RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-10 Thread Jonas Pasche 
Hi Ben,

> In my setup, I see the tcp.smtp.cdb file getting updated regularly, seeming
> to indicate perhaps that the pop-before-smtp may actually be working.  Is
> there anyway to verify the contents of the cdb file to see if it actually
> matches with the current relay table contents?

To check if a IP address is listed:

TCPREMOTEIP= tcprulescheck tcp.smtp.cdb

Example for an IP that's allowed to relay:

$ TCPREMOTEIP=62.226.202.17 tcprulescheck /etc/tcp.smtp.cdb 
rule 62.226.202.17:
set environment variable RELAYCLIENT=
set environment variable RBLSMTPD=
allow connection

Or use cdbdump from the cdb package to dump the whole .cdb file:

http://cr.yp.to/cdb/cdbmake.html

Jonas

RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-10 Thread Benjamin Tomhave 
In my setup, I see the tcp.smtp.cdb file getting updated regularly, seeming
to indicate perhaps that the pop-before-smtp may actually be working.  Is
there anyway to verify the contents of the cdb file to see if it actually
matches with the current relay table contents?

> -Original Message-
> From: Jonas Pasche [mailto:[EMAIL PROTECTED]
> Sent: Sunday, March 09, 2003 8:27 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [vchkpw] tcp.smtp file perms/owns for
> -enable-roaming-users?
>
>
> Hi Jesse,
>
> > I may just be mouthing off again, but I gather from the last
> paragraph in
> > INSTALL that vpopmail may not even bother with vpopmail/etc/tc.smtp and
> > open-smtp anymore.
>
> vpopmail never writes to tcp.smtp. It need read access to that file when
> building tcp.smtp.cdb.
>
> vpopmail writes open-smtp if you have configured it for roaming users,
> but without MySQL support.
>
> vpopmail writes tcp.smtp.cdb, if you have configured it for roaming
> users, independent of wheter you have enabled MySQL support or not.
>
> > I think the default may be to assume that since you're
> > using MySQL, you should use Matt Simerson's tcpserver-mysql
> patch. The relay
> > table is certainly populated in my database, but the
> vpopmail/etc/tcp.smtp.cdb
> > is NOT generated.
>
> I bet on write permissions.
>
> > Personally, I don't have any qualms about vpopmail defaulting to MySQL
> > based tcpserver relay control when I'm using MySQL.
>
> It actually doesn't.
>
> > However, I strongly
> > disagree with the INSTALL wording if that's the case! It makes it sound
> > like Matt's patch is only "suggested", but it honestly seems to
> be REQUIRED
> > when mysql support is enabled in vpopmail.
>
> The INSTALL file is right. Don't blame it just because your setup didn't
> work. You simply didn't care about the permissions on tcp.smtp.cdb -
> it's obvious that vpopmail can't write to that file if it's only
> writable by root while you don't have vchkpw running as root.
>
> Jonas
>
>

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jonas Pasche 
Hi Jesse,

> It seems to me that the whole ./configure autodetect of tcp.smtp is
> hokey. I think it would make more sense to specify in the
> INSTALL docs and in the configure script that there is a DEFAULT
> location for tcp.smtp.

The configure script does that, if you run "./configure --help".

> Clearly /etc doesn't work real well because
> of the default permissions, so I'd suggest "~vpopmail/etc".

That _is_ the default location; it just doesn't get used in most cases
because of a clumsy check, as I mentioned before.

> Then, allow that default to be explicitly overridden by a configure
> option like "--path-to-tcp-smtp=blah".

That's already the case; again issue "./configure --help", or read the
FAQ entry #8.

> We could keep the current configure behavior and just make sure that
> we document it in install, but I think trying to explain the
> configure behavior would really confuse some people.

Has my elaboration been confusing? ;-)

IMHO, it's just the problem that users don't know about that "three
location" thing without reading the configure script, thus expecting
tcp.smtp file in the wrong place.

> What do you think?

I really wonder that this question hasn't come up earlier. ;-)

Jonas

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jesse Guardiani 
- Original Message -
From: "Jonas Pasche" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, March 09, 2003 1:39 PM
Subject: Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?


