Hi folks. We're experiencing a weird issue related to the open-smtp / roaming users feature of vpopmail.
We have a line in our ~vpopmail/etc/tcp.smtp file that looks like this: 12.161.105.140:allow,MFCHECK="0",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" The notable part for my question is that we want to accept mail from this server and run it through qmail-scanner. qmail-scanner.pl will process the message as long as RELAYCLIENT is not set for the connecting host, which, as you can see above, it is not. BUT, we have a meddlesome user on 12.161.105.140 who is popping into vpopmail, which has the allow roaming users flag set. As soon as this user does that, an entry is created in the tcp.smtp database for that user, as reflected in the open-smtp file: 12.161.105.140:allow,RELAYCLIENT="",RBLSMTPD="" 1074272408 The result is that the users pop / roaming action is disabling qmail-scanner for all mail from that server. In general, the issue is that a user popping in from an IP that has a line in the main ~vpopmail/etc/tcp.smtp can override the rule for that IP. I realize this could be discussed on any number of lists (tcpserver, qmail-scanner, etc.), but I *think* this is just a matter of precedence in the way tcprules is run to incorporate the ~vpopmail/etc/tcp.smtp file AND the roaming user entry that's added by vpopmail. So I'm hoping it might be worth exploring here since other vpopmail users may want to override tcpserver environment variables with the main tcp.smtp file. This seems to be the relevant part of vpopmail.c: strncpy(bin0, TCPRULES_PROG, BUFF_SIZE); strncpy( bin1, TCP_FILE, BUFF_SIZE); strncat( bin1, ".cdb", BUFF_SIZE); strncpy( bin2, TCP_FILE, BUFF_SIZE); strncat( bin2, relay_template, BUFF_SIZE); binqqargs[0] = bin0; binqqargs[1] = bin1; binqqargs[2] = bin2; binqqargs[3] = 0; execv(*binqqargs,binqqargs); But I'm not quite clear on how tcprules is processing / ordering the ruleset when a roaming user triggers this action. I scanned the archives and couldn't find a reference to this problem, but apologizes if it's been discussed under a different set of keywords. Any thoughts? Thanks, Chris