Re: [vchkpw] Test FHS patch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 aledr wrote: Here it is! Do not worry about the RPM errors at the end, I need to fix It on my spec file. You will need to also package in the vusage daemon. It's basically a requirement for the 5.5 tree. It's just not required when building vpopmail, but that may change. As a result of this log I found a few issues that still need to be resolved, but I'll get em fixed here soon. - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknWHIwACgkQ6QgvSNlBT3AfOQCgpLmrCEiQVIvlrhmrVM2qv/xB /7EAoIJBONYAqgKmjUrPttrLn+adtmo7 =f9pV -END PGP SIGNATURE-
Re: [vchkpw] Test FHS patch
Thanks Matt, I'll test it in minutes... On Thu, Apr 2, 2009 at 2:38 PM, Matt Brookings m...@inter7.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Okay, here's a patch that does the following: Only chown if root Only mkdir if root or DESTDIR is set I haven't committed it to the repository yet because I'm not sure if it addresses the issues correctly. If you're working on packaging vpopmail, let me know if this does the trick, or what further changes are still needed. Thanks! - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknU+CMACgkQ6QgvSNlBT3CU1ACfdX9NEDBFsL16TS6+WU7X90ii o8EAoJYW3Kw8rBCTPRY65tsX/sGzIGeW =FYc3 -END PGP SIGNATURE- -- [ ]'s Aledr - Alexandre OpenSource Solutions for SmallBusiness Problems !DSPAM:49d4faa332682854311138!
Re: [vchkpw] Test FHS patch
Patch reject on latest on r879: cat Makefile.in.rej *** *** 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) - $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN) if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi --- 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) + $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN)/vusaged if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi On Thu, Apr 2, 2009 at 2:49 PM, aledr matrixworkstat...@gmail.com wrote: Thanks Matt, I'll test it in minutes... On Thu, Apr 2, 2009 at 2:38 PM, Matt Brookings m...@inter7.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Okay, here's a patch that does the following: Only chown if root Only mkdir if root or DESTDIR is set I haven't committed it to the repository yet because I'm not sure if it addresses the issues correctly. If you're working on packaging vpopmail, let me know if this does the trick, or what further changes are still needed. Thanks! - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknU+CMACgkQ6QgvSNlBT3CU1ACfdX9NEDBFsL16TS6+WU7X90ii o8EAoJYW3Kw8rBCTPRY65tsX/sGzIGeW =FYc3 -END PGP SIGNATURE- -- [ ]'s Aledr - Alexandre OpenSource Solutions for SmallBusiness Problems -- [ ]'s Aledr - Alexandre OpenSource Solutions for SmallBusiness Problems !DSPAM:49d508b332682022263736!
Re: [vchkpw] Test FHS patch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 aledr wrote: Patch reject on latest on r879: cat Makefile.in.rej *** *** 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) - $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN) if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi --- 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) + $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN)/vusaged if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi Eh, ignore those. They aren't that important. How did the 'make install' go? - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknVCboACgkQ6QgvSNlBT3BKOwCcCflLnBbK6JqfHX0mnLlA2xMY RisAnRwRlSxC4aVsfzCkAg2ESbM4d6J0 =fiT1 -END PGP SIGNATURE-
