[vchkpw] qmail installation script 1.3.6-rc6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, A new version of the installing's script for qmail are released. All feedback are welcome before the final 1.3.6 :) http://www.linuxpourtous.com/download/qmail/install_qmail-1.3.6-rc6.tar.gz Changelog since 1.3.6-rc5 : * Testing installation script on 2 servers SuSE 8.2 without error with this doc : - http://www.linuxpourtous.com/read_doc.php?docs/qmail-1_3_4-french.html - http://www.linuxpourtous.com/read_doc.php?docs/qmail-1_3_4-english.html * Changing source of rpms's ezmlm (for SuSE 8.2) Number #2 in the script * Modification in do_sleep() function * Bug correction in dcc-dccproc's installation * Bug correction in qmail's installation : - creating /var/qmail/control/rcpthosts - changing /usr/bin/softlimit by /usr/local/bin/softlimit in /var/qmail/ supervise/smtp/run * Added symlink [EMAIL PROTECTED] in qmail-scanner's installation * Bug correction in tools's installation * Bug correction in isoqlog's installation * More checkings and more variables * Minor changing in vpopmail's installation (vlimits.default) * Create all MySQL's users and MySQL's passwords automagically ;-) * Added locals file in /var/qmail/control/ * Minor changing in courier_imap installation according to SSL work with qmail * Versions of softwares sources updated * Installing all needed CPAN's modules * Minor bugs corrections in entire script * Added ezmlm's errno patch (ezmlm-idx-0.53.400.unified_41.patch) * Added mess822 software Best regards - -- Franck http://www.linuxpourtous.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/nNin1zwfep5k9qERAv7rAJ4t5a6w08v1/VnUWH9+y2zkPDYy/QCfToRO tWC3RX4BeYXPtQ4xeosh+b8= =f0v6 -END PGP SIGNATURE-
[vchkpw] Re: password encryption
Hello List, On Saturday, October 25, 2003 at 6:52:54 PM [EMAIL PROTECTED] wrote (at least in part): > what style of encryption does vpopmail implement on the passwords that it stores > in the sql db? The same it uses for .cdb files. Read the archive [1]. http://bluedot.net/mail/archive/list.php?f=2 -- Best regards Peter Palmreuther Water detect in coprocessor. (R)etry/(A)bort/(F)lush? þþþ
[vchkpw] Inserting new users via mysql-insert into the vpopmail database
Hello list, I have vpopmail -with-mysql installation. I want to create new users like [EMAIL PROTECTED] NOT with vadduser BUT with just . Any hints, how I can generate the encrypted password in the column pw_passwd (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? Regs, Oliver Etzel
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM \(R\) writes: > I want to create new users like [EMAIL PROTECTED] NOT with vadduser Why would you not want to use vadduser? > BUT with just . With just what? > Any hints, > how I can generate the encrypted password in the column pw_passwd > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? Yes, I could tell you how to do that. But creating an entry in MySQL and crypting the password is only part of the process that vadduser (or any of the web admin interfaces like qmailadmin which use the vpopmail libraries) do. It really is easier to use vadduser or link to the appropriate routines in the vpopmail libraries (or use one of the webadmin tools). It is also safer, because if vpopmail changes in the future, vadduser will do whatever is necessary to accommodate that change whereas your method (whatever it is) may not. -- Paul Allen Softflare Support
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello list, I have vpopmail -with-mysql installation. I want to create new users like [EMAIL PROTECTED] NOT with vadduser BUT with just inserting it via mysql-insert into the vpopmail database. Any hints, how I can generate the encrypted password in the column pw_passwd (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? Regs, Oliver Etzel
RE: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
However you can just add the user to the database without needing to attach to the shell at all and have vpopmail create the user the first time the user receives an email. Makes a lot of sense when your billing system has been modified to do this for you. Shane >-Original Message- >From: Paul L. Allen [mailto:[EMAIL PROTECTED] >Sent: Monday, 27 October 2003 10:08 PM >To: [EMAIL PROTECTED] >Subject: [vchkpw] Re: Inserting new users via mysql-insert >into the vpopmail database > > > >Oliver Etzel - GoodnGo.COM \(R\) writes: > >> I want to create new users like [EMAIL PROTECTED] NOT with vadduser > >Why would you not want to use vadduser? > >> BUT with just . > >With just what? > >> Any hints, >> how I can generate the encrypted password in the column pw_passwd >> (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > >Yes, I could tell you how to do that. But creating an entry in >MySQL and crypting the password is only part of the process that >vadduser (or any of the web admin interfaces like qmailadmin which use >the vpopmail libraries) do. > >It really is easier to use vadduser or link to the appropriate routines >in the vpopmail libraries (or use one of the webadmin tools). It is >also safer, because if vpopmail changes in the future, vadduser will do >whatever is necessary to accommodate that change whereas your method >(whatever it is) may not. > >-- >Paul Allen >Softflare Support > > > >
[vchkpw] "global" or sitewide alias/forward
Hi all, Quick question: Using qmail/vpopmail, how can i make mail for things like [EMAIL PROTECTED] or [EMAIL PROTECTED] go to one single maildir/account/alias for all my virtual doms, without having to create .qmail-abuse and .qmail-hostmaster files for all my virtual doms? (Sort of like the way /var/qmail/alias works for non-virtual (local) domains) Is that possible? Thanks in advance, Hans Rakers Parse software development BV, NL
Re: [vchkpw] Inserting new users via mysql-insert into the vpopmail database