> Hi Jesse,
>
> > First off, I didn't write the text you just replied to. That was written by the 
> > other gentleman.
>
> You're absolutely right; my further posting should have been started
> with "Hi Benjamin". :-)
>
> > -- begin --
> > 4. How do I allow roaming users to use our smtp server without opening
> >the machine up to everyone on the internet?
> >
> >Your startup script for the qmail smtp server must use the
> >tcpserver -x file command similar to this startup line.
> >
> > env - PATH="/var/qmail/bin:/usr/local/bin" \
> > tcpserver -H -R -x /path/to/vpopmail/etc/tcp.smtp.cdb \
> > -c20 -u504 -g503 0 smtp \
> > /var/qmail/bin/qmail-smtpd 2>&1 > /dev/null &
> > -- end --
> >
> >
> > This clearly implies that the tcp.smtp.cdb file is to be created by
> > vpopmail (or clearopensmtp) in the /path/to/vpopmail/etc/ directory.
>
> I agree that it can be understood that way. However, most users (at
> least the users that used "Life with qmail" to install qmail) have the
> tcp.smtp.cdb in /etc, and the line you quoted simply is confusing and
> should have included "/path/to/whereever/you/have/tcp.smtp.cdb".
>
> The trick is within the configure script. It reads:
>
> --- begin ---
> [...]
> tcpserver_file=""
> for f in "$vpopmaildir"/etc/tcp.smtp /etc/tcp.smtp /etc/tcprules.d/qmail-smtpd
> do
> if test -f $f
> then
> tcpserver_file=$f
> break
> fi
> done
> [...]
> --- end ---
>
> So it looks (in exactly in that order) for:
>
> 1) "$vpopmaildir"/etc/tcp.smtp
> 2) /etc/tcp.smtp
> 3) /etc/tcprules.d/qmail-smtpd
>
> Remember, we're at _compile_ time.
>
> When doing a fresh install, there isn't a tcp.smtp file in 1) in nearly
> all cases, but in 2). That's why vpopmail then adapts itself to use
> /etc/tcp.smtp and writes to /etc/tcp.smtp.cdb and not to
> ~vpopmail/etc/tcp.smtp.cdb.

Ah. I see now.

It seems to me that the whole ./configure autodetect of tcp.smtp is hokey. I think it 
would make more sense to specify in the
INSTALL docs and in the configure script that there is a DEFAULT location for 
tcp.smtp. Clearly /etc doesn't work real well because
of the default permissions, so I'd suggest "~vpopmail/etc". Then, allow that default 
to be explicitly overridden by a configure
option like "--path-to-tcp-smtp=blah".

Then the FAQ entry would be correct, but we could add a note that the default setting 
can be overridden.

Or

We could keep the current configure behavior and just make sure that we document it in 
install, but I think trying to explain the
configure behavior would really confuse some people.

What do you think?

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jonas Pasche 
Hi Jesse,

> First off, I didn't write the text you just replied to. That was written by the 
> other gentleman.

You're absolutely right; my further posting should have been started
with "Hi Benjamin". :-)

> -- begin --
> 4. How do I allow roaming users to use our smtp server without opening
>the machine up to everyone on the internet?
> 
>Your startup script for the qmail smtp server must use the
>tcpserver -x file command similar to this startup line.
> 
> env - PATH="/var/qmail/bin:/usr/local/bin" \
> tcpserver -H -R -x /path/to/vpopmail/etc/tcp.smtp.cdb \
> -c20 -u504 -g503 0 smtp \
> /var/qmail/bin/qmail-smtpd 2>&1 > /dev/null &
> -- end --
> 
> 
> This clearly implies that the tcp.smtp.cdb file is to be created by
> vpopmail (or clearopensmtp) in the /path/to/vpopmail/etc/ directory.

I agree that it can be understood that way. However, most users (at
least the users that used "Life with qmail" to install qmail) have the
tcp.smtp.cdb in /etc, and the line you quoted simply is confusing and
should have included "/path/to/whereever/you/have/tcp.smtp.cdb".

