Re: [vchkpw] vdelivermail EXITCODE problem
Hi Anders, thanks for that hint, I think I´ll give it a try next weekend. To be honest, what I´ve done to get rid of that problem is let qmail do the whole stuff with interpreting the EXITCODE from my spamfilter script. Instead of putting the .qmail file in /path-to-vpopmail/domains/domain1/emailadress1/.qmail ( here vdelivermail would do the delivery and the check for the EXITCODE ) I made a script to create a .qmail-emailadress1 in /path-to-vpopmail/domains/domain1/.qmail-emailadress1 ( here it is qmail that handles the .qmail file, starts my spamfilter script, gets the EXITCODE and then drops the mail into /path-to-vpopmail/domains/domain1/emailadress1/Maildir/ where vdelivermail gets it and delivers it. It is somehow a little bit difficult but works fine for me. If I have any experiences with that patch I´ll let you all know. Thanks Thomas Hi, On Tue, 2003-09-30 at 10:09, [EMAIL PROTECTED] wrote: So I upgraded to the last stable version 5.2.1 whereas the changelog said that within 5.2.1 the EXITCODE checks would be performed. Vpopmail 5.2.1 fails to catch exitcode 100. Here is a patch: http://fmail.dk/stuff/vpopmail-5.2.1-vdeliver-command-100.diff Hope this helps. /Anders
Re: [vchkpw] vpopmail+maildrop, sql valias loses mails
Look in syslog (/var/log/messages) when that problem happens. Look for vdelivermail. Do you see any vdelivermail coredumps? If yes, then this is the same problem I had, which is most likely related to vdelivermail not handling certain maildrop exit codes (I dont recall them off hand) So as a workaround, try this: SHELL=/bin/sh import EXT import HOST VHOME=`~vpopmail/bin/vuserinfo -d [EMAIL PROTECTED] `test -d $VHOME/Maildir` if ( $RETURNCODE == 1 ) { echo Sorry, no mailbox here by that name. (#5.1.1) EXITCODE=100 exit } # Default delivery exception { to $VHOME/Maildir/ } Quoting Leto Tokarev [EMAIL PROTECTED]: Hi! vpopmail 5.2.1+seekable maildrop 1.5.1 (same results with mdrop1.6, 1.6.1, vpop5.3.27) .qmail-default: | preline /usr/local/bin/maildrop mailfilter very simple mailfilter: logfile x import EXT import HOST VPOP=| /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox to $VPOP [EMAIL PROTECTED] is a Maildir. valias [EMAIL PROTECTED] - [EMAIL PROTECTED] comes from mysql table. Out of 10 mails sent to [EMAIL PROTECTED] usually 4 lose, 6 gets delivered. What should I look for? I debugged what's happening with vdelivermail: It always gets the mail, and looks up the valias. When things okay, it runs a second delivery, but this time to the final Maildir. Sometimes this step missing. More strange: 100% success when an alias comes from dot-qmail file, or when the valias points to a different domain (no matter if local or remote). Leto Respectfully, Tim Hasson
Re: [vchkpw] Outlook unable to relay, Kmail can...
