[vchkpw] Restrict amount of vchkpw authentications

2002-08-31 Thread Jeremy Kister 

Hi

I've got vpopmail 5.2.1 on top of qmail 1.03 on a Solaris 2.7 SPARC machine.

Everything is going well.  I've noticed, though, that several of my users
are abusing my pop3 service, that is, that they are popping their email
every minute, 24 hours a day.

this has not become a problem for my mail server performance as of yet, but
i'm being pro active.  It is clearly stated in my aup that checking your
mail more than once every 5 minutes is unacceptable, and that once (or less
than) every 10 minutes is preferred.

I'm wondering if anybody has implemented a method of making vchkpw only
allow one authentication per user per 5 minutes..

I'm looking for something that will not silently deny their connection, but
something that will actually make their mail client do something like pop up
a message, or pop up a username and password window..  just so that the
client knows that he's doing something wrong.


-------
Jeremy Kister
www.jeremykister.com
PGP: http://www.jeremykister.com/jeremy/public_key.asc
---

Re: [vchkpw] Rename Postmaster account

2002-09-02 Thread Jeremy Kister 

*** On Sunday, September 01, 2002 11:47 PM, Clint Finnigan wrote:

> and the optional
> $ ./vdeluser [EMAIL PROTECTED]


*** ...and kept on writing:

> Having postmaster available on one domain is a good thing though, since
> many people wish to contact a person on a domain through postmaster@.

actually, this shouldnt be optional.  Both RFC 822 and RFC 1123 _require_ a
mailbox called postmaster, so that the user "can be guaranteed at least one
valid address"

I suppose vdeluser should allow this to be performed, though, because the
system's mail administrator may choose to forward this account to another
valid email box..


-------
Jeremy Kister
www.jeremykister.com
PGP: http://www.jeremykister.com/jeremy/public_key.asc
---

Re: [vchkpw] Working towards vpopmail 5.4 stable

2003-06-04 Thread Jeremy Kister 
> Does anyone have any code changes they would like to get into the
> next release? I want to put together a new stable version 5.4.
> Hopefully release it in the next few weeks.

I dont have any code, but before you release a stable version, perhaps
[at least] one issue should be fixed...


I have seen a few threads (one titled  "pipes in .qmail-files vpopmail
5.3.19" archived at
http://bluedot.net/mail/archive/read.php?f=2&i=10863&t=10863 for example)
where the seekable patch seems not to work on Solaris 2.8 vdelivermail
core dumps
if you try to pipe anything into it.  Marcus Williams seemed to be helping
out, but the
thread ended abruptly after a request was made to go off-list :-/

I have ran into the same problem on Solaris 2.8.  It is also replicable on
Solaris 2.9.

This issue doesnt seem to be resolved as of the latest code; I am assuming
this may be because none of the vpopmail team have solaris 2.8/2.9?  If this
is the case, I can gladly set up a shell on a box with solaris 2.8/2.9 for
testing.



-------
Jeremy Kister
www.jeremykister.com
PGP: http://www.jeremykister.com/jeremy/public_key.asc
---

>-Original Message-
> From: Ken Jones [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 03, 2003 12:52 PM
> To: [EMAIL PROTECTED]
> Subject: [vchkpw] Working towards vpopmail 5.4 stable
>
>
> Hi Folks,
>
[..]

Re: [vchkpw] Re: chkuser - rejects legit mail, when followed by bad e-mail

2010-10-11 Thread Jeremy Kister 

On 10/11/2010 4:46 PM, U. George wrote:

It was not clear to me if chkuser should allow a legit e-mail addr,
followed by some bad e-mail addr to be passed along smtpd.
Following is a recordio session of one smtp session where there are 3
rcpt to. 2 are bogus, 1 is real. Message is spam.


I'm not sure that it's chkuser that is getting in the way; I tested the 
old version (chkusr 1.0) and it works correctly.


The error you pasted:
> 451 See http://pobox.com/~djb/docs/smtplf.html

implies that it's not the fault of chkuser at all; that the message is 
simply badly formatted and would have been rejected to a single good 
recipient as well.


To accept these types of badly formatted messages, use fixcrio (which 
you'll have to check if your TLS patch patched).




--

Jeremy Kister
http://jeremy.kister.net./

!DSPAM:4cb37db632711767595573!

[vchkpw] [SPAM] odd problem after OS upgrade

2013-06-21 Thread Jeremy Kister 
I have qmail 1.03 with several patches including qmail-smtpd-auth-0.4.3 
and vpopmail 5.4.33.


After upgrading Debian 6 -> 7, I broke SMTP-AUTH *only* when using 
stunnel for SSL.



When trying to auth over stunnel4, i see:
454 oops, problem with child and I can't auth (#4.3.0)

syslog shows:
Jun 21 23:19:29 s4 vpopmail[3080]: vchkpw-smtps: (PLAIN) login success 
u...@example.com:10.36.87.4


using smtp-auth on port 25 or 587 works fine.

/service/qmail-smtpd-ssl/run:
  http://jeremy.kister.net/tmp/auth/qmail-smtpd-ssl-run
/usr/local/etc/stunnel/smtps.conf:
  http://jeremy.kister.net/tmp/auth/smtps.conf

i modified smtps.conf to use strace like:
exec = /usr/bin/strace
execargs = /usr/bin/strace -ff -o /tmp/vchkpw.dump 
/var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true


the dumps are at:
  http://jeremy.kister.net/tmp/auth/strace/

i tried increasing & just removing softlimit.
i tried recompiling/reinstalling vpopmail

I dont think the problem is with stunnel since the SSL layer is working 
fine.


I'm out of ideas.  More eyes please ?

--

Jeremy Kister
http://jeremy.kister.net./


!DSPAM:51c51fac34131129417734!

Re: [vchkpw] odd problem after OS upgrade (hey, Tom, Ken, jkitchen: around?)

2013-06-22 Thread Jeremy Kister 

On 6/22/2013 10:26 AM, Eric Shubert wrote:

Have you found where in the code the "oops" messages is being issued?


yes.  it complains only here:

  if (wait_pid(&wstat,child) == -1) return err_child();
  if (wait_crashed(wstat)) return err_child();

the wait_pid is when everything goes fubar.

i'm not even sure it's a vpopmail problem, i suppose i may need a cross 
post on the qmail list.


--

Jeremy Kister
http://jeremy.kister.net./




!DSPAM:51c6407234139947713131!

Re: [vchkpw] odd problem after OS upgrade (hey, Tom, Ken, jkitchen: around?)

2013-06-22 Thread Jeremy Kister 

On 6/22/2013 8:26 PM, Jeremy Kister wrote:

i'm not even sure it's a vpopmail problem, i suppose i may need a cross
post on the qmail list.


hrm.  i replaced vchkpw with checkpasswd.  still broken.

--

Jeremy Kister
http://jeremy.kister.net./



!DSPAM:51c64afa34132172261138!

Re: [vchkpw] odd problem after OS upgrade (hey, Tom, Ken, jkitchen: around?)

2013-06-22 Thread Jeremy Kister 

On 6/22/2013 9:11 PM, Jeremy Kister wrote:

hrm.  i replaced vchkpw with checkpasswd.  still broken.


ends up the problem was actually stunnel/openssl.  who knows what it was 
doing that was causing the tunneled program to behave incorrectly.


for reference:
on debian 6 (squeeze):
  sed "s/squeeze/wheezy/g" /etc/apt/sources.list > /tmp/u.tmp
  mv /tmp/u.tmp /etc/apt/sources.list
  apt-get update
  apt-get upgrade
  apt-get dist-upgrade
  reboot
gives you debian 7 (wheezy)

this came both libssl 0.9.8, libssl 1.0.0, and stunnel 4.53

i ran 'apt-get autoremove libssl0.9.8', and then compiled/installed the
latest stunnel (4.56), and the problem is no more.

who knows.

thanks for the replies.

Greetings to all who are still here,

--
Jeremy Kister
http://jeremy.kister.net./


!DSPAM:51c68ea134131777546213!

[vchkpw] [SPAM] Re: [vchkpw] Patches for qmail suggestions and upgrade

2014-04-17 Thread Jeremy Kister 

On 4/17/2014 2:33 PM, Remo Mattei wrote:

Hello all
I have a qmail which is running now I want to up it to netqmail 1.06 so I plan 
to recomp it and I have vpopmail working so on the new one I want to add 
chkuser and tls but also few others like the channel since gmail and others 
have been really a pain does anyone suggest a set of patches or one that does 
it all in one?


i still like and use my qmail-1.03.isp.patch

it's named "isp" because i was working for an isp at the them and had 
nothing better to name it.  it's used in lots of places that have 
nothing to do with an isp.



http://jeremy.kister.net/code/qmail-1.03.isp.patch

--

Jeremy Kister
http://jeremy.kister.net./


!DSPAM:53501fe034262670412911!

Re: [vchkpw] Patches for qmail suggestions and upgrade

2014-04-17 Thread Jeremy Kister 

On 4/17/2014 2:52 PM, Remo Mattei wrote:

Nice does it have tls?


no TLS; i use all SSL.  o well. :)

--

Jeremy Kister
http://jeremy.kister.net./




!DSPAM:5350261b34264808310748!

Re: [vchkpw] What would be the solution....

