Re: [vchkpw] Heureka! Finished POP3-Frequency-Patch (against brute forcing)

[knom]

Hi there !
Thanks for your suggestions.

Currently the patch works IP based. I write a file for each logged in IP to
a directory, where I mark the time of the first login.
Then I count the number of logins during the next xx minutes in that file,
too.
If the number exceeds, I show the message to the user, which is in my
opinion mandatory, because otherwise the user will be confused (but I think
of showing only the minutes and not the exact time ?!...)

Maybe it would be also better to do the whole thing username based, because
if some users use masquerading they have to "share" their total login
attempts.

Some technical things:
*) I patched qmail-pop3d.c, because I found no way to put a message to the
mailclient (-ERR ..) from vchkpw.c !
Is there any ?
*) I use sprintf-function for converting an integer to a char-array
(string). Is there any better way ?

Thanks for your help !
I will improve the patch and send it to you via mailing list !

knom.

[vchkpw] a copy for all mails/all users to an adrress

[PIETRARU Radu]

It's posible under vpopmail to make an "alias" for receive a copy of all
the mails of all the user to a specific adrress?

Radu

[vchkpw] CourierImap compile problem.

[Howard Miller]

Hi,

I have a working install of vpopmail (5.2.2). I am trying to compile 
CourierIMAP (2.2.1). On doing make, I eventually get this...

make[2]: Entering directory `/home/howard/mail/courier-imap-2.2.1/authlib'
gcc  -I/home/vpopmail/include -g -O2 -Wall -I.. -I./..   -o authvchkpw  
modauthvchkpw.o libauthmod.a libauth.a ../numlib/libnumlib.a ../md5/
libmd5.a ../sha1/libsha1.a -L/home/vpopmail/lib -lvpopmail -lm -lcrypt
/usr/bin/ld: cannot find -lvpopmail
collect2: ld returned 1 exit status
make[2]: *** [authvchkpw] Error 1
make[2]: Leaving directory `/home/howard/mail/courier-imap-2.2.1/authlib'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/home/howard/mail/courier-imap-2.2.1/authlib'
make: *** [all-recursive] Error 1


The vpopmail lib and include directories are there and have appropriate 
permissions (now), but no joy.

Can anybody help?

[vchkpw] Delivery

[Guilherme]

Hi,

I have installed Qmail+Vpopmail and when I send a test to the server, the
log file shows me:

Feb 12 11:33:53 dominio qmail: 1076592833.069254 delivery 1: success:
/var/vpopmail/domains/dominio.com.br,joao,dominio.com.br/

As you can see above, vpopmail is deliverying the message to the incorrect
please. I think the correct directory would be:

/var/vpopmail/domains/dominio.com.br/joao/Maildir/new (or cur)

- "joao" is my user

How can I configure vpopmail to delivery the messages to the correct path ?

Thanks in advance.

MENDES, Guilherme
InterServ Tecnologia

[vchkpw] Re: a copy for all mails/all users to an adrress

[Peter Palmreuther]

Hello PIETRARU,

On Thursday, February 12, 2004 at 12:06:24 PM you wrote (at least in
part):

> It's posible under vpopmail to make an "alias" for receive a copy of all
> the mails of all the user to a specific adrress?

Yes/No.

If you avoid usage of /ANY/ .qmail files in ~vpopmail/domains//
you can "misuse" .qmail-default there.

Else you'd have to follow:

,- [ http://cr.yp.to/qmail/faq/admin.html#copies ]
| How do I keep a copy of all incoming and outgoing mail messages?
| 
| Answer: Set QUEUE_EXTRA to "Tlog\0" and QUEUE_EXTRALEN to 5 in
| extra.h. Recompile qmail. Put ./msg-log into ~alias/.qmail-log.
| 
| You can also use QUEUE_EXTRA to, e.g., record the Message-ID of
| every message: run
| 
| | awk '/^$/ { exit } /^[mM][eE][sS][sS][aA][gG][eE]-/ { print }'
| 
| from ~alias/.qmail-log.
`-

And filter yourself.
-- 
Best regards
Peter Palmreuther

You don't have to be crazy, but it sure helps

Re: [vchkpw] CourierImap compile problem.

