[vchkpw] Question about --without-users-big-dir
Hi folks, I'm considering re-compiling vpopmail with the --without-users-big-dir option. My understanding is this will 1) stop the directory hashing of usernames in the ~vpopmail/domains/domain.com/ directories 2) enable single character e-mail usernames First, is my understanding of those two things correct? Second, does it do anything besides those two things I should know about? And finally, will this adversely affect any existing domains that already have directory hashing of usernames in place now? Thanks in advance, Paul -- Paul Oehler
[vchkpw] CentOS 5 64 bit vchkpw segfault - vpopmail 5.4.9 - softlimit related
Hi, We're seeing vchkpw segfault seemingly at random during pop3 authentication, but only on CentOS 5 x86_64. The result is pop3 authentication failing randomly. CentOS 5 32 bit and CentOS 4 64 and 32 bit do not exhibit this behavior, with the same vpopmail code base (5.4.9). This is admittidly not the newest vpopmail version - does this problem sound familiar to anyone and do you recall it being fixed in one of the newer versions? It appears to be related to the "softlimit" command that is used in the invocation of pop3. Attempting to raise the softlimit -m parameter to very high values (as high as 51200) does not prevent the segfault, however, removing the softlimit line entirely does prevent the segfaults. Also, copying the vchkpw binary compiled on a 32 bit CentOS 5 OS to the 64 bit install also "fixes" the problem. I realize 5.4.9 is pretty old, but we don't require many of the new features in the newer vpopmail releases, and would prefer to not have to recompile qmail-smtpd if we can get away with it (where we're using chkuser). In the ChangeLog for 5.4.10 I see this: Stephan Tesch - md5.h: fix related to segfaults in vchkpw on Sparc64. [1144851] What's the likelyhood that is related? Thanks, Paul !DSPAM:48b5743f32312110969750!
Re: [vchkpw] CentOS 5 64 bit vchkpw segfault - vpopmail 5.4.9 - softlimit related
Paul Oehler wrote: Hi, We're seeing vchkpw segfault seemingly at random during pop3 authentication, but only on CentOS 5 x86_64. The result is pop3 authentication failing randomly. CentOS 5 32 bit and CentOS 4 64 and 32 bit do not exhibit this behavior, with the same vpopmail code base (5.4.9). This is admittidly not the newest vpopmail version - does this problem sound familiar to anyone and do you recall it being fixed in one of the newer versions? It appears to be related to the "softlimit" command that is used in the invocation of pop3. Attempting to raise the softlimit -m parameter to very high values (as high as 51200) does not prevent the segfault, however, removing the softlimit line entirely does prevent the segfaults. Also, copying the vchkpw binary compiled on a 32 bit CentOS 5 OS to the 64 bit install also "fixes" the problem. You might want to try recompiling everything with out any compiler optimization flags like -O or -O2. We've seen some 64 bit systems have problems if -OX is enabled. With the -O options removed and everything recompiled the problems went away. Thanks for the suggestion Ken. I finally got around to testing this, and unfortunatly the vchkpw segfaults continue even after recompiling without any compiler optimization flags. The error in the messages log looks like this: kernel: vchkpw[7073]: segfault at ffb8 rip 0047e84c rsp 78eaf898 error 6 Anybody have any tips on how to debug this further? Paul !DSPAM:48ff580732314335212939!
[vchkpw] [SPAM] vdominfo -d bug or feature?
Hi everyone. I'm testing vpopmail 5.4.32 (latest stable build). I'm experiencing some behavior that seems strange to me, but I'm not sure if you all consider it a bug or a feature. Say I have a domain asdf.com with 3 alias domains (added with vaddaliasdomain). Running ~vpopmail/bin/vdominfo -d asdf.com, I get: -- # ~vpopmail/bin/vdominfo -d asdf.com /home/vpopmail/domains/asdf.com alias: pkoaaa.com alias: tester11.com alias: tester15.com -- Why are those alias: lines being printed? I only asked for the domain directory, -d. Previous versions didn't exhibit this behavior, which is why it seems bug-like to me - but perhaps this behavior was explictly added for some good reason? The usage shown below doesn't say anything about alias output with the -d param. # ~vpopmail/bin/vdominfo -h /home/vpopmail/bin/vdominfo: invalid option -- h vdominfo: usage: [options] [domain] options: -v (print version number) -a (display all fields, this is the default) -n (display domain name) -u (display uid field) -g (display gid field) -d (display domain directory) -t (display total users) -r (display real domain) Thanks, Paul -- Paul Oehler InterWorx L.L.C. http://interworx.com 1101 Greenfield Ave Pittsburgh PA 15207 !DSPAM:4e9f332332719868674482!
Re: [vchkpw] Maildirquota, qmailadmin and courierimap..who is problematic?
