[toaster] A little piece of code of "REQUIREAUTH"
This is a little piece of code which can be applied onto toaster-0.8.
It provides the "require authentication" function to netqmail.
After applying the patch, set the environment REQUIREAUTH="" in the
tcp.smtp file and it will require all smtp session to be authenticated.
Hope this help those who need this function in their qmail
installation. (like me)
Bill, you can incorporate the code into your next release of toaster if
you find it appropriate.
Kelvin
--- qmail-smtpd.c.orig 2005-09-07 09:33:08.0 +0800
+++ qmail-smtpd.c 2005-09-07 09:33:58.0 +0800
@@ -125,6 +125,7 @@
int err_noauth() { out("504 auth type unimplemented (#5.5.1)\r\n"); return -1;
}
int err_authabrt() { out("501 auth exchange canceled (#5.0.0)\r\n"); return
-1; }
int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return -1; }
+void err_authrequired() { out("503 you must authenticate first (#5.5.1)\r\n");
}
void err_authfail() { out("535 authentication failed (#5.7.1)\r\n"); }
int saferead(fd,buf,len) int fd; char *buf; int len;
@@ -170,6 +171,8 @@
char *remoteinfo;
char *local;
char *relayclient;
+char *requireauth;
+int flagauth = 0;
stralloc helohost = {0};
char *fakehelo; /* pointer into helohost, or 0 */
@@ -259,6 +262,7 @@
if (!remotehost) remotehost = "unknown";
remoteinfo = env_get("TCPREMOTEINFO");
relayclient = env_get("RELAYCLIENT");
+ requireauth = env_get("REQUIREAUTH");
#ifdef TLS
if (env_get("SMTPS")) { smtps = 1; tls_init(); }
@@ -501,6 +505,7 @@
void smtp_mail(arg) char *arg;
{
int r;
+ if (requireauth && !flagauth) { err_authrequired(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
flagsize = 0;
mailfrom_parms(arg);
@@ -767,7 +772,6 @@
static stralloc slop = {0}; /* b64 challenge */
#endif
-int flagauth = 0;
char **childargs;
char ssauthbuf[512];
substdio ssauth = SUBSTDIO_FDBUF(safewrite,3,ssauthbuf,sizeof(ssauthbuf));
Re: [toaster] chkuser problem
At 19.29 06/09/2005, you wrote: Ok. I fixed the problem. I uninstalled the 64-bit version of Suse Enterprise Linux 9 and installed the 32-bit version (the server is running an AMD Opteron). I then went through the install process of Bill's toaster and everything worked just fine. Chkuser works now as it should. Can anyone think of a reason chkuser would not work on a 64-bit OS? Everything else seems to compile and work just fine on the 64-bit version of SLES 9. I feel problem is likely in vpopmail libraries, or other linked libraries used by chkuser. Tonino Adam Adam Woodbeck wrote: Hello Tonino, I disabled chkuser and I was able to send email just fine to local users through the secondary mail server. It certainly appears as though there is something wrong with chkuser on the secondary mail server. I may start over from scratch again since the secondary server is not in production yet. Adam On Tuesday 06 September 2005 06:56, Tonix wrote: Are you sure MySQL is reachable from the second server? Did you check if MySQL accounts work from the secondary server? MySQL has a particular way to handle users, check it. If problem persist, disable chkuser on secondary server and test if problem still exists. Tonino
Re: [toaster] PopBeforeSmtp - SMTP AUTH and some RELAY
Hi to all!
Here a patch for disable "Pop before Smtp" and "SMTP Auth" with
vqadmin-2.3.6 ( last stable ) with "Disable external relay" checkbox.
Original version didn't support "disable_smtp".
Bye!
