Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-28 Thread anf
Hello Julien,

Wednesday, July 27, 2011, 09:42:38, Julien Escario wrote:
JE Hello,
JE I also have an issue with a base64_decode() function which seems 
incompatible
JE with amd64 arch.

JE I'm using the patch from milkys (http://www.mcmilk.de/qmail/)

JE Try to print the return string after base64 decoding has been done to check 
if
JE your auth string is correct. If it's not, that's qmail-smtpd fault, not 
vpopmail's.

JE Regards,
JE Julien Escario


JE Le 26/07/2011 23:05, a...@ltmd.org a écrit :
 Hello Rick,

 Sunday, July 3, 2011, 17:15:29, Rick Macdougall wrote:
 RM  On 03/07/2011 5:11 AM, a...@ltmd.org wrote:
 Hello Rick,

 Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:
 User vpopmail realy exists. I also cannot find the
 difference between working x86 server configuration and the new
 amd64 one. I tried to reconfigure my system from no-multilib to
 multilib and to reemerge netqmail and vpopmail ebuilds, but still no
 success. :( Is there some way to debug that plain SMTP-AUTH to figure
 out what is really happening?

 RM   You can use recordio (part of one of djb's packages) to log 
 everything
 RM   that happens within an smtp conversation.

 RM   http://cr.yp.to/ucspi-tcp/recordio.html

 Thank you for your assistance, Rick. I tried to use that nice tool.
 And here goes the result:

 @40004e1029d019fc59f4 22218   220 mail.domain.com ESMTP
 @40004e1029d035004684 22218   EHLO [10.1.1.177]
 @40004e1029d035017b1c 22218   250-mail.domain.com
 @40004e1029d03501b1cc 22218   250-STARTTLS
 @40004e1029d03501e494 22218   250-PIPELINING
 @40004e1029d03502175c 22218   250-8BITMIME
 @40004e1029d03502463c 22218   250-SIZE 0
 @40004e1029d035027904 22218   250 AUTH LOGIN PLAIN
 @40004e1029d10834940c 22218   AUTH PLAIN
 @40004e1029d108356ecc 22218   334
 @40004e1029d109252dcc 22218   c2VuZGVyLmNvbXBhc3N3b3Jk
 @40004e1029d6092f863c 22218   535 authentication failed (#5.7.1)
 @40004e1029d60994146c 22218   RSET
 @40004e1029d60994e374 22218   250 flushed
 @40004e1029d60b8495e4 22218   AUTH LOGIN
 @40004e1029d60b85ca7c 22218   334 VXNlcm5hbWU6
 @40004e1029d60c5eadec 22218   c2VuZGVyLmNvbQ==
 @40004e1029d60c5ff9f4 22218   334 UGFzc3dvcmQ6
 @40004e1029d60d4acf24 22218   cGFzc3dvcmQ=
 @40004e1029db0d59619c 22218   535 authentication failed (#5.7.1)
 @40004e1029db0e782f7c 22218   RSET
 @40004e1029db0e78cbbc 22218   250 flushed
 @40004e1029db10ef51cc 22218   MAIL FROM:sen...@domain.com   SIZE=524
 @40004e1029db10f0f3c4 22218   250 ok
 @40004e1029db281154f4 22218   RCPT TO:receip...@domain.com
 @40004e1029db2812eb34 22218   250 ok
 @40004e1029db2a9afd74 22218   DATA
 @40004e1029db2aa021dc 22218   354 go ahead
 @40004e1029db2b9f619c 22218   Date: Sun, 3 Jul 2011 11:35:32 +0300
 @40004e1029db2ba00d7c 22218   From: Name Surnamesen...@domain.com
 @40004e1029db2ba08e64 22218   Reply-To: Name 
 Surnamesen...@domain.com
 @40004e1029db2ba10b64 22218   X-Priority: 3 (Normal)
 @40004e1029db2ba1847c 22218   
 Message-ID:86092590.20110703113...@domain.com
 @40004e1029db2ba1fd94 22218   To: receip...@domain.com
 @40004e1029db2ba276ac 22218   Subject: test
 @40004e1029db2ba2efc4 22218   MIME-Version: 1.0
 @40004e1029db2ba364f4 22218   Content-Type: text/plain; charset=utf-8
 @40004e1029db2ba3de0c 22218   Content-Transfer-Encoding: 
 quoted-printable
 @40004e1029db2ba45724 22218
 @40004e1029db2ba5ba9c 22218   test
 @40004e1029db2ba9f88c 22218   .
 @40004e1029db376d0894 22218   250 ok 1309682129 qp 2
 @40004e1029db3888d4ec 22218   RSET
 @40004e1029db3889cb04 22218   250 flushed
 @40004e1029db3982d104 22218   QUIT
 @40004e1029db398a79f4 22218   221 mail.domain.com
 @40004e1029db398a81c4 22218   [EOF]
 @40004e1029db399445c4 tcpserver: end 22217 status 0
 @40004e1029db39944d94 tcpserver: status: 0/40

 Right now I see that there is something goes wrong with a
 authentication process in qmail and this dump is not very useful for
 me. :( Are there any other ideas I can try?


 RM  Hi,

 RM  I'd trying asking on a spamdyke mailing list.  If it was plain
 RM  qmail-smtpd then you'd see in the logs why it failed.

 RM  Rick

 I was done fresh clean install on gentoo amd64 netqmail and vpopmail
 with mysql support. No any clamav, spamassassin, spamdyke and others.
 SMTP-AUTH still not working. Trying to figure out what is really
 happening.

Finally I have found the situation when SMTP-AUTH not working. Seems
like it's not arch dependent. By some reason SMTP-AUTH fails when
/var/vpopmail is mounted as another logical volume. If qmail and
vpopmail is on the same logical volume SMTP-AUTH works fine. So I
guess it's not a vpopmail, but qmail fault. Thanks to everyone who
tried to help me.


!DSPAM:4e31b1d832711891912209!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-27 Thread Peter Palmreuther
Hi,

On 27.07.2011 at 00:56 a...@ltmd.org wrote:
 
 Just want to add that I tested right now and found that the same fresh
 programs configurations and settings on the clean 32-bit system
 working pretty good. Should I try once again to use recordio program
 on a 64-bit system?

'recordio' only tells what's happening on the outside, which, as you already 
know, is a rejection.
I'd use 'strace -fF -s 4096 -o /tmp/auth.err -p TCPSERVER-PID' to monitor 
what's behind the curtain.
Execute this command immediately before you start your next test and stop it 
immediately after you failed, because it'll gather data from all connections 
and therefore collect a lot.

Within the output (/tmp/auth.err) you might need to sort out information from 
test-unrelated processes.
But you should also see who's gonna be called for actually doing the 
authentication and why it return non-success.
-- 
Regards,

Peter
!DSPAM:4e2faa3332713543020530!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-27 Thread Julien Escario

Hello,
I also have an issue with a base64_decode() function which seems incompatible 
with amd64 arch.


I'm using the patch from milkys (http://www.mcmilk.de/qmail/)

Try to print the return string after base64 decoding has been done to check if 
your auth string is correct. If it's not, that's qmail-smtpd fault, not vpopmail's.


Regards,
Julien Escario


Le 26/07/2011 23:05, a...@ltmd.org a écrit :

Hello Rick,

Sunday, July 3, 2011, 17:15:29, Rick Macdougall wrote:
RM  On 03/07/2011 5:11 AM, a...@ltmd.org wrote:

Hello Rick,

Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:

User vpopmail realy exists. I also cannot find the

difference between working x86 server configuration and the new
amd64 one. I tried to reconfigure my system from no-multilib to
multilib and to reemerge netqmail and vpopmail ebuilds, but still no
success. :( Is there some way to debug that plain SMTP-AUTH to figure
out what is really happening?


RM   You can use recordio (part of one of djb's packages) to log everything
RM   that happens within an smtp conversation.

RM   http://cr.yp.to/ucspi-tcp/recordio.html

Thank you for your assistance, Rick. I tried to use that nice tool.
And here goes the result:

@40004e1029d019fc59f4 22218   220 mail.domain.com ESMTP
@40004e1029d035004684 22218   EHLO [10.1.1.177]
@40004e1029d035017b1c 22218   250-mail.domain.com
@40004e1029d03501b1cc 22218   250-STARTTLS
@40004e1029d03501e494 22218   250-PIPELINING
@40004e1029d03502175c 22218   250-8BITMIME
@40004e1029d03502463c 22218   250-SIZE 0
@40004e1029d035027904 22218   250 AUTH LOGIN PLAIN
@40004e1029d10834940c 22218   AUTH PLAIN
@40004e1029d108356ecc 22218   334
@40004e1029d109252dcc 22218   c2VuZGVyLmNvbXBhc3N3b3Jk
@40004e1029d6092f863c 22218   535 authentication failed (#5.7.1)
@40004e1029d60994146c 22218   RSET
@40004e1029d60994e374 22218   250 flushed
@40004e1029d60b8495e4 22218   AUTH LOGIN
@40004e1029d60b85ca7c 22218   334 VXNlcm5hbWU6
@40004e1029d60c5eadec 22218   c2VuZGVyLmNvbQ==
@40004e1029d60c5ff9f4 22218   334 UGFzc3dvcmQ6
@40004e1029d60d4acf24 22218   cGFzc3dvcmQ=
@40004e1029db0d59619c 22218   535 authentication failed (#5.7.1)
@40004e1029db0e782f7c 22218   RSET
@40004e1029db0e78cbbc 22218   250 flushed
@40004e1029db10ef51cc 22218   MAIL FROM:sen...@domain.com   SIZE=524
@40004e1029db10f0f3c4 22218   250 ok
@40004e1029db281154f4 22218   RCPT TO:receip...@domain.com
@40004e1029db2812eb34 22218   250 ok
@40004e1029db2a9afd74 22218   DATA
@40004e1029db2aa021dc 22218   354 go ahead
@40004e1029db2b9f619c 22218   Date: Sun, 3 Jul 2011 11:35:32 +0300
@40004e1029db2ba00d7c 22218   From: Name Surnamesen...@domain.com
@40004e1029db2ba08e64 22218   Reply-To: Name Surnamesen...@domain.com
@40004e1029db2ba10b64 22218   X-Priority: 3 (Normal)
@40004e1029db2ba1847c 22218   
Message-ID:86092590.20110703113...@domain.com
@40004e1029db2ba1fd94 22218   To: receip...@domain.com
@40004e1029db2ba276ac 22218   Subject: test
@40004e1029db2ba2efc4 22218   MIME-Version: 1.0
@40004e1029db2ba364f4 22218   Content-Type: text/plain; charset=utf-8
@40004e1029db2ba3de0c 22218   Content-Transfer-Encoding: quoted-printable
@40004e1029db2ba45724 22218
@40004e1029db2ba5ba9c 22218   test
@40004e1029db2ba9f88c 22218   .
@40004e1029db376d0894 22218   250 ok 1309682129 qp 2
@40004e1029db3888d4ec 22218   RSET
@40004e1029db3889cb04 22218   250 flushed
@40004e1029db3982d104 22218   QUIT
@40004e1029db398a79f4 22218   221 mail.domain.com
@40004e1029db398a81c4 22218   [EOF]
@40004e1029db399445c4 tcpserver: end 22217 status 0
@40004e1029db39944d94 tcpserver: status: 0/40

Right now I see that there is something goes wrong with a
authentication process in qmail and this dump is not very useful for
me. :( Are there any other ideas I can try?



RM  Hi,

RM  I'd trying asking on a spamdyke mailing list.  If it was plain
RM  qmail-smtpd then you'd see in the logs why it failed.

RM  Rick

I was done fresh clean install on gentoo amd64 netqmail and vpopmail
with mysql support. No any clamav, spamassassin, spamdyke and others.
SMTP-AUTH still not working. Trying to figure out what is really
happening.







--
---
 __   ___   Julien Escario
/\  _  \ /\_ \   esca...@azylog.net
\ \ \L\ \  __  __\//\ \ ___  __   Tél. : +33.677583199
 \ \  __ \/\_ ,`\ /\ \/\ \ \ \ \   / __`\  /'_ `\
  \ \ \/\ \/_/  /_\ \ \_\ \ \_\ \_/\ \L\ \/\ \L\ \ Azylog
   \ \_\ \_\/\\\/` \/\\ \/\ \ \ Rte de Champagnole
\/_/\/_/\// `/___/ \//\/___/  \/___L\ \ F-39300 Les Nans
   /\___//\/ SIRET 49130560300020
   \/__/ \_/__/
Hébergement mutualisé  

Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-26 Thread anf
Hello Rick,

Sunday, July 3, 2011, 17:15:29, Rick Macdougall wrote:
RM On 03/07/2011 5:11 AM, a...@ltmd.org wrote:
 Hello Rick,

 Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:
 User vpopmail realy exists. I also cannot find the
 difference between working x86 server configuration and the new
 amd64 one. I tried to reconfigure my system from no-multilib to
 multilib and to reemerge netqmail and vpopmail ebuilds, but still no
 success. :( Is there some way to debug that plain SMTP-AUTH to figure
 out what is really happening?

 RM  You can use recordio (part of one of djb's packages) to log everything
 RM  that happens within an smtp conversation.

 RM  http://cr.yp.to/ucspi-tcp/recordio.html

 Thank you for your assistance, Rick. I tried to use that nice tool.
 And here goes the result:

 @40004e1029d019fc59f4 22218  220 mail.domain.com ESMTP
 @40004e1029d035004684 22218  EHLO [10.1.1.177]
 @40004e1029d035017b1c 22218  250-mail.domain.com
 @40004e1029d03501b1cc 22218  250-STARTTLS
 @40004e1029d03501e494 22218  250-PIPELINING
 @40004e1029d03502175c 22218  250-8BITMIME
 @40004e1029d03502463c 22218  250-SIZE 0
 @40004e1029d035027904 22218  250 AUTH LOGIN PLAIN
 @40004e1029d10834940c 22218  AUTH PLAIN
 @40004e1029d108356ecc 22218  334
 @40004e1029d109252dcc 22218  c2VuZGVyLmNvbXBhc3N3b3Jk
 @40004e1029d6092f863c 22218  535 authentication failed (#5.7.1)
 @40004e1029d60994146c 22218  RSET
 @40004e1029d60994e374 22218  250 flushed
 @40004e1029d60b8495e4 22218  AUTH LOGIN
 @40004e1029d60b85ca7c 22218  334 VXNlcm5hbWU6
 @40004e1029d60c5eadec 22218  c2VuZGVyLmNvbQ==
 @40004e1029d60c5ff9f4 22218  334 UGFzc3dvcmQ6
 @40004e1029d60d4acf24 22218  cGFzc3dvcmQ=
 @40004e1029db0d59619c 22218  535 authentication failed (#5.7.1)
 @40004e1029db0e782f7c 22218  RSET
 @40004e1029db0e78cbbc 22218  250 flushed
 @40004e1029db10ef51cc 22218  MAIL FROM:sen...@domain.com  SIZE=524
 @40004e1029db10f0f3c4 22218  250 ok
 @40004e1029db281154f4 22218  RCPT TO:receip...@domain.com
 @40004e1029db2812eb34 22218  250 ok
 @40004e1029db2a9afd74 22218  DATA
 @40004e1029db2aa021dc 22218  354 go ahead
 @40004e1029db2b9f619c 22218  Date: Sun, 3 Jul 2011 11:35:32 +0300
 @40004e1029db2ba00d7c 22218  From: Name Surnamesen...@domain.com
 @40004e1029db2ba08e64 22218  Reply-To: Name Surnamesen...@domain.com
 @40004e1029db2ba10b64 22218  X-Priority: 3 (Normal)
 @40004e1029db2ba1847c 22218  
 Message-ID:86092590.20110703113...@domain.com
 @40004e1029db2ba1fd94 22218  To: receip...@domain.com
 @40004e1029db2ba276ac 22218  Subject: test
 @40004e1029db2ba2efc4 22218  MIME-Version: 1.0
 @40004e1029db2ba364f4 22218  Content-Type: text/plain; charset=utf-8
 @40004e1029db2ba3de0c 22218  Content-Transfer-Encoding: quoted-printable
 @40004e1029db2ba45724 22218
 @40004e1029db2ba5ba9c 22218  test
 @40004e1029db2ba9f88c 22218  .
 @40004e1029db376d0894 22218  250 ok 1309682129 qp 2
 @40004e1029db3888d4ec 22218  RSET
 @40004e1029db3889cb04 22218  250 flushed
 @40004e1029db3982d104 22218  QUIT
 @40004e1029db398a79f4 22218  221 mail.domain.com
 @40004e1029db398a81c4 22218  [EOF]
 @40004e1029db399445c4 tcpserver: end 22217 status 0
 @40004e1029db39944d94 tcpserver: status: 0/40

 Right now I see that there is something goes wrong with a
 authentication process in qmail and this dump is not very useful for
 me. :( Are there any other ideas I can try?


RM Hi,

RM I'd trying asking on a spamdyke mailing list.  If it was plain 
RM qmail-smtpd then you'd see in the logs why it failed.

RM Rick

I was done fresh clean install on gentoo amd64 netqmail and vpopmail
with mysql support. No any clamav, spamassassin, spamdyke and others.
SMTP-AUTH still not working. Trying to figure out what is really
happening.


!DSPAM:4e2f2c0c32714376791534!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-26 Thread anf
Hello,

Wednesday, July 27, 2011, 00:05:10, anf wrote:

alo Hello Rick,

alo Sunday, July 3, 2011, 17:15:29, Rick Macdougall wrote:
RM On 03/07/2011 5:11 AM, anf wrote:
 Hello Rick,

 Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:
 User vpopmail realy exists. I also cannot find the
 difference between working x86 server configuration and the new
 amd64 one. I tried to reconfigure my system from no-multilib to
 multilib and to reemerge netqmail and vpopmail ebuilds, but still no
 success. :( Is there some way to debug that plain SMTP-AUTH to figure
 out what is really happening?

 RM  You can use recordio (part of one of djb's packages) to log everything
 RM  that happens within an smtp conversation.

 RM  http://cr.yp.to/ucspi-tcp/recordio.html

 Thank you for your assistance, Rick. I tried to use that nice tool.
 And here goes the result:

 @40004e1029d019fc59f4 22218  220 mail.domain.com ESMTP
 @40004e1029d035004684 22218  EHLO [10.1.1.177]
 @40004e1029d035017b1c 22218  250-mail.domain.com
 @40004e1029d03501b1cc 22218  250-STARTTLS
 @40004e1029d03501e494 22218  250-PIPELINING
 @40004e1029d03502175c 22218  250-8BITMIME
 @40004e1029d03502463c 22218  250-SIZE 0
 @40004e1029d035027904 22218  250 AUTH LOGIN PLAIN
 @40004e1029d10834940c 22218  AUTH PLAIN
 @40004e1029d108356ecc 22218  334
 @40004e1029d109252dcc 22218  c2VuZGVyLmNvbXBhc3N3b3Jk
 @40004e1029d6092f863c 22218  535 authentication failed (#5.7.1)
 @40004e1029d60994146c 22218  RSET
 @40004e1029d60994e374 22218  250 flushed
 @40004e1029d60b8495e4 22218  AUTH LOGIN
 @40004e1029d60b85ca7c 22218  334 VXNlcm5hbWU6
 @40004e1029d60c5eadec 22218  c2VuZGVyLmNvbQ==
 @40004e1029d60c5ff9f4 22218  334 UGFzc3dvcmQ6
 @40004e1029d60d4acf24 22218  cGFzc3dvcmQ=
 @40004e1029db0d59619c 22218  535 authentication failed (#5.7.1)
 @40004e1029db0e782f7c 22218  RSET
 @40004e1029db0e78cbbc 22218  250 flushed
 @40004e1029db10ef51cc 22218  MAIL FROM:sen...@domain.com  SIZE=524
 @40004e1029db10f0f3c4 22218  250 ok
 @40004e1029db281154f4 22218  RCPT TO:receip...@domain.com
 @40004e1029db2812eb34 22218  250 ok
 @40004e1029db2a9afd74 22218  DATA
 @40004e1029db2aa021dc 22218  354 go ahead
 @40004e1029db2b9f619c 22218  Date: Sun, 3 Jul 2011 11:35:32 +0300
 @40004e1029db2ba00d7c 22218  From: Name Surnamesen...@domain.com
 @40004e1029db2ba08e64 22218  Reply-To: Name Surnamesen...@domain.com
 @40004e1029db2ba10b64 22218  X-Priority: 3 (Normal)
 @40004e1029db2ba1847c 22218  
 Message-ID:86092590.20110703113...@domain.com
 @40004e1029db2ba1fd94 22218  To: receip...@domain.com
 @40004e1029db2ba276ac 22218  Subject: test
 @40004e1029db2ba2efc4 22218  MIME-Version: 1.0
 @40004e1029db2ba364f4 22218  Content-Type: text/plain; charset=utf-8
 @40004e1029db2ba3de0c 22218  Content-Transfer-Encoding: 
 quoted-printable
 @40004e1029db2ba45724 22218
 @40004e1029db2ba5ba9c 22218  test
 @40004e1029db2ba9f88c 22218  .
 @40004e1029db376d0894 22218  250 ok 1309682129 qp 2
 @40004e1029db3888d4ec 22218  RSET
 @40004e1029db3889cb04 22218  250 flushed
 @40004e1029db3982d104 22218  QUIT
 @40004e1029db398a79f4 22218  221 mail.domain.com
 @40004e1029db398a81c4 22218  [EOF]
 @40004e1029db399445c4 tcpserver: end 22217 status 0
 @40004e1029db39944d94 tcpserver: status: 0/40

 Right now I see that there is something goes wrong with a
 authentication process in qmail and this dump is not very useful for
 me. :( Are there any other ideas I can try?