Eric, thanks for the suggestion, but that was not the solution... I will be reviewing the site you recommended to see if I can find a clue as to what this could be... More info: It is not just Outlook that I'm having problems with, it's anything Windows... I have tried Outlook, Outlook Express, and Eudora - all were able to receive mail but unable to send it. Recap: I have a qmail box that I am only serving virtual mailboxes from using qmail+vpopmail. My Linux-based users report no problems, all is fine. My Windows-based users can check their mail but cannot send it. The log reports nothing wrong. The error reported by Outlook is the standard one about the domain not being listed in rcpthosts... This has really got me baffled because the behavior is not consistent. I can't understand how it could work for Linux clients but not Windows... The OS shouldn't really be a factor... On Tuesday 30 September 2003 01:51, you wrote: Dave, I think I had the same problem. What is the error you are getting back? What is the log showing? I ended up replacing my /service/qmail-smtpd/run file with the script below and now relaying works. Just a thought, hope it helps. (this was out of the guide at: http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm which is the best guide I've seen around) - Eric #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver \ -H -l mail.mydomain.net\ -v -x /etc/tcp.smtp.cdb \ -c 20 -R -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd -b -C \ -r 'relays.ordb.org:Your message was rejected because the mail server you use is configured to allow OPEN RELAY - More detailed information regarding this problem is available from http://www.ordb.org/lookup/?%IP% - Please forwa rd this error through to your email server support staff for easy resolution.' \ -r 'proxies.relays.monkeys.com:Your message was rejected because the message was sent from an OPEN PROXY - More i nformation regarding this problems is available at http://www.monkeys.com/upl/listed-ip-0.cgi?ip=%IP% - Please forw ard this error to your email server support staff for resolution.' \ -t 5 \ /var/qmail/bin/qmail-smtpd 21 # The line in orange should be used if you are running qmail on a computer # that is on a LAN that is using fake ips/masquerading. # It tells tcpserver not to bother trying to resolve ip addresses # to names when writing the SMTP log files. Usually with fake ips, # you cant resolve them to names, so it will make the SMTP services run # really slowly if it is always trying to resolve these addresses. # Alternatively, if you are eg an ISP and all your SMTP clients are # connecting from real IPs with resolvable names, then you can omit # the orange line and then then benefit from more readable logfiles. __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
Re: [vchkpw] Outlook unable to relay, Kmail can...
Are Linux clients relaying using your SMTP box, or are they sending by themselves? Tonino At 01/10/03 01/10/03 +, David Benson wrote: Eric, thanks for the suggestion, but that was not the solution... I will be reviewing the site you recommended to see if I can find a clue as to what this could be... More info: It is not just Outlook that I'm having problems with, it's anything Windows... I have tried Outlook, Outlook Express, and Eudora - all were able to receive mail but unable to send it. Recap: I have a qmail box that I am only serving virtual mailboxes from using qmail+vpopmail. My Linux-based users report no problems, all is fine. My Windows-based users can check their mail but cannot send it. The log reports nothing wrong. The error reported by Outlook is the standard one about the domain not being listed in rcpthosts... This has really got me baffled because the behavior is not consistent. I can't understand how it could work for Linux clients but not Windows... The OS shouldn't really be a factor... On Tuesday 30 September 2003 01:51, you wrote: Dave, I think I had the same problem. What is the error you are getting back? What is the log showing? I ended up replacing my /service/qmail-smtpd/run file with the script below and now relaying works. Just a thought, hope it helps. (this was out of the guide at: http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm which is the best guide I've seen around) - Eric #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver \ -H -l mail.mydomain.net\ -v -x /etc/tcp.smtp.cdb \ -c 20 -R -u $QMAILDUID -g $NOFILESGID 0 smtp \ /usr/local/bin/rblsmtpd -b -C \ -r 'relays.ordb.org:Your message was rejected because the mail server you use is configured to allow OPEN RELAY - More detailed information regarding this problem is available from http://www.ordb.org/lookup/?