Re: [vchkpw] courier imap vpopmail authentification problem withsmtp
The problem is the version of courier. New versions doesn't support pop-before-smtp Rakotomandimby (R12y) Mihamina wrote: On Sun, 2005-03-06 at 20:53 +0100, master wrote: there is no log message i connect to imap (it work) but my ip isn t add in the tcp.smtp.cdb file so i can t send any mail. What user the imap process run as ? What are the permissions of the tcp.smtp.cdb file ? Who should write something into it ? I guess it the imap process...
Re: [vchkpw] courier imap vpopmail authentification problem withsmtp
The vchkpw program from vpopmail touch the tcp.smtp.cdb file. But new versions of courier doesn't call to it. This versions uses it'w own vchkpw so it can authenticate users but not touch the tcp.smtp.cdb (at least, at the moment) Rakotomandimby (R12y) Mihamina wrote: On Mon, 2005-03-07 at 08:26 +0100, [EMAIL PROTECTED] wrote: i think it s the vpopmail who should write into it when a user log to imap no ? i think too. i think it's courrier-imap - vpopmail - tcp.smtp.cdb and then qmail needs to update the cdb. but as you said, nothing touched the tcp.smtp.cdb file... so...
[vchkpw] strange quota problem
Hi, I get an overquota error on my e-mail user, but, if I do vuserinfo on it, I see there is only about 75% (of 300Mb) used. I try to put the quota again with vsetuserquota but I get the error again. Finally I put my quota on 700Mb and I don't get errors. The problems is that some other users have the same problem (and I can't put their quotas so high and I don't want them having this problem). Any Idea? Thanks in advance for your help Jesús Arnáiz
[vchkpw] courier-imap roaming-users problem
Hi there. I'm using qmail, vpopmail (mysql) with roaming-users, and courier-imap on my FreeBSD Box. The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). We compile authlib and courier-imap in this way: courier-authlib $ ./configure --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw courier-imap export CFLAGS=-DHAVE_OPEN_SMTP_RELAY -DHAVE_VLOGAUTH /configure --prefix=/usr/local/courier-imap --disable-root-check --with-trashquota --enable-unicode --enable-roaming-users=y Any suggestion or idea? Thanks in advance Jesús Arnáiz
QmailAdmin in spanish?
Hi everyone! Is there any qmailadmin version translated to spanish? How can I get it (if it exist)? Thanks in advance -- Jess Arniz 0z0ne Inc I+D/IT Manager http://www.0z0ne.com mailto:[EMAIL PROTECTED]
Re: vchkpw lacking authentication security
- Original Message - From: "Matt Simerson" [EMAIL PROTECTED] To: "'Tim Hassan'" [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, January 16, 2001 9:18 PM Subject: RE: vchkpw lacking authentication security I can't see how that could possibly be construed as a security drawback. POP is inherently insecure in the first place (sending clear text passwords across the net) and password sniffing is much more of a problem (and the easiest way to collect passwords) than people cracking passwords. All right. So, unless you're exclusively using a) POP3-SSL or POP over SSH to prevent password sniffing, If I use it, should the client change some in the pop configuration?. Is it difficult to set on a system?. b) shadow passwords (who isn't?), c) MD5 (or blowfish) passwords on your current system (to utilize more than 8 char passwords), and d) forcing users to actually USE long passwords it's quite silly to say that using DES is a security drawback to using vpopmail. The risk of having a password cracked is minimal on a userless system. Matt -Original Message- From: Tim Hassan [mailto:[EMAIL PROTECTED]] Sent: Monday, January 15, 2001 10:09 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: vchkpw lacking authentication security Dear Inter7 Developer: I recently discovered the following security drawback in vpopmail with vchkpw authentication: No matter how long you set the password to when adding a new user, only the first 8 characters of the password are used. So for example, if I do: ./vadduser [EMAIL PROTECTED] this-is-hard-to-guess-234234235-23423 and then I try to login to my email as user "test" and password "this-is-", it would let me in. As you may already know, any password below 8 characters is considered insecure, even if it was a combination of letters, numbers, and special characters. In other words, Standard DES crypto is used :( Best Regards, Tamer Hassan Thanks in advance -- Jess Arniz [EMAIL PROTECTED] Departamento de Sistemas - ARCOMEDIA.COM http://www.arcomedia.com/
Fw: strange problems with qmail and vpopmail.
-- Jess Arniz Departamento de Sistemas - ARCOMEDIA.COM - Original Message - From: "Jess Arniz" [EMAIL PROTECTED] To: "qmail" [EMAIL PROTECTED] Sent: Tuesday, January 09, 2001 12:00 PM Subject: strange problems with qmail and vpopmail. Hi everyone! I use qmail and vpopmail. I install a new system and I put all domains there, it works fine, but when I create a new one (with vadddomain) this don't work. It creates it with an extrange owner and group (different from vpopmail.vchkpw), and even if I change this it don't work. I get this in the maillog if I try to send an e-mail to [EMAIL PROTECTED] Jan 9 11:58:34 main qmail: 979037914.190687 delivery 5299: deferral: Unable_to_switch_to_/home/vpopmail/domains/dominio.com:_access_denied._(#4.3.0)/ I use Debian GNU/Linux 2.2 (Potato). Can anybody help me?. Thanks in advance -- Jess Arniz Departamento de Sistemas - ARCOMEDIA.COM
