Re: [vchkpw] read my mail with mozilla]]

2003-11-17 Thread Justin Heesemann
On Monday 17 November 2003 06:13, deny wrote:
 Matt wrote:
  what happens when you hit the Get new messages button?
 
  d

 when i hit this button ,mozilla try to connect to localhost
 but nothing arrive
 this is a log of rc.startmail

 tcpserver: status: 1/40
 tcpserver: pid 2394 from 127.0.0.1
 tcpserver: ok 2394 localhost:127.0.0.1:110 :127.0.0.1::32916
 tcpserver: end 2394 status 256
 tcpserver: status: 0/40
  394  -ERR usage: popup hostname subprogram
 2394  [EOF]

looks like some problem with your rc script.
could you paste the line where qmail-pop3d,qmail-popup and vpopmail are 
started (actually only qmail-popup is started.. but the others should 
appear in the same line)


-- 
Mit internetten Grüßen / Best Regards
---
Justin Heesemannionium Technologies
[EMAIL PROTECTED]www.ionium.org




Re: [vchkpw] read my mail with mozilla]]

2003-11-17 Thread deny
Ju

tcpserver: end 2394 status 256
tcpserver: status: 0/40
394  -ERR usage: popup hostname subprogram
2394  [EOF]
   

looks like some problem with your rc script.
could you paste the line where qmail-pop3d,qmail-popup and vpopmail are 
started (actually only qmail-popup is started.. but the others should 
appear in the same line)

of course
hre is my rc.startmail who starts all the script
#!/bin/bash
export 
PATH=/usr/local/bin:/var/qmail/bin:/var/vpopmail/bin:/usr/local/bin/ezmlm:$PATH
echo Starting Qmail and Vpopmail daemons ...
export QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
/var/qmail/rc 
/usr/local/bin/tcpserver -v -H -R -x /etc/tcp.smtp.cdb -c20 -u1033 -g103 
0 smtp /usr/local/bin/recordio /var/qmail/bin/qmail-smtpd 21 /dev/null 
 /usr/local/bin/tcpserver -v -H -R 0 pop3 /usr/local/bin/recordio 
/var/qmail/bin/qmail-popup
\  linux-pour-lesnuls.com /var/vpopmail/bin/vchkpw 
/var/qmail/bin/qmail-pop3d Maildir

a++



 






[vchkpw] Can not add users with qmailadmin with vpopmail 5.3.29

2003-11-17 Thread list2
When I recently upgraded to vpopmail 5.3.29 from vpopmail 5.3.27 I
realized that I can no longer add users under qmailadmin.

I can use any version of qmailadmin, it just depends on the version of
vpopmail that I am using.  When I add a user with 5.3.29 it just comes
back and says a user can not be added.

Has anyone else had this same problem?
Thanks,
-Steve



[vchkpw] Compiling error with mysql

2003-11-17 Thread Ron Dyck
I'm trying to compiling vpopmail 5.3.29 with mysql 4.1.0 and I'm getting
errors.

Here's my configure:

./configure \
--enable-roaming-users=y \
--enable-logging=p \
--enable-defaultquota=20971520S \
--enable-ip-alias-domains=n \
--enable-passwd=n \
--enable-clear-passwd=y \
--enable-domain-quotas=n \
--enable-mysql=y \
--enable-many-domains=n \
--enable-auth-logging=y \
--enable-mysql-logging=y \
--enable-valias=y \
--enable-incdir=/usr/local/mysql/include \
--enable-libdir=/usr/local/mysql/lib

And here are the errors on make:

gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c `test -f
'vpopmail.c' || echo './'`vpopmail.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c `test -f
'md5.c' || echo './'`md5.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c `test -f
'bigdir.c' || echo './'`bigdir.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c `test -f
'vauth.c' || echo './'`vauth.c
vauth.c:33:19: mysql.h: No such file or directory
vauth.c:40: parse error before mysql_update
vauth.c:40: warning: type defaults to `int' in declaration of `mysql_update'
vauth.c:40: warning: data definition has no type or storage class
vauth.c:41: parse error before mysql_read_getall
vauth.c:41: warning: type defaults to `int' in declaration of
`mysql_read_getall'
vauth.c:41: warning: data definition has no type or storage class
vauth.c:59: parse error before '*' token
vauth.c:59: warning: type defaults to `int' in declaration of `res_update'
vauth.c:59: warning: data definition has no type or storage class
vauth.c:60: parse error before '*' token
vauth.c:60: warning: type defaults to `int' in declaration of
`res_read_getall'
vauth.c:60: warning: data definition has no type or storage class
vauth.c:68: parse error before row
vauth.c:68: warning: type defaults to `int' in declaration of `row'
vauth.c:68: warning: data definition has no type or storage class
vauth.c:69: parse error before row_getall
vauth.c:69: warning: type defaults to `int' in declaration of `row_getall'
vauth.c:69: warning: data definition has no type or storage class
vauth.c: In function `vauth_open_update':
vauth.c:203: warning: implicit declaration of function `mysql_init'
vauth.c:204: warning: implicit declaration of function `mysql_options'
vauth.c:204: `MYSQL_OPT_CONNECT_TIMEOUT' undeclared (first use in this
function)
vauth.c:204: (Each undeclared identifier is reported only once
vauth.c:204: for each function it appears in.)
vauth.c:207: warning: implicit declaration of function `mysql_real_connect'
vauth.c:226: warning: implicit declaration of function `mysql_query'
vauth.c:231: warning: implicit declaration of function `mysql_error'
vauth.c:231: warning: format argument is not a pointer (arg 3)
vauth.c:236: warning: implicit declaration of function `mysql_select_db'
vauth.c: In function `vauth_adduser':
vauth.c:403: warning: format argument is not a pointer (arg 3)
vauth.c: In function `vauth_getpw':
vauth.c:454: warning: format argument is not a pointer (arg 3)
vauth.c:458: warning: implicit declaration of function `mysql_store_result'
vauth.c:458: warning: assignment makes pointer from integer without a cast
vauth.c:463: warning: implicit declaration of function `mysql_num_rows'
vauth.c:464: warning: implicit declaration of function `mysql_free_result'
vauth.c:482: warning: implicit declaration of function `mysql_fetch_row'
vauth.c:483: subscripted value is neither array nor pointer
vauth.c:483: subscripted value is neither array nor pointer
vauth.c:483: subscripted value is neither array nor pointer
vauth.c:483: subscripted value is neither array nor pointer
vauth.c:483: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:484: subscripted value is neither array nor pointer
vauth.c:485: subscripted value is neither array nor pointer
vauth.c:485: subscripted value is neither array nor pointer
vauth.c:486: subscripted value is neither array nor pointer
vauth.c:486: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:487: subscripted value is neither array nor pointer
vauth.c:488: subscripted value is neither array nor pointer
vauth.c:488: subscripted value is neither array nor pointer
vauth.c:488: subscripted value is neither array nor pointer
vauth.c:488: subscripted value is neither array nor pointer
vauth.c:488: subscripted value is neither array nor pointer
vauth.c:488: 

[vchkpw] Compiling error with mysql

2003-11-17 Thread Ron Dyck
 I'm trying to compiling vpopmail 5.3.29 with mysql 4.1.0 and I'm getting
 errors.

 Here's my configure:

 ./configure \
 --enable-roaming-users=y \
 --enable-logging=p \
 --enable-defaultquota=20971520S \
 --enable-ip-alias-domains=n \
 --enable-passwd=n \
 --enable-clear-passwd=y \
 --enable-domain-quotas=n \
 --enable-mysql=y \
 --enable-many-domains=n \
 --enable-auth-logging=y \
 --enable-mysql-logging=y \
 --enable-valias=y \
 --enable-incdir=/usr/local/mysql/include \
 --enable-libdir=/usr/local/mysql/lib

 And here are the errors on make:

 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'vpopmail.c' || echo './'`vpopmail.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'md5.c' || echo './'`md5.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'bigdir.c' || echo './'`bigdir.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'vauth.c' || echo './'`vauth.c
 vauth.c:33:19: mysql.h: No such file or directory
 vauth.c:40: parse error before mysql_update
 vauth.c:40: warning: type defaults to `int' in declaration of
`mysql_update'
 vauth.c:40: warning: data definition has no type or storage class
 vauth.c:41: parse error before mysql_read_getall
 vauth.c:41: warning: type defaults to `int' in declaration of
 vauth.c:693: subscripted value is neither array nor pointer
 vauth.c:693: subscripted value is neither array nor pointer
 vauth.c: In function `vauth_setpw':
 vauth.c:781: warning: format argument is not a pointer (arg 3)
 vauth.c: In function `vopen_smtp_relay':
 vauth.c:820: warning: format argument is not a pointer (arg 3)
 vauth.c:823: warning: implicit declaration of function
`mysql_affected_rows'
 vauth.c: In function `vupdate_rules':
 vauth.c:838: warning: format argument is not a pointer (arg 3)
 vauth.c:842: warning: assignment makes pointer from integer without a cast
 vauth.c:847: subscripted value is neither array nor pointer
 vauth.c: In function `vcreate_relay_table':
 vauth.c:876: warning: format argument is not a pointer (arg 3)
 vauth.c: In function `vclose':
 vauth.c:891: warning: implicit declaration of function `mysql_close'
 vauth.c: In function `vread_dir_control':
 vauth.c:1038: warning: assignment makes pointer from integer without a cast
 vauth.c:1043: warning: comparison between pointer and integer
***some simular ***
 vauth.c:1391: subscripted value is neither array nor pointer
 vauth.c:1392: subscripted value is neither array nor pointer
 make[2]: *** [vauth.o] Error 1
 make[2]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
 make[1]: *** [all-recursive] Error 1
 make[1]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
 make: *** [all] Error 2

 ==
 Ron Dyck
 Webbtech
 www.webbtech.net
 ==





[vchkpw] Compiling errors

2003-11-17 Thread Ron Dyck
I'm trying to compiling vpopmail 5.3.29 with mysql 4.1.0 and I'm getting
 errors.

 Here's my configure:

 ./configure \
 --enable-roaming-users=y \
 --enable-logging=p \
 --enable-defaultquota=20971520S \
 --enable-ip-alias-domains=n \
 --enable-passwd=n \
 --enable-clear-passwd=y \
 --enable-domain-quotas=n \
 --enable-mysql=y \
 --enable-many-domains=n \
 --enable-auth-logging=y \
 --enable-mysql-logging=y \
 --enable-valias=y \
 --enable-incdir=/usr/local/mysql/include \
 --enable-libdir=/usr/local/mysql/lib

 And here are the errors on make:

 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'vpopmail.c' || echo './'`vpopmail.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'md5.c' || echo './'`md5.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'bigdir.c' || echo './'`bigdir.c
 gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
`test -f
 'vauth.c' || echo './'`vauth.c
 vauth.c:33:19: mysql.h: No such file or directory
 vauth.c:40: parse error before mysql_update
 vauth.c:40: warning: type defaults to `int' in declaration of
`mysql_update'
 vauth.c:40: warning: data definition has no type or storage class
 vauth.c:41: parse error before mysql_read_getall
 vauth.c:41: warning: type defaults to `int' in declaration of

*** multiple other errors ***

 make[2]: *** [vauth.o] Error 1
 make[2]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
 make[1]: *** [all-recursive] Error 1
 make[1]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
 make: *** [all] Error 2

==
Ron Dyck
Webbtech
www.webbtech.net  --  [EMAIL PROTECTED]
==




Re: [vchkpw] Can not add users with qmailadmin with vpopmail 5.3.29

2003-11-17 Thread list2
Yes I did.
The versions on the main qmailadmin screen are correct when I did this also.
Is there a place where I can view these error logs?

Thanks for your response.
-Steve


 At 10:02 AM 11/17/2003, you wrote:
When I recently upgraded to vpopmail 5.3.29 from vpopmail 5.3.27 I
realized that I can no longer add users under qmailadmin.
I can use any version of qmailadmin, it just depends on the version of
vpopmail that I am using.  When I add a user with 5.3.29 it just comes
back and says a user can not be added.

 Steve,


 Did you recompile and reinstall qmailadmin after upgrading
 vpopmail?

