[vchkpw] Encrypted Password
Hi, I'm doing qmail+vpopmail+mysql here. My problem is, how could I make vpopmail to check pw_passwd field, instead of pw_clear_passwd for password lookup? Thanks
Re: [vchkpw] Qmailadmin not working
Hi Jeremy, let me first please you to answer on list so the mails get archived and might be used for future reference. On Tue, 10 Dec 2002 14:07:46 -0500 Jeremy Doolin [EMAIL PROTECTED] wrote: I'm having fits getting qmailadmin to authenticate properly. Here is my setup: qmail, vpopmail, autoresponder, ezmlm, apache 2.0, squirrelmail, courier-imap. I can authenticate with my virtual user ([EMAIL PROTECTED]) via squirrelmail, sqwebmail, pop3 and IMAP, but not qmailadmin. I enter postmaster for the user account, domain.com for the domain name and my password and I continue to get Invalid User. Any help with this would be greatly appreciated. Thanks. Have a look into system log, maybe vchkpw logs the reason of rejection. Might be it's only your qmailadmin cgi is not properly set SUID and therefore refused to authenticate. well, I checked the permissions and it was as follows: -rwsr-sr-x 1 vpopmail vchkpw 99728 Dec 10 10:23 qmailadmin upon advising from a friend, I changed it to 4711, or: -rws--x--x but it still doesn't work. chmod 6755 qmailadmin should be OK. So you still didn't tell us what's in system log (if vchkpw logs something about unable to authenticate) and what is maybe in web servers log about possible errors. You don't write about your OS, so I don't know if it's Linux or a BSD. For Linux you could try to attach a strace() process to apache processes to maybe figure out if and where permission might be denied. As an example you can use the following as a template and adapt it to your concrete setup: --- ps auxwww |grep '[h]ttpd' |awk '{print $2}' /tmp/pids_of_httpd PIDS= while read x; do PIDS=$PIDS -p $x; done /tmp/pids_of_httpd strace -s 512 -o /tmp/qmailadmin.log -fqix $PIDS --- Replace '[h]ttpd' with the name of your web server binary. On my Debian it's 'apache' and therefore '[a]apache', the parethis '[]' around the first characters make the 'grep' recognize only the real processes but exclude itself from the resulting list. Now try to log in and after failure have a look in /tmp/qmailadmin.log if you can figure out the culprit. You should use this on a web server not to busy with other stuff, else the log file (/tmp/qmailadmin.log) will be filled with a _lot_ of useless information for sloving this issue. If your web server _is_ busy, start a new instance with different configuration file, bound to 127.0.0.1:8080, figure it's IPs manually and 'strace()' this PIDs. If you're not using Linux you'll have to search for how to apply an strace() to a running process yourself, unless somebody else on this list, who uses BSD, can help out. I don't have a single BSD machine here (yet), so I don't have any clue what's different, but the general strategie should be very similar. -- Peter
Re: [vchkpw] bounce email
Hi Joeffrey, On Wed, 11 Dec 2002 17:29:06 +0800 Joeffrey Betita [EMAIL PROTECTED] wrote: we host multiple hostname. like example.com, example.net etc. when somebody email [EMAIL PROTECTED] [EMAIL PROTECTED] receive it also. what i want is to bounce the message. it should says no such user or domain. what should i do so that [EMAIL PROTECTED] should not receive the email being sent to [EMAIL PROTECTED] thanks for your help. You've either set example.com and example.net to one being an alias to the other (using vaddaliasdomain) or set up a dot-qmail file for [EMAIL PROTECTED] to forward to [EMAIL PROTECTED] Depending on which of both is your set up you have to either delete the alias domain (which ever you've set up with 'vaddaliasdomain') or change the dot-qmail file. -- Peter
Re: [vchkpw] Memory allocation for vckpw ?
