Re: [vchkpw] OT: Radius server
On Wed, 31 Mar 2004, Doug Clements wrote: Radiator (open.com.au) rules. You can do virtually anything, including custom SQL queries. I know, I used to use it. Best radius server ever. But it costs $$ that we don't have. A good start to getting something else working would be if someone could explain how the pw_gid values work and what the numbers represent; gnu-radius has some rewrite rules that may allow me to somewhat alter (in a sneaky and hackish way) my queries based on which NAS the request comes from. But so far I'm not finding any information on how to determine what particular numeric values in the pw_gid field mean... Thanks, Charles --Doug - Original Message - From: Charles Sprickman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, March 31, 2004 5:42 PM Subject: [vchkpw] OT: Radius server Hi all, This is somewhat OT, but I'm curious what people here are using for radius authentication against the vpopmail mysql db? There are a number that support SQL auth, but the whole pw_gid thing in vpopmail is giving me some pains. I wish to use the dialup y/n flags that end up in the pw_gid field, but I'm also looking to use the user defined flags to also denote if a given user should be able to auth via radius for news or roaming dialup. So far this doesn't look possible (or let's say easy). FreeRadius, gnu-radius, openradius all lack the ability to alter the sql query based on which client NAS connects. How are other people solving this problem? I'd love to keep the vpopmail db as the master reference for all radius-authenticated services. Also, does anyone have some info on what exactly the values in pw_gid are? It's numeric, and it varies is about all I can gather from poking around. Thanks, Charles
Re: [vchkpw] OT: Radius server
Charles Sprickman wrote: On Wed, 31 Mar 2004, Doug Clements wrote: Radiator (open.com.au) rules. You can do virtually anything, including custom SQL queries. I know, I used to use it. Best radius server ever. But it costs $$ that we don't have. A good start to getting something else working would be if someone could explain how the pw_gid values work and what the numbers represent; gnu-radius has some rewrite rules that may allow me to somewhat alter (in a sneaky and hackish way) my queries based on which NAS the request comes from. But so far I'm not finding any information on how to determine what particular numeric values in the pw_gid field mean... vpopmail.h lines 86-100
[vchkpw] maildrop problem with aliases stored in mysql
hi, sorry, if this problem is already solved. i searched the mailing list, but didn't find an answer. in fact i only found people having the same problem. i want to set up domain wide mail filtering, so i have the following .qmail-default: | maildrop mailfilter the file mailfilter contains: VPOP=| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox to $VPOP as you can see, there are no filter rules yet, this is for testing so far. when i send mail to the real email address ( postmaster @ domain.com ) everthing works fine. messages send to an alias ( alias_name @ domain.com ) simply disappear. the logfile has an entry: success: vdelivermail:_valiases_processed/did_0+0+1/ but there is no message in the mailbox (maildir). i am using vpopmail 5.4.3 with mysql enabled and maildrop 1.6.3 any ideas what went wrong? btw: aliases are working fine without maildrop with .qmail-default containing: | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox thanks lola
Re: [vchkpw] maildrop problem with aliases stored in mysql
hi, sorry, if this problem is already solved. i searched the mailing list, but didn't find an answer. in fact i only found people having the same problem. yes, sorry, I have posted this problem on several lists nobody seems to have an idea. my last guess is that its either a environment variable problem or a bug in vdelivermail (what I believe because its vdelivermail that fails to work properly, but I can't really proove it so far). in any case please let me know if you find the solution... cheers andrej -- Andreas Wiesmann, Schützenstr. 23, 3097 Liebefeld P 031 372 12 22, G 031 951 70 05, Fax 031 951 70 08
Re: [vchkpw] Re: SMTP-Auth question
Hi Peter,
At 17:24 31.03.04 +0200, you wrote:
Hello Erwin,
On Wednesday, March 31, 2004 at 10:09:29 AM you wrote (at least in
part):
In case a client is accepted via pop-4-smtpd, the $RELAYCLIENT environment
variable is set. It might be useful to define this variable explicitely,
ie. RELAYCLIENT=PB4S.
No. It will, for sure, not be useful.
I somehow disagree.