2003-08-04 Thread Jeremy Kister 
On Monday, August 04, 2003 5:28 AM, VJ.Srinivasan (JINIS) mumbled:
(B> My tcp.smtp file contains these lines...
(B> 127.:allow,RELAYCLIENT=""
(B> 10.190.1.40:allow,RELAYCLINET=""
(B
(B
(BA question barely exists; if you are wondering why the machine at
(B10.190.1.40 can not relay though your mail server, it is likely because you
(Bhave misspelled RELAYCLIENT.
(B
(B
(BJeremy Kister
(Bwww.jeremykister.com
(BArgus: The worlds most advanced monitoring system: http://argus.tcp4me.com

Fw: [vchkpw] *.COM -> 64.94.110.11

2003-09-16 Thread Jeremy Kister 
On Tuesday, September 16, 2003 11:46 AM, Eric Ziegast wrote:
> dnscache.  Here's a patch for people who use dnscache
> to preserve the old (uninfected) behavior...

not only for .com, but also .net.

a similar patch exists for BIND v8, although I havent installed it yet.

http://achurch.org/bind-verisign-patch.html
I hope verisign (and anyone who had anything to do with that silly decision)
looses the ability to manage the gtld servers for ever.

Jeremy Kister
www.jeremykister.com
Argus: The World's Most Advanced Monitoring Software:
http://argus.tcp4me.com

[vchkpw] disable quota support entirely

2003-09-26 Thread Jeremy Kister 
I need to disable vpopmail's quota support entirely -- can someone make a
parameter for compile time ?

the maildir++ support is not working correctly in my environment, so I do
not want vpopmail to ever send a quota warning message to the user, nor ever
bounce email, nor keep track of the maildir size.

but I do want to have the "supposed-to-be" quota in the vpasswd file,
because I want qmailadmin to read "2.00 / 15.00" instead of "2.00 /
unlimited" (or such).

I have written my own quota checking program, if anyone is interested,
located at http://www.jeremykister.com/jeremy/code/perl/mailquota.pl



Jeremy Kister
www.jeremykister.com
Argus:  The World's Most Advanced Monitoring Software:
http://argus.tcp4me.com

[vchkpw] vchkpw@inter7.com ezmlm warning

2003-10-18 Thread Jeremy Kister 
I received the below bounce from the [EMAIL PROTECTED] mailing list tonight,
at about 10PM EST.

please note i have obfuscated all email addresses slightly.
also note that I have been receiving mail fine from vchkpw, and havnt
modified my configuration recently.

the bounce my system sent was:

"user does not exist, but will deliver to
/home/vpopmail/domains/jeremykister.co/jeremy/
message is looping /home/vpopmail/domains/jeremykister.co/jeremy/Maildir/
mail is looping"

I am quite stumped on why my mailserver bounce this.  I immediately sent an
email to [EMAIL PROTECTED] from an outside account, and it was
received perfectly --  the fact that I've received this double-bounce shows
that my configuration is working.


I keep 8 rotations of 1MB qmail-send logs, and I dont have any record of
'mail is looping' in any of them.
the only [probable] record i have of this message is:
max> grep 129277 /var/log/qmail/current | tai64nlocal
2003-10-18 21:58:08.502764500 starting delivery 129277: msg 30572 to local
[EMAIL PROTECTED]
2003-10-18 21:58:09.792902500 delivery 129277: success:
user_does_not_exist,_but_will_deliver_to_/home/vpopmail/domains/jeremykister
.co/jeremy//did_0+0+1/

which seems to say that the delivery was successful.

i have a .qmail-vpopmail file which places mail in my "jeremy" maildir.  my
.qmail-default also does this (among other things).  I do not have a
jeremy/.qmail file.

max> ls -ld .qmail-vpopmail .qmail-default jeremy/.qmail
jeremy/.qmail: No such file or directory
-rw-r-   1 vpopmail vchkpw   133 Oct  1 03:58 .qmail-default
-rw-r-   1 vpopmail vchkpw   107 Mar 26  2003 .qmail-vpopmail

before receiving this bounce, the last message my MUA has received from the
vpopmail list was 2003/10/18 4:18AM EST from Sigmund Gudvangen titled "Re:
[vchkpw] Multi domain bounce message handling"


the best working theory i had was that since qmail-02.nntx.net NFS mounts
/home/vpopmail/domains, then perhaps the share was unavailable for some
time, but that theory was quickly proven not to hold water because:
 1] the system would have sat and waited until the share did come on-line
before doing anything
 2] not only would the .qmail-vpopmail not be available, but .qmail-default
wouldnt have been either


any ideas?  this greatly worries me.

Jeremy Kister
www.jeremykister.com/jeremy/

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 18, 2003 11:12 PM
To: [EMAIL PROTECTED]
Subject: ezmlm warning

Return-Path:

Delivered-To: [EMAIL PROTECTED]
Received: (qmail 14139 invoked by uid 1010); 19 Oct 2003 01:58:07 -
Received: from unknown (HELO ns1.inter7.com) (209.218.8.2)
  by max.nntx.net with SMTP; 19 Oct 2003 01:58:07 -
Received: (qmail 7722 invoked by uid 511); 19 Oct 2003 03:12:06 -
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Date: 19 Oct 2003 03:12:06 -
Message-ID: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Content-type: text/plain; charset=us-ascii
Subject: ezmlm warning


Hi! This is the ezmlm program. I'm managing the
[EMAIL PROTECTED] mailing list.

 I'm working for my owner, who can be reached
at [EMAIL PROTECTED]


 Messages to you from the vchkpw mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.

If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the vchkpw mailing list,
without further notice.


I've kept a list of which messages from the vchkpw mailing list have
bounced from your address.

Here are the message numbers:

   23631

 --- Enclosed is a copy of the bounce message I received.

Return-Path: <>
Received: from unknown (HELO qmail-02.nntx.net) (64.115.47.41)
   by evanston.inter7.com with SMTP; 7 Oct 2003 09:27:59 -
Received: (qmail 25216 invoked for bounce); 7 Oct 2003 08:13:56 -
Date: 7 Oct 2003 08:13:56 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure notice

 Hi. This is the qmail-send program at qmail-02.nntx.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<[EMAIL PROTECTED]>:
user does not exist, but will deliver to
/home/vpopmail/domains/jeremykister.co/jeremy/
message is looping /home/vpopmail/domains/jeremykister.co/jeremy/Maildir/
mail is looping

 --- Below this line is a copy of the message.
[...]

Re: [vchkpw] vchkpw@inter7.com ezmlm warning

2003-10-18 Thread Jeremy Kister 
On Saturday, October 18, 2003 11:18 PM,  X-Istence wrote:
> So basically, its on their side, unless something is looping on my side,
> of which i know nothing.

It cannot be on their side; how would their MTA know my maildir is in
/home/vpopmail/domains/jeremykister.co/jeremy/ ?

they also clearly attach the bounce which my system sent to them: from
qmail-02.nntx.net (which is mine)

did you receive the message at the same time I did ?


Jeremy Kister
www.jeremykister.com
Argus:  The World's Most Advanced Monitoring Software:
http://argus.tcp4me.com

Fw: [vchkpw] vchkpw@inter7.com ezmlm warning

2003-10-18 Thread Jeremy Kister 
Upon examining the original message that my MTA bounced, I know this is not
a coincidence.

I trimmed the original message because I thought it was non-relevant, but it
clearly is.

something in the original message confused some part of my MTA; This _is_ a
bug; im just not sure if it's qmail or vpopmail

below is the original email message that my system bounced due to "message
is looping"

Tom!?  Ken!? :)

Jeremy Kister
www.jeremykister.com/jeremy


Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 25209 invoked by uid 1010); 7 Oct 2003 08:13:55 -
Received: from unknown (HELO ns1.inter7.com) (209.218.8.2)
  by max.nntx.net with SMTP; 7 Oct 2003 08:13:55 -
Received: (qmail 27027 invoked by uid 511); 7 Oct 2003 09:27:02 -
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
List-Post: <mailto:[EMAIL PROTECTED]>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <mailto:[EMAIL PROTECTED]>
Delivered-To: mailing list [EMAIL PROTECTED]
Received: from unknown (HELO rous.redbarn.org) (204.152.188.41)
by evanston.inter7.com with SMTP; 7 Oct 2003 09:27:01 -
To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Eric Ziegast)
In-reply-to: Your message of "Tue, 07 Oct 2003 00:55:40 PDT."
  <[EMAIL PROTECTED]>
Date: Tue, 07 Oct 2003 01:12:40 -0700
Sender: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Subject: Re: [vchkpw] unexpected Delivered-To

> >> How can this happen?
> >
> > *Any* header can be forged. :^)
>
> Ok, but I'm not clear on one thing. qmail+vpopmail is going to route
> locally based on the to field of the incoming message, right? So you are
> saying this message was forged locally, meaning a hacked server?
The envelope recipient ("RCPT TO:") is what qmail mostly cares about.
The normal message headers are fluffy bits of superfluous information
that could help it detect a mail loop.
Your message appears to have had a "To:" header of "[EMAIL PROTECTED]"
(forged) and an envelope recipient of "[EMAIL PROTECTED]" (not forged)
or maybe even some other address that aliases itself to kurt.
> Curiously your off-list reply cased my server to generate this message:
> message is looping /var/vpopmail/domains/breathsense.com/kkb/Maildir/
Why would your server bounce it in the first place? Fix that!
--
Eric Ziegast
[EMAIL PROTECTED]
(aka [EMAIL PROTECTED])
(aka [EMAIL PROTECTED])

Re: [vchkpw] vchkpw@inter7.com ezmlm warning

2003-10-18 Thread Jeremy Kister 
On Sunday, October 19, 2003 12:42 AM, Gregory Kuhn wrote:
> message_is_looping_/home/vpopmail/domains/ctch.net/gkuhn/Maildir//

ah ha!  :)  this would explain why: grep 'is looping' /var/log/qmail/current
bore no fruit :)

s/\s+/_/g;

sigh.  after resolving the PEBKAC error, I do see the entries in my logs.


since we're on the topic of guaranteed bouncing (since the Delivered-To:
header can still easily be forged), is it worth investing some crypto into
it ?  or even appending some Site-Unique level string to the end of
Delivered-To like the domain name --

instead of: Delivered-To: [EMAIL PROTECTED]
it'd be: Delivered-To-nntx.net: [EMAIL PROTECTED]

or some such.  Whatever the annex is, it'd have to be static (at the
site/domain level), because many people use the Delivered-To header for
processing via procmail/etc.

