Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-02-03 Thread Charles Sprickman
On Thu, 8 Jan 2004, Michael Bowe wrote:

 I have been doing some work on the vpopmail code that comes with
 courier. The work fixes many problems including this particular bug.
 I have recently submitted this patch to the courier author, and hopefully
 they will include these updates in a forthcoming courier release.

Sorry to dig up another old post, but has anyone verified whether the fix
is in the current Courier release?

Thanks,

Charles

 ref
 http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85
 937atid=577801

 Michael.




Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-02-03 Thread Michael Bowe

- Original Message - 
From: Charles Sprickman [EMAIL PROTECTED]
Subject: Re: [vchkpw] vchkpw and courier 2.2.1 (long)


 On Thu, 8 Jan 2004, Michael Bowe wrote:

  I have been doing some work on the vpopmail code that comes with
  courier. The work fixes many problems including this particular bug.
  I have recently submitted this patch to the courier author, and
hopefully
  they will include these updates in a forthcoming courier release.

 Sorry to dig up another old post, but has anyone verified whether the fix
 is in the current Courier release?

 Thanks,

 Charles

  ref
 
http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85
  937atid=577801
 
  Michael.
 

The patches are in the courier-imap sources

v2.2.1 doesnt include the patches, but the current 2.2.2 snapshot includes
it ...

Michael.



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-13 Thread Andrea Riela
Michael Bowe wrote:
 You shouldnt need to manually edit this file... It should be
 auto-populated when you run make install-strip

After the make install-strip (vpopmail/cdb) I've:

-L/home/vpopmail/lib -lvpopmail

If I add '-crypt' after, and compile courier-imap, I've an error and I
couldn't install it.
Without '-lcrypt', the installation is completed.

Well, what could I do? Without '-crypt' apparently all works fine, but I
don't know about open-relay.

Thanks
Andrea
 
 Here is what the lib_deps would contain for a typical
 vpopmail/cdb install
   -L/home/vpopmail/lib -lvpopmail  -lcrypt



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-13 Thread Tom Collins
On Jan 13, 2004, at 2:16 AM, Andrea Riela wrote:
After the make install-strip (vpopmail/cdb) I've:

-L/home/vpopmail/lib -lvpopmail

If I add '-crypt' after, and compile courier-imap, I've an error and I
couldn't install it.
Without '-lcrypt', the installation is completed.
Well, what could I do? Without '-crypt' apparently all works fine, but 
I
don't know about open-relay.
If -lcrypt isn't in the file, and everything builds fine, then you 
don't need it.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-12 Thread Michael Bowe

- Original Message - 
From: Andrea Riela [EMAIL PROTECTED]


 Michael Bowe wrote:
  I will download, test, and will report back my findings soon (might
  not be till tomorrow though sorry)

 Thanks Michael,

 Well, probably I don't understand the '-lcrypt' on lib_deps file. If I
 insert that on lib_deps before compile courier, I couldn't do gmake:

When you compile/install vpopmail, it records the required libraries etc
into the lib_deps file

This is so that when add-on programs try to link against the libvpopmail.a,
they know what libraries are going to be required.

You shouldnt need to manually edit this file... It should be auto-populated
when you run make install-strip

Here is what the lib_deps would contain for a typical vpopmail/cdb install
  -L/home/vpopmail/lib -lvpopmail  -lcrypt

Here is what the lib_deps would contain for a typical vpopmail/mysql install
:
  -L/home/vpopmail/lib -lvpopmail -L/usr/local/mysql/lib  -lmysqlclient -lz 
-lcrypt

Here is what the lib_deps would contain for a typical vpopmail/ldap install
  -L/home/vpopmail/lib -lvpopmail -L/usr/local/lib -lldap -llber -lresolv -l
crypt

Here is what the lib_deps would contain for a typical vpopmail/pgsql insatll
  -L/home/vpopmail/lib -lvpopmail -L/usr/local/pgsql/lib -lpq  -lcrypt

As you can see, the contents will vary depending on the auth backend. They
should all contain -lcrypt though, as the crypt function is required by some
of the functions inside vpopmail

Michael.



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-11 Thread Michael Bowe
Sam Varshavchik has accepted my patch.

Therefore the modifications it contains will be part of the next
courier-imap release (v2.2.2)

Michael.



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-11 Thread Andrea Riela
Michael Bowe wrote:
 Sam Varshavchik has accepted my patch.
 