RM Hi,

RM I'd trying asking on a spamdyke mailing list.  If it was plain 
RM qmail-smtpd then you'd see in the logs why it failed.

RM Rick

alo I was done fresh clean install on gentoo amd64 netqmail and vpopmail
alo with mysql support. No any clamav, spamassassin, spamdyke and others.
alo SMTP-AUTH still not working. Trying to figure out what is really
alo happening.

Just want to add that I tested right now and found that the same fresh
programs configurations and settings on the clean 32-bit system
working pretty good. Should I try once again to use recordio program
on a 64-bit system?


!DSPAM:4e2f462332714910253358!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-03 Thread anf
Hello Rick,

Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:
 User vpopmail realy exists. I also cannot find the
 difference between working x86 server configuration and the new
 amd64 one. I tried to reconfigure my system from no-multilib to
 multilib and to reemerge netqmail and vpopmail ebuilds, but still no
 success. :( Is there some way to debug that plain SMTP-AUTH to figure
 out what is really happening?

RM You can use recordio (part of one of djb's packages) to log everything
RM that happens within an smtp conversation.

RM http://cr.yp.to/ucspi-tcp/recordio.html

Thank you for your assistance, Rick. I tried to use that nice tool.
And here goes the result:

@40004e1029d019fc59f4 22218  220 mail.domain.com ESMTP
@40004e1029d035004684 22218  EHLO [10.1.1.177]
@40004e1029d035017b1c 22218  250-mail.domain.com
@40004e1029d03501b1cc 22218  250-STARTTLS
@40004e1029d03501e494 22218  250-PIPELINING
@40004e1029d03502175c 22218  250-8BITMIME
@40004e1029d03502463c 22218  250-SIZE 0
@40004e1029d035027904 22218  250 AUTH LOGIN PLAIN
@40004e1029d10834940c 22218  AUTH PLAIN
@40004e1029d108356ecc 22218  334
@40004e1029d109252dcc 22218  c2VuZGVyLmNvbXBhc3N3b3Jk
@40004e1029d6092f863c 22218  535 authentication failed (#5.7.1)
@40004e1029d60994146c 22218  RSET
@40004e1029d60994e374 22218  250 flushed
@40004e1029d60b8495e4 22218  AUTH LOGIN
@40004e1029d60b85ca7c 22218  334 VXNlcm5hbWU6
@40004e1029d60c5eadec 22218  c2VuZGVyLmNvbQ==
@40004e1029d60c5ff9f4 22218  334 UGFzc3dvcmQ6
@40004e1029d60d4acf24 22218  cGFzc3dvcmQ=
@40004e1029db0d59619c 22218  535 authentication failed (#5.7.1)
@40004e1029db0e782f7c 22218  RSET
@40004e1029db0e78cbbc 22218  250 flushed
@40004e1029db10ef51cc 22218  MAIL FROM:sen...@domain.com SIZE=524
@40004e1029db10f0f3c4 22218  250 ok
@40004e1029db281154f4 22218  RCPT TO:receip...@domain.com
@40004e1029db2812eb34 22218  250 ok
@40004e1029db2a9afd74 22218  DATA
@40004e1029db2aa021dc 22218  354 go ahead
@40004e1029db2b9f619c 22218  Date: Sun, 3 Jul 2011 11:35:32 +0300
@40004e1029db2ba00d7c 22218  From: Name Surname sen...@domain.com
@40004e1029db2ba08e64 22218  Reply-To: Name Surname sen...@domain.com
@40004e1029db2ba10b64 22218  X-Priority: 3 (Normal)
@40004e1029db2ba1847c 22218  Message-ID: 
86092590.20110703113...@domain.com
@40004e1029db2ba1fd94 22218  To: receip...@domain.com
@40004e1029db2ba276ac 22218  Subject: test
@40004e1029db2ba2efc4 22218  MIME-Version: 1.0
@40004e1029db2ba364f4 22218  Content-Type: text/plain; charset=utf-8
@40004e1029db2ba3de0c 22218  Content-Transfer-Encoding: quoted-printable
@40004e1029db2ba45724 22218 
@40004e1029db2ba5ba9c 22218  test
@40004e1029db2ba9f88c 22218  .
@40004e1029db376d0894 22218  250 ok 1309682129 qp 2
@40004e1029db3888d4ec 22218  RSET
@40004e1029db3889cb04 22218  250 flushed
@40004e1029db3982d104 22218  QUIT
@40004e1029db398a79f4 22218  221 mail.domain.com
@40004e1029db398a81c4 22218  [EOF]
@40004e1029db399445c4 tcpserver: end 22217 status 0
@40004e1029db39944d94 tcpserver: status: 0/40

Right now I see that there is something goes wrong with a
authentication process in qmail and this dump is not very useful for
me. :( Are there any other ideas I can try?


!DSPAM:4e10323332711707610120!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-03 Thread Rick Macdougall

On 03/07/2011 5:11 AM, a...@ltmd.org wrote:

Hello Rick,

Saturday, July 2, 2011, 16:59:09, Rick Macdougall wrote:

User vpopmail realy exists. I also cannot find the

difference between working x86 server configuration and the new
amd64 one. I tried to reconfigure my system from no-multilib to
multilib and to reemerge netqmail and vpopmail ebuilds, but still no
success. :( Is there some way to debug that plain SMTP-AUTH to figure
out what is really happening?


RM  You can use recordio (part of one of djb's packages) to log everything
RM  that happens within an smtp conversation.

RM  http://cr.yp.to/ucspi-tcp/recordio.html

Thank you for your assistance, Rick. I tried to use that nice tool.
And here goes the result:

@40004e1029d019fc59f4 22218  220 mail.domain.com ESMTP
@40004e1029d035004684 22218  EHLO [10.1.1.177]
@40004e1029d035017b1c 22218  250-mail.domain.com
@40004e1029d03501b1cc 22218  250-STARTTLS
@40004e1029d03501e494 22218  250-PIPELINING
@40004e1029d03502175c 22218  250-8BITMIME
@40004e1029d03502463c 22218  250-SIZE 0
@40004e1029d035027904 22218  250 AUTH LOGIN PLAIN
@40004e1029d10834940c 22218  AUTH PLAIN
@40004e1029d108356ecc 22218  334
@40004e1029d109252dcc 22218  c2VuZGVyLmNvbXBhc3N3b3Jk
@40004e1029d6092f863c 22218  535 authentication failed (#5.7.1)
@40004e1029d60994146c 22218  RSET
@40004e1029d60994e374 22218  250 flushed
@40004e1029d60b8495e4 22218  AUTH LOGIN
@40004e1029d60b85ca7c 22218  334 VXNlcm5hbWU6
@40004e1029d60c5eadec 22218  c2VuZGVyLmNvbQ==
@40004e1029d60c5ff9f4 22218  334 UGFzc3dvcmQ6
@40004e1029d60d4acf24 22218  cGFzc3dvcmQ=
@40004e1029db0d59619c 22218  535 authentication failed (#5.7.1)
@40004e1029db0e782f7c 22218  RSET
@40004e1029db0e78cbbc 22218  250 flushed
@40004e1029db10ef51cc 22218  MAIL FROM:sen...@domain.com  SIZE=524
@40004e1029db10f0f3c4 22218  250 ok
@40004e1029db281154f4 22218  RCPT TO:receip...@domain.com
@40004e1029db2812eb34 22218  250 ok
@40004e1029db2a9afd74 22218  DATA
@40004e1029db2aa021dc 22218  354 go ahead
@40004e1029db2b9f619c 22218  Date: Sun, 3 Jul 2011 11:35:32 +0300
@40004e1029db2ba00d7c 22218  From: Name Surnamesen...@domain.com
@40004e1029db2ba08e64 22218  Reply-To: Name Surnamesen...@domain.com
@40004e1029db2ba10b64 22218  X-Priority: 3 (Normal)
@40004e1029db2ba1847c 22218  
Message-ID:86092590.20110703113...@domain.com
@40004e1029db2ba1fd94 22218  To: receip...@domain.com
@40004e1029db2ba276ac 22218  Subject: test
@40004e1029db2ba2efc4 22218  MIME-Version: 1.0
@40004e1029db2ba364f4 22218  Content-Type: text/plain; charset=utf-8
@40004e1029db2ba3de0c 22218  Content-Transfer-Encoding: quoted-printable
@40004e1029db2ba45724 22218
@40004e1029db2ba5ba9c 22218  test
@40004e1029db2ba9f88c 22218  .
@40004e1029db376d0894 22218  250 ok 1309682129 qp 2
@40004e1029db3888d4ec 22218  RSET
@40004e1029db3889cb04 22218  250 flushed
@40004e1029db3982d104 22218  QUIT
@40004e1029db398a79f4 22218  221 mail.domain.com
@40004e1029db398a81c4 22218  [EOF]
@40004e1029db399445c4 tcpserver: end 22217 status 0
@40004e1029db39944d94 tcpserver: status: 0/40

Right now I see that there is something goes wrong with a
authentication process in qmail and this dump is not very useful for
me. :( Are there any other ideas I can try?



Hi,

I'd trying asking on a spamdyke mailing list.  If it was plain 
qmail-smtpd then you'd see in the logs why it failed.


Rick


!DSPAM:4e10799632711821815719!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-02 Thread Rick Macdougall

On 01/07/2011 12:54 PM, a...@ltmd.org wrote:


User vpopmail realy exists. I also cannot find the
difference between working x86 server configuration and the new
amd64 one. I tried to reconfigure my system from no-multilib to
multilib and to reemerge netqmail and vpopmail ebuilds, but still no
success. :( Is there some way to debug that plain SMTP-AUTH to figure
out what is really happening?



Hi,

You can use recordio (part of one of djb's packages) to log everything 
that happens within an smtp conversation.


http://cr.yp.to/ucspi-tcp/recordio.html

ie

/service/qmail-smtpd/run

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 1200 \
/usr/local/bin/tcpserver -v -h -R \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp \
/usr/local/bin/rblsmtpd -t 2 -b \
-r cbl.aei.ca \
-r bl.spamcop.net \
recordio /var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21

Rick

!DSPAM:4e0f243632713934528930!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-01 Thread Rick Macdougall

On 30/06/2011 8:10 PM, a...@ltmd.org wrote:

I tried to migrate my mail service (qmail+vpopmail+mysql) to the
64-bit Gentoo platform and almost succeeded, but SMTP-AUTH problem
blocked me.

Right now I have no multilib 64-bit hardened Gentoo system with
netqmail-1.06, vpopmail-5.4.30-r2, dovecot-2.0.13 and some other
stuff. Everything seems working fine, except SMTP-AUTH function.

My mailer on this new server shows me:

SEND  - connected to SMTP server
SEND  - authenticating (plain)...
SEND  - Server reports error. The response is: authentication failed (#5.7.1)
SEND  - authenticating (login)...
SEND  - Server reports error. The response is: authentication failed (#5.7.1)
SEND  - WARNING: there were no compatible authentication mechanisms detected

Here goes my config /var/qmail/control/conf-smtpd:
---
TCPSERVER_OPTS=${TCPSERVER_OPTS} -R
QMAIL_SMTP_PRE=${QMAIL_SMTP_PRE} spamdyke -f /etc/spamdyke/spamdyke.conf
QMAIL_SMTP_CHECKPASSWORD=/var/vpopmail/bin/vchkpw
[[ -n ${QMAIL_SMTP_CHECKPASSWORD} ]]  {
 [[ -z ${QMAIL_SMTP_POST} ]]  QMAIL_SMTP_POST=/bin/true
 QMAIL_SMTP_POST=${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}
}
---



Hi,

You should be able to see the auth attempt in one f your log files.  On 
all my servers it's in /var/log/messages.  This might help show where 
the problem lies.


One of my lines as an example - Jul  1 04:43:17 mail002 vpopmail[24348]: 
vchkpw-smtp: vpopmail user not found rlev...@aei.ca:14.208.230.43


Rick

!DSPAM:4e0dc81232712410438437!



Re: [vchkpw] SMTP-AUTH problem with vchkpw

2011-07-01 Thread anf
Hello Rick,

Friday, July 1, 2011, 16:13:45, Rick Macdougall wrote:
RM On 30/06/2011 8:10 PM, a...@ltmd.org wrote:
 I tried to migrate my mail service (qmail+vpopmail+mysql) to the
 64-bit Gentoo platform and almost succeeded, but SMTP-AUTH problem
 blocked me.

 Right now I have no multilib 64-bit hardened Gentoo system with
 netqmail-1.06, vpopmail-5.4.30-r2, dovecot-2.0.13 and some other
 stuff. Everything seems working fine, except SMTP-AUTH function.

 My mailer on this new server shows me:

 SEND  - connected to SMTP server
 SEND  - authenticating (plain)...
 SEND  - Server reports error. The response is: authentication failed (#5.7.1)
 SEND  - authenticating (login)...
 SEND  - Server reports error. The response is: authentication failed (#5.7.1)
 SEND  - WARNING: there were no compatible authentication mechanisms detected

 Here goes my config /var/qmail/control/conf-smtpd:
 ---
 TCPSERVER_OPTS=${TCPSERVER_OPTS} -R
 QMAIL_SMTP_PRE=${QMAIL_SMTP_PRE} spamdyke -f /etc/spamdyke/spamdyke.conf
 QMAIL_SMTP_CHECKPASSWORD=/var/vpopmail/bin/vchkpw
 [[ -n ${QMAIL_SMTP_CHECKPASSWORD} ]]  {
  [[ -z ${QMAIL_SMTP_POST} ]]  QMAIL_SMTP_POST=/bin/true
  QMAIL_SMTP_POST=${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}
 }
 ---


RM Hi,

RM You should be able to see the auth attempt in one f your log files.  On
RM all my servers it's in /var/log/messages.  This might help show where 
RM the problem lies.

RM One of my lines as an example - Jul  1 04:43:17 mail002 vpopmail[24348]:
RM vchkpw-smtp: vpopmail user not found rlev...@aei.ca:14.208.230.43

I scanned through all my log files, but not found any entry about
with pattern vchkpw.

I have only spamdyke messages like user was not SMTP authorized.
Jul  1 00:32:49 mail spamdyke[7441]: ALLOWED from: m...@address.com to: 
m...@address.com origin_ip: 2.6.7.8 origin_rdns: 2-6-7-8.domain.com auth: 
(unknown)

Spamdyke disabling not helped me.

Server response show that it SMTP-AUTH capable:
$ telnet 1.2.3.4 25
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
220 mail.server.com ESMTP
EHLO mail.server.com
250-mail.server.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN

User vpopmail realy exists. I also cannot find the
difference between working x86 server configuration and the new
amd64 one. I tried to reconfigure my system from no-multilib to
multilib and to reemerge netqmail and vpopmail ebuilds, but still no
success. :( Is there some way to debug that plain SMTP-AUTH to figure
out what is really happening?

Anf


!DSPAM:4e0dfbd932711543016584!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-12 Thread James Cox

Sigh-

this is a shame - it doesn't work. still getting smtp auth issues with  
fehcom's auth. So i've given up on it for now it works now, but  
now simscan messages are bled in:


simscan:[17008]:PASSTHRU (7.70/5.00):2.6977s:[SPAM] :93.89.85.51:ja...@imaj.es 
:ima...@gmail.com


I'm wondering if i'm fundamentally doing something wrong- could i  
convince someone to login and take a look?


Thanks,
james

On 11 Jun 2009, at 16:18, Remo Mattei wrote:


#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
export QMAILQUEUE=/var/qmail/bin/simscan
export NOP0FCHECK=1
export SIMSCAN_DEBUG=0
#IPADDR=208.53.44.231
exec /usr/local/bin/softlimit -m 2200 \
/usr/local/bin/tcpserver  -v -H -R -l 0 \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp   \
/usr/local/bin/rblsmtpd \
   -r x.r.mail-abuse.com:see 
http://www.mail-abuse.com/cgi-bin/lo
okup?ip_address=%IP% -r zen.spamhaus.org /var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21

Here you go...

On 6/11/09 9:16 AM, James Cox ja...@imaj.es wrote:


Remo,

what's your full run script?

-james
On 11 Jun 2009, at 15:59, Remo Mattei wrote:


Did u try this settings on your server?


 #!/bin/sh
 QMAILDUID=`id -u vpopmail`
 NOFILESGID=`id -g vpopmail`
 MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
 export QMAILQUEUE=/var/qmail/bin/simscan
 export NOP0FCHECK=1
 export SIMSCAN_DEBUG=0


 Just my 2 cents..
 Remo

 On 6/11/09 8:44 AM, James Cox ja...@imaj.es wrote:



I just did a fresh install of toaster.

 i'm still getting these frustrating smtp auth problems - it's
 conflating the first portion of domain, so if for example i have  
the

 user f...@example.com, it tries to auth foo.com@:myip

 huh??

 -james

 On 11 Jun 2009, at 13:51, Tren Blackburn wrote:


I apologize if this has already been mentioned but have you  
tried Bill Shupp's toaster if you're on Linux or Matt  
Simmerman's toaster if you're on BSD? There's others, but I've  
used both over the years with no problems. I haven't switched  
to  netqmail 1.06 but I thought it was primarily just a version  
increment to reflect the change in qmail's license.


 But if these have already been suggested and are not viable to  
you for some reason then please disregardmy 2 cents here is  
in Canadian... ;)


 Regardless I hope you can track down your problem!

 Regards,

 Tren


From: James Cox ja...@imaj.es
 To: vchkpw@inter7.com vchkpw@inter7.com
 Sent: Thu Jun 11 04:47:52 2009
 Subject: Re: [vchkpw] smtp auth with chkuser problems


 On 10 Jun 2009, at 22:41, James Cox wrote:





Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP- 
AUTH (http://www.fehcom.de/qmail/smtpauth.html).
 qmail 1.0.5 and 1.0.6 should be extremely similar and I  
wonder if it is worth using 1.0.6.