 Greg








Re: [vchkpw] Compiling errors

2003-11-17 Thread Ron Dyck
  I'm trying to compiling vpopmail 5.3.29 with mysql 4.1.0 and I'm getting
   errors.
   'vauth.c' || echo './'`vauth.c
   vauth.c:33:19: mysql.h: No such file or directory

 Either you do not have the libmysqlclient headers installed, or the
configure
 script is unable to find them.  If they are installed, configure --help
should
 tell you how to tell it where the headers live.

 - Erik



Path was incorrect.

I had this:

--enable-incdir=/usr/local/mysql/include \
--enable-libdir=/usr/local/mysql/lib

but it should have been:

--enable-incdir=/usr/local/mysql/include/mysql \
--enable-libdir=/usr/local/mysql/lib/mysql

thanks for the help

ron





[vchkpw] adding domains using mysql

2003-11-17 Thread Ron Dyck
I'm attempting to add domains with vpopmail configured with mysql. I get the
following error:

/home/vpopmail/bin/vadddomain: error while loading shared libraries:
libmysqlclient.so.14: cannot open shared object file: No such file or
directory

==
Ron Dyck
Webbtech
www.webbtech.net
==





Re: [vchkpw] Compiling error with mysql

2003-11-17 Thread Franck
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello

  I'm trying to compiling vpopmail 5.3.29 with mysql 4.1.0 and I'm getting
  errors.

have you mysql-devel packages ?

  Here's my configure:

  ./configure \
  --enable-roaming-users=y \
  --enable-logging=p \
  --enable-defaultquota=20971520S \
  --enable-ip-alias-domains=n \
  --enable-passwd=n \
  --enable-clear-passwd=y \
  --enable-domain-quotas=n \
  --enable-mysql=y \
  --enable-many-domains=n \
  --enable-auth-logging=y \
  --enable-mysql-logging=y \
  --enable-valias=y \
  --enable-incdir=/usr/local/mysql/include \
  --enable-libdir=/usr/local/mysql/lib

  And here are the errors on make:

  gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
 `test -f
  'vpopmail.c' || echo './'`vpopmail.c
  gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
 `test -f
  'md5.c' || echo './'`md5.c
  gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
 `test -f
  'bigdir.c' || echo './'`bigdir.c
  gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
 `test -f
  'vauth.c' || echo './'`vauth.c
  vauth.c:33:19: mysql.h: No such file or directory
  vauth.c:40: parse error before mysql_update
  vauth.c:40: warning: type defaults to `int' in declaration of
 `mysql_update'
  vauth.c:40: warning: data definition has no type or storage class
  vauth.c:41: parse error before mysql_read_getall
  vauth.c:41: warning: type defaults to `int' in declaration of
  vauth.c:693: subscripted value is neither array nor pointer
  vauth.c:693: subscripted value is neither array nor pointer
  vauth.c: In function `vauth_setpw':
  vauth.c:781: warning: format argument is not a pointer (arg 3)
  vauth.c: In function `vopen_smtp_relay':
  vauth.c:820: warning: format argument is not a pointer (arg 3)
  vauth.c:823: warning: implicit declaration of function
 `mysql_affected_rows'
  vauth.c: In function `vupdate_rules':
  vauth.c:838: warning: format argument is not a pointer (arg 3)
  vauth.c:842: warning: assignment makes pointer from integer without a cast
  vauth.c:847: subscripted value is neither array nor pointer
  vauth.c: In function `vcreate_relay_table':
  vauth.c:876: warning: format argument is not a pointer (arg 3)
  vauth.c: In function `vclose':
  vauth.c:891: warning: implicit declaration of function `mysql_close'
  vauth.c: In function `vread_dir_control':
  vauth.c:1038: warning: assignment makes pointer from integer without a
 cast vauth.c:1043: warning: comparison between pointer and integer
 ***some simular ***
  vauth.c:1391: subscripted value is neither array nor pointer
  vauth.c:1392: subscripted value is neither array nor pointer
  make[2]: *** [vauth.o] Error 1
  make[2]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
  make[1]: *** [all-recursive] Error 1
  make[1]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
  make: *** [all] Error 2

  ==
  Ron Dyck
  Webbtech
  www.webbtech.net
  ==

- -- 
Franck

http://www.linuxpourtous.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/uRKc1zwfep5k9qERAiusAJ9rnL+0TLFA4OMkGpXT9/mevcYV7ACghAOh
IngWclqzqzoY93u0Xv7bWS4=
=235M
-END PGP SIGNATURE-