Simone
--- vqadmin-2.3.6-orig/domain.c 2003-09-17 23:37:52.0 +0200
+++ vqadmin-2.3.6/domain.c 2005-09-07 11:39:44.0 +0200
@@ -144,7 +144,7 @@
if (udialup!=NULL) fprintf(fs, "disable_dialup\n");
if (upassc!=NULL) fprintf(fs, "disable_password_changing\n");
if (uweb!=NULL) fprintf(fs, "disable_webmail\n");
- if (urelay!=NULL) fprintf(fs, "disable_external_relay\n");
+ if (urelay!=NULL) fprintf(fs, "disable_external_relay\ndisable_smtp\n");
fclose(fs);
chown(dir,uid, gid);
chmod(dir, S_IRUSR | S_IWUSR);
@@ -297,7 +297,7 @@
if (udialup!=NULL) fprintf(fs, "disable_dialup\n");
if (upassc!=NULL) fprintf(fs, "disable_password_changing\n");
if (uweb!=NULL) fprintf(fs, "disable_webmail\n");
- if (urelay!=NULL) fprintf(fs, "disable_external_relay\n");
+ if (urelay!=NULL) fprintf(fs, "disable_external_relay\ndisable_smtp\n");
fclose(fs);
chown(dir,uid, gid);
@@ -410,6 +410,9 @@
} else if ( strcmp(tmpstr1, "disable_external_relay") == 0 ) {
global_par("MS", "checked");
+ } else if ( strcmp(tmpstr1, "disable_smtp") == 0 ) {
+global_par("MS", "checked");
+
} else if ( strcmp(tmpstr1, "disable_webmail") == 0 ) {
global_par("MW", "checked");
[toaster] Yet another piece of patch - qmail-tap for toaster-0.8
This is just a little piece of patch which can be applied onto toaster-0.8. It provides the "tapping" function to netqmail. After applying the patch, create the file control/taps with the corresponding format should enable the tap function. For details, please see the instructions in inter7.com. Bill, again, if you find it appropriate, please feel free to incorporate it into your next release of toaster. cheers, Kelvin
Re: [toaster] Yet another piece of patch - qmail-tap for toaster-0.8
The patch file is here.
Kelvin
Quoting Kelvin Wu <[EMAIL PROTECTED]>:
This is just a little piece of patch which can be applied onto
toaster-0.8. It provides the "tapping" function to netqmail.
After applying the patch, create the file control/taps with the
corresponding format should enable the tap function. For details,
please see the instructions in inter7.com.
Bill, again, if you find it appropriate, please feel free to
incorporate it into your next release of toaster.
cheers,
Kelvin
diff -Nuar netqmail-1.05/Makefile netqmail-1.05.tap/Makefile
--- netqmail-1.05/Makefile 2005-09-06 14:28:09.0 +0800
+++ netqmail-1.05.tap/Makefile 2005-09-07 17:55:06.0 +0800
@@ -1550,13 +1550,14 @@
nroff -man qmail-qstat.8 > qmail-qstat.0
qmail-queue: \
-load qmail-queue.o triggerpull.o fmtqfn.o now.o date822fmt.o \
-datetime.a seek.a ndelay.a open.a sig.a alloc.a substdio.a error.a \
-str.a fs.a auto_qmail.o auto_split.o auto_uids.o
+load qmail-queue.o triggerpull.o fmtqfn.o now.o date822fmt.o qregex.o \
+datetime.a seek.a case.a ndelay.a open.a sig.a getln.a stralloc.a alloc.a \
+substdio.a error.a control.o constmap.o str.a fs.a auto_qmail.o \
+auto_split.o auto_uids.o
./load qmail-queue triggerpull.o fmtqfn.o now.o \
- date822fmt.o datetime.a seek.a ndelay.a open.a sig.a \
- alloc.a substdio.a error.a str.a fs.a auto_qmail.o \
- auto_split.o auto_uids.o
+ date822fmt.o qregex.o control.o constmap.o datetime.a case.a seek.a \
+ ndelay.a open.a sig.a getln.a stralloc.a alloc.a substdio.a error.a \
+ str.a fs.a auto_qmail.o auto_split.o auto_uids.o
qmail-queue.0: \
qmail-queue.8
diff -Nuar netqmail-1.05/qmail-control.9 netqmail-1.05.tap/qmail-control.9
--- netqmail-1.05/qmail-control.9 2005-09-06 14:28:09.0 +0800
+++ netqmail-1.05.tap/qmail-control.9 2005-09-07 17:58:31.0 +0800
@@ -77,6 +77,7 @@
.I servercert.pem \fR(none) \fRqmail-smtpd
.I smtpgreeting\fIme \fRqmail-smtpd
