Hi, At 21:33 30.03.2005 +0300, you wrote: >I know this issue has been covered by previous threads, but my problem is >slightly different and more documented. >So don't shoot me for asking this in the vpopmail mailinglist, because it >may very well be a vpopmail problem, rather than a smtp-auth one. > >I have been using qmail+vpopmail for severel years, and I've managed to >solve all the various issues that surfaced iin this period. Until now... > >I had to make a new mail server, so I started from scratch: >-installed OS (I use Slackware-current, which came with kernel-2.6.10, >gcc-3.3.5, Apache-1.3.33, MySQL-4.0.23a) >-installed netqmail-1.05 as described at http://www.lifewithqmail.org/ >-installed vpopmail-5.4.9 (using MySQL to store accounts and logs) >-installed courier-imap-4.0.2 and courier-authlib-0.55 >-installed sqwebmail-5.0.1 >-installed smtp-authentication-0.63 from >http://www.fehcom.de/qmail/smtpauth.html
Ok. Then you should know the theory behind SMTP-Auth. > >Result: everything works fine, except the smtp authentication. >Users cannot send emails, and I get this message in maillog: >vpopmail[xxxx]: vchkpw-smtp: vpopmail user not found [EMAIL PROTECTED]:ip > >Since I am using courier-imap-4.x.x, the roaming users feature is >unavailable, and for clients connecting from unknown ip-s, I am left with no >other alternative but to use smtp authentication. > >So far, my conclusion was that vchkpw is not actually verifying >username/password, for a reason that eludes me. >I have reached this conclusion by logging all queries to mysql and this log >only shows the pop3/imap authentications. No smtp-auth authentication >attempts or error messages regarding such attempts. I have compiled vpopmail >to log also in MySQL, and this way I can see the same error that I get in >maillog. Here's how the MySQL log looks like: > >/usr/libexec/mysqld, Version: 4.0.23a-log, started with: >Tcp port: 3306 Unix socket: /var/run/mysql/mysql.sock >Time Id Command Argument >050330 18:57:43 1 Connect [EMAIL PROTECTED] on > 1 Init DB vpopmail > 1 Query INSERT INTO vlog set user='user', >passwd='1dddf10d806134be304b47aadecf0929', domain='domain.tld', >logon='[EMAIL PROTECTED]', remoteip='xx.xx.xx.xx', message='vchkpw-smtp: >vpopmail user not found [EMAIL PROTECTED]:xx.xx.xx.xx', error=1, >timestamp=1112198263 > 1 Quit >050330 19:06:46 2 Connect [EMAIL PROTECTED] on vpopmail > 2 Query select pw_name, pw_passwd, pw_uid, >pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where >pw_name = "user" and pw_domain = "domain.tld" > 2 Query replace into lastauth set user='user', >domain='domain.tld', remote_ip='imap', timestamp=1112198806 >050330 19:08:16 3 Connect [EMAIL PROTECTED] on vpopmail > 3 Query select pw_name, pw_passwd, pw_uid, >pw_gid, pw_gecos, pw_dir, pw_shell , pw_clear_passwd from vpopmail where >pw_name = "user" and pw_domain = "domain.tld" > 3 Query replace into lastauth set user='user', >domain='domain.tld', remote_ip='pop3', timestamp=1112198896 > >(of course, all usernames, domains, and ip-s have been replaced in this log >excerpt) > >This log shows: >1. the error loogged into MySQL database by vchkpw, but no attempt to >actually validate that username. This tells me that vchkpw IS able to access >the mysql database. >2. the validation of a user/password by the imap server >3. the validation of a user/password by the pop server > >I have also googled a little bit about this error, and found that other >people have encountered a similar error, but have not reached a definitive >answer to the problem. Some have suggested that it might be a user/rights >conflict. I have made /home/vpopmail/bin/vchkpw owned by root, but nothing >changed. > >Here's my /service/qmail-smtpd/run file: >#!/bin/sh > >QMAILDUID=`id -u qmaild` >NOFILESGID=`id -g qmaild` >MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >LOCAL=`head -1 /var/qmail/control/me` > >if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; >then > echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in > echo /var/qmail/supervise/qmail-smtpd/run > exit 1 >fi > >if [ ! -f /var/qmail/control/rcpthosts ]; then > echo "No /var/qmail/control/rcpthosts!" > echo "Refusing to start SMTP listener because it'll create an open >relay" > exit 1 >fi > >exec /usr/local/bin/softlimit -m 4000000 \ > /usr/local/bin/tcpserver -v -R -H -l "$LOCAL" -x /etc/tcp.smtp.cdb -c >"$MAXSMTPD" \ > -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ > /usr/local/bin/rblsmtpd -r relays.ordb.org \ > /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw $LOCAL >/bin/true 2>&1 > Why do you use "/home/vpopmail/bin/vchkpw $LOCAL /bin/true 2>&1" ? Is "$LOCAL" required by vchkpw ? regards. --eh. Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de/ Wiener Weg 8, 50858 Cologne | T: +49 221 484 4923 | F: ...24
