Re: Relay-ctrl and qmail

Wed, 28 Feb 2001 06:05:02 -0800 

Bill Isaacs <[EMAIL PROTECTED]> wrote:
> 
> No luck yet.  I tried Bruce's suggestion with the same outcome as before:
> ---------------------------------------------------------------
> tcpserver -v -R -x /etc/smtp.cdb 0 pop-3 /var/qmail/bin/qmail-popup 
> hoss.willysworkshop.com \
> /bin/checkpassword /usr/sbin/relay-ctrl-allow /var/qmail/bin/qmail-pop3d 
> Maildir
> 2>&1 | \
> /var/qmail/bin/splogger pop3d &
> ---------------------------------------------------------------

There's a problem there.  You're firing up qmail-pop3d, but using the
cdb file which is intended for qmail-smtpd.  Perhaps your tcpserver
invocation for qmail-smtpd is also incorrect?  However, that wouldn't
explain the next problem...

> And Charles, here are the diagnostics you requested (I hope)
[...] 
> >     `TCPREMOTEIP=1.2.3.4 tcprulescheck /etc/tcpcontrol/smtp.cdb`
> 
> [root@hoss workshop]# TCPREMOTEIP=63.207.13.190 tcprulescheck 
> /etc/tcpcontrol/smtp.cdb
> rule :
> allow connection

This is after you had POP'ed your mail from that IP address?  If so, the
cdb file is not being built properly, or relay-ctrl-allow is not doing its
job (unlikely, as it works everywhere else).  This has to be a configuration
error somwhere.

> Anyway, there's the dope.  I did find an error in tcpcontrol, to whit:
> I had not specified the full path to the smtp.cdb file.  Unfortunately
> fixing this did not solve the problem.

A summary:  relay-ctrl-allow sits in the qmail-pop3d chain between checkpassword
and qmail-pop3d.  It records the IP addresses of machines where a user has
successfully authenticated with POP3.  relay-ctrl then uses this information
to build an smtp.cdb file, which tcpserver uses for the qmail-smtpd service.
The variable RELAYCLIENT is set to an empty value for those clients who
authenticated with POP3, thus allowing them to relay SMTP traffic through
the server.

Charles
-- 
-----------------------------------------------------------------------
Charles Cazabon                            <[EMAIL PROTECTED]>
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------

Reply via email to