Hi Anders, On Wed, 11 Dec 2002 11:26:13 +0100 Anders Norrbring [EMAIL PROTECTED] wrote: Does anyone know how much memory I should allocate in softlimit in the line I have below? As it looks now, I get allocation errors when vckpw is called. First: This topic is covered in the archive _several_ time. http://bluedot.net/mail/archive/list.php?f=2 is the link that's promoted on Inter7s vpopmail-site too. It _really_ ain't hard to find. Second give 300 a try, if it still fails raise it to 400. Go on in small steps until it works for you. There is _no_ general rule about this limit, it depends on how much memory you've got and what programs are loaded in your startup script. Some have only tcpserver that calls qmail-popup, other have more applications in between, like e.g. recordio, fixcrio, stunnel, or a SSL patched tcpserver. -- Peter
Re: [vchkpw] IMAP Relay export vpopmail
Run this before ./configure make export CFLAGS=-DHAVE_OPEN_SMTP_RELAY Cheers, // Mitch²® - Original Message - From: Remo Mattei [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, December 11, 2002 4:05 AM Subject: [vchkpw] IMAP Relay export vpopmail Hi Guys I can never remember how to set the variable before setting Imap up so that it works with vpopmail user relay agent. Thanks, Remo
[vchkpw] how fight abuse of spammin qmail
Hello list, my qmail is abused by another spammer. He is sending spam from my server Here is what ps ax say 18855 ? S 0:00 qmail-remote kxk.com [EMAIL PROTECTED] [EMAIL PROTECTED]19088 ? S 0:00 qmail-remote ak.com [EMAIL PROTECTED] [EMAIL PROTECTED]19121 ? S 0:00 qmail-remote nt.com [EMAIL PROTECTED] [EMAIL PROTECTED]19130 ? S 0:00 qmail-remote aol.com [EMAIL PROTECTED] [EMAIL PROTECTED]19149 ? S 0:00 qmail-remote p0.com [EMAIL PROTECTED] [EMAIL PROTECTED] What can I do against that? Oliver Etzel
[vchkpw] fight spamming qmail
Hello list, my qmail is abused by another spammer. He is sending spam from my server Here is what ps ax say 18855 ? S 0:00 qmail-remote kxk.com [EMAIL PROTECTED] [EMAIL PROTECTED]19088 ? S 0:00 qmail-remote ak.com [EMAIL PROTECTED] [EMAIL PROTECTED]19121 ? S 0:00 qmail-remote nt.com [EMAIL PROTECTED] [EMAIL PROTECTED]19130 ? S 0:00 qmail-remote aol.com [EMAIL PROTECTED] [EMAIL PROTECTED]19149 ? S 0:00 qmail-remote p0.com [EMAIL PROTECTED] [EMAIL PROTECTED] What can I do against that? Oliver Etzel
Re: [vchkpw] Encrypted Password
It doesn't check pw_clear_passwd, it checks pw_passwd for authentication. pw_clear_passwd is just for your reference. On Wednesday, December 11, 2002, at 09:19 AM, Ryan Adorable wrote: Hi, I'm doing qmail+vpopmail+mysql here. My problem is, how could I make vpopmail to check pw_passwd field, instead of pw_clear_passwd for password lookup? Thanks
[vchkpw] What to choose for verification?
Hello! Finally I have a mail system up and running perfectly! But I'm not really sure about what's the (if not safest) so in any case a very good smtp-relaying verification system? I have installed qmail 1.03, vpopmail 5.3.12 with MySQL, and currectly I run on pop-before-smtp for verification. I've seen more and more systems using smtp-auth and/or SSL for relaying, is those so much safer than pop-before-smtp so it's worth the effort to install? If so, where should I look for more info and/or software to support it? I really like to be able to run a as clean system as possible, i.e. not a lot of patches. And finally, I have lots of questions about the configure options for vpopmail, it seems like most of them doesn't work, are they not implemented or am I just using them erroneously? If someone out there are familiar with those, please e-mail me for details.. Thank you all! Anders Norrbring Norrbring Consulting. Karlskoga / Sweden.
Re: [vchkpw] Encrypted Password
On Wednesday, December 11, 2002, at 09:19 AM, Ryan Adorable wrote: Hi, I'm doing qmail+vpopmail+mysql here. My problem is, how could I make vpopmail to check pw_passwd field, instead of pw_clear_passwd for password lookup? Don't use APOP or CRAM-MD5. You can also disable clear passwords at compile time. This will permanently disable APOP and CRAM-MD5. Regards, Bill Shupp
[vchkpw] lost gifs
Hi There ,Sorry I did not get back to the list. I solved my problem , I am using openbsd 3.2 with "-u" in the rc.conf file when you install qmailadmin all theimage files load correct, but when you alter the httpd.conf the path to theimages change for some reason , so I looked at the httpd logs , found thepath, moved the all the images to the right path and all is working ok ,the same went for sqwebmailMichael- Original Message -From: "Kurt Bigler" [EMAIL PROTECTED]To: "Michael Christie" [EMAIL PROTECTED]Sent: Sunday, December 08, 2002 1:58 PMSubject: Re: [vchkpw] lost gifs off-list... Did you figure out this problem? I didn't see any further follow-up toyour email but maybe I missed it. In any case I was able to get my images back based on the info fromClayton Weise. I already had an images directory under the domain that I used for qmailadmin access. I just added a subdirectory named qmailadmin to that images directory, which is actually a symbolic link to the original images/qmailadmin directory. I am a little worried about the symbolic link, because I seem to recall it is a dangerous idea to use links (of any kind?) in web directories for security reasons, particular where cgi's are involved. But I forget the details on this. Of course I could have copied the files but I decided in this case the symlink was probably safe. -Kurt Bigler on 12/2/02 12:26 PM, Michael Christie [EMAIL PROTECTED] wrote: I have my images in a /var/www/htdocs folder, the images folder containsa folder called qmailadmin , when I did the config of qmailadmin I used /configure --enable-htmldir=/var/www/htdocs --enable-cgibindir=/var/www/c gi-bin I access the site using www.mywebsite.com/cgi/qmailadmin asyou can see I think I have all that is needed for qmailadmin to run , butstill no images , this all changed when I added virtual domains to myhttpd.conf , I can not see how that would change my path in the cgi-bin, can youplease explain to me if I am on the right track or right off it , what do Ineed to do to fix this or dose something in the httpd.conf need to bechanged as wellthank you Michael - Original Message - From: "Clayton Weise" [EMAIL PROTECTED] To: "vchkpw" [EMAIL PROTECTED] Sent: Tuesday, December 03, 2002 5:09 AM Subject: Re: [vchkpw] lost gifsQmailadmin puts it's images in it's own images folder. You'll want to check how you configured qmailadmin to be sure, but my images are in /usr/local/apache/htdocs/images/qmailadmin. The images are called upon through relative path, so since my cgi-bin directory is www.mywebsite.com/cgi-bin then there also needs to be a www.mywebsite.com/images/qmailadmin directory. On Monday, December 2, 2002, at 01:57 AM, Michael Christie wrote: Hi all , Hope some one can help, I have installed qmail admin on openbsd 3.2 without making any changes to the httpd.conf file , Tested qmail admin all worked fine , after adding virtual domains to the httpd.conf, the gif files and art work in qmail admin will not load in my browser, but I can still log in . I have looked in the /cgi-bin/qmailadmin all looks to be correct , can any one tell me what is going on and how to fix this , if you need to see what I am talking about email me and I will give you the url of the siteThank you Michael ps the same has happened to sqwebmail
[vchkpw] Email encryption
Hi guys does any of you have an howto on how to have email drop in the user mailbox encrypted? So if send to a particolar address it's going to be automatically encrypted. Thanks, Ciao, Remo Mattei
Re: [vchkpw] Email encryption
Hi, On Wednesday 11 December 2002 22:16, Remo Mattei wrote: Hi guys does any of you have an howto on how to have email drop in the user mailbox encrypted? So if send to a particolar address it's going to be automatically encrypted. I have often been thinking about this myself. We must face one thing, as long as the mail is travelling unencrypted, somebody can read it. The root-user of the local mailserver can always read it! I see two scenarios. 1. Client side software is helping. Pros: One can use existing PGP encryption with fairly good client support. PGP's prone public key system would make it quite secure too. Cons: It requires client side support (PGP software). 2. Invisible to client side. Could be implemented using some sort of public-key crypto, where the private part was the pop3/imap password. Pros: It doesn't require any client side support. Will stop the occasional cracker. Cons: Too unsecure to be used. Root will have access after the mail is encrypted! (think about it!) Just a few thoughts... (btw: I ended up using tcpserver with ssl support) /Anders
Re: [vchkpw] Email encryption
Hi, On Wednesday 11 December 2002 23:21, W.D.McKinney wrote: Just a few thoughts... (btw: I ended up using tcpserver with ssl support) How did you do this if may ask ? How i got tcpserver ssl-enabled? Here's a patch: http://www.nrg4u.com/qmail/ucspi-tcp-ssl-20020705.patch.gz - did that help? /Anders
[vchkpw] /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
hi ppl all want is to bounce some email. on the instruction no. 3 on the FAQ of vpopmail. what should i do next. do i have to create each .qmail-default for each user. do i have restart qmail. thanks for your help. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.427 / Virus Database: 240 - Release Date: 12/6/2002