[vchkpw] vpopmaild - Missing + in list_users

[Rick Widmer]

The status report, about line 1077, in function list_users is missing 
the '+'.

Re: [vchkpw] vpopmaild - return from login, and others

[Ken Jones]

On Monday 05 April 2004 11:09 pm, Rick Widmer wrote:
 When I login, the following information is returned:

 vpopmail_dir /mail
 uid 77
 gid 72
 name postmaster
 comment Postmaster
 quota NOQUOTA
 dir /mail/domains/test.com/postmaster
 encrypted_password $1$zkJe.3SH$7HOl1RbwfKcibL67iXjsh/
 clear_text_password password
 domain_admin_privleges
 system_admin_privleges


 Everything except *_privleges is a name-value pair with a space
 separator.  It might be handy to add space 1 to each of the bitmap
 fields that can appear here.  Like this:

 domain_admin_privleges 1
 system_admin_privleges 1

Excellent idea. I'll put this in.


 That way if I pass the whole list through a function that explodes on
 the space, then packs the name value pairs into an (associaive) array
 these entries will be 'true' to PHP. [1] Without the 1, I have to
 identify them and handle them as special cases.



 I don't know if this is a good idea or not, but it might be handy if you
 always listed all of the bitmap value names with a 0 or 1.  That allows
 for the possibility of generating the PHP fields from the list of bitmap
 values returned.

I like this idea too. The only downsize I see is the extra lines of
information that are default values. The upside is the client does
not need to preset their array with suspect default values, causing
disagreement on values.


 no_password_change 0
 no_pop 0
 no_webmail 0
 no_imap 0
 bounce_mail 0
 no_relay 0
 no_dialup 0
 user_flag_0 0
 user_flag_1 0
 user_flag_2 0
 user_flag_3 0
 no_smpt 0
 domain_admin_privleges 1
 override_domain_limits 0
 no_spamassasin 0
 delete_spam 0
 system_admin_privleges 0

 Would anyone use that information?


 Rick

 ---


 [1]  This code:

 while( list( , $Line ) = each( $ReturnedLines )) {
 list( $Name, $Value ) = explode( ' ', $Line );
 $LoginUser[ $Name ] = $Value;
 }


 turns the entry listed above into the following PHP array:

 LoginUser = array(
 'vpopmail_dir'   =  '/mail',
 'uid'= '77
 'gid'= '72
 'name'   = 'postmaster
 'comment'= 'Postmaster
 'quota'  = 'NOQUOTA
 'dir'= '/mail/domains/test.com/postmaster
 'encrypted_password' = '$1$zkJe.3SH$7HOl1RbwfKcibL67iXjsh/
 'clear_text_password'= 'password',
 'domain_admin_privleges' = '',
 'system_admin_privleges' = '',
 );

Re: [vchkpw] vpopmaild - Missing + in list_users

[Ken Jones]

On Tuesday 06 April 2004 12:58 am, Rick Widmer wrote:
 The status report, about line 1077, in function list_users is missing
 the '+'.

got it. 

Ken

Re: [vchkpw] vpopmaild - Catchall Information

[Ken Jones]

On Tuesday 06 April 2004 12:36 am, Rick Widmer wrote:
 Do I have any better way to obtain information on the catchall status
 than reading .qmail-default myself?

That's all we have for now.



 Do I need one?

You'll need to parse it to determine if it calls anything
special and/if it uses the default setup of
| /path/to/vdelivermail `` option

where option is one of
 delete
 bounce-no-mailbox
 email_address
 /full/path/to/catchall/Maildir

Ken

[vchkpw] vpopmaild -- PHP Object to access it

[Rick Widmer]

I have a bit of an object for vpopmaild working.  It will login and 
retrieve the list of users, and domains.  The tarball includes an 
example program.  On my system (a 500MHz PII) running both the daemon 
and this program it retrieved 3108 users from a single domain in 10.23 
seconds, and 1563 domains in 0.90 seconds.  I am using CDB.

