DAve wrote:
DAve wrote:
Tom Collins wrote:
DAve,
I think you've found a bug in vchkpw.
Bug? After running this entire situation through my thick head, again,
I more suspect I am trying to do something with vchkpw it was never
intended to do.
<snip>
>> I think... that vchkpw will not work without a complete working
>> install. It seems to need to have access to the domains,
>> virtualdomains, and users/cdb file.
Exactly. vchkpw expects to run on a system with a full vpopmail
installation.
For some reason, it wants to create the user's directory if it
doesn't already exist. This could be related to updating the
lastauth file in the user's directory. Disabling AUTH_LOGGING on
that system will help, but you'll still have code trying to create
the directory.
If auth logging is enabled then the attempt to authenticate needs to be
logged. If the users directory doesn't exist, it needs to be created so
the log file can be created.
Let me know if that works, and I'll make changes to the release
version. That code could probably be permanently removed -- the
user's directory is created by vdelivermail when necessary. vchkpw
doesn't need to be doing it.
Bill: I have to disagree. The authentication attempt needs to be
logged, even if there is no mail to deliver. If MySQL is holding the
auth log info, then it should be be removed with another ifdef. There
may be some 'combination of configure option' bugs here, but if
auth-logging is enabled and the directory does not exist it needs to be
created. At least for cdb.
Is no one else using a physically separate outbound smtp server? I am
open to suggestions on how to auth using my vpopmail DB.
John Simpson has a validrcptto patch which modifies qmail-smtp to verify
email addresses against a cdb file, and the latest vpopmail provides an
onchange script that lets you update the cdb files when users are added
or removed.
http://qmail.jms1.net/patches/vpopmail.shtml
vpopmaild can be used to verify a vpopmail login. Just attempt to login
to the daemon with the user and password, using the silent option. If
the user is valid the login attempt will succeed. I am not aware of a
program to do this, but if you write one, I would consider adding it to
the contrib directory of vpopmail.
This morning I hacked up a quick Perl script to do the authentication
and it is working fine. This confirms that my qmail-auth installation is
working, and my remote vpopmail DB is reachable.
If you have any other uses for Perl (spamassassin) on the machine and
keep it loaded in RAM, this may well be the most efficient method...
You are directly opening the database and looking up the info you need.
Anything else you do just adds another layer, and the program you use
still has to open the database.
PHP might be able to do the same thing with a slightly smaller memory
footprint.