On Monday 27 October 2003 14:55, Oliver Etzel - GoodnGo.COM (R) wrote: > Hello list, > > I have vpopmail -with-mysql installation. > > I want to create new users like [EMAIL PROTECTED] NOT with vadduser > BUT with just . > > Any hints, > how I can generate the encrypted password in the column pw_passwd > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? Dear sir. We have answered your previous question Date: Fri 24.10.2003 [00:47] From: "Oliver Etzel - GoodnGo.COM \(R\)" Subject: [vchkpw] password generation - vpopmail table - pw_passwd to some extent. If you did not read the answers of paul allen, michael bowe and me, did not visit the page http://bluedot.net/mail/archive/ read.php?f=2&i=7411&t=7409 like michael suggested, then i guess you should do this right now. Or hire someone repeating things all day long. I certainly won't do this for free. -- Mit internetten Grüßen / Best Regards --- Justin Heesemannionium Technologies [EMAIL PROTECTED]www.ionium.org
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM \(R\) writes: > I want to create new users like [EMAIL PROTECTED] NOT with vadduser > BUT with just inserting it via mysql-insert into the vpopmail > database. OK, you have now explained what you want to use instead. Somebody else pointed out that the maildir will be created automatically by vdelivermail if the user exists (I hadn't realized it did that until I read that message and looked at the code just now) so you can get away with doing that. What you have yet to explain is any valid or sensible reason WHY you want to do this. > Any hints, > how I can generate the encrypted password in the column pw_passwd > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? Not without breaking out of MySQL and returning to the shell. The hard way is to get a shell prompt, use passwd to set the password of a dummy system user then copy the crypted password into the MySQL command. The harder way is to write a perl script that generates some good random salt, calls crypt to crypt the password then uses the DBD modules to insert the user into MySQL. An easy way to do it is to add the user with MySQL giving garbage for the crypted password then use vmoduser to set a valid crypted password. The very easy way to do it is to run vadduser. You CANNOT do it all from MySQL. You CAN do it all with vadduser. What is more, I can see no reason why you would want to add a user but NOT have the maildir created at the same time, which is all you could achieve if you could do it all from MySQL If you have some automation tool that can only cope with adding MySQL rows then you'll still have to modify it to shell out to generate the crypted password, so you might as well modify it to shell out and run vadduser anyway. If you want domain admins to be able to add users this way because they cannot run vadduser you'll still have to write code that validates they can only modify their own domains, so you'd be far better off installing something like qmailadmin on your server. -- Paul Allen Softflare Support
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
He can also enable the learn password option in vpopmail, I think this would be an easy way to deal with it myself. What do you think? -John - Original Message - From: "Paul L. Allen" <[EMAIL PROTECTED]> To: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 6:47 AM Subject: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database > > Oliver Etzel - GoodnGo.COM \(R\) writes: > > > I want to create new users like [EMAIL PROTECTED] NOT with vadduser > > BUT with just inserting it via mysql-insert into the vpopmail > > database. > > OK, you have now explained what you want to use instead. Somebody else > pointed out that the maildir will be created automatically by vdelivermail > if the user exists (I hadn't realized it did that until I read that > message and looked at the code just now) so you can get away with doing > that. What you have yet to explain is any valid or sensible reason WHY > you want to do this. > > > Any hints, > > how I can generate the encrypted password in the column pw_passwd > > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > > Not without breaking out of MySQL and returning to the shell. The > hard way is to get a shell prompt, use passwd to set the password of a > dummy system user then copy the crypted password into the MySQL command. > The harder way is to write a perl script that generates some good random > salt, calls crypt to crypt the password then uses the DBD modules to > insert the user into MySQL. An easy way to do it is to add the > user with MySQL giving garbage for the crypted password then use vmoduser > to set a valid crypted password. The very easy way to do it is to run > vadduser. > > You CANNOT do it all from MySQL. You CAN do it all with vadduser. What > is more, I can see no reason why you would want to add a user but NOT > have the maildir created at the same time, which is all you could achieve > if you could do it all from MySQL If you have some automation tool > that can only cope with adding MySQL rows then you'll still have to > modify it to shell out to generate the crypted password, so you might > as well modify it to shell out and run vadduser anyway. If you want > domain admins to be able to add users this way because they cannot run > vadduser you'll still have to write code that validates they can only > modify their own domains, so you'd be far better off installing something > like qmailadmin on your server. > > -- > Paul Allen > Softflare Support > > >
[vchkpw] Re: "global" or sitewide alias/forward
Hans Rakers writes: > Quick question: Using qmail/vpopmail, how can i make mail for things > like [EMAIL PROTECTED] or [EMAIL PROTECTED] go to > one single maildir/account/alias for all my virtual doms, without having > to create .qmail-abuse and .qmail-hostmaster files for all my virtual > doms? With a new enough release of vpopmail, vadddomain takes a -e switch to specify the catch-all address for the domain. Because this gets the mail for any username which does not exist at that domain, it will automatically get abuse and hostmaster mail. This may or may not be good enough for your purposes. Unfortunately, there appears to be no command-line tool for modifying existing domains in this way. If you want to modify existing domains or do not wish to use the catch-all mechanism then you will have to do this manually. However, once having done this on one domain you can then automate it by creating a script of some sort that goes through each domain, creates the destination maildir with vadduser, copies the .qmail-abuse and .qmail-hostmaster files and sets their ownership/permissions. For new domains you can create a script that runs vadddomain then creates the target mailbox and copies the .qmail files. -- Paul Allen Softflare Support