You can download it here:

   http://kimberly.developersdesk.com/vpopmaild-php.tar.gz

Right now it is based on the initial distribution of vpopmaild, and 
works around the bug I found in list_users.  (Missing +)



The functions I have working so far are listed below:

===

The constructor:

function vpopmaild( $Domain, $User, $Password, $Host='localhost', 
$Port=89 )  {

$Domain, $User, $Password represent the user you want to login as.
$Host and $Port are optional, with defaults.  You should check for
an error message with the error_message() function after attempting
to create a vpopmaild object.  If there is an error present, you
can't do anything else.
===

function Quit() {

You should call this before exiting the program to give the server
a chance to clean up gracefully.  The world probably won't end if
you don't but it is possible that sessions will be closed faster
if you do.
===

function error_message() {

Return the most recent error message, if any, from vpopmaild
operations.  This message will be text, ready for display.
===

function GetLoginUser()  {

Retrive an array full of information about the currently logged in
user.
Array (
[vpopmail_dir] = /mail
[uid] = 77
[gid] = 72
[name] = postmaster
[comment] = Postmaster
[quota] = NOQUOTA
[dir] = /mail/domains/test.com/postmaster
[encrypted_password] = $1$zkJe.3SH$7HOl1RbwfKcibL67iXjsh/
[clear_text_password] = password
[domain_admin_privileges] = 1
[system_admin_privileges] = 1
)
===

function ListUsers( $Domain ) {

Retrieve an array full of information about a domain.  You must be
a system admin to list any domain, or the domain admin of the domain
you wish to list.  The users are in alpha order by Username.
Array (
[04wcyrti] = Array
(
[passwd] = $1$cBacCPRA$LxzczMu7dpn5KjZphYPKU0
[uid] = 1
[gid] = 0
[flags] = 0
[gecos] = Brigitte
[dir] = /mail/domains/test.com/9/04wcyrti
[shell] = NOQUOTA
[clear_pw] = Fisher
)
[095wvsp] = Array
(
[passwd] = $1$2lpyyZHz$XmcuvLSZDbOnIaDD9Yf93.
[uid] = 1
[gid] = 0
[flags] = 0
[gecos] = Antone
[dir] = /mail/domains/test.com/F/095wvsp
[shell] = NOQUOTA
[clear_pw] = Winn
)
)
There is a problem with the program I used to load the addresses which 
caused the last name to appear in the clear_pw field.  The program is 
reflecting what is stored in the files.  Spam is useful for something, I 
built all these test users and domains from the spam I got over a week 
or two.  :)

===

function ListDomains( $Sort = 'HDT' ) {

Retrieve an array full of information about a domain.  You must be
a system admin to use this call.
Order to display domains:

  TDH  = top-level, mid-level, host
  DTH  = mid-level, top-level, host
  HDT  = host, mid-level, top-level
where you usually see

   host.mid-level.top-level

   mail.developersdesk.com

Want all the .com together - use TDH
Want domain.com, domain.net, domain.org together - use DTH
Want them all mixed up in host name order - use HDT
If DomainOrder is not specified, you get HDT.

This example data uses DTH mode.  The data is DomainName = ParentName,
If they both match, the domain is real, if they are different it
is an alias of ParentName.
Array
(
[0-0-mydomain.com] = 0-0-mydomain.com
[0-0-mydomain.net] = 0-0-mydomain.com
[0-0-mydomain.org] = 0-0-mydomain.com
[0800commerce.nl] = 0800commerce.nl
[fun.21cn.com] = fun.21cn.com
[private.21cn.com] = private.21cn.com
[263.net] = 263.net
[2dayhealth.com] = 2dayhealth.com
)
===

The next two functions are used to create the login user information
block, and may get merged into the constructor, unless they are useful
parsing other incoming structures.
function ParseUser( $UserBlock ) {

function ReadBlock( $List ) {

Re: [vchkpw] test copy of vpopmaild.c

[Marcin Soltysiak]

- Original Message - 
From: Ken Jones [EMAIL PROTECTED]
I think it works pretty nicely. A single . on a line by itself
represents End of File when sending or receiving multiple
lines of infomation.

Nice idea.

[cut]


Any votes on which way of specifying directories would be easier
from the client program's point of view?
a) full paths
b) relative based on user or command

+1 for b) First, it would be a bit like chrooting, so potential exxploits
would have harder way to get out of ~vpopmail/. Second, would be easier to
user if there was no need for repeting full path everytime.

Solt

Re: [vchkpw] test copy of vpopmaild.c

[Marcin Soltysiak]

- Original Message - 
From: Ken Jones [EMAIL PROTECTED]
 On Monday 05 April 2004 8:08 pm, Charles Sprickman wrote:
  On Mon, 5 Apr 2004, Ken Jones wrote:
   I'd like any comments or votes on how this version
   is using a POP3 type protocol.
 
  Sounds good to me, this is getting exciting!
 
  One little question...  What are you thinking of as far as encryption?
  I'm sure there's going to be some people running the client on a box
  seperate from the server.  You looking at adding ssl support, or are you
  thinking of just letting something like stunnel handle that?

