Just a little query...
I'm currently using a slightly modified version of the Jedi/Sector One, Paul
Gregg checkpoppasswd program and now I've modified it to use the DENY environ-
ment variable. Rather than have ":deny" be the last line in my /etc/tcprules.d/
qmail-pop3d file, I replace it with ":allow,DENY=""" and that way I get the
person to type in the username and password of the account they're trying to
access and yet still guarantee that I can cut them off based on the existence
of the DENY variable. My only problem now is that if they are trying to hack my
server, they might not give a valid username or password. This is handled in the
J/SO, PG checkpoppasswd in the newgetpwnam() function, which has no knowledge of
the password variable as it is obtained from qmail-popup. So when an invalid
username is used during a connection from a disallowed address, there's no way
to log the password along side it.
The cheap way around this is to just make "char *password" a global. Anyone
foresee any problem with this?
Second, when ":deny" is used, the originating port on the remote host is logged
in the qmail-pop3d logfile. When ":allow,DENY=""" is used, that information is
not passed along. I'd like to get my hands on a copy of the tcpserver source to
add the TCPREMOTEPORT variable to the environemnt created by tcpserver. So,
1) Where can I find the sources. (I know, I know, STFW)
2) Anyone foresee any problem with this?
3) Would the author perhaps be so kind as to add it himself?
I've also written several scripts and proggies of my own to centralize the
operations of my ISP with SMTP, POP3, and RADIUS servers all maintaining
consistency (of tapioca). I'll eventually be putting all of it under GPL and
tarballing it onto my ftp site for all to gawk at.
--
Matt Garrett, Network Engineer
InterNIC handle: MG14026
Superior On-Line Services, LLC
[EMAIL PROTECTED]