%IP% - Please forwa rd this error through to your email server support staff for easy resolution.' \ -r 'proxies.relays.monkeys.com:Your message was rejected because the message was sent from an OPEN PROXY - More i nformation regarding this problems is available at http://www.monkeys.com/upl/listed-ip-0.cgi?ip=%IP% - Please forw ard this error to your email server support staff for resolution.' \ -t 5 \ /var/qmail/bin/qmail-smtpd 21 # The line in orange should be used if you are running qmail on a computer # that is on a LAN that is using fake ips/masquerading. # It tells tcpserver not to bother trying to resolve ip addresses # to names when writing the SMTP log files. Usually with fake ips, # you cant resolve them to names, so it will make the SMTP services run # really slowly if it is always trying to resolve these addresses. # Alternatively, if you are eg an ISP and all your SMTP clients are # connecting from real IPs with resolvable names, then you can omit # the orange line and then then benefit from more readable logfiles. __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com [EMAIL PROTECTED]Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED]
[vchkpw] RE: How to Stop Spam
Thanks you all for the suggestion, but i can't authenticate my users before they use the smtp. Because our users relay mail throug us, nut we are not necessary they mail server. I have configure my server to only allow the relay to the ip address block that we manage. Thanks. Jesus Bernardo Ruiz Flores ISP
[vchkpw] Re: How to Stop Spam
Jonathan Viney [EMAIL PROTECTED] wrote in news:[EMAIL PROTECTED]: This will allow any valid vpopmail user to use their email address and password as an SMTP login. However, the most popular qmail-smtpd-auth patch has CRAM-MD5 as one of the auth methods and as far as I know vpopmail [at least in standard installation, where all passwords are stored as encrypted] will not work with this mode of authorization. Supposively one has to disable the CRAM- MD5 announcement in the patch source. If one doesn't do that, clients that do have CRAM-MD5 as one of the AUTH methods [supposively for example Pegasus], will try that by default and it will fail. Am I correct in the above assumption or has something changed? -- tomasz 'tonid' nidecki, zoliborz, warszawa, poland [EMAIL PROTECTED] http://tonid.net http://endemic.org jabber: [EMAIL PROTECTED] registered linux user #308829 'don't worry, hug a pleco' (c)hubertus
Re: [vchkpw] Valias and maildrop/vdelivermail, and valias bug?
Hi, What if valias exited with -1 if it's an invalid alias? I just changed it to do so in the CVS repository, and it will be in 5.3.28. Cheers, most appreciated :). I am still wondering about the catchall stuff though. If I can check valias as well then I could use something like: VPOP=| ~vpopmail/bin/vdelivermail '' bounce-no-mailbox VHOME=`~vpopmail/bin/vuserinfo -d [EMAIL PROTECTED] if ($RETURNCODE != 0) { VALIAS=`~vpopmail/bin/valias -s [EMAIL PROTECTED] if ($RETURNCODE != 0) { VDOMHOME=`~vpopmail/bin/vdominfo -d $HOST` exception { # this .catchall file could have the line # to ! catchall include $VDOMHOME/.catchall } # if the .catchall file didn't exist then bounce with # vdelivermail so msg includes bounce details to $VPOP } } I'll have a play around and try to get this working tomorrow. This does seem odd to me though.., none of the maildrop scripts I have seen seem to deal with aliases! Thanks, Jonathan
Re: [vchkpw] Re: How to Stop Spam
Hi, This will allow any valid vpopmail user to use their email address and password as an SMTP login. However, the most popular qmail-smtpd-auth patch has CRAM-MD5 as one of the auth methods and as far as I know vpopmail [at least in standard installation, where all passwords are stored as encrypted] will not work with this mode of authorization. Supposively one has to disable the CRAM- MD5 announcement in the patch source. If one doesn't do that, clients that do have CRAM-MD5 as one of the AUTH methods [supposively for example Pegasus], will try that by default and it will fail. Am I correct in the above assumption or has something changed? Well, I hadn't thought of that but it is quite possibly correct. Although, I just tried out Evolution with method set to CRAM-MD5 and was able to auth with the SMTP-auth patch and vpopmail. But I don't know if Evolution will fall back on plain or login if it fails MD5 I wouldn't have thought so but you never know. Anyone else been able to use CRAM-MD5 with vpopmail? Cheers, Jonathan
Re: [vchkpw] Outlook unable to relay, Kmail can...