,- [ man qmail-smtpd ]
| [...]
| Exception: If the environment variable RELAYCLIENT is
| set, qmail-smtpd will ignore rcpthosts, and will
| append the value of RELAYCLIENT to each incoming
| recipient address.
| [...]
`-
Setting RELAYCLIENT to something different than an empty string is
only useful when one KNOWS what he/she does. The overwhelming majority
only wants RELAYCLIENT unlocks relay restrictions and therefore has to
set it empty.
Yes. But this is *EXACTLY* what we want.
The reason is twofold:
1. Relayclients which are identfied by - let's say - static IP addresses
(ie. NOT by POP-b4-SMTP) have RELAYCLIENT=.
2. Relayclients identfied by POP-b4-SMTP carrying RELAYCLIENT=P4S (sample).
Ok. qmail-smtpd will append this string to the Recipient address ([EMAIL PROTECTED]
= [EMAIL PROTECTED]). However, using ie. ksh capabilities you can do
${RECIPIENT%P4S} thus retaining the old RECIPIENT variable.
Check it and call qmail-smtpd without any arguments.
In case the variable is not set or empty, call qmail-smtpd with the proper
SMTP Auth args.
This whole wrapper-stuff should not be necessary. If tcpserver sets
RELAYCLIENT due to .cdb or SQL-lookup it'll be passed to qmail-smtpd.
qmail-smtpd than will allow relaying even w/o SMTP-Auth.
Correct.
I'm running a SMTP which offers SMTP-Auth and POP3-b4-SMTP and it
works w/o any wrappers at all. The SMTP-Auth patch simply sets
RELAYCLIENT for qmail-smtpd /WHEN/ someone authenticated successful,
if not the formerly set RELAYCLIENT (passed as ENV-var from tcpserver,
when set) is not reset when authentication fails.
@Joel:
How about this: Copy your current qmail-smtpd invocation, remove all
the 'qmail-smtpd foo bar bla' stuff and replace it with a simply
'/usr/bin/env'. Make the tcpserver listen on port 26. Prepend an
environment clearing 'env' call. Start the stuff on command line. It
can be something similar to this:
env -i PATH=/var/qmail/bin:/usr/local/bin tcpserver -vRX \
0 26 /usr/bin/env
(plus adding the stuff necessary for tcpserver reading the database
for potentially set environment vars like RELAYCLIENT)
Than connect to this server from a client-IP that should be set to
relaying allowed (e.g. by formerly executed POP3 authentication):
telnet $SERVER 26
You should see a line with PATH=... and some TCPREMOTExxx and
TCPLOCALxxx lines. Additionally you should see a line 'RELAYCLIENT='.
If this is there and your qmail-smtpd invocation looks up the same
database for possible RELAYCLIENT settings try this:
telnet $SERVER 35
EHLO _
MAIL FROM:
RCPT TO:[EMAIL PROTECTED]
QUIT
If this fails: please post the error you get, your qmail-smtpd startup
script and the result of above 'env'-test.
But thats not the question:
Even if RELAYCLIENT is set, (the Auth patched) qmail-smtpd *WILL* ask for
Authentication.
If I understood correctly, thats *EXACTLY* what should be avoided.
regards.
--eh.
