Hi,
I'm not sure if this patch applies correctly against the Toaster, but I
have been using this patch (was originally against qmail-1.03 and now
applies against netqmail-1.05) for years.
control/smtproutes has the following format using this patch :-
{domain}:{relay host}:{relay port}:{relay user}:{relay password}
Regards Drew
diff -uPr netqmail-1.05.orig/Makefile netqmail-1.05/Makefile
--- netqmail-1.05.orig/Makefile Fri Jul 30 15:19:27 2004
+++ netqmail-1.05/Makefile Fri Jul 30 15:22:20 2004
@@ -1445,13 +1445,13 @@
load qmail-remote.o control.o constmap.o timeoutread.o timeoutwrite.o \
timeoutconn.o tcpto.o now.o dns.o ip.o ipalloc.o ipme.o quote.o \
ndelay.a case.a sig.a open.a lock.a seek.a getln.a stralloc.a alloc.a \
-substdio.a error.a str.a fs.a auto_qmail.o dns.lib socket.lib
+substdio.a error.a str.a fs.a auto_qmail.o base64.o dns.lib socket.lib
./load qmail-remote control.o constmap.o timeoutread.o \
timeoutwrite.o timeoutconn.o tcpto.o now.o dns.o ip.o \
tls.o ssl_timeoutio.o -L/usr/local/ssl/lib -lssl -lcrypto \
ipalloc.o ipme.o quote.o ndelay.a case.a sig.a open.a \
lock.a seek.a getln.a stralloc.a alloc.a substdio.a error.a \
- str.a fs.a auto_qmail.o `cat dns.lib` `cat socket.lib`
+ str.a fs.a auto_qmail.o base64.o `cat dns.lib` `cat socket.lib`
qmail-remote.0: \
qmail-remote.8
diff -uPr netqmail-1.05.orig/conf-cc netqmail-1.05/conf-cc
--- netqmail-1.05.orig/conf-cc Fri Jul 30 15:19:27 2004
+++ netqmail-1.05/conf-cc Fri Jul 30 15:21:53 2004
@@ -1,3 +1,3 @@
-cc -O2 -DTLS=20040419 -I/usr/local/ssl/include
+cc -O2 -DAUTH=20040730 -DTLS=20040705 -I/usr/local/ssl/include
This will be used to compile .c files.
diff -uPr netqmail-1.05.orig/qmail-remote.c netqmail-1.05/qmail-remote.c
--- netqmail-1.05.orig/qmail-remote.c Fri Jul 30 15:19:27 2004
+++ netqmail-1.05/qmail-remote.c Fri Jul 30 15:22:41 2004
@@ -44,6 +44,15 @@
stralloc host = {0};
stralloc sender = {0};
+#ifdef AUTH
+stralloc auth_smtp_user = {0};
+stralloc auth_smtp_pass = {0};
+stralloc auth_b64_user = {0};
+stralloc auth_b64_pass = {0};
+
+int auth_init();
+#endif
+
saa reciplist = {0};
struct ip_address partner;
@@ -503,6 +512,51 @@
return 1;
}
#endif
+#ifdef AUTH
+int auth_init()
+{
+ int i;
+ int authlogin = 0;
+ stralloc *sa = ehlokw.sa;
+ unsigned int len = ehlokw.len;
+
+ /* look for AUTH among EHLO keywords */
+ for ( ; len && case_diffs(sa->s, "AUTH"); ++sa, --len) ;
+ if (!len) return 0;
+
+ /* look for LOGIN among the AUTH parameters */
+ i = str_len(sa->s) + 1;
+ while (i < sa->len) {
+ if (case_diffs(sa->s + i, "LOGIN") == 0) authlogin = 1;
+ i += (str_len(sa->s + i) + 1);
+ }
+
+ /* if we have AUTH LOGIN and a username and password, do it */
+ if (authlogin && auth_smtp_user.len && auth_smtp_pass.len) {
+ if (b64encode(&auth_smtp_user,&auth_b64_user))
+ quit("ZConnected to "," but unable to Base64 encode username");
+ if (b64encode(&auth_smtp_pass,&auth_b64_pass))
+ quit("ZConnected to "," but unable to Base64 encode password");
+
+ substdio_puts(&smtpto, "AUTH LOGIN\r\n");
+ substdio_flush(&smtpto);
+ if (smtpcode() != 334)
+ quit("ZConnected to "," but authentication was rejected (AUTH LOGIN)");