The trick is within the configure script. It reads:

--- begin ---
[...]
tcpserver_file=""
for f in "$vpopmaildir"/etc/tcp.smtp /etc/tcp.smtp /etc/tcprules.d/qmail-smtpd
do
if test -f $f
then
tcpserver_file=$f
break
fi
done
[...]
--- end ---

So it looks (in exactly in that order) for:

1) "$vpopmaildir"/etc/tcp.smtp
2) /etc/tcp.smtp
3) /etc/tcprules.d/qmail-smtpd

Remember, we're at _compile_ time.

When doing a fresh install, there isn't a tcp.smtp file in 1) in nearly
all cases, but in 2). That's why vpopmail then adapts itself to use
/etc/tcp.smtp and writes to /etc/tcp.smtp.cdb and not to
~vpopmail/etc/tcp.smtp.cdb.

If you already have a vpopmail installation and a tcp.smtp in
~vpopmail/etc/, and then do a new ./configure (after "make clean"),
vpopmail will find the file in location 1), where it has write access
without hassles.

> vpopmail clearly has write access. Yet a .cdb file was not created.

vpopmail tried to create/update the .cdb file in /etc, which couldn't
work without a permission change.

> I even copied my /etc/tcp.smtp file here and ran clearopensmtp.
> No .cdb file.

As the location of the file is set at _compile_ time, moving files
around at _run_ time doesn't affect anything.

> So, I ask again: Does vpopmail now neglect to build a .cdb file when
> --enable-roaming-users=y and --with-mysql are specified at
> configure time?

No.

> Or is the FAQ incorrect, and vpopmail now tries to build the .cdb in
> my /etc directory?

It does. The FAQ suggests a path corresponding to location 1), while on
most systems location 2) has been automatically chosen. That's in fact
confusing and should be updated to make it clearer that the location
depends on the compile time setting.

However, ./configure is kind enough to tell you which location it uses:

# ./configure --enable-roaming-users
[...]
   vpopmail 5.2.1   
Current settings
---

vpopmail directory = /home/vpopmail
   uid = 89
   gid = 89
  ip alias = OFF --enable-ip-alias-domains=n (default)
address extentions = OFF --enable-qmail-ext=n (default)
 roaming users = ON  --enable-roaming-users=y
tcpserver file = /etc/tcp.smtp <<< LOOK HERE
open_smtp file = /home/vpopmail/etc/open-smtp
user quota = OFF --enable-defaultquota=NOQUOTA default
table optimization = many domains --enable-many-domains=y default
   auth module = cdb default
  system passwords = OFF --enable-passwd=n default
  file locking = ON  --enable-file-locking=y default
 file sync = OFF --enable-file-sync=n default disable
vdelivermail fsync
  auth logging = ON  --enable-auth-logging=y default
 mysql logging = OFF --enable-mysql-logging=n default
  clear passwd = ON  --enable-clear-passwd=y (default)
 valias processing = OFF --enable-valias=n
pop syslog = show only failure attempts
 --enable-logging=e default
default domain =  --enable-default-domain=
  auth inc = -Icdb
  auth lib = 

The "default" setting is still ~vpopmail/etc/tcp.smtp, but it's obvious
that vpopmail cannot use that file if it doesn't exist (yet) - which is
the reason it chose the second location (/etc/) as the alternative.

Jonas

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jesse Guardiani 
- Original Message -
From: "Jonas Pasche" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, March 09, 2003 10:17 AM
Subject: RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?


> Hi Jesse,
>
> > His ~vpopmail/etc/open-smtp a file I should have manually created at
> > some point in time (touch open-smtp)?
>
> No. As you use the MySQL backend, there is no need for that file. You
> should have mentioned in your first post that you're using MySQL as a
> backend.

I did.


>
> Rule of thumb: If you did anything other besides a plain "./configure"
> when compiling qmail, let us know your configure line if you post a
> question, or tell us about ("I have compiled vpopmail with roaming users
> support and the MySQL backend"); it prevents unneccessary confusion.

I considered posting my configure statement, but I figured that just mentioning that I 
use MySQL should do the trick. I have a very
long configure statement, and I figured it would probably just confuse some people.