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24
Re: [vchkpw] maildrop problem with aliases stored in mysql
hmmm. so if this really doesn't work with aliases stored in mysql... how do you guys filter spam mail??? i don't have to use maildrop. any other method would be fine. could you tell me your experiences? in the end i'm looking for a way to filter spam with per domain preferences. thanks lola Von: Andreas Wiesmann [EMAIL PROTECTED] Antworten an: [EMAIL PROTECTED] Datum: Thu, 1 Apr 2004 13:24:32 +0200 An: [EMAIL PROTECTED] Betreff: Re: [vchkpw] maildrop problem with aliases stored in mysql yes, sorry, I have posted this problem on several lists nobody seems to have an idea. my last guess is that its either a environment variable problem or a bug in vdelivermail (what I believe because its vdelivermail that fails to work properly, but I can't really proove it so far). in any case please let me know if you find the solution... cheers andrej
Re: [vchkpw] OT: Radius server
On Wednesday 31 March 2004 07:42 pm, Charles Sprickman wrote: Hi all, Also, does anyone have some info on what exactly the values in pw_gid are? It's numeric, and it varies is about all I can gather from poking around. I'll try to give a detailed listing. #define NO_PASSWD_CHNG 0x01 If set, the code should not allow the password to be changed #define NO_POP 0x02 If set, reject pop authentications #define NO_WEBMAIL 0x04 If set, reject webmail authentications #define NO_IMAP0x08 If set, reject imap authentications #define BOUNCE_MAIL0x10 If set, bounce any incoming mail back to the sender #define NO_RELAY 0x20 If set, do not allow the account to relay email. This is useful for sites that want to have email accounts that are only allowed to send email internally. #define NO_DIALUP 0x40 If set, code should not allow dialup access. This was originally added to support radius sites. #define V_USER0 0x080 #define V_USER1 0x100 #define V_USER2 0x200 #define V_USER3 0x400 After adding the NO_DIALUP flag we relalized there may be other flags people will want that are not directly used by any email code. #define NO_SMTP 0x800 If set, do not allow smtp connections. #define QA_ADMIN 0x1000 If set, the user is granted admin privilages in qmailadmin #define V_OVERRIDE 0x2000 If set, the user is not subject to domain limits. Part of the vlimit code. #define NO_SPAMASSASSIN 0x4000 If set, (and --enable-spamassassin=y) do not process the incoming mail through spamassassin. #define DELETE_SPAM 0x8000 with --enable-spamasssassin=y setting this flag will delete all email above the users required_hits preference. Ken Jones
Re: [vchkpw] Blackholing a sender
On Tue, 2004-03-30 at 09:07, Devendra Singh wrote: I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. In that case even I do not want to bounce the mail just trash (/dev/null) it. Since you haven't gotten an answer yet that does what you want, I'll throw this thought out. It's probably more trouble to you than it's worth just for this, but here goes... My setup uses Maildrop. Under this scenario, I got rid of most of my .qmail files, and thus all mail is handled by .qmail-default, which calls Maildrop. In my Maildrop script, I can silently blackhole a specific sender without any bounce whatsoever. Given that I use one master mailfilter for the entire server (with includes to customize it per-domain and per-user), I can therefore blackhole any sender from the entire server by doing so in the system-wide filter script. - Ron
Re: [vchkpw] Re: Blackholing a sender
On Thu, Apr 01, 2004 at 12:22:45PM +0530, Devendra Singh wrote:
Why not alias it to /dev/null?
That's my wish too. But, I think we are able to alias a TO: but not
FROM:.
Right; I had managed to twist the roles in what's left of my mind; sorry. :-{
I do know how I could do it with sendmail milter-regex, but I doubt
that would help you.
Sorry,
david
--
David H. Wolfskill [EMAIL PROTECTED]
[vchkpw] VqAdmin Help Please
Hi - I am getting the following error when trying to access VQAdmin vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists. vqadmin 2.3.2 vpopmail 5.2.2 -- I have setup .htaccess and put the directory in apache. Basically, everything was followed from the INSTALL. Any thoughts? thanks, Marty
Re: [vchkpw] VqAdmin Help Please
I am getting the following error when trying to access VQAdmin vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists. vqadmin 2.3.2 vpopmail 5.2.2 -- I have setup .htaccess and put the directory in apache. Basically, everything was followed from the INSTALL. Any thoughts? Does Apache ask you about your username and password or is he ignoring your .htaccess? Greets Bernd
[vchkpw] Re: SMTP-Auth question
Hello Erwin,
On Thursday, April 1, 2004 at 3:23:49 PM you wrote (at least in part):
[RELAYCLIENT set to something different than ]
2. Relayclients identfied by POP-b4-SMTP carrying RELAYCLIENT=P4S (sample).
Ok. qmail-smtpd will append this string to the Recipient address ([EMAIL PROTECTED]
= [EMAIL PROTECTED]). However, using ie. ksh capabilities you can do
${RECIPIENT%P4S} thus retaining the old RECIPIENT variable.
Why would you want to fork more processes and waste more ressources
than necessary when a SMTP-connection is about to be accepted?
Even if RELAYCLIENT is set, (the Auth patched) qmail-smtpd *WILL* ask for
Authentication.