David - I would recommend putting recordio into the qmail startup and seeing how the Windows clients are trying to auth, and then compare with the linux clients. This might help pin down your auth problems. If not, I think I've got some patches around that greatly increase the logging verbosity of qmail-smtpd when auth'ing because I had some similar problems that I had a devil of a time tracking down. HtH, Nick Harring David Benson wrote: Eric, thanks for the suggestion, but that was not the solution... I will be reviewing the site you recommended to see if I can find a clue as to what this could be... More info: It is not just Outlook that I'm having problems with, it's anything Windows... I have tried Outlook, Outlook Express, and Eudora - all were able to receive mail but unable to send it. Recap: I have a qmail box that I am only serving virtual mailboxes from using qmail+vpopmail. My Linux-based users report no problems, all is fine. My Windows-based users can check their mail but cannot send it. The log reports nothing wrong. The error reported by Outlook is the standard one about the domain not being listed in rcpthosts... This has really got me baffled because the behavior is not consistent. I can't understand how it could work for Linux clients but not Windows... The OS shouldn't really be a factor... On Tuesday 30 September 2003 01:51, you wrote: Dave, I think I had the same problem. What is the error you are getting back? What is the log showing? I ended up replacing my /service/qmail-smtpd/run file with the script below and now relaying works. Just a thought, hope it helps. (this was out of the guide at: http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm which is the best guide I've seen around) - Eric #!/bin/sh QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` exec /usr/local/bin/softlimit -m 200 \ /usr/local/bin/tcpserver \ -H -l mail.mydomain.net\ -v -x /etc/tcp.smtp.cdb \ -c 20 -R -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ /usr/local/bin/rblsmtpd -b -C \ -r 'relays.ordb.org:Your message was rejected because the mail server you use is configured to allow OPEN RELAY - More detailed information regarding this problem is available from http://www.ordb.org/lookup/?%IP% - Please forwa rd this error through to your email server support staff for easy resolution.' \ -r 'proxies.relays.monkeys.com:Your message was rejected because the message was sent from an OPEN PROXY - More i nformation regarding this problems is available at http://www.monkeys.com/upl/listed-ip-0.cgi?ip=%IP% - Please forw ard this error to your email server support staff for resolution.' \ -t 5 \ /var/qmail/bin/qmail-smtpd 21 # The line in orange should be used if you are running qmail on a computer # that is on a LAN that is using fake ips/masquerading. # It tells tcpserver not to bother trying to resolve ip addresses # to names when writing the SMTP log files. Usually with fake ips, # you cant resolve them to names, so it will make the SMTP services run # really slowly if it is always trying to resolve these addresses. # Alternatively, if you are eg an ISP and all your SMTP clients are # connecting from real IPs with resolvable names, then you can omit # the orange line and then then benefit from more readable logfiles. __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
Re: [vchkpw] Re: maildir++ patch doesn't solve the problem
On Sat, Sep 20, 2003 at 08:58:37AM -0700, Tim Hasson wrote: I do not use/like sqwebmail, but what you did simplifies a lot of things. sqwebmail doesn't do much special. The only thing I like about it is it access maildir's directly. Same here, and it can edit maildrop filters. I have on my todo list a maildrop filter editor web page so we can replace sqwebmail functionality, or at least give users a choice. It's pretty far down on my list, though. I would too, and I do. The authoritative source of info is in the database, and when the users file gets created, the database is consulted for the proper value. When it's updated, a script goes back to update the users file. This also allows for delivery should the database go down, and is less database load in general. This is very nice. Can you elaborate more on the above? Do you mind sharing your script(s)? I've been trying to make time to sanitize my scripts for publication, but I've just been so swamped. That's why it's taken so long to reply, and I apologize. What I basically have is