Thanks for the answer
qmail-smtpd is trying to run the checkpassword program, and can't.
check the permissions on your checkpassword program (specified on
your qmail-smtpd command line- if the example you sent is accurate,
this will be "/home/vpopmail/bin/vchkpw".) and here's the part a lot
of people forget- also check the permissions of each directory which
contains it. for example, if the program is "/home/vpopmail/bin/
vchkpw", you need to make sure that "/home", "/home/vpopmail", and "/
home/vpopmail/bin" all have AT LEAST "x" permission for "group" and
"other" (i.e. "chmod go+x /home /home/vpopmail /home/vpopmail/bin".)
drwxrwsr-x 5 root staff 4096 2006-02-06 15:55 home
drwxr-xr-x 8 vpopmail vchkpw 4096 2006-02-06 15:55 vpopmail
drwxr-xr-x 2 vpopmail vchkpw 4096 2006-02-06 15:58 bin
the next problem you're going to run into is that (according to the
smtp run script you sent) qmail-smtpd is running as the userid
"qmaild", and in order for "vchkpw" to read the vpasswd.cdb files and
do its job, it has to be run as either the vpopmail user, or as root.
I already saw that error, and now this is the run file:
tsuki:/var/qmail/supervise/qmail-smtpd# cat run
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
exec /usr/bin/softlimit -m 6000000 /usr/bin/tcpserver -H -R -l 0 -c
"$MAXSMTPD" -x /etc/tcp.smtp.cdb -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp
/var/qmail/bin/qmail-smtpd fujitsu.es /home/vpopmail/bin/vchkpw
the easiest way to make this happen is to make the vchkpw binary
setuid, like so:
# chmod 6711 /home/vpopmail/bin/vchkpw
-rws--s--x 1 vpopmail vchkpw 73124 2006-02-06 15:55
however, this could potentially be dangerous if normal users have
access to run commands on the machine- a user could run vchkpw over
and over, for example, in an attempt to do brute-force guessing of
other peoples' passwords. there are other options- a popular one is
to make qmail-smtpd run as the vpopmail user, however if you're using
qmail-scanner, simscan or any other QMAILQUEUE program, this will
also cause those programs to run as the vpopmail user as well. i'm
not saying this is a good or a bad thing, just something to be aware
of- as long as you understand what's going on, it can be handled.
For the moment only want see smtp auth run.
But the result is the same:
tsuki:/var/qmail/supervise/qmail-smtpd# telnet localhost 25
Connected to localhost.
Escape character is '^]'.
220 tsuki.fujitsu.es ESMTP
250 AUTH LOGIN PLAIN CRAM-MD5
454 oops, unable to write pipe and I can't auth (#4.3.0)