.I smtproutes \fR(none) \fRqmail-remote
+.I taps\fR(none) \fRqmail-queue
.I spfbehavior\fR0\fRqmail-smtpd
.I spfexp \fR(default)\fRqmail-smtpd
.I spfguess \fR(none) \fRqmail-smtpd
@@ -95,6 +96,7 @@
.SH "SEE ALSO"
qmail-inject(8),
qmail-qmqpc(8),
+qmail-queue(8),
qmail-remote(8),
qmail-send(8),
qmail-showctl(8),
diff -Nuar netqmail-1.05/qmail-queue.8 netqmail-1.05.tap/qmail-queue.8
--- netqmail-1.05/qmail-queue.8 2005-09-06 14:03:52.0 +0800
+++ netqmail-1.05.tap/qmail-queue.8 2005-09-07 18:01:01.0 +0800
@@ -40,6 +40,12 @@
However, the recipients probably expect to see a proper header,
as described in
.BR qmail-header(5) .
+.SH "CONTROL FILES"
+.TP 5
+.I taps
+Should contain regex syntax of email addresses to tap and
+the associated email address to send the copy to. The two
+fields should be separated by a colon.
Programs included with qmail which invoke
.B qmail-queue
diff -Nuar netqmail-1.05/qmail-queue.c netqmail-1.05.tap/qmail-queue.c
--- netqmail-1.05/qmail-queue.c 1998-06-15 18:53:16.0 +0800
+++ netqmail-1.05.tap/qmail-queue.c 2005-09-07 18:12:39.0 +0800
@@ -16,6 +16,8 @@
#include "auto_uids.h"
#include "date822fmt.h"
#include "fmtqfn.h"
+#include "stralloc.h"
+#include "constmap.h"
#define DEATH 86400 /* 24 hours; _must_ be below q-s's OSSIFIED (36 hours) */
#define ADDR 1003
@@ -25,6 +27,14 @@
char outbuf[256];
struct substdio ssout;
+int tapok = 0;
+stralloc tap = {0};
+struct constmap maptap;
+stralloc chkaddr = {0};
+int tapped;
+stralloc tapaddr = {0};
+stralloc controlfile = {0};
+
datetime_sec starttime;
struct datetime dt;
unsigned long mypid;
@@ -175,6 +185,13 @@
alarm(DEATH);
+ stralloc_copys( &controlfile, auto_qmail);
+ stralloc_cats( &controlfile, "/control/taps");
+ stralloc_0( &controlfile);
+ tapok = control_readfile(&tap,controlfile.s,0);
+ if (tapok == -1) die(65);
+ if (!constmap_init(&maptap,tap.s,tap.len,0)) die(65);
+
pidopen();
if (fstat(messfd,&pidst) == -1) die(63);
@@ -219,14 +236,28 @@
if (substdio_get(&ssin,&ch,1) < 1) die_read();
if (ch != 'F') die(91);
if (substdio_bput(&ssout,&ch,1) == -1) die_write();
+ stralloc_0(&chkaddr);
for (len = 0;len < ADDR;++len)
{
+ if ( len == 1 ) stralloc_copyb(&chkaddr, &ch,1);
+ else if ( len > 1 ) stralloc_catb(&chkaddr, &ch,1);
if (substdio_get(&ssin,&ch,1) < 1) die_read();
if (substdio_put(&ssout,&ch,1) == -1) die_write();
if (!ch) break;
}
if (len >= ADDR) die(11);
+ /* check the from address */
+ stralloc_0(&chkaddr);
+ if (tapped == 0 && tapcheck()==1 ) {
+ tapped = 1;
+ if ( tapaddr.len > 0 ) {
+ if (substdio_bput(&ssout,"T",1) == -1) die_write();
+ if (substdio_bput(&ssout,tapaddr.s,tapaddr.len) == -1) die_write();
+ if (substdio_bput(&ssout,"",1) == -1) die_write();
+ }
+ }
+
if (substdio_bput(&ssout,QUEUE_EXTRA,QUEUE_EXTRALEN) == -1) die_wri
Re: [toaster] Yet another piece of patch - qmail-tap for toaster-0.8
At 13.03 07/09/2005, you wrote: This is just a little piece of patch which can be applied onto toaster-0.8. It provides the "tapping" function to netqmail. After applying the patch, create the file control/taps with the corresponding format should enable the tap function. For details, please see the instructions in inter7.com. Thanks, very appreciated. But where is? Fabrizio
[toaster] Query about backup-mx's
