I have just rebuild it last week and it works fine.

Remo
----- Original Message ----- 
From: "tonix (Antonio Nati)" <[EMAIL PROTECTED]>
To: <vchkpw@inter7.com>
Sent: Thursday, September 22, 2005 08:07
Subject: Re: [vchkpw] chkuser 2.0.8b


> Aleks,
> 
> sorry to repeat what has been already said, but to make it short use 
> Shupp's Toaster. There inside chkuser + TLS + auth work fine together 
> (since years). You'll build it in minuts, and will never regret of 
> making this step.
> 
> Ciao,
> 
> Tonino
> 
> At 13.18 22/09/2005, you wrote:
>>Just for the fun of it; If I was to, (in this lifetime) get tls/auth
>>to work with chkuser, what/who's tls and auth code should i use?
>>Since jms obvious dont need to make he's patches compatible since he's
>>got the needed stuff for himself in validrcptto, i was hoping someone
>>knew what works or not. I stand corrected about the hole auth and no
>>tls security breach jms pointed out. If you want auth you should use
>>tls i guess.
>>
>>Thanks,
>>
>>/Aleks
>>
>>On 9/22/05, John Simpson <[EMAIL PROTECTED]> wrote:
>> > On 2005-09-21, at 0623, tonix (Antonio Nati) wrote:
>> >
>> > >
>> > > Why are you running it with -u $QMAILDUID ?
>> > >
>> > > You should run it as vpopmail, excluding any uidswitching (if you
>> > > enabled uidswitching within chkuser_settings.h, comment it).
>> > >
>> > > Cert must be owned by vpopmail as well.
>> >
>> > qmail is, and has always been, designed to have qmail-smtpd run as
>> > qmaild. the only reason to make it run as the vpopmail user is so
>> > that you can us "vchkpw" to support AUTH, and the solution there is
>> > to make the "vchkpw" binary setuid so it always runs as the vpopmail
>> > user.
>> >
>> > the servercert.pem file should be owned by root and readable to the
>> > group "nofiles" (which is the group qmaild belongs to.) the
>> > clientcert.pem file (if you have one) should also be owned by root,
>> > but readable to the group "qmail".
>> >
>> > --------------------------------------------------
>> > | John M. Simpson - KG4ZOW - Programmer At Large |
>> > | http://www.jms1.net/           <[EMAIL PROTECTED]> |
>> > --------------------------------------------------
>> > | Mac OS X proves that it's easier to make UNIX  |
>> > | pretty than it is to make Windows secure.      |
>> > --------------------------------------------------
>> >
>> >
>> >
>> >
>> >
> 
> 
>

Reply via email to