Re: [vchkpw] adding domains using mysql

2003-11-17 Thread Nick Harring
Ron Dyck wrote:

I'm attempting to add domains with vpopmail configured with mysql. I get the
following error:
/home/vpopmail/bin/vadddomain: error while loading shared libraries:
libmysqlclient.so.14: cannot open shared object file: No such file or
directory
==
Ron Dyck
Webbtech
www.webbtech.net
==
 

Have you verified that ld knows how to find the mysql shared libraries? 
Verify the shared library path is in /etc/ld.so.conf and then rerun 
ldconfig. You can check binaries with ldd /path/to/binary and see what 
fails to load.
Hope that Helps,
Nick Harring
Webley Systems



Re: [vchkpw] Compiling error with mysql

2003-11-17 Thread Ron Dyck
I've compile mysql rather than install packages. I'd been using 4.1.0 and
now I'm installing 4.0.16, the latest stable version to see whether vpopmail
is not compatible with the the alpha.

ron


  have you mysql-devel packages ?
 
  No. Where would I find them?
 What's your distribution and version ?

  ron
 
Here's my configure:
  
./configure \
--enable-roaming-users=y \
--enable-logging=p \
--enable-defaultquota=20971520S \
--enable-ip-alias-domains=n \
--enable-passwd=n \
--enable-clear-passwd=y \
--enable-domain-quotas=n \
--enable-mysql=y \
--enable-many-domains=n \
--enable-auth-logging=y \
--enable-mysql-logging=y \
--enable-valias=y \
--enable-incdir=/usr/local/mysql/include \
--enable-libdir=/usr/local/mysql/lib
  
And here are the errors on make:
  
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
   `test -f
'vpopmail.c' || echo './'`vpopmail.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
   `test -f
'md5.c' || echo './'`md5.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
   `test -f
'bigdir.c' || echo './'`bigdir.c
gcc -I. -I/usr/local/mysql/include  -I. -I. -I. -g -O2 -Wall -c
   `test -f
'vauth.c' || echo './'`vauth.c
vauth.c:33:19: mysql.h: No such file or directory
vauth.c:40: parse error before mysql_update
vauth.c:40: warning: type defaults to `int' in declaration of
   `mysql_update'
vauth.c:40: warning: data definition has no type or storage class
vauth.c:41: parse error before mysql_read_getall
vauth.c:41: warning: type defaults to `int' in declaration of
vauth.c:693: subscripted value is neither array nor pointer
vauth.c:693: subscripted value is neither array nor pointer
vauth.c: In function `vauth_setpw':
vauth.c:781: warning: format argument is not a pointer (arg 3)
vauth.c: In function `vopen_smtp_relay':
vauth.c:820: warning: format argument is not a pointer (arg 3)
vauth.c:823: warning: implicit declaration of function
   `mysql_affected_rows'
vauth.c: In function `vupdate_rules':
vauth.c:838: warning: format argument is not a pointer (arg 3)
vauth.c:842: warning: assignment makes pointer from integer without a
 
  cast
 
vauth.c:847: subscripted value is neither array nor pointer
vauth.c: In function `vcreate_relay_table':
vauth.c:876: warning: format argument is not a pointer (arg 3)
vauth.c: In function `vclose':
vauth.c:891: warning: implicit declaration of function `mysql_close'
vauth.c: In function `vread_dir_control':
vauth.c:1038: warning: assignment makes pointer from integer without
a
   cast vauth.c:1043: warning: comparison between pointer and integer
   ***some simular ***
vauth.c:1391: subscripted value is neither array nor pointer
vauth.c:1392: subscripted value is neither array nor pointer
make[2]: *** [vauth.o] Error 1
make[2]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/qmail/vpopmail-5.3.29'
make: *** [all] Error 2
  
==
Ron Dyck
Webbtech
www.webbtech.net
==
 
  - --
  Franck
 
  http://www.linuxpourtous.com
  -BEGIN PGP SIGNATURE-
  Version: GnuPG v1.2.3 (GNU/Linux)
 
  iD8DBQE/uRKc1zwfep5k9qERAiusAJ9rnL+0TLFA4OMkGpXT9/mevcYV7ACghAOh
  IngWclqzqzoY93u0Xv7bWS4=
  =235M
  -END PGP SIGNATURE-