> This bug was only recently fixed. It will be in the next release of > vpopmail. Unfortunately, I started making significant changes to the > database backends before forking off a 5.5 development series. I will > try to split the codebase and release a 5.4.3 that includes only fixes > to existing problems, and leave the database updates to 5.5.0. Tom, is it neccessary to apply this patch if only using vmoduser (without using qmailadmin)? When using vmoduser to change the quota for a user, the maildirsize file does disappear, but it is re-created when a new messages comes in. When this happens it seems to work correctly (reflects the change in quota size correctly). So does this mean it's "ok" to use vmoduser to change user quota without the patch? Thanks! Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net
Re: [vchkpw] php extension or daemon
> Just from the top of my head, wouldn't Apache 2 solve this? Doesn't it > allow for different UID/GID for different virtual hosts? Indeed, this was the holy grail of Apache 2.0 for shared web hosts. Alas 2.0 came, and as of yet has not delivered. Here's the relevant info: http://httpd.apache.org/docs-2.0/mod/perchild.html The Summary: "This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it." If they ever get this going, it will be a very happy day for many folks. And I think you're right, this would help a TON with the whole php-vpopmail extension issues. Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] php vpopmail daemon etc. - developing story
> The daemon MUST require all connections to be authenticated, preferably > against the vpopmail user base. > > user rwidmer ok > password mypassword ok This is only slightly related to Rick's comments (which I think are very good by the way), but when he says "against the vpopmail user base" exactly what user base is he referring to? In his example, where is the "rwidmer" user information stored? Is this something related to how qmailadmin (which I know the least about re: vpopmail) does authentication? Thanks, Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] php vpopmail daemon etc. - developing story
> There is a function that provides authentication: > > vpasswd( user, domain, password, is_apop ) > > that returns the user's password info if valid, or 0. > > The problem is, if you can execute the vpopmail library at all, you can > execute every function within it. This is how QmailAdmin checks to see > what you are allowed to do when you login. > Thanks for both of your responses Rick, very helpful. Could you, or someone, point me toward where I can read about what these already built in rules are, and how they're defined and stored in the database? I'm assuming this would be "pw_gid" documentation, or code comments, or something similar? Thanks again, Paul
Re: [vchkpw] New PHP extension
> A new update to the vpopmail extension for PHP has been uploaded to > > http://kimberly.developersdesk.com/ > > I believe it now supports everything that QmailAdmin uses. > Hi Rick, Is your PHP vpopmail extention able to create and manage Forwards, Robots (autoresponders), and mailing lists? I looked through all the source code and it didn't jump out at me, so I thought I'd ask. Thanks, Paul
Re: [vchkpw] vpopmaild development
Tom Wrote: At the very least, vpopmaild discussion should be on vpopmail-devel instead of the vchkpw list. I am sure that there are others, like me, who aren't interested in following the early stages of development and would prefer not to receive 20-30 messages a day discussing it. - Pardon my ignorance, but where is this aformentioned vpopmail-devel mailing list? I'm having trouble tracking it down. Thanks, Paul
Re: [vchkpw] dot qmail processing
> A .qmail file with a one line comment will discard mail. > > .qmail-blackhole: > -- > # > -- > > Rick Out of curiosity, is this a documented feature? I don't remember ever reading this anywhere. Paul
Re: [vchkpw] dot qmail processing
> > It's in the qmail docs. > > > > man dot-qmail > > > > It isn't in there explicitly, but it says that lines starting with # are > > ignored, and that qmail-local will only process .qmail files that aren't > > empty. Is this how qmailadmin creates a "blackhole" e-mail address?
