Re: [vchkpw] vchkpw and courier 2.2.1 (long)
On Thu, 8 Jan 2004, Michael Bowe wrote: I have been doing some work on the vpopmail code that comes with courier. The work fixes many problems including this particular bug. I have recently submitted this patch to the courier author, and hopefully they will include these updates in a forthcoming courier release. Sorry to dig up another old post, but has anyone verified whether the fix is in the current Courier release? Thanks, Charles ref http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85 937atid=577801 Michael.
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
- Original Message - From: Charles Sprickman [EMAIL PROTECTED] Subject: Re: [vchkpw] vchkpw and courier 2.2.1 (long) On Thu, 8 Jan 2004, Michael Bowe wrote: I have been doing some work on the vpopmail code that comes with courier. The work fixes many problems including this particular bug. I have recently submitted this patch to the courier author, and hopefully they will include these updates in a forthcoming courier release. Sorry to dig up another old post, but has anyone verified whether the fix is in the current Courier release? Thanks, Charles ref http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85 937atid=577801 Michael. The patches are in the courier-imap sources v2.2.1 doesnt include the patches, but the current 2.2.2 snapshot includes it ... Michael.
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Michael Bowe wrote: You shouldnt need to manually edit this file... It should be auto-populated when you run make install-strip After the make install-strip (vpopmail/cdb) I've: -L/home/vpopmail/lib -lvpopmail If I add '-crypt' after, and compile courier-imap, I've an error and I couldn't install it. Without '-lcrypt', the installation is completed. Well, what could I do? Without '-crypt' apparently all works fine, but I don't know about open-relay. Thanks Andrea Here is what the lib_deps would contain for a typical vpopmail/cdb install -L/home/vpopmail/lib -lvpopmail -lcrypt
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
On Jan 13, 2004, at 2:16 AM, Andrea Riela wrote: After the make install-strip (vpopmail/cdb) I've: -L/home/vpopmail/lib -lvpopmail If I add '-crypt' after, and compile courier-imap, I've an error and I couldn't install it. Without '-lcrypt', the installation is completed. Well, what could I do? Without '-crypt' apparently all works fine, but I don't know about open-relay. If -lcrypt isn't in the file, and everything builds fine, then you don't need it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
- Original Message - From: Andrea Riela [EMAIL PROTECTED] Michael Bowe wrote: I will download, test, and will report back my findings soon (might not be till tomorrow though sorry) Thanks Michael, Well, probably I don't understand the '-lcrypt' on lib_deps file. If I insert that on lib_deps before compile courier, I couldn't do gmake: When you compile/install vpopmail, it records the required libraries etc into the lib_deps file This is so that when add-on programs try to link against the libvpopmail.a, they know what libraries are going to be required. You shouldnt need to manually edit this file... It should be auto-populated when you run make install-strip Here is what the lib_deps would contain for a typical vpopmail/cdb install -L/home/vpopmail/lib -lvpopmail -lcrypt Here is what the lib_deps would contain for a typical vpopmail/mysql install : -L/home/vpopmail/lib -lvpopmail -L/usr/local/mysql/lib -lmysqlclient -lz -lcrypt Here is what the lib_deps would contain for a typical vpopmail/ldap install -L/home/vpopmail/lib -lvpopmail -L/usr/local/lib -lldap -llber -lresolv -l crypt Here is what the lib_deps would contain for a typical vpopmail/pgsql insatll -L/home/vpopmail/lib -lvpopmail -L/usr/local/pgsql/lib -lpq -lcrypt As you can see, the contents will vary depending on the auth backend. They should all contain -lcrypt though, as the crypt function is required by some of the functions inside vpopmail Michael.
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
Sam Varshavchik has accepted my patch. Therefore the modifications it contains will be part of the next courier-imap release (v2.2.2) Michael.
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Michael Bowe wrote: Sam Varshavchik has accepted my patch. Therefore the modifications it contains will be part of the next courier-imap release (v2.2.2) Michael. Well, I need to insert '-crypt' in my lib_deps file after or before the courier install? Thanks for all Regards Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Michael Bowe wrote: Sam Varshavchik has accepted my patch. Therefore the modifications it contains will be part of the next courier-imap release (v2.2.2) Michael. I've installed this version of courier (see the courier ml, there's a patch for imapd.c), but I've an auth problem with vpopmail My steps: vpopmail-5.4.0-rc1 -- ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-qmail-ext --enable-defaultquota=NOQUOTA make cp vchkpw /home/vpopmail/bin/vchkpw-noroaming (this is for mi pop3d daemon) make clean ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-qmail-ext --enable-defaultquota=NOQUOTA --enable-roaming-users make make install-strip courier-imap-2.2.2.20040110 --- setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run gmake gmake install gmake install-configure Well, this is my situation: observe# openssl s_client -connect 127.0.0.1:995 CONNECTED(0004) cut --- +OK Hello there. USER [EMAIL PROTECTED] +OK Password required. PASS passwordcorrect closed observe# I've that authentication problem. The authentication fails (PASS). My /var/log/qmail/pop3s/current is this: @40004001b58522de336c tcpserver: status: 0/40 @40004001b5ba0a61dc1c tcpserver: status: 1/40 @40004001b5ba0a7112a4 tcpserver: pid 29340 from 127.0.0.1 @40004001b5ba0a725eac tcpserver: ok 29340 nesys.it:127.0.0.1:995 :127.0.0.1::46934 @40004001b5ba0defecac INFO: Connection, ip=[127.0.0.1] @40004001b5e42301e80c tcpserver: end 29340 status 0 @40004001b5e423233f34 tcpserver: status: 0/40 Where is my problem? Have you got any suggestion for me? Thanks for all Regards Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
I will download, test, and will report back my findings soon (might not be till tomorrow though sorry) Michael. - Original Message - From: Andrea Riela [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, January 12, 2004 7:56 AM Subject: RE: [vchkpw] vchkpw and courier 2.2.1 (long) Michael Bowe wrote: Sam Varshavchik has accepted my patch. Therefore the modifications it contains will be part of the next courier-imap release (v2.2.2) Michael. I've installed this version of courier (see the courier ml, there's a patch for imapd.c), but I've an auth problem with vpopmail My steps: vpopmail-5.4.0-rc1 -- ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-qmail-ext --enable-defaultquota=NOQUOTA make cp vchkpw /home/vpopmail/bin/vchkpw-noroaming (this is for mi pop3d daemon) make clean ./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-qmail-ext --enable-defaultquota=NOQUOTA --enable-roaming-users make make install-strip courier-imap-2.2.2.20040110 --- setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run gmake gmake install gmake install-configure Well, this is my situation: observe# openssl s_client -connect 127.0.0.1:995 CONNECTED(0004) cut --- +OK Hello there. USER [EMAIL PROTECTED] +OK Password required. PASS passwordcorrect closed observe# I've that authentication problem. The authentication fails (PASS). My /var/log/qmail/pop3s/current is this: @40004001b58522de336c tcpserver: status: 0/40 @40004001b5ba0a61dc1c tcpserver: status: 1/40 @40004001b5ba0a7112a4 tcpserver: pid 29340 from 127.0.0.1 @40004001b5ba0a725eac tcpserver: ok 29340 nesys.it:127.0.0.1:995 :127.0.0.1::46934 @40004001b5ba0defecac INFO: Connection, ip=[127.0.0.1] @40004001b5e42301e80c tcpserver: end 29340 status 0 @40004001b5e423233f34 tcpserver: status: 0/40 Where is my problem? Have you got any suggestion for me? Thanks for all Regards Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Michael Bowe wrote: I will download, test, and will report back my findings soon (might not be till tomorrow though sorry) Thanks Michael, Well, probably I don't understand the '-lcrypt' on lib_deps file. If I insert that on lib_deps before compile courier, I couldn't do gmake: gcc -DHAVE_CONFIG_H -I. -I. -I. -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./.. -c `test -f 'modauthvchkpw.c' || echo './'`modauthvchkpw.c gcc -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./.. -o authvchkpw modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a ../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt -lm ld: -lcrypt: no