[ Added qmail-ldap list ]
> From: "Chris Garrigues" <[EMAIL PROTECTED]>
> Date: Tue, 31 Oct 2000 10:46:03 -0600
>
> > From: Juan Calderon <[EMAIL PROTECTED]>
> > Date: Mon, 30 Oct 2000 19:29:10 -0500
> >
> > hi guys. just a question.
> >
> > i've applied qmail-ldap-1.03-20000701.patch and it's working fine. i
> > also have pop3 and imap working (courier-imap 1.2.1). Now i need to use
> > SMTP AUTH so i can deal with roaming users.
> > i've applied qmail-smtpd-auth-0.26, but i can't get it work. docs say
> > that i need checkpassword and cmd5checkpw, but they don't user ldap.
> > how can i make it work? does anybody has something like this?
> >
> > thanks in advance
>
> Funny, I asked almost exactly the same question on the 26th...
>
> I installed it last night and my netscape users complained this morning, so I
> backed it out until I could test it properly.
>
> Keep me apprised about anything you find and I'll do the same for you.
Well, I've figured out at least part of my problem although I don't know what
to do about it.
>From QLDAPNEWS:
Created a new auth tool for pop3 and imap. The old checkpassword is not
needed anymore. The new programs are auth_pop and auth_imap.
To have the possibility to compare cleartextpasswords (password how are
stored clear text in ldap) define CLEARTEXTPASSWORD. Because this setting
is a security disaster it is normally off. All other modes (hashed MD4, MD5,
SHA and the standard DES crypt) are not affected.
I checked the date on my checkpassword executable and lo and behold, it dates
from April 21, well before I started working with LDAP.
So...what do I use instead of checkpassword?
I tried both auth_pop and auth_imap and in both cases, I get an out of memory
error written into the log (I have smtpd logging patches applied as well.)
Chris
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature