[vchkpw] 5.5.2

2004-04-07 Thread Marcin So³tysiak 
Hi,

I've noticed that in CVS version Ken sent us besides vpopmaild there is
spamassassin handle. Ken, could you please describe in few word how it is
goin to do the job?

Will it allow to set per-user SA options like treshold? (I hope so :-).

Solt

[vchkpw] Domain with home!= ~vpopmail/domains

2004-04-07 Thread Marcin So³tysiak 
Hi,

I got strange problem. I don;t know when (what version) but suddenly a
domain that have different that ~vpopmail/domains home stopped authorizing
using vchkpw. Here the debug:

# ./vadduser -n [EMAIL PROTECTED]

# telnet europa 110
Trying 217.153.200.101...
Connected to europa.imedia.com.pl (217.153.200.101).
Escape character is '^]'.
+OK <[EMAIL PROTECTED]>
user [EMAIL PROTECTED]
+OK
pass ppp
-ERR authorization failed
Connection closed by foreign host.

# tail /var/log/mail/info
Apr  7 10:47:18 europa vpopmail[20182]: vchkpw-pop3: vpopmail user not found
[EMAIL PROTECTED]:217.153.200.101

# ./vuserinfo [EMAIL PROTECTED]
name:   pedro
passwd:
clear passwd:
uid:0
gid:0
flags:  0
gecos: pedro
limits: No user limits set.
dir:   /home/klub/domains/klub.olga.pl/L/pedro
quota: 10024000S
usage: 0%
account created: Wed Apr  7 10:47:06 2004
last auth: Never logged in

Moreover, user can login using Courier-IMAP. Is this a bug in vchkpw? I use
5.5.0.

Solt

[vchkpw] vpopmaild - BUG: SA_ADMIN cannot get user_info

2004-04-06 Thread Marcin So³tysiak 
Although logged as SA_ADMIN user cannot get user_info from oter domains.
Here is a patch:


--- vpopmail-5.5.2-orig/vpopmaild.c Tue Apr  6 01:03:22 2004
+++ vpopmail-5.5.2/vpopmaild.c  Tue Apr  6 16:47:50 2004
@@ -563,7 +563,7 @@
 return(-1);
   }

-  if ( (AuthVpw.pw_gid&QA_ADMIN) && (strcmp(TheDomain,TmpDomain))!=0 ) {
+  if ( ((AuthVpw.pw_gid & QA_ADMIN) && (strcmp(TheDomain,TmpDomain))!=0) &&
!(AuthVpw.pw_gid & SA_ADMIN) ) {
 snprintf(WriteBuf,sizeof(WriteBuf),
   RET_ERR "XXX not authorized for domain\n");
 return(-1);


BTW. Since vpopmaild is very young it will need a heavy develoopment. It
would be resonable to create a separate category in bugtraq.

Solt

Re: [vchkpw] vpopmail with mysql authentication of installer specified database

2004-03-05 Thread Marcin So³tysiak 
> I remember reading from the proftpd forum
> that a vpopmail+proftpd enthusiast was using
> his own defined mysql table to authenticate
> both vpopmail and proftpd users. Is it
> possible to do this without changing the
> source code? (I am not overly happy about
> changing source since the vpopmail
> installation will be updated with time).

In proftpd.conf: (example on proftpd 1.2.9)

SQLAuthenticate users
SQLAuthTypesPlaintext
SQLConnectInfo  [EMAIL PROTECTED] dbuser dbpasswd
SQLUserInfo domain_tld pw_name pw_clear_passwd NULL NULL pw_home
NULL

or

SQLAuthenticate users
SQLAuthTypesCrypt
SQLConnectInfo  [EMAIL PROTECTED] dbuser dbpasswd
SQLUserInfo domain_tld pw_name pw_passwd NULL NULL pw_home NULL


Solt