 -- 
 Franck

 http://www.linuxpourtous.com








Re: [vchkpw] Can not add users with qmailadmin with vpopmail 5.3.29

2003-11-17 Thread Tom Collins
On Tuesday, November 18, 2003, at 04:02  AM, [EMAIL PROTECTED] wrote:
When I recently upgraded to vpopmail 5.3.29 from vpopmail 5.3.27 I
realized that I can no longer add users under qmailadmin.
I can use any version of qmailadmin, it just depends on the version of
vpopmail that I am using.  When I add a user with 5.3.29 it just comes
back and says a user can not be added.
If you read the release notes for 5.3.29 on SourceForge, you'd see that 
you shouldn't be using it.

Use 5.3.28 until we release 5.3.30 later this week -- my vacation in 
Australia ends today. :-(

--
Tom Collins  -  [EMAIL PROTECTED]
Note: The Tom Logic offices will be closed through November 18.
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/



Re: [vchkpw] read my mail with mozilla]]

2003-11-17 Thread Justin Heesemann
On Monday 17 November 2003 11:33, you wrote:

 tcpserver: end 2394 status 256
 tcpserver: status: 0/40
  394  -ERR usage: popup hostname subprogram
 2394  [EOF]
 
 looks like some problem with your rc script.
 could you paste the line where qmail-pop3d,qmail-popup and vpopmail
  are started (actually only qmail-popup is started.. but the others
  should appear in the same line)

 of course
 hre is my rc.startmail who starts all the script
 #!/bin/bash
 export 
 PATH=/usr/local/bin:/var/qmail/bin:/var/vpopmail/bin:/usr/local/bin/
 ezmlm:$PATH 
 echo Starting Qmail and Vpopmail daemons ...
 export QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
 /var/qmail/rc 

what exactly is in /var/qmail/rc ?

your qmail start script was somewhat hard to read, because of the 
automatic wrapping of your mail client.. could you attach it to the 
mail? 

oh.. and I am subscribed to the list, please answer to the list only.

-- 
Mit internetten Grüßen / Best Regards
---
Justin Heesemannionium Technologies
[EMAIL PROTECTED]www.ionium.org




[vchkpw] Fwd: PCL-0002: Session Hijacking in Sqwebmail

2003-11-17 Thread Anthony Baratta
For those that use SqWebMail...this came across BugTraq.

Date: Tue, 18 Nov 2003 02:18:04 +0100 (CET)
From: Vincenzo Ciaglia [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: PCL-0002: Session Hijacking in Sqwebmail
---
PUCCIOLAB.ORG - ADVISORIES
http://www.pucciolab.org
---
PCL-0002: Session Hijacking in Sqwebmail

---
PuCCiOLAB.ORG Security Advisories[EMAIL PROTECTED]
http://www.pucciolab.org Vincenzo Ciaglia
November 18th, 2003
---
Package: Sqwebmail
Vendor : Inter7
Vulnerability  : access to private account without login, session
hijacking
Problem-Type   : remote
risk   : low
Version: All the version seems to be affected.
Official Site  : http://www.inter7.com/sqwebmail/sqwebmail.html
N Advisories  : 0002
***
About Sqwebmail
***
SqWebMail is a web CGI client for sending and receiving E-mail using
Maildir mailboxes. SqWebMail DOES NOT support
traditional Mailbox files, only Maildirs. This is the same webmail server
that's included in the Courier mail server,
but packaged independently. If you already have Courier installed, you do
not need to download this version.
***
Proof of concepts

