[vchkpw] buffer overflows with v5.2.1
buff_size in parse_email() looks as if it'd specify the full length of user and domain parameters, but it may write one byte more for \0. This may create buffer overflow with some software (eg. courier). sybase module isn't checking user/domain lengths at all. If the program using vpopmail didn't limit them, it'd be easy to overflow. size-parameter for all strncat() calls are wrong.
[vchkpw] vpopmail bug?
I am seeing strange behaviour on my Qmail+VpopMail(w/ MySQL)+COurier setup. Authenticating via IMAP works 90% of the time, but doesn't for 10%. I don't seem to be able to find any pattern as to it not working - it doesn't consistently fail in any particular manner. The problem happens with multiple mail clients. This might be a courier related issue, if so, then please tell me. Here is what I see in the mysql logs, when I try to log in to an account with a login of doug (actually, it this using a webmail client, so the login is [EMAIL PROTECTED]): 540747 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com 540747 Quit 020915 4:36:10 540748 Connect qmail@localhost on vpopmail 540748 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com ..all looks good. I show failed logins like this: 020917 12:56:28 590250 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590250 Quit 020917 12:56:33 590251 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590251 Quit 020917 12:56:38 590252 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590252 Quit 020917 12:57:03 590253 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590253 Quit -or-020917 13:20:01 590609 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590609 Quit 020917 13:20:06 590641 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590641 Quit -or- 020916 10:09:48 564000 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougt and pw_domain = innerworldscuba.com 564000 Quit so it appears that the piece that parses the login isn't doing what it is supposed too. Is this vchpw.. or is this something else? Courier is compiled with --enable-workarounds-for-imap-client-bugs if that matters. Anyone else seen this? Is this a know issue at all? Thanks in advance for the help.. -Brendan - Webmail Services Provided by KPG Inc. (http://www.kpginc.com)
Re: [vchkpw] vpopmail bug?
There is a bug in vpopmail's email parser function which adds extra character to the end of user login at times, when called by courier. Version 5.3.x has a newer email parser which seems to work. [EMAIL PROTECTED] wrote: I am seeing strange behaviour on my Qmail+VpopMail(w/ MySQL)+COurier setup. Authenticating via IMAP works 90% of the time, but doesn't for 10%. I don't seem to be able to find any pattern as to it not working - it doesn't consistently fail in any particular manner. The problem happens with multiple mail clients. This might be a courier related issue, if so, then please tell me. Here is what I see in the mysql logs, when I try to log in to an account with a login of doug (actually, it this using a webmail client, so the login is [EMAIL PROTECTED]): 540747 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com 540747 Quit 020915 4:36:10 540748 Connect qmail@localhost on vpopmail 540748 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com ..all looks good. I show failed logins like this: 020917 12:56:28 590250 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590250 Quit 020917 12:56:33 590251 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590251 Quit 020917 12:56:38 590252 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590252 Quit 020917 12:57:03 590253 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590253 Quit -or-020917 13:20:01 590609 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590609 Quit 020917 13:20:06 590641 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590641 Quit -or- 020916 10:09:48 564000 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougt and pw_domain = innerworldscuba.com 564000 Quit so it appears that the piece that parses the login isn't doing what it is supposed too. Is this vchpw.. or is this something else? Courier is compiled with --enable-workarounds-for-imap-client-bugs if that matters. Anyone else seen this? Is this a know issue at all? Thanks in advance for the help.. -Brendan - Webmail Services Provided by KPG Inc. (http://www.kpginc.com)
[vchkpw] new vpopmail php extension, here comes 0.1