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello John, what exactly is the "learn password" option? Oliver > He can also enable the learn password option in vpopmail, I think this > would be > an easy way to deal with it myself. What do you think? > > -John > > - Original Message - > From: "Paul L. Allen" <[EMAIL PROTECTED]> > To: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Monday, October 27, 2003 6:47 AM > Subject: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail > database > > > > > > Oliver Etzel - GoodnGo.COM \(R\) writes: > > > > > I want to create new users like [EMAIL PROTECTED] NOT with vadduser > > > BUT with just inserting it via mysql-insert into the vpopmail > > > database. > > > > OK, you have now explained what you want to use instead. Somebody else > > pointed out that the maildir will be created automatically by vdelivermail > > if the user exists (I hadn't realized it did that until I read that > > message and looked at the code just now) so you can get away with doing > > that. What you have yet to explain is any valid or sensible reason WHY > > you want to do this. > > > > > Any hints, > > > how I can generate the encrypted password in the column pw_passwd > > > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > > > > Not without breaking out of MySQL and returning to the shell. The > > hard way is to get a shell prompt, use passwd to set the password of a > > dummy system user then copy the crypted password into the MySQL command. > > The harder way is to write a perl script that generates some good random > > salt, calls crypt to crypt the password then uses the DBD modules to > > insert the user into MySQL. An easy way to do it is to add the > > user with MySQL giving garbage for the crypted password then use vmoduser > > to set a valid crypted password. The very easy way to do it is to run > > vadduser. > > > > You CANNOT do it all from MySQL. You CAN do it all with vadduser. What > > is more, I can see no reason why you would want to add a user but NOT > > have the maildir created at the same time, which is all you could achieve > > if you could do it all from MySQL If you have some automation tool > > that can only cope with adding MySQL rows then you'll still have to > > modify it to shell out to generate the crypted password, so you might > > as well modify it to shell out and run vadduser anyway. If you want > > domain admins to be able to add users this way because they cannot run > > vadduser you'll still have to write code that validates they can only > > modify their own domains, so you'd be far better off installing something > > like qmailadmin on your server. > > > > -- > > Paul Allen > > Softflare Support > > > > > > > > >
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
John Johnson writes: > He can also enable the learn password option in vpopmail, I think > this would be an easy way to deal with it myself. It's hard to tell since he didn't say why he wanted to do it in the first place. The problems with the learn password option are that there is a window of vulnerability (unlikely to be exploited) and that he may not wish users to choose their own passwords. He may wish to force strong passwords on his users, in which case learn password would be totally unsuitable. As somebody else reminded us, this guy has asked questions avout the password hashing before and received rather comprehensive answers which he apparently either ignored or could not understand. So I have my doubts that any sensible, rational, logical solution will suit him. He appears to be like the guy who locked his keys in his car and spent an hour using a bent coat-hanger inserted down the window seal to jimmy the lock so he could let his family out of the car... -- Paul Allen Softflare Support
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello Paul, hello all, Paul: The reason why I do NOT want vadduser or any commandline tool is that I want to write a perl script which automatize user generation. Cool would would be If one could run: vadduser $variable_password or something like this in Perl or PHP code! Regs, Oliver Etzel > Oliver Etzel - GoodnGo.COM \(R\) writes: > > > I want to create new users like [EMAIL PROTECTED] NOT with vadduser > > BUT with just inserting it via mysql-insert into the vpopmail > > database. > > OK, you have now explained what you want to use instead. Somebody else > pointed out that the maildir will be created automatically by vdelivermail > if the user exists (I hadn't realized it did that until I read that > message and looked at the code just now) so you can get away with doing > that. What you have yet to explain is any valid or sensible reason WHY > you want to do this. > > > Any hints, > > how I can generate the encrypted password in the column pw_passwd > > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > > Not without breaking out of MySQL and returning to the shell. The > hard way is to get a shell prompt, use passwd to set the password of a > dummy system user then copy the crypted password into the MySQL command. > The harder way is to write a perl script that generates some good random > salt, calls crypt to crypt the password then uses the DBD modules to > insert the user into MySQL. An easy way to do it is to add the > user with MySQL giving garbage for the crypted password then use vmoduser > to set a valid crypted password. The very easy way to do it is to run > vadduser. > > You CANNOT do it all from MySQL. You CAN do it all with vadduser. What > is more, I can see no reason why you would want to add a user but NOT > have the maildir created at the same time, which is all you could achieve > if you could do it all from MySQL If you have some automation tool > that can only cope with adding MySQL rows then you'll still have to > modify it to shell out to generate the crypted password, so you might > as well modify it to shell out and run vadduser anyway. If you want > domain admins to be able to add users this way because they cannot run > vadduser you'll still have to write code that validates they can only > modify their own domains, so you'd be far better off installing something > like qmailadmin on your server. > > -- > Paul Allen > Softflare Support > > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