 Weird, i installed the patch  with Erwin's smtp-auth, and have  
ended up with failed auths:


 Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail  
user not found james.es@:86.13.225.60


 when authing with username ja...@imaj.es




 all,

 halps!

 throwing this in again - chkuser + krystopf's smtp auth ends up  
spitting random log stuff into the smtp stream. now i'm seeing  
simscan messages after turning logging off for chkuser. So  
somehow either my service scripts or some patch to netqmail has  
caused errant bleeding of log messages into the smtp stream,  
which is of course weird and broken.


 I tried Erwin's smtp auth (fehcom) thinking this is where the  
problem lies- but alas, i can't auth at all there.


 anyone able to help shed some more light for me?
 thanks.

 james



















!DSPAM:4a324d2632667166074158!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Roberto

Thank you James, grazie Tonino.

!DSPAM:4a30ba6832669637967409!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread James Cox


On 10 Jun 2009, at 22:41, James Cox wrote:



Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH (http://www.fehcom.de/qmail/smtpauth.html 
).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if  
it is worth using 1.0.6.


Weird, i installed the patch with Erwin's smtp-auth, and have ended  
up with failed auths:


Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user  
not found james.es@:86.13.225.60


when authing with username ja...@imaj.es




all,

halps!

throwing this in again - chkuser + krystopf's smtp auth ends up  
spitting random log stuff into the smtp stream. now i'm seeing simscan  
messages after turning logging off for chkuser. So somehow either my  
service scripts or some patch to netqmail has caused errant bleeding  
of log messages into the smtp stream, which is of course weird and  
broken.


I tried Erwin's smtp auth (fehcom) thinking this is where the problem  
lies- but alas, i can't auth at all there.


anyone able to help shed some more light for me?
thanks.

james

!DSPAM:4a30ef1d32665615831132!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Tren Blackburn
I apologize if this has already been mentioned but have you tried Bill Shupp's 
toaster if you're on Linux or Matt Simmerman's toaster if you're on BSD? 
There's others, but I've used both over the years with no problems. I haven't 
switched to netqmail 1.06 but I thought it was primarily just a version 
increment to reflect the change in qmail's license.

But if these have already been suggested and are not viable to you for some 
reason then please disregardmy 2 cents here is in Canadian... ;)

Regardless I hope you can track down your problem!

Regards,

Tren



From: James Cox ja...@imaj.es 
To: vchkpw@inter7.com vchkpw@inter7.com 
Sent: Thu Jun 11 04:47:52 2009
Subject: Re: [vchkpw] smtp auth with chkuser problems 



On 10 Jun 2009, at 22:41, James Cox wrote:





Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH 
(http://www.fehcom.de/qmail/smtpauth.html).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder 
if it is worth using 1.0.6.



Weird, i installed the patch with Erwin's smtp-auth, and have ended up 
with failed auths:

Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user not 
found james.es@:86.13.225.60

when authing with username ja...@imaj.es



all,

halps!

throwing this in again - chkuser + krystopf's smtp auth ends up spitting random 
log stuff into the smtp stream. now i'm seeing simscan messages after turning 
logging off for chkuser. So somehow either my service scripts or some patch to 
netqmail has caused errant bleeding of log messages into the smtp stream, which 
is of course weird and broken.

I tried Erwin's smtp auth (fehcom) thinking this is where the problem lies- but 
alas, i can't auth at all there.

anyone able to help shed some more light for me?
thanks.

james
 

!DSPAM:4a30fdd432661702533441!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread James Cox

I just did a fresh install of toaster.

i'm still getting these frustrating smtp auth problems - it's
conflating the first portion of domain, so if for example i have the
user f...@example.com, it tries to auth foo.com@:myip

huh??

-james

On 11 Jun 2009, at 13:51, Tren Blackburn wrote:

I apologize if this has already been mentioned but have you tried  
Bill Shupp's toaster if you're on Linux or Matt Simmerman's toaster  
if you're on BSD? There's others, but I've used both over the years  
with no problems. I haven't switched to netqmail 1.06 but I thought  
it was primarily just a version increment to reflect the change in  
qmail's license.


But if these have already been suggested and are not viable to you  
for some reason then please disregardmy 2 cents here is in  
Canadian... ;)


Regardless I hope you can track down your problem!

Regards,

Tren

From: James Cox ja...@imaj.es
To: vchkpw@inter7.com vchkpw@inter7.com
Sent: Thu Jun 11 04:47:52 2009
Subject: Re: [vchkpw] smtp auth with chkuser problems


On 10 Jun 2009, at 22:41, James Cox wrote:



Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH (http://www.fehcom.de/qmail/smtpauth.html 
).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if  
it is worth using 1.0.6.


Weird, i installed the patch with Erwin's smtp-auth, and have ended  
up with failed auths:


Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user  
not found james.es@:86.13.225.60


when authing with username ja...@imaj.es




all,

halps!

throwing this in again - chkuser + krystopf's smtp auth ends up  
spitting random log stuff into the smtp stream. now i'm seeing  
simscan messages after turning logging off for chkuser. So somehow  
either my service scripts or some patch to netqmail has caused  
errant bleeding of log messages into the smtp stream, which is of  
course weird and broken.


I tried Erwin's smtp auth (fehcom) thinking this is where the  
problem lies- but alas, i can't auth at all there.


anyone able to help shed some more light for me?
thanks.

james





!DSPAM:4a31185532662012537108!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Remo Mattei
Did u try this settings on your server?


#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
export QMAILQUEUE=/var/qmail/bin/simscan
export NOP0FCHECK=1
export SIMSCAN_DEBUG=0


Just my 2 cents..
Remo

On 6/11/09 8:44 AM, James Cox ja...@imaj.es wrote:

 I just did a fresh install of toaster.
 
 i'm still getting these frustrating smtp auth problems - it's
 conflating the first portion of domain, so if for example i have the
 user f...@example.com, it tries to auth foo.com@:myip
 
 huh??
 
 -james
 
 On 11 Jun 2009, at 13:51, Tren Blackburn wrote:
 
  I apologize if this has already been mentioned but have you tried Bill
 Shupp's toaster if you're on Linux or Matt Simmerman's toaster if you're on
 BSD? There's others, but I've used both over the years with no problems. I
 haven't switched to  netqmail 1.06 but I thought it was primarily just a
 version increment to reflect the change in qmail's license.
 
 But if these have already been suggested and are not viable to you for some
 reason then please disregardmy 2 cents here is in Canadian... ;)
 
 Regardless I hope you can track down your problem!
 
 Regards,
 
 Tren
  
 
   From: James Cox ja...@imaj.es
 To: vchkpw@inter7.com vchkpw@inter7.com
 Sent: Thu Jun 11 04:47:52 2009
 Subject: Re: [vchkpw] smtp auth with chkuser problems
 
  
 On 10 Jun 2009, at 22:41, James Cox wrote:
 
 
 Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH
 (http://www.fehcom.de/qmail/smtpauth.html).
 qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if it is
 worth using 1.0.6.
 
 Weird, i installed the patch  with Erwin's smtp-auth, and have ended up with
 failed auths:
 
 Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user not found
 james.es@:86.13.225.60
 
 when authing with username ja...@imaj.es
 
 
 all,
 
 halps!
 
 throwing this in again - chkuser + krystopf's smtp auth ends up spitting
 random log stuff into the smtp stream. now i'm seeing simscan messages after
 turning logging off for chkuser. So somehow either my service scripts or some
 patch to netqmail has caused errant bleeding of log messages into the smtp
 stream, which is of course weird and broken.
 
 I tried Erwin's smtp auth (fehcom) thinking this is where the problem lies-
 but alas, i can't auth at all there.
 
 anyone able to help shed some more light for me?
 thanks.
 
 james
   
  
 
 



!DSPAM:4a311bdd32666086566072!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Brian Lanier
- Original Message - 
  From: James Cox 
  To: vchkpw@inter7.com 
  Sent: Thursday, June 11, 2009 7:44 AM
  Subject: Re: [vchkpw] smtp auth with chkuser problems


  I just did a fresh install of toaster.

  i'm still getting these frustrating smtp auth problems - it's  
  conflating the first portion of domain, so if for example i have the  
  user f...@example.com, it tries to auth foo.com@:myip

  huh??

  -james 

This may be so obvious that I shouldn't mention it, but did you change your run 
script to reflect the new smtp_auth patch? If I remember correctly, the older 
version wanted things in a different order. I just don't remember if that 
applies to this particular problem as its been awhile and I don't have access 
to my vpopmail setup right now... 

Brian 

!DSPAM:4a311eb432664685113058!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread James Cox

Remo,

what's your full run script?

-james
On 11 Jun 2009, at 15:59, Remo Mattei wrote:


Did u try this settings on your server?


#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
export QMAILQUEUE=/var/qmail/bin/simscan
export NOP0FCHECK=1
export SIMSCAN_DEBUG=0


Just my 2 cents..
Remo

On 6/11/09 8:44 AM, James Cox ja...@imaj.es wrote:


I just did a fresh install of toaster.

i'm still getting these frustrating smtp auth problems - it's
conflating the first portion of domain, so if for example i have the
user f...@example.com, it tries to auth foo.com@:myip

huh??

-james

On 11 Jun 2009, at 13:51, Tren Blackburn wrote:

I apologize if this has already been mentioned but have you tried  
Bill Shupp's toaster if you're on Linux or Matt Simmerman's  
toaster if you're on BSD? There's others, but I've used both over  
the years with no problems. I haven't switched to  netqmail 1.06  
but I thought it was primarily just a version increment to reflect  
the change in qmail's license.


But if these have already been suggested and are not viable to you  
for some reason then please disregardmy 2 cents here is in  
Canadian... ;)


Regardless I hope you can track down your problem!

Regards,

Tren

From: James Cox ja...@imaj.es
To: vchkpw@inter7.com vchkpw@inter7.com
Sent: Thu Jun 11 04:47:52 2009
Subject: Re: [vchkpw] smtp auth with chkuser problems


On 10 Jun 2009, at 22:41, James Cox wrote:



Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH (http://www.fehcom.de/qmail/smtpauth.html 
).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder  
if it is worth using 1.0.6.


Weird, i installed the patch  with Erwin's smtp-auth, and have  
ended up with failed auths:


Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user  
not found james.es@:86.13.225.60


when authing with username ja...@imaj.es



all,

halps!

throwing this in again - chkuser + krystopf's smtp auth ends up  
spitting random log stuff into the smtp stream. now i'm seeing  
simscan messages after turning logging off for chkuser. So somehow  
either my service scripts or some patch to netqmail has caused  
errant bleeding of log messages into the smtp stream, which is of  
course weird and broken.


I tried Erwin's smtp auth (fehcom) thinking this is where the  
problem lies- but alas, i can't auth at all there.


anyone able to help shed some more light for me?
thanks.

james











!DSPAM:4a311fba32661067792816!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Tonix (Antonio Nati)

Brian Lanier ha scritto:

- Original Message -

*From:* James Cox mailto:ja...@imaj.es
*To:* vchkpw@inter7.com mailto:vchkpw@inter7.com
*Sent:* Thursday, June 11, 2009 7:44 AM
*Subject:* Re: [vchkpw] smtp auth with chkuser problems

I just did a fresh install of toaster.

i'm still getting these frustrating smtp auth problems - it's  
conflating the first portion of domain, so if for example i have the  
user f...@example.com mailto:f...@example.com, it tries to auth

foo.com@:myip mailto:foo.com@:myip

huh??

-james
 

This may be so obvious that I shouldn't mention it, but did you change 
your run script to reflect the new smtp_auth patch? If I remember 
correctly, the older version wanted things in a different order. I 
just don't remember if that applies to this particular problem as its 
been awhile and I don't have access to my vpopmail setup right now...
 
Brian
 

Something like

/var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true 21

Tonino


--

   in...@zioniInterazioni di Antonio Nati 
  http://www.interazioni.it  to...@interazioni.it   





!DSPAM:4a311fda32662016013213!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-11 Thread Remo Mattei
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
export QMAILQUEUE=/var/qmail/bin/simscan
export NOP0FCHECK=1
export SIMSCAN_DEBUG=0
#IPADDR=208.53.44.231
exec /usr/local/bin/softlimit -m 2200 \
/usr/local/bin/tcpserver  -v -H -R -l 0 \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp   \
/usr/local/bin/rblsmtpd \
   -r x.r.mail-abuse.com:see
http://www.mail-abuse.com/cgi-bin/lo
okup?ip_address=%IP% -r zen.spamhaus.org /var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21

Here you go...

On 6/11/09 9:16 AM, James Cox ja...@imaj.es wrote:

 Remo,
 
 what's your full run script?
 
 -james
 On 11 Jun 2009, at 15:59, Remo Mattei wrote:
 
  Did u try this settings on your server?
  
  
  #!/bin/sh
  QMAILDUID=`id -u vpopmail`
  NOFILESGID=`id -g vpopmail`
  MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
  export QMAILQUEUE=/var/qmail/bin/simscan
  export NOP0FCHECK=1
  export SIMSCAN_DEBUG=0
  
  
  Just my 2 cents..
  Remo
  
  On 6/11/09 8:44 AM, James Cox ja...@imaj.es wrote:
  
  
 I just did a fresh install of toaster.
  
  i'm still getting these frustrating smtp auth problems - it's
  conflating the first portion of domain, so if for example i have the
  user f...@example.com, it tries to auth foo.com@:myip
  
  huh??
  
  -james
  
  On 11 Jun 2009, at 13:51, Tren Blackburn wrote:
  
  
  I apologize if this has already been mentioned but have you tried Bill
 Shupp's toaster if you're on Linux or Matt Simmerman's toaster if you're on
 BSD? There's others, but I've used both over the years with no problems. I
 haven't switched to  netqmail 1.06 but I thought it was primarily just a
 version increment to reflect the change in qmail's license.
  
  But if these have already been suggested and are not viable to you for
 some reason then please disregardmy 2 cents here is in Canadian... ;)
  
  Regardless I hope you can track down your problem!
  
  Regards,
  
  Tren
   
  
 
   From: James Cox ja...@imaj.es
  To: vchkpw@inter7.com vchkpw@inter7.com
  Sent: Thu Jun 11 04:47:52 2009
  Subject: Re: [vchkpw] smtp auth with chkuser problems
  
   
  On 10 Jun 2009, at 22:41, James Cox wrote:
  
 
  
  
 Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH
 (http://www.fehcom.de/qmail/smtpauth.html).
  qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if it is
 worth using 1.0.6.
  
 
  Weird, i installed the patch  with Erwin's smtp-auth, and have ended up
 with failed auths:
  
  Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user not
 found james.es@:86.13.225.60
  
  when authing with username ja...@imaj.es
  
  
 
  all,
  
  halps!
  
  throwing this in again - chkuser + krystopf's smtp auth ends up spitting
 random log stuff into the smtp stream. now i'm seeing simscan messages
 after turning logging off for chkuser. So somehow either my service scripts
 or some patch to netqmail has caused errant bleeding of log messages into
 the smtp stream, which is of course weird and broken.
  
  I tried Erwin's smtp auth (fehcom) thinking this is where the problem
 lies- but alas, i can't auth at all there.
  
  anyone able to help shed some more light for me?
  thanks.
  
  james

   
  
 
  
  
   
   
 
 



!DSPAM:4a31204432664417892754!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Rick Macdougall

James Cox wrote:

I've had it running for a few hours, and have this:

  1 CHKUSER rejected relaying
  5 CHKUSER accepted any rcpt
 28 CHKUSER relaying rcpt
362 CHKUSER accepted rcpt
   1719 CHKUSER rejected rcpt
   1758 CHKUSER accepted sender

and... in my defines...
neither of those two are enabled.

version 2.0.9 for me.



What version of SMTP AUTH are you using ?

I know there is a version out there that causes the exact problem you 
are seeing, although to my knowledge it hasn't been seen in years.


Regards,

Rick


!DSPAM:4a2fb48732661746112274!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread James Cox


On 10 Jun 2009, at 14:26, Rick Macdougall wrote:


James Cox wrote:

I've had it running for a few hours, and have this:
 1 CHKUSER rejected relaying
 5 CHKUSER accepted any rcpt
28 CHKUSER relaying rcpt
   362 CHKUSER accepted rcpt
  1719 CHKUSER rejected rcpt
  1758 CHKUSER accepted sender
and... in my defines...
neither of those two are enabled.
version 2.0.9 for me.


What version of SMTP AUTH are you using ?

I know there is a version out there that causes the exact problem  
you are seeing, although to my knowledge it hasn't been seen in years.

Rick:

yeah, i saw that patch. but i am using the current version (i think?)  
0.31


james

!DSPAM:4a2fc87f3291712120!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Rick Macdougall

James Cox wrote:


On 10 Jun 2009, at 14:26, Rick Macdougall wrote:


James Cox wrote:

I've had it running for a few hours, and have this:
 1 CHKUSER rejected relaying
 5 CHKUSER accepted any rcpt
28 CHKUSER relaying rcpt
   362 CHKUSER accepted rcpt
  1719 CHKUSER rejected rcpt
  1758 CHKUSER accepted sender
and... in my defines...
neither of those two are enabled.
version 2.0.9 for me.


What version of SMTP AUTH are you using ?

I know there is a version out there that causes the exact problem you 
are seeing, although to my knowledge it hasn't been seen in years.

Rick:

yeah, i saw that patch. but i am using the current version (i think?) 0.31

james





Don't know what that patch is or does.

I use Bill Shupp's toaster (http://www.shupp.org/toaster/) which uses 
the following


smtp-auth patch v. 0.5.7 by Erwin Hoffmann
http://www.fehcom.de/qmail/smtpauth.html

Regards,

Rick


!DSPAM:4a2fd06a32661582142373!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Remo Mattei
I used Bill's and works fine. I do have chkuser installed on mine with smtp
auth. 

Remo


On 6/10/09 9:25 AM, Rick Macdougall ri...@ummm-beer.com wrote:

 James Cox wrote:
 
 On 10 Jun 2009, at 14:26, Rick Macdougall wrote:
 
 James Cox wrote:
 I've had it running for a few hours, and have this:
  1 CHKUSER rejected relaying
  5 CHKUSER accepted any rcpt
 28 CHKUSER relaying rcpt
362 CHKUSER accepted rcpt
   1719 CHKUSER rejected rcpt
   1758 CHKUSER accepted sender
 and... in my defines...
 neither of those two are enabled.
 version 2.0.9 for me.
 
 What version of SMTP AUTH are you using ?
 
 I know there is a version out there that causes the exact problem you
 are seeing, although to my knowledge it hasn't been seen in years.
 Rick:
 
 yeah, i saw that patch. but i am using the current version (i think?) 0.31
 
 james
 
 
 
 
 Don't know what that patch is or does.
 
 I use Bill Shupp's toaster (http://www.shupp.org/toaster/) which uses
 the following
 
 smtp-auth patch v. 0.5.7 by Erwin Hoffmann
 http://www.fehcom.de/qmail/smtpauth.html
 
 Regards,
 
 Rick
 
 
 
 
 
 
 


!DSPAM:4a2fd17b32661437732454!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Matt Brookings
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:
 yeah, i saw that patch. but i am using the current version (i think?) 0.31

I'm not really sure *why* it would be happening and I don't really have a 
solution
to pose to you.  I just wanted you to be aware that the output you were seeing 
the
SMTP session were not meant to be in the SMTP session, it's meant to be log 
output.

Because of how tcpserver works, it's unlikely that a patch would accidentally 
push
output into a server's data stream.  Descriptors 6 and 7 are used for input and
output, and generally debugging output, etc, are done with printf()s and 
fprintf()s
which unless purposely mucked with, are going to hit descriptors 1 and 2.

Anyway, please let us know if you figure out what's going on.
- --
/*
Matt Brookings m...@inter7.com   GnuPG Key D9414F70
Software developer Systems technician
Inter7 Internet Technologies, Inc. (815)776-9465
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkov02EACgkQ6QgvSNlBT3DlLACfWu87P74FLGWXEcfPu47T7qx7
/DgAoKKLl6TAbIMkbT0ZzQG4yv2TBEYc
=Evt/
-END PGP SIGNATURE-


Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Remo Mattei
Here is mine you can try to use my settings..


