Re: [toaster] AOL port 587
At 02.20 26/02/2007, you wrote: Speedbone wrote: > Hi list, > > sorry if I´m wrong here, but I´m using Bills toaster and I´m obviously > to dump to get this aol port working. Could anyone please give me a clue? I assume you mean you mean you want an alternate SMTP port running for outbound mail. You need to create another smtpd process, and instead of using port "smtp" in the run script, use 587. You could name the supervise and log directories "qmail-smtpd-587", and then also add that to your qmailctl script's list of processes so that it controls it. In the next 2.0.9 chkuser version there is the possibility to accept only authenticated senders, so this will help setting up a "submission port" (this port should only be used for client -> server sending, while port 25 should finally be used only for server -> server dialogue). Tonino Regards, Bill
[toaster] Require AUTH on port 587 (was Re: [toaster] AOL port 587)
On Feb 26, 2007, at 12:38 AM, tonix (Antonio Nati) wrote:
In the next 2.0.9 chkuser version there is the possibility to
accept only authenticated senders, so this will help setting up a
"submission port" (this port should only be used for client ->
server sending, while port 25 should finally be used only for
server -> server dialogue).
There's already a patch out there that I've been using for months
now. Here's a modified patch by John M. Simpson (jms) that works
with Bill's toaster. Once patched, just add "export REQUIRE_AUTH=0"
to your qmail-smtpd run file, and "export REQUIRE_AUTH=1" to the run
file for qmail-submission (or whatever you call qmail running on an
alternate port for email clients to send).
Credit should go to jms for the patch -- according to his site, he
wrote that code himself and it's not from another patch. I emailed
this to Bill late last year, but I don't know if he's rolled it into
his big qmail patch yet.
--- qmail-smtpd-orig.c 2005-02-03 20:41:58.0 -0700
+++ qmail-smtpd.c 2006-10-13 11:43:34.493957857 -0700
@@ -54,6 +54,8 @@
unsigned int databytes = 0;
int timeout = 1200;
unsigned int spfbehavior = 0;
+unsigned int require_auth = 0;
+int flagauth = 0;
const char *protocol = "SMTP";
@@ -127,6 +129,7 @@
int err_authabrt() { out("501 auth exchange canceled (#5.0.0)\r\n");
return -1; }
int err_input() { out("501 malformed auth input (#5.5.4)\r\n");
return -1; }
void err_authfail() { out("535 authentication failed (#5.7.1)\r\n"); }
+int err_authfirst() { out("503 authentication required (#5.5.1)\r
\n"); }
int saferead(fd,buf,len) int fd; char *buf; int len;
{
@@ -241,6 +244,9 @@
x = env_get("SPFBEHAVIOR");
if (x) { scan_ulong(x,&u); spfbehavior = u; }
+ x = env_get("REQUIRE_AUTH");
+ if (x) { scan_ulong(x,&u); if (u>0) require_auth = 1; }
+
if (control_readline(&spflocal,"control/spfrules") == -1)
die_control();
if (spflocal.len && !stralloc_0(&spflocal)) die_nomem();
if (control_readline(&spfguess,"control/spfguess") == -1)
die_control();
@@ -496,6 +502,8 @@
void smtp_mail(arg) char *arg;
{
int r;
+
+ if (require_auth) if (!flagauth) { err_authfirst(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
flagsize = 0;
mailfrom_parms(arg);
@@ -762,7 +770,6 @@
static stralloc slop = {0}; /* b64 challenge */
#endif
-int flagauth = 0;
char **childargs;
char ssauthbuf[512];
substdio ssauth = SUBSTDIO_FDBUF(safewrite,3,ssauthbuf,sizeof
(ssauthbuf));
--
Tom Collins - [EMAIL PROTECTED]
Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/
QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [toaster] Require AUTH on port 587 (was Re: [toaster] AOL port 587)
Bill Shupp wrote: Thanks for the reminder Tom. I have not integrated it, nor have I integrated tonino's chkuser 2.0.9. But I did quit a busy client recently, so I have more time these days, and will be getting through a backlog of suggestions soon. Cool. Let me know when its ready... I need to rebuild my mail server fairly soon. Rick
Re: [toaster] Require AUTH on port 587 (was Re: [toaster] AOL port 587)
Tom Collins wrote:
> There's already a patch out there that I've been using for months now.
> Here's a modified patch by John M. Simpson (jms) that works with Bill's
> toaster. Once patched, just add "export REQUIRE_AUTH=0" to your
> qmail-smtpd run file, and "export REQUIRE_AUTH=1" to the run file for
> qmail-submission (or whatever you call qmail running on an alternate
> port for email clients to send).
>
> Credit should go to jms for the patch -- according to his site, he wrote
> that code himself and it's not from another patch. I emailed this to
> Bill late last year, but I don't know if he's rolled it into his big
> qmail patch yet.
>
> --- qmail-smtpd-orig.c 2005-02-03 20:41:58.0 -0700
> +++ qmail-smtpd.c 2006-10-13 11:43:34.493957857 -0700
> @@ -54,6 +54,8 @@
> unsigned int databytes = 0;
> int timeout = 1200;
> unsigned int spfbehavior = 0;
> +unsigned int require_auth = 0;
> +int flagauth = 0;
> const char *protocol = "SMTP";
> @@ -127,6 +129,7 @@
> int err_authabrt() { out("501 auth exchange canceled (#5.0.0)\r\n");
> return -1; }
> int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return
> -1; }
> void err_authfail() { out("535 authentication failed (#5.7.1)\r\n"); }
> +int err_authfirst() { out("503 authentication required (#5.5.1)\r\n"); }
> int saferead(fd,buf,len) int fd; char *buf; int len;
> {
> @@ -241,6 +244,9 @@
>x = env_get("SPFBEHAVIOR");
>if (x) { scan_ulong(x,&u); spfbehavior = u; }
> + x = env_get("REQUIRE_AUTH");
> + if (x) { scan_ulong(x,&u); if (u>0) require_auth = 1; }
> +
>if (control_readline(&spflocal,"control/spfrules") == -1) die_control();
>if (spflocal.len && !stralloc_0(&spflocal)) die_nomem();
>if (control_readline(&spfguess,"control/spfguess") == -1) die_control();
> @@ -496,6 +502,8 @@
> void smtp_mail(arg) char *arg;
> {
>int r;
> +
> + if (require_auth) if (!flagauth) { err_authfirst(); return; }
>if (!addrparse(arg)) { err_syntax(); return; }
>flagsize = 0;
>mailfrom_parms(arg);
> @@ -762,7 +770,6 @@
> static stralloc slop = {0}; /* b64 challenge */
> #endif
> -int flagauth = 0;
> char **childargs;
> char ssauthbuf[512];
> substdio ssauth = SUBSTDIO_FDBUF(safewrite,3,ssauthbuf,sizeof(ssauthbuf));
Thanks for the reminder Tom. I have not integrated it, nor have I
integrated tonino's chkuser 2.0.9. But I did quit a busy client
recently, so I have more time these days, and will be getting through a
backlog of suggestions soon.
Thanks!
Bill