You can do with with Perl's "system" or "exec" calls, and I'm sure that PHP has equivalent calls as well. Just call the binary from your script. Why not use the product as its architected? Sheez! > Hello Paul, hello all, > > Paul: The reason why I do NOT want vadduser or any commandline tool is > that I want to write a perl script which automatize user generation. > > Cool would would be If one could run: > vadduser $variable_password > or something like this in > Perl or PHP code! > > Regs, > > Oliver Etzel >> Oliver Etzel - GoodnGo.COM \(R\) writes: >> >> > I want to create new users like [EMAIL PROTECTED] NOT with vadduser >> > BUT with just inserting it via mysql-insert into the vpopmail >> > database. >> >> OK, you have now explained what you want to use instead. Somebody > else >> pointed out that the maildir will be created automatically by > vdelivermail >> if the user exists (I hadn't realized it did that until I read that >> message and looked at the code just now) so you can get away with > doing >> that. What you have yet to explain is any valid or sensible reason > WHY >> you want to do this. >> >> > Any hints, >> > how I can generate the encrypted password in the column pw_passwd >> > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? >> >> Not without breaking out of MySQL and returning to the shell. The >> hard way is to get a shell prompt, use passwd to set the password of > a >> dummy system user then copy the crypted password into the MySQL > command. >> The harder way is to write a perl script that generates some good > random >> salt, calls crypt to crypt the password then uses the DBD modules to >> insert the user into MySQL. An easy way to do it is to add the >> user with MySQL giving garbage for the crypted password then use > vmoduser >> to set a valid crypted password. The very easy way to do it is to > run >> vadduser. >> >> You CANNOT do it all from MySQL. You CAN do it all with vadduser. > What >> is more, I can see no reason why you would want to add a user but > NOT >> have the maildir created at the same time, which is all you could > achieve >> if you could do it all from MySQL If you have some automation tool >> that can only cope with adding MySQL rows then you'll still have to >> modify it to shell out to generate the crypted password, so you > might >> as well modify it to shell out and run vadduser anyway. If you want >> domain admins to be able to add users this way because they cannot > run >> vadduser you'll still have to write code that validates they can > only >> modify their own domains, so you'd be far better off installing > something >> like qmailadmin on your server. >> >> -- >> Paul Allen >> Softflare Support >> >> >> >> > > >
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM \(R\) writes: > Paul: The reason why I do NOT want vadduser or any commandline tool is > that I want to write a perl script which automatize user generation. > > Cool would would be If one could run: > vadduser $variable_password > or something like this in > Perl or PHP code! vadduser has always allowed the plaintext password to be specified on the command line as: vadduser email_address password Newer versions can generate a random password with: vadduser -r email_address Both forms can be run from perl using backticks. The random password from the second form can be collected from the backticks in perl. -- Paul Allen Softflare Support
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Paul L. Allen wrote:
Oliver Etzel - GoodnGo.COM \(R\) writes:
I want to create new users like [EMAIL PROTECTED] NOT with vadduser
BUT with just inserting it via mysql-insert into the vpopmail
database.
OK, you have now explained what you want to use instead. Somebody else
pointed out that the maildir will be created automatically by vdelivermail
if the user exists (I hadn't realized it did that until I read that
message and looked at the code just now) so you can get away with doing
that. What you have yet to explain is any valid or sensible reason WHY
you want to do this.
Any hints,
how I can generate the encrypted password in the column pw_passwd
(looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ???
Not without breaking out of MySQL and returning to the shell. The
hard way is to get a shell prompt, use passwd to set the password of a
dummy system user then copy the crypted password into the MySQL command.
This isn't actually true. Mysql provides an encrypt() function, which
takes two strings, the password and the salt. On linux, and I would
guess *BSD as well, when you supply $1$ as the start of the salt then
an md5 crypt, same as in /etc/shadow, is performed. This is what I got
on my linux system:
mysql> select encrypt("foo", "$1$foo");
+---+
| encrypt("foo", "$1$foo") |
+---+
| $1$foo$cicfbsODeQjKhATDU7z4p. |
+---+
The harder way is to write a perl script that generates some good random
salt, calls crypt to crypt the password then uses the DBD modules to
insert the user into MySQL.
This is, imho, a less than stellar idea, particularly in light of MySQL
providing crypt functions that will work the same as what vpopmail uses
(crypt() btw). For "full" vpopmail compatability the salt must be 8
characters, the first three being $1$ if you're using MD5 passwords,
and ended with 0. The middle 5 are random letters.
An easy way to do it is to add the
user with MySQL giving garbage for the crypted password then use vmoduser
to set a valid crypted password. The very easy way to do it is to run
vadduser.
This all assumes you've got, and wish to use, shell access on the
vpopmail system.
You CANNOT do it all from MySQL. You CAN do it all with vadduser.
Wrong, and sometimes also wrong. There may be very legitimate reasons,
technical or political, for not allowing scripts to execute shell
commands on a mail system. There may be integration reasons why only DB
queries can be performed, instead of invoking a cgi or doing an ssh and
executing a script.
Hope that helps,
Nick Harring
Webley Systems, Inc.