Re: [vchkpw] Test FHS patch
On Thu, Apr 2, 2009 at 3:53 PM, Matt Brookings m...@inter7.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 aledr wrote: Patch reject on latest on r879: cat Makefile.in.rej *** *** 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) - $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN) if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi --- 58,62 rm -rf config.log config.status Makefile autom4te.cache contrib/rc.vusaged install: $(BINS) + $(INSTALL) -s -m 0700 vusaged $(DESTDIR)$(VPOPMAIL_DIR_BIN)/vusaged if test ! -r $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; then $(INSTALL) -m 0600 etc/vusaged.conf $(DESTDIR)$(VPOPMAIL_DIR_ETC)/vusaged.conf; fi Eh, ignore those. They aren't that important. How did the 'make install' go? - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknVCboACgkQ6QgvSNlBT3BKOwCcCflLnBbK6JqfHX0mnLlA2xMY RisAnRwRlSxC4aVsfzCkAg2ESbM4d6J0 =fiT1 -END PGP SIGNATURE- Stopped on MySQL backend... I'll remove the backends to test. + make DESTDIR=/var/tmp/vpopmail-5.5.0-build install -C backends/mysql make: Entering directory `/usr/src/packages/BUILD/vpopmail-5.5.0/backends/mysql' /usr/bin/install -c vmysql.so /var/tmp/vpopmail-5.5.0-build/usr/lib64/vmysql.so rm -f /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.authmodule ln -s /var/tmp/vpopmail-5.5.0-build/usr/lib64/vmysql.so /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.authmodule if ! test -r /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql; then \ /usr/bin/install -c -o vpopmail -g vchkpw -m 0640 vpopmail.mysql /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql; \ fi /usr/bin/install: cannot change ownership of `/var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql': Operation not permitted make: *** [install] Error 1 make: Leaving directory `/usr/src/packages/BUILD/vpopmail-5.5.0/backends/mysql' error: Bad exit status from /var/tmp/rpm-tmp.17942 (%install) -- [ ]'s Aledr - Alexandre OpenSource Solutions for SmallBusiness Problems !DSPAM:49d50e1932685873721188!
Re: [vchkpw] Test FHS patch
On Thu, Apr 2, 2009 at 4:14 PM, Matt Brookings m...@inter7.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 aledr wrote: + make DESTDIR=/var/tmp/vpopmail-5.5.0-build install -C backends/mysql make: Entering directory `/usr/src/packages/BUILD/vpopmail-5.5.0/backends/mysql' /usr/bin/install -c vmysql.so /var/tmp/vpopmail-5.5.0-build/usr/lib64/vmysql.so rm -f /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.authmodule ln -s /var/tmp/vpopmail-5.5.0-build/usr/lib64/vmysql.so /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.authmodule if ! test -r /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql; then \ /usr/bin/install -c -o vpopmail -g vchkpw -m 0640 vpopmail.mysql /var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql; \ fi /usr/bin/install: cannot change ownership of `/var/tmp/vpopmail-5.5.0-build/etc/vpopmail/vpopmail.mysql': Operation not permitted Woops. Missed the postgres and MySQL backends. Will fix this. - -- /* Matt Brookings m...@inter7.com GnuPG Key D9414F70 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknVDpwACgkQ6QgvSNlBT3CLkACfa4jz5XXlanUV1KCKuZyaELhy aXEAoIccdusGXrO7Njzqwn1WOwULleyY =6g/v -END PGP SIGNATURE- Without the backends It compiled and installed successfully. I'll attach my log on a private mail to not mess the list. Thanks! -- [ ]'s Aledr - Alexandre OpenSource Solutions for SmallBusiness Problems !DSPAM:49d511df32681252817659!