>
> > Where I'm also
> > lost, then, is that my /etc/tcp.smtp and /etc/tcp.smtp.cdb files are both
> > owned by root:root at present (this seems incorrect to me) and are both
> > chmod 644.
>
> The tcp.smtp.cdb file has to writable to the user that handles the POP3
> session for the authenticed user. In many cases, this is
> vpopmail.vchkpw, but it might be another user if you created domains
> with the "-u " argument.
>
> Try "chown vpopmail.vchkpw /etc/tcp.smtp.cdb" first and see if it works.

First off, I didn't write the text you just replied to. That was written by the other 
gentleman.

Second, take a look at this excerpt from the FAQ file in the root of my vpopmail 5.2.1 
distribution:

-- begin --
4. How do I allow roaming users to use our smtp server without opening
   the machine up to everyone on the internet?

   Your startup script for the qmail smtp server must use the
   tcpserver -x file command similar to this startup line.

env - PATH="/var/qmail/bin:/usr/local/bin" \
tcpserver -H -R -x /path/to/vpopmail/etc/tcp.smtp.cdb \
-c20 -u504 -g503 0 smtp \
/var/qmail/bin/qmail-smtpd 2>&1 > /dev/null &
-- end --


This clearly implies that the tcp.smtp.cdb file is to be created by vpopmail (or 
clearopensmtp) in the /path/to/vpopmail/etc/
directory. Here are my permissions for that directory:

drwxr-xr-x   2 vpopmail  vchkpw  512 Mar  7 19:42 ./
drwxr-xr-x  11 vpopmail  vchkpw  512 Feb  6 15:16 ../
-rw-r--r--   1 vpopmail  vchkpw   30 Dec 12 09:31 inc_deps
-rw-r--r--   1 vpopmail  vchkpw   78 Dec 12 09:31 lib_deps

vpopmail clearly has write access. Yet a .cdb file was not created. I even copied my 
/etc/tcp.smtp file here and ran clearopensmtp.
No .cdb file.

So, I ask again: Does vpopmail now neglect to build a .cdb file when 
--enable-roaming-users=y and --with-mysql are specified at
configure time? If this is the case, then the INSTALL AND FAQ files need to note this.

Or is the FAQ incorrect, and vpopmail now tries to build the .cdb in my /etc 
directory? If that's the case, the documentation is
still incorrect, and it needs to be updated.

Thanks for replying!

Jesse


>
> Jonas
>
>
>

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jonas Pasche 
Hi Jesse,

> I may just be mouthing off again, but I gather from the last paragraph in
> INSTALL that vpopmail may not even bother with vpopmail/etc/tc.smtp and
> open-smtp anymore.

vpopmail never writes to tcp.smtp. It need read access to that file when
building tcp.smtp.cdb.

vpopmail writes open-smtp if you have configured it for roaming users,
but without MySQL support.

vpopmail writes tcp.smtp.cdb, if you have configured it for roaming
users, independent of wheter you have enabled MySQL support or not.

> I think the default may be to assume that since you're
> using MySQL, you should use Matt Simerson's tcpserver-mysql patch. The relay
> table is certainly populated in my database, but the vpopmail/etc/tcp.smtp.cdb
> is NOT generated.

I bet on write permissions.

> Personally, I don't have any qualms about vpopmail defaulting to MySQL
> based tcpserver relay control when I'm using MySQL.

It actually doesn't.

> However, I strongly
> disagree with the INSTALL wording if that's the case! It makes it sound
> like Matt's patch is only "suggested", but it honestly seems to be REQUIRED
> when mysql support is enabled in vpopmail.

The INSTALL file is right. Don't blame it just because your setup didn't
work. You simply didn't care about the permissions on tcp.smtp.cdb -
it's obvious that vpopmail can't write to that file if it's only
writable by root while you don't have vchkpw running as root.

Jonas

RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jonas Pasche 
Hi Jesse,

> His ~vpopmail/etc/open-smtp a file I should have manually created at
> some point in time (touch open-smtp)?

No. As you use the MySQL backend, there is no need for that file. You
should have mentioned in your first post that you're using MySQL as a
backend.

Rule of thumb: If you did anything other besides a plain "./configure"
when compiling qmail, let us know your configure line if you post a
question, or tell us about ("I have compiled vpopmail with roaming users
support and the MySQL backend"); it prevents unneccessary confusion.

