Agreed... Ideally, there would be some sort of post-auth-verified callback that mechanisms could register; that would completely compartmentalize these sorts of things.
-- Jim Jagielski On Fri, Oct 31, 2014 at 2:33 AM, Timo Sirainen <[email protected]> wrote: > On 30 Oct 2014, at 05:50, Jim Jagielski <[email protected]> wrote: > > > I've noticed that if using the vpopmail auth setup, that the roaming-user > > functionality > > provided via open_smtp_relay() is only done if the auth mechanism is > PLAIN. > > For > > example, if the client authenticates via DIGEST-MD5, the open relay file > is > > not updated, as it should be. > > > > This is due to the call to open_smtp_relay only being done > > via vpopmail_verify_plain(). > > Instead, imo, that call should be done in auth_request_success() in the > > auth-request.c > > file, so that it is done however the authentication is done, as long as > it > > is successful. > > > > Attached is a patch for 2.2.15. Let me know if attachments are not the > > preferred method > > and I'll cut/paste. > > Well, your method works, and I'm not sure if there's really any other way > to do it currently.. But I really don't want any vpopmail code outside > *db-vpopmail.c, so I think if people want to do this they'll need to patch. > And why are people still using pop3/imap-before-smtp instead of SMTP auth > that everything supports nowadays? (And in general nowadays I think > vpopmail should have been an external plugin since the beginning, but too > much trouble for everybody to change it now.) >