 My favorite is ucspi-tcp-ssl with a self signed certificate.
 It provides peer to peer encryption by just adding -s to the
 tcpserver options. Or use stunnel. It is similar to how email
 clients and mail servers encrypt pop3/smtp/imap communication.

I thought so about ucspi. tcpserver is a good tool.

Solt

Re: [vchkpw] vpopmaild - errors on login

[Marcin Soltysiak]

- Original Message - 
 I see you have different error messages during login for:
 
 
 invalid email address
 
 user does not exist
 
 invalid password
 
 
 
 It might be better to return the same message for all so the hostile 
 hacker can't learn as much about your users.

Good point. I'd suggest 

- ERR XXX Login invalid

 to stdout and detailed info to syslog

Solt

Re: [vchkpw] vpopmaild - return from login, and others

[Marcin Soltysiak]

- Original Message - 
From: Rick Widmer [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 6:09 AM
Subject: [vchkpw] vpopmaild - return from login, and others


 When I login, the following information is returned:

 vpopmail_dir /mail
 uid 77
 gid 72
 name postmaster
 comment Postmaster
 quota NOQUOTA
 dir /mail/domains/test.com/postmaster
 encrypted_password $1$zkJe.3SH$7HOl1RbwfKcibL67iXjsh/
 clear_text_password password
 domain_admin_privleges
 system_admin_privleges


 Everything except *_privleges is a name-value pair with a space
 separator.  It might be handy to add space 1 to each of the bitmap
 fields that can appear here.  Like this:

 domain_admin_privleges 1
 system_admin_privleges 1

 That way if I pass the whole list through a function that explodes on
 the space, then packs the name value pairs into an (associaive) array
 these entries will be 'true' to PHP. [1] Without the 1, I have to
 identify them and handle them as special cases.



 I don't know if this is a good idea or not, but it might be handy if you
 always listed all of the bitmap value names with a 0 or 1.  That allows
 for the possibility of generating the PHP fields from the list of bitmap
 values returned.


 no_password_change 0
 no_pop 0
 no_webmail 0
 no_imap 0
 bounce_mail 0
 no_relay 0
 no_dialup 0
 user_flag_0 0
 user_flag_1 0
 user_flag_2 0
 user_flag_3 0
 no_smpt 0
 domain_admin_privleges 1
 override_domain_limits 0
 no_spamassasin 0
 delete_spam 0
 system_admin_privleges 0

 Would anyone use that information?


 Rick

 --
-


 [1]  This code:

 while( list( , $Line ) = each( $ReturnedLines )) {
 list( $Name, $Value ) = explode( ' ', $Line );
 $LoginUser[ $Name ] = $Value;
 }


 turns the entry listed above into the following PHP array:

 LoginUser = array(
 'vpopmail_dir'   =  '/mail',
 'uid'= '77
 'gid'= '72
 'name'   = 'postmaster
 'comment'= 'Postmaster
 'quota'  = 'NOQUOTA
 'dir'= '/mail/domains/test.com/postmaster
 'encrypted_password' = '$1$zkJe.3SH$7HOl1RbwfKcibL67iXjsh/
 'clear_text_password'= 'password',
 'domain_admin_privleges' = '',
 'system_admin_privleges' = '',
 );


anyway if you check like:

if($LoginUser['system_admin_privileges']) {
  .
}

it doesnt quote matter if it is set to 0 or not set.

Solt

Re: [vchkpw] test copy of vpopmaild.c

[Rick Widmer]

Marcin Soltysiak wrote:

- Original Message - 
From: Ken Jones [EMAIL PROTECTED]
Any votes on which way of specifying directories would be easier

from the client program's point of view?

a) full paths
b) relative based on user or command


+1 for b) First, it would be a bit like chrooting, so potential exxploits
would have harder way to get out of ~vpopmail/. Second, would be easier to
user if there was no need for repeting full path everytime.
I disagree.  If he chooses b, then you have to worry about what the
rights of the current user is when composing commands.  If he uses full
paths, it doesn't matter what kind of user is at the browser, you always
send the same command.
For example, using b to create a VacationMessage file for [EMAIL PROTECTED]:

Sys Admin would send:

   write_file /test.com/user/VacationMessage

The Domain admin would send:

   write_file /user/VacationMessage

And the user would send:

   write_file /VacationMessage

It would be much easier to write code for using the daemon if everyone
always referenced that file using the System Admin example, and you
don't have to do the same job three different ways depending on who
happens to be logged in.
Remember, there will be a whole bunch of PHP code on top of the daemon.

