Re: tmda-cgi, tmdarc, and crypt_key_file/datadir

Wed, 31 Dec 2003 20:34:05 -0800 



No. Here is how it works. This is still in testing phase and not yet
implemented.

Right now, minus this problem, the system is almost complete and tested.
The whole purpose is to allow power users to have more flexibility while
the less technical people will have something that works and they won't
have to worry about it.

We have what I would call a partial domain on the linux server. All the
mail (no matter what) goes to a Lotus Domino box. When there are no users
on the local system, all the mail goes to the Qmail Alias-default account
where a simple tmda-filter and forward is in place. When a user logs into
tmda-cgi, checkpassword-pam is run for the authentication which will
automatically create a new basic home directory (via pam_mkhomedir). At
this point, if the user fails to go further,all mail will simply be
forwarded and will not be confirmed. If the user clicks on Sign Me Up!, the
skel under tmda-cgi is copied over. We tweaked it a little bit to make sure
the mail was also forwarded to the Lotus Domino server but no big changes.

Now, when mail comes into the system, and it sees a couple users, the mail
will go to their account and be forwarded. All other mail will still fall
under the Alias account which has it's own crypt key. This crypt key is the
one in the tmdarc file. The qfilter-tmda program should pick up the local
users crypt_key and their mail should go under their crypt key for outgoing
mail. I can't remember if we verified this actually happened or not but
that's the idea.  Otherwise it needs to fall under the crypt key in the
tmdarc file.

Basically, in short, I think if there was some way to disable tmda-cgi's
reading of the crypt_key_file in tmdarc, I think that would all that is
needed.
I posted the information again in case new users read it although I suppose
they could go look in the archives thread view.

-----------------------------------------------------------------------------------------------------------------------------------------------------
 tmda-cgi error:

IOError: [Errno 13] Permission denied: '/var/spool/tmda/crypt_key'
      __doc__ = 'I/O operation failed.'
      __getitem__ = <bound method IOError.__getitem__ of
<exceptions.IOError instance>>
      __init__ = <bound method IOError.__init__ of <exceptions.IOError
instance>>
      __module__ = 'exceptions'
      __str__ = <bound method IOError.__str__ of <exceptions.IOError
instance>>
      args = (13, 'Permission denied')
      errno = 13
      filename = '/var/spool/tmda/crypt_key'
      strerror = 'Permission denied'

qfilter-tmda:

#!/bin/sh
   export -n QMAILQUEUE  # Muy importante to avoid infinite loop!
   if [ $TCPREMOTEINFO ] && [ -r /home/$TCPREMOTEINFO/.tmdarc ]; then
       exec /var/qmail/bin/qmail-qfilter /opt/tmda/bin/tmda-inject -q \
       -c /home/$TCPREMOTEINFO/.tmdarc
   else
    exec /var/qmail/bin/qmail-qfilter /opt/tmda/bin/tmda-inject -q -c
/etc/tmdarc
   fi

/etc/tmdarc:

CONFIRM_APPEND = "/var/spool/tmda/lists/confirmed"
BARE_APPEND = "/var/spool/tmda/lists/whitelist"

#CRYPT_KEY_FILE = "/var/qmail/alias/.tmda/crypt_key"
ALLOW_MODE_640 = "1"

LOGFILE_DEBUG = "/var/spool/tmda/logs/debug"
LOGFILE_INCOMING = "/var/spool/tmda/logs/incoming"
LOGFILE_OUTGOING = "/var/spool/tmda/logs/outgoing"

RESPONSE_DIR = "/var/spool/tmda/responses/"
PENDING_DIR = "/var/spool/tmda/pending/"

FILTER_INCOMING = "/var/spool/tmda/filters/incoming"
FILTER_OUTGOING = "/var/spool/tmda/filters/outgoing"

DATADIR = "/var/spool/tmda"
PENDING_BLACKLIST_APPEND = "/var/spool/tmda/lists/blacklist"
PENDING_WHITELIST_APPEND = "/var/spool/tmda/lists/whitelist"
#TEMPLATE_DIR = "%(Home)s/.tmda/templates/"


                                                                           
             Gre7g Luterman                                                
             <gre7g-d-10733503                                             
             42.8859                                                    To 
             [EMAIL PROTECTED]>          [EMAIL PROTECTED]                 
             Sent by:                                                   cc 
             tmda-users-bounce                                             
             [EMAIL PROTECTED]                                            Subject 
                                       Re: tmda-cgi, tmdarc, and           
                                       crypt_key_file/datadir              
             12/31/2003 06:41                                              
             PM                                                            
                                                                           
                                                                           
                                                                           
                                                                           




Sorry for the long delay.  Stupid holidays.

On Mon, 29 Dec 2003 11:40:59 -0600, [EMAIL PROTECTED] wrote:

> I have been looking at this and I can't figure it out. I am using
> qmail,tmda, and tmda-cgi.
> The problem lies in the fact that I have an outgoing
program(qfilter-tmda)
> on qmail as done by someone in the mailing list.

<snipped>

Erf.  So you're saying that all of your users have the same crypt_key?
That's really not a recommended mode of operation.

You should be able to tweak tmda-cgi's skel directories to make them
match what you wish for it to set up for each user.  Have you played
with them any?

Gre7g.
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users


_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users






















					Reply via email to