[Tom Collins]

On Feb 12, 2004, at 4:16 AM, Howard Miller wrote:
I have a working install of vpopmail (5.2.2). I am trying to compile
CourierIMAP (2.2.1). On doing make, I eventually get this...
Are you running `make` as root?  If not, you need to.

Is libvpopmail in /home/vpopmail/lib?

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter handheld Network Tester: http://sniffter.com/

Re: [vchkpw] "multimaildir" in .qmail

[Tom Collins]

On Feb 4, 2004, at 1:49 AM, Luca Morettoni wrote:
Tom Collins, il 03/02/2004 alle 07:48, mi scrisse...
I'm pretty sure that vdelivermail is assuming the second line is an
address and not a Maildir since it doesn't contains the string
"/Maildir/".  I'll look into updating vpopmail to do Maildir delivery
if the line starts with "." or "/".
this is a little patch for my 5.3.30 installation, it chech if is a
valid maildir name (start with a slash or a dot and end with a slash
too), I hope it could be applied to the 5.4.x revision (I try later)
Enjoy this patch:

--- vdelivermail.c.orig Mon Oct 20 20:59:57 2003
+++ vdelivermail.c  Wed Feb  4 09:44:43 2004
@@ -470,10 +470,11 @@
 return(0);
 }
-/* Contains /Maildir/ ? Then it must be a full or relative
- * path to a Maildir
+/* Contains a Maildir delivery? Then it must be a full or relative
+ * path to a Maildir (must start with a dot or a slash and end 
with a slash)
+ * Patched by Luca Morettoni
  */
-else if ( strstr(address, "/Maildir/") != NULL ) {
+else if ((*address == '.' || *address == '/') && 
*(address+strlen(address)-1) == '/') {

 /* if the user has a quota set */
 if ( strncmp(quota, "NOQUOTA", 2) != 0 ) {
Here's my version of the patch, currently in CVS.  The only thing I'm 
considering changing is the vexit(111) to return(0) to have it skip the 
mbox delivery instead of deferring the message.  (In a .qmail file, if 
the path doesn't end with "/", it's considered to be a mbox delivery 
which is something vdelivermail doesn't support.)

diff -u -r1.10 vdelivermail.c
--- vdelivermail.c  11 Jan 2004 03:53:40 -  1.10
+++ vdelivermail.c  12 Feb 2004 17:31:54 -
@@ -467,10 +467,13 @@
 return(0);
   }
-/* Contains /Maildir/ ? Then it must be a full or relative
- * path to a Maildir
- */
-else if ( strstr(address, "/Maildir/") != NULL ) {
+/* Starts with '.' or '/', then it's an mbox or maildir delivery */
+else if ((*address == '.') || (*address == '/')) {
+/* check for mbox delivery and exit accordingly */
+if (address[strlen(address)-1] != '/') {
+printf ("can't handle mbox delivery for %s", address);
+vexit(111);
+}
 /* if the user has a quota set */
 if ( strncmp(quota, "NOQUOTA", 2) != 0 ) {
--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter handheld Network Tester: http://sniffter.com/

[vchkpw] Relay mail only if user exists, and accept mail only if user exists

[CoyoteTM]

Hi!
 
I wan't a more secure way of relaying messages. Is 
it possible to do this:
 
roaming-users (if access pop3 sucessfully, than he 
can send messages from the ip he is for 180 mins)
 
If the sender is in the tcp.smtpd file (he can 
relay), than check that the from address is valid on the system. If it is not, 
than deny. If it is, than accept mail for relaying.
 
Is this idea too stupid, or not ?
 
This kind of solution exists ?
of course i am using qmail + vpopmail (currently 
installing 5.4)
 
The qmail-smtpd-chkusr patch checks if a user is 
exists on the vpopmail system, than delivers the mail locally. It will deliver 
the mail if the domain is using catch-all enabled ?
 
Is it possible to user this patch (with 
modifications) to do relay check ? 
 