No. It'll /OFFER/ SMTP-ATUH, for those that want to set up their mail
client to always use SMTP-AUTH instead of relying on a formerly done
POP3.
You absolutely don't have to make ANY use of this offer. If your IP is
set to RELAYCLIENT= by a former POP3 (or whatever) connection, or
even is set statically to be allowed to relay, the MUA can simply go
on in SMTP dialog:
EHLO _
MAIL FROM:
RCPT TO:[EMAIL PROTECTED]
DATA
qwertzuiop
.
QUIT
The MUA can and should ignore the initial (after EHLO) greeting
telling about smtpd's capabilities, if not explicitly set to do
SMTP-auth.
If I understood correctly, thats *EXACTLY* what should be avoided.
I read this:
,- [ mid:[EMAIL PROTECTED] ]
| Is there any way to set up SMTP-Auth, while still allowing pop-b4-smtp?
| So far when I've rebuilt the system with SMTP-Auth patching, it will
| ONLY accept SMTP-Auth to allow relaying... :(
`-
as follows:
- I want both method, SMTP-Auth and POP3-b4-SMTP, for allowing a client
to relay.
- I don't want the system to /require/ SMTP-Auth when POP3-b4-SMTP
already set RELAYCLIENT=
But maybe I got it wrong ... Joel?
--
Best regards
Peter Palmreuther
Can you imagine a world without men?? No crime and lots of happy, fat
women.
[vchkpw] Re: Blackholing a sender
Hello Devendra, On Thursday, April 1, 2004 at 8:29:02 AM you wrote (at least in part): [blackholing a sender] I wished not to give the sender any clue as why his mail is disappearing -- blackholed. Write your own qmail-queue replacement that filters for sender and drops mails from the notorious. All other mail is than passed to qmail-queue as usual. This way you don't have to fiddle with qmail sources, you only have to have a QMAILQUEUE-patched qmail. If this sender is worth the work ... additionally other might benefit from your work, maybe there are other people that like to really blackhole some senders instead of simply rejecting their messages. -- Best regards Peter Palmreuther In the middle of a fight, a hockey game broke out.
Re: [vchkpw] VqAdmin Help Please
Bernd wrote: I am getting the following error when trying to access VQAdmin vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists. vqadmin 2.3.2 vpopmail 5.2.2 -- I have setup .htaccess and put the directory in apache. Basically, everything was followed from the INSTALL. Any thoughts? Does Apache ask you about your username and password or is he ignoring your .htaccess? Greets Bernd . sorry about that... Apache is not prompting for UID PW...just goes right to the error. I am running qmailadmin and sqwebmail on the same box...they are working great. thanks, Marty
[vchkpw] Vpopmail 5.4.4
I'm rebuilding my pop toaster and I would like to include the new vpopmail with spamassassin native support. But the current stable version doesn't include it. Only the source code from CVS has what I want. I would like to know if the next version (5.4.4) will take a long time to arrive. I don't want to build my server with a cvs version for obvious reasons ;) [[]]'s Eduardo M. Bragatto.
[vchkpw] tmda-ofmpid and vpopmail
x-tad-biggerHi,
I posted this question to the TMDA list, but didn't get any response. So given that many vpopmail users are also TMDA users, I'm also posting this message here:
I've been trying to get tmda-ofmipd working, and I've been using the tmda-ofmipd + VPopMail or VMailMgr howto.
My etc/init.d/ofmipd file contains the following:
#!/bin/bash
su -l vpopmail -c '/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd -d -S /home/vpopmail/tmda-1.0.2/contrib/vpopmail-vdir.sh'
I added the -d option so that I could get some debug output.
