Hello Erwin,

On Wednesday, March 31, 2004 at 10:09:29 AM you wrote (at least in
part):

> In case a client is accepted via pop-4-smtpd, the $RELAYCLIENT environment
> variable is set. It might be useful to define this variable explicitely,
> ie. RELAYCLIENT="PB4S".

No. It will, for sure, not be useful.

,----- [ man qmail-smtpd ]
| [...]
|  Exception: If the environment variable RELAYCLIENT is
|  set,  qmail-smtpd  will  ignore  rcpthosts,  and will
|  append the value  of  RELAYCLIENT  to  each  incoming
|  recipient address.
| [...]
`-----

Setting RELAYCLIENT to something different than an empty string is
only useful when one KNOWS what he/she does. The overwhelming majority
only wants RELAYCLIENT unlocks relay restrictions and therefore has to
set it empty.

> Check it and call qmail-smtpd without any arguments.
> 
> In case the variable is not set or empty, call qmail-smtpd with the proper
> SMTP Auth args.

This whole wrapper-stuff should not be necessary. If tcpserver sets
RELAYCLIENT due to .cdb or SQL-lookup it'll be passed to qmail-smtpd.
qmail-smtpd than will allow relaying even w/o SMTP-Auth.

I'm running a SMTP which offers SMTP-Auth and POP3-b4-SMTP and it
works w/o any wrappers at all. The SMTP-Auth patch simply sets
RELAYCLIENT for qmail-smtpd /WHEN/ someone authenticated successful,
if not the formerly set RELAYCLIENT (passed as ENV-var from tcpserver,
when set) is not reset when authentication fails.

@Joel:

How about this: Copy your current qmail-smtpd invocation, remove all
the 'qmail-smtpd foo bar bla' stuff and replace it with a simply
'/usr/bin/env'. Make the tcpserver listen on port 26. Prepend an
environment clearing 'env' call. Start the stuff on command line. It
can be something similar to this:

env -i PATH=/var/qmail/bin:/usr/local/bin tcpserver -vRX \
 0 26 /usr/bin/env

(plus adding the stuff necessary for tcpserver reading the database
for potentially set environment vars like RELAYCLIENT)

Than connect to this server from a client-IP that should be set to
"relaying allowed" (e.g. by formerly executed POP3 authentication):

telnet $SERVER 26

You should see a line with PATH=... and some TCPREMOTExxx and
TCPLOCALxxx lines. Additionally you should see a line 'RELAYCLIENT='.

If this is there and your qmail-smtpd invocation looks up the same
database for possible RELAYCLIENT settings try this:

telnet $SERVER 35
EHLO _
MAIL FROM:<>
RCPT TO:<[EMAIL PROTECTED]>
QUIT

If this fails: please post the error you get, your qmail-smtpd startup
script and the result of above 'env'-test.
-- 
Best regards
Peter Palmreuther

Boob's Law: You always find something in the last place you look.

Reply via email to