 Therefore the modifications it contains will be part of the
 next courier-imap release (v2.2.2)
 
 Michael.

Well, I need to insert '-crypt' in my lib_deps file after or before the
courier install?

Thanks for all
Regards
Andrea



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-11 Thread Andrea Riela
Michael Bowe wrote:
 Sam Varshavchik has accepted my patch.
 
 Therefore the modifications it contains will be part of the next 
 courier-imap release (v2.2.2)
 
 Michael.

I've installed this version of courier (see the courier ml, there's a patch
for imapd.c), but I've an auth problem with vpopmail My steps:

vpopmail-5.4.0-rc1
--
./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp
--enable-qmail-ext --enable-defaultquota=NOQUOTA make

cp vchkpw /home/vpopmail/bin/vchkpw-noroaming 
(this is for mi pop3d daemon)
make clean

./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp
--enable-qmail-ext --enable-defaultquota=NOQUOTA --enable-roaming-users make
make install-strip

courier-imap-2.2.2.20040110
---
setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
./configure --prefix=/usr/local/courier-imap --disable-root-check
--without-authpam --without-authldap --without-authpwd --without-authmysql
--without-authpgsql --without-authshadow --without-authuserdb
--without-authcustom --without-authcram --without-authdaemon
--with-authvchkpw --with-ssl --with-piddir=/var/run gmake  gmake install
 gmake install-configure


Well, this is my situation:

observe# openssl s_client -connect 127.0.0.1:995
CONNECTED(0004)
cut
---
+OK Hello there.
USER [EMAIL PROTECTED]
+OK Password required.
PASS passwordcorrect
closed
observe# 

I've that authentication problem. The authentication fails (PASS).

My /var/log/qmail/pop3s/current is this: @40004001b58522de336c
tcpserver: status: 0/40 @40004001b5ba0a61dc1c tcpserver: status: 1/40
@40004001b5ba0a7112a4 tcpserver: pid 29340 from 127.0.0.1
@40004001b5ba0a725eac tcpserver: ok 29340 nesys.it:127.0.0.1:995
:127.0.0.1::46934 @40004001b5ba0defecac INFO: Connection, ip=[127.0.0.1]
@40004001b5e42301e80c tcpserver: end 29340 status 0
@40004001b5e423233f34 tcpserver: status: 0/40

Where is my problem? Have you got any suggestion for me?
Thanks for all
Regards
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-11 Thread Michael Bowe
I will download, test, and will report back my findings soon (might not be
till tomorrow though sorry)

Michael.

- Original Message - 
From: Andrea Riela [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, January 12, 2004 7:56 AM
Subject: RE: [vchkpw] vchkpw and courier 2.2.1 (long)


Michael Bowe wrote:
 Sam Varshavchik has accepted my patch.

 Therefore the modifications it contains will be part of the next
 courier-imap release (v2.2.2)

 Michael.

I've installed this version of courier (see the courier ml, there's a patch
for imapd.c), but I've an auth problem with vpopmail My steps:

vpopmail-5.4.0-rc1
--
./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp
--enable-qmail-ext --enable-defaultquota=NOQUOTA make

cp vchkpw /home/vpopmail/bin/vchkpw-noroaming
(this is for mi pop3d daemon)
make clean

./configure --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp
--enable-qmail-ext --enable-defaultquota=NOQUOTA --enable-roaming-users make
make install-strip

courier-imap-2.2.2.20040110
---
setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
./configure --prefix=/usr/local/courier-imap --disable-root-check
--without-authpam --without-authldap --without-authpwd --without-authmysql
--without-authpgsql --without-authshadow --without-authuserdb
--without-authcustom --without-authcram --without-authdaemon
--with-authvchkpw --with-ssl --with-piddir=/var/run gmake  gmake install
 gmake install-configure


Well, this is my situation:

observe# openssl s_client -connect 127.0.0.1:995
CONNECTED(0004)
cut
---
+OK Hello there.
USER [EMAIL PROTECTED]
+OK Password required.
PASS passwordcorrect
closed
observe#

I've that authentication problem. The authentication fails (PASS).