match collect2: ld returned 1 exit status gmake[2]: *** [authvchkpw] Error 1 gmake[2]: Leaving directory `/src/courier-imap-2.2.2.20040110/authlib' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/src/courier-imap-2.2.2.20040110/authlib' gmake: *** [all-recursive] Error 1 If I don't insert '-lcrypt' before, I could do gmake. Why? What -lcrypt? It's important to the open-relay function? For my report, I could say what I've tryed: 1- with qmail-pop3d over ssl (with sslserver -- ucspi-ssl at http://www.superscript.com/ucspi-ssl/intro.html) I could make a 'openssl s_client -connect 127.0.0.1:995' and connect with a specific USER/PASS, that is the daemon and the authentication work, but the open-relay not (I've the open-smtp blank, and a tmp file (for example: open-smtp.tmp.1563) in /home/vpopmail/etc). 2- with courier-pop3s, if I don't use '-lcrypt' an I could gmake it, when I make an 'openssl s_client -connect 127.0.0.1:995', with USER/PASS right or wrong I've always the same prompt: cut --- +OK Hello there. USER [EMAIL PROTECTED] +OK Password required. PASS password closed I don't know if that's ok. I know that with courier-pop3s I couldn't connect to my server to download my emails. Thanks for all Michael, I'm waiting for you :) Regards Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
Hi, hope this helps you. we use this to do the smtp after pop3/imap: http://www.pofo.de/HOWTO/qmail/install-courierimaphack.html it is installed under /home/vpopmail/bin/open_relay we use courimap for all 4 protocols, pop3d, pop3d-ssl, imapd, imapd-ssl and all for runs-cripts under /usr/local/courier-imap/current/libexec/imapd.rc or pop3d-rc or pop3d-ssl.rc look like this: # 8 Schnipp 8 # #! /bin/sh # $Id: imapd.rc.in,v 1.22 2002/12/24 02:31:40 mrsam Exp $ # # Copyright 1998 - 2002 Double Precision, Inc. # See COPYING for distribution information. prefix=/usr/local/courier-imap/2.1.2 exec_prefix=/usr/local/courier-imap/2.1.2 bindir=${exec_prefix}/bin libexecdir=/usr/local/courier-imap/2.1.2/libexec TLS_CACHEFILE= . ${prefix}/etc/imapd-ssl . ${prefix}/etc/imapd case $1 in start) LIBAUTHMODULES= for f in `echo $AUTHMODULES` do LIBAUTHMODULES=$LIBAUTHMODULES /usr/local/courier-imap/2.1.2/libexec/authlib/$f done if test -x ${libexecdir}/authlib/authdaemond then /usr/bin/env - ${libexecdir}/authlib/authdaemond start fi if test $TLS_CACHEFILE != then rm -f $TLS_CACHEFILE fi ulimit -v $IMAP_ULIMITD /usr/bin/env - /bin/sh -c set -a ; prefix=/usr/local/courier-imap/2.1.2 ; exec_prefix=/usr/local/courier-imap/2.1.2 ; bindir=${exec_prefix}/bin ; libexecdir=/usr/local/courier-imap/2.1.2/libexec ; . ${prefix}/etc/imapd ; \ . ${prefix}/etc/imapd-ssl ; \ IMAP_STARTTLS=$IMAPDSTARTTLS ; export IMAP_STARTTLS ; \ TLS_PROTOCOL=$TLS_STARTTLS_PROTOCOL ; \ /usr/local/courier-imap/2.1.2/libexec/couriertcpd -address=$ADDRESS \ -stderrlogger=/usr/local/courier-imap/2.1.2/libexec/courierlogger \ -stderrloggername=imapd \ -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP \ -pid=$PIDFILE $TCPDOPTS \ $PORT ${exec_prefix}/sbin/imaplogin $LIBAUTHMODULES \ /home/vpopmail/bin/open_relay \ ${exec_prefix}/bin/imapd Maildir ;; stop) /usr/local/courier-imap/2.1.2/libexec/couriertcpd -pid=$PIDFILE -stop if test -x ${libexecdir}/authlib/authdaemond then ${libexecdir}/authlib/authdaemond stop fi ;; esac exit 0 # 8 Schnapp 8 # Only this line has to be added at the riht point: /home/vpopmail/bin/open_relay \ For us this works better than the relay-control way Greetings Alex
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
It is my understanding that setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY is not sufficient to enable the roaming user functionality in courier-imap. Instead you need to edit the file authlib/preauthvchkpw.c and remove the line : #undef HAVE_OPEN_SMTP_RELAY and then recompile courier-imap This roaming user functionality was hardcoded off on purpose, because there is a flaw in the current design. If you enable roaming users in courier, then any user will be able to relay after performing an auth attempt, regardless of whether the auth contained a valid username/password. Thanks Michael, I think you have hit the problem! Then what I've to do? If I remove the line #undef HAVE_OPEN_SMTP_RELAY, I've the auth bug that you say. I've to apply your patch courier-imap-2[1].1.1-vchkpw-updates.diff.txt? Probably my steps will be: cd into courier-imap-2.1.1/authlib patch -u courier-imap-2[1].1.1-vchkpw-updates.diff.txt ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY gmake gmake