Forging the Delivered-To line could be to Mr. Spammer's advantage, because
he could send millions+ of messages to addresses that use vpopmail, and
could depend on the bouncing to deliver his mail;  just spoof the envelope
recipient/from and wala.



Jeremy Kister
www.jeremykister.com
Argus:  The World's Most Advanced Monitoring Software:
http://argus.tcp4me.com

Re: [vchkpw] autorespond with a [dot] in the email address

2004-02-21 Thread Jeremy Kister 
On Saturday, February 21, 2004 7:16 AM, Darren Beale wrote:
> it won't, simple as that. If I rename to .qmail-foo and set up a valias 
> for foo to foo.bar it works.

try:
mv .qmail-foo.bar .qmail-foo\:bar

> Is this easy to fix? have I missed something obvious?

think so.. qmail-local translates dot to colon.

Jeremy Kister
www.jeremykister.com/jeremy/
Argus: The World's Most Advanced Monitoring System: http://argus.tcp4me.com

[vchkpw] qmail address extensions

2004-04-16 Thread Jeremy Kister 
I recently had the need for qmail address extension support in vpopmail.
Since i was running an oldish release of vpopmail (5.3.28) I upgraded to
5.4.3.

I configured using:
./configure \
--enable-many-domains=y \
--enable-logging=v \
--enable-clear-passwd=n \
--enable-roaming-users=n \
--enable-rebuild-tcpserver-file=n \
--enable-qmail-ext

I then started playing with sending emails to address extensions.  when I
had a plain-vanilla mailbox, it worked perfectly, However, when i had a
forward/alias (or a .qmail-user for that mailbox), it did not work.

This is important, because I am using a TMDA like system.  I do:
~vpopmail/bin/vadduser [EMAIL PROTECTED] pass
echo '|/usr/local/bin/program [EMAIL PROTECTED]' >
~vpopmail/domains/example.com/.qmail-user

I'm not sure if this is a bug, or just not currently a feature, but can
someone implement this?

Jeremy Kister
www.jeremykister.com/jeremy/
Argus: The World's Most Advanced Monitoring System: http://argus.tcp4me.com

[vchkpw] Re: qmail address extensions

2004-04-16 Thread Jeremy Kister 
On Friday, April 16, 2004 11:04 PM, I wrote:
> I then started playing with sending emails to address extensions.  when I
> had a plain-vanilla mailbox, it worked perfectly, However, when i had a
> forward/alias (or a .qmail-user for that mailbox), it did not work.

Seems like this is qmail-local anyway -- right?

Jeremy Kister
www.jeremykister.com/jeremy/

RE: [vchkpw] Major SMTP AUTH Issues

2004-04-25 Thread Jeremy Kister 
On Sunday, April 25, 2004 9:17 PM, Chris Miller wrote:
> I'm having major issues with SMTP AUTH. Currently, if a user authenticates
they are allowed to relay. The problem is
> even if the user authenticates incorrectly, they are allowed to relay. I'm
sure it's something in my qmail-smtpd run script,
> so I'm pasting it below:

this has been discussed extensively, but...

you are probably using Krzysztof Dabrowski's qmail-smtpd-auth-0.31 patch

either patch your qmail with Erwin Hoffmann's
http://www.fehcom.de/qmail/auth/qmail-smtpd-auth-043_tgz.bin
or fix your run script:

exec /usr/local/bin/softlimit -m 300
  /usr/local/bin/tcpserver -v -R -l "$LOCAL" \
   -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
   -u "$VPOPUID" -g "$VPOPGID" 0 smtp \
   /var/qmail/bin/qmail-smtpd "$LOCAL" /var/vpopmail/bin/vchkpw /bin/true
2>&1

I recommend Erwin's fixup, as it has bug fixes and updated functionality

you may also want to investigate using the -H flag for tcpserver.

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] smtp auth

2004-04-26 Thread Jeremy Kister 
On Monday, April 26, 2004 3:31 AM, signo wrote:
> i've tried the qmail-smtpd-auth-043_tgz.bin patch but the result is always
the same:
>
> 454 oops, unable to write pipe and I can't auth (#4.3.0)

your run script is incorrect for this patch. try:
exec /usr/local/bin/softlimit -m 300 /usr/local/bin/tcpserver -v -R -l
"$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" -u "$VPOPUID" -g "$VPOPGID" 0
smtp /var/qmail/bin/qmail-smtpd /var/vpopmail/bin/vchkpw /bin/true 2>&1

or, you and Chris and just trade run files ;)


Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] smtp auth

2004-04-26 Thread Jeremy Kister 
On Monday, April 26, 2004 3:22 AM, I wrote:
> your run script is incorrect for this patch. try:

also, if you really have:
LOCAL=``
that's wrong too.

LOCAL=`head -1 /var/qmail/control/me`


Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] smtp auth

2004-04-26 Thread Jeremy Kister 
On Monday, April 26, 2004 4:00 AM, signo wrote:
> i'm feel very stupid !!! it does not work!!
>
> VPOPUID=`id -g vpopmail`

well, that should be VPOPUID=`id -u vpopmail`

are you running Solaris?  if so, change
VPOPUID=`id -u vpopmail` to VPOPUID=`/usr/xpg4/bin/id -u vpopmail`
VPOPGID=`id -g vpopmail` to VPOPGID=`/usr/xpg4/bin/id -g vpopmail`

what is the output of
ls -la /var/vpopmail/bin/vchkpw
?


also, you might try increasing the softlimit -m to 500, just for
testing.

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Jeremy Kister 
On Friday, May 21, 2004 5:41 AM, DEBO Jurgen E. G. wrote:
> In the OLD days, people were happy with SMTP-Auth. I consider it LESS
> security as SMTP after POP, because with SMTP-Auth, You sent Your
> e-mailadress and Your password of Your mailbox over the internet.

Are you insinuating that this is not so with POP3 (or "SMTP after POP") ?

LOL


Jeremy Kister
http://jeremy.kister.com/

RE: [vchkpw] finding over-quota users

2004-07-08 Thread Jeremy Kister 
On Thursday, July 08, 2004 6:48 PM, Charles Sprickman wrote:
> Is there any simple way to run through a large number of users (3000 or
> so) and find out who is over quota and when they last checked their mail?

you can try http://jeremy.kister.net/code/perl/mailquota.pl

mailquota.pl -v -e [EMAIL PROTECTED]

will email the report to [EMAIL PROTECTED], and also show you stuff as it is
gathering data.

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] chkuser patch

2004-07-11 Thread Jeremy Kister 
On Wednesday, July 07, 2004 5:32 AM, tonix (Antonio Nati) wrote:
> I'm preparing chkuser 2.0, that will integrate all these changes, and will
> improve a lot of other things.

Hi, Antonio

Could you make chkusr work with djb's serialmail
(http://cr.yp.to/serialmail.html) ?

instead of just having a .qmail-1:2:3:4-default, "bounce-no-mailbox" could
be in the default, and have the rest of the .qmail-1:2:3:4-usernames, like
normal..



Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] chkusr patch w/Vpopmail 5.4.5

2004-07-12 Thread Jeremy Kister 
On Monday, July 12, 2004 11:00 PM, Nick Berry wrote:
> I am trying to implement the chkusr patch (which was good for vpopmail
> 5.3), but I've come across the following error:
[...]
> *** Error code 1

after patching, did you modify the Makefile, as well ?
edit the Makefile, look for qmail-smtpd:, and after `cat socket.lib`, add
/home/vpopmail/lib/libvpopmail.a

(adjusting for you're vpopmail's home, of course)

you'll also need to look for qmail-smtpd.o:, and add
/home/vpopmail/include/vpopmail.h /home/vpopmail/include/vauth.h
before the ./compile qmail-smtpd.c

> Any suggestions?

if you're up for a bigger patch, and you see need for the functionality, you
can try the qmail-1.03.isp.patch, available at
http://jeremy.kister.net/code/qmail-1.03.isp.patch which includes chkusr.


Jeremy Kister
http://jeremy.kister.net/

[vchkpw] Crypt incompatibility

2004-08-27 Thread Jeremy Kister 
I have vpopmail 5.4.5 on an array of Solaris sparc machines.  One of Solaris
machines hosts the qmail control files, the assign file, and the vpopmail
domains directory.  All the client machines deliver mail via NFS.