Re: [vchkpw] how to delete mail domain alias
> How can i delete mail domain alias added with "vaddaliasdomain"? Use vdeldomain. It won't delete the underlying "non-alias" domain, just the alias. Paul -- Paul OehlerNEXCESS.NET Internet Solutionshttp://nexcess.net304 1/2 S. State St.Ann Arbor, MI 481041.866.NEXCESS
Re: [vchkpw] Disabling bounce messages
I'm looking for a way to disable bouncing (ALL bouncing, not just double-bounces) temporarily for a group of domains on one our doesn't this fundementally break the RFC for SMTP? Probably, but considering the RFC for SMTP has fundamental problems that make life miserable for good folks and life wonderful for spammers - too bad. Sorry Bill, short of writing a shell script to change the .qmail-default files automatically I don't know of any method. Paul p.s. I'm not interested in getting into a debate, this isn't the right place anyway. -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] Spamassin configuration
I don't think vdelivermail or vpopmail in general should be calling spamc/spamassassin. Let that be handled elsewhere. Let's stick to delivering mail and deciding where it goes. However, lets remember that if spam is only scanned at the MTA level, SpamAssassin user preferences will not function if the e-mail is addressed to more than one sender. Scanning in vdelivermail, at the MDA level, does not have this restriction. For that reason I still think there is value in scanning in vdelivermail. Paul
[vchkpw] Maildrop failures with vdelivermail
I just started testing out Maildrop with Vpopmail this weekend, and found some interesting problems. Versions: maildrop 1.8.0, vpopmail 5.4.9 The problem I had is the same as Matt Kern describes here: http://www.mail-archive.com/vchkpw@inter7.com/msg20582.html To sum up, the problem occurs at seemingly random times (but often), when running vdelivermail from the Maildrop filter file. As Matt described, the error as it appears in the qmail-send log looks like: 2005-02-18 21:58:22.285783500 delivery 181: deferral: Sorry,_no_mailbox_here_by_that_name._vpopmail_(#5.1.1)/maildrop:_error_writing_to_mailbox./ Clearly this should be a bounce aka failure, not a deferral, but maildrop determines there is a problem when calling vdelivermail, so it returns with exitcode 75 which causes the deferral. I believe the source of this problem was identifed back in June by someone posting to the Maildrop mailing list, although there were no responses. See: http://sourceforge.net/mailarchive/message.php?msg_id=8664909 To sum up again, he says the problem "is because vdelivermail exits, before it read the pipe completly. vdelivermail simply checks whether the receipient is valid, and if not, exits at once, causing a SIGPIPE in maildrop." I've confirmed that Maildrop returns the deferral exit code due to a SIGPIPE by stracing the call to vdelivermail, when this problem occurs. This question has come up a couple times before I see after hunting through archives, but I haven't found a definitive answer or solution. I've seen Jeremy Kitchen post to the maildrop list, which makes me hopeful that the Inter7 folks may be running Maildrop + vdelivermail internally. If that's the case, do you have any insight on this problem? Workarounds, or what needs happen development wise to fix it? Is it actually a maildrop problem? Thanks a lot, Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] Maildrop failures with vdelivermail
To sum up again, he says the problem "is because vdelivermail exits, before it read the pipe completly. vdelivermail simply checks whether the receipient is valid, and if not, exits at once, causing a SIGPIPE in maildrop." It should be possible to update vdelivermail to scan through to the end of the message before exiting. It might add some additional overhead, but I think that it would avoid the SIGPIPE. Tom, thanks for the response. I made the change to vdelivermail.c, recompiled, and the problem does indeed appear to have disappeared. I don't know if there's a specific way to make a patch, but here's a diff of the 5.4.9 vdelivermail.c against the one w/ my changes: 1027a1028 while((read(0,msgbuf,MSG_BUF_SIZE))>0); 1054a1056 while((read(0,msgbuf,MSG_BUF_SIZE))>0); Is this acceptable? Thanks, Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
Re: [vchkpw] Maildrop failures with vdelivermail
A unified diff (diff -u) is better, since it provides context for the changes and makes it easier for someone to manually make the change. Here's a unified diff against the 5.4.9 version. Let me know if you need anything different. Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS maildrop-sigpipe.patch Description: Binary data
Re: [vchkpw] local delivery reentrancy issues?
Ah, that's what I was concerned about. Temp files aren't the issue, but rather shared files that are updated as side-effects of the messages going through. Darn! Thanks, Kurt If possible turn those shared files into a MySQL database - then you can let MySQL worry about all the locking etc for you :) Paul
Re: [vchkpw] Change default domain admin
Hi, vmoduser -a -a ( grant qmailadmin administrator privileges) Regards, Rick For those of us who don't use qmailadmin, but do use vpopmail, what is the affect of giving qmailadmin administrator privileges to a user, in qmailadmin? How is it related to the postmaster account? Second, would it be a problem to just delete the postmaster account and create an alias that replaces it? Thanks, Paul
Re: [vchkpw] Change default domain admin
Should we make some updates to vadddomain to automatically create an alias from abuse to postmaster? We could make that the default and have an option to override it with a particular address... Agreed, following both RFCs would be ideal. I think this would be done anyway but wanted to mention it - the alias backend should be whatever vpopmail was compiled with (MySQL or .qmail files or whatever), instead of just .qmail-abuse file (I believe I remember reading that qmailadmin only deals with the .qmail variety, but I apologize if I'm mistaken, I don't use qmailadmin). Paul
Re: [vchkpw] Re: Segfaulting in vadddomain
I believe I've seen this happen when the vpopmail/vchkpw user/group ids are incorrect - that is, they don't match the value specified in the assign file. Paul -- Paul Oehler NEXCESS.NET Internet Solutions http://nexcess.net 304 1/2 S. State St. Ann Arbor, MI 48104 1.866.NEXCESS
