On Wed, 27 Aug 2003, Tanmaya Anand wrote:
> hi
>
> I want that user should only type his user name, & he should be logged in.
> For example, [EMAIL PROTECTED] , when opens mail.abc.com/cgi-bin/sqwebmail
> or abc.con/cgi-bin/sqwebmail, he should only supply his username user1
> & not complete [EMAIL PROTECTED]
This is how I did it. Using the logindomainlist was not an option for me,
since I have 5000 virtual domains already configured with unique
usernames, so having them all listed in logindomainlist was not practical
and seems like a spammer's honeypot to me. Also, I needed pop to use the
same authentication method, so it wasn't practical to force 5000 users to
change their email configurations to include the domain in their pop
configurations.
What I did was to use an sql database, in my case postgresql, since we already
use postgresql extensively and have a dedicated postgresql server. In
order to accomplish this, I had to use a custom query. The id field
contains the unique username, but the query returns a field I called
'email' which contains the [EMAIL PROTECTED] form of the email address.
Using unique usernames in the id field should be enough, but the problem
is if the id field only contains a username and no @domain, sqwebmail will
append the server's hostname or the value of
/usr/local/share/sqwebmail/hostname to the username to form the email
address.
I had to also define the DEFAULT_DOMAIN in authpgsqlrc, because the custom
query requires that a domain name be sent to sqwebmail or it won't attempt
the query. So, I just used example.com, but I never use the $(domain)
variable. It is just there to make sqwebmail happy.
Here is an example query...Mine does some joins with some existing
customer tables, but this is enough to get it working:
PGSQL_SELECT_CLAUSE SELECT email, crypt, '', uid, gid, \
home, maildir, '', name \
FROM passwd \
WHERE id = '$(local_part)'
Just adjust it to your own configuration.
I also compiled courier-imap with
--with-authdaemonvar=/usr/local/share/sqwebmail/var/authdaemon so pop3d
and sqwebmail share the same authdaemon. Now, if pop3d could use the same
sqwebmail cache as well, that would be fantastic, but this doesn't seem
possible, as courier-imap doesn't use a cache.
One other thing I do is send a hangup signal to the authdaemon every hour
to prevent the persistent db connections from timing out, as we use a
stateful firewall between the webmail server and our database server. I
added this line to the /etc/cron.hourly/sqwebmail-cron-cleancache script:
kill -HUP `cat /usr/local/share/sqwebmail/var/authdaemon/pid`
It's not pretty, but it works.
I hope this helps someone else.
Trevor