My /var/log/qmail/pop3s/current is this: @40004001b58522de336c
tcpserver: status: 0/40 @40004001b5ba0a61dc1c tcpserver: status: 1/40
@40004001b5ba0a7112a4 tcpserver: pid 29340 from 127.0.0.1
@40004001b5ba0a725eac tcpserver: ok 29340 nesys.it:127.0.0.1:995
:127.0.0.1::46934 @40004001b5ba0defecac INFO: Connection, ip=[127.0.0.1]
@40004001b5e42301e80c tcpserver: end 29340 status 0
@40004001b5e423233f34 tcpserver: status: 0/40

Where is my problem? Have you got any suggestion for me?
Thanks for all
Regards
Andrea




RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-11 Thread Andrea Riela
Michael Bowe wrote:
 I will download, test, and will report back my findings soon (might 
 not be till tomorrow though sorry)

Thanks Michael,

Well, probably I don't understand the '-lcrypt' on lib_deps file. If I
insert that on lib_deps before compile courier, I couldn't do gmake:

gcc -DHAVE_CONFIG_H -I. -I. -I. -I/home/vpopmail/include
-DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./.. -c `test -f 'modauthvchkpw.c' ||
echo './'`modauthvchkpw.c
gcc  -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./..   -o
authvchkpw  modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a
../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt
-lm  
ld: -lcrypt: no match
collect2: ld returned 1 exit status
gmake[2]: *** [authvchkpw] Error 1
gmake[2]: Leaving directory `/src/courier-imap-2.2.2.20040110/authlib'
gmake[1]: *** [all] Error 2
gmake[1]: Leaving directory `/src/courier-imap-2.2.2.20040110/authlib'
gmake: *** [all-recursive] Error 1

If I don't insert '-lcrypt' before, I could do gmake.
Why? What -lcrypt? It's important to the open-relay function?

For my report, I could say what I've tryed:

1- with qmail-pop3d over ssl (with sslserver -- ucspi-ssl at
http://www.superscript.com/ucspi-ssl/intro.html) I could make a 'openssl
s_client -connect 127.0.0.1:995' and connect with a specific USER/PASS, that
is the daemon and the authentication work, but the open-relay not (I've the
open-smtp blank, and a tmp file (for example: open-smtp.tmp.1563) in
/home/vpopmail/etc).

2- with courier-pop3s, if I don't use '-lcrypt' an I could gmake it, when I
make an 'openssl s_client -connect 127.0.0.1:995', with USER/PASS right or
wrong I've always the same prompt:

cut
---
+OK Hello there.
USER [EMAIL PROTECTED]
+OK Password required.
PASS password
closed

I don't know if that's ok. I know that with courier-pop3s I couldn't connect
to my server to download my emails.

Thanks for all Michael, I'm waiting for you :)
Regards
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-09 Thread Alexander Bruns
Hi,

hope this helps you.

we use this to do the smtp after pop3/imap:
http://www.pofo.de/HOWTO/qmail/install-courierimaphack.html
it is installed under /home/vpopmail/bin/open_relay

we use courimap for all 4 protocols, pop3d, pop3d-ssl, imapd, imapd-ssl and  
all for runs-cripts under
/usr/local/courier-imap/current/libexec/imapd.rc or pop3d-rc or pop3d-ssl.rc
look like this:

# 8 Schnipp 8 #
#! /bin/sh
# $Id: imapd.rc.in,v 1.22 2002/12/24 02:31:40 mrsam Exp $
#
# Copyright 1998 - 2002 Double Precision, Inc.
# See COPYING for distribution information.


prefix=/usr/local/courier-imap/2.1.2
exec_prefix=/usr/local/courier-imap/2.1.2
bindir=${exec_prefix}/bin
libexecdir=/usr/local/courier-imap/2.1.2/libexec

TLS_CACHEFILE=
. ${prefix}/etc/imapd-ssl
. ${prefix}/etc/imapd

case $1 in
start)
LIBAUTHMODULES=
for f in `echo $AUTHMODULES`
do
LIBAUTHMODULES=$LIBAUTHMODULES 
/usr/local/courier-imap/2.1.2/libexec/authlib/$f
done

if test -x ${libexecdir}/authlib/authdaemond
then
/usr/bin/env - ${libexecdir}/authlib/authdaemond start
fi

if test $TLS_CACHEFILE != 
then
rm -f $TLS_CACHEFILE
fi

ulimit -v $IMAP_ULIMITD
/usr/bin/env - /bin/sh -c  set -a ;
prefix=/usr/local/courier-imap/2.1.2 ;
exec_prefix=/usr/local/courier-imap/2.1.2 ;
bindir=${exec_prefix}/bin ;
libexecdir=/usr/local/courier-imap/2.1.2/libexec ;
. ${prefix}/etc/imapd ; \
. ${prefix}/etc/imapd-ssl ; \
IMAP_STARTTLS=$IMAPDSTARTTLS ; export IMAP_STARTTLS ; \
TLS_PROTOCOL=$TLS_STARTTLS_PROTOCOL ; \
/usr/local/courier-imap/2.1.2/libexec/couriertcpd 
-address=$ADDRESS \