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
When you run ./configure for vpopmail add this option --enable-learn-passwords=y Vpopmail with learn the passwords when the user pops for mail and that way you will not have to enter a password. -John - Original Message - From: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> To: "John Johnson" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 7:13 AM Subject: Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database > Hello John, > > what exactly is the "learn password" option? > > Oliver > > > He can also enable the learn password option in vpopmail, I think > this > > would be > > an easy way to deal with it myself. What do you think? > > > > -John > > > > - Original Message - > > From: "Paul L. Allen" <[EMAIL PROTECTED]> > > To: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Monday, October 27, 2003 6:47 AM > > Subject: [vchkpw] Re: Inserting new users via mysql-insert into the > vpopmail > > database > > > > > > > > > > Oliver Etzel - GoodnGo.COM \(R\) writes: > > > > > > > I want to create new users like [EMAIL PROTECTED] NOT with > vadduser > > > > BUT with just inserting it via mysql-insert into the vpopmail > > > > database. > > > > > > OK, you have now explained what you want to use instead. Somebody > else > > > pointed out that the maildir will be created automatically by > vdelivermail > > > if the user exists (I hadn't realized it did that until I read > that > > > message and looked at the code just now) so you can get away with > doing > > > that. What you have yet to explain is any valid or sensible > reason WHY > > > you want to do this. > > > > > > > Any hints, > > > > how I can generate the encrypted password in the column > pw_passwd > > > > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > > > > > > Not without breaking out of MySQL and returning to the shell. The > > > hard way is to get a shell prompt, use passwd to set the password > of a > > > dummy system user then copy the crypted password into the MySQL > command. > > > The harder way is to write a perl script that generates some good > random > > > salt, calls crypt to crypt the password then uses the DBD modules > to > > > insert the user into MySQL. An easy way to do it is to add the > > > user with MySQL giving garbage for the crypted password then use > vmoduser > > > to set a valid crypted password. The very easy way to do it is to > run > > > vadduser. > > > > > > You CANNOT do it all from MySQL. You CAN do it all with vadduser. > What > > > is more, I can see no reason why you would want to add a user but > NOT > > > have the maildir created at the same time, which is all you could > achieve > > > if you could do it all from MySQL If you have some automation > tool > > > that can only cope with adding MySQL rows then you'll still have > to > > > modify it to shell out to generate the crypted password, so you > might > > > as well modify it to shell out and run vadduser anyway. If you > want > > > domain admins to be able to add users this way because they cannot > run > > > vadduser you'll still have to write code that validates they can > only > > > modify their own domains, so you'd be far better off installing > something > > > like qmailadmin on your server. > > > > > > -- > > > Paul Allen > > > Softflare Support > > > > > > > > > > > > > > > > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello Paul, hello all, Oh my god, that is what I was looking for! Thank you very much. I thought I could write it all in one commandline# Know I write my perl-script for automation. Thank you ALL. Oliver > vadduser has always allowed the plaintext password to be specified > on the command line as: > > Cool would would be If one could run: > > vadduser $variable_password > > or something like this in > > Perl or PHP code! > > > vadduser email_address password > > Newer versions can generate a random password with: > > vadduser -r email_address > > Both forms can be run from perl using backticks. The random password > from the second form can be collected from the backticks in perl. > > -- > Paul Allen > Softflare Support > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Well maybe there is another answer to this. maybew he didn't get the reply last time for some reason so he doesn't even know he was given the answer. Sometimes we must have faith that not all people are stupid :) -John - Original Message - From: "Paul L. Allen" <[EMAIL PROTECTED]> To: "John Johnson" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 7:14 AM Subject: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database > > John Johnson writes: > > > He can also enable the learn password option in vpopmail, I think > > this would be an easy way to deal with it myself. > > It's hard to tell since he didn't say why he wanted to do it in the > first place. The problems with the learn password option are that there > is a window of vulnerability (unlikely to be exploited) and that he may > not wish users to choose their own passwords. He may wish to force strong > passwords on his users, in which case learn password would be totally > unsuitable. > > As somebody else reminded us, this guy has asked questions avout the > password hashing before and received rather comprehensive answers which > he apparently either ignored or could not understand. So I have my > doubts that any sensible, rational, logical solution will suit him. > He appears to be like the guy who locked his keys in his car and spent > an hour using a bent coat-hanger inserted down the window seal to jimmy > the lock so he could let his family out of the car... > > -- > Paul Allen > Softflare Support > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello Paul, hello all, Oh my god, that is what I was looking for! Thank you very much. I thought I couldn´t write it all in one commandline, like you Paul showed us. Now I write my perl-script for automation. Thank you ALL. > vadduser has always allowed the plaintext password to be specified > on the command line as: > > vadduser email_address password > > Newer versions can generate a random password with: > > vadduser -r email_address > > Both forms can be run from perl using backticks. The random password > from the second form can be collected from the backticks in perl. > > -- > Paul Allen > Softflare Support > > >
[vchkpw] suggestions on script
Hello guys is there a way that I can add users with script in a for syntax. Example USERS=`cat users` LASTNAMES=`cat last` for myusers in $USERS $LASTNAMES do vaddusers $myusers done thanks, Remo Mattei Network Security Engineer cell 801-209-8554 email [EMAIL PROTECTED] <>
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM (R) writes: Hello Paul, hello all, Oh my god, that is what I was looking for! Also, there is also a PERL-module for vpopmail ! It exposes almost all commands via an API. And if that isn't enought, you can compile PHP with vpopmail-support. cheers, Rainer
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello John, thank you very much. Now I understand. Phps. this is slightly insecure. But I will internalize that into my perl scripting. Thanx Oliver > When you run ./configure for vpopmail add this option > > --enable-learn-passwords=y > > Vpopmail with learn the passwords when the user pops for mail and that > way you will not have to enter a password. > > -John > > - Original Message - > From: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> > To: "John Johnson" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, October 27, 2003 7:13 AM > Subject: Re: [vchkpw] Re: Inserting new users via mysql-insert into the > vpopmail database > > > > Hello John, > > > > what exactly is the "learn password" option? > > > > Oliver > > > > > He can also enable the learn password option in vpopmail, I think > > this > > > would be > > > an easy way to deal with it myself. What do you think? > > > > > > -John > > > > > > - Original Message - > > > From: "Paul L. Allen" <[EMAIL PROTECTED]> > > > To: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> > > > Cc: <[EMAIL PROTECTED]> > > > Sent: Monday, October 27, 2003 6:47 AM > > > Subject: [vchkpw] Re: Inserting new users via mysql-insert into the > > vpopmail > > > database > > > > > > > > > > > > > > Oliver Etzel - GoodnGo.COM \(R\) writes: > > > > > > > > > I want to create new users like [EMAIL PROTECTED] NOT with > > vadduser > > > > > BUT with just inserting it via mysql-insert into the vpopmail > > > > > database. > > > > > > > > OK, you have now explained what you want to use instead. Somebody > > else > > > > pointed out that the maildir will be created automatically by > > vdelivermail > > > > if the user exists (I hadn't realized it did that until I read > > that > > > > message and looked at the code just now) so you can get away with > > doing > > > > that. What you have yet to explain is any valid or sensible > > reason WHY > > > > you want to do this. > > > > > > > > > Any hints, > > > > > how I can generate the encrypted password in the column > > pw_passwd > > > > > (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??? > > > > > > > > Not without breaking out of MySQL and returning to the shell. The > > > > hard way is to get a shell prompt, use passwd to set the password > > of a > > > > dummy system user then copy the crypted password into the MySQL > > command. > > > > The harder way is to write a perl script that generates some good > > random > > > > salt, calls crypt to crypt the password then uses the DBD modules > > to > > > > insert the user into MySQL. An easy way to do it is to add the > > > > user with MySQL giving garbage for the crypted password then use > > vmoduser > > > > to set a valid crypted password. The very easy way to do it is to > > run > > > > vadduser. > > > > > > > > You CANNOT do it all from MySQL. You CAN do it all with vadduser. > > What > > > > is more, I can see no reason why you would want to add a user but > > NOT > > > > have the maildir created at the same time, which is all you could > > achieve > > > > if you could do it all from MySQL If you have some automation > > tool > > > > that can only cope with adding MySQL rows then you'll still have > > to > > > > modify it to shell out to generate the crypted password, so you > > might > > > > as well modify it to shell out and run vadduser anyway. If you > > want > > > > domain admins to be able to add users this way because they cannot > > run > > > > vadduser you'll still have to write code that validates they can > > only > > > > modify their own domains, so you'd be far better off installing > > something > > > > like qmailadmin on your server. > > > > > > > > -- > > > > Paul Allen > > > > Softflare Support > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Hello Rainer, a perl-module for vpopmail. YES. Is it in CPAN? How is it called? Oliver > Also, there is also a PERL-module for vpopmail ! > > It exposes almost all commands via an API. > > And if that isn't enought, you can compile PHP with vpopmail-support. > > > > > cheers, > Rainer > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
It's in CPAN. Just do a search for vpopmail in CPAN and you will find it. -John - Original Message - From: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 7:36 AM Subject: Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database > Hello Rainer, > > a perl-module for vpopmail. YES. Is it in CPAN? > How is it called? > > Oliver > > > Also, there is also a PERL-module for vpopmail ! > > > > It exposes almost all commands via an API. > > > > And if that isn't enought, you can compile PHP with > vpopmail-support. > > > > > > > > > > cheers, > > Rainer > > > > > > > > >
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM \(R\): > a perl-module for vpopmail. YES. Is it in CPAN? > How is it called? It's not that hard, is it? http://www.google.com/search?q=perl+vpopmail Second hit.
Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Ok Thank you all very much. Now I go on scripting. Oliver > It's in CPAN. Just do a search for vpopmail in CPAN and you will find it. > > -John > > - Original Message - > From: "Oliver Etzel - GoodnGo.COM (R)" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, October 27, 2003 7:36 AM > Subject: Re: [vchkpw] Re: Inserting new users via mysql-insert into the > vpopmail database > > > > Hello Rainer, > > > > a perl-module for vpopmail. YES. Is it in CPAN? > > How is it called? > > > > Oliver > > > > > Also, there is also a PERL-module for vpopmail ! > > > > > > It exposes almost all commands via an API. > > > > > > And if that isn't enought, you can compile PHP with > > vpopmail-support. > > > > > > > > > > > > > > > cheers, > > > Rainer > > > > > > > > > > > > > > > > > >
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Nick Harring writes: > This isn't actually true. Mysql provides an encrypt() function, which > takes two strings, the password and the salt. You learn something every day. I'd not enountered that function before. > On linux, and I would guess *BSD as well, when you supply $1$ as the > start of the salt then an md5 crypt, same as in /etc/shadow, is > performed. The problem then is providing good salt. Since MySQL's rand() appears to call the system rand(), this is not good salt. Quite probably good enough for many purposes, but not good enough if you want serious security (and you wouldn't be using the MD5 crypt unless you did). OTOH, I bet vpopmail also uses rand(). Ummm, some quick digging later and the situation is worse than I thought. Not only does vpopmail use rand(), it initializes srand with a variant of time(NULL) ^ getpid(). time(NULL) ^ getpid() has long been known to not be a good way of seeding the random number generator. I think the variant vpopmail uses is actually likely to make it quite a bit worse. If nothing else, I'd suggest replacing the rand() % time(NULL) ^ getpid() with time(NULL) ^ (getpid() + (getpid() << 15)) as recommended by Larry Wall. At best, I would attempt to determine if /dev/urandom exists (either at configuration time or at run time) and use that if possible, reverting to the Wall function if /dev/urandom is not available. > Wrong, and sometimes also wrong. There may be very legitimate reasons, > technical or political, for not allowing scripts to execute shell > commands on a mail system. There may be technical or political reasons, but he did not say that there were. And, in fact, it turns out that there were not. > There may be integration reasons why only DB queries can be performed, > instead of invoking a cgi or doing an ssh and executing a script. There may be, but in this case there were not. -- Paul Allen Softflare Support
[vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database
Oliver Etzel - GoodnGo.COM \(R\) writes: > Oh my god, that is what I was looking for! There is a lesson to be learned. Next time, tell us where your immediate problem stands in the overall scheme of things. Something like "I'm trying to add a user from perl by inserting them into the MySQL database but cannot figure out how to crypt the password" would have allowed us to skip straight to the real problem. -- Paul Allen Softflare Support
Re: [vchkpw] suggestions on script
On Monday 27 October 2003 16:32, Remo Mattei wrote: > Hello guys is there a way that I can add users with script in a for > syntax. Example > > USERS=`cat users` > LASTNAMES=`cat last` > > for myusers in $USERS $LASTNAMES > do > vaddusers $myusers > done > thanks, man awk www.google.com ./vadduser -h read this and come back. > > Remo Mattei > Network Security Engineer ^ cool title though. -- Mit internetten Grüßen / Best Regards --- Justin Heesemannionium Technologies [EMAIL PROTECTED]www.ionium.org
[vchkpw] Interesting Problem
Title: Interesting Problem Ok, this is a weird problem. Sometimes I can not authenticate, horde/sqwebmail kicks me back to the login prompt sometimes, not work at all…etc. I have three domains setup and it seems that if there is an email address with 6 characters or less in the e-mail address before the @, it will cause issues or wont work at all. If there are 7 characters or more, everything seems to work fine. I have tested it by creating new accounts on all three domains, and the ones with 6 characters or less I couldn’t login to horde, but if its more than 6 characters, seems to be no issues. It’s not just in IMP or sqwebmail; it’s also in any e-mail client. The logs don’t say anything informative. Anyone understand this at all?? Thank you. Ryan.
