RE: [vchkpw] How to route local delivery through a separate SMTP spam scanner
It can be done quite easily. Two options: Preferred: Configure webmail to send messages directly to the appliances. Alternatively: Install a dumb SMTP mailer on D that listens on a port other than 25. Configure that dumb-mailer to forward all mail to the appliances. Configure webmail to send messages to the dumb mailer's listening port. webmail -SMTP- D dumb-mailer listening on tcp:125(example) -SMTP- appliances via static SMTP route -SMTP- back to D tcp:25 via static SMTP route for local deliveries -Original Message- From: ISP Lists [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 07, 2008 4:41 PM To: vchkpw@inter7.com Subject: [vchkpw] How to route local delivery through a separate SMTP spam scanner A customer has challenged whether this can be done... Anti-SPAM appliances A, B, and C are available on an internal LAN via DNS round-robin through SMTP at appliance.example.com VPOPMAIL server D is on the same LAN. Customer has had a few local accounts that had their password guessed and spammers sent spam through webmail. S We're considering doing something inline to the delivery process that would 1) accept the authenticated user's email for remote/local delivery, 2) force that delivery off of box D to A-C over SMTP in ALL cases (not just remote), 3) Scan on A-C, 4) return the inbound (local) mail back to D for further delivery to the locals. I realize this is pretty insane, but the customer isn't excited about adding a local spam daemon to D and would like to leverage the investment in the appliances A-C to control for local delivery abuses. The appliances are doing a nice job on SMTP scanning, but the vendor says that their appliance does not have a port listener (like a spamd daemon) that could answer a stream request - thus only SMTP will do. Ideas? THANKS! Dave. !DSPAM:48225904120501078378401!
RE: [vchkpw] vsetuserquota
Do you have a program other than vdelivermail writing the message to your Maildir? I.E. Did you modify the .qmail-default file or create a custom .qmail file for the user? Whatever program actually writes the message to the Maildir is responsible for updating maildirsize. The qmail maildir++ patch is for qmail-local and qmail-pop3d. If qmail-local is not delivering directly to the Maildir and you aren't using qmail's pop3d, there is no need for the patch. And not that it should affect the updating of maildirsize, but if your maildirsize is as you described below, then it is wrong. Mailbox size is specified in bytes with an appended capital S: 10S 0 0 -Original Message- From: Wouter van der Schagt [mailto:[EMAIL PROTECTED] Sent: Monday, April 21, 2008 9:54 AM To: vchkpw@inter7.com Subject: [vchkpw] vsetuserquota Hi all, When i run vsetuserquota domein.com 100k a maildirsize file is created in the Maildir of a popbox. So far so good. The contents of this file, is: 100K 0 0 Since there are no messages in the mailbox at the moment, I assume this is correct. The file is set to vpopmail:vchkpw (chmod 600). I'm assuming this is also correct. Now when a mail is delivered there Qmail 1.03, this file is not updated. Why? When I delete an email thru POP, it is also not updated. Why? I applied the qmail-maildir++ patch that is in the /contrib folder of vpopmail 5.4 Dit i forget to do anything? Sincerely, - Wouter van der Schagt !DSPAM:480e17a2120502112715705!
RE: [vchkpw] vpopmail+mysql
Dhaval, For now, you shouldn't specify the --enable-auth-logging option because it's got bugs up through v5.4.26. Like Quey said, you'll need the mysql-devel package. And as for Fedora on a production server, you might want to consider an alternative. I use CentOS (http://www.centos.org) which is effectively a RHEL production release. -Original Message- From: Quey [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 22, 2008 12:44 AM To: vchkpw@inter7.com Subject: Re: [vchkpw] vpopmail+mysql Why you want to use fedora on a production server I'll never know, but as usual with everything butchered to buggery by RH, you dont have the headers files, so you need to install the -devel packages of mysql (and anything you want to build against), if your not commited try a decent server OS like Slackware or one of the BSD's On 22/04/08 16:22:08, Dhaval Thakar wrote: Dear All, i am trying to compile vpopmail (5.4.24) with mysql I used ./configure --enable-logging=p --enable-auth-module=mysql -- disable-passwd --enable-clear-passwd --disable-many-domains -- enable-auth-logging --enable-sql-logging --enable-valias --disable- mysql-limits --enable-incdir=/usr/lib/mysql --enable-onchange- script --enable-libdir=/var/lib/mysql --enable-libdir=/usr/lib/ mysql vpopmail 5.4.24 Current settings --- vpopmail directory = /home/vpopmail domains directory = /home/vpopmail/domains uid = 508 gid = 503 roaming users = OFF --disable-roaming-users (default) password