Here is the output I got when I set my MUA (OSX Mail) SMTP info to:
port 8025
username [EMAIL PROTECTED]
password mypassword
[EMAIL PROTECTED] init.d]# Incoming connection from ('192.168.1.1', 50409)
Incoming connection to ('192.168.1.101', 8025)
Peer: ('192.168.1.1', 50409)
Data: 'EHLO [192.168.1.100]'
Data: 'AUTH PLAIN AHJvYkB5YWxlbXVzaWMuY2EAdm9nPWplYWc='
error: uncaptured python exception, closing channel __main__.SMTPChannel connected 192.168.1.1:50409 at 0x81cef24> (exceptions.IndexError:list index out of range [/usr/lib/python2.2/asyncore.py|poll|99] [/usr/lib/python2.2/asyncore.py|handle_read_event|396] [/usr/lib/python2.2/asynchat.py|handle_read|130] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|found_terminator|818] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|smtp_AUTH|984] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|auth_challenge|783] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|auth_verify|755] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|verify_plain|690] [/home/vpopmail/tmda-1.0.2/bin/tmda-ofmipd|authfile2dict|552])
Thanks in advance,
Rob Yale/x-tad-bigger
Re: [vchkpw] VqAdmin Help Please
Bernd wrote: I am getting the following error when trying to access VQAdmin vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists. vqadmin 2.3.2 vpopmail 5.2.2 -- I have setup .htaccess and put the directory in apache. Basically, everything was followed from the INSTALL. Any thoughts? Does Apache ask you about your username and password or is he ignoring your .htaccess? Greets Bernd . sorry about that... Apache is not prompting for UID PW...just goes right to the error. I am running qmailadmin and sqwebmail on the same box...they are working great. thanks, Marty Maybe you should check the AllowOverride options in httpd.conf Greets Bernd
Re: [vchkpw] Vpopmail 5.4.4
On Apr 1, 2004, at 12:31 PM, Eduardo M. Bragatto wrote: I'm rebuilding my pop toaster and I would like to include the new vpopmail with spamassassin native support. But the current stable version doesn't include it. Only the source code from CVS has what I want. I would like to know if the next version (5.4.4) will take a long time to arrive. I don't want to build my server with a cvs version for obvious reasons ;) Actually, you'll want 5.5.1 when it is released, as that is the version that includes Ken's work. It will probably stay in the 5.5 series for awhile until it has been thoroughly tested. I plan to continue maintaining vpopmail 5.4, and will backport bug fixes from the 5.5 series as necessary. As of now, the only chnage in 5.4.4 (over 5.4.3) is the addition of a math library when compiling with MySQL support. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] Vpopmail 5.4.4
On Thursday 01 April 2004 1:31 pm, Eduardo M. Bragatto wrote: I'm rebuilding my pop toaster and I would like to include the new vpopmail with spamassassin native support. But the current stable version doesn't include it. Only the source code from CVS has what I want. I would like to know if the next version (5.4.4) will take a long time to arrive. I don't want to build my server with a cvs version for obvious reasons ;) [[]]'s Eduardo M. Bragatto. Good question. I'll start heavy testing of the cvs version to see if it is ready for a 5.4.4 release. Ken Jones inter7.com
Re: [vchkpw] OT: Radius server
Would someone please make sure this information finds a home somewhere in the vpopmail distribution! Thanks, Rick Ken Jones wrote: On Wednesday 31 March 2004 07:42 pm, Charles Sprickman wrote: Hi all, Also, does anyone have some info on what exactly the values in pw_gid are? It's numeric, and it varies is about all I can gather from poking around. I'll try to give a detailed listing. #define NO_PASSWD_CHNG 0x01 If set, the code should not allow the password to be changed #define NO_POP 0x02 If set, reject pop authentications #define NO_WEBMAIL 0x04 If set, reject webmail authentications #define NO_IMAP0x08 If set, reject imap authentications #define BOUNCE_MAIL0x10 If set, bounce any incoming mail back to the sender #define NO_RELAY 0x20 If set, do not allow the account to relay email. This is useful for sites that want to have email accounts that are only allowed to send email internally. #define NO_DIALUP 0x40 If set, code should not allow dialup access. This was originally added to support radius sites. #define V_USER0 0x080 #define V_USER1 0x100 #define V_USER2 0x200 #define V_USER3 0x400 After adding the NO_DIALUP flag we relalized there may be other flags people will want that are not directly used by any email code. #define NO_SMTP 0x800 If set, do not allow smtp connections. #define QA_ADMIN 0x1000 If set, the user is granted admin privilages in qmailadmin #define V_OVERRIDE 0x2000 If set, the user is not subject to domain limits. Part of the vlimit code. #define NO_SPAMASSASSIN 0x4000 If set, (and --enable-spamassassin=y) do not process the incoming mail through spamassassin. #define DELETE_SPAM 0x8000 with --enable-spamasssassin=y setting this flag will delete all email above the users required_hits preference. Ken Jones
[vchkpw] New PHP extension
A new update to the vpopmail extension for PHP has been uploaded to http://kimberly.developersdesk.com/ I believe it now supports everything that QmailAdmin uses.
