Charles Sprickman writes:
On Tue, 4 Nov 2003, Paul L. Allen wrote:
Sqwebmail's filters do this and more. You don't have to use Sqwebmail
for them to take effect, only to define them
Hmmm. I hate the look of that thing,
The cosmetics can be changed. I found the user-interface
I'm going to try to answer both you and Tom at the same time. One of
the few times I didn't bother checking mail at least once after finishing
on Friday night and I have over 300 waiting for me on Monday morning.
Nick Harring writes:
Tom Collins wrote:
For generating a salt, I think we're
Roze writes:
The idea is such: There is an existing user database which I have to move
to a mailsystem (qmail + vpopmail + mysql). All the passwords are
encypted (no way to get plain-text) (with standart CRYPT) though there
is also SALT provided which is 2 first symbols from username.
Nick Harring writes:
Storing cleartext passwords is generally horrible security, so this and
that don't really relate to each other.
Except to the extent that vpopmail now supports cleartext passwords
(I have a vague memory they're needed for CRAM authentication)
I whole heartedly agree.
Reinis Rozitis writes:
To be sure in that way if dont provide previously used salt (in the user
passwords which havent been added using 'vadduser') in crypt will the
authorization through pop work?
Theoretically salt is the first 2 symbols, but will vpopmail (vchkpsw)
understand/use that?
X-Istence writes:
He cant do MD 5 auths, or does vchkpw allow for MD5 auth logins?
If my unreliable memory is not letting me down, it can do CRAM-MD5 if you
have plaintext passwords set. For some versions of vpopmail.
--
Paul Allen
Softflare Support
Nick Harring writes:
That's funny, it looked a lot like signal to me.
Not only did I refer you to a seminal work by Claude Shannon from the
late 1940s, I gave you a summary of the salient details - yet you fail to
understand. A new subscriber to this list who has not checked the
archives, or
Charles Sprickman writes:
I'm finding that autorespond doesn't look like a good choice for people
used to a standard vacation responder
It is a BAD choice for a vacation responder. It lacks many features
ESSENTIAL in a vacation responder. You might as well ask if sticking
your naughty
X-Istence writes:
I agree, that is totally not right. If he thinks he has something great,
let him tell others, it has been quite usefull for quite a few people
that asked me for help.
Claude Shannon. Information Theory. Entropy. Do these things
mean anything to you?
Well, if those
Oliver Etzel - GoodnGo.COM \(R\) writes:
I want to create new users like [EMAIL PROTECTED] NOT with vadduser
BUT with just inserting it via mysql-insert into the vpopmail
database.
OK, you have now explained what you want to use instead. Somebody else
pointed out that the maildir will be
Hans Rakers writes:
Quick question: Using qmail/vpopmail, how can i make mail for things
like [EMAIL PROTECTED] or [EMAIL PROTECTED] go to
one single maildir/account/alias for all my virtual doms, without having
to create .qmail-abuse and .qmail-hostmaster files for all my virtual
doms?
Nick Harring writes:
This isn't actually true. Mysql provides an encrypt() function, which
takes two strings, the password and the salt.
You learn something every day. I'd not enountered that function before.
On linux, and I would guess *BSD as well, when you supply $1$ as the
start of
Oliver Etzel - GoodnGo.COM \(R\) writes:
Oh my god, that is what I was looking for!
There is a lesson to be learned. Next time, tell us where your immediate
problem stands in the overall scheme of things. Something like I'm
trying to add a user from perl by inserting them into the MySQL
Justin Heesemann writes:
i don't now if you are using php or anything like that, but most
languages support some kind of crypt() call.
It is debatable what level of entropy is required for the salt when
generating a password for vpopmail use.
If you want maximum security, and already
Michael Bowe writes:
As far as I know, Courier-IMAP uses it's own functions to auth the
password,
Yes and no. Courier-IMAP and the Courier POP3 server do have their
own authentication routines which are effectively wrappers calling
whatever authentication method you actually use. So if you
J. Kendzorra writes:
Not really your fault - ./configure --help shows:
--enable-tcpserver-file=~vpopmail/etc/tcp.smtp File where tcpserver -x
relay information is stored.
I remember being bitten by this one, long ago.
I already sent mail to someone some time before (don't remember
Michael Bowe writes:
To auth a username/password, Courier-IMAP takes the supplied username
and runs vpopmail's vauth_getpw() to retrieve the user's passwd entry.
Courier-IMAP then crypts the supplied password and compares this against
the (crypted) pw entry supplied by vauth_getpw()
Jesus Ruiz writes:
The problem is that my clients don't want to lose the email they save in
the old server. When we change they account to the new server.
Any suggestion?
