I have just rebuild it last week and it works fine. Remo ----- Original Message ----- From: "tonix (Antonio Nati)" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, September 22, 2005 08:07 Subject: Re: [vchkpw] chkuser 2.0.8b
> Aleks, > > sorry to repeat what has been already said, but to make it short use > Shupp's Toaster. There inside chkuser + TLS + auth work fine together > (since years). You'll build it in minuts, and will never regret of > making this step. > > Ciao, > > Tonino > > At 13.18 22/09/2005, you wrote: >>Just for the fun of it; If I was to, (in this lifetime) get tls/auth >>to work with chkuser, what/who's tls and auth code should i use? >>Since jms obvious dont need to make he's patches compatible since he's >>got the needed stuff for himself in validrcptto, i was hoping someone >>knew what works or not. I stand corrected about the hole auth and no >>tls security breach jms pointed out. If you want auth you should use >>tls i guess. >> >>Thanks, >> >>/Aleks >> >>On 9/22/05, John Simpson <[EMAIL PROTECTED]> wrote: >> > On 2005-09-21, at 0623, tonix (Antonio Nati) wrote: >> > >> > > >> > > Why are you running it with -u $QMAILDUID ? >> > > >> > > You should run it as vpopmail, excluding any uidswitching (if you >> > > enabled uidswitching within chkuser_settings.h, comment it). >> > > >> > > Cert must be owned by vpopmail as well. >> > >> > qmail is, and has always been, designed to have qmail-smtpd run as >> > qmaild. the only reason to make it run as the vpopmail user is so >> > that you can us "vchkpw" to support AUTH, and the solution there is >> > to make the "vchkpw" binary setuid so it always runs as the vpopmail >> > user. >> > >> > the servercert.pem file should be owned by root and readable to the >> > group "nofiles" (which is the group qmaild belongs to.) the >> > clientcert.pem file (if you have one) should also be owned by root, >> > but readable to the group "qmail". >> > >> > -------------------------------------------------- >> > | John M. Simpson - KG4ZOW - Programmer At Large | >> > | http://www.jms1.net/ <[EMAIL PROTECTED]> | >> > -------------------------------------------------- >> > | Mac OS X proves that it's easier to make UNIX | >> > | pretty than it is to make Windows secure. | >> > -------------------------------------------------- >> > >> > >> > >> > >> > > > >