Cheers
 
CoyoteTM

[vchkpw] Local vs VirtualDomain

[Mario Junior]

Hello people,

I have an usual setup like that :

| SMTP SERVER + Antivirus 'n Antispam |

--- | POP3 Server |
   
 VPOPmail 5.4


SMTP server is the domain MX primary and is running a Qmail SMTP-only server 
for antivirus protection and a .qmail-default like | forward 
"$LOCAL"@pop3hostname.domain.com.br

The question how do I setup vpopmail 5.4.0+mysql to recognize an e-mail sent 
to the local machine and deliver to a virtualdomain?
I.E., I want that vpopmail catch all the emails sent to 
[EMAIL PROTECTED] and delivers it to [EMAIL PROTECTED]

I have to say that I can't resolve domain.com.br to the POP3 Server because 
domain.com.br is already configured to a WEB Server. 

Should I create pop3hostname.domain.com.br  also like a "aliasadomain" in 
vpopmail? This sounds badly for me. Is there any other way? 

Thanks in Advance

-- 

   Mário Viana Barbosa
---
  Network Admin

Re: [vchkpw] Local vs VirtualDomain

[Jeremy Kitchen]

On Thu, 2004-02-12 at 11:08, Mario Junior wrote:
[snip]
> Should I create pop3hostname.domain.com.br  also like a "aliasadomain" in 
> vpopmail? This sounds badly for me. Is there any other way? 

yes, you would use vpopmail's vaddaliasdomain function to do this.

-Jeremy

-- 
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE

Re: [vchkpw] CourierImap compile problem.

[Howard Miller]

E now I'm confused.

I wasn't doing the make as root, 'cos the INSTALL do tells you in big 
letters not to!!

However, it does seem to make and install ok as root. Im off to try it 
out now. Be speaking soon probably :-)

H.

On 12 Feb 2004, at 17:43, Tom Collins wrote:

On Feb 12, 2004, at 4:16 AM, Howard Miller wrote:
I have a working install of vpopmail (5.2.2). I am trying to compile
CourierIMAP (2.2.1). On doing make, I eventually get this...
Are you running `make` as root?  If not, you need to.

Is libvpopmail in /home/vpopmail/lib?

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: 
http://vpopmail.sf.net/
Info on the Sniffter handheld Network Tester: http://sniffter.com/

[vchkpw] Re: "multimaildir" in .qmail

[Peter Palmreuther]

Hello Tom,

On Thursday, February 12, 2004 at 6:51:49 PM you wrote (at least in
part):

> Here's my version of the patch, currently in CVS.  The only thing I'm
> considering changing is the vexit(111) to return(0) to have it skip the
> mbox delivery instead of deferring the message.

Please, don't do this. This would potentially break the "reliability
factor". If a mail is silently dropped and a 'delivery successful' is
returned I'd be "not amused" (to be polite) in case I search for the
error.

A 'temporary error while delivery' would give a more concrete hint and
the message(s) wouldn't be lost. So the admin can correct the problem
and there's nothing lost but a little time.
-- 
Best regards
Peter Palmreuther

Veni, Vedi, Visa. - I came, I saw, I did a little shopping.

[vchkpw] Re: [ vpopmail-Patches-895348 ] Ordered Alias Names for cdb

[Rick Widmer]

SourceForge.net wrote:

Rick, please upload the patch again.  Remember, you need to click on 
the "Upload and Attach a File" checkbox, select the file to upload and 
provide a description.
It must have been the checkbox I missed...  I know I selected the file.


Please make sure that you aren't using scandir for the sorting, as it isn't 
available on all platforms.  You could copy bkscandir() from qmailadmin 
though...
I am loading the entries into an array (names) and calling qsort(), 
pretty much stolen directly out of qmailadmin/util.c.

The string handling that needs checked relates to the variable names, 
which is supposed to be a dynamic array of dynamic strings.  It is 
free()'d in valias_select_names_end().  (Remember I'm a c newbie.)

Rick

Fw: [vchkpw] Delivery

[Guilherme]

please, anyone?
I have been trying to install qmail for 3 days :(

- Original Message 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Subject: [vchkpw] Delivery
Date: 12/02/04 16:48

>
> Hi,
>
> I have installed Qmail+Vpopmail and when I send a test to the server, the
> log file shows me:
>
> Feb 12 11:33:53 dominio qmail: 1076592833.069254 delivery 1: success:
> /var/vpopmail/domains/dominio.com.br,joao,dominio.com.br/
>
> As you can see above, vpopmail is deliverying the message to the incorrect
> please. I think the correct directory would be:
>
> /var/vpopmail/domains/dominio.com.br/joao/Maildir/new (or cur)
>
> - "joao" is my user
>
> How can I configure vpopmail to delivery the messages to the correct path
?
>
> Thanks in advance.
>
> MENDES, Guilherme
> InterServ Tecnologia
>
>
>
>
>
>
>

Re: [vchkpw] Delivery

[Howard Miller]

The thing that concerns me here is that if the destination that it was 
delivering to *really* did not exist then you would get an error 
something along the lines of "cannot cd to directory...". You certainly 
wouldn't get success reported. So where *is* the message getting 
delivered, can you find it?