learning = OFF --disable-learn-passwords (default) md5 passwords = ON --enable-md5-passwords (default) file locking = ON --enable-file-locking (default) vdelivermail fsync = OFF --disable-file-sync (default) make seekable = ON --enable-make-seekable (default) clear passwd = ON --enable-clear-passwd (default) user dir hashing = ON --enable-users-big-dir (default) address extensions = OFF --disable-qmail-ext (default) ip alias = OFF --disable-ip-alias-domains (default) onchange script = ON --enable-onchange-script auth module = mysql --enable-auth-module=mysql mysql replication = OFF --disable-mysql-replication (default) sql logging = ON --enable-sql-logging mysql limits = OFF --disable-mysql-limits (default) SQL valias table = ON --enable-valias auth inc = -I/usr/lib/mysql auth lib = -L/usr/lib/mysql -lmysqlclient -lz -lm system passwords = OFF --disable-passwd (default) pop syslog = show failed attempts with clear text password -- enable-logging=p auth logging = ON --enable-auth-logging (default) one domain per SQL table = --disable-many-domains spamassassin = OFF --disable-spamassassin (default) maildrop = OFF --disable-maildrop (default) during make, i am getting following error vauth.c:33:19: error: mysql.h: No such file or directory vauth.c:40: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'mysql_update' vauth.c:41: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'mysql_read_getall' vauth.c:59: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token vauth.c:60: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token vauth.c:68: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'row' vauth.c:69: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'row_getall' vauth.c: In function 'vauth_open_update': vauth.c:206: warning: implicit declaration of function 'mysql_ping' vauth.c:206: error: 'mysql_update' undeclared (first use in this function) vauth.c:206: error: (Each undeclared identifier is reported only once vauth.c:206: error: for each function it appears in.) vauth.c:212: warning: implicit declaration of function 'mysql_init' vauth.c:213: warning: implicit declaration of function 'mysql_options' vauth.c:213: error: 'MYSQL_OPT_CONNECT_TIMEOUT' undeclared (first use in this function) vauth.c:216: warning: implicit declaration of function 'mysql_real_connect' vauth.c:226: warning: implicit declaration of function 'mysql_select_db' vauth.c:230: warning: implicit declaration of function 'mysql_query' vauth.c:236: warning: implicit declaration of function 'mysql_error' vauth.c:236: warning: format '%s' expects type 'char *', but argument 4 has type 'int' vauth.c: In function 'vauth_open_read_getall': vauth.c:316: error: 'mysql_read_getall' undeclared (first use in this function) vauth.c: In function 'vauth_create_table': vauth.c:343: error: 'mysql_update' undeclared (first use in this function) vauth.c:346: warning: format '%s' expects type 'char *', but argument 4 has type 'int' vauth.c: In function 'vauth_adduser': vauth.c:428: error: 'mysql_update' undeclared (first use in this function) vauth.c:429: warning: format '%s' expects type 'char *', but argument 3 has type 'int' vauth.c: In function 'vauth_getpw': vauth.c:480: error: 'mysql_update' undeclared (first use
RE: [vchkpw] rcpthosts file
Vpopmail does not rebuild either rcpthosts or morercpthosts from its own
database. It simply add and removes lines as necessary. So, any changes
that you make to either should stick.
I patched vpopmail.c so that it would never add to rcpthosts and therefore
only add to morercpthosts. I did this because I want to maintain a
one-to-one relationship between rcpthosts and locals and a one-to-one
relationship between morercpthosts and virtualdomains. There really isn't a
functional difference. It is just a personal preference.
The patch only changes the line that evaluates the number of lines in the
rcpthosts file. So, vpopmail can potentially still remove lines from
rcpthosts if it sees fit to do so.
--- vpopmail.orig/vpopmail.c2007-10-31 07:55:39.0 +
+++ vpopmail.patched/vpopmail.c 2008-04-15 19:36:44.0 +
@@ -1026,7 +1026,7 @@
/* If we have more than 50 domains in rcpthosts
* make a morercpthosts and compile it
*/
- if ( count_rcpthosts() = 50 ) {
+ if ( count_rcpthosts() = 0 ) {
snprintf(tmpstr1, sizeof(tmpstr1), %s/control/morercpthosts,
QMAILDIR);
if (update_file(tmpstr1, alias_domain, 2) !=0) {
fprintf (stderr, Failed while attempting to update_file() the
morercpthosts file\n);
-Original Message-
From: Wouter van der Schagt [mailto:[EMAIL PROTECTED]
Sent: Friday, April 18, 2008 2:46 AM
To: vchkpw@inter7.com
Subject: [vchkpw] rcpthosts file
Hi all, it's me again, i've another question.
Can i update the rcpthosts file manually without running the risk that
vpopmail will
update and overwrite it when some changes are made by other users? Or can i
include my manual changes in some kind of include file?