An attacker could send an email to a victim who used SQWEBMAIL, to get the
victim to visit a website, which then logs all
available information about the victim's system.
Example:
---
MY STAT FOR MY WEBSITE - REFERENT DOMAIN
http://mailserver.society.com/cgi-bin/sqwebmail/login/mail%40server.org.authvchkpw/3247A0578D6F3E74F37A20FF37B52A1C/1069089171?folder=Trashform=folders
In this example, the victim has visualized our website reading the mail
that we have sent to him. Visiting the link is been
marked from our counter. Now we will be able to access to the victim's
mail page admin and will be able to read and to send, calmly,
its email without make login. The session comes sluice after approximately
20/30 minutes and the attacker has the time
to make its comfortable ones.
*
What could make a attacker?
*
Read, write and fake your e-mail. Could send , from you email address, a
mail to your ISP and ask it User e PASS of your
website. The consequences would be catastrophic.
*
What I can do ?
*
Actually seems that there isn't a patch for this problem.
*
Suggestion to SQWEBMAIL
*
It would have to reduce the time for the closing of the sessions.
Greet,
Vincenzo Ciaglia
[EMAIL PROTECTED]




Re: [vchkpw] Fwd: PCL-0002: Session Hijacking in Sqwebmail

2003-11-17 Thread X-Istence
Anthony Baratta wrote:

For those that use SqWebMail...this came across BugTraq.



*
What could make a attacker?
*
Read, write and fake your e-mail. Could send , from you email address, a
mail to your ISP and ask it User e PASS of your
website. The consequences would be catastrophic.
*
What I can do ?
*
Actually seems that there isn't a patch for this problem.
*
Suggestion to SQWEBMAIL
*
It would have to reduce the time for the closing of the sessions.


Well, either that, or use cookies, and drop it totally. Or use the 
session ID as used now, but check the IP for a returning visitor that 
does not have a cookie set.

Thus now they cannot do this anymore.

X-Istence




Re: [vchkpw] Fwd: PCL-0002: Session Hijacking in Sqwebmail

2003-11-17 Thread Paul Theodoropoulos
i realize the author isn't a native english speaker, but this is 
ridiculous, to wit:


Package   : Sqwebmail
Vendor : Inter7
Vulnerability  : access to private account without login, session
hijacking
Problem-Type   : remote
risk   : low
^

risk: low

Version: All the version seems to be affected.
Official Site  : http://www.inter7.com/sqwebmail/sqwebmail.html
N Advisories  : 0002
Example:
---
MY STAT FOR MY WEBSITE - REFERENT DOMAIN
http://mailserver.society.com/cgi-bin/sqwebmail/login/mail%40server.org.authvchkpw/3247A0578D6F3E74F37A20FF37B52A1C/1069089171?folder=Trashform=folders
page not found. how helpful!


Read, write and fake your e-mail. Could send , from you email address, a
mail to your ISP and ask it User e PASS of your
website. The consequences would be catastrophic.


consequences...catastrophic

make up your mind, dude. is low or catastrophic?

Paul Theodoropoulos
http://www.anastrophe.com



Re: [vchkpw] Fwd: PCL-0002: Session Hijacking in Sqwebmail

2003-11-17 Thread Rainer Duffner
On Mon, 17 Nov 2003 11:14:24 -0800
Anthony Baratta [EMAIL PROTECTED] wrote:

 For those that use SqWebMail...this came across BugTraq.
 
 Date: Tue, 18 Nov 2003 02:18:04 +0100 (CET)
 From: Vincenzo Ciaglia [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: PCL-0002: Session Hijacking in Sqwebmail
 
 ---
 PUCCIOLAB.ORG - ADVISORIES
 http://www.pucciolab.org
 ---
 
 PCL-0002: Session Hijacking in Sqwebmail

[snip]

 Example:
 ---
 MY STAT FOR MY WEBSITE - REFERENT DOMAIN
 http://mailserver.society.com/cgi-bin/sqwebmail/login/mail%40server.org.authvchkpw/3247A0578D6F3E74F37A20FF37B52A1C/1069089171?folder=Trashform=folders
 
 
 In this example, the victim has visualized our website reading the mail
 that we have sent to him. Visiting the link is been
 marked from our counter. Now we will be able to access to the victim's
 mail page admin and will be able to read and to send, calmly,
 its email without make login. The session comes sluice after approximately
 20/30 minutes and the attacker has the time
 to make its comfortable ones.

I haven't tried this, but I was under the impression that the Restrict access to your 
IP address only (increased security) - option specifically avoided the problem of 
session-hijacking.
Also, I thought that sqwebmail used to escape outbound hyperlinks via a special 
URL-forwarder (which often didn't work in some browsers)., with the only intent to 
cloak the referrer.

Is this all useless ?




Rainer