#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
export QMAILQUEUE=/var/qmail/bin/simscan
export NOP0FCHECK=1
export SIMSCAN_DEBUG=0
exec /usr/local/bin/softlimit -m 2200 \
/usr/local/bin/tcpserver  -v -H -R -l 0 \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp   \
/usr/local/bin/rblsmtpd \



On 6/10/09 9:38 AM, Matt Brookings m...@inter7.com wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 James Cox wrote:
 yeah, i saw that patch. but i am using the current version (i think?) 0.31
 
 I'm not really sure *why* it would be happening and I don't really have a
 solution
 to pose to you.  I just wanted you to be aware that the output you were seeing
 the
 SMTP session were not meant to be in the SMTP session, it's meant to be log
 output.
 
 Because of how tcpserver works, it's unlikely that a patch would accidentally
 push
 output into a server's data stream.  Descriptors 6 and 7 are used for input
 and
 output, and generally debugging output, etc, are done with printf()s and
 fprintf()s
 which unless purposely mucked with, are going to hit descriptors 1 and 2.
 
 Anyway, please let us know if you figure out what's going on.
 - --
 /*
 Matt Brookings m...@inter7.com   GnuPG Key D9414F70
 Software developer Systems technician
 Inter7 Internet Technologies, Inc. (815)776-9465
 */
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (GNU/Linux)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
 iEYEARECAAYFAkov02EACgkQ6QgvSNlBT3DlLACfWu87P74FLGWXEcfPu47T7qx7
 /DgAoKKLl6TAbIMkbT0ZzQG4yv2TBEYc
 =Evt/
 -END PGP SIGNATURE-
 
 
 


!DSPAM:4a2fd52832663695612844!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Rick Macdougall

Rick Macdougall wrote:

James Cox wrote:


On 10 Jun 2009, at 14:26, Rick Macdougall wrote:


James Cox wrote:

I've had it running for a few hours, and have this:
 1 CHKUSER rejected relaying
 5 CHKUSER accepted any rcpt
28 CHKUSER relaying rcpt
   362 CHKUSER accepted rcpt
  1719 CHKUSER rejected rcpt
  1758 CHKUSER accepted sender
and... in my defines...
neither of those two are enabled.
version 2.0.9 for me.


What version of SMTP AUTH are you using ?

I know there is a version out there that causes the exact problem you 
are seeing, although to my knowledge it hasn't been seen in years.

Rick:

yeah, i saw that patch. but i am using the current version (i think?) 
0.31


james





Don't know what that patch is or does.

I use Bill Shupp's toaster (http://www.shupp.org/toaster/) which uses 
the following


smtp-auth patch v. 0.5.7 by Erwin Hoffmann
http://www.fehcom.de/qmail/smtpauth.html

Regards,

Rick






Hi,

Yup, I'm pretty sure your 0.31 patch is the culprit.

-- quote --

now mostly superseded with Krysztof Dabrowski's (and Eric M. Johnston) 
qmail-smtpd-auth-0.31 patch to include support for CRAM-MD5 with an 
additional cmd5checkpw  PAM. Unfortunately, though wide-spread, Krysztof 
Dabrowski's SMTP-Auth patch breaks the checkpassword interface for 
CRAM-MD5. Instead of transmitting the sequence 
'userid\0password\0challenge\0' it uses 'userid\0challenge\0password\0'.


*** Another obstacle is to close (like 'qmail-popup') unnecessarily file 
descriptor 2 (FD 2). This inhibits a common logging to STDERR. ***


Also, the unconditional close of FD 3 (to provide the AUTH information 
to the PAM) conflicts with reading control/morercpthosts.cdb. Further, 
there are some problems decoding BASE64.


-- end quote --

Regards,

Rick

!DSPAM:4a2fd83732661317915693!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Roberto

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?

Roberto


James Cox ha scritto:

I've had it running for a few hours, and have this:

  1 CHKUSER rejected relaying
  5 CHKUSER accepted any rcpt
 28 CHKUSER relaying rcpt
362 CHKUSER accepted rcpt
   1719 CHKUSER rejected rcpt
   1758 CHKUSER accepted sender

and... in my defines...
neither of those two are enabled.

version 2.0.9 for me.

-james


!DSPAM:4a2fdf4c32661011711836!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Tonix (Antonio Nati)

Roberto ha scritto:

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?

Roberto


James Cox ha scritto:

I've had it running for a few hours, and have this:

  1 CHKUSER rejected relaying
  5 CHKUSER accepted any rcpt
 28 CHKUSER relaying rcpt
362 CHKUSER accepted rcpt
   1719 CHKUSER rejected rcpt
   1758 CHKUSER accepted sender

and... in my defines...
neither of those two are enabled.

version 2.0.9 for me.

-james






Problem should be the auth patch which breaks the output.
In the past other people with other auth patches complained. They passed 
to the one contained in Shupp's Toaster (the unique one I've checked) 
and all problems went away.

As alternative, should try to disable logs.

Ciao!

Tonino


--

   in...@zioniInterazioni di Antonio Nati 
  http://www.interazioni.it  to...@interazioni.it   




!DSPAM:4a2fe72032662043116501!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread James Cox


On 10 Jun 2009, at 18:02, Tonix (Antonio Nati) wrote:


Roberto ha scritto:

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?





Problem should be the auth patch which breaks the output.
In the past other people with other auth patches complained. They  
passed to the one contained in Shupp's Toaster (the unique one I've  
checked) and all problems went away.

As alternative, should try to disable logs.


So, versions-

I've got
- netqmail 1.06
- smtp auth 1.03 from http://members.elysium.pl/brush/qmail-smtpd-auth/
- chkuser 2.0.9

i tried looking at the toaster, but it is patched against a different  
netqmail - 1.05?


wasn't sure if i should look to back out that patch and rebuild qmail..

--james



!DSPAM:4a300bed32661846241777!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Tonix (Antonio Nati)

James Cox ha scritto:


On 10 Jun 2009, at 18:02, Tonix (Antonio Nati) wrote:


Roberto ha scritto:

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?





Problem should be the auth patch which breaks the output.
In the past other people with other auth patches complained. They 
passed to the one contained in Shupp's Toaster (the unique one I've 
checked) and all problems went away.

As alternative, should try to disable logs.


So, versions-

I've got 
- netqmail 1.06

- smtp auth 1.03 from http://members.elysium.pl/brush/qmail-smtpd-auth/
- chkuser 2.0.9 

i tried looking at the toaster, but it is patched against a different 
netqmail - 1.05?


wasn't sure if i should look to back out that patch and rebuild qmail..

--james

 
Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH 
(http://www.fehcom.de/qmail/smtpauth.html).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if it is 
worth using 1.0.6.


Trust and use Shupp's toaster!

Ciao,

Tonino

--

   in...@zioniInterazioni di Antonio Nati 
  http://www.interazioni.it  to...@interazioni.it   





!DSPAM:4a301f0732661607920333!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread Rick Macdougall

James Cox wrote:


On 10 Jun 2009, at 18:02, Tonix (Antonio Nati) wrote:


Roberto ha scritto:

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?





Problem should be the auth patch which breaks the output.
In the past other people with other auth patches complained. They 
passed to the one contained in Shupp's Toaster (the unique one I've 
checked) and all problems went away.

As alternative, should try to disable logs.


So, versions-

I've got 
- netqmail 1.06

- smtp auth 1.03 from http://members.elysium.pl/brush/qmail-smtpd-auth/
- chkuser 2.0.9 

i tried looking at the toaster, but it is patched against a different 
netqmail - 1.05?


wasn't sure if i should look to back out that patch and rebuild qmail..



Hi,

Bill's qmail-toaster-0.9.1.patch.bz2 applies cleanly and makes cleanly 
against netqmail 1.06.  I just tested that.


I didn't install it how ever.

Regards,

Rick


!DSPAM:4a3023b532661537351311!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-10 Thread James Cox


On 10 Jun 2009, at 22:00, Tonix (Antonio Nati) wrote:


James Cox ha scritto:



On 10 Jun 2009, at 18:02, Tonix (Antonio Nati) wrote:


Roberto ha scritto:

Hi James,
what version of netqmail are you using?
does anybody knows if chkuser is compatible with 1.06?





Problem should be the auth patch which breaks the output.
In the past other people with other auth patches complained. They  
passed to the one contained in Shupp's Toaster (the unique one  
I've checked) and all problems went away.

As alternative, should try to disable logs.


So, versions-

I've got
 - netqmail 1.06
 - smtp auth 1.03 from http://members.elysium.pl/brush/qmail-smtpd-auth/
 - chkuser 2.0.9

i tried looking at the toaster, but it is patched against a  
different netqmail - 1.05?
wasn't sure if i should look to back out that patch and rebuild  
qmail..


--james

Patch in Shupp toaster is taken from Erwin Hoffmann's SMTP-AUTH (http://www.fehcom.de/qmail/smtpauth.html 
).
qmail 1.0.5 and 1.0.6 should be extremely similar and I wonder if it  
is worth using 1.0.6.


Weird, i installed the patch with Erwin's smtp-auth, and have ended up  
with failed auths:


Jun 10 16:39:21 reason vpopmail[7505]: vchkpw-smtp: vpopmail user not  
found james.es@:86.13.225.60


when authing with username ja...@imaj.es

huh?
-james

!DSPAM:4a3028a832664575497802!


Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread Matt Brookings
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:
 Anyone got any tips for how to skip those log lines? I've been looking
 at the chkuser_settings and i'm not confident i've seen anything
 immediately obvious. I'm also not convinced that these lines should ever
 exist in the smtp conversation anyhow...

You are supposed to redirect stdout and stderr to another location.  Either to 
/dev/null or
to logfiles.
- --
/*
Matt Brookings m...@inter7.com   GnuPG Key D9414F70
Software developer Systems technician
Inter7 Internet Technologies, Inc. (815)776-9465
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkoumQMACgkQ6QgvSNlBT3DcbwCfWLgzTdwb5V0vUmBJB8yVxXM9
g+cAn1xmhT0ENg/sf8Xn1kbtAZMQYewg
=8SBM
-END PGP SIGNATURE-


Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread James Cox


On 9 Jun 2009, at 18:16, Matt Brookings wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:
Anyone got any tips for how to skip those log lines? I've been  
looking

at the chkuser_settings and i'm not confident i've seen anything
immediately obvious. I'm also not convinced that these lines should  
ever

exist in the smtp conversation anyhow...


You are supposed to redirect stdout and stderr to another location.   
Either to /dev/null or

to logfiles.


Hmm - makes sense. This is how i'm running it, and not sure why i'm  
getting logs in the smtp conversation:


env CHKUSER_START=DOMAIN \
 /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \
-u $QMAILDUID -g $NOFILESGID 0 smtp \
/usr/local/bin/rblsmtpd \
-r sbl-xbl.spamhaus.org \
	/var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/true  
21


since it's running under supervise, and is logged...

-james

!DSPAM:4a2ebb8432661324210016!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread Harm van Tilborg

Hi James,

You are copying stderr (file descriptor 2) to your stdout (that's what 
the terminating 21 is for). However, this log is only saved if 
multilog is indeed catching it.


Find in the directory where this `run' file was located the directory 
`log', and publish the content of the `run' file in that directory...


--
Kind regards,
Harm van Tilborg

http://zeroxcool.net

James Cox wrote:


On 9 Jun 2009, at 18:16, Matt Brookings wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:

Anyone got any tips for how to skip those log lines? I've been looking
at the chkuser_settings and i'm not confident i've seen anything
immediately obvious. I'm also not convinced that these lines should ever
exist in the smtp conversation anyhow...


You are supposed to redirect stdout and stderr to another location.  
Either to /dev/null or

to logfiles.


Hmm - makes sense. This is how i'm running it, and not sure why i'm 
getting logs in the smtp conversation:


env CHKUSER_START=DOMAIN \
 /usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \
-u $QMAILDUID -g $NOFILESGID 0 smtp \
/usr/local/bin/rblsmtpd \
-r sbl-xbl.spamhaus.org \
/var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/true 
21


since it's running under supervise, and is logged...

-james





!DSPAM:4a2edf0532661060516316!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread James Cox

hey Harm,

Here's the run file for the log -

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t  
s250 n 10 /var/log/qmail/smtpd


and yeah- i figured that i'm pushing to stdout... which i expect the  
log/run should catch via the multilog. therefore i'm a bit confused as  
to how it's still getting into the smtp conversation. :)


-james

On 9 Jun 2009, at 23:15, Harm van Tilborg wrote:


Hi James,

You are copying stderr (file descriptor 2) to your stdout (that's  
what the terminating 21 is for). However, this log is only saved  
if multilog is indeed catching it.


Find in the directory where this `run' file was located the  
directory `log', and publish the content of the `run' file in that  
directory...



James Cox wrote:

On 9 Jun 2009, at 18:16, Matt Brookings wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:
Anyone got any tips for how to skip those log lines? I've been  
looking

at the chkuser_settings and i'm not confident i've seen anything
immediately obvious. I'm also not convinced that these lines  
should ever

exist in the smtp conversation anyhow...


You are supposed to redirect stdout and stderr to another  
location.  Either to /dev/null or

to logfiles.
Hmm - makes sense. This is how i'm running it, and not sure why i'm  
getting logs in the smtp conversation:

env CHKUSER_START=DOMAIN \
/usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \
   -u $QMAILDUID -g $NOFILESGID 0 smtp \
   /usr/local/bin/rblsmtpd \
   -r sbl-xbl.spamhaus.org \
   /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/ 
true 21

since it's running under supervise, and is logged...
-james







!DSPAM:4a2edfda32661019412068!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread Harm van Tilborg

Hi James,

What version of chkuser are you using?

When I look at the 2.0.9 source, I see the following lines inside 
chkuser_settings.h:


/*
 * the following line enables debugging of chkuser
 */
/* #define CHKUSER_DEBUG */

/*
 * The following line moves DEBUG output from STDOUT (default) to STDERR
 * Example of usage within sh: ./qmail-smtpd 2 /var/log/smtpd-debug.log
 */
/* #define CHKUSER_DEBUG_STDERR */

Did you perhaps uncomment one of these defines? That would explain the 
behaviour. You are indeed correct about how the output should be catched 
by multilog. What /do/ your logs provide (i.e. what's in 
/var/log/qmail/smtpd/current)?


(Ow, and between your log's command `...n 10...' there's no need for a 
space in between)


--
Kind regards,
Harm van Tilborg

http://zeroxcool.net

James Cox wrote:

hey Harm,

Here's the run file for the log -

exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s250 
n 10 /var/log/qmail/smtpd


and yeah- i figured that i'm pushing to stdout... which i expect the 
log/run should catch via the multilog. therefore i'm a bit confused as 
to how it's still getting into the smtp conversation. :)


-james

On 9 Jun 2009, at 23:15, Harm van Tilborg wrote:


Hi James,

You are copying stderr (file descriptor 2) to your stdout (that's what 
the terminating 21 is for). However, this log is only saved if 
multilog is indeed catching it.


Find in the directory where this `run' file was located the directory 
`log', and publish the content of the `run' file in that directory...



James Cox wrote:

On 9 Jun 2009, at 18:16, Matt Brookings wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:

Anyone got any tips for how to skip those log lines? I've been looking
at the chkuser_settings and i'm not confident i've seen anything
immediately obvious. I'm also not convinced that these lines should 
ever

exist in the smtp conversation anyhow...


You are supposed to redirect stdout and stderr to another location.  
Either to /dev/null or

to logfiles.
Hmm - makes sense. This is how i'm running it, and not sure why i'm 
getting logs in the smtp conversation:

env CHKUSER_START=DOMAIN \
/usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \
   -u $QMAILDUID -g $NOFILESGID 0 smtp \
   /usr/local/bin/rblsmtpd \
   -r sbl-xbl.spamhaus.org \
   /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw 
/bin/true 21

since it's running under supervise, and is logged...
-james











!DSPAM:4a2ee2bc32666440818484!



Re: [vchkpw] smtp auth with chkuser problems

2009-06-09 Thread James Cox

I've had it running for a few hours, and have this:

  1 CHKUSER rejected relaying
  5 CHKUSER accepted any rcpt
 28 CHKUSER relaying rcpt
362 CHKUSER accepted rcpt
   1719 CHKUSER rejected rcpt
   1758 CHKUSER accepted sender

and... in my defines...
neither of those two are enabled.

version 2.0.9 for me.

-james

On 9 Jun 2009, at 23:31, Harm van Tilborg wrote:


Hi James,

What version of chkuser are you using?

When I look at the 2.0.9 source, I see the following lines inside  
chkuser_settings.h:


/*
* the following line enables debugging of chkuser
*/
/* #define CHKUSER_DEBUG */

/*
* The following line moves DEBUG output from STDOUT (default) to  
STDERR
* Example of usage within sh: ./qmail-smtpd 2 /var/log/smtpd- 
debug.log

*/
/* #define CHKUSER_DEBUG_STDERR */

Did you perhaps uncomment one of these defines? That would explain  
the behaviour. You are indeed correct about how the output should be  
catched by multilog. What /do/ your logs provide (i.e. what's in / 
var/log/qmail/smtpd/current)?


(Ow, and between your log's command `...n 10...' there's no need for  
a space in between)


--
Kind regards,
Harm van Tilborg

http://zeroxcool.net

James Cox wrote:

hey Harm,
Here's the run file for the log -
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t  
s250 n 10 /var/log/qmail/smtpd
and yeah- i figured that i'm pushing to stdout... which i expect  
the log/run should catch via the multilog. therefore i'm a bit  
confused as to how it's still getting into the smtp conversation. :)

-james
On 9 Jun 2009, at 23:15, Harm van Tilborg wrote:

Hi James,

You are copying stderr (file descriptor 2) to your stdout (that's  
what the terminating 21 is for). However, this log is only saved  
if multilog is indeed catching it.


Find in the directory where this `run' file was located the  
directory `log', and publish the content of the `run' file in that  
directory...

James Cox wrote:

On 9 Jun 2009, at 18:16, Matt Brookings wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James Cox wrote:
Anyone got any tips for how to skip those log lines? I've been  
looking

at the chkuser_settings and i'm not confident i've seen anything
immediately obvious. I'm also not convinced that these lines  
should ever

exist in the smtp conversation anyhow...


You are supposed to redirect stdout and stderr to another  
location.  Either to /dev/null or

to logfiles.
Hmm - makes sense. This is how i'm running it, and not sure why  
i'm getting logs in the smtp conversation:

env CHKUSER_START=DOMAIN \
/usr/local/bin/tcpserver -vHR -p -x /etc/tcp.smtp.cdb \
  -u $QMAILDUID -g $NOFILESGID 0 smtp \
  /usr/local/bin/rblsmtpd \
  -r sbl-xbl.spamhaus.org \
  /var/qmail/bin/qmail-smtpd /var/qmail/vpopmail/bin/vchkpw /bin/ 
true 21

since it's running under supervise, and is logged...
-james











!DSPAM:4a2ee3f232665271019884!



Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-18 Thread John Simpson

On 2007-08-17, at 2113, Trey Nolen wrote:
I would suggest starting another instance of qmail-smtpd on port  
587 that does not use the rbls, and has its own tcp.submpt.cdb  
that allows anyone to connect, but does not ever set RELAYCLIENT.   
This allows all addresses, but will only allow relay for  
authenticated users.


Port 587, is the default port for this kind of operation.