wrapper around each vpopmail command. The billing system sets user preferences such as if they get spam filtering. Then the billing system inserts a task into a database that the mail cluster checks for. It picks up the tasks and runs the wrapper, which involves adding the user with the vpopmail vadduser command, then consulting the billing database for user preferences. The wrapper writes out all the default filters, and quota and spam preferences and all that fun. It's pretty simple, actually. When the spam preferences or the quota settings get changed, the billing system pushes out an update command. The mail cluster picks this up and re-writes the appropriate files. In this way, we have the authoritative source of info available for lookup by billing and tech support, yet the system still runs independantly of other systems. Yes, I agree. My excuse here was that the second command would only be run if the maildirsize file was not found. This still has the double exec effect on delivery to accounts with no quota :/ Yeah, that's a nice and straightforward way of doing it, and probably works fine for low-volume systems. I'm still trying to optimize further by reducing the number of filter files maildrop needs to open, but I haven't come up with a clean way of that yet. Really though, this is all a drop in the bucket when I'm running spamc for spam filtering customers =) --Doug
[vchkpw] Strange messages in qmail-send log after upgrading to vpopmail 5.3.27
Hi, I'm running qmail for quite a while now, and recently decided to give the latest vpopmail version a try. So I upgraded from 5.3.20 to 5.3.27. Everything works fine so far, except that I'm getting some weird log entries when mail is delivered to a catchall address. The mail is delivered fine, despite the error message. Here's an example of what it looked like before the upgrade (I've removed the real domain name with *domainname*): new msg 240765 info msg 240765: bytes 13833 from *removed* qp 16950 uid 106 starting delivery 30350: msg 240765 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 30350: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/*domainname*/postmaster/Maildir//did_0+0+1/ status: local 0/10 remote 0/20 end msg 240765 And that's what it looks like with 5.3.27: new msg 240629 info msg 240629: bytes 79927 from *removed* qp 13841 uid 106 starting delivery 24: msg 240629 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 24: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/*domainname*/postmaster//Error._Domain_postmaster_was_not_found_in_the_assign_file/did_0+0+1/ status: local 0/10 remote 0/20 end msg 240629 I've read before that some new error checking code was added in 5.3.26; maybe that's the reason for this, too? Any help is appreciated. Thanks Jochen
Re: [vchkpw] Strange messages in qmail-send log after upgrading to vpopmail 5.3.27
On Wednesday, October 1, 2003, at 01:10 PM, Jochen Schug wrote: And that's what it looks like with 5.3.27: new msg 240629 info msg 240629: bytes 79927 from *removed* qp 13841 uid 106 starting delivery 24: msg 240629 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 24: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/ *domainname*/postmaster// Error._Domain_postmaster_was_not_found_in_the_assign_file/did_0+0+1/ status: local 0/10 remote 0/20 end msg 240629 I think I may have found the cause. Does the pathname in your .qmail-default file include a trailing /? vdelivermail is adding a / at the end, and I think it may be doing a double-slash (which messes up code later on that tried to figure out the domain name from the path). The code in domain_over_maildirquota() in maildirquota.c is kind of screwy, and I think that's where the problem is. It's going through the directory name, and deciding that 'postmaster' is the domain name instead of '*domainname*'. I'm not sure why it's mis-counting it now (unless it's the double-/). That function definitely has problems -- if strstr(domdir, /Maildir/) fails, then p is NULL and the code that follows (while (*(--p) != '/');) is not good. Perhaps Brian Kolaci can provide some details on that function. Could we outright replace it with a function that took the domain name as a parameter? vdelivermail should know what domain it's processing mail for by the time it needs to call that function. -- Tom Collins [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] Strange messages in qmail-send log after upgrading to vpopmail 5.3.27