Re: [vchkpw] Interesting Problem
Ryan Burton: > at all.etc.I have three domains setup and it seems that if there > is an email address with 6 characters or less in the e-mail address > before the @, it will cause issues or wont work at all. If there are > 7 characters or more, everything seems to work fine. That sounds very similar to http://marc.theaimsgroup.com/?l=vchkpw&m=106721117107731&w=2 If in fact it is, you could maybe try searching the archives next time. It helps.
RE: [vchkpw] Interesting Problem
Thanks. I did/do search the archives, but couldn't find any/that info. That helped, I thought I had the newest version of vpopmail, but looks like I didn't. That will teach me to check inter7's website for the source...yeesh. OK, I am in the process of upgrading and recompiling everything, but I get this error in the maillog and no one can receive e-mail. I have it before whenI tried to re-install vpopmail. Oct 27 15:03:17 blasted qmail: 1067284997.969826 delivery 102: deferral: could_not_connect_to_mysql_update_server_Access_denied_for_user:_'[EMAIL PROTECTED] ocalhost'_(Using_password:_YES)_with_database/could_not_connect_to_mysql _update_server_Access_denied_for_user:_'[EMAIL PROTECTED]'_(Using_password: _YES)/ Nothing has changed with mysql, it works fine. I get this just after I upgrade vpopmail. Any ideas? Thanks. Ryan. -Original Message- From: J. Kendzorra [mailto:[EMAIL PROTECTED] Sent: Monday, October 27, 2003 2:49 PM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Interesting Problem Ryan Burton: > at all.etc.I have three domains setup and it seems that if there > is an email address with 6 characters or less in the e-mail address > before the @, it will cause issues or wont work at all. If there are > 7 characters or more, everything seems to work fine. That sounds very similar to http://marc.theaimsgroup.com/?l=vchkpw&m=106721117107731&w=2 If in fact it is, you could maybe try searching the archives next time. It helps.
Re: [vchkpw] Interesting Problem
maybe take out 127.0.0.1 and put in your external ip in the vmysql.h. perhaps you dont have the localhost in hosts for root in your mysql user table - Original Message - From: "Ryan Burton" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, October 28, 2003 9:07 AM Subject: RE: [vchkpw] Interesting Problem > Thanks. I did/do search the archives, but couldn't find any/that info. > That helped, I thought I had the newest version of vpopmail, but looks > like I didn't. That will teach me to check inter7's website for the > source...yeesh. > > OK, I am in the process of upgrading and recompiling everything, but I > get this error in the maillog and no one can receive e-mail. I have it > before whenI tried to re-install vpopmail. > > Oct 27 15:03:17 blasted qmail: 1067284997.969826 delivery 102: deferral: > could_not_connect_to_mysql_update_server_Access_denied_for_user:_'[EMAIL PROTECTED] > ocalhost'_(Using_password:_YES)_with_database/could_not_connect_to_mysql > _update_server_Access_denied_for_user:_'[EMAIL PROTECTED]'_(Using_password: > _YES)/ > > Nothing has changed with mysql, it works fine. I get this just after I > upgrade vpopmail. Any ideas? Thanks. > > Ryan. > > -Original Message- > From: J. Kendzorra [mailto:[EMAIL PROTECTED] > Sent: Monday, October 27, 2003 2:49 PM > To: [EMAIL PROTECTED] > Subject: Re: [vchkpw] Interesting Problem > > Ryan Burton: > > at all.etc.I have three domains setup and it seems that if there > > is an email address with 6 characters or less in the e-mail address > > before the @, it will cause issues or wont work at all. If there are > > 7 characters or more, everything seems to work fine. > > That sounds very similar to > http://marc.theaimsgroup.com/?l=vchkpw&m=106721117107731&w=2 > If in fact it is, you could maybe try searching the archives next time. > It helps. > > > > > >
Re: [vchkpw] Interesting Problem
> OK, I am in the process of upgrading and recompiling everything, but I > get this error in the maillog and no one can receive e-mail. I have it > before whenI tried to re-install vpopmail. > > Oct 27 15:03:17 blasted qmail: 1067284997.969826 delivery 102: deferral: > could_not_connect_to_mysql_update_server_Access_denied_for_user:_'[EMAIL PROTECTED] > ocalhost'_(Using_password:_YES)_with_database/could_not_connect_to_mysql > _update_server_Access_denied_for_user:_'[EMAIL PROTECTED]'_(Using_password: > _YES)/ > > Nothing has changed with mysql, it works fine. I get this just after I > upgrade vpopmail. Any ideas? Thanks. What version of vpopmail do you have now? Note that prior to vpopmail-5.3.25, the mysql config was stored in the vmysql.h file In versions 5.3.25 and later, you have to setup a ~vpopmail/etc/vpopmail.mysql file instead Michael.