- Wouter
!DSPAM:4808dbbc120501019894531!
[vchkpw] ezmlm + vpopmail + qmailadmin
Quick questions: Which version of ezmlm should I be using? ezmlm 0.53, ezmlm-idx 0.44, ezmlm-idx 5.1.2, or something else? Does ezmlm need to be installed before either vpopmail or qmailadmin? I.E. Do I need to recompile/reinstall either after ezmlm? Thx. !DSPAM:4808e911120505998911410!
[vchkpw] vlist delete - didn't remove the .qmail files
./vlist delete ... did not delete the .qmail- files that were created by ./vlist create ... It did delete the list's directory though. Is it normal to delete the directory, but not the .qmail- files? I'm running vpopmail v5.4.26d. !DSPAM:48091f90120501687114868!
RE: [vchkpw] One char username too short. Why?
Would the --disable-users-big-dir option allow single character usernames? -Original Message- From: Rick Macdougall [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 16, 2008 4:11 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] One char username too short. Why? D. Hilbig wrote: vadduser will not let me create a mailbox where the username part is just one letter (eg. [EMAIL PROTECTED]). Is there a valid reason why one letter is too short? Hi, Because vpopmails hashing function uses A-z and 0-9 for subdirectories, each a single character. Hence there would be no way to tell if d was a subdir or a valid user. Regards, Rick !DSPAM:4807a243120501369914931!
[vchkpw] One char username too short. Why?
vadduser will not let me create a mailbox where the username part is just one letter (eg. [EMAIL PROTECTED]). Is there a valid reason why one letter is too short? !DSPAM:48066c87120501548318851!
[vchkpw] One char username too short. Why?
vadduser will not let me create a mailbox where the username part is just one letter (eg. [EMAIL PROTECTED]). Is there a valid reason why one letter is too short? !DSPAM:480674c7120501923314913!
RE: [vchkpw] One char username too short. Why?
I asked if there is a valid reason why one is too short? I.E. An RFC standard, etc. I already know that vpopmail's minimum length is two characters. As far as I know, a length of one character is valid and if this is true than vpopmail has a bug. -Original Message- From: Remo Mattei [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 16, 2008 3:02 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] One char username too short. Why? I think the min is 2 letters.. Remo D. Hilbig wrote: vadduser will not let me create a mailbox where the username part is just one letter (eg. [EMAIL PROTECTED]). Is there a valid reason why one letter is too short? !DSPAM:480689bd120501620219895!
RE: [vchkpw] qmailadmin
I don't think the developers have updated qmailadmin to include that feature. John Simpson has a patch for qmailadmin which may work for you: http://qmail.jms1.net/vpopmail/ -Original Message- From: Lampa [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 16, 2008 11:34 AM To: vchkpw@inter7.com Subject: [vchkpw] qmailadmin Hello, qmailadmin is not calling vpopmaild functions ? Eg. script onchange is not fired ? Thank you. -- Lampa !DSPAM:48068abf120501640819354!
RE: [vchkpw] not auto-learning passwords
Since it is impossible to auto-learn the password from CRAM-MD5, this means 'vchkpw' (v5.4.26d) has a bug because it wrote the md5 hash to the database as the password. -Original Message- From: Tom Collins [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 10:00 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] not auto-learning passwords On Apr 14, 2008, at 3:46 PM, D. Hilbig wrote: If I do a plaintext login which will check against the hashed password stored in the SQL table, I can login with any password. However, a CRAM-MD5 login (which checks against the clear password) with any password will fail. If both the hashed password and clear password in the SQL table are NULL (empty), I'd expect the behavior to be the same regardless of CRAM- MD5 or plaintext. IIRC, this was intentional. It's impossible to learn a password via CRAM-MD5, so we fail until we can learn a password through some other method. Password learning happens in vchkpw, but I guess it should move into vpopmail so any app calling the API can have a password learned. And to those who recommend Dovecot, it probably doesn't do learning either, for the same reasons. I just checked courier 3.0.8, and it looks like it should update the password... I checked dovecot 1.0.10, and found this, Thanks to Courier-IMAP for showing how the vpopmail API should be used. It doesn't appear to have code that updates the password. Unfortunately, there's no way to update libvpopmail to have it learn the password. We'll have to update the individual apps (courier and dovecot) and get the maintainers to accept the changes into the next release. -Tom !DSPAM:4804f67f120501138613384!
[vchkpw] skeleton dir patch
Any chance of including John Simpson's skeleton dir patch in the next vpopmail release? Just a thought... !DSPAM:4804fabf120501900716385!