just for those who want to test it http://www.ionium.org/php/php_vpopmail-0.1.tar.gz unpack and read vpopmail/php_vpopmail-0.1.txt oh.. and just that disclaimer thing: if this breaks anything, it's because you like to use some untested alpha code. however it did work on my machine (well.. i didn't test for everything) and should be pretty aliasdomain safe (which the old php extension definitivly was not). This means, you can use vpopmail_something (user, aliasdomain, someother params); and it does exactly the same as vpopmail_something (user, realdomain, someother params); -- Best Regards --- Justin Heesemannionium Technologies [EMAIL PROTECTED]www.ionium.org
[vchkpw] tcp.smtp.cdb is updated only once, and only when open-smtp is missing
This is a long story; but, I'd be happy if anyone with the patience to slog through it could offer further troubleshooting suggestions, pointers to docs that I missed, or any other advice they deem helpful grin. My problem is that tcp.smtp.cdb is not being updated when a pop3 user logs in, _unless_ I delete the open-smtp file just before the login. I'm not seeing errors in the logs or leftover temporary files on the disk, and users can log in and check mail successfully. The file open-smtp _is_ being updated each time a user checks mail. Clearopensmtp _does_ run without error from the system crontab, whether I've got the vpopmail system running as root or as vpopmail. I'm trying to use vpopmail with qmail 1.03 and redhat 7.2. My previous (working) qmail+vpopmail installs use vpopmail 5.2.1 just like I'm trying to do now, but this new one is a little different. Instead of running tcpserver directly from my init scripts and using Debian with a 2.2 kernel, I'm running it using supervise and using Redhat with a 2.4. Switching back to debian and cloning is not an option for work policy reasons. The qmail installs themselves are identical; both machines use the current ucspi-tcp, .88. At first, I was first letting the /supervise/qmail-pop3d/run script start tcpserver as root, and the open-smtp file, as well as the cdb file, were owned by root. Tcp.smtp.cdb was in /etc/, and clearopensmtp was run as root. I carefully compared the locations and permissions of executables and data files between a working debian+qmail+vpopmail system and this new redhat one, I and couldn't find any difference. After reading the tales of users with similar problems in the list archives, I saw that most of them had to do with the vpopmail user having access problems with needed files and with /etc. So as an experiment, I switched the whole setup to use the vpopmail user. The cron job for clearopensmtp was changed to run as vpopmail; vpopmail was recompiled to use /var/vchkpw/etc rather than /etc for the tcp rules file, the supervise scripts were changed accordingly, and so on. Users (well, test user accounts) can still log in and check mail without errors being returned to the client software, but just as before, the tcp.smtp.cdb file is _still_ not updated, except every 15 minutes when clearopensmtp runs. Then, as a further experiment, I tried replacing vpopmail 5.2.1 with 5.3.8. I used /var/vchkpw/etc and ran all components as the vpopmail user. No luck. The one exception to the lack of updates is if I delete the file /var/vchkpw/etc/open-smtp. If I do that, tcp.smtp.cdb is updated when the next pop3 user logs in. Open-smtp is recreated, and further pop3 logins don't result in updates to the cdb file, just open-smtp. This is the case whether the cdb file is in /etc and I'm running vpopmail as root or its in /var/vchkpw/etc and I'm running vpopmail as vpopmail. I've also tried running the tcpserver which runs qmail-popup, vchkpw, and qmail-pop3d from the command line as root and both with and without the -u 89 -g 89 parameters; I get the same problem as always, every time. In case this long and unhappy story wasn't long enough, I've included samples of scripts and the output of some of my debugging below. I've really run out of ideas for what to do next to try and identify the problem or to solve it, so ideas are very welcome! Vpopmail is *almost* working; if I could just get vchkpw to update the cdb file, I'd be set. Thanks for any help you can give, Tony First, the recordio output from when recordio was added to the startup script just ahead of qmail-popup. tcpserver: pid 2093 from 66.6.197.35 tcpserver: ok 2093 0:216.65.196.14:110 :66.6.197.35::1349 093 +OK [EMAIL PROTECTED] 093 USER [EMAIL PROTECTED] 093 +OK 093 PASS I've removed it 093 +OK 093 STAT 093 +OK 18 17029 093 LIST 093 +OK 093 1 1451 093 2 919 093 3 719 093 4 1037 093 5 1037 093 6 1640 093 7 717 093 8 921 093 9 734 093 10 735 093 11 735 093 12 733 093 13 735 093 14 735 093 15 1156 093 16 1656 093 17 685 093 18 684 093 . 