Rick

Re: [vchkpw] test copy of vpopmaild.c

[Marcin Soltysiak]

- Original Message - 
From: Rick Widmer [EMAIL PROTECTED]
 Marcin Soltysiak wrote:

  - Original Message - 
  From: Ken Jones [EMAIL PROTECTED]
 Any votes on which way of specifying directories would be easier
 
 from the client program's point of view?
 
 a) full paths
 b) relative based on user or command
 
 
  +1 for b) First, it would be a bit like chrooting, so potential
exxploits
  would have harder way to get out of ~vpopmail/. Second, would be easier
to
  user if there was no need for repeting full path everytime.

 I disagree.  If he chooses b, then you have to worry about what the
 rights of the current user is when composing commands.  If he uses full
 paths, it doesn't matter what kind of user is at the browser, you always
 send the same command.

 For example, using b to create a VacationMessage file for [EMAIL PROTECTED]:

 Sys Admin would send:

 write_file /test.com/user/VacationMessage

 The Domain admin would send:

 write_file /user/VacationMessage

 And the user would send:

 write_file /VacationMessage

 It would be much easier to write code for using the daemon if everyone
 always referenced that file using the System Admin example, and you
 don't have to do the same job three different ways depending on who
 happens to be logged in.

 Remember, there will be a whole bunch of PHP code on top of the daemon.

Either I am missing something or... If we use full path then same operations
would look like:

 Sys Admin would send same as
 The Domain admin would send same as
 And the user would send:

 write_file /path/to/vpopmail/home/domains/test.com/user/VacationMessage

And this way we let the user know ~vpopmail. I know that in concepts,
ordinary user should not use plain vpopmaild protocol but PHP application,
but since we don't work in secret I can imagine that one day one of my
customers that feels geek in programing would come and request Hey man,
where is your ~vpopmail? I don't like your admin UI and I want to write my
own.

In case od b) I wouldn't have to tell him the path. He would just stick to

write_file /VacationMessage

when logging as [EMAIL PROTECTED]

Solt

Re: [vchkpw] test copy of vpopmaild.c

[Rick Widmer]

Marcin Soltysiak wrote:

Either I am missing something or... If we use full path then same operations
would look like:
 Sys Admin would send same as
 The Domain admin would send same as
 And the user would send:
 write_file /path/to/vpopmail/home/domains/test.com/user/VacationMessage

And this way we let the user know ~vpopmail. I know that in concepts,
ordinary user should not use plain vpopmaild protocol but PHP application,
but since we don't work in secret I can imagine that one day one of my
customers that feels geek in programing would come and request Hey man,
where is your ~vpopmail? I don't like your admin UI and I want to write my
own.
In case od b) I wouldn't have to tell him the path. He would just stick to

write_file /VacationMessage

when logging as [EMAIL PROTECTED]
There is no need to send the ~vpopmail/domains/ part of the path, 
because the user has no choice on that part.  If we always send the full 
path from that point down, then the path is always:

  $Domain/$User/$whatever

or maybe

  /$Domain/$User/$whatever

I think both should be allowed, and have the same meaning.

Rick

[vchkpw] Problem with quota

[Florent]

Hello from France

I'm using vpopmail 5.4.0 and vqadmin 2.3.2 and it's doing fine (good job 
!) but...

I think there's a little problem with quota update in vpopmail and vqadmin :
When i change a user's quota via commandline using the 'vsetuserquota' 
program, the quota is changed in the vpasswd file and the 
Maildir/maildirquota file is updated.
BUT when i change a user's quota via vqadmin, only the vpasswd file is 
updated, not the Maildir/maildirquota file. Finally, it is as if there 
was no modification at all.

I watched into source code of vpopmail and vqadmin and saw that :
   - vqadmin uses the vauth_setpw function to modify a user.
   - inside vpopmail : the function vauth_setpw modify only the vpasswd 
file, but the vsetuserquota function modify vpasswd file (by calling 
vauth_setpw) and then update Maildir/maildirsize file.

That's why the vsetuserquota program does the right job (it uses the 
vsetuserquota function), and vqadmin does only 'half' of the job.

I think the best solution to solve this problem would be to move the 
portion of code which does the Maildir/maildirquota update in 
vsetuserquota into the vauth_setpw function.
That's only what i think, i don't know all the choices that were made 
since the beginning to do that project so i leave the solution up to you :)

(I hope that you understood my english and that what i said is right :p )

Florent

[vchkpw] vpopmaild - PHP object

[Rick Widmer]

I just uploaded a new PHP object to interface to the vpopmaild daemon.

   http://kimberly.developersdesk.com/vpopmaild-php.tar.gz

vpopmail.pobj is the source code for the actual object.

README lists all available methods in the object.

example.php is a command line PHP program that tests the object, and 
gives examples of how to use it.

example.output is a cut down listing of the example program output on my 
server.  I have 3108 users and 1563 domains in the test data I am using.

The example program requires a CLI (Command Line) version of PHP that 
was ./configured with  enable-streams.  If you add a little HTML, it 
should run to a web browser too.

It now supports all the currently existing functions of vpopmaild that 
return data:

login, user_info, list_dir, read_file, list_domains, list_users, 
get_limits, get_lastauth, get_lastauthip, quit.

I will work on the functions that take action tomorrow:

add_user, del_user, mod_user, add_domain, mk_dir, rm_file, set_limits, 
del_limits.

You can expect them to take parameters like ( $Domain, $User, 
$Whatever... ), always in that order.  Where possible you will be able 
to retrieve an array of data from one of the data return functions, 
adjust the contents of that array and pass it to one of these functions 
to adjust things in the mail system.

There are other functions defined in vpopmaild that don't contain any 
code yet.  I will work on them as soon as I get a version of the daemon 
that actually supports them:

dom_info, write_file, list_lists, get_ip_map, add_ip_map, del_ip_map, 
show_ip_map, add_list, del_list, mod_list.

Re: [vchkpw] Re: Blackholing a sender

[Devendra Singh]

At 02/04/04 21:38 (), Peter Palmreuther wrote:

Hello Devendra,

On Friday, April 2, 2004 at 7:26:47 AM you wrote (at least in part):

 This gives me a clue that perhaps we should be able to do it using
 qmail-scanner-queue.pl code. Let me try it out. If anyone else too can give
 some pointer on this angle do let us know.
qmail_requeue() seems to be the function that does pass the mail to
qmail-queue after qmail-scanner has processed it.
So before AV- and spam-check simply check for $sender (or
$env_returnpath, or whatever the variable is named at the location you
introduce the check) and instead of init_scanners call a the requeue
with different recipient ($env_recips or the like). The new recipient
should be a local/virtualdomain recipient address that has a
blackholed delivery: a dot-qmail file containing only one line:
,- [ .qmail-blackhole ]
| #
`-
HTH
--
Best regards
Peter Palmreuther
Thanks, Peter for the nice pin pointed clue. I would try out this clue as 
soon as I am free from the other imp stuffs. A bit difficult for me, not a 
perl programmer.

But, I was able to blackhole as follows:

In the file /var/spool/qmailscan/quarantine-attachments.txt

[EMAIL PROTECTED] Tab Virus-MAILFROM: Tab You are Banned.

Now, in /var/qmail/bin/qmail-scanner-queue.pl add You are Banned to the 
silent_viruses_array as

my 
@silent_viruses_array=('klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','You 
are Banned');

This would delete the mail and would not intimate the sender.

Devendra Singh

__
Devendra Singh
IndiaMART InterMESH Limited
(Global Gateway to Indian Market Place)
B-1, Sector 8, Noida, UP - 201301, India
EPABX : +91-120-2424945, +91-120-3094634, +91-9810646342
Fax: +91-120-2424943
http://www.indiamart.com
http://www.indiangiftsportal.com
http://www.indiantravelportal.com
__ 

Re: [vchkpw] vpopmaild - PHP object

[Marcin Soltysiak]

- Original Message - 
From: Rick Widmer [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 12:49 PM
Subject: [vchkpw] vpopmaild - PHP object


 I just uploaded a new PHP object to interface to the vpopmaild daemon.

 http://kimberly.developersdesk.com/vpopmaild-php.tar.gz


 vpopmail.pobj is the source code for the actual object.

 README lists all available methods in the object.

 example.php is a command line PHP program that tests the object, and
 gives examples of how to use it.


Did I miss something:

User info for logged in user: Array
(
[vpopmail_dir] = /home/vpopmail
[uid] = 399
[gid] = 399
[name] = office
[comment] = office
[quota] = NOQUOTA
[dir] = /home/vpopmail/domains/imedia.com.pl/office
[encrypted_password] = $1$L6UBr$.EzXzXSDy1PZiCiNT6Erm.
[clear_text_password] = 
[domain_admin_privileges] = 1
[system_admin_privileges] = 1
)

Domain List: (64)
Array
(

)

Command string: list_users dom1.pl

socket_write returned: 24
read returned: -ERR XXX not authorized for domain

User List: (0)
Command string: list_users dom2.pl

socket_write returned: 24
read returned: -ERR XXX not authorized for domain

User List: (0)
Command string: list_users imedia.com.pl

socket_write returned: 25
read returned: OK

extra read returned:
demo:$1$yUVUM$i4xHyCMsahaaOAAYViuQ81:0:0:0:demo:/home/vpopmail/domains/imedi
a.com.pl/demo:1048576.00:

User List: (12)
Array
(
...
)

Although I am sysadmin I cannot list users in other domains.