> Where I'm also
> lost, then, is that my /etc/tcp.smtp and /etc/tcp.smtp.cdb files are both
> owned by root:root at present (this seems incorrect to me) and are both
> chmod 644.

The tcp.smtp.cdb file has to writable to the user that handles the POP3
session for the authenticed user. In many cases, this is
vpopmail.vchkpw, but it might be another user if you created domains
with the "-u " argument.

Try "chown vpopmail.vchkpw /etc/tcp.smtp.cdb" first and see if it works.

Jonas

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-09 Thread Jonas Pasche 
Hi Jesse,

> I'm a little confused about this myself...
> Does 'open-smtp' not get created if you have mysql support enabled?

No; IP adresses that are allowed to relay are written into the "relay"
table.

Jonas

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-07 Thread Jesse Guardiani 
On Friday 07 March 2003 19:55, Benjamin Tomhave wrote:
> His ~vpopmail/etc/open-smtp a file I should have manually created
> at some point in time (touch open-smtp)?  It does not currently exist, and
> probably explains why the pop-before-smtp has never functioned.  I'm going
> to assume this file should be owned by vpopmail:vchkpw.  Where I'm also
> lost, then, is that my /etc/tcp.smtp and /etc/tcp.smtp.cdb files are both
> owned by root:root at present (this seems incorrect to me) and are both
> chmod 644.
>
> I am, btw, using a mysql backend, too...I second Jesse's comments...

I may just be mouthing off again, but I gather from the last paragraph in
INSTALL that vpopmail may not even bother with vpopmail/etc/tc.smtp and
open-smtp anymore. I think the default may be to assume that since you're
using MySQL, you should use Matt Simerson's tcpserver-mysql patch. The relay
table is certainly populated in my database, but the vpopmail/etc/tcp.smtp.cdb
is NOT generated.

Personally, I don't have any qualms about vpopmail defaulting to MySQL
based tcpserver relay control when I'm using MySQL. However, I strongly
disagree with the INSTALL wording if that's the case! It makes it sound
like Matt's patch is only "suggested", but it honestly seems to be REQUIRED
when mysql support is enabled in vpopmail.

I have now installed Matt's patch in my tcpserver. 


>
> > -Original Message-
> > From: Jonas Pasche [mailto:[EMAIL PROTECTED]
> > Sent: Friday, March 07, 2003 3:36 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [vchkpw] tcp.smtp file perms/owns for
> > -enable-roaming-users?
> >
> >
> > Hi Ben,
> >
> > > Apologies if this is already answered elsewhere -- I didn't see
> >
> > it.  What
> >
> > > should the file permissions and ownership be for the tcprules
> >
> > tcp.smtp file
> >
> > > in order to enable vpopmail pop-before-smtp roaming user
> >
> > support?  In other
> >
> > > words, for qmail/vpopmail to temporarily add an IP address for
> > > pop-before-stmp temp-relay support, what setup do I need?
> >
> > vpopmail doesn't need to write to tcp.smtp (as you can see, the file
> > never changes, even not without roaming users). tcp.smtp only contains
> > _static_ rules for allowing/disallowing connections and relaying.
> >
> > vpopmail saves relaying information in ~vpopmail/etc/open-smtp, and it
> > creates tcp.smtp.cdb (which is used by tcpserver) from both tcp.smtp and
> > open-smtp.
> >
> > In short, you need:
> >
> > - read permissions on tcp.smtp
> > - write permissions on tcp.smtp.cdb
> >
> > Judge for yourself if relaying data is sensible or not, to decide if you
> > want these files to be group- or world-readable, or not.
> >
> > Jonas

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net

We are actively looking for companies that do a lot of long
distance faxing and want to cut their long distance bill by
up to 50%.  Contact [EMAIL PROTECTED] for more info.

RE: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-07 Thread Benjamin Tomhave 
His ~vpopmail/etc/open-smtp a file I should have manually created at
some point in time (touch open-smtp)?  It does not currently exist, and
probably explains why the pop-before-smtp has never functioned.  I'm going
to assume this file should be owned by vpopmail:vchkpw.  Where I'm also
lost, then, is that my /etc/tcp.smtp and /etc/tcp.smtp.cdb files are both
owned by root:root at present (this seems incorrect to me) and are both
chmod 644.