-stderrlogger=/usr/local/courier-imap/2.1.2/libexec/courierlogger \
-stderrloggername=imapd \
-maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP \
-pid=$PIDFILE $TCPDOPTS \
$PORT ${exec_prefix}/sbin/imaplogin $LIBAUTHMODULES \
/home/vpopmail/bin/open_relay \
${exec_prefix}/bin/imapd Maildir
;;
stop)
/usr/local/courier-imap/2.1.2/libexec/couriertcpd -pid=$PIDFILE -stop
if test -x ${libexecdir}/authlib/authdaemond
then
${libexecdir}/authlib/authdaemond stop
fi
;;
esac
exit 0

# 8 Schnapp 8 #
Only this line has to be added at the riht point:
/home/vpopmail/bin/open_relay \

For us this works better than the relay-control way


Greetings

Alex



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
 It is my understanding that
setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
 is not sufficient to enable the roaming user functionality in
 courier-imap. 
 
 Instead you need to edit the file
   authlib/preauthvchkpw.c
 and remove the line  :
   #undef HAVE_OPEN_SMTP_RELAY
 and then recompile courier-imap
 
 This roaming user functionality was hardcoded off on purpose,
 because there is a flaw in the current design. If you enable
 roaming users in courier, then any user will be able to relay
 after performing an auth attempt, regardless of whether the
 auth contained a valid username/password.

Thanks Michael,

I think you have hit the problem!
Then what I've to do?
If I remove the line #undef HAVE_OPEN_SMTP_RELAY, I've the auth bug that you
say.
I've to apply your patch courier-imap-2[1].1.1-vchkpw-updates.diff.txt?

Probably my steps will be:

cd into courier-imap-2.1.1/authlib
patch -u  courier-imap-2[1].1.1-vchkpw-updates.diff.txt
./configure --prefix=/usr/local/courier-imap --disable-root-check
--without-authpam --without-authldap --without-authpwd --without-authmysql
--without-authpgsql --without-authshadow --without-authuserdb
--without-authcustom --without-authcram --without-authdaemon
--with-authvchkpw --with-ssl --with-piddir=/var/run
setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
gmake
gmake install
gmake install-configure

With your patch, I've already a security problem? Or removing the
open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c,
you've fixed that?

Thanks for all
Regards
Andrea



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
 Probably my steps will be:
 
 cd into courier-imap-2.1.1/authlib
 patch -u  courier-imap-2[1].1.1-vchkpw-updates.diff.txt
 ./configure --prefix=/usr/local/courier-imap
 --disable-root-check --without-authpam --without-authldap
 --without-authpwd --without-authmysql --without-authpgsql
 --without-authshadow --without-authuserdb
 --without-authcustom --without-authcram --without-authdaemon
 --with-authvchkpw --with-ssl --with-piddir=/var/run setenv
 CFLAGS=-DHAVE_OPEN_SMTP_RELAY
 gmake 
 gmake install
 gmake install-configure 
 
 With your patch, I've already a security problem? Or removing the
 open_smtp_relay() calls from the preauthvchmpw.c file to
 authvchkpw.c, you've fixed that?

My lib_deps is:
-L/home/vpopmail/lib -lvpopmail

I've to add the '-lcrypt' too?
Thanks
Andrea



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
Andrea Riela wrote:
 Probably my steps will be:
 
 cd into courier-imap-2.1.1/authlib
 patch -u  courier-imap-2[1].1.1-vchkpw-updates.diff.txt
 ./configure --prefix=/usr/local/courier-imap --disable-root-check
 --without-authpam --without-authldap --without-authpwd
 --without-authmysql --without-authpgsql --without-authshadow
 --without-authuserdb --without-authcustom --without-authcram
 --without-authdaemon --with-authvchkpw --with-ssl
 --with-piddir=/var/run setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY gmake
 gmake install
 gmake install-configure
 
 With your patch, I've already a security problem? Or removing the
 open_smtp_relay() calls from the preauthvchmpw.c file to
 authvchkpw.c, you've fixed that?
 
