> >Hello List, > >On Tuesday, July 5, 2005 at 8:50:01 AM patrick wrote: > >>>> I'm using qmail and vpopmail and just patched up with smtp-auth, >>>Which SMTP-AUTH-patch? >> I'm using Version 0.31 > >From which source exactly? What's the complete download URL you used >to get this patch? > http://members.elysium.pl/brush/qmail-smtpd-auth/dist/qmail-smtpd-auth-0.31.tar.gz
>> exec /usr/local/bin/softlimit -m 4000000 \ >> /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c >"$MAXSMTPD" \ >> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd \ >> koneg.de /home/vpopmail/bin/vchkpw /bin/true 2>&1 > >Look fine. > >>>Might you have still compiled "roaming users" relay control into your >>>vpopmail? > >> How can I check that? > >You should know which parameters your used to compile vpopmail. You >should have seen a summary of used parameters when you >'./configure'-ed vpopmail. > Well, I did not compile vpopmail by myself. It was pre-installed on my root-server (Suse Linux 9.2). Any way to find out and maybe change now? >>> Might your Outlook Express have POP3-authenticated while you >>>were testing SMTP-AUTH and your IP therefore still be allowed to >>>relay? > >> I don't think so... I restartet Outlook Express with wrong >> Password-Settings for POP3, an tried to send mail without getting >> the pop-box before... it still works without auth. > >What's the output of > >strings /etc/tcp.smtp.cdb > nothing >??? Is your clients IP enumerated there? > no.. and I don't know why it should be... My client doesn't have a fixed external IP either. Besides that I know that other hosts can send over my server 'cause I can see spammails in my queue from time to time, last week I had about 33000 of them in my queue... That was exactly the point of time when I started to check that smtp-authentification... >> I read in several manuals that they use cmd5checkpw or the >> checkpassword-tool with smtp-auth. But as far as I understood vchkpw >> should do the job... > >Correct. *You* use 'vchkpw' as password checking tool, because you >want to check against vpopmail handled user pool. Forget about the >other tools, unless you want to authenticate against a different data >base than vpopmails. Right, but isn't there also a way to use one of these tools, because I also got a vpopmail-user in my System? But actually I would be more happy to use just vchkpw... Regards Patrick Gehm >-- >Best regards >Peter Palmreuther > >Blessed are they that run around in circles, for they shall be known >as wheels. >
