I didn't get any responses on this, so maybe nobody else is having this
issue, although I did see reference to a couple other people using
qpopper/drac on Solaris. I'm posting these workarounds for others who might
trip over these issues in the future.
There were several different issues.
First was that drac was apparently not working judging by the results of the
"testing" program:
If I use
testing localhost 130.179.18.188
I get
testing: Server reports permission denied
It turns out that for some reason "localhost" doesn't work with "testing" in
my environment. If I use the hostname of the machine, or "127.0.0.1" or
"localhost.{domain}" (substitute the domain for {domain}) it works fine. I
can poke addresses in with "testing" and check them with db_dump, everything
checks out there. So, drac works fine... just not with "localhost".
Next issue: getting drac to work with sendmail version 8.12.1 -- the latest
as of this writing. The instructions say to put the drac rules in the cf
file just before the
# anything else is bogus
R$* $#error $@ 5.7.1 $: "550 Relaying denied"
in the SBasic_check_rcpt ruleset. This works fine... except that sendmail
8.12 by default rejects unresolvable ip's, and the client ip doesn't resolve
(typical of dialup) so he denies based on unresolvable IP before getting to
the drac rules. So, the rules need to go a bit before then. I put it in
SBasic_check_rcpt thus:
R$* $: $1 $| @ $>"Rcpt_ok" $1
R$* $| @ $#TEMP $+ $: $1 $| T $2
R$* $| @ $#$* $#$2
R$* $| @ RELAY $@ RELAY
# start drac rules: allow recent POP/IMAP mail clients to relay
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R? $:
R$+ $@ RELAYFROM
# end drac rules
R$* $| @ $* $: O $| $>"Relay_ok" $1
R$* $| T $+ $: T $2 $| $>"Relay_ok" $1
R$* $| $#TEMP $+ $#error $2
R$* $| $#$* $#$2
R$* $| RELAY $@ RELAY
R T $+ $| $* $#error $1
# anything else is bogus
R$* $#error $@ 5.7.1 $: "550 Relaying denied"
That seems to work without breaking other things. It was a bit easier to
test whether sendmail was still rejecting unresolved IP's while allowing
drac-authorized unresolved IP's because qpopper wasn't yet configured to use
drac -- so I could add/remove myself from the drac db at will and verify the
results.
Next, getting qpopper to compile with drac. As mentioned in the previous
post, I got the dreaded
Can't use DRAC: dracauth not found in -ldrac
error from configure. But libdrac.a was in the right places -- all of them!
It turns out that it WAS finding dracauth, but had some unreferenced symbols
that drac uses from other libraries and the configure error message was
inaccurate -- probably should have just mentioned there was something wrong
with dracauth. Here's the telltale snippet from config.log:
configure:3974: gcc -o conftest -g -O2 -fpcc-struct-return
conftest.c -ldrac
-L/usr/lib/libdrac.a -ldrac -lposix4 -lcrypt 1>&5
Undefined first referenced
symbol in file
xdr_enum /usr/local/lib/libdrac.a(drac_xdr.o)
clnt_create /usr/local/lib/libdrac.a(dracauth.o)
clnt_sperror /usr/local/lib/libdrac.a(dracauth.o)
xdr_u_long /usr/local/lib/libdrac.a(drac_xdr.o)
clnt_spcreateerror /usr/local/lib/libdrac.a(dracauth.o)
ld: fatal: Symbol referencing errors. No output written to conftest
So I went back to the Makefile for drac to see what other libraries he was
using, did a bit of trial-and-error testing, and discovered that "-lnsl" is
needed along with "-ldrac". There's a few places in the configure file for
qpopper that need to be changed. Search for "-ldrac" and change it to
"-ldrac -lnsl". Now qpopper configures properly.
One last thing: Remember that "localhost" didn't work for drac? And
"localhost" is the default drac server... so ya gotta change it, via a "-D
127.0.0.1" argument for qpopper. For instance, my inetd.conf contains:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -D 127.0.0.1 -f
/etc/mail/pop.conf
Summary:
1. use "127.0.0.1" instead of "localhost" for any instance of a dracauth()
call:
a. for the drac "testing" utility,
b. for qpopper, via the "-D 127.0.0.1" command-line option.
2. drac rules for sendmail.cf go before the $#error rules in the
SBasic_check_rcpt ruleset.
3. change "-ldrac" to "-ldrac -lnsl" in qpopper "configure" script.
Hope this helps someone!
Paul McKinley
> -----Original Message-----
> From: Paul McKinley
> Sent: Friday, November 16, 2001 11:20 PM
> To: Subscribers of Qpopper
> Subject: DRAC with qpopper 4.0.3 on Solaris
>
>
> qpopper 4.0.3
> DRAC version is 1.11, libdrac.a installed in /usr/lib
> BerkeleyDB.3.3 installed
> Solaris 8 with MU3
>
> qpopper configure line is:
> configure --with-openssl=/usr/local/ssl --enable-specialauth
> --enable-timing
> --enable-apop --with-popuid=pop --enable-log-facility=local1
> --enable-log-l
> ogin --with-drac=/usr/lib
>
> The configure fails on dracauth:
> ....
> checking for set_auth_parameters in -lsecurity... no
> checking for crypt in -lcrypt... yes
> checking for dracauth in -ldrac... no
> Can't use DRAC: dracauth not found in -ldrac
>
> strings /usr/lib/libdrac.a | grep dracauth
> dracauth
> dracauth.o/ 1005971984 1000 14 100644 52244 `
> dracauth.c
> dracauth.c
> dracauth:F(0,1)
> dracauth.c
> dracauth
>
> So, why doesn't he see dracauth?
> Thanks in advance,
> Paul McKinley
>
>
>
>