Thanks.  We will start that, too.   But, we do have a number of  
clients that are ALREADY using port 25 for smtp-auth.  Is there any  
way to keep them from being affected by the rblmtpd?  For instance,  
is there a way to pass a variable to tcpserver if the connection is  
authenticated via smtp-auth?


no, because there's no way for tcpserver to know whether or not a  
valid AUTH command will be sent. remember that qmail-smtpd would be  
accepting the AUTH command, and rblsmtpd runs before qmail-smtpd does.


the correct answer is to create one or more AUTH-only SMTP services,  
preferably also encrypted only for security, and tell your users  
that they must use those instead. i'm not sure which patches you're  
using, but my combined patch has support for both of these features  
(i.e. it won't accept any MAIL commands until a valid AUTH command  
has been sent, and it won't accept any AUTH commands unless the  
connection is secured.) i *think* both of these features are  
available in other patches but i will admit that i'm not 100%  
familiar with them- i'm sure if you can tell us which patches you're  
using, somebody on the list will be able to give you some quick  
directions for how to set this up.


if you're not married to any particular patch, here's the info  
regarding mine. do your research and make see if it will work for  
you, if so you're (obviously) welcome to use it.


http://qmail.jms1.net/patches/combined.shtml
http://qmail.jms1.net/smtp-service.shtml
http://qmail.jms1.net/tls-auth.shtml


| John M. Simpson---   KG4ZOW   ---Programmer At Large |
| http://www.jms1.net/ [EMAIL PROTECTED] |

| http://video.google.com/videoplay?docid=-1656880303867390173 |





PGP.sig
Description: This is a digitally signed message part


Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-18 Thread Trey Nolen
Thanks for the info.  



Trey Nolen

- Original Message - 
From: John Simpson [EMAIL PROTECTED]

To: vchkpw@inter7.com
Sent: Saturday, August 18, 2007 7:28 PM
Subject: Re: [vchkpw] smtp-auth and rblsmtpd




Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-17 Thread Rick Widmer



Trey Nolen wrote:
We have been using smtp-after-pop for a long time, but are also using 
smtp-auth for some purposes.  When users authenticate via POP, a line 
like the following gets added to open-smtp:

ww.xx.yy.zz:allow,RELAYCLIENT=,RBLSMTPD=,WHITELIST= 1187395788

This keeps the users from being affected by rblsmtpd.

We added sorbs to our rblsmtpd to block dynamic IP pools, but it seems 
to be blocking our users that use smtp-auth.  Our smtp-after-pop users 
work fine using the same dynamic IPs.   We have some users that need to 
be able send via our servers but that do not have a POP account to 
authenticate against.  Is there a way to get smtp-auth excluded from the 
rblsmtpd blocks?


I would suggest starting another instance of qmail-smtpd on port 587 
that does not use the rbls, and has its own tcp.submpt.cdb that allows 
anyone to connect, but does not ever set RELAYCLIENT.  This allows all 
addresses, but will only allow relay for authenticated users.


Port 587, is the default port for this kind of operation.




My run file for the submission port is:




#!/bin/sh
QMAILUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 1000 \
 /usr/local/bin/tcpserver -v -H -R -l 0 \
 -x /mail/etc/tcp.submission.cdb -c $MAXSMTPD \
 -u $QMAILUID -g $NOFILESGID 0 587 \
 /var/qmail/bin/qmail-smptd \
 /mail/bin/vchkpw /bin/true 21


/mail/bin/ is my  ~vpopmail/bin, in absolute terms.



Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-17 Thread Trey Nolen
I would suggest starting another instance of qmail-smtpd on port 587 that 
does not use the rbls, and has its own tcp.submpt.cdb that allows anyone 
to connect, but does not ever set RELAYCLIENT.  This allows all addresses, 
but will only allow relay for authenticated users.


Port 587, is the default port for this kind of operation.





Thanks.  We will start that, too.   But, we do have a number of clients that 
are ALREADY using port 25 for smtp-auth.  Is there any way to keep them from 
being affected by the rblmtpd?  For instance, is there a way to pass a 
variable to tcpserver if the connection is authenticated via smtp-auth?



Trey Nolen



Re: [vchkpw] smtp-auth and rblsmtpd

2007-08-17 Thread Jeremy Kister

On 8/17/2007 9:13 PM, Trey Nolen wrote:
being affected by the rblmtpd?  For instance, is there a way to pass a 
variable to tcpserver if the connection is authenticated via smtp-auth?


Not without patching. the process goes like this:

user - tcpserver - rblsmtpd - qmail-smtpd (with smtp-auth)

so, rblsmtpd has already intercepted your user before he's had the
change to talk to qmail-smtpd and auth.

there is at least one patch that puts rblsmtpd functionality inside
qmail-smtpd for this purpose, but i'm having a hard time finding it.

Based on
http://lists.ziobudda.net/pipermail/qmail-it/2007-April/001698.html, I'm
making an educated guess that the patch is at:

http://lists.ziobudda.net/pipermail/qmail-it/attachments/20070410/7d59066d/qmail-dnsbl.bin


--

Jeremy Kister
http://jeremy.kister.net./







Re: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-29 Thread Winanjaya - CBN

sure.. I already checked .. because he/she able to send email with smtp auth
after he/she got email  from their pop account otherwise if he/she does not
have any email to be retrieve then the smtp auth will failed..

pls help

Regards
Winanjaya

New Page 1
- Original Message -
From: Shane Chrisp [EMAIL PROTECTED]
To: vchkpw@inter7.com
Sent: Monday, January 29, 2007 2:08 PM
Subject: Re: [vchkpw] smtp auth failed when no email to be retrieved


 On Mon, 2007-01-29 at 13:59 +0700, Winanjaya - CBN wrote:

 Has the user checked the option my outgoing server requires
 authentication?

 Shane

  Dear All,
 
  I am runnning qmail+vpopmail 5.4.17 with smtp auth for roaming users, my
  users use Outlook Express as email client to send/receive email.
 
  My problem is:
  It seems like smtp auth failed (see below message) when he/she does not
have
  email to be retrieve.
 
  I need advise..
 
  Thanks  Regards
  Winanjaya
 
 
 
  The message could not be sent because one of the recipients was rejected
by
  the server. The rejected e-mail address was '[EMAIL PROTECTED]'.
Subject
  'test', Account: 'mail.lippogeneral.com', Server:
'mail2.lippogeneral.com',
  Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my
list of
  allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error:
553,
  Error Number: 0x800CCC79
 
 
 
 
  ***
  Our outgoing mail has been scanned by MSS.
  ***-***
 


***
Our outgoing mail has been scanned by MSS.
***-***



Re: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-28 Thread Shane Chrisp
On Mon, 2007-01-29 at 13:59 +0700, Winanjaya - CBN wrote:

Has the user checked the option my outgoing server requires
authentication?

Shane

 Dear All,
 
 I am runnning qmail+vpopmail 5.4.17 with smtp auth for roaming users, my
 users use Outlook Express as email client to send/receive email.
 
 My problem is:
 It seems like smtp auth failed (see below message) when he/she does not have
 email to be retrieve.
 
 I need advise..
 
 Thanks  Regards
 Winanjaya
 
 
 
 The message could not be sent because one of the recipients was rejected by
 the server. The rejected e-mail address was '[EMAIL PROTECTED]'. Subject
 'test', Account: 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com',
 Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of
 allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553,
 Error Number: 0x800CCC79
 
 
 
 
 ***
 Our outgoing mail has been scanned by MSS.
 ***-***
 



RE: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-28 Thread shadowplay.net


well um
doesn't look like neone actually
hit any thing that would give them a
connection because your clients ip never appeared 
in a pop b4 smtp connection.

your error message, and log extract as listed 
does not show a pop connection cleanring the tcpserver
to clear the ip as an allowed relay.

so your qmail acted normaily and denied a relay status for 
the originating connecting ip. 


kenneth gf brown 
ceo shadowplay.net


 -Original Message-
 From: Winanjaya - CBN [mailto:[EMAIL PROTECTED] 
 Sent: January 29, 2007 02:00
 To: vchkpw@inter7.com
 Subject: [vchkpw] smtp auth failed when no email to be retrieved
 
 
 
 Dear All,
 
 I am runnning qmail+vpopmail 5.4.17 with smtp auth for 
 roaming users, my users use Outlook Express as email client 
 to send/receive email.
 
 My problem is:
 It seems like smtp auth failed (see below message) when 
 he/she does not have email to be retrieve.
 
 I need advise..
 
 Thanks  Regards
 Winanjaya
 
 
 
 The message could not be sent because one of the recipients 
 was rejected by the server. The rejected e-mail address was 
 '[EMAIL PROTECTED]'. Subject 'test', Account: 
 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com',
 Protocol: SMTP, Server Response: '553 sorry, that domain 
 isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, 
 Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79
 
 
 
 
 ***
 Our outgoing mail has been scanned by MSS.
 ***-***
 
 



RE: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-28 Thread Peter Normann
Winanjaya - CBN wrote:
 I am runnning qmail+vpopmail 5.4.17 with smtp auth for roaming users,
 my users use Outlook Express as email client to send/receive email.
 
 My problem is:
 It seems like smtp auth failed (see below message) when he/she does
 not have email to be retrieve.
 
 The message could not be sent because one of the recipients was
 rejected by the server. The rejected e-mail address was
 '[EMAIL PROTECTED]'. Subject 'test', Account:
 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com', Protocol:
 SMTP, Server Response: '553 sorry, that domain isn't in my list of
 allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error:
 553, Error Number: 0x800CCC79 

Have you tried Google?

http://www.google.com/search?q=0x800CCC79

Regards

Peter Normann



RE: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-28 Thread shadowplay.net


sry on crack...
obviously I missed the auth smtp, my brain
went straight to popb4smtp... 
and I agree with shane's note
did they click the damn check box :P

ken

 -Original Message-
 From: shadowplay.net [mailto:[EMAIL PROTECTED] 
 Sent: January 29, 2007 02:12
 To: vchkpw@inter7.com
 Subject: RE: [vchkpw] smtp auth failed when no email to be retrieved
 
 
 
 
 well um
 doesn't look like neone actually
 hit any thing that would give them a
 connection because your clients ip never appeared 
 in a pop b4 smtp connection.
 
 your error message, and log extract as listed 
 does not show a pop connection cleanring the tcpserver
 to clear the ip as an allowed relay.
 
 so your qmail acted normaily and denied a relay status for 
 the originating connecting ip. 
 
 
 kenneth gf brown 
 ceo shadowplay.net
 
 
  -Original Message-
  From: Winanjaya - CBN [mailto:[EMAIL PROTECTED]
  Sent: January 29, 2007 02:00
  To: vchkpw@inter7.com
  Subject: [vchkpw] smtp auth failed when no email to be retrieved
  
  
  
  Dear All,
  
  I am runnning qmail+vpopmail 5.4.17 with smtp auth for
  roaming users, my users use Outlook Express as email client 
  to send/receive email.
  
  My problem is:
  It seems like smtp auth failed (see below message) when
  he/she does not have email to be retrieve.
  
  I need advise..
  
  Thanks  Regards
  Winanjaya
  
  
  
  The message could not be sent because one of the recipients
  was rejected by the server. The rejected e-mail address was 
  '[EMAIL PROTECTED]'. Subject 'test', Account: 
  'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com',
  Protocol: SMTP, Server Response: '553 sorry, that domain 
  isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, 
  Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79
  
  
  
  
  ***
  Our outgoing mail has been scanned by MSS.
  ***-***
  
  
 
 



Re: [vchkpw] smtp auth failed when no email to be retrieved

2007-01-28 Thread Winanjaya - CBN

so you meant this is outlook express problem?

regards
Winanjaya

New Page 1 
- Original Message - 
From: shadowplay.net [EMAIL PROTECTED]
To: vchkpw@inter7.com
Sent: Monday, January 29, 2007 2:11 PM
Subject: RE: [vchkpw] smtp auth failed when no email to be retrieved


 
 
 well um
 doesn't look like neone actually
 hit any thing that would give them a
 connection because your clients ip never appeared 
 in a pop b4 smtp connection.
 
 your error message, and log extract as listed 
 does not show a pop connection cleanring the tcpserver
 to clear the ip as an allowed relay.
 
 so your qmail acted normaily and denied a relay status for 
 the originating connecting ip. 
 
 
 kenneth gf brown 
 ceo shadowplay.net
 
 
  -Original Message-
  From: Winanjaya - CBN [mailto:[EMAIL PROTECTED] 
  Sent: January 29, 2007 02:00
  To: vchkpw@inter7.com
  Subject: [vchkpw] smtp auth failed when no email to be retrieved
  
  
  
  Dear All,
  
  I am runnning qmail+vpopmail 5.4.17 with smtp auth for 
  roaming users, my users use Outlook Express as email client 
  to send/receive email.
  
  My problem is:
  It seems like smtp auth failed (see below message) when 
  he/she does not have email to be retrieve.
  
  I need advise..
  
  Thanks  Regards
  Winanjaya
  
  
  
  The message could not be sent because one of the recipients 
  was rejected by the server. The rejected e-mail address was 
  '[EMAIL PROTECTED]'. Subject 'test', Account: 
  'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com',
  Protocol: SMTP, Server Response: '553 sorry, that domain 
  isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, 
  Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79
  
  
  
  
  ***
  Our outgoing mail has been scanned by MSS.
  ***-***
  
 

***
Our outgoing mail has been scanned by MSS.
***-***



Re: [vchkpw] smtp-auth and vpopmail

2005-11-07 Thread Mario Beltran

Rick Macdougall escribió:


Mario Beltran wrote:


Hi

I have installed a new box on linux with qmail (i follow life with 
qmail) + vpopmail + autorespond +ezmlm +qmailadmin + courier-imap


All works fine.

Now i need use smtp authentication.

I found a qmail-smtpd-auth-057 patch by Dr. Erwin Hoffmann. But I 
cant aplied yet the patch.


The reason is that I have looked for one tutorial (and I cant found) 
that tell me how to set up my smtp run file for use vchkpw for 
authentication


Does somebody knows how to?

If the answer is yes, please, tell me how

Thanks in advance and regards

Mario





Hi,

If this is a new install you might want to look at 
http:://www.shupp.org/toaster and install using that guide instead.  
It will save you a lot of time and effort.


It has all the patches you want and includes smtp-auth.

If you are adverse to using a different package, see 
http://shupp.org/smtp-auth-tls/


Regards,

Rick



Thank you Rick i used http://shupp.org/smtp-auth-tls and work fine :)

regards

Mario


Re: [vchkpw] smtp-auth and vpopmail

2005-11-04 Thread Rick Macdougall

Mario Beltran wrote:

Hi

I have installed a new box on linux with qmail (i follow life with 
qmail) + vpopmail + autorespond +ezmlm +qmailadmin + courier-imap


All works fine.

Now i need use smtp authentication.

I found a qmail-smtpd-auth-057 patch by Dr. Erwin Hoffmann. But I cant 
aplied yet the patch.


The reason is that I have looked for one tutorial (and I cant found) 
that tell me how to set up my smtp run file for use vchkpw for 
authentication


Does somebody knows how to?

If the answer is yes, please, tell me how

Thanks in advance and regards

Mario





Hi,

If this is a new install you might want to look at 
http:://www.shupp.org/toaster and install using that guide instead.  It 
will save you a lot of time and effort.


It has all the patches you want and includes smtp-auth.

If you are adverse to using a different package, see 
http://shupp.org/smtp-auth-tls/


Regards,

Rick



Re: [vchkpw] SMTP auth ....

2005-06-30 Thread dballantyne
If you are using an ebuild for qmail, can you send the output of the
following command to the list:

# emerge -vp qmail



 I've upgraded to vpopmail (5.4.6) and decided to switch to smtp auth ..
 since I couldn't get roaming working anyway.

 I'm still getting rcpthosts errors,

 where do I check how relay-ctrl and how it does things.

 I'm fighting a loosing battle here ...

 I followed the instructions on
 http://gentoo-wiki.com/HOWTO_Setup_QMAIL_RELAY-CTRL_VPOPMAIL

 --
 Henti Smith
 [EMAIL PROTECTED]
 +27 82 958 2525
 http://www.geekware.co.za

 DISCLAIMER :

 Unauthorised use of characters, images, sounds, odors, severed limbs,
 noodles, wierd dreams, strange looking fruit, oxygen, and certain parts of
 Jupiter are strictly forbidden.  If I find you violating, or molesting my
 property in any way, I will employ a pair of burly convicts to find you,
 kidnap you, and perform god-awful sexual experiments on you until you lose
 the ability to sound out vowels.  I don't know why you are still reading
 this, but by doing so you have proven that you have far too much time on
 your hands, and you should go plant a tree, or read a book or something.
   - http://www.ctrlaltdel-online.com/





Re: [vchkpw] SMTP auth ....

2005-06-30 Thread Henti Smith
On Thu, 30 Jun 2005 21:53:22 - (GMT)
[EMAIL PROTECTED] wrote:

 If you are using an ebuild for qmail, can you send the output of the
 following command to the list:
 
 # emerge -vp qmail

[ebuild   R   ] mail-mta/qmail-1.03-r15  -noauthcram -notlsbeforeauth 
(-selinux) +ssl 0 kB


-- 
Henti Smith
[EMAIL PROTECTED]
+27 82 958 2525
http://www.geekware.co.za

DISCLAIMER : 

Unauthorised use of characters, images, sounds, odors, severed limbs, noodles, 
wierd dreams, strange looking fruit, oxygen, and certain parts of Jupiter are 
strictly forbidden.  If I find you violating, or molesting my property in any 
way, I will employ a pair of burly convicts to find you, kidnap you, and 
perform god-awful sexual experiments on you until you lose the ability to sound 
out vowels.  I don't know why you are still reading this, but by doing so you 
have proven that you have far too much time on your hands, and you should go 
plant a tree, or read a book or something.
- http://www.ctrlaltdel-online.com/


Re: [vchkpw] SMTP auth ....

2005-06-30 Thread Henti Smith
On Fri, 1 Jul 2005 00:00:26 +0200
Henti Smith [EMAIL PROTECTED] wrote:

 On Thu, 30 Jun 2005 21:53:22 - (GMT)
 [EMAIL PROTECTED] wrote:
 
  If you are using an ebuild for qmail, can you send the output of the
  following command to the list:
  
  # emerge -vp qmail
 
 [ebuild   R   ] mail-mta/qmail-1.03-r15  -noauthcram -notlsbeforeauth 
 (-selinux) +ssl 0 kB

Ok guys .. got it all working ... 

For mail-mta/qmail-1.03-r15 you need notlsbeforeauth set in make.conf
Also in your /var/qmail/control/conf-smtpd 

QMAIL_SMTP_POST=${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}

Usually there is a ${QMAIL_SMTP_AUTHHOST} before CHECKPASS, but this is not 
needed or it gives you a permission error

vmysql can't read settings /var/vpopmail/etc/vpopmail.mysql

FYI +:) 


-- 
Henti Smith
[EMAIL PROTECTED]
+27 82 958 2525
http://www.geekware.co.za

DISCLAIMER : 

Unauthorised use of characters, images, sounds, odors, severed limbs, noodles, 
wierd dreams, strange looking fruit, oxygen, and certain parts of Jupiter are 
strictly forbidden.  If I find you violating, or molesting my property in any 
way, I will employ a pair of burly convicts to find you, kidnap you, and 
perform god-awful sexual experiments on you until you lose the ability to sound 
out vowels.  I don't know why you are still reading this, but by doing so you 
have proven that you have far too much time on your hands, and you should go 
plant a tree, or read a book or something.
- http://www.ctrlaltdel-online.com/


Re: [vchkpw] smtp auth - md5 learn pass

2005-06-20 Thread Tom Collins

On Jun 19, 2005, at 9:09 PM, Casey Allen Shobe wrote:

I don't know what dovecot does.  I recompiled it and restarted it,
no difference.  Here's what shows up in the mail facility for
syslog:

# tail -f /var/log/mail/current
Jun 20 04:08:51 [imap-login] Login: [EMAIL PROTECTED] [71.113.2.184]
Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [64.125.210.7]
Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87]
Jun 20 04:08:57 [pop3-login] Login: [EMAIL PROTECTED] [67.160.31.225]
Jun 20 04:09:07 [pop3-login] Login: [EMAIL PROTECTED] [24.41.46.242]
Jun 20 04:09:09 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87]
Jun 20 04:09:12 [vpopmail] vchkpw-smtp: (PLAIN) login success
[EMAIL PROTECTED]:71.113.2.184
Jun 20 04:09:16 [pop3-login] Login: [EMAIL PROTECTED] [66.213.206.34]
Jun 20 04:09:22 [vpopmail] vchkpw-smtp: (PLAIN) login success
[EMAIL PROTECTED]:148.64.71.106


It looks like it doesn't call vchkpw.  If it did, you'd see [vpopmail] 
vchkpw-pop3: in the logs.