Tom Collins wrote: On Wednesday, October 1, 2003, at 01:10 PM, Jochen Schug wrote: And that's what it looks like with 5.3.27: new msg 240629 info msg 240629: bytes 79927 from *removed* qp 13841 uid 106 starting delivery 24: msg 240629 to local [EMAIL PROTECTED] status: local 1/10 remote 0/20 delivery 24: success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/ *domainname*/postmaster// Error._Domain_postmaster_was_not_found_in_the_assign_file/did_0+0+1/ status: local 0/10 remote 0/20 end msg 240629 I think I may have found the cause. Does the pathname in your .qmail-default file include a trailing /? vdelivermail is adding a / at the end, and I think it may be doing a double-slash (which messes up code later on that tried to figure out the domain name from the path). Tom, I'm afraid that's not the case. I checked the .qmail-default file, here's its content: | /home/vpopmail/bin/vdelivermail '' /home/vpopmail/domains/*domainname*/postmaster The code in domain_over_maildirquota() in maildirquota.c is kind of screwy, and I think that's where the problem is. It's going through the directory name, and deciding that 'postmaster' is the domain name instead of '*domainname*'. I'm not sure why it's mis-counting it now (unless it's the double-/). That function definitely has problems -- if strstr(domdir, /Maildir/) fails, then p is NULL and the code that follows (while (*(--p) != '/');) is not good. Perhaps Brian Kolaci can provide some details on that function. Could we outright replace it with a function that took the domain name as a parameter? vdelivermail should know what domain it's processing mail for by the time it needs to call that function. Regards Jochen
Re: [vchkpw] Strange messages in qmail-send log after upgrading to vpopmail 5.3.27
On Wednesday, October 1, 2003, at 03:20 PM, Jochen Schug wrote: I tried adding the trailing slash, there's the result: Please remove the trailing slash and try this patch. The changes in vdelivermail resulted in a double-slash (adding a / and the /Maildir/). The result is that mail is delivered fine, but domain quotas won't work. -- diff -u -r1.3 vdelivermail.c --- vdelivermail.c 14 Sep 2003 21:51:59 - 1.3 +++ vdelivermail.c 1 Oct 2003 22:39:53 - @@ -1089,12 +1089,12 @@ /* check if it is a path add the /Maildir/ for delivery */ if ( bounce[0] == '/' ) { -strcat( bounce, /); +if (bounce[strlen(bounce)-1] != '/') strcat( bounce, /); printf (user does not exist, but will deliver to %s\n, bounce); if( check_forward_deliver(bounce) == 1 ) vexit(0); else -strcat( bounce, /Maildir/); +strcat( bounce, Maildir/); } ret = deliver_mail(bounce, NOQUOTA ); --- If it's a good fix, I'll include it in the 5.3.28 release (which is planned for later today). This should fix a few things. It only adds a trailing slash if one isn't there, and it doesn't double-up the slash when adding /Maildir/. -- Tom Collins [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] Strange messages in qmail-send log after upgrading to vpopmail 5.3.27
Tom Collins wrote: On Wednesday, October 1, 2003, at 03:20 PM, Jochen Schug wrote: I tried adding the trailing slash, there's the result: Please remove the trailing slash and try this patch. The changes in vdelivermail resulted in a double-slash (adding a / and the /Maildir/). The result is that mail is delivered fine, but domain quotas won't work. -- diff -u -r1.3 vdelivermail.c --- vdelivermail.c 14 Sep 2003 21:51:59 - 1.3 +++ vdelivermail.c 1 Oct 2003 22:39:53 - @@ -1089,12 +1089,12 @@ /* check if it is a path add the /Maildir/ for delivery */ if ( bounce[0] == '/' ) { -strcat( bounce, /); +if (bounce[strlen(bounce)-1] != '/') strcat( bounce, /); printf (user does not exist, but will deliver to %s\n, bounce); if( check_forward_deliver(bounce) == 1 ) vexit(0); else -strcat( bounce, /Maildir/); +strcat( bounce, Maildir/); } ret = deliver_mail(bounce, NOQUOTA ); --- If it's a good fix, I'll include it in the 5.3.28 release (which is planned for later today). This should fix a few things. It only adds a trailing slash if one isn't there, and it doesn't double-up the slash when adding /Maildir/. Tom, This fix works pretty good - mail is delivered fine, and the error message doesn't appear in the logs anymore. But still, the log message differs slightly from the one that vpopmail 5.3.20 writes. success: user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/*domainname*/postmaster//did_0+0+1/ is now written, whereas the old version had the Maildir/ after the user name as well. Which is more correct, I think; the maildir where the mail is delivered is not the one with the username, but the actual Maildir one level deeper. But that's just a matter of when the bounce message is printed - before or after the last strcat (if I get this right - my C skills are almost not existant ;-)). Regards Jochen