Re: [vchkpw] test
OK, so I'm not the only one that noticed the day-long lag, eh? On Tue, 15 Feb 2005, Positive Negative wrote: -- AIM: FucPsSht
Re: [vchkpw] test copy of vpopmaild.c
- Original Message - From: Ken Jones [EMAIL PROTECTED] I think it works pretty nicely. A single . on a line by itself represents End of File when sending or receiving multiple lines of infomation. Nice idea. [cut] Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command +1 for b) First, it would be a bit like chrooting, so potential exxploits would have harder way to get out of ~vpopmail/. Second, would be easier to user if there was no need for repeting full path everytime. Solt
Re: [vchkpw] test copy of vpopmaild.c
- Original Message - From: Ken Jones [EMAIL PROTECTED] On Monday 05 April 2004 8:08 pm, Charles Sprickman wrote: On Mon, 5 Apr 2004, Ken Jones wrote: I'd like any comments or votes on how this version is using a POP3 type protocol. Sounds good to me, this is getting exciting! One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? My favorite is ucspi-tcp-ssl with a self signed certificate. It provides peer to peer encryption by just adding -s to the tcpserver options. Or use stunnel. It is similar to how email clients and mail servers encrypt pop3/smtp/imap communication. I thought so about ucspi. tcpserver is a good tool. Solt
Re: [vchkpw] test copy of vpopmaild.c
Marcin Soltysiak wrote: - Original Message - From: Ken Jones [EMAIL PROTECTED] Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command +1 for b) First, it would be a bit like chrooting, so potential exxploits would have harder way to get out of ~vpopmail/. Second, would be easier to user if there was no need for repeting full path everytime. I disagree. If he chooses b, then you have to worry about what the rights of the current user is when composing commands. If he uses full paths, it doesn't matter what kind of user is at the browser, you always send the same command. For example, using b to create a VacationMessage file for [EMAIL PROTECTED]: Sys Admin would send: write_file /test.com/user/VacationMessage The Domain admin would send: write_file /user/VacationMessage And the user would send: write_file /VacationMessage It would be much easier to write code for using the daemon if everyone always referenced that file using the System Admin example, and you don't have to do the same job three different ways depending on who happens to be logged in. Remember, there will be a whole bunch of PHP code on top of the daemon. Rick
Re: [vchkpw] test copy of vpopmaild.c
- Original Message - From: Rick Widmer [EMAIL PROTECTED] Marcin Soltysiak wrote: - Original Message - From: Ken Jones [EMAIL PROTECTED] Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command +1 for b) First, it would be a bit like chrooting, so potential exxploits would have harder way to get out of ~vpopmail/. Second, would be easier to user if there was no need for repeting full path everytime. I disagree. If he chooses b, then you have to worry about what the rights of the current user is when composing commands. If he uses full paths, it doesn't matter what kind of user is at the browser, you always send the same command. For example, using b to create a VacationMessage file for [EMAIL PROTECTED]: Sys Admin would send: write_file /test.com/user/VacationMessage The Domain admin would send: write_file /user/VacationMessage And the user would send: write_file /VacationMessage It would be much easier to write code for using the daemon if everyone always referenced that file using the System Admin example, and you don't have to do the same job three different ways depending on who happens to be logged in. Remember, there will be a whole bunch of PHP code on top of the daemon. Either I am missing something or... If we use full path then same operations would look like: Sys Admin would send same as The Domain admin would send same as And the user would send: write_file /path/to/vpopmail/home/domains/test.com/user/VacationMessage And this way we let the user know ~vpopmail. I know that in concepts, ordinary user should not use plain vpopmaild protocol but PHP application, but since we don't work in secret I can imagine that one day one of my customers that feels geek in programing would come and request Hey man, where is your ~vpopmail? I don't like your admin UI and I want to write my own. In case od b) I wouldn't have to tell him the path. He would just stick to write_file /VacationMessage when logging as [EMAIL PROTECTED] Solt
Re: [vchkpw] test copy of vpopmaild.c
Marcin Soltysiak wrote: Either I am missing something or... If we use full path then same operations would look like: Sys Admin would send same as The Domain admin would send same as And the user would send: write_file /path/to/vpopmail/home/domains/test.com/user/VacationMessage And this way we let the user know ~vpopmail. I know that in concepts, ordinary user should not use plain vpopmaild protocol but PHP application, but since we don't work in secret I can imagine that one day one of my customers that feels geek in programing would come and request Hey man, where is your ~vpopmail? I don't like your admin UI and I want to write my own. In case od b) I wouldn't have to tell him the path. He would just stick to write_file /VacationMessage when logging as [EMAIL PROTECTED] There is no need to send the ~vpopmail/domains/ part of the path, because the user has no choice on that part. If we always send the full path from that point down, then the path is always: $Domain/$User/$whatever or maybe /$Domain/$User/$whatever I think both should be allowed, and have the same meaning. Rick