I recently added a FreeBSD 5.2.1-R i386 box to the mix.  This box can
deliver fine to the spool, but a problem comes when trying to authenticate
credentials (via smtp auth).

penny> telnet 0 25
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
220 qmail-03.example.net ESMTP
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdEBleGFtcGxlLmNvbQ==
334 UGFzc3dvcmQ6
YXNkZg==
535 authentication failed (#5.7.1)

I wrote my own vchkpw in perl (inspectable at:
http://jeremy.kister.net/code/perl/vchkpw.pl):

>From the Solaris box:
max> ./vchkpw.pl
Email Address: [EMAIL PROTECTED]
Password: asdf
test: $1VUyx7YfKO2w - crypt: $1VUyx7YfKO2w
Correct Password

>From the FreeBSD box:
penny> ./vchkpw.pl
Email Address: [EMAIL PROTECTED]
Password: asdf
test: $125a08DVKgFI - crypt: $1VUyx7YfKO2w
Incorrect Password


Interestingly, if i test the credentials with qmail-popup, authentication
works:
penny> /var/qmail/bin/qmail-popup /home/vpopmail/bin/vchkpw id
+OK <28456.1093625622@/home/vpopmail/bin/vchkpw>
USER [EMAIL PROTECTED]
+OK
PASS asdf
uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator)

It seems that the crypt function in Solaris and FreeBSD are making different
crypts even though they're using the same salt.

If that's the case, how is qmail-popup working correctly?  Any ideas how to
fix this?

Jeremy Kister
http://jeremy.kister.net/

Fw: [vchkpw] Crypt incompatibility

2004-08-27 Thread Jeremy Kister 
On Friday, August 27, 2004 1:14 PM, Jeremy Kitchen wrote:
> why?
>
> this question isn't related to vpopmail.  You should ask your OS vendors,
or
>
> some perl gurus.

I'm not sure that you read my email.

the vchkpw.pl was just debugging information.

qmail-popup works fine, but smtp auth using vchkpw does not.


Jeremy Kister
http://jeremy.kister.net/

Fw: [vchkpw] Crypt incompatibility

2004-08-27 Thread Jeremy Kister 
On Friday, August 27, 2004 1:26 PM, Tom Collins wrote:

> What was used to generate the $1 salt for the original crypted
> passwords?

your software.

~vpopmail/bin/vadduser [EMAIL PROTECTED] asdf, on Solaris 2.7 sparc vpopmail
5.4.6



Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Crypt incompatibility

2004-08-27 Thread Jeremy Kister 
On Friday, August 27, 2004 1:33 PM, Tom Collins wrote:
> > What was used to generate the $1 salt for the original crypted
> > passwords?

Interestingly, *all* the crypts in every vpasswd (192 of them) start with
$1, and all have been created using some version of vadduser.

i just asked a friend, who's running vpopmail 5.4.6 on slackware 2.4.26, and
all of his crypts start with $1$


Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Crypt incompatibility

2004-08-27 Thread Jeremy Kister 
On Friday, August 27, 2004 2:00 PM, Tom Collins wrote:
> Your server's crypt() doesn't support MD5 passwords.  You will need to
> rebuild vpopmail with the --disable-md5-passwords option.

You've solved my problem (after also recompiling/reinstalling qmail).

> If you compiled with clear password support, you might want to use your
> Perl skills to go through each vpasswd file and replace the current
> encrypted password with a new one (using a valid salt).  If you delete

not tested too much, but it seems to have worked on my installation:
http://jeremy.kister.net/code/perl/vchkpw.fixcrypt.pl

> Here's a patch I'm adding to vpopmail to fall back to using a non-MD5
> salt if the host's crypt() doesn't handle MD5.
[..]
> + if (tmpstr[2] != '$') {

I know less than nothing about C, but shouldnt that be: 'if (tmpstr[0] ==
'$') {' ?

it might be good for this to get done at compile time (i.e. testing for MD5
support... failed!  reconfigure using --disable-md5-passwords)

this whole experience also raises an interesting question -- perhaps
installations including the clear password shouldnt even use crypts.

Thanks, Tom

Jeremy Kister
http://jeremy.kister.net/

[vchkpw] Fw: [Courier-imap] chdir "username": No such file or directory

2004-09-25 Thread Jeremy Kister 
Seems as if Sam was serious about any problems regarding vpopmail
authentication being ignored on the Courier IMAP list :-/

Even though I'm not convinced it's a vchkpw problem, I'm forwarding here;
sorry for the double post for those subscribed to both lists..

Please note i've upgraded gcc to 3.3.2, make to 3.8.0, and gdbm to 1.8.3.

> I'm running qmail 1.03 (with a bunch of patches) and vpopmail 5.4.6 on
> solaris sparc 2.7.
> using gcc 3.2.1.
>
> I had courier-imap 1.7.0 installed and working perfectly.  for some
reason,
> i decided i should upgrade.  I downloaded, compiled, and installed 3.0.8.
>
> the new imap server closes the TCP connection immediately after my client
> sends login information.
>
> my logs show:
> INFO: Connection, ip=[127.0.0.1]
> LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN
> LOGIN: DEBUG: ip=[127.0.0.1], [EMAIL PROTECTED]
> chdir "foobaz": No such file or directory
>
> i've configured with:
> CPPFLAGS="-I/usr/local/ssl/include -I/home/vpopmail/include" \
> LDFLAGS="-L/usr/local/ssl/lib -L/home/vpopmail/lib" \
> CC=gcc ./configure \
> --prefix=/usr/local/courier-imap \
> --enable-workarounds-for-imap-client-bugs \
> --without-ipv6 --without-userdb \
> --with-syslog=MAIL --without-authpwd \
> --without-authshadow --without-authpam \
> --without-authuserdb --without-authcram \
> --with-authvchkpw --without-authldap \
> --without-authmysql --without-authpgsql \
> --without-authdaemon --without-authcustom
>
>
> i've tried using different email addresses, i've tried using %s instead of
> @s (and variations thereof).  I've googled for hours (too much noise about
> "chdir Maildir" getting in the way).  I've even tried installing 2.2.1 and
> 1.7.3.  each of them is exhibiting the same behavior.
>
> i dont believe this problem is of vpopmail, as qmail-popup is
authenticating
> against vchkpw, and i can test vchkpw:
> goofy# printf "%s\0%s\0%s\0" [EMAIL PROTECTED] asdf ABC123 | vchkpw
pwd 3<&0
> /home/goofy/vpopmail/domains/jeremykister.com/foobaz
>
> I've clearly botched something, but since I did this overnight, and it's
> turn into a sleepless night, I just cant figure out what's wrong.
>
> Any Ideas?


Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Fw: [Courier-imap] chdir "username": No such file or directory

2004-09-25 Thread Jeremy Kister 
On Saturday, September 25, 2004 8:08 PM, Tom Collins wrote:
> an auth module.  Make sure that you're configuring it to use authvchkpw
> and nothing else.

yep - my configure script was listed in my previous email - only authvchkpw
is enabled.

I've got a hunch that there is an incompatibility between the newer vpopmail
and courier's authvchkpw

I compiled courier-imap 2.2.0 on a Solaris 2.9 box, with vpopmail 5.2.1.
All IMAP functions behaved as expected.

I took the authvchkpw binary from the 2.9 box, and copied it over to my 2.7
box, with vpopmail 5.4.6

CourierIMAP now seems happy.  I'm surprised no one else has run into this.
Is there anyone out there running vpopmail 5.4.x and courier-imap with
authvchkpw ?

This will be cross-posted to the courier-imap list, just to let Sam (et al)
know about the possible incompatibility.

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Fw: [Courier-imap] chdir "username": No such file or directory

2004-09-28 Thread Jeremy Kister 
On Sun, 26 Sep 2004 22:31:49 +1000, Michael Bowe wrote:
> DEBUG_LOGIN=2. Then restart your courier-imap daemon. Then look in your
> /var/log/maillog. This is an example of an entry from my logs :
[...]
> Jeremy, how does this compare with your system?

I have slightly obfuscated the email address and password.

Connection, ip=[68.80.68.156]
LOGIN: DEBUG: ip=[68.80.68.156], command=LOGIN
LOGIN: DEBUG: ip=[68.80.68.156], [EMAIL PROTECTED]
LOGIN: DEBUG: ip=[68.80.68.156], password=blah
authvchkpw: starting client module
authvchkpw: [EMAIL PROTECTED], sysuserid=1010,
   sysgroupid=1010, homedir=jeremy,
   [EMAIL PROTECTED], fullname=,
   maildir=, quota=, options=
authvchkpw: clearpasswd=, passwd=zfhdrFE4797Xs
password matches successfully
chdir "jeremy": No such file or directory

> And the corresponding vuserinfo shows :

goofy> ~vpopmail/bin/vuserinfo [EMAIL PROTECTED]
name:   jeremy
passwd: zfhdrFE4797Xs
clear passwd: blah
uid:1
gid:0
flags:  0
gecos: jeremy
limits: No user limits set.
dir:   /home/vpopmail/domains/jeremykister.com/jeremy
quota: 104857600S
usage: 5%
last auth: Tue Sep 28 15:18:05 2004
last auth ip: imap

--

Jeremy Kister
http://jeremy.kister.net/

[vchkpw] vpopmail >= 5.4.8 solaris install problem

2004-12-08 Thread Jeremy Kister 
I have identified an installation problem in the latest releases of vpopmail
on Solaris 2.7

the install program used by the Makefile does not support installing
multiple files in one run, and it does not error when told to install
multiple files -- it simply installs the first in the list, and exits.

this yields 'make install' not copying config.h, vauth.h, nor vlimits.h to
~vpopmail/include/

needless to say, this makes things _very_ confusing, when vuserinfo works,
but when programs like qmailadmin dont work (because they are using include
files from an older vpopmail series that were not overwritten)


the following patch fixes the problem (use patch -d vpopmail-5.4.8 <
vpopmail-5.4.8-kisterfix):