Copy the existing mail over. Rsync is your friend...
--
Paul Allen
Softflare Support
Feucht, Florian writes:
Perhaps he did, but locked out CONNECTIONS from that IP for 10
minutes reads differently to me. If Tom had meant what you said, then
I would have expected something like locked out authentication attempts
from that username/IP pair for 10 minutes.
This idea
Jeff Koch writes:
Is there any way to use the commands in /home/vpopmail/bin to setup domain
catch-all accounts?
When I was stuck with this problem quite a while ago I just wrote a bit of
perl to do the job for me. As others suggested in another thread, it was
smart enough to ask for
Feucht, Florian writes:
My idea is to store this information per user, so the others keep
unaffected from locked mailboxes.
Another Possibility is to lock the account only for an specific amount
of time (lets say 10 minutes) after 3 password fails. So if somebody
tries some hardcore brute
Tom Collins writes:
What if the system tracked it by IP, and after three failures locked
out connections from that IP for 10 minutes?
That has problems for companies behind a firewall which use external mail
servers (we have several clients in that situation). All it takes is one
person to
X-Istence writes:
Paul L. Allen wrote:
Tom Collins writes:
What if the system tracked it by IP, and after three failures locked
out connections from that IP for 10 minutes?
[...]
He meant log it on an account AND ip basis.
Perhaps he did, but locked out CONNECTIONS from
Feucht, Florian writes:
is this problem unsolvable, or did i say something wrong?
Doing it the way you suggest, counting failures, means remembering state
somewhere, somehow. If you have a lot of idiot users, this state could
become very large and slow. Also there are two possible denial of
Tom Collins writes:
We essentially need a way to tell autorespond that it's acting as a
vacation responder, or an auto responder.
From the last time I looked at it, autorespond just doesn't have the
smarts necessary. It is designed to respoond to any incoming mail,
no matter what. And for
Hello Red Herring
Nick Harring writes:
This whole argument is ridiculous.
Correct. So far I havw seen only one person post a sensible response,
You are NOT that person...
The correctness of design doesn't really rely on what some random users
first guess of how it should work would be,
A feature request for vaddaliasdomin. I would like a configure option
(best) or a command-line switch (not so good) that reverses the order of
the two arguments. I'd like it for two reasons:
1) It is then the same order as for ln (original, alias) so easier to
remember if they're that way
You don't read so good, do you?
JB writes:
Write a shell script that takes the arguments in the order you want and
pass them to vaddaliasdomain in the order expected,
I already explained that while I am more than capable of coming up with
that idea and implementing it all by myself, that
[EMAIL PROTECTED] writes:
Gotta give this Paul guy a round of applause.
Indeed. I know you meant that ironically, but I understand your
misperceptions.
I have never seen anyone who uses his sheer incompetency as a brutal
attack weapon. Have you ?
Many, many times when I have dealt with
JB writes:
A one line bash script, which I provided
Sorrry, I did not see your attachment in any of your posts. Please
repost it so that we all can benefit and the vpopmail maintainers can
distribute your wonderful script (if they think it is a sensible
solution).
will do the job for
Toasterz Admin writes:
Paul L. Allen wrote:
Toasterz Admin writes:
Actually, you're wrong.
how could i be wrong just because you say it's so.
What a wonderfully compelling argument. How could you possibly be
wrong just because I say so? Ummm, wait, you called me wrong
because YOU
Anders Brander writes:
A bit odd to document,
Damn right. I still haven't figured out a sensible usage message.
but otherwise a fabulous idea.
Bad Anders. Bad, bad, Anders. Letting people do what they find
easiest is BAD. Ask the people who criticised me for suggesting it.
Please
Hi Anders
Anders Brander writes:
I think we should just ignore the old way of calling vaddaliasdomain
in the usage message, in that way new users will adobt the new way of
doing things.
Ummm, that implies that one way is more correct than the other. I do
not believe that to be the case. I
X-Istence writes:
This is my patch, it doesnt allow for both types, but does what you want
:).
It does do what I want, and if that were my only concern I have other
solutions that I could use. I would like both options to be available so
that those who have one preference can get exactly
Hi Anders
Anders Brander writes:
Hummm Or something like:
... the two domains to be aliased ... - without saying which is which,
for the user it doesn't matter much.
Oh Anders, I need rigidly defined areas of doubt and uncertainty! It's
because I'm a boring old fart that I desperately
David McMahon writes:
What's the best way to set up a combo local and vpopmail
system?
One way is to make it entirely virtual. The downside is that your local
users have to configure their mail clients to use [EMAIL PROTECTED] instead
of
just username. The upside is that it's consistent;
Tim Hasson writes:
I am developing a web based interface on it using php/mysql
[...]
My worst fear is of a exploit like the recent SSL v2 vulnerability
where an unautheticated user, or an anonymous user, could just simply
exploit the apache process, and use it as a step stone.
You're
Charles Sprickman writes:
They probably would have gotten an answer had they shown the perms on
their ~vpopmail/bin directory and their ~vpopmail/domains/*/* directories.
Giving information like that always helps. :)
I think polite in this case referred to the I installed it correctly,
so
Jeremy Kitchen writes:
However, qmailadmin also uses this for its 'vacation replies'
Yes, the newer versions do. When I move it to our production servers
the HTML will be hacked to ensure that our users cannot misuse the
autoresponder in this way.
So, there's the dilemma, it appears that
Hi Derek
[Replied to on the list because I think it marginally relevant[
Derek writes:
And, just for future reference, people may be a little more willing to
help you if you're a little more polite with your postings.
OK, polite is eomething I associate with saying Hi Derek at the start -
Hi Anders
Anders Brander writes:
IMHO it's the correct (tm) way to do things. It's not just a fiddle,
it's the best solution. I would say that the setuid-thing is a fiddle.
I think which way you regard as a fiddle depends very much upon what you
do on your system.
I think we confused
Hi Anders
Anders Brander writes:
Extra security? I've always hated the vpopmail model, all users are one
user
It has advantages and disavantages. It means that vpopmail runs under
a dedicated user and group without (at the moment) any need for set-id.
IMAP and POP servers do need setuid
Tom Collins writes:
This is an interesting point and I'd love to find a clean solution to
this issue.
I don't think you'll find a clean solution which doesn't involve set-id.
All the others are messy to administer, like a MySQL username per system
user or adding a special group to every user
Anders Brander writes:
If you add a special group to every user you are back where you started.
I didn't say it was a good solution. I said it was a solution. Compared
to that, a lot of the alternatives look good.
I can't see what's wrong with a mysql user per system user. That would
be
Anders Brander writes:
It could get rather unwieldy if you use MySQL for other things.
Why?
Just a gut feeling that if you have many MySQL users for one purpose
and many more MySQL users who are there purely as a fiddle to allow
vpopmail to work then it could make life difficult to
Ms. Catherine Kouzmanoff writes:
It is a time to call together everyone on this list to insist that Tom
Collins add Ken Jones or another representative from Inter7.
I've been using vpopmail for a few years now and didn't really care who
was in control as long as somebody was. When I saw
dalmata writes:
No need to use bad words.
Those words expressed my feelings exactly; other words would not.
That is a personal attack
Correct. As were her comments about Tom. Her attack was more subtle
but it was still a personal attack. I consider her attack to be worse
than mine
Chris Pugh writes:
If this statement is true then make impartiality the
byword. Total admin control over the project should be
given neither to Tom nor Ken, but to an independent
indiviual, a moderator, not necessarily someone with a
vested interest in the vpopmail project.
But somebody
Mike Miller writes:
Nope. Not using MD5 passwords.
That would explain it then. As Tom said, DES-style crypt ignores
everything
after the first eight characters of the password. MD5-style crypt has a
higher limit, from memory I believe it's something like 126.
--
Paul Allen
Softflare
Mike Miller writes:
Okay, but should it be _allowing_ this as a password or don't you think
that it should reject it?
I think that it is behaving at it is documented to behave and that your
expectations are wrong.
There is a very big difference between 'webmaste' and 'webmaster23445'
in
Mike Miller writes:
Any way to convert an entire large site of cdb files (probably
150 domains) into MD5? Actually coverting is the wrong word [since you
can't do that unless there is clear text passwords], but rather to have it
choose between both MD5 and CRYPT passwords (based on
Mike Miller writes:
I believe what you say (that if I enable MD5 passwords, then it will work
for both),
I didn't say that. I said that if vpopmail were written correctly then
it would work for both.
There should really be a note that it will accept existing crypt
passwords but store
Ken Jones writes:
Since I have been working on vpopmail almost every day
for the last 5 years (including most weekends), it is very
difficult for me to hear people saying I have not done enough
lately. Even during these last 6 months where we have not
made a new devel release
If I had
Robert Kropiewnicki writes:
Do you work for Inter7? Can you speak definitively to the fact that
they've shelved vpopmail for good on their end? No, you can't.
And can you speak definitively to say that they haven't? Despite Ken's
sudden re-appearance here, can you positively, definitely
Robert Kropiewnicki writes:
I've spoken definitively to no such thing. What Ken Jones will do now
that he has been granted admin access (bravo Tom!) is not at the core of
my argument. My argument is that he has done enough in the past for
vpopmail development to warrant his inclusion as an
Hello Rick
Rick Macdougall writes:
I think Tom and Ken have resolved their issues off list
So it appears. Ken has not resolved my issue with his involvement with
vpopmail.
and we
We??? Do you claim to speak for everyone on the list? Surely not
because at best you can speak for everyone
VeNoMouS writes:
[A load of crap]
So you quote the WHOLE of my mail to lecture me about wasting bandwidth
and brainwidth in the mailing list and post it to the mailing list.
Please find a dictionary and look up the meaning of the folliwing words:
hypocrite and moron.
--
Paul Allen
Softflare
VeNoMouS writes:
in short, YES, because how is it related to what any one here reads,
I'm someone here. I'm reading your latest post. Surely, by your own
standards, I have a right to reply to it.
as far as ive seen this has been a post a q and answer forum,
For six months it was a q and
Tom Collins writes:
I'd love to hear from someone who's tried with a recent version, and
whether it worked or failed (and if it did fail, where/how did it fail).
I tried it with 5.3.24 and authdaemon authentication worked fine. I
then had to switch to 5.3.26 because of a bug in 5.3.24 and
Casey Zacek writes:
Basically, I'm looking for any pointers for getting vpopmail,
maildrop, and sqwebmail working together nicely.
Since it's been a long time since you've looked at it, you will probably
be surprised to learn that sqwebmail now supports the generation of
maildrop filter
Hello Peter
Peter Palmreuther writes:
I know a lot of users who are paranoid about giving their passwords
out to anyone.
But obviously not paranoid enough to use non-plain-text authentication
like APOP, which would make it impossible to learn the password *head
shaking*.
And not
Andrej Dragicevic writes:
Here is a sample.
$pwd = \$1\$LObTh\$LcOWUS4U6glAr2vB4oycr0; // this is the vpopmail
password
$decrypted = test;
?php
if ( crypt($decrypted, \$1\$LObTh\$) == $pwd)
echo success!;
else
echo failure!;
?
That approach works but relies upon you
I upgraded from 5.2.1 to 5.3.23 recently to get a fix for the bug in vchkpw
that stopped the authdaemond authentication working. I found that vadduser
has a segmentation fault when I try to add a user (no switchs used). By
not giving the password as a parameter I find that it waits until I
Tom Predmore writes:
Wouldn't 5.2.2 be better to use rather then 5.3.24?
It depends upon how many risks you want to take and how much you
need stuff that's in the 5.3 line but not in 5.2.2.
Sadly, the inter7 link to development versions led me to 5.3.23 and
not 5.3.24. I did have a
Hi nik
nik [tm] writes:
I am sure you have heard this one before,
Yes, but only recently.
I have the problem where once you login to imp (with IMAP) with more
than 5 characters long user part of the email, then all the shorter
usernames cannot login (until I restart the services)
The
Mailing Lists writes:
Hi folks, need an help.
I set up my qmail-vpopmail system to filter mail via maildrop. So i put
this two lines in my .qmail-default file
| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
| /usr/bin/maildropmailfilter
[...]
Obviously, removing the firt line
Hi
jon kutassy writes:
I took the windoze approach and restarted mysql, and its all working
fine!!
Which has the same effect as the suggestion in an earlier reply:
flush privileges, but results in a longer outage of mysql. An
alternative to doing flush privileges from the mysql client is
Hi Benjamin
Benjamin Tomhave writes:
(Cross-posting to vchkpw and qmailadmin mailing lists.)
I'm currently running qmailadmin 1.0.25 and vpopmail 5.3.20 (been waiting
for a 5.4 release). When users login to qmailadmin with their personal,
non-postmaster accounts and create a forward, a
Benjamin Tomhave writes:
.qmail-default in the sofast.net domain root -- it's the standard call of
maildrop ../mailfilter within that file.
Do you have just maildrop or /usr/local/bin/maildrop? That might
not be on vpopmail's path. Is /usr/local/bin/maildrop actually there?
If you cd into
Adam Hooper writes:
[FAQs]
But nobody wants to maintain it! I sure as hell don't, I find it
infuriating. None of the 5 other admins can be bothered with it either.
Users STILL use the faq all the time, with 6-month-old data, but nobody
wants to bother keeping it up to date, because it
Ron Guerin writes:
I don't think spending an evening wandering around Google and hitting
dead links is a substitute for proper documentation.
I would agree there - googling is very much a last resort. And the
whole point of open source is that we all put back in whatever way we
can, so a
Hi Ron
Ron Guerin writes:
There will probably always be gems in the archives that appear nowhere
else. But search the archives should only be the answer for very
recent, or very obscure things that have yet to find their way into the
documentation. Archives should supplement
72 matches
Mail list logo