install gmake install-configure With your patch, I've already a security problem? Or removing the open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c, you've fixed that? Thanks for all Regards Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Probably my steps will be: cd into courier-imap-2.1.1/authlib patch -u courier-imap-2[1].1.1-vchkpw-updates.diff.txt ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY gmake gmake install gmake install-configure With your patch, I've already a security problem? Or removing the open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c, you've fixed that? My lib_deps is: -L/home/vpopmail/lib -lvpopmail I've to add the '-lcrypt' too? Thanks Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Andrea Riela wrote: Probably my steps will be: cd into courier-imap-2.1.1/authlib patch -u courier-imap-2[1].1.1-vchkpw-updates.diff.txt ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY gmake gmake install gmake install-configure With your patch, I've already a security problem? Or removing the open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c, you've fixed that? My lib_deps is: -L/home/vpopmail/lib -lvpopmail I've to add the '-lcrypt' too? Ok Michael, I've tryed: I've added -lcrypt in my lib_deps: -L/home/vpopmail/lib -lvpopmail -lcrypt Then: bzip2 -cd courier-imap-2.2.1.tar.bz2 | tar xf - ... patch -u courier-imap-2.1.1-vchkpw-updates.diff.txt ... setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run When try to compile with make, or gmake, I've the same error: cd . /bin/sh /src/courier-imap-2.2.1/missing --run autoconf configure.in:21: error: possibly undefined macro: AC_PROG_SYSCONFTOOL If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. gmake[1]: *** [configure] Error 1 gmake[1]: Leaving directory `/src/courier-imap-2.2.1/authlib' gmake: *** [all-recursive] Error 1 Mmm... Where's the mistake? Probably I've misunderstood your help :( Thanks for all Regards Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote: Then what I've to do? Try BINC-IMAP instead. Others have reported that it's a fine replacement for Courier. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Tom Collins wrote: On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote: Then what I've to do? Try BINC-IMAP instead. Others have reported that it's a fine replacement for Courier. I couldn't .. I need a pop3-ssl daemon. I hope the Michael's patch will help me :) But I've problems to compile that. Thanks Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
You might want to have a look at Bill Shupps guide or even Michaels guide http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm http://www.pipeline.com.au/staff/mbowe/isp/vpopmail-mysql.htm qmail-pop3d can be run in ssl mode with something like this from Bills toaster setup. You don't need Courier-Imap to have pop3 ssl. This is the run file... #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec /usr/local/bin/tcpserver -l 0 -R -H -v \ -u$VPOPMAILUID -g$VPOPMAILGID 0 995\ /usr/sbin/stunnel -f -p /var/qmail/control/servercert.pem\ -l /var/qmail/bin/qmail-popup -- qmail-popup domain.com \ /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21 Shane -Original Message- From: Andrea Riela [mailto:[EMAIL PROTECTED] Sent: Friday, 9 January 2004 2:24 AM To: [EMAIL PROTECTED] Subject: RE: [vchkpw] vchkpw and courier 2.2.1 (long) Tom Collins wrote: On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote: Then what I've to do? Try BINC-IMAP instead. Others have reported that it's a fine replacement for Courier. I couldn't .. I need a pop3-ssl daemon. I hope the Michael's patch will help me :) But I've problems to compile that. Thanks Andrea
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Shane Chrisp wrote: /usr/sbin/stunnel -f -p Ya Shane, But I wouldn't use stunnel for that. If it's possible, I would use courier. Thanks for all Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
- Original Message - From: Andrea Riela [EMAIL PROTECTED] When try to compile with make, or gmake, I've the same error: cd . /bin/sh /src/courier-imap-2.2.1/missing --run autoconf configure.in:21: error: possibly undefined macro: AC_PROG_SYSCONFTOOL If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. gmake[1]: *** [configure] Error 1 gmake[1]: Leaving directory `/src/courier-imap-2.2.1/authlib' gmake: *** [all-recursive] Error 1 Mmm... Where's the mistake? Probably I've misunderstood your help :( You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that particular patch. Michael.