--- Makefile.am.orig 2004-12-09 00:29:58.222616000 -0500
+++ Makefile.am   2004-12-09 00:31:00.863282000 -0500
@@ -151,9 +151,9 @@
   $(INSTALL) -o root -m 0444 \
 config.h $(DESTDIR)@vpopmaildir@/include/vpopmail_config.h

-  $(INSTALL) -o root -m 0444 \
-vpopmail.h config.h vauth.h vlimits.h \
-$(DESTDIR)@vpopmaildir@/include/
+  for include in vpopmail.h config.h vauth.h vlimits.h ; do \
+ $(INSTALL) -o root -m 0444 $$include $(DESTDIR)@vpopmaildir@/include/
; \
+  done

   $(INSTALL) -d $(DESTDIR)@vpopmaildir@/doc/man_html
   $(INSTALL) -d $(DESTDIR)@vpopmaildir@/doc/doc_html
--- Makefile.in.orig 2004-12-09 00:30:02.552653000 -0500
+++ Makefile.in   2004-12-09 00:30:30.282952000 -0500
@@ -829,9 +829,9 @@
   $(INSTALL) -o root -m 0444 \
 config.h $(DESTDIR)@vpopmaildir@/include/vpopmail_config.h

-  $(INSTALL) -o root -m 0444 \
-vpopmail.h config.h vauth.h vlimits.h \
-$(DESTDIR)@vpopmaildir@/include/
+  for include in vpopmail.h config.h vauth.h vlimits.h ; do \
+ $(INSTALL) -o root -m 0444 $$include $(DESTDIR)@vpopmaildir@/include/
; \
+  done

   $(INSTALL) -d $(DESTDIR)@vpopmaildir@/doc/man_html
   $(INSTALL) -d $(DESTDIR)@vpopmaildir@/doc/doc_html


--

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Error compiling qmail - chkuser - vpopmail

2005-02-23 Thread Jeremy Kister 
on 2/24/2005 1:22 AM D E said the following:
> I am trying to compile qmail 1.03 - chkuser 2.08b - vpopmail 5.3.24 (no 
> mysql) on FreeBSD and am getting the following error. 
[...]
> /usr/local/server-setup/mail-setup/vpopmail-5.3.24/vauth.c(.text+0x1d34): 
> undefined reference to `crypt'


try 'echo gcc -lcrypt -s' > conf-ld ; make


-- 

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Error compiling qmail - chkuser - vpopmail

2005-02-23 Thread Jeremy Kister 
on 2/24/2005 1:51 AM Jeremy Kister said the following:
> on 2/24/2005 1:22 AM D E said the following:
>> I am trying to compile qmail 1.03 - chkuser 2.08b - vpopmail 5.3.24 (no 
>> mysql) on FreeBSD and am getting the following error. 
> [...]
>> /usr/local/server-setup/mail-setup/vpopmail-5.3.24/vauth.c(.text+0x1d34): 
>> undefined reference to `crypt'
> 
> 
> try 'echo gcc -lcrypt -s' > conf-ld ; make

<2am tiredness>
doh! that's 'echo gcc -lcrypt -s > conf-ld ; make'
(without the exterior quoting, of course)


-- 

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Change default domain admin

2005-04-15 Thread Jeremy Kister 
On 4/15/2005 2:55 PM, Tom Collins wrote:
> Should we make some updates to vadddomain to automatically create an 
> alias from abuse to postmaster?  We could make that the default and 
> have an option to override it with a particular address...

this in itself is not a good idea.

I appreciate that RFC822 #6.3 requires the 'postmaster' localpart,
however it in no way even hints that this account should be a mailbox
(rather than a forward).

as well, RFC2142 #2 states the 'abuse' localpart must be valid, but
again makes no recommendation on how it should be valid, nor who should
read the mail.

I (et al) run qmail servers with a bit over 2,000 vpopmail-managed
domains.  All of these domains are managed by the end-user via qmailadmin.

In my experience, almost all of these users do not check the existing
"postmaster" mailbox, and instead, let mail fill up the box until it's
at quota.

My suggestion is that qmailadmin should not force users to follow best
current practices, but it should only warn them if they are not
following them.

For example, if there is no abuse mailbox/forward, perhaps some warning
message can be displayed directly after an administrative user logging
in.  I think this method should also exist for the postmaster localpart,
but that'd clearly require a big change in qmailadmin's behavior.


Because qmailadmin automatically assumes that someone will be checking
the "postmaster" mailbox, most end-users dont even realize they should
be checking it.  If setting up the 'postmaster' account were a manual
process for the end-user, it'd be more intuitive to the end-user that
he'd need to be checking it on a regular basis, or should forward it
somewhere.

automatically creating an abuse localpart that forwards to the
postmaster mailbox will only further hurt my servers, as currently the
chkusr patch would simply reject "abuse" at smtp time.



-- 

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Change default domain admin

2005-04-15 Thread Jeremy Kister 
On 4/15/2005 4:06 PM, Jeremy Kister wrote:
> My suggestion is that qmailadmin should not force users to follow best
> current practices, but it should only warn them if they are not
> following them.

forgive all my references to 'qmailadmin' - i realize we're taking about
vadddomain, but see no way to fix the problem in vadddomain -

vadddomain should simply add the domain, with minimal interference.
vadduser and qmailadmin is where the user accounts should continue to be
managed.




-- 

Jeremy Kister
http://jeremy.kister.net/

Re: [vchkpw] Per user .qmail patch

2005-12-16 Thread Jeremy Kister 

On Fri, 16 Dec 2005 16:03:07 + (GMT), Drew Wells wrote:
> I have patched VpopMail 5.4.13 so that each user in a domain can have
> there E-Mail handled by there own set of .qmail files (in
> /var/vpopmail/domains/{domain}/{user}), this is a patch to
> 'int check_forward_deliver(char *dir)' in vdelivermail.c.

good idea

> Is this patch of any interest to anyone or is this meant to be done
> another way ?

since we're talking about revamping code, we should change the name of 
the files.


It's hard for some people to understand what qmail-local does and what 
vdelivermail does; calling files ".qmail" which are actually handled by 
vdelivermail is misleading.


As suggested by Charles Cazabon (archived at 
http://msgs.securepoint.com/cgi-bin/get/qmail0510/86/1/1/1/1/1.html), we 
should call these files .vpopmail and/or .vpopmail-user


this will clearly differentiate qmail-local and vdelivermail's 
responsibilities and will natively point newbies in the right direction.


both vpopmail and qmailadmin could be updated trivially, and a couple of 
lines of perl could upgrade everyone's vpopmail/domains directory tree. 
 I'd be happy to write the upgrade script.



whether or not we decide to change the name of the files, we'll have to 
ask Antonio to update chkusr and checkuser before the release, or at 
least note the possible incompatibility with existing installations.



--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Per user .qmail patch

2005-12-16 Thread Jeremy Kister 
On 12/16/2005 3:00 PM, Charles J. Boening wrote:
> Don't really need a perl script.  This should work.
> 
> find /home/vpopmail/domains -name .qmail* | xargs -i rename qmail
> vpopmail '{}'

from your suggestion, I think you're one of the people who are confused. :)

renaming all .qmail* files in ~vpopmail/domains will break your
installation horribly.

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Per user .qmail patch

2005-12-16 Thread Jeremy Kister 
On 12/16/2005 4:41 PM, Charles J. Boening wrote:
> Details, details  :)
> 
> I'm sure you could filter those out.
> 
> find /home/vpopmail/domains -mindepth 3 -name .qmail* | xargs -i rename
> qmail vpopmail '{}'

now you've broken those with large numbers of domains and domain hashing..

# grep example.com /var/qmail/users/assign
+example.com-:example.com:1010:1010:/home/vpopmail/domains/1/a/example.com:-::

or, perl... ;p

http://jeremy.kister.net/code/perl/change-vpopmail-files.pl

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Per user .qmail patch

2005-12-16 Thread Jeremy Kister 
On 12/16/2005 5:21 PM, Charles J. Boening wrote:
> I thought that was the proposal.  To call the files .vpopamil files
> since vdelivermail was actually doing the delivery.  You'd still have
> .qmail files in the ~vpopmail/domains/ directory but the
> ~vpopmail/domains// directory would have
> .vpopamail files.

> Guess I'll have to go back and read again.

no, that's entirely correct.

just that the original posted code didnt leave qmail-local's .qmail-user
files inside // alone.


-- 

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] Re: domain/.qmail-user vs user/.qmail [was: Per user .qmail patch]

2005-12-16 Thread Jeremy Kister 
On 12/16/2005 6:43 PM, Rick Macdougall wrote:
> What's the advantage of this over .qmail-user-list in the main domain 
> directory ?

Which spawns an equally interesting question -- why have user/.qmail at
all?  I cant think of any scenarios where user/.qmail is needed..

user/.qmail hurts performance, as qmail-local has to call vdelivermail
instead of just dealing with the mail itself.

i think you're right -- neither user/.qmail, user/.qmail-ext nor
user/.vpopmail are needed.


-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Vpopmail and domain literals

2006-01-09 Thread Jeremy Kister 

On 1/9/2006 8:57 PM, Simon Comeau Martel wrote:
I am trying to figure out how does vpopmail handle domain literals.   


it doesn't, really.