Re: [vchkpw] test copy of vpopmaild.c
On Tue, 6 Apr 2004, Rick Widmer wrote: There is no need to send the ~vpopmail/domains/ part of the path, because the user has no choice on that part. If we always send the full path from that point down, then the path is always: $Domain/$User/$whatever or maybe /$Domain/$User/$whatever or 1/$Domain/K/$User/$whatever Just a reminder that vpopmail does directory hashing on domains and users. Charles I think both should be allowed, and have the same meaning. Rick
Re: [vchkpw] test copy of vpopmaild.c
On Mon, 2004-04-05 at 20:18, Ken Jones wrote: One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? My favorite is ucspi-tcp-ssl with a self signed certificate. It provides peer to peer encryption by just adding -s to the tcpserver options. Or use stunnel. It is similar to how email clients and mail servers encrypt pop3/smtp/imap communication. or, my favorite, ucspi-ssl (http://superscript.com/ucspi-ssl/intro.html -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [vchkpw] test copy of vpopmaild.c
Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Show me the money :-) Solt
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Yes please. Regards, Rick
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Yes, please. Rick
Re: [vchkpw] test copy of vpopmaild.c
- Original Message - From: Ken Jones [EMAIL PROTECTED] Here ya go. Look at README.vpopmaild Short test procedure: ./configure (your options) make ./vpopmaild login [EMAIL PROTECTED] user help ./configure with option PASSED make PASSED ./vpopmaild ./vpopmaild +OK login [EMAIL PROTECTED] password +OK domain_dir /home/vpopmail/domains/imedia.com.pl name office comment office quota NOQUOTA dir /home/vpopmail/domains/imedia.com.pl/office encrypted_password $1$L6UBr$.EzXzXSDy1PZiCiNT6Erm. clear_text_password password domain_admin_privileges . list_dir imedia.com.pl -ERR XXX unauthorized directory list_dir /home/vpopmail/domains/imedia.com.pl +OK .qmail-default postmaster office magda I think /home/vpopmail/domains should be ommited. list_dir domain.tld should do the job However, now as Ken introduced the daemon we cat have a boost :-) Great job, Ken! Solt
Re: [vchkpw] test copy of vpopmaild.c
On Monday 05 April 2004 2:46 pm, Ken Jones wrote: [snip] I'd like any comments or votes on how this version is using a POP3 type protocol. I think it works pretty nicely. A single . on a line by itself represents End of File when sending or receiving multiple lines of infomation. From the client side, responses come back from vpopmail as either: +OK or +OK line of text line of text . or -ERR XXX error message So the mod_user function would take it's options on additional lines, like: moduser [EMAIL PROTECTED] no_smtp quota 1234 . And the server would reply back +OK or -ERR XXX error message Do you think the protocol is simple enough to make it easy to use? I'd like to complete the full list of commands and responses for a first version. Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command Ken
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: On Monday 05 April 2004 4:05 pm, you wrote: Ken Jones wrote: Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Got it! It compiled and ran the first time. Good job Ken! Am I correct that any user can be a System admin, if given SA_ADMIN rights, which is a new addition to vpopmail? I just gave [EMAIL PROTECTED] SA rights, and I could list_domains, but not list_users on another domain. I got XXX not aurhorized for domain. I expect a system admin should have full access to the whole mail system. Do I have to do something to give system admin rights to individual domains? (Like have both SA_ADMIN and QA_ADMIN rights on the user.) What do you plan to do with XXX in all the error messages? Care for patches for some of the functions I requested? More as I play... Rick
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: On Monday 05 April 2004 2:46 pm, Ken Jones wrote: [snip] I'd like any comments or votes on how this version is using a POP3 type protocol. I like it very much so far! The way you put the user name and password on the same transaction is even better than following pop3 exactly and requiring user and pass commands for login. I think it works pretty nicely. A single . on a line by itself represents End of File when sending or receiving multiple lines of infomation. That will work very well for parsing results. If you always check for ., +, and - as the first character of a result it should be pretty easy to keep from getting lost when parsing responses. So the mod_user function would take it's options on additional lines, like: moduser [EMAIL PROTECTED] no_smtp quota 1234 . And the server would reply back +OK or -ERR XXX error message If I wanted to add no_smpt and no_dialup, do both go on the same line that specifies GID options, or is it one item per line. If the latter, it should not matter what order they are specified in. Do you think the protocol is simple enough to make it easy to use? It looks good so far. I will attempt to modify my sample PHP code that uses sockets to connect to the daemon and see how it goes... I'd like to complete the full list of commands and responses for a first version. Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command As long as you tell me where ~vpopmail is when I login, always using fully qualified paths will be easiest, I think. That way I don't have to change how I build commands depending on the access level of the user. That requires the daemon to verify that requests point to the proper directories, but already does.