+ substdio_put(&smtpto,auth_b64_user.s,auth_b64_user.len);
+ substdio_puts(&smtpto,"\r\n");
+ substdio_flush(&smtpto);
+ if (smtpcode() != 334)
+ quit("ZConnected to "," but authentication was rejected (username)");
+ substdio_put(&smtpto,auth_b64_pass.s,auth_b64_pass.len);
+ substdio_puts(&smtpto,"\r\n");
+ substdio_flush(&smtpto);
+ if (smtpcode() != 235)
+ quit("ZConnected to "," but authentication was rejected (password)");
+ return 1;
+ }
+ return 0;
+}
+#endif
stralloc recip = {0};
@@ -558,11 +612,23 @@
#ifdef EHLO
}
#endif
-
+#ifdef AUTH
+ if (auth_init()) {
+ substdio_puts(&smtpto,"MAIL FROM:<");
+ substdio_put(&smtpto,sender.s,sender.len);
+ substdio_puts(&smtpto,"> AUTH=<");
+ substdio_put(&smtpto,sender.s,sender.len);
+ substdio_puts(&smtpto,">\r\n");
+ substdio_flush(&smtpto);
+ } else {
+#endif
substdio_puts(&smtpto,"MAIL FROM:<");
substdio_put(&smtpto,sender.s,sender.len);
substdio_puts(&smtpto,">\r\n");
substdio_flush(&smtpto);
+#ifdef AUTH
+ }
+#endif
code = smtpcode();
if (code >= 500) quit("DConnected to "," but sender was rejected");
if (code >= 400) quit("ZConnected to "," but sender was rejected");
@@ -667,6 +733,11 @@
int flagallaliases;
int flagalias;
char *relayhost;
+ char *relayport;
+#ifdef AUTH
+ char *relayuser;
+ char *relaypass;
+#endif
sig_pipeignore();
if (argc < 4) perm_usage();
@@ -675,6 +746,10 @@
if (!stralloc_copys(&host,argv[1])) temp_nomem();
+#ifdef AUTH
+ if (!stralloc_copys(&auth_smtp_user,"")) temp_nomem();
+ if (!stralloc_copys(&auth_smtp_pass,"")) temp_nomem();
+#endif
relayhost = 0;
for (i = 0;i <= host.len;++i)
@@ -686,8 +761,25 @@
if (relayhost) {
i = str_chr(relayhost,':');
if (relayhost[i]) {
- scan_ulong(relayhost + i + 1,&port);
relayhost[i] = 0;
+ relayport = relayhost + i + 1;
+#ifdef AUTH
+ i = str_chr(relayport,':');
+ if (relayport[i]) {
+ relayport[i] = 0;
+ relayuser = relayport + i + 1;
+ i = str_chr(relayuser,':');
+ if (relayuser[i]) {
+ relayuser[i] = 0;
+ relaypass = relayuser + i + 1;
+ if (str_len(relayuser) && str_len(relaypass)) {
+ if (!stralloc_copys(&auth_smtp_user,relayuser)) temp_nomem();
+ if (!stralloc_copys(&auth_smtp_pass,relaypass)) temp_nomem();
+ }
+ }
+ }
+#endif
+ if (str_len(relayport)) scan_ulong(relayport,&port);
}
if (!stralloc_copys(&host,relayhost)) temp_nomem();
}
On Wed, 31 Aug 2005, Nicholas Moline wrote:
> Glen wrote:
>
> > Hi,
> >
> > I want to add the qmail-authentication-0.6.4 patch to the toaster.
> > because i want to relay mail to authenticated server. Just now its
> > with the qmail-smtpd-auth-0.5.7 patch
> > Is there any way we can include this toaster
> >
> > Thanks in advance
>
> I too would like this feature, The Machine I have setup here at the
> office I am running both qmail and postfix to do this but it's a kludged
> system, I have qmail processing all mail, and external mail I have qmail
> forwarding to postfix (running on another port) and then I have postfix
> forwarding to our ISP since they block port 25 to send out to
> destinations directly. It sure would be nice to be able to have qmail
> forward it straight without having to use postfix.
>
