> 
> and it is not a problem, because via webmail my clients do not
> do relaying, but when the use courier-imap, there is a problem,
> because instead of IP number used by smtp relay, it stores in mysql:
> 
> user  domain  remote_ip    timestamp
> -------------------------------------
> xxx   xxx.xxx imapd      1036428359
> 
> 
> What to do to do to allow relaying by imapd before smtp?

Because there was no answer, I  had to write my own dirty hack
to put  clint's IP number instead  of 'imap' - I  run attached
python  script as  next to  authvchkpw authentication  module,
using daemontools:

#!/bin/sh
exec /usr/sbin/softlimit \
        -m 15000000 \
        /usr/bin/tcpserver \
        -p -X -c 30 -u 66 -g 66 \
        81.10.225.17 imap \
        /opt/sbin/imaplogin \
        /opt/libexec/authlib/authvchkpw \
        /var/lib/vpopmail/opt/imapd-auth-wrapper \
        /opt/bin/imapd ./Maildir 2>&1

Of course  you have to set  your own mysql user,  password and
database to  reach lastauth table.  I still do  not understand
why courier-imap  treats things  different than pop3  server -
this design is not admin-friendly :-(

cheers - Sergiusz
--
private: http://ibiblio.org/ser/  company: http://it-zone.org/ 
______________________________________________________________
on wallpaper: tldp.org, gnu.org, pld-linux.org, hyperreal.info

#!/usr/bin/python
import os, sys, MySQLdb, string

def setrelay(user, domain, remote_ip, timestamp) :
        db = MySQLdb.connect(db='sys',user='MYSQL-USER',passwd='MYSQL-PASSWORD')
        c = db.cursor()
        c.execute("""REPLACE INTO lastauth VALUES (%s, %s, %s, %s)""",(user, domain, 
remote_ip, timestamp))
        results = c.fetchall()

prog = '/opt/bin/imapd'
args = (prog, './Maildir')

if os.environ.has_key('AUTHENTICATED') :
        a = string.split(os.environ['AUTHADDR'], "%")
        setrelay(a[0], a[1], os.environ['TCPREMOTEIP'], os.environ['AUTHEXPIRE'])
        sys.stderr.write("Updated relay: "+os.environ['AUTHADDR']+" - 
"+os.environ['TCPREMOTEIP']+"\r\n")
        os.execvp(prog, args)
else:
        sys.stderr.write("Wrapper Auth Error\n")

Reply via email to