Re: [vchkpw] test copy of vpopmaild.c
On Monday 05 April 2004 7:36 pm, Rick Widmer wrote: Ken Jones wrote: On Monday 05 April 2004 2:46 pm, Ken Jones wrote: [snip] I'd like any comments or votes on how this version is using a POP3 type protocol. I like it very much so far! The way you put the user name and password on the same transaction is even better than following pop3 exactly and requiring user and pass commands for login. Great! looks like a keeper. I think it works pretty nicely. A single . on a line by itself represents End of File when sending or receiving multiple lines of infomation. That will work very well for parsing results. If you always check for ., +, and - as the first character of a result it should be pretty easy to keep from getting lost when parsing responses. So the mod_user function would take it's options on additional lines, like: moduser [EMAIL PROTECTED] no_smtp quota 1234 . And the server would reply back +OK or -ERR XXX error message If I wanted to add no_smpt and no_dialup, do both go on the same line that specifies GID options, or is it one item per line. If the latter, it should not matter what order they are specified in. Just one item per line. The only order dependent option I could think of is the clear_all_flags option. So you could start clean and only add in exactly what you wanted. Do you think the protocol is simple enough to make it easy to use? It looks good so far. I will attempt to modify my sample PHP code that uses sockets to connect to the daemon and see how it goes... Excellent :) I'd like to complete the full list of commands and responses for a first version. Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command As long as you tell me where ~vpopmail is when I login, always using fully qualified paths will be easiest, I think. That way I don't have to change how I build commands depending on the access level of the user. On login I could send vpopmail_dir /base/path/to/~vpopmail That requires the daemon to verify that requests point to the proper directories, but already does. Gotcha. There is code for validating directory input to restrict each level of user to their respective base directories. Also it is checking for .. in any part of the directory. In case input tries to walk down to / and trod on any file in the filesystem. Any other things we should check for? Perhaps % in filenames?
Re: [vchkpw] test copy of vpopmaild.c
On Mon, 5 Apr 2004, Ken Jones wrote: I'd like any comments or votes on how this version is using a POP3 type protocol. Sounds good to me, this is getting exciting! One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? Thanks! Charles I think it works pretty nicely. A single . on a line by itself represents End of File when sending or receiving multiple lines of infomation. From the client side, responses come back from vpopmail as either: +OK or +OK line of text line of text . or -ERR XXX error message So the mod_user function would take it's options on additional lines, like: moduser [EMAIL PROTECTED] no_smtp quota 1234 . And the server would reply back +OK or -ERR XXX error message Do you think the protocol is simple enough to make it easy to use? I'd like to complete the full list of commands and responses for a first version. Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command Ken
Re: [vchkpw] test copy of vpopmaild.c
Hi, Ken Jones wrote: So the mod_user function would take it's options on additional lines, like: moduser [EMAIL PROTECTED] no_smtp quota 1234 . And the server would reply back +OK or -ERR XXX error message I get this list_dir /home/vpopmail/domains/nougen.com/naomi/Maildir/cur +OK . On a user with nothing in their directory. Is that valid or should it be . +OK ie listing the contents, in this case nothing, and then listing the +OK I'm of the thought that it should be line of text line of text . +OK Or even skip the . and just finish with +OK #more text available here That way every single response ends in +OK or -ERR A little tired now (kids, 2 and 5), but I think the ending . and the +OK at the beginning is redundant. Regards, Rick
Re: [vchkpw] test copy of vpopmaild.c
On Monday 05 April 2004 8:08 pm, Charles Sprickman wrote: On Mon, 5 Apr 2004, Ken Jones wrote: I'd like any comments or votes on how this version is using a POP3 type protocol. Sounds good to me, this is getting exciting! One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? My favorite is ucspi-tcp-ssl with a self signed certificate. It provides peer to peer encryption by just adding -s to the tcpserver options. Or use stunnel. It is similar to how email clients and mail servers encrypt pop3/smtp/imap communication. Ken
Re: [vchkpw] test copy of vpopmaild.c
Charles Sprickman wrote: On Mon, 5 Apr 2004, Ken Jones wrote: I'd like any comments or votes on how this version is using a POP3 type protocol. Sounds good to me, this is getting exciting! One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? Tcpserver can run under openssl to provide a ssl tunnel. The daemon never even knows...