RE: [vchkpw] not auto-learning passwords
Since Courier's authentication functions are now external to its IMAP and POP3 services, the results are always going to be the same. I also just discovered another bug when testing the auto-learning password feature. It has to do with CRAM-MD5 authentication. If I do a plaintext login which will check against the hashed password stored in the SQL table, I can login with any password. However, a CRAM-MD5 login (which checks against the clear password) with any password will fail. If both the hashed password and clear password in the SQL table are NULL (empty), I'd expect the behavior to be the same regardless of CRAM-MD5 or plaintext. Well, I'm going to upgrade to v5.4.26d and then recompile Courier-auth. I'll let you know if anything changes. Wouldn't it be funny if the --enable-sql-logging option which reportedly is the cause of another problem I'm having is also the source of this problem? -Original Message- From: Ken Jones [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 12:53 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] not auto-learning passwords Try logging in with pop3 and see if the password gets learned. note that you should recompile courier-imap if you change vpopmail's configure options. courier statically links the vpopmail library. -- Ken Jones !DSPAM:4803e001120509851213893!
FW: [vchkpw] not auto-learning passwords
Even with v5.4.26d the problem persists. Courier-Authlib's authchkvpw simply will not auto-learn the password when performing a plaintext login and authentication will simply fail when doing a CRAM-MD5 login. On the plus side, the vchkpw executable that I'm using with qmail-smtpd does auto-learn the password. Unfortunately, many of my users don't authenticate to SMTP so I'm dependent on Authlib to do the auto-learn. -Original Message- From: D. Hilbig [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 3:46 PM To: vchkpw@inter7.com Subject: RE: [vchkpw] not auto-learning passwords Since Courier's authentication functions are now external to its IMAP and POP3 services, the results are always going to be the same. I also just discovered another bug when testing the auto-learning password feature. It has to do with CRAM-MD5 authentication. If I do a plaintext login which will check against the hashed password stored in the SQL table, I can login with any password. However, a CRAM-MD5 login (which checks against the clear password) with any password will fail. If both the hashed password and clear password in the SQL table are NULL (empty), I'd expect the behavior to be the same regardless of CRAM-MD5 or plaintext. Well, I'm going to upgrade to v5.4.26d and then recompile Courier-auth. I'll let you know if anything changes. Wouldn't it be funny if the --enable-sql-logging option which reportedly is the cause of another problem I'm having is also the source of this problem? -Original Message- From: Ken Jones [mailto:[EMAIL PROTECTED] Sent: Monday, April 14, 2008 12:53 PM To: vchkpw@inter7.com Subject: Re: [vchkpw] not auto-learning passwords Try logging in with pop3 and see if the password gets learned. note that you should recompile courier-imap if you change vpopmail's configure options. courier statically links the vpopmail library. -- Ken Jones !DSPAM:48042211120501531621075!
[vchkpw] errors with 'vdeluser'
Whether I run as root or vpopmail, the same error occurs. When I run: ./vdeluser [EMAIL PROTECTED] I receive: Failed to delete user from auth backend Error: Illegal username But it does seem to delete the user from the database because when I run it again: ./vdeluser [EMAIL PROTECTED] I receive: Error: User does not exist Also, it doesn't delete the user's mailbox directory. After I manually delete it, I can run ./vadduser [EMAIL PROTECTED] without error. Why is this? I'm using vpopmail with mysql. It is a fresh install of vpopmail v5.4.25 on CentOS v5.1 (x86 32-bit) with the following configuration options: ./configure --enable-learn-passwords \ --enable-onchange-script \ --enable-spamassassin \ --enable-spamc-prog=/usr/bin/spamc \ --enable-auth-module=mysql \ --enable-sql-logging \ --enable-mysql-limits \ --enable-valias And, since I'm new to vpopmail, should I be logged in as the root or vpopmail user for all the user-mailbox administration commands? !DSPAM:480139b3120501092519218!
[vchkpw] not auto-learning passwords
I configured vpopmail v5.4.25 with the --enable-learn-passwords option. I created a user without a password: ./vadduser -n [EMAIL PROTECTED] I then logged into Courier-IMAP's pop3d-ssl with: USER [EMAIL PROTECTED] PASS anything and it let me login. I then did it again but with a different password and I was able to login again. I looked in the mysql table vpopmail.vpopmail to see that the password field wasn't updated. What's going on here? Where is the failure? Hopefully not a short between the floor and the keyboard. ;) vpopmail v5.4.25 on CentOS Linux v5.1 (x86 32-bit). My configuration options: ./configure --enable-learn-passwords \ --enable-onchange-script \ --enable-spamassassin \ --enable-spamc-prog=/usr/bin/spamc \ --enable-auth-module=mysql \ --enable-sql-logging \ --enable-mysql-limits \ --enable-valias !DSPAM:48013e51120505172610489!