--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
You don't need a laptop to troubleshoot high-speed Internet: 
sniffter.com




Re: [vchkpw] smtp auth - md5 learn pass

2005-06-19 Thread Casey Allen Shobe
On Monday 20 June 2005 00:49, Tom Collins wrote:
 Does dovecot link directly to libvpopmail?  If so, did you
 recompile dovecot after enabling learn passwords and cleartext
 passwords in vpopmail?  If not, it's still linked to the old
 vpopmail code.

I don't know what dovecot does.  I recompiled it and restarted it, 
no difference.  Here's what shows up in the mail facility for 
syslog:

# tail -f /var/log/mail/current
Jun 20 04:08:51 [imap-login] Login: [EMAIL PROTECTED] [71.113.2.184]
Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [64.125.210.7]
Jun 20 04:08:56 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87]
Jun 20 04:08:57 [pop3-login] Login: [EMAIL PROTECTED] [67.160.31.225]
Jun 20 04:09:07 [pop3-login] Login: [EMAIL PROTECTED] [24.41.46.242]
Jun 20 04:09:09 [pop3-login] Login: [EMAIL PROTECTED] [66.15.68.87]
Jun 20 04:09:12 [vpopmail] vchkpw-smtp: (PLAIN) login success 
[EMAIL PROTECTED]:71.113.2.184
Jun 20 04:09:16 [pop3-login] Login: [EMAIL PROTECTED] [66.213.206.34]
Jun 20 04:09:22 [vpopmail] vchkpw-smtp: (PLAIN) login success 
[EMAIL PROTECTED]:148.64.71.106

pop3-login and imap-login are subprocesses of dovecot.

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
[EMAIL PROTECTED] | cell 425-443-4653
AIM  Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com


Re: [vchkpw] smtp auth - md5 learn pass

2005-06-18 Thread Casey Allen Shobe
On Friday 17 June 2005 20:20, Sylwester S. Biernacki wrote:
 AFAIR it does exactly what you said.

Nope, doesn't seem to.  I rebuilt vpopmail with it enabled, edited 
out the cleartext portions of a vpasswd file, and logged in a bunch 
of times as that user.  No updates to vpasswd. :(

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
[EMAIL PROTECTED] | cell 425-443-4653
AIM  Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com


Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread Rick Macdougall

ISP Lists wrote:


sys: Fedora core3, manually compiled vpopmail 3.4.10, RPM Mysql 3.23.59?,
compiled courier imap 4.0.2, compiled qmail-1.03, patched
qmail-ej-cocktail-14.tar.gz, manually patched Tonix' chkuser 2.0.

I have installed vpopmail with roaming/SMTP-AUTH before, again using
Michael Bowe's webmail guide.  SMTP-AUTH is failing authentication and I
cannot tell why.

I had created the qmail install with Tonix' chkuser patch and saved that
qmail-smtpd binary.  Substituting between the original and the Tonix
patched qmail-smtpd binaries does not seem to change the behavior.

compiled vpopmail as:

./configure \
 --enable-roaming-users \
 --enable-logging=p \
 --disable-passwd \
 --enable-clear-passwd \
 --disable-domain-quotas \
 --enable-auth-module=mysql \
 --disable-many-domains \
 --enable-auth-logging \
 --enable-sql-logging \
 --enable-valias \
 --disable-mysql-limits

/home/vpopmail/etc:
qmail]# ls -l ~vpopmail/etc/
total 16
-rw-r--r--  1 root root 25 Jun  8 19:47 inc_deps
-rw-r--r--  1 root root 81 Jun  8 19:47 lib_deps
-rw-r--r--  1 vpopmail vchkpw 1107 Jun  8 19:47 vlimits.default
-rw-r-  1 vpopmail vchkpw   43 Jun  8 19:43 vpopmail.mysql


/var/qmail/supervise/qmail-smtpd/run:
#!/bin/sh
QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl export QMAILQUEUE
VPOPMAILUID=`id -u vpopmail`
VPOPMAILGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
if [ -z $QMAILDUID -o -z $NOFILESGID -o -z $MAXSMTPD -o -z $LOCAL
]; then
   echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
   echo /var/qmail/supervise/qmail-smtpd/run
   exit 1
fi
exec /usr/local/bin/softlimit -m 1700 \
/usr/local/bin/tcpserver \
 -H -l [[[my.host.name]]] \
   -v -x /etc/tcp.smtp.cdb \
 -c 30 -R -u $VPOPMAILUID -g $VPOPMAILGID 0 smtp \
 /usr/local/bin/rblsmtpd -b -C \
-r 'sbl-xbl.spamhaus.org:Your message was rejected ' \
 /var/qmail/bin/qmail-smtpd $LOCAL /home/vpopmail/bin/vchkpw \
 /usr/bin/true 21


mysql's vpopmail database table vlog contains:
| id | user  | passwd   | domain| logon   
  | remoteip | message   
| timestamp  | error |

++---+--+---+-+--+-++---+
|  1 | daver | [EMAIL PROTECTED] | example.net |
[EMAIL PROTECTED] | MYIP | vchkpw-25: password fail (pass:
'[EMAIL PROTECTED]') [EMAIL PROTECTED]:MYIP | 1119024854 |  
 3 |

|  2 | daver | [EMAIL PROTECTED] | example.net |
[EMAIL PROTECTED] | MYIP | vchkpw-25: password fail (pass:
'[EMAIL PROTECTED]') [EMAIL PROTECTED]:MYIP | 1119025751 |  
 3 |



THIS IMPLIES that some element of the hostname and a timestamp(?) are
being forwarded instead of the submitted password??

I'm at a loss here, help appreciated!

BTW, all incoming SMTP delivery works to all accounts.  All POP3 pickup
and authentication works too.  Just SMTP-AUTH to send is broken.
 


Hi,

I use Bill Shupp's toaster (www.shupp.org) and I don't know which 
smtp-auth patch you are using, but the newer patch does NOT use the 
localhost name


ie

/var/qmail/bin/qmail-smtpd $LOCAL /home/vpopmail/bin/vchkpw \

should be

/var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw \

with a recent patch.

HTH,

Rick




Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread Tom Collins

On Jun 17, 2005, at 9:43 AM, ISP Lists wrote:

/usr/local/bin/tcpserver \
  -H -l [[[my.host.name]]] \
-v -x /etc/tcp.smtp.cdb \
  -c 30 -R -u $VPOPMAILUID -g $VPOPMAILGID 0 smtp \
  /usr/local/bin/rblsmtpd -b -C \
 -r 'sbl-xbl.spamhaus.org:Your message was rejected ' \
  /var/qmail/bin/qmail-smtpd $LOCAL /home/vpopmail/bin/vchkpw \
  /usr/bin/true 21


mysql's vpopmail database table vlog contains:
| id | user  | passwd   | domain| logon
   | remoteip | message
 | timestamp  | error |
++---+--+--- 
+-+-- 
+-- 
---++---+

|  1 | daver | [EMAIL PROTECTED] | example.net |
[EMAIL PROTECTED] | MYIP | vchkpw-25: password fail (pass:
'[EMAIL PROTECTED]') [EMAIL PROTECTED]:MYIP | 1119024854  
|


You've got an old SMTP AUTH patch that sends the MD5 challenge and  
response in the wrong order.


Use the patch from the contrib directory of vpopmail, and then remove  
the $LOCAL from your run file, as the newer SMTP AUTH patch does not  
use it.


--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
You don't need a laptop to troubleshoot high-speed Internet:  
sniffter.com




Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread ISP Lists

 You've got an old SMTP AUTH patch that sends the MD5 challenge and
 response in the wrong order.

 Use the patch from the contrib directory of vpopmail, and then remove
 the $LOCAL from your run file, as the newer SMTP AUTH patch does not
 use it.

 --
 Tom Collins  -  [EMAIL PROTECTED]
 QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
 You don't need a laptop to troubleshoot high-speed Internet:
 sniffter.com



Tom, thanks.  I didn't realize there had been a change in patches that
did this...  Wilco.



Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread ISP Lists

 You've got an old SMTP AUTH patch that sends the MD5 challenge and
 response in the wrong order.

 Use the patch from the contrib directory of vpopmail, and then remove
 the $LOCAL from your run file, as the newer SMTP AUTH patch does not
 use it.

 --
 Tom Collins  -  [EMAIL PROTECTED]
 QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
 You don't need a laptop to troubleshoot high-speed Internet:
 sniffter.com



 Tom, thanks.  I didn't realize there had been a change in patches that
 did this...  Wilco.


Follow-up

Built as netqmail-1.05, patched SMTP-AUTH from vpopmail contrib, then
manually added Tonix' chkuser 2.0

Everything is VERY happy now.

Thanks for the help!
Dave.






Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread Tom Collins

On Jun 17, 2005, at 11:21 AM, ISP Lists wrote:

Built as netqmail-1.05, patched SMTP-AUTH from vpopmail contrib, then
manually added Tonix' chkuser 2.0

Everything is VERY happy now.


Did you remember to remove $LOCAL from your qmail-smtpd/run file?  If 
not, you can now auth with any username/password.


--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
You don't need a laptop to troubleshoot high-speed Internet: 
sniffter.com




Re: [vchkpw] SMTP-AUTH works POP3 not SMTPd?

2005-06-17 Thread ISP Lists
 On Jun 17, 2005, at 11:21 AM, ISP Lists wrote:
 Built as netqmail-1.05, patched SMTP-AUTH from vpopmail contrib, then
 manually added Tonix' chkuser 2.0

 Everything is VERY happy now.

 Did you remember to remove $LOCAL from your qmail-smtpd/run file?  If
 not, you can now auth with any username/password.

 --
 Tom Collins  -  [EMAIL PROTECTED]
 QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
 You don't need a laptop to troubleshoot high-speed Internet:
 sniffter.com


Yes, I did and I tried using nonsense/invalid combos to ensure that I
wasn't AUTH'ing the world.  Appreciate your concern!  Thanks again!



Re: [vchkpw] smtp auth - md5 learn pass

2005-06-17 Thread Casey Allen Shobe
On Friday 17 June 2005 17:42, Sylwester S. Biernacki wrote:
   1. I've reconfigured vpopmail and added
 --enable-learn-passwords=y and --enable-clear-passwd=y

What is --enable-learn-passwords?  If it does what I'm guessing it 
does by name and starts recording missing cleartext entries in 
vpasswd files, that would be very useful to us!!

Cheers,
-- 
Casey Allen Shobe | http://casey.shobe.info
[EMAIL PROTECTED] | cell 425-443-4653
AIM  Yahoo:  SomeLinuxGuy | ICQ:  1494523
SeattleServer.com, Inc. | http://www.seattleserver.com


Re: [vchkpw] SMTP Auth problem for non vpopmail users

2005-05-16 Thread Ken Jones
On Monday 16 May 2005 3:52 pm, Nick Gilbert wrote:
 Hi,

 I have IMAP authentication working for vpopmail and standard linux
 users, but I have a problem with SMTP authentication.

 I need SMTP authentication to work for standard linux users (I'm not
 worried about vpop users at all for SMTP-AUTH). I have built my box
 using the instructions on Shupp.org (Bill Schupp).  I understand that
 Bill's toaster incorporates a Qmail AUTH patch but when I try to login
 it doesn't work:

 Escape character is '^]'.
 220 blue.x-rm.com ESMTP
 ehlo localhost
 250-blue.x-rm.com
 250-STARTTLS
 250-PIPELINING
 250-8BITMIME
 250-SIZE 0
 250 AUTH LOGIN PLAIN CRAM-MD5
 auth login
 334 VXNlcm5hbWU6
 bmljaw==
 334 UGFzc3dvcmQ6
 base64 encoded password
 535 authentication failed (#5.7.1)

 I also have this line in /var/log/maillog

 May 16 20:56:23 blue vpopmail[22654]: vchkpw-smtp: vpopmail user not
 found nick@:127.0.0.1

 ..which implies that perhaps it's only looking for vpopmail users rather
 than /etc/passwd users.

 I would like it to work for /etc/passwd users only, or both vpopmail AND
 /etc/passwd users - whichever is easier.

 Can someone please give me some pointers on how I can fix this problem
 so that normal shell account users can authenticate.

I think smtp auth requires a clear text password for CRAM-MD5 authentication 
to work. If so, /etc/passwd users won't be able to use smtp authentication.

Ken Jones


Re: [vchkpw] SMTP Auth problem for non vpopmail users

2005-05-16 Thread Rainer Duffner
Ken Jones wrote:
On Monday 16 May 2005 3:52 pm, Nick Gilbert wrote:
Hi,
I have IMAP authentication working for vpopmail and standard linux
users, but I have a problem with SMTP authentication.
I need SMTP authentication to work for standard linux users (I'm not
worried about vpop users at all for SMTP-AUTH). I have built my box
using the instructions on Shupp.org (Bill Schupp).  I understand that
Bill's toaster incorporates a Qmail AUTH patch but when I try to login
it doesn't work:
Escape character is '^]'.
220 blue.x-rm.com ESMTP
ehlo localhost
250-blue.x-rm.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
auth login
334 VXNlcm5hbWU6
bmljaw==
334 UGFzc3dvcmQ6
base64 encoded password
535 authentication failed (#5.7.1)
I also have this line in /var/log/maillog
May 16 20:56:23 blue vpopmail[22654]: vchkpw-smtp: vpopmail user not
found nick@:127.0.0.1
..which implies that perhaps it's only looking for vpopmail users rather
than /etc/passwd users.
I would like it to work for /etc/passwd users only, or both vpopmail AND
/etc/passwd users - whichever is easier.
Can someone please give me some pointers on how I can fix this problem
so that normal shell account users can authenticate.

I think smtp auth requires a clear text password for CRAM-MD5 authentication 
to work. If so, /etc/passwd users won't be able to use smtp authentication.
Wasn't the other problem that qmail-smtpd needed to be run as root?

Rainer
--
===
~ Rainer Duffner - [EMAIL PROTECTED] ~
~Unix - Linux - BSD - OpenSource - Security   ~
~  http://www.ultra-secure.de/~rainer/pubkey.pgp  ~
===


Re: [vchkpw] SMTP Auth problem for non vpopmail users

2005-05-16 Thread Ken Jones
On Monday 16 May 2005 4:10 pm, Rainer Duffner wrote:
 Ken Jones wrote:
  On Monday 16 May 2005 3:52 pm, Nick Gilbert wrote:
 Hi,
 
 I have IMAP authentication working for vpopmail and standard linux
 users, but I have a problem with SMTP authentication.
 
 I need SMTP authentication to work for standard linux users (I'm not
 worried about vpop users at all for SMTP-AUTH). I have built my box
 using the instructions on Shupp.org (Bill Schupp).  I understand that
 Bill's toaster incorporates a Qmail AUTH patch but when I try to login
 it doesn't work:
 
 Escape character is '^]'.
 220 blue.x-rm.com ESMTP
 ehlo localhost
 250-blue.x-rm.com
 250-STARTTLS
 250-PIPELINING
 250-8BITMIME
 250-SIZE 0
 250 AUTH LOGIN PLAIN CRAM-MD5
 auth login
 334 VXNlcm5hbWU6
 bmljaw==
 334 UGFzc3dvcmQ6
 base64 encoded password
 535 authentication failed (#5.7.1)
 
 I also have this line in /var/log/maillog
 
 May 16 20:56:23 blue vpopmail[22654]: vchkpw-smtp: vpopmail user not
 found nick@:127.0.0.1
 
 ..which implies that perhaps it's only looking for vpopmail users rather
 than /etc/passwd users.
 
 I would like it to work for /etc/passwd users only, or both vpopmail AND
 /etc/passwd users - whichever is easier.
 
 Can someone please give me some pointers on how I can fix this problem
 so that normal shell account users can authenticate.
 
  I think smtp auth requires a clear text password for CRAM-MD5
  authentication to work. If so, /etc/passwd users won't be able to use
  smtp authentication.

 Wasn't the other problem that qmail-smtpd needed to be run as root?

Possibly. It would need permission to access the passwd information.




Re: [vchkpw] smtp auth

2005-02-04 Thread Dave Goodrich
Dave Goodrich wrote:
Tom Collins wrote:
On Jan 28, 2005, at 9:00 AM, Dave Goodrich wrote:
snip

Excellent, thank you. If I understand correctly I will also need to do 
nothing to my current tcp.smtp file?

3) How does this effect users who do not supply auth info? Does 
qmail-smtpd fall back to using the RELAYCLIENT value from tcp.smtp.cdb?

Just as I feared, it is easy..
Uhh, kinda. Getting smtp-auth to work was easy but I fell into a hole 
when I did it. We found an instance where this breaks a lot of our clients.

I was able to duplicate the issue using Netscape Mail 4.7 (yea it's old, 
but in rual Indiana not everyone has XP Pro or OSX). If a user  has ever 
created a previous account in their mail program, the second account is 
created with smtp-auth checked and the username box empty. This caused a 
lot of people to suddenly not be able to send mail, and they all called 
tech support.

I believe I will move our smtp-auth users to another port and just fire 
up another instance of qmail-smtpd, leaving the normal qmail-smtpd 
running on port 25.

I don't see a standard port for smtp-auth, any thoughts? I've looked 
through FreeBSD /etc/services file which is pretty complete, and found 
no entry for smtp-auth. I'm leaning towards using port 9025.

Thanks,
DAve
--
Dave Goodrich
Systems Administrator
http://www.tls.net
Get rid of Unwanted Emails...get TLS Spam Blocker!


Re: [vchkpw] smtp auth

2005-02-04 Thread Tom Collins
On Feb 4, 2005, at 3:17 PM, Dave Goodrich wrote:
I don't see a standard port for smtp-auth, any thoughts? I've looked 
through FreeBSD /etc/services file which is pretty complete, and found 
no entry for smtp-auth. I'm leaning towards using port 9025.
Use port 587, 'submission'.  It's just like SMTP, but intended for 
clients sending email.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


Re: [vchkpw] smtp auth

2005-02-04 Thread Rick Macdougall

Dave Goodrich wrote:
  I believe I will move our smtp-auth users to another port and just fire
up another instance of qmail-smtpd, leaving the normal qmail-smtpd 
running on port 25.

I don't see a standard port for smtp-auth, any thoughts? I've looked 
through FreeBSD /etc/services file which is pretty complete, and found 
no entry for smtp-auth. I'm leaning towards using port 9025.
Hi,
Port 587.  While not a port specifically for smtp-auth it is reserved 
for End User mail submission to a server MTA.

http://xml.resource.org/public/rfc/html/rfc2476.html
Regards,
Rick


Re: [vchkpw] smtp auth

2005-01-30 Thread Dave Goodrich
Tom Collins wrote:
On Jan 28, 2005, at 9:00 AM, Dave Goodrich wrote:
1) What is everyone else using?
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
DENYMAIL=DNSCHECK
export DENYMAIL
LOCAL=`/usr/bin/head -1 /var/qmail/control/me`
/usr/bin/spamd -a -c -d -F0 -u qmailq
exec /usr/local/bin/softlimit -m 600 \
/usr/local/bin/tcpserver -H -R -l $LOCAL \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp \
/var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21
2) Some examples/patches show that a hostname is required in the run 
file for auth http://www.enderunix.org/documents/eng/smtp-auth/; and 
some do not http://www.fehcom.de/qmail/smtpauth.html#IMPLEMENTATION;. 
I would think this is not possible using vpopmail, as a hardcoded host 
would cause vchkpw to fail the lookup. Correct?
An older patch required it, but the current patch does not.  The 
hardcoded host name was only used in generating the MD5 challenge, and 
could be any string of text.  If you're using the patch from vpopmail's 
contrib directory, then you shouldn't have the hostname.