Re: [vchkpw] test copy of vpopmaild.c
Rick Macdougall wrote: I'm of the thought that it should be line of text line of text +OK Or even skip the . and just finish with +OK #more text available here That way every single response ends in +OK or -ERR +1. Note, I removed the . in the response list. It will be easier to just look for + or - as the end of every response.
Re: [vchkpw] test copy of vpopmaild.c
On Mon, 5 Apr 2004, Ken Jones wrote: One little question... What are you thinking of as far as encryption? I'm sure there's going to be some people running the client on a box seperate from the server. You looking at adding ssl support, or are you thinking of just letting something like stunnel handle that? My favorite is ucspi-tcp-ssl with a self signed certificate. It provides peer to peer encryption by just adding -s to the tcpserver options. Or use stunnel. It is similar to how email clients and mail servers encrypt pop3/smtp/imap communication. Ah. I didn't realize this was using tcpserver. Thanks, Charles Ken
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command As long as you tell me where ~vpopmail is when I login, always using fully qualified paths will be easiest, I think. That way I don't have to change how I build commands depending on the access level of the user. On login I could send vpopmail_dir /base/path/to/~vpopmail It looks like you already are. When I logged in as SA, the first response is vpopmail_dir /mail which is ~vpopmail/ on my system. I want to make sure this is easy for people so we don't end up with a bunch of /home/vpopmail/'s hard coded in people's programs. Not everyone wants all their email in /home, and it should be easy to adapt. I think it should be an error if: SA asks for anything above ~vpopmail/domains QA asks for anything above ~vpopmail/domains/mydomain or a regular user above ~vpopmail/domains/mydomain/myhomedir I think I would prefer if you hid the ~vpopmail/domains part from me entirely, and prepended it to my requested paths. A person coding on the PHP end of the daemon doesn't need to know anything about the actual directory structure in the machine. Gotcha. There is code for validating directory input to restrict each level of user to their respective base directories. Also it is checking for .. in any part of the directory. In case input tries to walk down to / and trod on any file in the filesystem. Any other things we should check for? Perhaps % in filenames? If you wanted to create/update the Vacation file for [EMAIL PROTECTED], you would specify: write_file test.com/user/Vacation or write_file /test.com/user/Vacation I think it is best to allow either one... If first char is '/', remove it. For all users add ~vpopmail/domains/ before the specified path. If regular user verify specified path starts with test.com/user/ If Domain Admin verify specified path starts with test.com/ If System Admin verify specified path actually exists When adding files or directories chop of the last term, and verify the parent directory exists. Listing, reading or removing - verify the actual file or directory exists.
Re: [vchkpw] test copy of vpopmaild.c
Ken Jones wrote: Anyone want a test copy of vpopmaild before it gets posted? It could use another set of eyes. Ken Sure, shoot me a copy this way :) X-Istence
[vchkpw] RE: OFF LIST - Re: [vchkpw] Test, is this msg going out at all?