I saw nothing about that topic in the doc, and google doesn't return  
anything useful.  My Qmail+Vpopmail installation do accept mails sent  
in that format ie: rcpt to: <[EMAIL PROTECTED]>, but I have  
no idea in witch mailbox the message is going.


dotted decimal domains in brackets are handled by 
/var/qmail/alias/.qmail-whatever


it's mentioned in addresses.5 -- not sure if its more specifically 
documented elsewhere.


--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] compiling vpopmail 5.4.13 on Solaris 7

2006-01-19 Thread Jeremy Kister 

looks like vpopmail is looking for an "err.h"

make[2]: Leaving directory 
`/export/home/src/sparc-sun-solaris2.7/vpopmail-5.4.13/cdb'
make[2]: Entering directory 
`/export/home/src/sparc-sun-solaris2.7/vpopmail-5.4.13'
gcc -I. -Icdb  -I. -I. -I.-fPIC -g -O2 -Wall -c -o 
libvpopmail_a-vpopmail.o `test -f 'vpopmail.c' || echo './'`vpopmail.c

vpopmail.c:35: err.h: No such file or directory
make[2]: *** [libvpopmail_a-vpopmail.o] Error 1


the only place I have an err.h is in /usr/include/sys/

If I muck with the Makefile,

-DEFAULT_INCLUDES =  -I. -I$(srcdir) -I.
+DEFAULT_INCLUDES =  -I. -I$(srcdir) -I/usr/include/sys/

and then try to make, i still get errors:

In file included from vpopmail.c:35:
/usr/include/sys/err.h:32: field `e_map' has incomplete type
vpopmail.c: In function `vadddomain':
vpopmail.c:130: warning: implicit declaration of function `chdir'
[...]
vpopmail.c:3096: dereferencing pointer to incomplete type
make[2]: *** [libvpopmail_a-vpopmail.o] Error 1


What's the solution to this problem ?

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] compiling vpopmail 5.4.13 on Solaris 7

2006-01-20 Thread Jeremy Kister 

On 1/19/2006 3:59 PM, Jorge Valdes wrote:
I am still using an older version, but the problem is with the use of 
"warn" in the "r_mkdir" routine more or less lines 1822 & 1830. It will 
compile if you change the format from "warn ('xxx')" to "fprintf 
(stderr, 'xxx');" a format also used in line 1833. I checked, and err.h 
is available for Linux, but not for Solaris.


Thanks, Jorge.  all compiled fine after the changes.

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] 5.4.14 - any news?

2006-02-20 Thread Jeremy Kister 

On 2/20/2006 8:10 PM, Robin Bowes wrote:

I'm just doing a new install for a client. Any news on whether v5.4.14
is ready yet?



Don't think so, but here's an important patch to 5.4.13

http://jeremy.kister.net/code/vpopmail-5.4.13-pound-and-err.patch


--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] vadddomain -> Error: Could not open qmail default

2006-02-22 Thread Jeremy Kister 

when i use vadddomain, i get an error:
Error: Could not open qmail default

vdeldomain, vadduser, and vdeluser all work correctly.

I made a small change to vpopmail.c to see what's going on:

--- ../vpopmail-5.4.13/vpopmail.c   2006-02-22 16:05:34.612401000 -0500
+++ vpopmail.c  2006-02-22 15:58:12.998402000 -0500
@@ -198,6 +198,7 @@
   /* create the .qmail-default file */
   snprintf(tmpbuf, sizeof(tmpbuf), "%s/%s/%s/.qmail-default", dir, 
DOMAINS_DIR,

 DomainSubDir);
+   fprintf(stderr, "%s/%s/%s/.qmail-default\n", dir, DOMAINS_DIR, 
DomainSubDir);

   if ( (fs = fopen(tmpbuf, "w+"))==NULL) {
 /* back out of changes made so far */
 chdir(dir); chdir(DOMAINS_DIR);



this yields the following output:
/export/home/vpopmail//export/home/vpopmail/domains/ff.com/.qmail-default
Error: Could not open qmail default

my configure:

./configure \
--prefix=/export/home/vpopmail/arch/SunOS-5-sun4u \
--enable-domains-dir=/export/home/vpopmail/domains \
--disable-md5-passwords \
--disable-roaming-users \
--enable-logging=v \
--disable-rebuild-tcpserver-file \
--enable-learn-passwords \
--enable-qmail-ext \
--enable-ip-alias-domains


if I symlink /export/home/vpopmail/export/home/vpopmail/domains to 
/export/home/vpopmail/domains, all works fine.


Anyone know why this is happening ?


--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] vadddomain -> Error: Could not open qmail default

2006-02-22 Thread Jeremy Kister 

On 2/22/2006 5:51 PM, Stoyan Marinov wrote:

As far as I know --enable-domains-dir sets the domains directory,
relative to vpopmail's home dir. If you set vpopmail's home dir
to /export/home/vpopmail, /export/home/vpopmail/domains will be set by
default as DOMAINS_DIR.


Funny, I was just testing that as your message came in.

I changed the path to /export/home/vpopmail/./ in my passwd file, and 
recompiled.


sure enough, the error was referencing 
/export/home/vpopmail/./export/home/vpopmail/domains


so --enable-domains-dir is relative to the vpopmail user's path.  I 
think it's more intuitive to think that --enable-domains-dir overrides 
--prefix.  but that's fine.  it should be noted in ./configure --help.


recompiling and simply leaving out --enable-domains-dir fixed the problem.

Thanks,

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Why not disconnect after rejection/limit ?

2006-03-03 Thread Jeremy Kister 

On 3/3/2006 10:28 AM, Michael Krieger wrote:

   An SMTP server MUST NOT intentionally close the connection except:
   - After receiving a QUIT command and responding with a 221 reply.
   - After detecting the need to shut down the SMTP service and  returning a 
421 response code. This response code can be issued after  the server receives 
any command or, if necessary, asynchronously from  command receipt (on the 
assumption that the client will receive it  after the next command is issued).


Not to turn this into a RFC contest on the wrong mailing list, but we 
must be interpreting that differently --


my qmail-1.03.isp.patch will close a connection after a defined number 
of errors.  I claim RFC 2821 #3.9 compatibility, because before closing 
the connection, I send a 400 error.  I have the 'need' to close the 
connection, because I no longer want to hear from this abuser, and he is 
automatically entered into tcp.smtp.cdb for rejection.


--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] delete

2006-03-23 Thread Jeremy Kister 

On 3/23/2006 2:59 PM, Rob Genovesi wrote:
The "delete" option from Qmailadmin does not seem to be working on my 
server.  It creates a .qmail file with a single line: "# delete" , however 
messages are still delivered to the Maildir.


Any ideas as to what might be going on?

vpopmail 5.4.10
qmailadmin 1.2.9


Your version of vpopmail is broken.

try to upgrade.  vpopmail 5.4.13 + vpopmail-5.4.13-pound-and-err.patch 
is the latest stable version that I know of.




--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] qmail-inject deferrals

2006-03-24 Thread Jeremy Kister 
I'm using qmail and vpopmail in a rather large environment.  I've always 
got several hundred messages in my queues because of unparsable header 
fields.


delivery 50391: deferral: 
qmail-inject:_fatal:_unable_to_parse_this_line:/Return-Path:_Received:_from_wctc.net.airstream.mail8.psmtp.com_(wctc.net.airstream.mail8.psmtp.com_[63.240.161.100])_by_mx1.extreme-hosting.net_with_smtp;_mrt,_24_2006_3:13:50_-0100/system_error/


I do not want to fixup broken messages with new-inject, and I because 
qmail-inject is giving a fatal error, vdelivermail should also.


Is this patch correct?

--- vdelivermail.c.orig Fri Mar 24 16:15:12 2006
+++ vdelivermail.c  Fri Mar 24 16:34:20 2006
@@ -667,13 +667,13 @@
   printf ("write to qmail-inject failed: %d\n", errno);
   close(fdm);
   waitpid(inject_pid,&child,0);
-  vexiterr (EXIT_DEFER, "system error");
+  vexiterr (child, "system error");
   }

   close(fdm);
   waitpid(inject_pid,&child,0);
   if (wait_exitcode(child) == 0) return;
-  vexiterr (EXIT_DEFER, "system error");
+      vexiterr (child, "system error");
 }
 }

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] qmail-inject deferrals

2006-03-24 Thread Jeremy Kister 

On 3/24/2006 4:40 PM, Michael Krieger wrote:
> Note return-path is blank, and fails to contain a newline.  I'd
> fix the problem- being whatever is accepting this mail message into
>  your queue in the first place.

I cannot fix millions of people's spamware.  I honestly wish i could. :)


  We sometimes get these when people try to inject into php scripts

> by  making a from address contain newlines and the programmer is an
> idiot  and doesn't check this.  In theory, qmail-smtpd should turn
> down  the message when it comes in.  So I guess the question is where
> is  it coming from?

spammers send my servers spam; folks on my server have email addresses 
forwarded to other email addresses.


spammer -> qmail-smtpd
qmail-smtpd -> qmail-queue
qmail-queue -> qmail-send
qmail-send -> qmail-lspawn
qmail-lspawn -> qmail-local
qmail-local -> vdelivermail
vdelivermail -> qmail-inject

vdelivermail needs to respect qmail-inject's exit code, hence the 
proposed patch.



  I wouldn't 'fix' this header, as it's malformed to start with.


I am also opposed to fixing up the header, as previously stated.


Thanks,

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] qmail-inject deferrals

2006-03-24 Thread Jeremy Kister 
On 3/24/2006 5:06 PM, Jeremy Kitchen wrote:
>> vdelivermail needs to respect qmail-inject's exit code, hence the
>> proposed patch.
> 
> no, the real question is why is vpopmail even using qmail-inject to re-queue 
> forwarded messages.  Instead, qmail-queue should be used directly.

