[vchkpw] vmoduser usage
I'd like to know the difference of vmoduser options listed below. -s ( set no smtp access flag ) -r ( set no external relay flag )
[vchkpw] courier-imap roaming-users problem
Hi there. I'm using qmail, vpopmail (mysql) with roaming-users, and courier-imap on my FreeBSD Box. The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). We compile authlib and courier-imap in this way: courier-authlib $ ./configure --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw courier-imap export CFLAGS=-DHAVE_OPEN_SMTP_RELAY -DHAVE_VLOGAUTH /configure --prefix=/usr/local/courier-imap --disable-root-check --with-trashquota --enable-unicode --enable-roaming-users=y Any suggestion or idea? Thanks in advance Jesús Arnáiz
Re: [vchkpw] courier-imap roaming-users problem
On Feb 4, 2005, at 6:11 AM, Jesús Arnáiz wrote: The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). Actually authvchkpw is a version of vchkpw that's integrated with courier-imap. It never calls vchkpw directly, so it's behaving as expected. Unfortunately, I don't know about using roaming users (pop before smtp) with courier. I've always used SMTP AUTH as the sole relaying mechanism on our servers. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] vmoduser usage
On Feb 4, 2005, at 1:57 AM, Takeshi Nishioka wrote: I'd like to know the difference of vmoduser options listed below. -s ( set no smtp access flag ) -r ( set no external relay flag ) -s disables SMTP AUTH, -r will disable roaming users (pop before smtp). I've just updated the help for vmoduser to be more helpful. The new help reads as follows (email me if you have any other ideas to make it clearer): vmoduser: usage: [options] email_addr or domain (for each user in domain) options: -v ( display the vpopmail version number ) -n ( don't rebuild the vpasswd.cdb file ) -q quota ( set quota ) -c comment (set the comment/gecos field ) -e encrypted_passwd (set the password field ) -C clear_text_passwd (set the password field ) the following options are bit flags in the gid int field -x ( clear all flags ) -d ( don't allow user to change password ) -p ( disable POP access ) -s ( disable SMTP AUTH access ) -w ( disable webmail [IMAP from localhost*] access ) ( * full list of webmail server IPs in vchkpw.c ) -i ( disable non-webmail IMAP access ) -b ( bounce all mail ) -o ( user is not subject to domain limits ) -r ( disable roaming user/pop-before-smtp ) -a ( grant qmailadmin administrator privileges) [The following flags aren't used directly by vpopmail, but are] [included for other programs that share the user database.] -u ( set no dialup flag ) -0 ( set V_USER0 flag ) -1 ( set V_USER1 flag ) -2 ( set V_USER2 flag ) -3 ( set V_USER3 flag ) What do you guys think of adding -D, -P, -S, -W, -I, -B, -O, -R, -A and -U to clear the matching flags above? Unfortunately, there's no easy converse for the user flags, except maybe for -5 to -8 (leaving room for a V_USER4 at some point). -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[vchkpw] selective SMTP auth
Hello All Can anybody give a hint how to implement the subj? I have qmail/vpopmail/smtp-auth installed and running fine but I want only few users to be able to use SMTP. Any advises would be highly appriciated! Thanks! __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo
[vchkpw] vdelivermail and overquota catchalls
Hi all, I wonder if someone could shed some light over the following issue regarding vdelivermail. When a message is sent directly to a catchall account that is over quota, vdelivermail behaves as expected and bounces the message back to the sender. However, if the message is sent to a non-existent account of a domain with an over quota catchall, the message gets delivered. Is there a way to enforce the quota limit in this case? Our setup: - Qmail 1.03 - Vpopmail 5.4.9 ./configure \ --enable-roaming-users=y \ --enable-relay-clear-minutes=120 \ [EMAIL PROTECTED] \ --enable-auth-module=mysql \ --enable-many-domains=y \ --enable-clear-passwd=n \ --enable-tcpserver-file=/var/vpopmail/etc/tcp.smtp \ --enable-auth-logging=n \ --enable-valias Thanks in advance. Regards, Juliano Simões Gerente de Tecnologia Axios Tecnologia e Serviços http://www.axios.com.br [EMAIL PROTECTED] +55 41 2141-1800
Re: [vchkpw] selective SMTP auth
On Feb 4, 2005, at 10:14 AM, Vassili Lazutin wrote: Can anybody give a hint how to implement the subj? I have qmail/vpopmail/smtp-auth installed and running fine but I want only few users to be able to use SMTP. Any advises would be highly appriciated! Use vmoduser to set the NO_SMTP flag for all users that shouldn't have SMTP AUTH access. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] courier-imap roaming-users problem
On Feb 4, 2005, at 10:25 AM, Tom Collins wrote: On Feb 4, 2005, at 6:11 AM, Jesús Arnáiz wrote: The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). Actually authvchkpw is a version of vchkpw that's integrated with courier-imap. It never calls vchkpw directly, so it's behaving as expected. Well, at least as documented. Unfortunately, I don't know about using roaming users (pop before smtp) with courier. I've always used SMTP AUTH as the sole relaying mechanism on our servers. Newer version of courier-imap will no longer be able to write the IPs into the relay table. This is because all authentication has now been moved out of courier (and sqwebmail) and into the courier-authlib package. As has always been the case, authdaemon doesn't support POP before SMTP. That's why I chose never to use authdaemon. Now that courier no longer supports POP before SMTP via the authvchkpw module, it's just one more good reason not to use courier-imap for POP3 services. Use qmails pop3d instead. That way POP users still get roaming access. IMAP users are users newer email clients that support SMTP AUTH and should be directed to use that instead. Matt `` Matt Simersonhttp://matt.simerson.net The Network People Inc. http://www.tnpi.biz The chief danger in life is that you may take too many precautions. - Alfred Adler ``
Re: [vchkpw] smtp auth
Dave Goodrich wrote: Tom Collins wrote: On Jan 28, 2005, at 9:00 AM, Dave Goodrich wrote: snip Excellent, thank you. If I understand correctly I will also need to do nothing to my current tcp.smtp file? 3) How does this effect users who do not supply auth info? Does qmail-smtpd fall back to using the RELAYCLIENT value from tcp.smtp.cdb? Just as I feared, it is easy.. Uhh, kinda. Getting smtp-auth to work was easy but I fell into a hole when I did it. We found an instance where this breaks a lot of our clients. I was able to duplicate the issue using Netscape Mail 4.7 (yea it's old, but in rual Indiana not everyone has XP Pro or OSX). If a user has ever created a previous account in their mail program, the second account is created with smtp-auth checked and the username box empty. This caused a lot of people to suddenly not be able to send mail, and they all called tech support. I believe I will move our smtp-auth users to another port and just fire up another instance of qmail-smtpd, leaving the normal qmail-smtpd running on port 25. I don't see a standard port for smtp-auth, any thoughts? I've looked through FreeBSD /etc/services file which is pretty complete, and found no entry for smtp-auth. I'm leaning towards using port 9025. Thanks, DAve -- Dave Goodrich Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
Re: [vchkpw] vdelivermail and overquota catchalls
Tom, We would be glad to test the new version of vdelivermail on our test environment. If you would like to send us the code, we will let you about the results in a few days. Regards, Juliano Simões Gerente de Tecnologia Axios Tecnologia e Serviços http://www.axios.com.br [EMAIL PROTECTED] +55 41 2141-1800 - Original Message - From: Tom Collins [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Friday, February 04, 2005 7:01 PM Subject: Re: [vchkpw] vdelivermail and overquota catchalls On Feb 4, 2005, at 10:37 AM, Juliano Simões wrote: However, if the message is sent to a non-existent account of a domain with an over quota catchall, the message gets delivered. Is there a way to enforce the quota limit in this case? I have an updated vdelivermail that corrects this problem. I haven't had time to test it enough to release it to the other developers though. I think I still need to add one more piece of code (if it is processing a user's .qmail file and they don't have a maildirsize file, lookup the account's quota) before it will be ready for release. If someone out there has a development system and can thoroughly test it (verify that it defers in all overquota instance), I'll send it their way. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] smtp auth
On Feb 4, 2005, at 3:17 PM, Dave Goodrich wrote: I don't see a standard port for smtp-auth, any thoughts? I've looked through FreeBSD /etc/services file which is pretty complete, and found no entry for smtp-auth. I'm leaning towards using port 9025. Use port 587, 'submission'. It's just like SMTP, but intended for clients sending email. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] smtp auth
Dave Goodrich wrote: I believe I will move our smtp-auth users to another port and just fire up another instance of qmail-smtpd, leaving the normal qmail-smtpd running on port 25. I don't see a standard port for smtp-auth, any thoughts? I've looked through FreeBSD /etc/services file which is pretty complete, and found no entry for smtp-auth. I'm leaning towards using port 9025. Hi, Port 587. While not a port specifically for smtp-auth it is reserved for End User mail submission to a server MTA. http://xml.resource.org/public/rfc/html/rfc2476.html Regards, Rick