Taking a step back, what was your initial problem that led you to the 
logs?

H.

On 12 Feb 2004, at 19:52, Guilherme wrote:

please, anyone?
I have been trying to install qmail for 3 days :(
- Original Message 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Subject: [vchkpw] Delivery
Date: 12/02/04 16:48
Hi,

I have installed Qmail+Vpopmail and when I send a test to the server, 
the
log file shows me:

Feb 12 11:33:53 dominio qmail: 1076592833.069254 delivery 1: success:
/var/vpopmail/domains/dominio.com.br,joao,dominio.com.br/
As you can see above, vpopmail is deliverying the message to the 
incorrect
please. I think the correct directory would be:

/var/vpopmail/domains/dominio.com.br/joao/Maildir/new (or cur)

- "joao" is my user

How can I configure vpopmail to delivery the messages to the correct 
path
?
Thanks in advance.

MENDES, Guilherme
InterServ Tecnologia

RE: [vchkpw] Smtp Auth with VPopmail

[patrick . liechty]

Title: RE: [vchkpw] Smtp Auth with VPopmail





One question.  Does smtp auth force users to authenticate when using smtp or does it just provide the option to authenticate?  I am able to send email through smtp without authenticating.  If I try to authenticate through smtp, it will do that also.  It isn't forcing authentication.  Any ideas?

-Original Message-
From: Tom Collins [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 11, 2004 10:20 AM
To: [EMAIL PROTECTED]
Subject: Re: [vchkpw] Smtp Auth with VPopmail


On Feb 11, 2004, at 8:34 AM, [EMAIL PROTECTED] wrote:
> So if I wanted to set this up in inetd.conf, it would look something 
> like this?
>
> #smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env 
> /var/qmail/bin/qmail-smtpd /opt/vpopmail/bin/vchkpw


I'm not sure how you'd set it up in inetd.conf.  Most people set it up 
as a service with tcpserver (see Bill Shupp's excellent toaster guide 
at  for an example).


At the very least, you would need to include "/bin/true" as a final 
parameter to vchkpw.  I don't know if you'd need other changes.


--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter handheld Network Tester: http://sniffter.com/



Notice:  The information contained in this message may be privileged, confidential, and protected from disclosure.  If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited.  If you have received this communication in error, please notify us immediately by replying to this message, and then delete it from your computer.  All e-mail sent to this address will be received by the Aurum Technology corporate e-mail system and is subject to archiving and review by someone other than the recipient. 

RE: [vchkpw] Smtp Auth with VPopmail

[Jeremy Kitchen]

On Thu, 2004-02-12 at 16:45, [EMAIL PROTECTED] wrote:
> One question.  Does smtp auth force users to authenticate when using
> smtp or does it just provide the option to authenticate?  I am able to
> send email through smtp without authenticating.  If I try to
> authenticate through smtp, it will do that also.  It isn't forcing
> authentication.  Any ideas?

no, it provides an alternate means to allow the user to set the
RELAYCLIENT environment variable from a remote system.

-Jeremy
-- 
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE

[vchkpw] /var/mail/vpopmail

[Celso Pinto]

Hi all,
I have Vpopmail installed on my server and with this new mydoom worm i
noticed how quickly I was running out of disk space.

Doing some du . -s I found out that vpopmail has been feeding an mbox
file at /var/mail named vpopmail. 

My question is how do i get rid of that? What's it used for.

It's a really urgent matter so any suggestions/comments are more than
welcome.