While I'm sure you could argue that point, I'm perfectly willing to
accept qmail-inject's tainting.  there'd be a lot of code plucked from
qmail-inject (or new-inject) to go into vdelivermail, which i'm not sure
is quite the right thing to do.

In the interim, I'm still looking for opinion on whether or not the
proposed patch makes everyone happy.  I tested it briefly, and it seems
to deal with fatal, deferral, and successful qmail-inject codes correctly.

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] qmail-inject deferrals

2006-03-27 Thread Jeremy Kister 

On 3/25/2006 12:25 PM, Jeremy Kitchen wrote:

In the interim, I'm still looking for opinion on whether or not the
proposed patch makes everyone happy.  I tested it briefly, and it seems
to deal with fatal, deferral, and successful qmail-inject codes correctly.


looks good to me, but it's still a bandaid imo.



Tom,

Can you tell me if you're going to accept the given patch for the next 
release?


--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] qmail-inject deferrals

2006-03-27 Thread Jeremy Kister 
On 3/27/2006 3:12 PM, Tom Collins wrote:
> I haven't had a chance to look closely at it, but I will probably 
> include it in the next release.
> 
> Regardless of whether using qmail-inject over qmail-queue is a 
> band-aid, we should be looking at the exit code and behaving properly.

Here's [what seems to be] the correct way to fix the problem:

--- vdelivermail.c.orig 2006-03-27 21:58:21.810949000 -0500
+++ vdelivermail.c  2006-03-27 21:58:52.741031000 -0500
@@ -672,8 +672,9 @@

   close(fdm);
   waitpid(inject_pid,&child,0);
-  if (wait_exitcode(child) == 0) return;
-  vexiterr (EXIT_DEFER, "system error");
+  unsigned int xcode = wait_exitcode(child);
+  if (xcode == 0) return;
+  vexiterr (xcode, "system error");
 }
 }

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] vpopmail 5.4.16 released (finally)

2006-05-08 Thread Jeremy Kister 

On 5/7/2006 3:48 PM, Tom Collins wrote:

5.4.16 - released 7-May-06
http://vpopmail.sf.net/

Release Notes:

More fixes to 5.4.14/5.4.15, hopefully leading to a useable, stable  
release

incorporating vpopmaild from the 5.5 branch.


i just realized there was no bug report for vdelivermail not watching 
qmail-inject's exit code on SF, so i added one.


http://sourceforge.net/tracker/index.php?func=detail&aid=1484105&group_id=85937&atid=577798

in addition, solaris fails to complile 5.4.16 (no err.h):

http://sourceforge.net/tracker/index.php?func=detail&aid=1484110&group_id=85937&atid=577798



--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] NFS and vpopmail

2006-05-11 Thread Jeremy Kister 

On 5/11/2006 5:55 PM, MT wrote:

 sends hup signal to qmail-send to accept new domain

So I have /home/vpopmail/domains, /var/qmail/control/, /var/qmail/ 
users on my NFS.

[...]
I have to delete / add the domain on 10.0.0.2 to get it to work - but  
then 10.0.0.1 will give me the same error.



Do you have something on 10.0.0.2 that will hup qmail-send when the 
/var/qmail/users/assign file changes ?


I use this code every hour in cron:

#!/bin/sh

PATH=/usr/local/bin:/usr/bin:/bin

if [ -s "/var/tmp/last.var-qmail-users-assign" ] ; then
   cmp /var/qmail/users/assign /var/tmp/last.var-qmail-users-assign 
>/dev/null 2>&1

   if [ $? -gt 0 ] ; then
  svc -h /service/qmail-send
  cp /var/qmail/users/assign /var/tmp/last.var-qmail-users-assign
   fi
else
   echo "no valid /var/tmp/last.var-qmail-users-assign"
   mkdir -p /var/tmp/
   cp /var/qmail/users/assign /var/tmp/last.var-qmail-users-assign
fi

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] NFS and vpopmail

2006-05-11 Thread Jeremy Kister 

On 5/11/2006 7:18 PM, MT wrote:
I thought that was it too so I did a kill -HUP qmail-send but still  
nothing.  I also stopped/started the entire qmail service (going  
along with what Rick was saying) and still nothing.


by the phrase "entire qmail service", I take it you did not install via 
LifeWithQmail ?


In either case, are you using "vpopmaild"?  I know little about it more 
than how to spell it, but if you're using it I could imagine it's part 
of your problem.


Could it be an invalid/missing option in my NFS exports or the way  
I'm trying to mount the NFS share?


unlikely.

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] NFS and vpopmail

2006-05-12 Thread Jeremy Kister 

On 5/12/2006 3:01 PM, John Simpson wrote:
you don't need to HUP qmail-send when users/assign changes, you need  
to run "qmail-newu". qmail-lspawn reads users/cdb, users/assign is  
just a text file which is used to build users/cdb.


I simply infer that the control files have changed when the assign file 
has changed.


--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Unable to authenticate local user via pop3

2006-09-07 Thread Jeremy Kister 

On 9/7/2006 6:51 AM, Federico wrote:
It seems like it was not able to check user against /etc/passwd… But 
why? vchckpw should do automatically…


Did you configure vpopmail with --enable-passwd ?

--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] .vpopmail-* instead of .qmail-*

2006-12-15 Thread Jeremy Kister 

On 12/15/2006 1:05 PM, John Simpson wrote:
i think the ones created within a mailbox's directory should be called 
".vpopmail-*", while the ones in the domain's directory (which ARE 
processed by qmail-local) should be left the way they are.


I couldn't agree more.

in general i think the idea of using .qmail-{user} files at the domain 
level is better, simply because it makes for one less process involved 
in getting the message to the maildir. basically, if qmail-local CAN do 
the delivery properly, we should allow it to do so. i think the 
"vdelivermail" program should only be used to handle cases where 
qmail-local can't work (i.e. mailbox or alias information stored in a 
database.)


absolutely.  On high volume mail servers, like the set I run, forking 
vdelivermail for no reason will certainly impact performance.  better to 
simply let qmail-local run with the ball.


i think a safer way to do it would be to have a script which finds and 
renames the files as needed, and tell the users to only run the script 
while qmail-send is stopped. if they're upgrading the vpopmail binaries 
anyway, they will probably be in some kind of maintenance window to 
start with, and stopping qmail-send won't be a major deal.


I don't know why my post on wednesday got lost, but I wrote:

> On 12/13/2006 12:36 AM, Rick Widmer wrote:
>> One of the biggest complaints against vpopmail heard on the qmail
>> mailing list is the fact that it uses files kind of like .qmail
>> files, that are not interpreted by qmail-local, yet it names them
>> .qmail*. Drew-vpopmail has submitted a patch to vdelivermail that
>> follows the .qmail-ext file resolution process just like qmail-local
>> except that at each level it looks for both a .qmail* and .vpopmail*
>> file.
[...]
>> What do you think?
>
> Why keep username/.qmail files at all?
>
> I whipped up code many moons ago (2005.12.16) to convert
> username/.qmail files to username/.vpopmail files --
> http://jeremy.kister.net/code/perl/change-vpopmail-files.pl
>
> Then changing qmailadmin and vpopmail would be trivial.


Maybe there needs to be a ./configure option to disable the new file 
name.


something like "--old-dot-qmail-files" maybe? sounds good to me.


Great idea!


--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] admin forwards via email

2007-04-13 Thread Jeremy Kister 

In case anyone finds this useful:

I advocate giving separate email addresses to everyone possible. 
Meaning if you're signing up for an account with a new site called 
BigFancySite.tld, i'd give them the email address 
[EMAIL PROTECTED]  Then I'd create a forward called 
bigfancysite.tld and send it to my main mailbox.  This is useful because 
it's an instant way to see who's given out your email address as well as 
being able to turn off the address with ease.


Due to slight demand from customers I've told this to, I have created an 
email way to create and delete vpopmail forwards.


wget http://jeremy.kister.net/code/perl/eadmin.pl
chmod ugo+x eadmin.pl
echo "|/usr/local/script/eadmin.pl" > 
~vpopmail/domains/example.com/.qmail-someaddress


it requires Mail::vpopmail, so you might have to set that up too:
wget 
http://search.cpan.org/CPAN/authors/id/J/JK/JKISTER/Mail-vpopmail-0.54.tgz

tar -zxf Mail-vpopmail-0.54.tgz
cd Mail-vpopmail-0.54
perl Makefile.PL ; make ; make install



you can then email [EMAIL PROTECTED] with a subject like
CREATE VerySeCreT [EMAIL PROTECTED] [EMAIL PROTECTED]

which will forward "[EMAIL PROTECTED]" to the 
"[EMAIL PROTECTED]" mailbox.


be sure to put your domain and secret crypt in the %secrets section of 
eadmin.pl.




--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] admin forwards via email

2007-04-15 Thread Jeremy Kister 
On 4/15/2007 12:33 PM, Tom Collins wrote:
> I've just advised users to use extended addresses.

I was originally doing that for myself, but found it was more difficult
to turn off the compromised address at SMTP time (using the chkusr patch).

> Either way, your script looks like a cool way to add a forward.   
> Should I add it to vpopmai's contrib directory?  Do you want to wait  
> a few weeks for feedback, make updates, and then have it added?

Feel free to add it to contrib.  Between it being relatively simple and
already using it for a couple of weeks myself, I think it's good to go.
I've just updated the notes at the top to help folks with installation.