 My lib_deps is:
 -L/home/vpopmail/lib -lvpopmail
 
 I've to add the '-lcrypt' too?

Ok Michael, I've tryed:
I've added -lcrypt in my lib_deps:
-L/home/vpopmail/lib -lvpopmail -lcrypt

Then:
bzip2 -cd courier-imap-2.2.1.tar.bz2 | tar xf -
...
patch -u  courier-imap-2.1.1-vchkpw-updates.diff.txt
...
setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
./configure --prefix=/usr/local/courier-imap --disable-root-check
--without-authpam --without-authldap --without-authpwd --without-authmysql
--without-authpgsql --without-authshadow --without-authuserdb
--without-authcustom --without-authcram --without-authdaemon
--with-authvchkpw --with-ssl --with-piddir=/var/run

When try to compile with make, or gmake, I've the same error:
cd .  /bin/sh /src/courier-imap-2.2.1/missing --run autoconf
configure.in:21: error: possibly undefined macro: AC_PROG_SYSCONFTOOL
  If this token and others are legitimate, please use m4_pattern_allow.
  See the Autoconf documentation.
gmake[1]: *** [configure] Error 1
gmake[1]: Leaving directory `/src/courier-imap-2.2.1/authlib'
gmake: *** [all-recursive] Error 1

Mmm... Where's the mistake? Probably I've misunderstood your help :(
Thanks for all
Regards
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Tom Collins
On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote:
Then what I've to do?
Try BINC-IMAP instead.  Others have reported that it's a fine 
replacement for Courier.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
Tom Collins wrote:
 On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote:
 Then what I've to do?
 
 Try BINC-IMAP instead.  Others have reported that it's a fine
 replacement for Courier. 

I couldn't .. I need a pop3-ssl daemon.
I hope the Michael's patch will help me :)
But I've problems to compile that.

Thanks
Andrea



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Shane Chrisp
 You might want to have a look at Bill Shupps guide or
even Michaels guide 
http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm
http://www.pipeline.com.au/staff/mbowe/isp/vpopmail-mysql.htm

qmail-pop3d can be run in ssl mode with something like this from Bills
toaster setup. You don't need Courier-Imap to have pop3 ssl.

This is the run file...
#!/bin/sh

VPOPMAILUID=`id -u vpopmail`
VPOPMAILGID=`id -g vpopmail`

exec /usr/local/bin/tcpserver -l 0 -R -H -v  \
-u$VPOPMAILUID -g$VPOPMAILGID 0 995\
/usr/sbin/stunnel -f -p /var/qmail/control/servercert.pem\
-l /var/qmail/bin/qmail-popup -- qmail-popup domain.com  \
/home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 21

Shane


-Original Message-
From: Andrea Riela [mailto:[EMAIL PROTECTED] 
Sent: Friday, 9 January 2004 2:24 AM
To: [EMAIL PROTECTED]
Subject: RE: [vchkpw] vchkpw and courier 2.2.1 (long)

Tom Collins wrote:
 On Jan 8, 2004, at 3:29 AM, Andrea Riela wrote:
 Then what I've to do?
 
 Try BINC-IMAP instead.  Others have reported that it's a fine
 replacement for Courier. 

I couldn't .. I need a pop3-ssl daemon.
I hope the Michael's patch will help me :)
But I've problems to compile that.

Thanks
Andrea





RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
Shane Chrisp wrote:
 /usr/sbin/stunnel -f -p

Ya Shane,
But I wouldn't use stunnel for that.
If it's possible, I would use courier.

Thanks for all
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Michael Bowe
- Original Message - 
From: Andrea Riela [EMAIL PROTECTED]

 When try to compile with make, or gmake, I've the same error:
 cd .  /bin/sh /src/courier-imap-2.2.1/missing --run autoconf
 configure.in:21: error: possibly undefined macro: AC_PROG_SYSCONFTOOL
   If this token and others are legitimate, please use
m4_pattern_allow.
   See the Autoconf documentation.
 gmake[1]: *** [configure] Error 1
 gmake[1]: Leaving directory `/src/courier-imap-2.2.1/authlib'
 gmake: *** [all-recursive] Error 1

 Mmm... Where's the mistake? Probably I've misunderstood your help :(

You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that
particular patch.

