Re: user name length
Jeremy C. Reed wrote: On Thu, 16 May 2002, Glenn Hocking wrote: sendmail and qpopper. so that [EMAIL PROTECTED] is a total different user than [EMAIL PROTECTED] We have run courier imap/pop with mysql support and all beneath one unix account for all mailboxes. It works like a clock, and you can have logins like that with no problems. Only one drawback I have seen, and that is that you cannot use procmail filters or any other filters that I have seen to set up automatic filtering of spam/viruses depending on each users wishes, and also there is this maildirquota that not all delivery agents support. Regards Roger A . Roger Abrahamsson Sys/Net Admin, Obbit AB -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: user name length
Hi, On Thu, 16 May 2002, Glenn Hocking wrote: sendmail and qpopper. so that [EMAIL PROTECTED] is a total different user than [EMAIL PROTECTED] The easiest way to do that is to move to a setup where pop3 users != unix users. The conceptual way to do this is to have all mboxes/maildirs (latter preferred, of course) owned by the same unix user, and to use some form of table other than /etc/passwd to supply the POP3 server with the users' password and the path to the mbox/maildir, based on the full user@domain name. There's lots of documents on how to do that, look for things titled 'virtual pop3 server' or 'pop3 toaster' or similar. I've once had to set up something like that, and I used qmail's POP3 server because it allows an external script to sort out the authentication and 'authorization' (i.e. the uid and home directory to use) details. That script was a simple perl script that checked the POP3 password against the RADIUS server (the most up-to-date password database at the time that was accessible in a straightforward way -- you'd probably want to use LDAP or MySQL instead), and always used the same uid/gid (in fact, the POP3 server ran as that user). It translated an user name such as [EMAIL PROTECTED] to /var/spool/maildirs/tld/ain/dom/j/jsmith, for use by qmail's POP3 server as the user's virtual home directory, in which it would look for a Maildir containing this user's mail. Of course, you also need your feed your MTA or delivery agent with a table that maps (multiple) addresses to virtual user maildirs in such a setup, and I don't know whether that's easily doable with sendmail (qmail uses a hash table for that that it generates from a flat ASCII table). Hope this helps, Emile. -- E-Advies / Emile van Bergen | [EMAIL PROTECTED] tel. +31 (0)70 3906153| http://www.e-advies.info -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: user name length
Thanks However I have been running virtual email where user != email address for some time. I have a new client that is currently using a setup of full email address including '@' as the user name. I have modified my system to handle this with the 32 char limitation. Is there a way to overcome this without changing to another system. If not then I just tell the client that 32 is the limit, which is no big deal. I expect the system they currently use may also have this limitation Cheers Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com/ Emile van Bergen wrote: [EMAIL PROTECTED]"> Hi,On Thu, 16 May 2002, Glenn Hocking wrote: sendmail and qpopper.so that [EMAIL PROTECTED] is a total different user than[EMAIL PROTECTED] The easiest way to do that is to move to a setup where pop3 users !=unix users.The conceptual way to do this is to have all mboxes/maildirs (latterpreferred, of course) owned by the same unix user, and to use some formof table other than /etc/passwd to supply the POP3 server with theusers' password and the path to the mbox/maildir, based on thefull user@domain name.There's lots of documents on how to do that, look for things titled'virtual pop3 server' or 'pop3 toaster' or similar.I've once had to set up something like that, and I used qmail's POP3server because it allows an external script to sort out theauthentication and 'authorization' (i.e. the uid and home directory touse) details.That script was a simple perl script that checked the POP3 passwordagainst the RADIUS server (the most up-to-date password database at thetime that was accessible in a straightforward way - - you'd probably wantto use LDAP or MySQL instead), and always used the same uid/gid (infact, the POP3 server ran as that user).It translated an user name such as [EMAIL PROTECTED] to/var/spool/maildirs/tld/ain/dom/j/jsmith, for use by qmail's POP3 serveras the user's virtual home directory, in which it would look for aMaildir containing this user's mail.Of course, you also need your feed your MTA or delivery agent with atable that maps (multiple) addresses to virtual user maildirs in such asetup, and I don't know whether that's easily doable with sendmail(qmail uses a hash table for that that it generates from a flat ASCIItable).Hope this helps,Emile.--E-Advies / Emile van Bergen | [EMAIL PROTECTED]tel. +31 (0)70 3906153 | http://www.e-advies.info