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
- Original Message - From: Andrea Riela [EMAIL PROTECTED] With your patch, I've already a security problem? Or removing the open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c, you've fixed that? Yes, with the patch, the security problem is resolved, because the relay isnt opened unless the user has successfully authenticated. As you say, the open_smtp_relay() calls are moved from the pre-auth stage, to post-auth Michael.
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Michael Bowe wrote: You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that particular patch. Now I'm trying to compile the 2.1.1 version, but ... Compiling modauthvchkpw.c gcc -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./.. -o authvchkpw modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a ../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt -lm ld: -lcrypt: no match collect2: ld returned 1 exit status *** Error code 1 Stop in /src/courier-imap-2.1.1/authlib (line 856 of Makefile). *** Error code 1 Stop in /src/courier-imap-2.1.1/authlib (line 701 of Makefile). *** Error code 1 Stop in /src/courier-imap-2.1.1 (line 459 of Makefile). Make or gmake, it's the same. My lib_deps: -L/home/vpopmail/lib -lvpopmail -lcrypt Thanks for your support Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
Andrea Riela schrieb: Michael Bowe wrote: You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that particular patch. Now I'm trying to compile the 2.1.1 version, but ... Compiling modauthvchkpw.c gcc -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./.. -o authvchkpw modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a ../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt -lm ld: -lcrypt: no match collect2: ld returned 1 exit status *** Error code 1 Stop in /src/courier-imap-2.1.1/authlib (line 856 of Makefile). *** Error code 1 Stop in /src/courier-imap-2.1.1/authlib (line 701 of Makefile). *** Error code 1 Stop in /src/courier-imap-2.1.1 (line 459 of Makefile). Make or gmake, it's the same. My lib_deps: -L/home/vpopmail/lib -lvpopmail -lcrypt Thanks for your support Andrea Mhhh, I had the same Problem, and i am turn the roaming-users off and use now relay-ctrl that works very fine. It works with couriers pop3d, pop3d-ssl, imapd, imapd-ssl. http://untroubled.org/relay-ctrl/ Werner
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
On Jan 7, 2004, at 10:31 AM, Andrea Riela wrote: OK, it works, but ... When I try with courier (that uses libvpopmail.a, if I've undestood well), in my open-smtp, after pop3-ssl, there isn't my external IP with relay allowed. If I recall correctly, you need to do something special to courier to get it to compile with roaming users enabled. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
RE: [vchkpw] vchkpw and courier 2.2.1 (long)
Tom Collins wrote: On Jan 7, 2004, at 10:31 AM, Andrea Riela wrote: OK, it works, but ... When I try with courier (that uses libvpopmail.a, if I've undestood well), in my open-smtp, after pop3-ssl, there isn't my external IP with relay allowed. If I recall correctly, you need to do something special to courier to get it to compile with roaming users enabled. Nothing special, I need to enable the smtp relay for pop3-ssl roaming users. I thought: if I compile vpopmail with enable-roaming-users, and courier with authvchkpw, I could do that. I don't know, I suppose that courier writes the open-smtp file, like qmail and qmail-pop3d ... I know that if I use the vchkpw (with roaming) with qmail-pop3d, all works fine, and in open-smtp I've my external IP allowed (and the tcp.smtp.cdb uses the Ips in open-smtp and tcp.smtp for working, right?) ... With courier nothing, it doesn't work (generic as consideration, I know, but I haven't ideas ...). With courier, when I try to use my smtp relay, I have nothing in my open-smtp, and the relay is disabled. Any suggestion? I've tried with tcpserver -u 89 -g 89 -v -R -H -l nesys.it 0 