On Tuesday 14 June 2005 00:57, Gustin Johnson wrote:
> The config file I am interested in is the qmail config. Courier is
> working so we need to concentrate on the SMTP side of the equation,
> which is handled by the MTA.
>
> It looks from the logs that tls and PLAIN auth are supported (in
> addition to m5 hash authentication). I have another question. How are
> your user accounts back-ended? I use LDAP to backend all authentication
> (both Exim for SMTP and cyrus for mailbox access) for email. Do users
> have accounts in /etc/passwd, LDAP , SQL etc. This mechanism might be
> broken or unspecified.
>
> Do you have an old copy of your qmail configs?
>
> I would disable TLS first, to make sure that we are not dealing with two
> separate issues (authentication and encryption), then troubleshooting
> from there.
>
> Really, I have nothing but lots of questions at this point.
Understood about the questions... I knew I didn't really explain the issue
well....
The qmail config file you'd be interested in then would be the conf-smtp file,
which is where smtp auth is set up:
#-----------------------------------------------
# Stuff to run before tcpserver
#QMAIL_TCPSERVER_PRE=""
# Stuff to run qmail-smtpd
#QMAIL_SMTP_PRE=""
# Stuff to after qmail-smtpd
#QMAIL_SMTP_POST=""
# this turns off the IDENT grab attempt on connecting
TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"
QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r relays.ordb.org"
#If extended logging is needed, uncomment the following line.
#NOTE: This should be turned off/commented when not needed
QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} /usr/bin/recordio"
# If you are interested in providing POP or IMAP before SMTP type relaying,
# emerge relay-ctrl, then uncomment the next 2 lines
#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl
relay-ctrl-chdir"
#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"
# In /etc/courier-imap/authdaemonrc add the next line to the end:
#authmodulelist="${authmodulelist} relay-ctrl-allow"
# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}
# Add this at the end
#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"
# This next block is for SMTP-AUTH
# This provides the LOGIN, PLAIN and CRAM-MD5 types
# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5
# and reads it's data from /etc/poppasswd
# see the manpage for cmd5checkpw for details on the passwords
# uncomment the next four lines to enable SMTP-AUTH
#QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
#[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
#QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"
#QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} \
# ${QMAIL_SMTP_POST}"
QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)
[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true
QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"
QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} \
${QMAIL_SMTP_POST}"
#-----------------------------------------------
The pertinent lines are the last four (last line wraps). As you can see, I'm
using the vchkpw file for authentication. I've checked the permissions on
there and the vpopmail config file:
srv vpopmail # ls -l /etc/vpopmail.conf
-rw-r----- 1 root vpopmail 635 Apr 20 18:18 /etc/vpopmail.conf
srv vpopmail # ls -l /var/vpopmail/bin/vchkpw
-rws--x--x 1 root vpopmail 77736 Apr 16 11:04 /var/vpopmail/bin/vchkpw
srv vpopmail #
This seems to be correct. Oh, my users are stored in a mysql database.
Here's the vpopmail.conf file which dictates access to it:
#-----------------------------------------------
# MYSQL CONNECTION SETTINGS FOR VPOPMAIL
#
# Line 1 defines the connection to use for database reads,
# Line 2 defines the connection to use for database updates/writes.
#
# If you omit line 2, then the same settings will be
# used for both read and write.
#
# settings for each line:
# host|port|user|password|database
#
#
# Note:
# The value of host may be either a hostname or an IP address.
# If host is 'localhost', then sockets (Unix) or named pipes (Windows)
# will be used instead of TCP/IP to connect to the server.
# Read-only DB
localhost|0|vpopmail|mypassword|vpopmail
# Write DB
localhost|0|vpopmail|mypassword|vpopmail
#-----------------------------------------------
I'm not an expert with the vpopmail config file, but the above is in
accordance with the guide I was using (and that worked before). I ensured
this file wasn't changed when I did my upgrade - the password setting was the
only thing that changed in the upgraded files (they changed back to the
defaults), so I kept my original file.
MySQL is up and running, and the database did not change at all. The
username/password/database name are the same. If needed though I can confirm
the permissions and such with MySQL.
Thanks for the support and any tips....
Shawn
_______________________________________________
clug-talk mailing list
[email protected]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