Michael.



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Michael Bowe
- Original Message - 
From: Andrea Riela [EMAIL PROTECTED]

 With your patch, I've already a security problem? Or removing the
 open_smtp_relay() calls from the preauthvchmpw.c file to authvchkpw.c,
 you've fixed that?

Yes, with the patch, the security problem is resolved, because the
relay isnt opened unless the user has successfully authenticated.

As you say, the open_smtp_relay() calls are moved from the
pre-auth stage, to post-auth 

Michael.



RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Andrea Riela
Michael Bowe wrote:
 You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that
 particular patch. 

Now I'm trying to compile the 2.1.1 version, but ...

Compiling modauthvchkpw.c
gcc  -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./..   -o
authvchkpw  modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a
../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt
-lm  
ld: -lcrypt: no match
collect2: ld returned 1 exit status
*** Error code 1

Stop in /src/courier-imap-2.1.1/authlib (line 856 of Makefile).
*** Error code 1

Stop in /src/courier-imap-2.1.1/authlib (line 701 of Makefile).
*** Error code 1

Stop in /src/courier-imap-2.1.1 (line 459 of Makefile).

Make or gmake, it's the same.
My lib_deps: -L/home/vpopmail/lib -lvpopmail -lcrypt

Thanks for your support
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-08 Thread Werner Amon
Andrea Riela schrieb:

Michael Bowe wrote:
 

You will need to use courier-imap-2.1.1 (rather than 2.2.1) with that
particular patch. 
   

Now I'm trying to compile the 2.1.1 version, but ...

Compiling modauthvchkpw.c
gcc  -I/home/vpopmail/include -DHAVE_OPEN_SMTP_RELAY= -Wall -I.. -I./..   -o
authvchkpw  modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a
../md5/libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lcrypt
-lm  
ld: -lcrypt: no match
collect2: ld returned 1 exit status
*** Error code 1

Stop in /src/courier-imap-2.1.1/authlib (line 856 of Makefile).
*** Error code 1
Stop in /src/courier-imap-2.1.1/authlib (line 701 of Makefile).
*** Error code 1
Stop in /src/courier-imap-2.1.1 (line 459 of Makefile).

Make or gmake, it's the same.
My lib_deps: -L/home/vpopmail/lib -lvpopmail -lcrypt
Thanks for your support
Andrea
 

Mhhh,

I had the same Problem, and i am turn the roaming-users off and use now 
relay-ctrl that works very fine.
It works with couriers pop3d, pop3d-ssl, imapd, imapd-ssl.

http://untroubled.org/relay-ctrl/

Werner


Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-07 Thread Tom Collins
On Jan 7, 2004, at 10:31 AM, Andrea Riela wrote:
OK, it works, but ... When I try with courier (that uses 
libvpopmail.a, if
I've undestood well), in my open-smtp, after pop3-ssl, there isn't my
external IP with relay allowed.
If I recall correctly, you need to do something special to courier to 
get it to compile with roaming users enabled.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


RE: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-07 Thread Andrea Riela
Tom Collins wrote:
 On Jan 7, 2004, at 10:31 AM, Andrea Riela wrote:
 OK, it works, but ... When I try with courier (that uses
 libvpopmail.a, if I've undestood well), in my open-smtp, after
 pop3-ssl, there isn't my external IP with relay allowed.
 
 If I recall correctly, you need to do something special to courier to
 get it to compile with roaming users enabled.

Nothing special, I need to enable the smtp relay for pop3-ssl roaming users.
I thought: if I compile vpopmail with enable-roaming-users, and courier with
authvchkpw, I could do that. I don't know, I suppose that courier writes the
open-smtp file, like qmail and qmail-pop3d ... I know that if I use the
vchkpw (with roaming) with qmail-pop3d, all works fine, and in open-smtp
I've my external IP allowed (and the tcp.smtp.cdb uses the Ips in open-smtp
and tcp.smtp for working, right?) ... With courier nothing, it doesn't work
(generic as consideration, I know, but I haven't ideas ...). With courier,
when I try to use my smtp relay, I have nothing in my open-smtp, and the
relay is disabled.

Any suggestion?
I've tried with
tcpserver -u 89 -g 89 -v -R -H -l nesys.it 0 995 \
that is tcpserver as vpopmail:vchkpw, but nothing.

