[vchkpw] Re: SOLUTION, Deny the option Roaming-User the a specific Pool of IP

Tue, 27 Aug 2002 17:57:40 -0700 

Hello Bill,

Thank you very much by your suggestion with respect to my problem.

Now I have modified the code of the file vpopmail.c and in addition I have
added a new file pop3.cdb. Perhaps it is good for implementing this option
in the next versions of the vpopmail package. I think that the option of
ALLOWROAMING seems a good option to have a better control of roaming.

Again, Thank you very much.

These were my modification:

file vpopmail.c

#ifdef POP_AUTH_OPEN_RELAY
int open_smtp_relay()
{
        char *allowroaming;
        allowroaming = getenv("ALLOWROAMING");

        if(allowroaming == NULL){
                return(0);
        }

create the new file : /usr/vpopmail/etc/tcp.pop3
192.168.:allow,ALLOWROAMING=""

this is my file /var/qmail/supervise/qmail-pop3d/run

#!/bin/sh
VPOPMAILUID=`id -u vpopmail`
VPOPMAILGID=`id -g vpopmail`
exec /usr/local/bin/tcpserver -l 0 -R -H -v             \
        -x /usr/vpopmail/etc/tcp.pop3.cdb \
        -u"$VPOPMAILUID" -g"$VPOPMAILGID" 0 110       \
        /var/qmail/bin/qmail-popup kerberos.qnet.com.pe     \
        /usr/vpopmail/bin/vchkpw                       \
        /var/qmail/bin/qmail-pop3d Maildir 2>&1

Before, execute this command.
 tcprules /usr/vpopmail/etc/tcp.pop3.cdb /usr/vpopmail/etc/tcp.pop3.tmp <
/us
r/vpopmail/etc/tcp.pop3

Do you have another idea for this topic?


----- Original Message -----
From: "Bill Shupp" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Re: [vchkpw] Deny the option Roaming-User the a specific Pool of IP
Ok, upon rereading your post, I see that I answered a different
question..  ; )

What you are asking for could be done pretty easily, I think.  Just
setup another rules file, like tcp.pop, and add a rule like so:

1.2.3.:allow,ALLOWROAMING='""

This says that only addresses in 1.2.3.0/24 are allowed to roam
(assuming that the the NO_RELAY bit is not set for the user).

Then, in apply this patch to vpopmail.c:

*** vpopmail.c.orig     Tue Aug 20 21:34:34 2002
--- vpopmail.c  Tue Aug 20 21:37:39 2002
***************
*** 2040,2045 ****
--- 2040,2050 ----
   #ifdef POP_AUTH_OPEN_RELAY
   int open_smtp_relay()
   {
+  allowroaming = env_get("ALLOWROAMING");
+  if(!allowroaming) {
+     return(0);
+  }
+
   #ifdef USE_SQL
     vopen_smtp_relay();
     update_rules();


That should prevent roaming users for any ip's that don't have
ALLOWROAMING set.  *Note that this hack forces you to specify which
ranges can roam, and prevents roaming by default.  Also, I haven't
tested this, but it does compile.  So your mileage may vary... ; )

Regards,

Bill Shupp

Reply via email to