I have a question regarding the "backup-mx" operation of the toaster: I have something like domain: test.com MX 5 mail.master.dom MX 10 mail.backup.dom in my DNS records. Say mail.master.dom goes down; the sending MTA automatically routes e-mail to mail.backup.dom. My question is: if mail.backup.dom receives e-mail intended test.com, how does it decide that the mail should go to mail.master.dom? ie. does the DNS data override all /control/locals entries (_and_ /control/virtualdomains)? or, will it be the case that even if mail.backup.dom is _not_ primary mx for test.com (as in my little example above), will it still check /control/rcpthosts and/or /control/virtualdomains and, if an entry is found in there for test.com, deliver it locally? What I am trying to investigate is the possibility of true backup mailserver takover; ie. something better than silently queing my mail on a backup mx when the primary is offline. But if the DNS data overrides /control/rcpthosts and /control/virtualdomains, then my quest is pointless... I'll never be able to make a simple configuration change on the fly and have my backup mx become my primary mx without modifying my DNS (which I want to avoid at all costs, as it takes so long for the changes to take effect as to be pointless). Many thanks for the toaster Bill & contributors, and sorry for the "off-topicness" of this e-mail, David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]>
Re: [toaster] Query about backup-mx's
David wrote: I have a question regarding the "backup-mx" operation of the toaster: I have something like domain: test.com MX 5 mail.master.dom MX 10 mail.backup.dom in my DNS records. Say mail.master.dom goes down; the sending MTA automatically routes e-mail to mail.backup.dom. My question is: if mail.backup.dom receives e-mail intended test.com, how does it decide that the mail should go to mail.master.dom? ie. does the DNS data override all /control/locals entries (_and_ /control/virtualdomains)? or, will it be the case that even if mail.backup.dom is _not_ primary mx for test.com (as in my little example above), will it still check /control/rcpthosts and/or /control/virtualdomains and, if an entry is found in there for test.com, deliver it locally? What I am trying to investigate is the possibility of true backup mailserver takover; ie. something better than silently queing my mail on a backup mx when the primary is offline. But if the DNS data overrides /control/rcpthosts and /control/virtualdomains, then my quest is pointless... I'll never be able to make a simple configuration change on the fly and have my backup mx become my primary mx without modifying my DNS (which I want to avoid at all costs, as it takes so long for the changes to take effect as to be pointless). Many thanks for the toaster Bill & contributors, and sorry for the "off-topicness" of this e-mail, David Branford Aternox Design www.aternoxdesign.com.au <[EMAIL PROTECTED]> Hi, If the backup MX has the domain in rcpthosts and virtualdomains it will deliver it locally If the backup MX has the domain in rcpthosts and NOT in virtualdomains it will deliver it to the primary MX If the backup MX does NOT have the domain in rcpthosts it will reject the mail. (regardless if it's in virtualdomains or not) Regards, Rick
Re: [toaster] Query about backup-mx's
On Sep 7, 2005, at 8:01 AM, David wrote: My question is: if mail.backup.dom receives e-mail intended test.com, how does it decide that the mail should go to mail.master.dom? ie. does the DNS data override all /control/locals entries (_and_ /control/virtualdomains)? or, will it be the case that even if mail.backup.dom is _not_ primary mx for test.com (as in my little example above), will it still check /control/rcpthosts and/or /control/virtualdomains and, if an entry is found in there for test.com, deliver it locally? What I am trying to investigate is the