Excellent, thank you. If I understand correctly I will also need to do 
nothing to my current tcp.smtp file?

3) How does this effect users who do not supply auth info? Does 
qmail-smtpd fall back to using the RELAYCLIENT value from tcp.smtp.cdb?

Just as I feared, it is easy..
DAve
--
Systems Administrator
http://www.tls.net
Get rid of Unwanted Emails...get TLS Spam Blocker!


Re: [vchkpw] smtp auth

2005-01-28 Thread Tom Collins
On Jan 28, 2005, at 9:00 AM, Dave Goodrich wrote:
1) What is everyone else using?
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
DENYMAIL=DNSCHECK
export DENYMAIL
LOCAL=`/usr/bin/head -1 /var/qmail/control/me`
/usr/bin/spamd -a -c -d -F0 -u qmailq
exec /usr/local/bin/softlimit -m 600 \
/usr/local/bin/tcpserver -H -R -l $LOCAL \
-x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \
-u $QMAILDUID -g $NOFILESGID 0 smtp \
/var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 21
2) Some examples/patches show that a hostname is required in the run 
file for auth http://www.enderunix.org/documents/eng/smtp-auth/; and 
some do not http://www.fehcom.de/qmail/smtpauth.html#IMPLEMENTATION;. 
I would think this is not possible using vpopmail, as a hardcoded host 
would cause vchkpw to fail the lookup. Correct?
An older patch required it, but the current patch does not.  The 
hardcoded host name was only used in generating the MD5 challenge, and 
could be any string of text.  If you're using the patch from vpopmail's 
contrib directory, then you shouldn't have the hostname.

3) How does this effect users who do not supply auth info? Does 
qmail-smtpd fall back to using the RELAYCLIENT value from 
tcp.smtp.cdb?
Yes.
--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


Re: [vchkpw] SMTP Auth problem

2004-12-07 Thread Ispas Paul
On Tuesday 07 December 2004 13:56, Alastair Battrick wrote:
 I'm having problems with SMTP Auth.

 I have installed:
 Netqmail 1.0.5
 Vpopmail 5.4.8
 Simscan 1.0.8  Spamassassin  Clamav
 Chkuser 2.0.7
 Bill Shupp's composite TLS  SMTP Auth patch, from
 http://shupp.org/smtp-auth-tls/

 The error I'm getting is this:
 503 auth not available (#5.3.3)
 --
 # telnet 217.158.68.125 25
 Trying 217.158.68.125...
 Connected to 217.158.68.125.
 Escape character is '^]'.
 220 mail.datasnake.co.uk ESMTP
 EHLO datasnake.co.uk
 250-mail.datasnake.co.uk
 250-STARTTLS
 250-PIPELINING
 250-8BITMIME
 250-SIZE 0
 250 AUTH LOGIN PLAIN CRAM-MD5
 AUTH PLAIN
 503 auth not available (#5.3.3)
 --

 SMTP does deliver locally.

 The smtpd log gives only this:

 2004-12-07 11:30:47.177877500 tcpserver: pid 20753 from 81.178.252.159
 2004-12-07 11:30:47.178302500 tcpserver: ok 20753
 mail.datasnake.co.uk:217.158.68.125:25
 81-178-252-159.dsl.pipex.com:81.178.252.159::1314


 I am starting SMTP with
 --
 #!/bin/sh

 QMAILQUEUE=/var/qmail/bin/simscan
 export QMAILQUEUE

 QMAILDUID=`id -u vpopmail`
 NOFILESGID=`id -g vpopmail`
 MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
 LOCAL=`head -1 /var/qmail/control/me`

 exec /usr/local/bin/softlimit -m 20971520 \
 /usr/local/bin/tcpserver -v -R -l $LOCAL -x
 /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g
 $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21
 --


You should start smtp with the folowing command line : 

qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true
Read the smtp-auth docs. 




Re: [vchkpw] SMTP Auth problem

2004-12-07 Thread Alastair Battrick
Ispas Paul wrote:
On Tuesday 07 December 2004 13:56, Alastair Battrick wrote:
I'm having problems with SMTP Auth.
snip
I am starting SMTP with
--
#!/bin/sh
QMAILQUEUE=/var/qmail/bin/simscan
export QMAILQUEUE
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
exec /usr/local/bin/softlimit -m 20971520 \
   /usr/local/bin/tcpserver -v -R -l $LOCAL -x
/home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD \ -u $QMAILDUID -g
$NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd 21
--
You should start smtp with the folowing command line : 

qmail-smtpd mail.example.com /home/vpopmail/bin/vchkpw /bin/true
Read the smtp-auth docs. 
Hi Paul
Thanks for your help. Which documentation are you referring to?
The information you gave me does not appear to be correct, as a 
different error started when doing it the way you describe. It now 
works, when starting qmail-smtpd like so:
qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true

Thanks anyway - it's working now
Alastair


Re: [vchkpw] SMTP-AUTH fails, POP3 auth works. Mysql, Linux

2004-08-07 Thread ISP Lists
 I've built vpopmail 5.4.5 with mysql 3.23.57-ish on Debian potato. I've
 enabled roaming users and have included the SMTP-AUTH patch.  Courier,
 vpopmail, qmail, and everything else compiled fine (I did not use Debian
 packages).

 POP3 works fine.  Spam filtering works fine.  Squirrelmail fine.
 Squirrelmail sends via 127.0.0.1 SMTP fine via
 /home/vpopmail/etc/tcp.smtp.  SMTP-AUTH fails on password look ups and
 therefore roaming users cannot send email.

[SNIP]

OK, I've found that it was a client software error where CRAM-MD5 login is
advertised first.  Pegasus mail wouldn't keep trying to get to plain
LOGIN, but The BAT! would fail back from CRAM-MD5 to plain LOGIN and
roaming SMTP relay works fine.

Sorry for the initial concern, but I'd like to remove CRAM-MD5 from the
advertised capabilities to avoid this kind of confusion with users.

Any help there?!
Sorry, but thanks so far!



Re: [vchkpw] SMTP-AUTH fails, POP3 auth works. Mysql, Linux

2004-08-07 Thread Tom Collins
On Aug 7, 2004, at 5:39 AM, ISP Lists wrote:
OK, I've found that it was a client software error where CRAM-MD5 
login is
advertised first.  Pegasus mail wouldn't keep trying to get to plain
LOGIN, but The BAT! would fail back from CRAM-MD5 to plain LOGIN and
roaming SMTP relay works fine.
If you're using an older SMTP AUTH patch, CRAM-MD5 won't work properly. 
 Use the patch that's in the contrib directory of vpopmail 5.4.x 
instead (and note that you may need to update your qmail-smtpd/run file 
as well).

You really should have CRAM-MD5, since it's the only SMTP AUTH protocol 
that encrypts the password when sending.  Note that you'll also need to 
enable cleartext passwords in vpopmail for it to work properly.

If you can't use CRAM-MD5 for some reason, edit the source to 
qmail-smtpd and remove it from the text sent to the SMTP client (just 
search for CRAM-MD5 and it should be easy to find).

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/


Re: [vchkpw] smtp-auth on separate server queries vpopmail -mysql

2004-06-25 Thread Mandy
Ron Culler wrote:
I'm and having difficulty setting up a separate qmail server as a
smtp-auth server.  
(* Its being done to provide inbound virus scanning prior to the message
being delivered to the local mailbox)

I have successfully setup Qmail and can get smtp-auth to work with
checkpassword and the local shadow users.  I installed vpopmail enabling
roaming users, and mysql-auth.  I then set the vpopmail.mysql file to
use the DB on my main vpopmail server.  I can see it connect but it
returns an incorrect password response for the user and then sends the
email.  

My question is can vpopmail provide this type of functionality?
If not has anyone seen something that can?  I want to be able to have
smtp-auth query the vpopmail user DB.
Thanks
Ron Culler

 

this works great.
the only think to do is to mirror the /var/qmail/users dir to the auth 
server.
then your users can auth against your mainserver

regards mandy


Re: [vchkpw] smtp auth

2004-05-24 Thread signo




Hi,

I've installed SPAMCONTROL and i've modified the tcp.smtp file like you
say (:allow,REQUIREAUTH="")

but now nobody can send me e-mail


the sender receive the message:

Your message has encountered delivery problems
to the following recipient(s):

[EMAIL PROTECTED]
Delivery failed
535 authentication failed (#5.7.1)


No recipients were successfully delivered to.

bye, signo


Erwin Hoffmann wrote:

Erwin Hoffmann wrote:

  Hi,

At 10:49 19.05.04 +0200, you wrote:
  
  
   Erwin Hoffmann wrote:Hi,  At 09:46 19.05.04 +0200, signo wrote:
 hello, i ve 2 problems  first: I've installed qmail 1.03 with
qmail-smtpd-auth-043. Now the smth auth  work fine but if i try to send an
email (with Mozilla) without smpt authentication set it  work??!!!??
   Hm. Could you please explain that in more details ?
If i set (in mozilla) 'the server require smtp-auth, he ask me for user
name and passwd, he verify the entries
and if the username/password are correct he send the mail.
 control)!!!

I would like to acceprtONLY mail after a successfull smtp-auth.

  
  
Ok. As I assumed. Look for my SPAMCONTROL patch. It includes SMTP
Authentication.

http://www.fehcom.de/qmail/spamcontrol.html

The README (http://www.fehcom.de/qmail/spamcontrol/README_spamcontrol.html)
tells more (Section 7.4). In your case you to have to set:

:allow,REQUIREAUTH=""

That will do the trick.


regards.
--eh.

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24

  






Re: [vchkpw] SMTP Auth HOW? *UPDATE* AMD64

2004-05-24 Thread Linux-Guru
Am Sonntag, 23. Mai 2004 21:28 schrieb blist:

First of all: I have the same problem - also on Dual-Opteron machines.
I also have been in contact with blist and X-ISTENCE...

 Ok,  after the huge number of irrevlent replies to my last thread I am
 attempting to post an update on my SMTP Auth problem.  I have tried just
 most smtp patchs, the on  in the contrib dir of vpopmail and
 http://shupp.org/patches/netqmail-1.05-tls-smtpauth-20040207.patch  I
 have included captures of below.

As far as I found out, all smtp-auth-patches are based on Krzysztof 
Dabrowski's auth-patch (http://members.elysium.pl/brush/qmail-smtpd-auth/).
Some are improved, some are mixed with other features...


 Both patches apply without error and compile/install fine.  I am running
 a Dual AMD Opteron system with suse 64 bit.  I have had other people
 look at this situation and there are no solutions.  I can only assume
 the patch has a problem with 64bit systems.  Here is an example of login
 and error and run file:
[...]
I found out, that it doesn't matter what other patches are applied. I got the 
same error when using a vanilla qmail with only the auth-patch and the 
errno-patch applied.
I tried to compile while editing conf-cc and adding there -m32 (for 32-bit), 
but I got errors with this.
When I added -m64, it compiled, but I got the same result at the end = auth 
doesn't work.

When running the following:

exec softlimit -m 5000 tcpserver -vR -l $Server-FQDN -c 1000 -u 89 -g 89 0 
25 /usr/local/bin/recordio sh -c '/var/qmail/bin/qmail-smtpd 
$Server-FQDN /var/vpopmail/bin/vchkpw /usr/bin/true 21'

I get:

tcpserver: status: 0/1000
tcpserver: status: 1/1000
tcpserver: pid 23227 from $Client-IP
tcpserver: ok 23227 $Server-FQDN:$Server-IP:25 $Client-FQDN:$Client-IP::4024
 3227  220 $Server-FQDN ESMTP
 3227  EHLO $Client-Name
 3227  250-$Server-FQDN
 3227  250-AUTH LOGIN CRAM-MD5 PLAIN
 3227  250-AUTH=LOGIN CRAM-MD5 PLAIN
 3227  250-PIPELINING
 3227  250 8BITMIME
 3227  AUTH LOGIN
 3227  334 VXNlcm5hbWU6
 3227  dGVzdEB0ZXN0LmNvbQ==
 3227  334 UGFzc3dvcmQ6
 3227  dGVzdA==
 3227  454 oops, problem with child and I can't auth (#4.3.0)
23227  [EOF]
tcpserver: end 23227 status 256
tcpserver: status: 0/1000
23227  [EOF]

All Phrases with $ are masked since there are some people on this list, 
which should not know which one is affected.

It also doen't make any change, if I comment the ability of CRAM-MD5 out in 
the source of the patch.

 If you've read this far, thanks!.  Drop me an e-mail if you have any
 other suggestions.  Thanks!
I'll start a post at the qmail-list and try to get in contact with Krzysztof 
Dabrowski and Erwin Hoffmann (since he seems to have experience and speaks 
the same language than I do, it would be a bit easier).

If somebody would be able and willing to have a look at this patch there would 
surely be some people very pleased.
If somebody wants to try but hasn't 64-bit-hardware, I can provide access to 
my machine since it isn't productive (badly).

As blist already wrote, any suggestions would be apreciated. Since there is 
more than one who would be glad about a solution, please post answers to the 
list.

Greetings

Tobias


Re: [vchkpw] SMTP Auth HOW? *UPDATE* AMD64

2004-05-23 Thread Paul Theodoropoulos
please trim your posts. trimming your signature would be courteous too. you 
don't need to quote 63k of original message to append two sentences.

At 02:23 PM 5/23/2004, DEBO Jurgen E. G. wrote:
Hello blist,
Sunday, May 23, 2004, 9:28:35 PM, you wrote:
b If you've read this far, thanks!.  Drop me an e-mail if you have any
b other suggestions.  Thanks!
First, I suggest You verify Your authentication.  Start-tls is initiated,
in that case the pasword has to be plain-text, not cram.
--
Best regards,
 DEBO Jurgen
 mailto:[EMAIL PROTECTED]

 www.guide.be * www.gids.be * www.guide.fr * www.shop.fr

 / \ sarl GUIDE (sdet)
 --- the GUIDE, de GIDS, TELESHOP, SHOP
 __   |   __ 128, rue du faubourg de Douai
|  /  |  \  |FR-59000 Lille, La France
 / \  |  / \ Tél/Fax +32 59 26.91.51 Mobile +32 479 212.841
 /|__\|/__|\ Sitehttp://sarl.guide.fr
 \|  /|\  |/ N° TVA  FR-55.440.243.988
|\ /  |  \ /|RC Lille 74075/2001B01478
|__\  |  /__|Siret 440 243 988 00027
  |  Compte BE: KREDBEBB (BIC) BE56.466-5571951-88 
(IBAN)
 --- Compte FR: CMCIFR2A (BIC) 
FR76.1562-9027-0200-0455-1870-127 (IBAN)
 \ / Conditions (terms): 
http://sarl.guide.fr/conditions.php

www.teleshop.fr * www.teleshop.be * www.teleshop.biz * www.teleshop.info * 
www.teleshop.name

Paul Theodoropoulos
http://www.anastrophe.com



Re: [vchkpw] SMTP Auth HOW? *UPDATE* AMD64

2004-05-23 Thread X-Istence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

DEBO Jurgen E. G. wrote:
 snip

 First, I suggest You verify Your authentication.  Start-tls is initiated,
 in that case the pasword has to be plain-text, not cram.


First off, starttls is not initiated, as then he would have had to enter
 starttls to start it in the first place.

Second, auth login takes a base 64 username and base 64 password which
he supplied.

Dont trust me on that? Please read the RFC's for it. If he was using
cram-md5 he wouldnt have issued a AUTH LOGIN. He would have issued a
AUTH CRAM-MD5.

- 

Anyways, id like to second anything the thread starter said. I have been
on the system myself (not like that matters, i know), but he has read
all the documentation, and anything there is to know about SMTP auth, so
its not a mistake some place.

For some reason something is going wrong some place, and i am thinking
it could be in the base64.c file, however i have no clue most of it.

I highly doubt its vchkpw as vchkpw gets handed just the info it needs,
and works with pop3, so it _should_ work with smtp auth as well.



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAsTt9JukONu5DUaQRAkJaAJ9qSXy95Cej2AMBedJ9ohKKI51nHgCfcvpM
708uHSBbjo65tOpLZSRhabY=
=JDLs
-END PGP SIGNATURE-


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread DEBO Jurgen E. G.
Hello blist,

Friday, May 21, 2004, 2:00:08 AM, you wrote:

b I am installing vchkpw + SMTP AUTH + qmail.  I have installed qmail with
b this patch:
bqmail-smtpd-auth-0.31 from 
b http://members.elysium.pl/brush/qmail-smtpd-auth/

b Here is my run tcpserver script for qmail-smtpd:

b exec /usr/local/bin/softlimit -m 1000 \
b /usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
b /usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
b $QMAILDUID -g vchkpw 192.168.5.50 25 \
b /usr/local/bin/fixcrio \
b /usr/local/bin/rblsmtpd -r relays.ordb.org \
b /var/qmail/bin/qmail-smtpd ps1.prostream.net \
b /usr/local/vpopmail/bin/vchkpw /bin/true 

b I cannot get any users to authenticate when sending email.  I then tried
b taking out ps1.prostream.net after /var/qmail/bin/qmail-smtpd and it
b lets all users authenticate.  I am running SUSE 9.0 x86-64 with vpopmail
b 5.4.0

b Any ideas why its not working?

b Thanks,
b Brooks Roy

Roy,

In the OLD days, people were happy with SMTP-Auth.  I consider it LESS
security as SMTP after POP, because with SMTP-Auth, You sent Your
e-mailadress and Your password of Your mailbox over the internet.
When a man-in-the-middle catch this e-mail (or worse Your PW), he can
use it for spam, or access Your mailbox.

I suggest You use: SHUPP's version with netqmail like :

fetch http://www.qmail.org/netqmail-1.05.tar.gz
tar xzvf netqmail-1.05.tar.gz.tar
cd netqmail-1.05
./collate.sh

# patch with Shupp's TLS and SMTP-Auth
fetch http://shupp.org/patches/netqmail-1.05-tls-smtpauth-20040207.patch
patch  ./netqmail-1.05-tls-smtpauth-20040207.patch

certificate:

You can copy thoses (extension .pem) from :
freeBSD, vpopmail stuff
cd /var/qmail/control
cp /usr/local/cert/ipop3d.pem servercert.pem
ln -s servercert.pem ./clientcert.pem

Activate TLS by create a certificate, and You will be much better off
to create an encrypted connecton to Your SMTP server by the SMTP Enc
smtps   465/tcp#smtp protocol over TLS/SSL (was ssmtp)
smtps   465/udp#smtp protocol over TLS/SSL (was ssmtp)

-- 
Best regards,
 DEBO Jurgen
 Belgian Chocolates
 mailto:[EMAIL PROTECTED]


 www.guide.be * www.gids.be * www.guide.fr * www.shop.fr

 / \ sarl GUIDE (sdet)
 --- the GUIDE, de GIDS, TELESHOP, SHOP
 __   |   __ 128, rue du faubourg de Douai  
|  /  |  \  |FR-59000 Lille, La France
 / \  |  / \ Tél/Fax +32 59 26.91.51 Mobile +32 479 212.841
 /|__\|/__|\ Sitehttp://sarl.guide.fr
 \|  /|\  |/ N° TVA  FR-55.440.243.988
|\ /  |  \ /|RC Lille 74075/2001B01478
|__\  |  /__|Siret 440 243 988 00027
  |  Compte BE: KREDBEBB (BIC) BE56.466-5571951-88 (IBAN
 --- Compte FR: CMCIFR2A (BIC) FR76.1562-9027-0200-0455-1870-127 (IBAN)
 \ / Conditions (terms): http://sarl.guide.fr/conditions.php  

www.teleshop.fr * www.teleshop.be * www.teleshop.biz * www.teleshop.info * 
www.teleshop.name




Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Jeremy Kister
On Friday, May 21, 2004 5:41 AM, DEBO Jurgen E. G. wrote:
 In the OLD days, people were happy with SMTP-Auth. I consider it LESS
 security as SMTP after POP, because with SMTP-Auth, You sent Your
 e-mailadress and Your password of Your mailbox over the internet.