Re: user name length
It's actually very easy to do virtual users with standard unix users, I use sendmail with feature 'stickyhost' and just use a virtusertable as follows [EMAIL PROTECTED] publish01 [EMAIL PROTECTED] publish01 [EMAIL PROTECTED] client01 [EMAIL PROTECTED] client02 And just have a password setting program that accepts the email address, looks up the virtusertable and changes the password for the associated unix user. Infact with this sort of setup you can do unlimited aliases, forwarding and with a couple of more lines of code using the aliases database you can even do multidrop forwarding etc. Hardest thing to do though is educate your customers to use their assigned PO Box which is an assigned account number such as for Pepsi I would use pepsi001 pepsi002 pepsi999 Then a simple web based virtusertable editing program... Cheers Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com/ Emile van Bergen wrote: [EMAIL PROTECTED]"> On Fri, 17 May 2002, Glenn Hocking wrote: ThanksHowever I have been running virtual email where user != email addressfor some time. That's different; I mean POP3 user != unix user != email address.That is, you use *two* mappings tables, to also separate POP3 users fromUnix users (most schemes like that use the same Unix user for all POP3users), thus allowing you to use POP3 username conventions (and usercounts) not easily supported by unix's /etc/passwd.Look at eg. vpopmail.Cheers,Emile.--E-Advies / Emile van Bergen | [EMAIL PROTECTED]tel. +31 (0)70 3906153| http://www.e-advies.info
Re: user name length
Hi Jeremy Sorry but I'm using standard sendmail and qpopper. The stickhost and virtusertable 'features' have been around for a while. I've been using this setup since 1996 with great success. Cheers Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com/ Jeremy C. Reed wrote: [EMAIL PROTECTED]"> On Thu, 16 May 2002, Glenn Hocking wrote: sendmail and qpopper.so that [EMAIL PROTECTED] is a total different user than [EMAIL PROTECTED] You must have some special customized sendmail and qpopper, because theydo not support that in first place (unless maybe the email address isstrange user@domain@domain). I have a new client that wants to use their original email setups that use the full email address for pop3. Not sure what system the used to use (NT) but their usernames are as above. It all works except for max of 32 characters. vm-pop3d is what I use and code. It can use longer usernames. Jeremy C. Reedecho '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL@8L?:5GDEJ8LDG1' |\sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'
Re: user name length
On Fri, 17 May 2002, Glenn Hocking wrote: Sorry but I'm using standard sendmail and qpopper. The stickhost and virtusertable 'features' have been around for a while. I've been using this setup since 1996 with great success. We misunderstand each other. I thought it was desired to have the UNIX (and POP3) username be username@domain. Can you explain your working setup? I have also used sendmail's virtusertable workaround for many years. I am not sure how you could use full user@domain as the virtusertable alias (right hand side) and sendmail would know that it was really a local getpwent username (and not relay to @domain). I have only read about stickyhost -- does it solve that problem? I am also confused how it can reliably work with qpopper since several POP3 clients automatically get rid of the at-sign and domain. (I don't think standard qpopper can be configured to use an alternative character and then replace it with an at-sign before doing a getpwnam(3).) As for user name length, I did several tests the past few years with Debian Linux (and some BSDs) with long user names. I have had usernames with over hundred characters (with Debian Linux) that I was successfully able to use for email (exim MTA and vm-pop3d,gnu-pop3d and others), logins (login, ssh), ftp and more. (Some of my notes about this are probably available in this list's archives; I need to find and publish on a webpage.) Jeremy C. Reed echo '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL@8L?:5GDEJ8LDG1' |\ sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: user name length