093 UIDL 093 +OK 093 1 1032294648.21614.guilder.optimumreturn.com,S=1405 093 2 1032294707.21630.guilder.optimumreturn.com,S=858 093 3 1032294713.21634.guilder.optimumreturn.com,S=658 093 4 1032294893.21760.guilder.optimumreturn.com,S=976 2093 5 1032295236.21874.guilder.optimumreturn.com,S=+ 093 976 093 6 1032295950.21943.guilder.optimumreturn.com,S=1594 093 7 1032297065.23654.guilder.optimumreturn.com,S=656 093 8 1032297102.23663.guilder.optimumreturn.com,S=860 093 9 1032297216.24457.guilder.optimumreturn.com,S=673 2093 10 1032297245.24465.guilder.optimumreturn.+ 093 com,S=674 093 11 1032297303.24488.guilder.optimumreturn.com,S=674 093 12 1032297335.24497.guilder.optimumreturn.com,S=672 093 13 1032297357.24541.guilder.optimumreturn.com,S=674 093 14 1032297465.25301.guilder.optimumreturn.com,S=674 2093 15 1032297722.25325.guilder.optim+ 093
[vchkpw] Domains that both exist and don't exist
Hi, I'm in the process of transferring a bunch of mail domains to a new server and added a bunch of domains to the new server via vadddomain. Something went wrong with some of them and now I have a bunch of domains that vdeldomain says don't exist, and yet vadddomain says already exist and won't delete. I would just reset vpopmail and qmail to graound zero, except that I already have two domains that are already active on the new server and don't want to mess them up. This is vpopmail-5.2.1 with qmail. Any ideas? Thanks, Darren McClelland
Re: [vchkpw] Domains that both exist and don't exist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Said Darren McClelland on Fri, Sep 20, 2002 at 11:56:56AM -0700: I'm in the process of transferring a bunch of mail domains to a new server and added a bunch of domains to the new server via vadddomain. Something went wrong with some of them and now I have a bunch of domains that vdeldomain says don't exist, and yet vadddomain says already exist and won't delete. I would just reset vpopmail and qmail to graound zero, except that I already have two domains that are already active on the new server and don't want to mess them up. This is vpopmail-5.2.1 with qmail. Check /var/qmail/users/assign, /var/qmail/control/rcpthosts, /var/qmail/control/morercpthosts, and stuff in /usr/local/vpopmail/domains (or wherever your vpopmail prefix is). I think those are the main places where configurations are stored. - -- [!] Justin R. Miller [EMAIL PROTECTED] Encrypted email preferred (key 0xC9C40C31) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9i3Dh94d6K8nEDDERAosQAJ9JlTG98bVp6BQXT8rJALauXQlydQCfQM44 O7VzaUNk0CkTHK8/k2kkkus= =UsE4 -END PGP SIGNATURE-
Re: [vchkpw] Domains that both exist and don't exist
I have been looking at them, and the domains in qestion are in the files in /var/qmail I can edit the text files to get rid of the domains in question, but they also appear to be in some of the binary files there. How do I get them back into shape? Darren On Friday 20 September 2002 12:02, Justin R. Miller wrote: Said Darren McClelland on Fri, Sep 20, 2002 at 11:56:56AM -0700: I'm in the process of transferring a bunch of mail domains to a new server and added a bunch of domains to the new server via vadddomain. Something went wrong with some of them and now I have a bunch of domains that vdeldomain says don't exist, and yet vadddomain says already exist and won't delete. I would just reset vpopmail and qmail to graound zero, except that I already have two domains that are already active on the new server and don't want to mess them up. This is vpopmail-5.2.1 with qmail. Check /var/qmail/users/assign, /var/qmail/control/rcpthosts, /var/qmail/control/morercpthosts, and stuff in /usr/local/vpopmail/domains (or wherever your vpopmail prefix is). I think those are the main places where configurations are stored.
Re: [vchkpw] Domains that both exist and don't exist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Said Darren McClelland on Fri, Sep 20, 2002 at 12:12:19PM -0700: I have been looking at them, and the domains in qestion are in the files in /var/qmail I can edit the text files to get rid of the domains in question, but they also appear to be in some of the binary files there. How do I get them back into shape? If they are .cdb files, then do this: cat sourcefile.txt | tcprules destinationfile.cdb somefile.tmp - -- [!] Justin R. Miller [EMAIL PROTECTED] Encrypted email preferred (key 0xC9C40C31) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9i3Zf94d6K8nEDDERAhwRAJ9C4cu5xHJjFa6QBFKU7V4rnQ7hvgCgkD/9 fjJO4WrDaGXT41XBcyvjT7g= =RowE -END PGP SIGNATURE-
Re: [vchkpw] vpopmail bug?