995 \ that is tcpserver as vpopmail:vchkpw, but nothing. My /home/vpopmail/etc: observe# ls -la total 11 drwxr-xr-x 2 vpopmail vchkpw 512 Jan 8 03:44 . drwxr-xr-x 8 root wheel512 Dec 23 18:56 .. -rw-r--r-- 1 vpopmail vchkpw25 Jan 7 17:24 inc_deps -rw-r--r-- 1 vpopmail vchkpw34 Jan 7 17:24 lib_deps -rw-r--r-- 1 root vchkpw59 Jan 7 18:02 open-smtp -rw-r--r-- 1 root vchkpw 0 Jan 7 18:02 open-smtp.lock -rw-r--r-- 1 vpopmail vchkpw 455 Dec 11 18:51 tcp.smtp -rw-r--r-- 1 root vchkpw 2352 Jan 7 18:04 tcp.smtp.cdb -rw-r--r-- 1 vpopmail vchkpw 1107 Nov 23 02:26 vlimits.default My /home/vpopmail/bin: observe# ls -la total 1754 drwxr-xr-x 2 vpopmail vchkpw1024 Jan 7 17:24 . drwxr-xr-x 8 root wheel 512 Dec 23 18:56 .. -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 clearopensmtp -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vaddaliasdomain -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vadddomain -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vadduser -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 valias -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vchangepw -rwx--x--x 1 vpopmail vchkpw 73728 Jan 7 17:24 vchkpw -rwxr-xr-x 1 vpopmail vchkpw 208734 Jan 7 17:22 vchkpw-no-roaming -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vconvert -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vdeldomain -rwx--x--x 1 vpopmail vchkpw 73728 Jan 7 17:24 vdelivermail -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vdeloldusers -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vdeluser -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vdominfo -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vipmap -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vkill -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vmkpasswd -rwx--x--x 1 vpopmail vchkpw 77824 Jan 7 17:24 vmoddomlimits -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vmoduser -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vpasswd -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vpopbull -rwx--x--x 1 vpopmail vchkpw 73728 Jan 7 17:24 vqmaillocal -rwx--x--x 1 vpopmail vchkpw 65536 Jan 7 17:24 vsetuserquota -rwx--x--x 1 vpopmail vchkpw 69632 Jan 7 17:24 vuserinfo My /home/vpopmail/lib: observe# ls -la total 202 drwx-- 2 root wheel 512 Jan 7 17:24 . drwxr-xr-x 8 root wheel 512 Dec 23 18:56 .. -rw-r--r-- 1 root wheel 192264 Jan 7 17:24 libvpopmail.a Thanks for your support and patience. Regards Andrea
Re: [vchkpw] vchkpw and courier 2.2.1 (long)
- Original Message - From: Andrea Riela [EMAIL PROTECTED] I've recompiled courier-2.2.1 and qmailadmin-1.2.0-rc2 Steps for courier (as root): ./configure --prefix=/usr/local/courier-imap --disable-root-check --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw --with-ssl --with-piddir=/var/run setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY gmake gmake install gmake install-configure When I try with courier (that uses libvpopmail.a, if I've undestood well), in my open-smtp, after pop3-ssl, there isn't my external IP with relay allowed. It is my understanding that setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY is not sufficient to enable the roaming user functionality in courier-imap. Instead you need to edit the file authlib/preauthvchkpw.c and remove the line : #undef HAVE_OPEN_SMTP_RELAY and then recompile courier-imap This roaming user functionality was hardcoded off on purpose, because there is a flaw in the current design. If you enable roaming users in courier, then any user will be able to relay after performing an auth attempt, regardless of whether the auth contained a valid username/password. I have been doing some work on the vpopmail code that comes with courier. The work fixes many problems including this particular bug. I have recently submitted this patch to the courier author, and hopefully they will include these updates in a forthcoming courier release. ref http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85 937atid=577801 Michael.