Hi Chris, I don't know what you mean but this virus warning.. but the errors I get are not exactly errors. They are two emails that come back to me every time I send to either list on vpopmail, sqwebmail or courier-IMAP mailing lists. emails described below: 1. Subject: failure notice Downsized Content: [EMAIL PROTECTED]: preline: fatal: unable to run procmail: file does not exist 2. Subject: Your FAX to +14159408776 Downsized Content: **MESSAGE FROM THE TPC.INT SINKHOLE** We regret to inform you that the phone number you attempted to reach is not currently being served by a remote printer operator. Your original message is attached so that you may send it by alternative means. We hope to have coverage in this area -- perhaps you know somebody who could operate a remote printer server? Does your ISP provide fax coverage in your local area? If not, perhaps they would benefit by setting up a fax server and joining TPC.INT. Speak with your ISP and show them why they might want to come online as a TPC cell: http://www.tpc.int/servers/salespitch.html; So what do you say? You know anything about these emails getting back to me every time I send out a mail to these mailing lists? Cheers, Shai -Original Message- From: Chris Pugh [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 9:02 PM To: [EMAIL PROTECTED] Subject: OFF LIST - Re: [vchkpw] Test, is this msg going out at all? Shai, yes they are being received. You obviously missed my previous message to the list. See below .. I get an error when I send out msgs to the mailing lists... but I wonder if you guys knew what they mean. This is a test mail just to get the msg, and then, if you even get this msg, I'll add the reply emails I get from a server I know nothing about... ++ On Monday, September 8, 2003, at 06:43 PM, Chris Pugh wrote: Looks like I was right after all about those messages Shane .. still coming they are... and look what turned up .. = Scan result: Virus [EMAIL PROTECTED] found. == Please ref: http://www.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] Told you I was receiving rubbish responses. Watch out all! Regards, Chris. ++ __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: [vchkpw] RE: OFF LIST - Re: [vchkpw] Test, is this msg going out at all?
I belive what you are seeing is reply from [EMAIL PROTECTED] Each time I send a message to this list, I get a reply from him/She that contain a viruse. So Far, my antiviruse did its jobs, but the problem is still there. - Original Message - From: Shai Ben-Naphtali [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 1:14 PM Subject: [vchkpw] RE: OFF LIST - Re: [vchkpw] Test, is this msg going out at all? Hi Chris, I don't know what you mean but this virus warning.. but the errors I get are not exactly errors. They are two emails that come back to me every time I send to either list on vpopmail, sqwebmail or courier-IMAP mailing lists. emails described below: 1. Subject: failure notice Downsized Content: [EMAIL PROTECTED]: preline: fatal: unable to run procmail: file does not exist 2. Subject: Your FAX to +14159408776 Downsized Content: **MESSAGE FROM THE TPC.INT SINKHOLE** We regret to inform you that the phone number you attempted to reach is not currently being served by a remote printer operator. Your original message is attached so that you may send it by alternative means. We hope to have coverage in this area -- perhaps you know somebody who could operate a remote printer server? Does your ISP provide fax coverage in your local area? If not, perhaps they would benefit by setting up a fax server and joining TPC.INT. Speak with your ISP and show them why they might want to come online as a TPC cell: http://www.tpc.int/servers/salespitch.html; So what do you say? You know anything about these emails getting back to me every time I send out a mail to these mailing lists? Cheers, Shai -Original Message- From: Chris Pugh [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 9:02 PM To: [EMAIL PROTECTED] Subject: OFF LIST - Re: [vchkpw] Test, is this msg going out at all? Shai, yes they are being received. You obviously missed my previous message to the list. See below .. I get an error when I send out msgs to the mailing lists... but I wonder if you guys knew what they mean. This is a test mail just to get the msg, and then, if you even get this msg, I'll add the reply emails I get from a server I know nothing about... ++ On Monday, September 8, 2003, at 06:43 PM, Chris Pugh wrote: Looks like I was right after all about those messages Shane .. still coming they are... and look what turned up .. = Scan result: Virus [EMAIL PROTECTED] found. == Please ref: http://www.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] Told you I was receiving rubbish responses. Watch out all! Regards, Chris. ++ __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