[vchkpw] RE: imap before smtp
-Original Message- From: Ken Jones [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 12:44 PM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] imap before smtp The preauthvchkpw.c module needs to be modified. The problem is, when a user attempts to authenticate, if their user name exists on the system then it will open up relay. However, at that point in the code the user has not been authenticated. I attempted to fix this before but became confused on which function is called from what file. It's a bit obtuse for me. an quick hack could be to verify the password at that point, then open up relay on a valid password. The real fix would be to trace the fucntions and open up relay after password verification. Perhaps someone could figure it out. Ken Jones On Thursday 11 September 2003 2:35 pm, Charles Sprickman wrote: This is a good FAQ item, for when we have a FAQ. Mr. Sam has disabled the imap-before-smtp function in the authvchkpw code. I've looked at the courier archives, and there's no explanation from him as to what the problem is... Just lots of questions. :) Bill's suggestion might not work, as he #undefs the value. In your courier source dir, go into the authlib dir and open preauthvchkpw.c for editing. Look for a line like this: #undef HAVE_OPEN_SMTP_RELAY Go ahead and change that #undef to #define and it will work properly. I can't comment on what the security concerns are, because I don't know what they are. It does work however. Charles On Thu, 11 Sep 2003, ted wrote: I've got a LWQ-style qmail configuration, plus vpopmail 5.3.27 and courier-imap-2.1.1.20030902. I have roaming users enabled (as well as qmail-ext), and POP3 before SMTP works perfectly (using qmail-pop3d). IMAP also seems to work just fine, but it does not update open-smtp. My workaround of creating a separate POP account to POP in without retrieving msgs allows me to send via IMAP, but is obviously not an ideal solution. (I'm using Thunderbird .2). I've installed courier-imap numerous times (with different releases up to 20030902), both with authdaemon enabled as well as disabled. In both cases, the results are the same (meaning that I can read mail but not relay). Perhaps my understanding is wrong, but I was under the impression that since these are virtual domains I'm having trouble with (all my domains are virtual), the fact that I am able to read mail at all under IMAP would indicate that vchkpw is being called from courier-imap. Since qmail-pop3d invokes vchkpw and works, I'm puzzled. I'm afraid I don't know where to look log-wise. thanks for any hints. -ted What Ken says is correct. Simply by turning HAVE_OPEN_SMTP_RELAY on will allow IPs to be added to open-smtp REGARDLESS of whether authentication is successful. Here is a patch for preauthvchkpw.c use it at your own risk *** works for me. == --- preauthvchkpw.c.orig2003-10-01 20:24:26.0 -0400 +++ preauthvchkpw.c 2003-10-01 20:24:51.0 -0400 @@ -27,8 +27,17 @@ static const char rcsid[]=$Id: preauthvchkpw.c,v 1.18 2003/03/12 02:45:55 mrsam Exp $; -#undef HAVE_OPEN_SMTP_RELAY +#define HAVE_OPEN_SMTP_RELAY /* Disabled, pending fix */ +#ifdef HAVE_OPEN_SMTP_RELAY +struct callback_info { + const char *pass; + char *userret; + int issession; + void (*callback_func)(struct authinfo *, void *); + void *callback_arg; + }; +#endif int auth_vchkpw_pre(const char *userid, const char *service, int (*callback)(struct authinfo *, void *), @@ -71,6 +80,10 @@ free(usercopy); vclose(); +#ifdef HAVE_OPEN_SMTP_RELAY +struct callback_info *i=(struct callback_info *)arg; +#endif + if (!vpw) { errno=notfound; @@ -86,7 +99,9 @@ } else { #ifdef HAVE_OPEN_SMTP_RELAY /* open the relay to pop users */ + if (vpw-pw_passwd != 0 !authcheckpassword(i-pass, vpw-pw_passwd)) { open_smtp_relay(); + } #endif } } else if ( strcmp(imap, service) == 0 ) { @@ -95,7 +110,9 @@ } else { #ifdef HAVE_OPEN_SMTP_RELAY /* open the relay to imap users */ +if (vpw-pw_passwd != 0 !authcheckpassword(i-pass, vpw-pw_passwd)) { open_smtp_relay(); +} #endif } } == Lu