i'm wondering about vpopmaild... i plan on writing a patch for qmail- smtpd which will make it connect to vpopmaild in order to handle the AUTH command (basically try to "login" and use the "+" or "-" response to approve or deny the AUTH command.) my questions are:

- how close are we to seeing vpopmaild as a "live" program, either included with vpopmail, or released as its own package (to be compiled after vpopmail has already been installed, so it uses whatever version of libvpopmail is already on the system?)

- how "fixed" is the command structure? i ask because i have written a basic program which accepts the "login", "help", and "quit" commands the same way that http://qmailwiki.inter7.com/Vpopmaild says they will work, but uses courier-authlib as the back-end instead of libvpopmail. if i know for sure that the "login" and "quit" commands are set in stone then i can start writing the patch and use my own program for testing.

i'm sure "quit" won't change, that's a no-brainer, but "login"... for all i know somebody may decide to expand it to handle CRAM logins in the future, which would necessitate changing the command structure to include a third parameter- userid, challenge, and response would all be needed in order to verify the password.

as a note for the future, in case somebody does get this idea... let me suggest that instead of extending the "login" verb, you create a new "cramlogin" verb that handles three parameters (or four, with "md5" or "sha1" as another parameter, if it comes to that.)

if anybody is curious, http://qmail.jms1.net/courierauthd.shtml talks about my program, and has a download link for the source code (a single .c file.) the page isn't finished but the program is running on my machine and seems to work correctly when i manually telnet into it... which means that it should work for testing a qmail AUTH patch.

and yes, if i get this working, i do plan to release a stand-alone version of the patch for people who don't want to use my entire combined patch set, just as i did with the validrcptto.cdb patch.

| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <[EMAIL PROTECTED]> |
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply via email to