On Thu, 16 May 2002, Jeremy C. Reed wrote: I have also used sendmail's virtusertable workaround for many years. I am not sure how you could use full user@domain as the virtusertable alias (right hand side) and sendmail would know that it was really a local getpwent username (and not relay to @domain). I have only read about stickyhost -- does it solve that problem? I do have one other hack that will work: Have virtusertable point to a fake username that is listed in /etc/mail/aliases; and that fake username uses a pipe to run mail.local or procmail to do the real delivery to the user@domain. (vm-pop3d with Exim is so much easier.) Jeremy C. Reed echo '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL@8L?:5GDEJ8LDG1' |\ sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: user name length
Hi again To make the RHS address with an '@' a local unix user all you need to do is escape the '@' i.e. The virtusertable is setup as follows [EMAIL PROTECTED] publish01 [EMAIL PROTECTED]publish01 [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] glenn\@local-unix-user.com The first two will go to local mail box (local unix user) publish01 The third will forward via smtp to the email address [EMAIL PROTECTED] And the forth will go to local mail box (local unix user) [EMAIL PROTECTED] I have this working in a live several live commercial ISP environments. Best regards Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com Jeremy C. Reed wrote: [EMAIL PROTECTED]"> On Fri, 17 May 2002, Glenn Hocking wrote: Sorry but I'm using standard sendmail and qpopper. The stickhost and virtusertable 'features' have been around for a while. I've been using this setup since 1996 with great success. We misunderstand each other. I thought it was desired to have the UNIX(and POP3) username be username@domain. Can you explain your working setup?I have also used sendmail's virtusertable workaround for many years. I amnot sure how you could use full user@domain as the virtusertable alias(right hand side) and sendmail would know that it was really a localgetpwent username (and not relay to @domain). I have only read aboutstickyhost -- does it solve that problem?I am also confused how it can reliably work with qpopper since severalPOP3 clients automatically get rid of the at-sign and domain. (I don'tthink standard qpopper can be configured to use an alternative characterand then replace it with an at-sign before doing a getpwnam(3).)As for user name length, I did several tests the past few years withDebian Linux (and some BSDs) with long user names. I have had usernameswith over hun dred characters (with Debian Linux) that I was successfullyable to use for email (exim MTA and vm-pop3d,gnu-pop3d and others), logins(login, ssh), ftp and more. (Some of my notes about this are probablyavailable in this list's archives; I need to find and publish on awebpage.) Jeremy C. Reedecho '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL@8L?:5GDEJ8LDG1' |\sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'
Re: user name length
* [EMAIL PROTECTED] (Glenn Hocking) [2002.05.16 22:39]: It turns out the problem is user names that are over 32 characters. This is why useradd worked sometimes. The escape '\@' was a red herring. I will still use '\@' as it seems more correct but this does not fix my problem. Can anybody tell me if the max user name is actually my problem, if it can be increased and how. The solution is to stop using passwd/shadow authentication. I'd suggest moving to some kind of database (MySQL, LDAP, etc). Why do you need the domain name anyway? What service is this authenticating for? -- Cameron Moore / I was once walking through the forest alone. A tree \ \ fell right in front of me -- and I didn't hear it. / -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: user name length
sendmail and qpopper. so that [EMAIL PROTECTED] is a total different user than [EMAIL PROTECTED] I have a new client that wants to use their original email setups that use the full email address for pop3. Not sure what system the used to use (NT) but their usernames are as above. It all works except for max of 32 characters. Cheers Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com/ Cameron Moore wrote: [EMAIL PROTECTED]"> * [EMAIL PROTECTED] (Glenn Hocking) [2002.05.16 22:39]: It turns out the problem is user names that are over 32 characters. This is why useradd worked sometimes. The escape '\@' was a red herring. I will still use '\@' as it seems more correct but this does not fix my problem.Can anybody tell me if the max user name is actually my problem, if it can be increased and how. The solution is to stop using passwd/shadow authentication. I'd suggestmoving to some kind of database (MySQL, LDAP, etc). Why do you need thedomain name anyway? What service is this authenticating for?
