At 21:33 30.03.2005 +0300, you wrote:
>I know this issue has been covered by previous threads, but my problem is 
>slightly different and more documented.
>So don't shoot me for asking this in the vpopmail mailinglist, because it 
>may very well be a vpopmail problem, rather than a smtp-auth one.
>I have been using qmail+vpopmail for severel years, and I've managed to 
>solve all the various issues that surfaced iin this period. Until now...
>I had to make a new mail server, so I started from scratch:
>-installed OS (I use Slackware-current, which came with kernel-2.6.10, 
>gcc-3.3.5, Apache-1.3.33, MySQL-4.0.23a)
>-installed netqmail-1.05 as described at http://www.lifewithqmail.org/
>-installed vpopmail-5.4.9 (using MySQL to store accounts and logs)
>-installed courier-imap-4.0.2 and courier-authlib-0.55
>-installed sqwebmail-5.0.1
>-installed smtp-authentication-0.63 from 

Ok. Then you should know the theory behind SMTP-Auth.

>Result: everything works fine, except the smtp authentication.
>Users cannot send emails, and I get this message in maillog:
>vpopmail[xxxx]: vchkpw-smtp: vpopmail user not found [EMAIL PROTECTED]:ip
>Since I am using courier-imap-4.x.x, the roaming users feature is 
>unavailable, and for clients connecting from unknown ip-s, I am left with no 
>other alternative but to use smtp authentication.
>So far, my conclusion was that vchkpw is not actually verifying 
>username/password, for a reason that eludes me.
>I have reached this conclusion by logging all queries to mysql and this log 
>only shows the pop3/imap authentications. No smtp-auth authentication 
>attempts or error messages regarding such attempts. I have compiled vpopmail 
>to log also in MySQL, and this way I can see the same error that I get in 
>maillog. Here's how the MySQL log looks like:
>/usr/libexec/mysqld, Version: 4.0.23a-log, started with:
>Tcp port: 3306  Unix socket: /var/run/mysql/mysql.sock
>Time                 Id Command    Argument
>050330 18:57:43       1 Connect     [EMAIL PROTECTED] on
>                      1 Init DB     vpopmail
>                      1 Query       INSERT INTO vlog set user='user', 
>passwd='1dddf10d806134be304b47aadecf0929',         domain='domain.tld', 
>logon='[EMAIL PROTECTED]', remoteip='xx.xx.xx.xx', message='vchkpw-smtp: 
>vpopmail user not found [EMAIL PROTECTED]:xx.xx.xx.xx',         error=1, 
>                      1 Quit
>050330 19:06:46       2 Connect     [EMAIL PROTECTED] on vpopmail
>                      2 Query       select pw_name, pw_passwd, pw_uid, 
>pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where 
>pw_name = "user" and pw_domain = "domain.tld"
>                      2 Query       replace into lastauth set user='user', 
>domain='domain.tld', remote_ip='imap', timestamp=1112198806
>050330 19:08:16       3 Connect     [EMAIL PROTECTED] on vpopmail
>                      3 Query       select pw_name, pw_passwd, pw_uid, 
>pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where 
>pw_name = "user" and pw_domain = "domain.tld"
>                      3 Query       replace into lastauth set user='user', 
>domain='domain.tld', remote_ip='pop3', timestamp=1112198896
>(of course, all usernames, domains, and ip-s have been replaced in this log 
>This log shows:
>1. the error loogged into MySQL database by vchkpw, but no attempt to 
>actually validate that username. This tells me that vchkpw IS able to access 
>the mysql database.
>2. the validation of a user/password by the imap server
>3. the validation of a user/password by the pop server
>I have also googled a little bit about this error, and found that other 
>people have encountered a similar error, but have not reached a definitive 
>answer to the problem. Some have suggested that it might be a user/rights 
>conflict. I have made /home/vpopmail/bin/vchkpw owned by root, but nothing 
>Here's my /service/qmail-smtpd/run file:
>QMAILDUID=`id -u qmaild`
>NOFILESGID=`id -g qmaild`
>MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
>LOCAL=`head -1 /var/qmail/control/me`
>if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; 
>    echo /var/qmail/supervise/qmail-smtpd/run
>    exit 1
>if [ ! -f /var/qmail/control/rcpthosts ]; then
>    echo "No /var/qmail/control/rcpthosts!"
>    echo "Refusing to start SMTP listener because it'll create an open 
>    exit 1
>exec /usr/local/bin/softlimit -m 4000000 \
>    /usr/local/bin/tcpserver -v -R -H -l "$LOCAL" -x /etc/tcp.smtp.cdb -c 
>        -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
>        /usr/local/bin/rblsmtpd -r relays.ordb.org \
>         /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw $LOCAL 
>/bin/true 2>&1

Why do you use "/home/vpopmail/bin/vchkpw $LOCAL /bin/true 2>&1" ?

Is "$LOCAL" required by vchkpw ?


Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/
Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24

Reply via email to