My /home/vpopmail/etc:
observe# ls -la
total 11
drwxr-xr-x  2 vpopmail  vchkpw   512 Jan  8 03:44 .
drwxr-xr-x  8 root  wheel512 Dec 23 18:56 ..
-rw-r--r--  1 vpopmail  vchkpw25 Jan  7 17:24 inc_deps
-rw-r--r--  1 vpopmail  vchkpw34 Jan  7 17:24 lib_deps
-rw-r--r--  1 root  vchkpw59 Jan  7 18:02 open-smtp
-rw-r--r--  1 root  vchkpw 0 Jan  7 18:02 open-smtp.lock
-rw-r--r--  1 vpopmail  vchkpw   455 Dec 11 18:51 tcp.smtp
-rw-r--r--  1 root  vchkpw  2352 Jan  7 18:04 tcp.smtp.cdb
-rw-r--r--  1 vpopmail  vchkpw  1107 Nov 23 02:26 vlimits.default

My /home/vpopmail/bin:
observe# ls -la
total 1754
drwxr-xr-x  2 vpopmail  vchkpw1024 Jan  7 17:24 .
drwxr-xr-x  8 root  wheel  512 Dec 23 18:56 ..
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 clearopensmtp
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vaddaliasdomain
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vadddomain
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vadduser
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 valias
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vchangepw
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan  7 17:24 vchkpw
-rwxr-xr-x  1 vpopmail  vchkpw  208734 Jan  7 17:22 vchkpw-no-roaming
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vconvert
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vdeldomain
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan  7 17:24 vdelivermail
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vdeloldusers
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vdeluser
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vdominfo
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vipmap
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vkill
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vmkpasswd
-rwx--x--x  1 vpopmail  vchkpw   77824 Jan  7 17:24 vmoddomlimits
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vmoduser
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vpasswd
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vpopbull
-rwx--x--x  1 vpopmail  vchkpw   73728 Jan  7 17:24 vqmaillocal
-rwx--x--x  1 vpopmail  vchkpw   65536 Jan  7 17:24 vsetuserquota
-rwx--x--x  1 vpopmail  vchkpw   69632 Jan  7 17:24 vuserinfo

My /home/vpopmail/lib:
observe# ls -la
total 202
drwx--  2 root  wheel 512 Jan  7 17:24 .
drwxr-xr-x  8 root  wheel 512 Dec 23 18:56 ..
-rw-r--r--  1 root  wheel  192264 Jan  7 17:24 libvpopmail.a

Thanks for your support and patience.
Regards
Andrea



Re: [vchkpw] vchkpw and courier 2.2.1 (long)

2004-01-07 Thread Michael Bowe
- Original Message - 
From: Andrea Riela [EMAIL PROTECTED]

 I've recompiled courier-2.2.1 and qmailadmin-1.2.0-rc2
 Steps for courier (as root):
 ./configure --prefix=/usr/local/courier-imap --disable-root-check
 --without-authpam --without-authldap --without-authpwd --without-authmysql
 --without-authpgsql --without-authshadow --without-authuserdb
 --without-authcustom --without-authcram --without-authdaemon
 --with-authvchkpw --with-ssl --with-piddir=/var/run
 setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
 gmake
 gmake install
 gmake install-configure

 When I try with courier (that uses libvpopmail.a, if
 I've undestood well), in my open-smtp, after pop3-ssl, there isn't my
 external IP with relay allowed.

It is my understanding that
   setenv CFLAGS=-DHAVE_OPEN_SMTP_RELAY
is not sufficient to enable the roaming user functionality in courier-imap.

Instead you need to edit the file
  authlib/preauthvchkpw.c
and remove the line  :
  #undef HAVE_OPEN_SMTP_RELAY
and then recompile courier-imap

This roaming user functionality was hardcoded off on purpose,
because there is a flaw in the current design. If you enable roaming users
in courier, then any user will be able to relay after performing an auth
attempt, regardless of whether the auth contained a valid username/password.

I have been doing some work on the vpopmail code that comes with
courier. The work fixes many problems including this particular bug.
I have recently submitted this patch to the courier author, and hopefully
they will include these updates in a forthcoming courier release.

ref
http://sourceforge.net/tracker/index.php?func=detailaid=796524group_id=85
937atid=577801

Michael.