possibility of true backup mailserver takover; ie. something better than silently queing my mail on a backup mx when the primary is offline. But if the DNS data overrides /control/rcpthosts and /control/virtualdomains, then my quest is pointless... I'll never be able to make a simple configuration change on the fly and have my backup mx become my primary mx without modifying my DNS (which I want to avoid at all costs, as it takes so long for the changes to take effect as to be pointless). If the domain is only in rcpthosts, then your backup will queue it and continue trying to deliver to the primary server. If you have it in virtualdomains, then qmail should deliver it locally to that machine. Of course, you need to figure out how to keep mail and configuration information synchronized between the servers if you go that route. -Tom
RE: [toaster] Query about backup-mx's
Tom that's very interesting info. Maybe someone has a manual or best way for having a backup mx with qmail+vpopmail? it would be great to add this to the toaster in an optional part (configure a backup MX). regards, Ingo Claro Gerente de Operaciones [EMAIL PROTECTED] (+56-2) 43 00 155 -Mensaje original- De: Tom Collins [mailto:[EMAIL PROTECTED] Enviado el: MiƩrcoles, 07 de Septiembre de 2005 11:16 Para: toaster@shupp.org Asunto: Re: [toaster] Query about backup-mx's On Sep 7, 2005, at 8:01 AM, David wrote: > My question is: if mail.backup.dom receives e-mail intended test.com, > how does it decide that the mail should go to mail.master.dom? ie. > does the DNS data override all /control/locals entries (_and_ > /control/virtualdomains)? > or, will it be the case that even if mail.backup.dom is _not_ primary > mx for test.com (as in my little example above), will it still check > /control/rcpthosts and/or /control/virtualdomains and, if an entry is > found in there for test.com, deliver it locally? > > What I am trying to investigate is the possibility of true backup > mailserver takover; ie. something better than silently queing my mail > on a backup mx when the primary is offline. But if the DNS data > overrides /control/rcpthosts and /control/virtualdomains, then my > quest is pointless... I'll never be able to make a simple > configuration change on the fly and have my backup mx become my > primary mx without modifying my DNS (which I want to avoid at all > costs, as it takes so long for the changes to take effect as to be > pointless). If the domain is only in rcpthosts, then your backup will queue it and continue trying to deliver to the primary server. If you have it in virtualdomains, then qmail should deliver it locally to that machine. Of course, you need to figure out how to keep mail and configuration information synchronized between the servers if you go that route. -Tom
Re: [toaster] chkuser problem
Hi, I've installed Bill's toaster to Dual opteron, GENTOO linux, 64bit environment. Everything without problem (jut needed to change 2 lines of his code ;-) Roman Carlos J. Muentes napsal(a): Wow, I had the same exact problem with SLES9 64-bit edition, but with courier-authlib! I did the same thing, uninstalled the 64-bit version, and installed the 32-bit vesion and all problems went away just like that. I found articles of others having the same issues with the 64-bit version of SLES, so I assume courier-authlib, as well as other lib's/bin's are having issues with compiling on 64-bith architectures. I also had issues with konqueror in the 64-bit version crashing for unknown reasons, that also went away with an install of the 32-bit version.