RE: [vchkpw] Interesting Problem
Ya, I figured that out promptly after I sent the e-mail. I was having so many problems, so I just re-installed everything! My goal was to fix vpopmail because I was running an old version and I was having problems with email addresses less than 8 characters long. After all this, things seem ok and I installed the newest version of the vpopmail-devel package. Is this recommended and/or ok? Thanks all for the help. I'm sure you will be hearing from me again. Cheers, Ryan. -Original Message- From: Michael Bowe [mailto:[EMAIL PROTECTED] Sent: Monday, October 27, 2003 6:28 PM To: [EMAIL PROTECTED] Subject: Re: [vchkpw] Interesting Problem > OK, I am in the process of upgrading and recompiling everything, but I > get this error in the maillog and no one can receive e-mail. I have it > before whenI tried to re-install vpopmail. > > Oct 27 15:03:17 blasted qmail: 1067284997.969826 delivery 102: deferral: > could_not_connect_to_mysql_update_server_Access_denied_for_user:_'[EMAIL PROTECTED] > ocalhost'_(Using_password:_YES)_with_database/could_not_connect_to_mysql > _update_server_Access_denied_for_user:_'[EMAIL PROTECTED]'_(Using_password: > _YES)/ > > Nothing has changed with mysql, it works fine. I get this just after I > upgrade vpopmail. Any ideas? Thanks. What version of vpopmail do you have now? Note that prior to vpopmail-5.3.25, the mysql config was stored in the vmysql.h file In versions 5.3.25 and later, you have to setup a ~vpopmail/etc/vpopmail.mysql file instead Michael.
[vchkpw] Log errors
Title: Log errors Hey all, I was wondering if someone could help me out with this error in my log files. Thanks! Oct 27 19:51:47 blasted qmail: 1067302307.787823 starting delivery 16: msg 5496023 to local [EMAIL PROTECTED] Oct 27 19:51:47 blasted qmail: 1067302307.787871 status: local 1/10 remote 0/20 Oct 27 19:51:47 blasted qmail: 1067302307.789805 delivery 16: deferral: Temporary_error_on_maildir_delivery._(#4.3.0)/ Oct 27 19:51:47 blasted qmail: 1067302307.789856 status: local 0/10 remote 0/20 Oct 27 19:51:52 blasted qmail: 1067302312.787822 starting delivery 17: msg 5496019 to local [EMAIL PROTECTED] Oct 27 19:51:52 blasted qmail: 1067302312.787875 status: local 1/10 remote 0/20 Oct 27 19:51:52 blasted qmail: 1067302312.789810 delivery 17: deferral: Temporary_error_on_maildir_delivery._(#4.3.0)/ Oct 27 19:51:52 blasted qmail: 1067302312.789861 status: local 0/10 remote 0/20 ryan.
[vchkpw] IMP / Vpopmail
Title: IMP / Vpopmail Hey all. I know this may not be the right list to try, but I have posted to sork, IMP and horde mailling lists, but no one gave anything helpful. I am wondering if anyone out there has gotten the passwd module for Horde working properly with vpopmail/mysql? I tried their newest version, 2.2, but it doesn’t work properly. This would be very beneficial, but a pain in the ass to get working. Thanks! Ryan.
Re: [vchkpw] IMP / Vpopmail
Ryan, I have it working with IMP 3.2.1 I had to get an updated version of vpopmail from cvs. Mark See below. 3c3 < * $Horde: passwd/lib/Driver/vpopmail.php,v 1.4.2.3 2003/02/12 22:35:36 ericr Exp $ --- > * $Horde: passwd/lib/Driver/vpopmail.php,v 1.4.2.2 2003/01/29 Ryan Burton wrote: Hey all. I know this may not be the right list to try, but I have posted to sork, IMP and horde mailling lists, but no one gave anything helpful. I am wondering if anyone out there has gotten the passwd module for Horde working properly with vpopmail/mysql? I tried their newest version, 2.2, but it doesn’t work properly. This would be very beneficial, but a pain in the ass to get working. Thanks! Ryan.
Re: [vchkpw] Re: password encryption
ITS MD5 by default regds Jacob - Original Message - From: "Peter Palmreuther" <[EMAIL PROTECTED]> To: "[EMAIL PROTECTED] in vpop" <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 6:54 PM Subject: [vchkpw] Re: password encryption Hello List, On Saturday, October 25, 2003 at 6:52:54 PM [EMAIL PROTECTED] wrote (at least in part): > what style of encryption does vpopmail implement on the passwords that it stores > in the sql db? The same it uses for .cdb files. Read the archive [1]. http://bluedot.net/mail/archive/list.php?f=2 -- Best regards Peter Palmreuther Water detect in coprocessor. (R)etry/(A)bort/(F)lush? þþþ
[vchkpw] Enable learn passwords
I have been working on a test system and I set enable learn password to yes but qmailadmin and vadduser will not let me Add an account with out a password. Also will vpopmail learn The password on an imap connection using courier imap? -John