I am, btw, using a mysql backend, too...I second Jesse's comments...

> -Original Message-
> From: Jonas Pasche [mailto:[EMAIL PROTECTED]
> Sent: Friday, March 07, 2003 3:36 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [vchkpw] tcp.smtp file perms/owns for
> -enable-roaming-users?
>
>
> Hi Ben,
>
> > Apologies if this is already answered elsewhere -- I didn't see
> it.  What
> > should the file permissions and ownership be for the tcprules
> tcp.smtp file
> > in order to enable vpopmail pop-before-smtp roaming user
> support?  In other
> > words, for qmail/vpopmail to temporarily add an IP address for
> > pop-before-stmp temp-relay support, what setup do I need?
>
> vpopmail doesn't need to write to tcp.smtp (as you can see, the file
> never changes, even not without roaming users). tcp.smtp only contains
> _static_ rules for allowing/disallowing connections and relaying.
>
> vpopmail saves relaying information in ~vpopmail/etc/open-smtp, and it
> creates tcp.smtp.cdb (which is used by tcpserver) from both tcp.smtp and
> open-smtp.
>
> In short, you need:
>
> - read permissions on tcp.smtp
> - write permissions on tcp.smtp.cdb
>
> Judge for yourself if relaying data is sensible or not, to decide if you
> want these files to be group- or world-readable, or not.
>
> Jonas
>
>

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-07 Thread Jesse Guardiani 
On Friday 07 March 2003 17:36, Jonas Pasche wrote:
> Hi Ben,
>
> > Apologies if this is already answered elsewhere -- I didn't see it.  What
> > should the file permissions and ownership be for the tcprules tcp.smtp
> > file in order to enable vpopmail pop-before-smtp roaming user support? 
> > In other words, for qmail/vpopmail to temporarily add an IP address for
> > pop-before-stmp temp-relay support, what setup do I need?
>
> vpopmail doesn't need to write to tcp.smtp (as you can see, the file
> never changes, even not without roaming users). tcp.smtp only contains
> _static_ rules for allowing/disallowing connections and relaying.
>
> vpopmail saves relaying information in ~vpopmail/etc/open-smtp, and it
> creates tcp.smtp.cdb (which is used by tcpserver) from both tcp.smtp and
> open-smtp.


I'm a little confused about this myself...
Does 'open-smtp' not get created if you have mysql support enabled? I have
mysql support enabled.

My vpopmail installation doesn't create this file, and it doesn't build
'tcp.smtp.cdb'. (Yes, I ran clearopensmtp)



>
> In short, you need:
>
> - read permissions on tcp.smtp
> - write permissions on tcp.smtp.cdb
>
> Judge for yourself if relaying data is sensible or not, to decide if you
> want these files to be group- or world-readable, or not.
>
> Jonas

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net

We are actively looking for companies that do a lot of long
distance faxing and want to cut their long distance bill by
up to 50%.  Contact [EMAIL PROTECTED] for more info.

Re: [vchkpw] tcp.smtp file perms/owns for -enable-roaming-users?

2003-03-07 Thread Jonas Pasche 
Hi Ben,

> Apologies if this is already answered elsewhere -- I didn't see it.  What
> should the file permissions and ownership be for the tcprules tcp.smtp file
> in order to enable vpopmail pop-before-smtp roaming user support?  In other
> words, for qmail/vpopmail to temporarily add an IP address for
> pop-before-stmp temp-relay support, what setup do I need?

vpopmail doesn't need to write to tcp.smtp (as you can see, the file
never changes, even not without roaming users). tcp.smtp only contains
_static_ rules for allowing/disallowing connections and relaying.

vpopmail saves relaying information in ~vpopmail/etc/open-smtp, and it
creates tcp.smtp.cdb (which is used by tcpserver) from both tcp.smtp and
open-smtp.

In short, you need:

- read permissions on tcp.smtp
- write permissions on tcp.smtp.cdb

Judge for yourself if relaying data is sensible or not, to decide if you
want these files to be group- or world-readable, or not.

Jonas