Are you insinuating that this is not so with POP3 (or SMTP after POP) ?

LOL


Jeremy Kister
http://jeremy.kister.com/



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Jeremy Kitchen
On Thursday 20 May 2004 09:24 pm, Brooks Roy wrote:
 I have put in the patch as described in the contrib README and changed
 it to be /bin/checkpassword instead of vchkpw and I still have the same
 senario.

/bin/checkpassword generally needs to be run as root to authenticate users.  
More than likely you are not doing this.  Why did you change from vchkpw 
to /bin/checkpassword ?

post your run script so we can try to attempt to help you.

-Jeremy

-- 
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Jeremy Kitchen
On Friday 21 May 2004 09:11 am, [EMAIL PROTECTED] wrote:
  In the OLD days, people were happy with SMTP-Auth. I consider it LESS
  security as SMTP after POP, because with SMTP-Auth, You sent Your
  e-mailadress and Your password of Your mailbox over the internet.

 JKister Are you insinuating that this is not so with POP3 (or SMTP after 
POP)

 No not at all, were do You get this ?

you said it yourself.

 Maybe You read it Your way. 

no, he read it as you wrote it.

 You can authenticate with POP3-SSL, and have a SMTP after POP, so were
 is Your point, in this case ?

you can also smtp auth over ssl

 What I insinuating was to use TLS for SMTP, and not SMTP Auth.

you said that later, but that wasn't your original statement.

-Jeremy

-- 
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Jeremy Kitchen
On Friday 21 May 2004 10:21 am, [EMAIL PROTECTED] wrote:
 EH This is only true for SMTP Authentication of type plain and login.
 EH With CRAM-MD5 its quite save.

 Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
 If there are many hops between Your workstation and the smtpserver,
 You can get some spam in return.

I am truly amazed at that statement.

 More, Your mail is sent in plaintext.  I prefer encrypted streams,
 so SUPP's patch which encrypts the stream with SSL, and authenticate
 afterwards (in plaintext) is still the best way to go, it's not a big
 effort to realize.

but most servers out there don't have TLS support so your email still goes 
across unencrypted.

for instance, I use smtps to talk to my mail server, purely because I have it 
available (I'm not using smtp auth or anything) but I realize that when it 
leaves my server it's not encrypted.

If you want end to end encryption of emails, most MUAs support pgp/gpg/s-mime 
encryption formats.

-Jeremy

-- 
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Nick Harring
Title: Re: [vchkpw] SMTP Auth HOWTO?







[EMAIL PROTECTED] wrote:


Hello Jeremy,

Friday, May 21, 2004, 5:20:40 PM, you wrote:

JK On Friday 21 May 2004 10:21 am, [EMAIL PROTECTED] wrote:
 

EH This is only true for SMTP Authentication of type plain and login.
EH With CRAM-MD5 its quite save.
 

CRAM-MD5 makes it safer, not quite safe.


Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
If there are many hops between Your workstation and the smtpserver,
You can get some spam in return.
 


JK I am truly amazed at that statement.
 

This sounds pretty ridiculous to me also. People who spend inordinate 
amounts of time actually worrying about having their traffic sniffed, 
probably shouldn't be using anything remotely resembling common internet 
protocols.


snip


I agree on this. But why to promote smtp-auth in plaintext, cram when You have smtps
to secure the stream up to Your mailserver (one step), but in this
step, You 'can' have many hops between You and Your workstation, so
this stream is the first to protect anyway. I agree on the fact there
aren't many TLS servers, but if everyone do his own part to install
the TLS option, we have in a little decade a much nicer place to have
secure mail transport. If people stich with smtp-auth, we never get
there.
 

Some of us don't actually have the luxury of smtp-tls because we have 
one physical mail server, or cluster thereof, serving multiple domains. 
These domains are all hidden from each other, so unless we start 
running separate smtpd instances, with their own configs, separate IPs 
we cannot present a certificate to each client that'd match what their 
mail client expects.


(note: even Your soft, courier-imap seems to have an option for
spamass, would be nice to see Dspam(.org) instead)
 

I think this'd be a show us the code request. There are quite a few 
ways to use spamassassin where its not a ridiculous memory hog 
(spamc/spamd for one).


Cheers,
Nick Harring
Webley Systems





Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Patrick Donker




[EMAIL PROTECTED] wrote:

  Hello Erwin,

Friday, May 21, 2004, 7:37:15 PM, you wrote:

EH Hi,

EH At 17:21 21.05.04 +0200, you wrote:
  
  

  Hello Erwin,

Friday, May 21, 2004, 5:14:30 PM, you wrote:

EH Hi,

EH At 11:41 21.05.04 +0200, you wrote:
  
  

  Hello blist,

  

  
  

  In the OLD days, people were happy with SMTP-Auth.  I consider it LESS
security as SMTP after POP, because with SMTP-Auth, You sent Your
e-mailadress and Your password of Your mailbox over the internet.
When a man-in-the-middle catch this e-mail (or worse Your PW), he can
use it for spam, or access Your mailbox.
  

  
  EH This is only true for SMTP Authentication of type "plain" and "login".

EH With CRAM-MD5 its quite save.

EH Read: http://www.fehcom.de/qmail/smtpauth.html#FRAMEWORK

  

  
  
  
  

  Yes, it's 'quite' safe, but You still reveal Your e-mailadress.
If there are many hops between Your workstation and the smtpserver,
You can get some spam in return.
  

  
  
  
  

  More, Your mail is sent in plaintext.  I prefer encrypted streams,
so SUPP's patch which encrypts the stream with SSL, and authenticate
afterwards (in plaintext) is still the best way to go, it's not a big
effort to realize.
  

  
  
EH Pls. tell us how you intend to communicate to the rest of the world by
EH means of email with encrypted addresses.

EH You are joking, troll.

EH regards.
EH --eh.



EH Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
EH Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24

To be rude and without respect, this was the speciality of Your
ancestors when they pretended to be the most bright race on Earth.
For Your records annoo 1914-18, 1940-1945.  Clearly, some can't deny
their roots.

  

Ahhh...yes! A flame war...always nice :)




Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread Patrick Donker

PD Ahhh...yes! A flame war...always nice :)
I quote from the one who has bringing 'the gas': EH You are joking, troll
Well, I did't start.  This list is to help people.  It's not about to be picky
or to be arrogant, if someone share another view, he has the right to put his vision
forward and to defend his case.  You can discuss topics without
insulting people and without words like 'troll', maintained in the
directory of Dr. Erwin Hoffmann.  Maybe I write terrible English, but
I am on the internet for a few decades, and some use our programs
quite a lot in their BSD stuff.  I don't need insults of someone, who
thinks to have the right to insult people, because he has a PhD.
 

Well, you dont hear me complain!


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-21 Thread X-Istence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brooks Roy wrote:
 I do not have an open relay.  I am trying to setup SMTP Auth.  It is not
 working.. When users try to auth, it just keeps asking for username
 password over and over.  Never sends.

How are they authentication? with [EMAIL PROTECTED] or just username?


 X-Istence wrote:

 Brooks Roy wrote:


 I have put in the patch as described in the contrib README and changed
 it to be /bin/checkpassword instead of vchkpw and I still have the
 same senario.



 What does your data.cdb or smtp.cdb look like that gets created from a
 file?

 Also, it should still be to vchkpw if you want to use vpopmail.


 This is what your run file should look like:

 exec /usr/local/bin/softlimit -m 1000 \
 /usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
 /usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
 $QMAILDUID -g vchkpw 192.168.5.50 25 \
 /usr/local/bin/fixcrio \
 /usr/local/bin/rblsmtpd -r relays.ordb.org \
 /var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /usr/bin/true 


 Also make sure $QMAILDUID $MAXSMTPD and $LOCAL are set properly.


 I see that you have your /usr/local/vpopmail/etc/tcp.smtp.cdb, are you
 sure that is no causing the open relay? Try pointing it to one that only
 has:

 :allow

 in it, and see if you are still an open relay then.

 X-Istence


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFArmIMJukONu5DUaQRAmnpAKCCfD0TAifKW9/j9tV5u9PZRo8c4wCgk/B1
UPQrlLc6uG27pYQXT5Sh1kY=
=ry3M
-END PGP SIGNATURE-


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Jeremy Kitchen
On Thursday 20 May 2004 07:00 pm, blist wrote:
 I am installing vchkpw + SMTP AUTH + qmail.  I have installed qmail with
 this patch:
qmail-smtpd-auth-0.31 from
 http://members.elysium.pl/brush/qmail-smtpd-auth/

 Here is my run tcpserver script for qmail-smtpd:

 exec /usr/local/bin/softlimit -m 1000 \
 /usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
 /usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
 $QMAILDUID -g vchkpw 192.168.5.50 25 \
 /usr/local/bin/fixcrio \
 /usr/local/bin/rblsmtpd -r relays.ordb.org \
 /var/qmail/bin/qmail-smtpd ps1.prostream.net \
 /usr/local/vpopmail/bin/vchkpw /bin/true 

ok

 I cannot get any users to authenticate when sending email.  I then tried
 taking out ps1.prostream.net after /var/qmail/bin/qmail-smtpd and it
 lets all users authenticate.  I am running SUSE 9.0 x86-64 with vpopmail
 5.4.0

what's the value of $QMAILDUID in that script?

also, if you take out the hostname you're an open relay, because you're 
authenticating with /bin/true

-Jeremy

 Any ideas why its not working?

 Thanks,
 Brooks Roy

-- 
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
  [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Brooks Roy
Jeremy,
QMAILDUID = vpopmail
I know if i take out the domain its open :(..  That is the only thing so 
far that works..  I am at loss what I did wrong.  Been googling all night :)

Jeremy Kitchen wrote:
On Thursday 20 May 2004 07:00 pm, blist wrote:
 

I am installing vchkpw + SMTP AUTH + qmail.  I have installed qmail with
this patch:
  qmail-smtpd-auth-0.31 from
http://members.elysium.pl/brush/qmail-smtpd-auth/
Here is my run tcpserver script for qmail-smtpd:
exec /usr/local/bin/softlimit -m 1000 \
/usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
/usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
$QMAILDUID -g vchkpw 192.168.5.50 25 \
/usr/local/bin/fixcrio \
/usr/local/bin/rblsmtpd -r relays.ordb.org \
/var/qmail/bin/qmail-smtpd ps1.prostream.net \
/usr/local/vpopmail/bin/vchkpw /bin/true 
   

ok
 

I cannot get any users to authenticate when sending email.  I then tried
taking out ps1.prostream.net after /var/qmail/bin/qmail-smtpd and it
lets all users authenticate.  I am running SUSE 9.0 x86-64 with vpopmail
5.4.0
   

what's the value of $QMAILDUID in that script?
also, if you take out the hostname you're an open relay, because you're 
authenticating with /bin/true

-Jeremy
 

Any ideas why its not working?
Thanks,
Brooks Roy
   

 




Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Greg Kopp
The patch you are using is incredibly old.
You should consider auth-jms1.4a.patch from 
http://www.jms1.net/qmail/auth-jms1.4a.patch

If that link is broken, google on auth-jms1.4a.patch and look at the 
cached version.

You might also consider the qmail-requireauth.patch that allows you to 
set an environment variable to selectively require authentication. I had 
to manually apply the patch as some of the line numbers didn't jive. 
I've pasted it below.

Greg
*** qmail-smtpd-orig.c  Tue May 15 13:21:04 2001
--- qmail-smtpd.c   Tue May 15 13:26:04 2001
***
*** 72,77 
--- 72,79 
 int err_authabrt() { out(501 auth exchange cancelled (#5.0.0)\r\n); 
return -1; }
 int err_input() { out(501 malformed auth input (#5.5.4)\r\n); return 
-1; }

+ void err_authrequired() { out(503 you must authenticate first 
(#5.5.1)\r\n); }
+
 stralloc greeting = {0};

 void smtp_greet(code) char *code;
***
*** 93,98 
--- 95,102 
 char *remoteinfo;
 char *local;
 char *relayclient;
+ char *requireauth;
+ int authd = 0;
 stralloc helohost = {0};
 char *fakehelo; /* pointer into helohost, or 0 */
***
*** 143,148 
--- 147,153 
   if (!remotehost) remotehost = unknown;
   remoteinfo = env_get(TCPREMOTEINFO);
   relayclient = env_get(RELAYCLIENT);
+   requireauth = env_get(REQUIREAUTH);
   dohelo(remotehost);
 }
***
*** 259,264 
--- 264,270 
 }
 void smtp_mail(arg) char *arg;
 {
+   if (requireauth  !authd) { err_authrequired(); return; }
   if (!addrparse(arg)) { err_syntax(); return; }
   flagbarf = bmfcheck();
   seenmail = 1;
***
*** 425,431 
 char **childargs;
 substdio ssup;
 char upbuf[128];
- int authd = 0;
 int authgetl(void) {
   int i;
--- 431,436 

blist wrote:
I am installing vchkpw + SMTP AUTH + qmail.  I have installed qmail 
with this patch:
  qmail-smtpd-auth-0.31 from 
http://members.elysium.pl/brush/qmail-smtpd-auth/

Here is my run tcpserver script for qmail-smtpd:
exec /usr/local/bin/softlimit -m 1000 \
/usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
/usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
$QMAILDUID -g vchkpw 192.168.5.50 25 \
/usr/local/bin/fixcrio \
/usr/local/bin/rblsmtpd -r relays.ordb.org \
/var/qmail/bin/qmail-smtpd ps1.prostream.net \
/usr/local/vpopmail/bin/vchkpw /bin/true 
I cannot get any users to authenticate when sending email.  I then 
tried taking out ps1.prostream.net after /var/qmail/bin/qmail-smtpd 
and it lets all users authenticate.  I am running SUSE 9.0 x86-64 with 
vpopmail 5.4.0

Any ideas why its not working?
Thanks,
Brooks Roy



Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread X-Istence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Jeremy Kitchen wrote:
 On Thursday 20 May 2004 07:00 pm, blist wrote:
Here is my run tcpserver script for qmail-smtpd:

exec /usr/local/bin/softlimit -m 1000 \
/usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
/usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
$QMAILDUID -g vchkpw 192.168.5.50 25 \
/usr/local/bin/fixcrio \
/usr/local/bin/rblsmtpd -r relays.ordb.org \
/var/qmail/bin/qmail-smtpd ps1.prostream.net \
/usr/local/vpopmail/bin/vchkpw /bin/true 

Simple, remove the hostname, and all should be well.



 what's the value of $QMAILDUID in that script?

 also, if you take out the hostname you're an open relay, because you're
 authenticating with /bin/true

Wrong, vchkpw needs another program to change the directory for, check
the way qmail-pop3d works.

pop3-popup checkpasswrd realpop3 (Which is now in the users directory)

If vchkpw is not given another argument to execute after it auth's the
user, qmail-smtpd has no way to check if it was successfull.


 -Jeremy



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFArV1GJukONu5DUaQRAt/SAJ9Ubh1+KnXuKN9p+AGtnz3OvPEi4wCgmS2k
lqa015oQi4ITRgNw0nECxRI=
=LOQ4
-END PGP SIGNATURE-


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread X-Istence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


My apologies, the solution i provided *WILL* not work. Considering the
code still contains the hostname stuff.

What i suggest is you grab the patch from the vpopmail contrib
directory, it contains a copy that *will* work.

X-Istence
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFArV6EJukONu5DUaQRAuMQAJ4oPWzzYWeeAKRlYOop6DWxovBy/wCghqre
PvraZ1VWDiBT4Yx++8H0Xho=
=pS6m
-END PGP SIGNATURE-


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Brooks Roy
So use the patch from the vpopmail contrib directory WITHOUT the 
hostname in the run script for tcpserver?

Wont this make the server an open relay?
X-Istence wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My apologies, the solution i provided *WILL* not work. Considering the
code still contains the hostname stuff.
What i suggest is you grab the patch from the vpopmail contrib
directory, it contains a copy that *will* work.
X-Istence
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFArV6EJukONu5DUaQRAuMQAJ4oPWzzYWeeAKRlYOop6DWxovBy/wCghqre
PvraZ1VWDiBT4Yx++8H0Xho=
=pS6m
-END PGP SIGNATURE-
 




Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread X-Istence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brooks Roy wrote:
 So use the patch from the vpopmail contrib directory WITHOUT the
 hostname in the run script for tcpserver?

 Wont this make the server an open relay?

No, cause that patch doesnt require a hostname on purpose, as to many
poeple were unsure if it was needed or not. It is not needed, thus it
was removed. So no, you will not make yourself an open relay.


 X-Istence wrote:


 My apologies, the solution i provided *WILL* not work. Considering the
 code still contains the hostname stuff.

 What i suggest is you grab the patch from the vpopmail contrib
 directory, it contains a copy that *will* work.

 X-Istence
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFArWgSJukONu5DUaQRApA6AKCM+q+2R0ErkBTWX1AK+swrOrruLgCfbBZs
x1XaueBT++M1ovsaIvevqpw=
=Ubls
-END PGP SIGNATURE-


Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Brooks Roy
I have put in the patch as described in the contrib README and changed 
it to be /bin/checkpassword instead of vchkpw and I still have the same 
senario.

X-Istence wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brooks Roy wrote:
 

So use the patch from the vpopmail contrib directory WITHOUT the
hostname in the run script for tcpserver?
Wont this make the server an open relay?
   

No, cause that patch doesnt require a hostname on purpose, as to many
poeple were unsure if it was needed or not. It is not needed, thus it
was removed. So no, you will not make yourself an open relay.
 

X-Istence wrote:
My apologies, the solution i provided *WILL* not work. Considering the
code still contains the hostname stuff.
What i suggest is you grab the patch from the vpopmail contrib
directory, it contains a copy that *will* work.
X-Istence
   

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFArWgSJukONu5DUaQRApA6AKCM+q+2R0ErkBTWX1AK+swrOrruLgCfbBZs
x1XaueBT++M1ovsaIvevqpw=
=Ubls
-END PGP SIGNATURE-
 




Re: [vchkpw] SMTP Auth HOWTO?

2004-05-20 Thread Brooks Roy
I do not have an open relay.  I am trying to setup SMTP Auth.  It is not 
working.. When users try to auth, it just keeps asking for username 
password over and over.  Never sends.

X-Istence wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brooks Roy wrote:
 

I have put in the patch as described in the contrib README and changed
it to be /bin/checkpassword instead of vchkpw and I still have the
same senario.
   

What does your data.cdb or smtp.cdb look like that gets created from a file?
Also, it should still be to vchkpw if you want to use vpopmail.
This is what your run file should look like:
exec /usr/local/bin/softlimit -m 1000 \
/usr/local/bin/tcpserver -v -H -R -l $LOCAL -x \
/usr/local/vpopmail/etc/tcp.smtp.cdb -c $MAXSMTPD -u \
$QMAILDUID -g vchkpw 192.168.5.50 25 \
/usr/local/bin/fixcrio \
/usr/local/bin/rblsmtpd -r relays.ordb.org \
/var/qmail/bin/qmail-smtpd /usr/local/vpopmail/bin/vchkpw /usr/bin/true 
Also make sure $QMAILDUID $MAXSMTPD and $LOCAL are set properly.
I see that you have your /usr/local/vpopmail/etc/tcp.smtp.cdb, are you
sure that is no causing the open relay? Try pointing it to one that only
has:
:allow
in it, and see if you are still an open relay then.
X-Istence
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFArWnTJukONu5DUaQRAvIEAJ4kNtYLR/Kq37/KHIhQT+bowaa2AwCfcfmw
T/UiN67ZKxN5Xl8bfb7td2A=
=ioO9
-END PGP SIGNATURE-
 




  1   2   >