What is funny, [EMAIL PROTECTED] does not appear in UserList array amd it
is only account that had quota set.

Solt

[vchkpw] vpopmaild - BUG: SA_ADMIN cannot get user_info

[Marcin So³tysiak]

Although logged as SA_ADMIN user cannot get user_info from oter domains.
Here is a patch:


--- vpopmail-5.5.2-orig/vpopmaild.c Tue Apr  6 01:03:22 2004
+++ vpopmail-5.5.2/vpopmaild.c  Tue Apr  6 16:47:50 2004
@@ -563,7 +563,7 @@
 return(-1);
   }

-  if ( (AuthVpw.pw_gidQA_ADMIN)  (strcmp(TheDomain,TmpDomain))!=0 ) {
+  if ( ((AuthVpw.pw_gid  QA_ADMIN)  (strcmp(TheDomain,TmpDomain))!=0) 
!(AuthVpw.pw_gid  SA_ADMIN) ) {
 snprintf(WriteBuf,sizeof(WriteBuf),
   RET_ERR XXX not authorized for domain\n);
 return(-1);


BTW. Since vpopmaild is very young it will need a heavy develoopment. It
would be resonable to create a separate category in bugtraq.

Solt

[vchkpw] vpopmaild development

[Tom Collins]

On Apr 6, 2004, at 10:57 AM, Marcin So³tysiak wrote:
BTW. Since vpopmaild is very young it will need a heavy develoopment. 
It
would be resonable to create a separate category in bugtraq.
I'll put my vote in for initial development to take place in a separate 
CVS repository from the main vpopmail release, with discussion taking 
place on its own list.

At the very least, vpopmaild discussion should be on vpopmail-devel 
instead of the vchkpw list.  I am sure that there are others, like me, 
who aren't interested in following the early stages of development and 
would prefer not to receive 20-30 messages a day discussing it.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/

Re: [vchkpw] vpopmaild development

[Paul Oehler]

Tom Wrote:
At the very least, vpopmaild discussion should be on vpopmail-devel
instead of the vchkpw list.  I am sure that there are others, like me,
who aren't interested in following the early stages of development and
would prefer not to receive 20-30 messages a day discussing it.

-

Pardon my ignorance, but where is this aformentioned vpopmail-devel mailing
list?  I'm having trouble tracking it down.

Thanks,
Paul

[vchkpw] Making vpopmail recognize # as @

[Eduardo M. Bragatto]

	I need to make vpopmail recognize user#domain.com as the same way it 
recognizes [EMAIL PROTECTED].
	Is there a way to do it changing configuration files or I'll have to 
edit the source code/include files and recompile?

[[]]'s
Eduardo M. Bragatto.

Re: [vchkpw] Making vpopmail recognize # as @

[Eduardo M. Bragatto]

Eduardo M. Bragatto wrote:

I need to make vpopmail recognize user#domain.com as the same way 
it recognizes [EMAIL PROTECTED].
	A little explanation:

	It's needed only when RECEIVING messages via SMTP.

[[]]'s
Eduardo M. Bragatto.

Re: [vchkpw] vpopmaild - errors on login

[X-Istence]

Marcin Soltysiak wrote:
- Original Message - 

I see you have different error messages during login for:

invalid email address

user does not exist

invalid password



It might be better to return the same message for all so the hostile 
hacker can't learn as much about your users.


Good point. I'd suggest 

- ERR XXX Login invalid

 to stdout and detailed info to syslog

Solt


Its using tcpserver, so why not to multilog. I personally try to limit 
as much as possible the use of syslog.

X-Istence

[vchkpw] Re: Making vpopmail recognize # as @

[Peter Palmreuther]

Hello Eduardo,

On Tuesday, April 6, 2004 at 8:31:17 PM you wrote (at least in part):

 I need to make vpopmail recognize user#domain.com as the same way it
 recognizes [EMAIL PROTECTED].
 Is there a way to do it changing configuration files or I'll have to
 edit the source code/include files and recompile?

You have to recompile. Edit 'vpopmail.h', the line that says:

#define ATCHARS @%/
-- 
Best regards
Peter Palmreuther

Government is a burden on the people.

[vchkpw] Re: Making vpopmail recognize # as @

[Peter Palmreuther]

Hello Eduardo,

On Tuesday, April 6, 2004 at 8:58:28 PM you wrote (at least in part):

 I need to make vpopmail recognize user#domain.com as the same way
 it recognizes [EMAIL PROTECTED].
 It's needed only when RECEIVING messages via SMTP.

Than forget about my previous answer and forget about a solution.
You'd have to hack qmail for it recognizing the '#' first before you
could enter editing vpopmail sources. qmail will, without
modifications, not be able to find the domain part of a mail addressed
to 'user#domain.com', it'll append '/var/qmail/control/defaulthost'
and handle the mail according to how this 'defaulthost' is set up.

You'll have to make qmail check for '#' first and translating it into
'@'. Might be better to enforce incoming mail are addressed correctly
and according to a few RFC with '@' as domain delimiter, instead of
'#'.
-- 
Best regards
Peter Palmreuther

C'mon everybody, here we gooo!  Off to Neverland! - Peter Pan

Re: [vchkpw] Re: Making vpopmail recognize # as @

[Eduardo M. Bragatto]

Peter Palmreuther wrote:
Hello Eduardo,

On Tuesday, April 6, 2004 at 8:58:28 PM you wrote (at least in part):


I need to make vpopmail recognize user#domain.com as the same way
it recognizes [EMAIL PROTECTED].
It's needed only when RECEIVING messages via SMTP.
	Sorry, Peter... your anwser has already solved my problem.
	My previous e-mail is wrong. I meant POP3 instead of SMTP. Thank you 
very much for your attention and time spent. ;)

[[]]'s
Eduardo M. Bragatto.

Re: [vchkpw] vpopmaild - errors on login

[Marcin Soltysiak]

- Original Message - 
From: X-Istence [EMAIL PROTECTED]
 Marcin Soltysiak wrote:
  - Original Message - 
  
 I see you have different error messages during login for:
 
 
 invalid email address
 
 user does not exist
 
 invalid password
 
 
 
 It might be better to return the same message for all so the hostile 
 hacker can't learn as much about your users.
  
  
  Good point. I'd suggest 
  
  - ERR XXX Login invalid
  
   to stdout and detailed info to syslog
 Its using tcpserver, so why not to multilog. I personally try to limit 
 as much as possible the use of syslog.
Sure. I meant (syslog|multilog|anylog) facility on server side. :-)

Solt

Re: [vchkpw] vpopmaild development

[Marcin Soltysiak]

- Original Message - 
From: Tom Collins [EMAIL PROTECTED]
On Apr 6, 2004, at 10:57 AM, Marcin So³tysiak wrote:
 BTW. Since vpopmaild is very young it will need a heavy develoopment.
 It
 would be resonable to create a separate category in bugtraq.

I'll put my vote in for initial development to take place in a separate
CVS repository from the main vpopmail release, with discussion taking
place on its own list.
+1

Solt

Re: [vchkpw] vpopmaild - PHP object

[Rick Widmer]

Marcin Soltysiak wrote:

Although I am sysadmin I cannot list users in other domains.
I have already reported this to Ken.


What is funny, [EMAIL PROTECTED] does not appear in UserList array amd it
is only account that had quota set.
This may be a new bug.

Re: [vchkpw] vpopmaild development

[Rick Widmer]

Paul Oehler wrote:

Tom Wrote:
At the very least, vpopmaild discussion should be on vpopmail-devel
instead of the vchkpw list.  I am sure that there are others, like me,
who aren't interested in following the early stages of development and
would prefer not to receive 20-30 messages a day discussing it.
-

Pardon my ignorance, but where is this aformentioned vpopmail-devel mailing
list?  I'm having trouble tracking it down.


   http://sourceforge.net/projects/vpopmail/

Then click on the Lists link, to subscribe to the list.

I just signed up, but the last time I signed up for a SourceForge
mailing list, it took most of a day before it would let me post.
Rick

Re: [vchkpw] vpopmaild - PHP object

[Marcin Soltysiak]

 Marcin Soltysiak wrote:

  Although I am sysadmin I cannot list users in other domains.

 I have already reported this to Ken.


  What is funny, [EMAIL PROTECTED] does not appear in UserList array amd
it
  is only account that had quota set.

 This may be a new bug.

It seems to be the firt entry on list_users..I've check od few domains and
everyoan behaved same way.
Solt

Re: [vchkpw] vpopmaild - PHP object

[Marcin Soltysiak]

- Original Message - 
From: Marcin Soltysiak [EMAIL PROTECTED]
  Marcin Soltysiak wrote:
 
   Although I am sysadmin I cannot list users in other domains.
 