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] chkuser wrongly accept emails for default@

2007-04-18 Thread Jeremy Kister 
On 4/17/2007 2:43 PM, Stephane Bouvard (ML) wrote:
> Here's a little fix to verify if the alias is not bounce-no-mailbox...
[...]
> +if (fd_file != -1) {
> +read_char = read (fd_file, read_buf, 
> sizeof(read_buf) - 1);
> +close (fd_file);
> +if (read_char < 0) read_char = 0;
> +}
> +read_buf[read_char] = 0;
> +
> +if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) {
> +retstat = CHKUSER_OK;
> +break;
> +}
> +

Great idea.  I'm no C guy, but shouldn't that second conditinal be
inside the first?

+if (fd_file != -1) {
+read_char = read (fd_file, read_buf, sizeof(read_buf) - 1);
+close (fd_file);
+if (read_char < 0) read_char = 0;
+read_buf[read_char] = 0;
+
+if ( strstr(read_buf, CHKUSER_BOUNCE_STRING) == NULL ) {
+ retstat = CHKUSER_OK;
+ break;
+}
+}


Otherwise if the .qmail-user does not exist, retstat = 1

or am I being silly ?

-- 

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Re: chkuser wrongly accept emails for default@

2007-04-18 Thread Jeremy Kister 

On 4/18/2007 11:34 AM, Tom Collins wrote:
Please be aware that vdelivermail should ONLY be in a domain's 
.qmail-default file.  Putting it into a .qmail-alias file or a user's 
.qmail file can introduce a mail loop (which vdelivermail should detect 
and stop looping) and probably won't accomplish what you want it to.


Good reminder.

I've integrated my flavor of Stephane's changes into my code and it's 
working great.  I can now `echo "# bounce-no-mailbox" > .qmail-username` 
and it will be rejected at smtp time.



Thanks Stephane.


--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-17 Thread Jeremy Kister 

On 8/17/2007 9:13 PM, Trey Nolen wrote:
being affected by the rblmtpd?  For instance, is there a way to pass a 
variable to tcpserver if the connection is authenticated via smtp-auth?


Not without patching. the process goes like this:

user -> tcpserver -> rblsmtpd -> qmail-smtpd (with smtp-auth)

so, rblsmtpd has already intercepted your user before he's had the
change to talk to qmail-smtpd and auth.

there is at least one patch that puts rblsmtpd functionality inside
qmail-smtpd for this purpose, but i'm having a hard time finding it.

Based on
http://lists.ziobudda.net/pipermail/qmail-it/2007-April/001698.html, I'm
making an educated guess that the patch is at:

http://lists.ziobudda.net/pipermail/qmail-it/attachments/20070410/7d59066d/qmail-dnsbl.bin


--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] [paging Inter7]

2007-08-28 Thread Jeremy Kister 
Looks like my mail server got a message from 75.8.19.6... but the public 
SPF RR says only 75.8.19.3 is permitted.


# dig txt inter7.com

; <<>> DiG 8.3 <<>> txt inter7.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;  inter7.com, type = TXT, class = IN

;; ANSWER SECTION:
inter7.com. 1D IN TXT   "v=spf1 ip4:75.8.19.3 -all"

 Original Message 
Subject: ezmlm warning
Date: 28 Aug 2007 12:14:01 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

Hi! This is the ezmlm program. I'm managing the
vchkpw@inter7.com mailing list.

I'm working for my owner, who can be reached
at [EMAIL PROTECTED]


Messages to you from the vchkpw mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.

If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the vchkpw mailing list,
without further notice.


I've kept a list of which messages from the vchkpw mailing list have
bounced from your address.

Here are the message numbers:

   31238

--- Enclosed is a copy of the bounce message I received.

Return-Path: <>
Received: (qmail 32353 invoked for bounce); 16 Aug 2007 18:09:24 -
Date: 16 Aug 2007 18:09:24 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure notice

Hi. This is the qmail-send program at mail.inter7.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<[EMAIL PROTECTED]>:
204.9.96.41 does not like recipient.
Remote host said: 550 See 
http://spf.pobox.com/why.html?sender=vchkpw-return-31238-vpopmail-01%3djeremykister.com%40inter7.com&ip=75.8.19.6&receiver=qmail-02.nntx.net 
(#5.7.1)

Giving up on 204.9.96.41.

Re: [vchkpw] vpopmail 5.4.22 breaks qmailadmin 1.2.X

2007-09-17 Thread Jeremy Kister 

On 9/17/2007 5:28 PM, John Simpson wrote:
which reminds me... how about a patch to change the maximum password  
length to a more realistic limit? i've been doing this for several  
years, after applying patches but before running "./configure"...


Also, since only the first eight characters of a password matter on 
Solaris < 10 (or any DES vs MD5), perhaps there should be a maximum 
limit of 8 when using --disable-md5-passwords.  This way, users who 
think [EMAIL PROTECTED]:: is a secure password are enlightened.



--

Jeremy Kister
http://jeremy.kister.net./

Re: [vchkpw] Disable clear password

2007-09-19 Thread Jeremy Kister 

On 9/20/2007 2:28 AM, Kenny Lee wrote:

What i have tried ...
i go back to the installation folder, re-run again 
"./configure --disable-clear-passwd", then "make" and "make install-strip" 
... but the result also same, when i used "vuserinfo" to view user's detail, 
the command still can show up the clear password of the user.


You did the right thing recompiling.  That should make new passwords not 
contain the clear text.


But you've got to go through all the vpasswd files manually to remove 
the clear passwords from existing mailboxes.


I actually did the same thing years ago and published the code:
http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl

--

Jeremy Kister
http://jeremy.kister.net./

[vchkpw] compiling 5.4.2[56] on solaris fails

2007-11-09 Thread Jeremy Kister 

when trying to compile either 5.4.25 or 5.4.26 with:
./configure \
 --disable-md5-passwords \
 --disable-roaming-users \
 --enable-logging=v \
 --disable-rebuild-tcpserver-file \
 --enable-qmail-ext \
 --disable-clear-passwd

on Solaris 9, i see:

gcc -I. -Icdb  -I. -I. -I. -g -O2 -Wall -c vdelivermail.c
vdelivermail.c: In function `run_command':
vdelivermail.c:910: warning: implicit declaration of function `setenv'
gcc -I. -Icdb  -I. -I. -I. -g -O2 -Wall -c maildirquota.c
gcc  -g -O2 -Wall   -o vdelivermail  vdelivermail.o maildirquota.o 
libvpopmail.a  -lcrypt

Undefined   first referenced
 symbol in file
setenv  vdelivermail.o
ld: fatal: Symbol referencing errors. No output written to vdelivermail
collect2: ld returned 1 exit status
make[2]: *** [vdelivermail] Error 1
make[2]: Leaving directory `/usr/local/src/vpopmail-5.4.25'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/src/vpopmail-5.4.25'
make: *** [all] Error 2


vpopmail 5.4.10 compiles correctly.  I didnt try anything in between.

besides the obvious, what's setenv?  Who has this and where?  Is there a 
clear way around this ?


Thanks,

--

Jeremy Kister
http://jeremy.kister.net./


!DSPAM:4734ccc232002518212355!

Re: [vchkpw] compiling 5.4.2[56] on solaris fails

2007-11-12 Thread Jeremy Kister 

On 11/9/2007 4:10 PM, Jeremy Kister wrote:

on Solaris 9, i see:

[...]

vdelivermail.c:910: warning: implicit declaration of function `setenv'

[...]
besides the obvious, what's setenv?  Who has this and where?  Is there a 
clear way around this ?


apparently, setenv isn't near as portable as it should be.

http://gcc.gnu.org/ml/libstdc++/2002-03/msg00379.html

looks like we need to test for setenv vs putenv at configure time.

reading the code, is either necessary?
 setenv("SHELL", "/bin/sh", 1);
 args[0] = "/bin/sh"; args[1] = "-c"; args[2] = prog; args[3] = 0;
 sig_catch(SIGPIPE,SIG_DFL);
 execv(*args,args);

why does the environment variable "SHELL" have to be set for in this case?

--

Jeremy Kister
http://jeremy.kister.net./


!DSPAM:4739364d32008721212671!

Re: [vchkpw] Upgrade to Vpopmail 5.4.26 and .qmail-default issues [ATTN maintainers]

2008-01-02 Thread Jeremy Kister 

On 1/2/2008 11:18 AM, Tom Collins wrote:
>On Jan 2, 2008, at 1:29 AM, Matthew Goodman wrote:

|/var/vpopmail/bin/vdelivermail /var/vpopmail/domains/%d/%u/Maildir



No!  You don't want to do this.

Reminder to everyone in the world -- vdelivermail should only be in  
your .qmail-default file.  Never anywhere else.


When you think you want to use vdelivermail somewhere besides 
.qmail-default, you actually probably want to use maildirdeliver: 
http://www.din.or.jp/~ushijima/maildirdeliver.html .  I've been using 
the code for years - it's quite stable.  It does not support maildir++.


Tom/Rick/Mike/Ken: Since Tetsu asserts copyright, I think we/you should 
ask him if we can include maildirdeliver in the vpopmail distribution, 
and install it just as any other program in ~vpopmail/bin/.


If he declines, we could always rip out the relevant parts of the qmail 
code ourselves and include it as our own version of maildirdeliver.


--

Jeremy Kister
http://jeremy.kister.net./



!DSPAM:477bbe7e310546079645503!