Hi,
I started playing around with this idea some time ago, but dropped it
since I'm not a true perl hacker...
This is essentially the beginnings of a small module to allow roaming
users of any sort that are authenticated by radiator to relay mail for the
duration of their session. I settled on this method because it made more
sense to me than the numerous pop-before-smtp hacks. It's a bit more
straightforward: If you are an authenticated user, you can relay mail for
the duration of your session, end of story... No hacking of your pop or
smtp server is required.
The line in sendmail.cf is pretty easy:
Kpopauth hash -a<OK> /usr/local/etc/mail/popauth
and
SLocal_check_rcpt
R$* $: $(popauth $&{client_addr} $: <?> $)
R<?> $@ NoPopAuth
R$*<OK> $# OK
This is all stolen from the cf/hack/popauth.m4 distributed with sendmail.
Basically, it works. My problem is, it doesn't work well, and I have zero
experience in any kind of advanced perl work, specifically modules and the
like.
If there's anyone that would like to help polish this, it would be nice to
get it cleaned up and thrown in the radiator contrib dir. I could also
work out a version for qmail, and perhaps postfix with some help.
Any takers?
Thanks,
Charles
| Charles Sprickman | Internet Channel
| INCH System Administration Team | (212)243-5200
| [EMAIL PROTECTED] | [EMAIL PROTECTED]
# small program to update a sendmail (or possibly other) access
# list based on current logged in users outside of our normal
# IP range. Specifically, for IPass users, but usable really for
# any remote logins that authenticate via radius such as roaming dsl.
# This can be run standalone out of cron or be called by a
# PostAuthHook in the handler/realm used for IPass requests.
sub
{
# config options
my $dbtext = "/usr/local/etc/mail/popauth";
my $localips = "216.223.19";
my $makemap = "/usr/sbin/makemap";
my $dbtype = "hash";
my $dbfile = "/usr/local/etc/mail/popauth.db";
# connect to the db
my $sessdb = Radius::SessGeneric::find('SDB_mysql');
# get file handle
open (POPAUTH, ">$dbtext") || (&main::log($main::LOG_ERR, "PopAuth.pm could
not open file $dbtext") && return);
# our query
my $dbquery = "select FRAMEDIPADDRESS from RADONLINE where (FRAMEDIPADDRESS
NOT LIKE '$localips%' AND FRAMEDIPADDRESS IS NOT NULL)";
my $query = $sessdb->prepareAndExecute($dbquery);
while (my @query_result = $query->fetchrow_array)
{
# if ($query_result[0] =~ /^[0-9]/)
# {
print POPAUTH "$query_result[0]\tOK\n";
&main::log($main::LOG_DEBUG, "PopAuth.pm added/removed IP
$query_result[0] in access list");
# }
}
close POPAUTH;
my $rc = system ("$makemap $dbtype $dbfile < $dbtext");
if ($rc > 0)
{
(&main::log($main::LOG_ERR, "Unable to execute command $makemap
$dbtype $dbfile on $dbtext, exit code $rc\n") && return);
}
return;
}