  I have already reported this to Ken.
 
 
   What is funny, [EMAIL PROTECTED] does not appear in UserList array
amd
 it
   is only account that had quota set.
 
  This may be a new bug.

 It seems to be the firt entry on list_users..I've check od few domains and
 everyoan behaved same way.

Ok, I've found... the class make unnecessary read from socket between
reading +OK and first entry from list. Same as for list_domains.

Solt

Re: [vchkpw] vpopmaild - PHP object

[Rick Widmer]

Marcin Soltysiak wrote:

What is funny, [EMAIL PROTECTED] does not appear in UserList array amd
it

is only account that had quota set.
This may be a new bug.


It seems to be the firt entry on list_users..I've check od few domains and
everyoan behaved same way.


In the ListUsers() function try uncommenting the echos.  Then see if
your missing item appears in the 'extra read returned' entry.  The
'extra reads' are something that I need on my system to keep things in
sync, but I don't understand why they are there.
I have an extra blank line I need to remove, but I don't see it when I
telnet in.
We should probably move to the SourceForge vpopmail-devel list.

   http://lists.sourceforge.net/lists/listinfo/vpopmail-devel

Rick

Re: [vchkpw] test copy of vpopmaild.c

[Charles Sprickman]

On Tue, 6 Apr 2004, Rick Widmer wrote:

 There is no need to send the ~vpopmail/domains/ part of the path,
 because the user has no choice on that part.  If we always send the full
 path from that point down, then the path is always:

$Domain/$User/$whatever

 or maybe

/$Domain/$User/$whatever

or 1/$Domain/K/$User/$whatever

Just a reminder that vpopmail does directory hashing on domains and users.

Charles

 I think both should be allowed, and have the same meaning.


 Rick

Re: [vchkpw] test copy of vpopmaild.c

[Jeremy Kitchen]

On Mon, 2004-04-05 at 20:18, Ken Jones wrote:

  One little question...  What are you thinking of as far as encryption?
  I'm sure there's going to be some people running the client on a box
  seperate from the server.  You looking at adding ssl support, or are you
  thinking of just letting something like stunnel handle that?
 
 My favorite is ucspi-tcp-ssl with a self signed certificate.
 It provides peer to peer encryption by just adding -s to the
 tcpserver options. Or use stunnel. It is similar to how email 
 clients and mail servers encrypt pop3/smtp/imap communication.

or, my favorite, ucspi-ssl (http://superscript.com/ucspi-ssl/intro.html

-Jeremy

-- 
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE

RE: [vchkpw] Server Farm..

[Jeremy Kitchen]

On Mon, 2004-04-05 at 17:06, Michael Bellears wrote:
  
  Never used remote logging for multilog so I can't tell you 
  about that, but it looks pretty straight forward.  NFS 
  settings can be tweaked to improve its performance/bandwidth 
  usage.  I've only seen it chew up a ton of bandwidth when 
  things aren't setup properly, or when a drive couldn't be 
  mounted properly.
 
 Thanks - Would it be worthwhile running Samba only (The NAS will be
 serving both Win+Linux boxes)?

I don't think samba gives the proper filesystem semantics that would be
needed for this to happen.

  The other option though, is that 
  vpopmail does support a master/slave setup where any writable 
  queries go to server X while readable ones are done locally 
  for performance.  This is a better scenario than two way 
  replication since you don't run the risk of replication breakage.
 
 [that] option sounds much better - If a writable query is performed, I
 assume I must have master/slave configured (Master obviously being the
 writable mysql server, which would then update all the slaves?)

right.  We have several of those types of installations up and running. 
Works pretty well.

-Jeremy

-- 
Jeremy Kitchen
Systems Administrator
[EMAIL PROTECTED]
Kitchen @ #qmail on EFNet - Join the party!
.
Inter7 Internet Technologies, Inc.
www.inter7.com
866.528.3530 toll free
847.492.0470 int'l
847.492.0632 fax
GNUPG key ID: 93BDD6CE

Re: [vchkpw] Re: Making vpopmail recognize # as @

[Tom Collins]

On Apr 6, 2004, at 3:44 PM, Eduardo M. Bragatto wrote:
	Sorry, Peter... your anwser has already solved my problem.
	My previous e-mail is wrong. I meant POP3 instead of SMTP. Thank you 
very much for your attention and time spent. ;)
A commonly supported alternative is to use '%' instead of '@'.

--
Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/