I upgraded to 5.3.8 - and am still seeing this behavior. *sigh* Is this limited to Courier? Quoting Dzuy Nguyen [EMAIL PROTECTED]: There is a bug in vpopmail's email parser function which adds extra character to the end of user login at times, when called by courier. Version 5.3.x has a newer email parser which seems to work. [EMAIL PROTECTED] wrote: I am seeing strange behaviour on my Qmail+VpopMail(w/ MySQL)+COurier setup. Authenticating via IMAP works 90% of the time, but doesn't for 10%. I don't seem to be able to find any pattern as to it not working - it doesn't consistently fail in any particular manner. The problem happens with multiple mail clients. This might be a courier related issue, if so, then please tell me. Here is what I see in the mysql logs, when I try to log in to an account with a login of doug (actually, it this using a webmail client, so the login is [EMAIL PROTECTED]): 540747 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com 540747 Quit 020915 4:36:10 540748 Connect qmail@localhost on vpopmail 540748 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = doug and pw_domain = innerworldscuba.com ..all looks good. I show failed logins like this: 020917 12:56:28 590250 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590250 Quit 020917 12:56:33 590251 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590251 Quit 020917 12:56:38 590252 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590252 Quit 020917 12:57:03 590253 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougs and pw_domain = innerworldscuba.com 590253 Quit -or-020917 13:20:01 590609 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590609 Quit 020917 13:20:06 590641 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougu and pw_domain = innerworldscuba.com 590641 Quit -or- 020916 10:09:48 564000 Query select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell from vpopmail where pw_name = dougt and pw_domain = innerworldscuba.com 564000 Quit so it appears that the piece that parses the login isn't doing what it is supposed too. Is this vchpw.. or is this something else? Courier is compiled with --enable-workarounds-for-imap-client-bugs if that matters. Anyone else seen this? Is this a know issue at all? Thanks in advance for the help.. -Brendan - Webmail Services Provided by KPG Inc. (http://www.kpginc.com) - Webmail Services Provided by KPG Inc. (http://www.kpginc.com)
Re: [vchkpw] Domains that both exist and don't exist
I am having a similar problem. I am moving domains to a new server and the new server says the domains do not exist. I am using mysql and the domain info is in the database. For some of the domains I ran vadddomain and the domains will start working. The problem is vadddomain overwrites the .qmail-default (and possibly other data). So my question is what is the proper way to migrate a vpopmail server and initialize the domains? Is there something that does vtouchdomain ;) -Ryan - Original Message - From: Darren McClelland [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, September 20, 2002 11:56 AM Subject: [vchkpw] Domains that both exist and don't exist Hi, I'm in the process of transferring a bunch of mail domains to a new server and added a bunch of domains to the new server via vadddomain. Something went wrong with some of them and now I have a bunch of domains that vdeldomain says don't exist, and yet vadddomain says already exist and won't delete. I would just reset vpopmail and qmail to graound zero, except that I already have two domains that are already active on the new server and don't want to mess them up. This is vpopmail-5.2.1 with qmail. Any ideas? Thanks, Darren McClelland
Re: [vchkpw] Domains that both exist and don't exist
This is not a problem so much with vpopmail, as a problem with the migration of information. vpopmail takes care of managing qmail's configuration files as well as it's own, and therefore, various things must be modified for a migration. The most important files you will need to move over: /var/qmail/controls/*(obviously cant forget these) /var/qmail/users/assign This file maps ownership to deliveries. The userIDs and groupIDs must match the vpopmail:vchkpw UIDs/GIDs. Last but not least, run /var/qmail/bin/qmail-newu to compile /var/qmail/users/cdb There's a variety of things that can cause problems during a migration. These are the common ones more experienced users of vpopmail will come across. The more basic ones are making sure .qmail-default exists under the domain's directory, and making sure your vpasswd file isnt corrupt, or that the vpasswd.cdb file is not out of date, broken, etc. Ryan White wrote: I am having a similar problem. I am moving domains to a new server and the new server says the domains do not exist. I am using mysql and the domain info is in the database. For some of the domains I ran vadddomain and the domains will start working. The problem is vadddomain overwrites the .qmail-default (and possibly other data). So my question is what is the proper way to migrate a vpopmail server and initialize the domains? Is there something that does vtouchdomain ;) -Ryan - Original Message - From: Darren McClelland [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, September 20, 2002 11:56 AM Subject: [vchkpw] Domains that both exist and don't exist Hi, I'm in the process of transferring a bunch of mail domains to a new server and added a bunch of domains to the new server via vadddomain. Something went wrong with some of them and now I have a bunch of domains that vdeldomain says don't exist, and yet vadddomain says already exist and won't delete. I would just reset vpopmail and qmail to graound zero, except that I already have two domains that are already active on the new server and don't want to mess them up. This is vpopmail-5.2.1 with qmail. Any ideas? Thanks, Darren McClelland -- mailto:[EMAIL PROTECTED] Matt Brookings - Chief Technical Officer Inter7 Internet Technologies, Inc. www.inter7.com - 847-492-0470 Prices at http://www.inter7.com/prices
[vchkpw] qmailadmin strange problem
Hi. I have installed qmailadin... was working great, till i changed the server time... afeter that, if I try to create a new pop account, qmailadmin just give me Internal server error I reinstalled qmailadmin, after not finding what it was wrong. So, has anybody a clue of what can be wrong? Qmail is workng OK, vpopmail too.
Re: [vchkpw] qmailadmin strange problem
At 21:16 20/09/2002 -0300, Martínlistas wrote: This should be posted to the QmailAdmin list, not the Vpopmail list. Please make an effort to ensure you are posting to the correct list. -- Steve Hi. I have installed qmailadin... was working great, till i changed the server time... afeter that, if I try to create a new pop account, qmailadmin just give me Internal server error I reinstalled qmailadmin, after not finding what it was wrong. So, has anybody a clue of what can be wrong? Qmail is workng OK, vpopmail too.