[vchkpw] php extension or daemon
Hello, I posted here a couple of days ago a note about the php vpopmail extension and I got in touch with Rick Widmer who has done some progress on it. As I wrote then - we want to write high level php/Smarty GUI for vpopmail management module. The main stumbling block seems the need to run Apache as vpopmail user. I have not investigated deep enough, but this seems to be one of the main reasons why the extension is somehow dead. In our company we had a discussion on the issue and the prevailing opinion is that we should not waste time with the extension, but write a daemon. This weekend we will experiment with that. Today, searching more in depth on the issue - I found some postings on this list by people who are in favour of daemon. If anybody is interested in the issue - I would be glad to discuss it. We started a small 'unofficial' wiki to try to coordinate the effort - www.verysmall.org/vpopmail - there we have published details about the php/Smarty vpopmail manager we plan to write. Looking forwards for some feedback. Best, Iavor
Re: [vchkpw] php extension or daemon
On Fri, 2 Apr 2004, Iavor Raytchev wrote: In our company we had a discussion on the issue and the prevailing opinion is that we should not waste time with the extension, but write a daemon. This weekend we will experiment with that. Today, searching more in depth on the issue - I found some postings on this list by people who are in favour of daemon. Not too long ago someone posted either here or on the qmailadmin list about this. They'd announced that they had a daemon ready for testing. I replied privately and publically and never heard back, but maybe you'll have better luck. Currently I've got some php stuff working, and I run a seperate webserver as vpopmail. It works well, and so far this is just an interface for staff, so it's firewalled and password-protected. Thanks, Charles If anybody is interested in the issue - I would be glad to discuss it. We started a small 'unofficial' wiki to try to coordinate the effort - www.verysmall.org/vpopmail - there we have published details about the php/Smarty vpopmail manager we plan to write. Looking forwards for some feedback. Best, Iavor
[vchkpw] pw_gid flags was: OT: Radius server
Ken (and anyone else who knows), Can you explain a bit how these flags work? When I look in the db at the pw_gid fields, they are all decimal values (ie: 64, 128, etc.). I hope this isn't some kind of bitmasking thing, because that just makes my head spin. I'll try to give a detailed listing. #define NO_DIALUP 0x40 If set, code should not allow dialup access. This was originally added to support radius sites. For example, this seems to register as 64. I am looking to use this, as well as two of the V_USER flags in combination with radius, but I'm lost as to how to pick the one value. If it's 0, obviously that person can have any service, but it gets confusing if I have NO_DIALUP unset, but V_USER0 and V_USER1 set (which in my case would mean local dialup only, no roaming dial and no news access). I feel I'm missing something fundamental here... Thanks, Charles #define V_USER0 0x080 #define V_USER1 0x100 #define V_USER2 0x200 #define V_USER3 0x400 After adding the NO_DIALUP flag we relalized there may be other flags people will want that are not directly used by any email code. #define NO_SMTP 0x800 If set, do not allow smtp connections. #define QA_ADMIN 0x1000 If set, the user is granted admin privilages in qmailadmin #define V_OVERRIDE 0x2000 If set, the user is not subject to domain limits. Part of the vlimit code. #define NO_SPAMASSASSIN 0x4000 If set, (and --enable-spamassassin=y) do not process the incoming mail through spamassassin. #define DELETE_SPAM 0x8000 with --enable-spamasssassin=y setting this flag will delete all email above the users required_hits preference. Ken Jones
Re: [vchkpw] pw_gid flags was: OT: Radius server
Charles Sprickman wrote: Ken (and anyone else who knows), Can you explain a bit how these flags work? When I look in the db at the pw_gid fields, they are all decimal values (ie: 64, 128, etc.). I hope this isn't some kind of bitmasking thing, because that just makes my head spin. That is exactly what it is...
Re: [vchkpw] php extension or daemon
Hi, On Fri, 2004-04-02 at 03:46, Iavor Raytchev wrote: The main stumbling block seems the need to run Apache as vpopmail user. I have not investigated deep enough, but this seems to be one of the main reasons why the extension is somehow dead. Just from the top of my head, wouldn't Apache 2 solve this? Doesn't it allow for different UID/GID for different virtual hosts? Disclaimer: I could very well be completely wrong about this, but check it out! Hmm, and as of this writing, i decided to look at it myself: Special note: Use of this directive in VirtualHost is no longer supported. To configure your server for suexec use SuexecUserGroup., see: http://httpd.apache.org/docs-2.0/mod/mpm_common.html#user Hmm... /Anders
Re: [vchkpw] pw_gid flags was: OT: Radius server
On Thu, 1 Apr 2004, Rick Widmer wrote: Charles Sprickman wrote: I hope this isn't some kind of bitmasking thing, because that just makes my head spin. That is exactly what it is... So how does one deal with that? How does this work? Thanks, Charles
Re: [vchkpw] php extension or daemon
Just from the top of my head, wouldn't Apache 2 solve this? Doesn't it allow for different UID/GID for different virtual hosts? Indeed, this was the holy grail of Apache 2.0 for shared web hosts. Alas 2.0 came, and as of yet has not delivered. Here's the relevant info: http://httpd.apache.org/docs-2.0/mod/perchild.html The Summary: This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it. If they ever get this going, it will be a very happy day for many folks. And I think you're right, this would help a TON with the whole php-vpopmail extension issues. Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] Blackholing a sender
At 01/04/04 22:43 (), Ron Guerin wrote: On Tue, 2004-03-30 at 09:07, Devendra Singh wrote: I have a peculiar requirement of just trashing a particular Mail From: to any of the virtual domains hosted on a Server. In that case even I do not want to bounce the mail just trash (/dev/null) it. Since you haven't gotten an answer yet that does what you want, I'll throw this thought out. It's probably more trouble to you than it's worth just for this, but here goes... My setup uses Maildrop. Under this scenario, I got rid of most of my .qmail files, and thus all mail is handled by .qmail-default, which calls Maildrop. In my Maildrop script, I can silently blackhole a specific sender without any bounce whatsoever. Given that I use one master mailfilter for the entire server (with includes to customize it per-domain and per-user), I can therefore blackhole any sender from the entire server by doing so in the system-wide filter script. - Ron I had a doubt that someone would definitely suggest MailDrop Script. Yes, I know that it can be achieved using maildrop. But, you know that maildrop mailfilter can be enabled / disabled for some users using qmailadmin interface. That means, for some pop accounts the maildrop mailfilter would not be used. Also, for pure forwards the mailfilter would not get executed. That means, you have to achieve it doing the setting of maildrop into the .qmail files manually for each account. Tedious to maintain !! Devendra Singh
Re: [vchkpw] Re: Blackholing a sender
At 02/04/04 00:25 (), Peter Palmreuther wrote: Hello Devendra, On Thursday, April 1, 2004 at 8:29:02 AM you wrote (at least in part): [blackholing a sender] I wished not to give the sender any clue as why his mail is disappearing -- blackholed. Write your own qmail-queue replacement that filters for sender and drops mails from the notorious. All other mail is than passed to qmail-queue as usual. This way you don't have to fiddle with qmail sources, you only have to have a QMAILQUEUE-patched qmail. If this sender is worth the work ... additionally other might benefit from your work, maybe there are other people that like to really blackhole some senders instead of simply rejecting their messages. -- Thanks Peter, This gives me a clue that perhaps we should be able to do it using qmail-scanner-queue.pl code. Let me try it out. If anyone else too can give some pointer on this angle do let us know. Devendra Singh
RE: [vchkpw] php extension or daemon
Iavor Raytchev a ecrit In our company we had a discussion on the issue and the prevailing opinion is that we should not waste time with the extension, but write a daemon. Sounds good :) How do you plan to developp the daemon ? Which language ? Which protocol ? -- Patrick
[vchkpw] RE: erase mail from queue
Many thanks for all your answers. I think I will follow the Cazabon's way and let the mail die naturally. -- Patrick