Regards,
Celso Pinto

Re: [vchkpw] /var/mail/vpopmail

[Marcin Sołtysiak]

Hi
> I have Vpopmail installed on my server and with this new mydoom worm i
> noticed how quickly I was running out of disk space.
>
> Doing some du . -s I found out that vpopmail has been feeding an mbox
> file at /var/mail named vpopmail.
>

Perhaps you got several "sendmail" binaries and one of them is not a qmail
replacement. It looks like mail to ordinary MBOX has been delivered as a
local delivery which is done mostly by sendmail binary. If it was and old
ona, like from postfix or pure sendmail packages it could deliver to wrong
place.

Solt

Re: [vchkpw] /var/mail/vpopmail

[Celso Pinto]

No, not really... only /usr/sbin/sendmail and /usr/lib/sendmail both
symlinks to qmail binary replacement.

On Qui, 2004-02-12 at 23:18, Marcin Sołtysiak wrote:
> Hi
> > I have Vpopmail installed on my server and with this new mydoom worm i
> > noticed how quickly I was running out of disk space.
> >
> > Doing some du . -s I found out that vpopmail has been feeding an mbox
> > file at /var/mail named vpopmail.
> >
> 
> Perhaps you got several "sendmail" binaries and one of them is not a qmail
> replacement. It looks like mail to ordinary MBOX has been delivered as a
> local delivery which is done mostly by sendmail binary. If it was and old
> ona, like from postfix or pure sendmail packages it could deliver to wrong
> place.
> 
> Solt
> 
> 

RE: [vchkpw] /var/mail/vpopmail

[Matias G. Lambert \( OSInet \)]

It is possible that you have a default delivery to a mbox.
Take a look at any .qmail files in /var/qmail/alias, and .qmail-default
files in the domain directories ( /home/vpopmail/domain/directory.com/ ) .
If you have the email you can see if they are a bounced messages, or what is
the delivery route ( send us the header ).
I hope that I help,

Matias Lambert
OSInet Telecomunicaciones
Capital Federal - Buenos Aires
Argentina - CA1185ACA
http://www.osinet.com.ar



> -Mensaje original-
> De: Celso Pinto [mailto:[EMAIL PROTECTED]
> Enviado el: Jueves, 12 de Febrero de 2004 08:43 p.m.
> Para: [EMAIL PROTECTED]
> Asunto: Re: [vchkpw] /var/mail/vpopmail
>
>
> No, not really... only /usr/sbin/sendmail and /usr/lib/sendmail both
> symlinks to qmail binary replacement.
>
> On Qui, 2004-02-12 at 23:18, Marcin Sołtysiak wrote:
> > Hi
> > > I have Vpopmail installed on my server and with this new mydoom worm i
> > > noticed how quickly I was running out of disk space.
> > >
> > > Doing some du . -s I found out that vpopmail has been feeding an mbox
> > > file at /var/mail named vpopmail.
> > >
> >
> > Perhaps you got several "sendmail" binaries and one of them is
> not a qmail
> > replacement. It looks like mail to ordinary MBOX has been delivered as a
> > local delivery which is done mostly by sendmail binary. If it
> was and old
> > ona, like from postfix or pure sendmail packages it could
> deliver to wrong
> > place.
> >
> > Solt
> >
> >
>
>
>
BEGIN:VCARD
VERSION:2.1
N:Lambert;Matias;German
FN:Matias Lambert ( OSInet )
ORG:OSInet TeleComunicaciones
TEL;WORK;VOICE:+54 11 4861 5616
TEL;HOME;VOICE:+54 11 4861 5616
TEL;CELL;VOICE:+54 11 (15) 4429 9469
TEL;WORK;FAX:+54 11 4861 5616
TEL;HOME;FAX:+54 11 4861 5616
ADR;WORK:;;Panamá 933 12 E;Capital Federal;Buenos Aires;C1185ACA;Argentina
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Panam=E1 933 12 E=0D=0ACapital Federal, Buenos Aires C1185ACA=0D=0AArgentina
URL;WORK:http://www.osinet.com.ar
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20030313T150013Z
END:VCARD

[vchkpw] cram md5 mysql smtp auth

[Jeremy Kitchen]

it appears that cram-md5 smtp auth with vpopmail-mysql isn't working.  I
recall a patch from before that fixed smtp auth with vpopmail, was that
specific to cdb storage?

-Jeremy

-- 
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE