Re: [vchkpw] vpopmail + billing server integration
- Original Message - From: "Michael Bowe" <[EMAIL PROTECTED]> > - Original Message - > From: "Chris Ess" <[EMAIL PROTECTED]> > > (I know this is getting offtopic...) So I could use an INSERT statement in > > SQL instead of vadduser? Or am I not understanding this correctly? > > Yes that feature has been around for a while > > It has definitely been discussed in the archives of this list, but I would > agree that I don't remember seeing it mentioned in the docs. I will take a stab at updating the README.mysql with this info Also I will include a note that points out that with the mysql backend, you can add your own columns to the table. This allows you to store other information per user, and it doesn't affect vpopmail's operation in any way. It my ISP we added an additional column "mailbox_owner" so that when we provisioned additional mailboxes for a dialup customer, we could store the "owners" account details in this column. This made it easy for us to locate and zap these extra mailboxes should that dialup customer ever close their account Michael.
Re: [vchkpw] vpopmail + billing server integration
- Original Message - From: "Chris Ess" <[EMAIL PROTECTED]> > On Wed, 8 Sep 2004, Ken Jones wrote: > > > Use mysql on the email server. Have the billing system > > insert an entry in the vpopmail table, leaving the directory > > field blank. vpopmail will automatically create the users > > directory and update the database when any program > > tries to deliver mail to the user, or authenticate as the user. > > That's really neat! I didn't realize you could do this. (Now someone > will tell me that it's in the documentation that I seem to've not read > recently.) > > (I know this is getting offtopic...) So I could use an INSERT statement in > SQL instead of vadduser? Or am I not understanding this correctly? Yes that feature has been around for a while It has definitely been discussed in the archives of this list, but I would agree that I don't remember seeing it mentioned in the docs. I use this feature to allow an IIS webserver to create mailboxes on my vpopmail server. This is achieved by using an ASP script that creates an appropriate record and inserts it into the vpopmail MySQL. Of course the same sort of thing could be achieved using Apache/PHP. I have some more information and some example code here : http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm#Example_scripts ps. one catch with inserting users directly... The mailbox on the disk isnt created until the 1st POP/IMAP login is done, or the 1st mailbox message is received. This can cause a glitch with qmailadmin, because if the user tries to login to qmailadmin before their mailbox on the disk exists, qmailadmin will barf because it cant write a lockfile to the user's dir. So when I insert users directly, the same script also sends the user a "welcome" message to ensure that the mailbox is created immediately. Michael.
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 1:25 pm, Ken Jones wrote: > On Wednesday 08 September 2004 12:03 pm, Jesse Guardiani wrote: > > On Wednesday 08 September 2004 12:42 pm, Ken Jones wrote: > > > Hi, > > > > > > Here is something we built into vpopmail for sites like yours. > > > > > > Use mysql on the email server. Have the billing system > > > insert an entry in the vpopmail table, leaving the directory > > > field blank. vpopmail will automatically create the users > > > directory and update the database when any program > > > tries to deliver mail to the user, or authenticate as the user. > > > > > > If the mysql connection fails, write the user information to > > > a flat file. Then have a cron job check for updates to the > > > file and send them over to the mysql server when it becomes > > > available. > > > > That's neat. In which version was this feature added? > > I'm not sure. A couple years ago at least. > > Another alternative is to use the new vpopmail daemon running > under tcpserver. It uses simple text commands. > Authenticate, then add/delete users, or whatever. Wow. That sounds ideal. The last time I RTFM was in 2002 or 2003, I think. I haven't upgraded since then, so I guess it's time to read about the new features. So, vpopmail is a sourceforge project now? Is inter7 still a heavy developer, or are you guys getting more attached to the bottom line these days? I think going with sourceforge was a great idea, BTW. Thanks Ken! -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 12:25 pm, Chris Ess wrote: > On Wed, 8 Sep 2004, Ken Jones wrote: > > Hi, > > > > Here is something we built into vpopmail for sites like yours. > > > > Use mysql on the email server. Have the billing system > > insert an entry in the vpopmail table, leaving the directory > > field blank. vpopmail will automatically create the users > > directory and update the database when any program > > tries to deliver mail to the user, or authenticate as the user. > > That's really neat! I didn't realize you could do this. (Now someone > will tell me that it's in the documentation that I seem to've not read > recently.) It is probably in the mailing list archives. I'm not sure if anyone has updated the documentation. > > (I know this is getting offtopic...) So I could use an INSERT statement in > SQL instead of vadduser? Or am I not understanding this correctly? That is the idea. A while back some folks wanted to hook up their billing systems to vpopmail. Basicly they would insert into the vpopmail sql table. The only thing they couldn't do easily was create the hashed directory path. So we put in vpopmail code to check if the path is blank and automatically create the new path and update the database. You will also need to set the encrypted password using mysql's CRYPT function. Mysql's standard encryption functions are not compatible with unix/linux. Ken
Re: [vchkpw] vpopmail + billing server integration
On Wed, 8 Sep 2004, Ken Jones wrote: > Hi, > > Here is something we built into vpopmail for sites like yours. > > Use mysql on the email server. Have the billing system > insert an entry in the vpopmail table, leaving the directory > field blank. vpopmail will automatically create the users > directory and update the database when any program > tries to deliver mail to the user, or authenticate as the user. That's really neat! I didn't realize you could do this. (Now someone will tell me that it's in the documentation that I seem to've not read recently.) (I know this is getting offtopic...) So I could use an INSERT statement in SQL instead of vadduser? Or am I not understanding this correctly? Sincerely, Chris Ess System Administrator / CDTT (Certified Duct Tape Technician)
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 12:03 pm, Jesse Guardiani wrote: > On Wednesday 08 September 2004 12:42 pm, Ken Jones wrote: > > Hi, > > > > Here is something we built into vpopmail for sites like yours. > > > > Use mysql on the email server. Have the billing system > > insert an entry in the vpopmail table, leaving the directory > > field blank. vpopmail will automatically create the users > > directory and update the database when any program > > tries to deliver mail to the user, or authenticate as the user. > > > > If the mysql connection fails, write the user information to > > a flat file. Then have a cron job check for updates to the > > file and send them over to the mysql server when it becomes > > available. > > That's neat. In which version was this feature added? I'm not sure. A couple years ago at least. Another alternative is to use the new vpopmail daemon running under tcpserver. It uses simple text commands. Authenticate, then add/delete users, or whatever. Ken
Re: [vchkpw] vpopmail + billing server integration
On Wed, 8 Sep 2004, Jesse Guardiani wrote: > On Wednesday 08 September 2004 11:19 am, Chris Ess wrote: [behold, the power of mail scissors! snip snip] > > Have you considered > > > > 1. A VPN between the two? > > solves encryption, but not persistence. Also, that's a rather heavy-weight > solution. I didn't say it was a clean or nice solution, did I? ^_^ This was to deal with connecting the two servers in my mind. I realized afterwards that this wouldn't be necessary. It's been a long week already (and I had Monday off too). > > 2. Using an on-demand connection method rather than a persistent method? > > Trying to avoid it. Our CSRs see the billing server pause while the hook > executes to provision a service. I want to keep that pause time to a minimum. That depends on if a scripted SSH connection or whatever you use takes a long time to execute. When I used it, the Net::SSH perl module is pretty fast and added negligible time. > > 3. Just connecting to a dedicated socket or service rather than SSH? > > Not secure, and how would that work? I thought vpopmail's only manipulation > system is either SQL or command line based... It would work however you want it to. This suggestion would require building your own methods (or finding something someone else has done). You could make it as secure or as insecure as you like. You might also want to look at the vpopmail daemon in development. (Which reminds me that I need to subscribe to that list.) > > 4. The security issues inherent in connecting your billing server to your > > mailserver? > > Sure. People do it all the time, right? It's not my favorite idea and not one I would implement myself if I had a choice -- but, then again, I'm very used to the idea of the accounting and technical departments being separate and us techs not getting access to the accounting systems or data. > > To keep this topic vaguely vpopmail-related, have you considered keeping > > all of the necessary vpopmail information (or at least most of it) in a > > MySQL database or some other separate data repository and having something > > on your billing server update that? > > It's been suggested. I'm not happy with that solution though. I'd rather keep > it command line based. Okay. Then you're pretty much chained to the SSH solution unless you want to craft another one. > > (Or, alternatively, why not run the > > MySQL database on your billing server if you go that route? > > Kills scalability. Bad solution. I suggested this because this would create the illusion of persistence. I'd much rather run it on a different server altogether. I don't know if I'd say it kills scalability though. You can run a qmail/vpopmail server cluster based around a MySQL database without too much of a problem. Sincerely, Chris Ess System Administrator / CDTT (Certified Duct Tape Technician)
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 12:42 pm, Ken Jones wrote: > Hi, > > Here is something we built into vpopmail for sites like yours. > > Use mysql on the email server. Have the billing system > insert an entry in the vpopmail table, leaving the directory > field blank. vpopmail will automatically create the users > directory and update the database when any program > tries to deliver mail to the user, or authenticate as the user. > > If the mysql connection fails, write the user information to > a flat file. Then have a cron job check for updates to the > file and send them over to the mysql server when it becomes > available. That's neat. In which version was this feature added? -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 12:18 pm, Daniel Ciulinaru wrote: > Would you consider using IPSec? As far as I know, IPSec encrypts packets at > IP level so you'll avoid batch operations. If it's the only way to go, then yes, I would consider it. How would that work? Would I run an NFS client on the billing server? Or would I log in via rsh from the billing server to the mail server? That last choice solves the overhead of starting an encrypted connection, but you've still got the overhead of starting a remote shell. I'd rather just have a dedicated remote shell. > - Original Message - > From: "Jesse Guardiani" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, September 08, 2004 6:10 PM > Subject: [vchkpw] vpopmail + billing server integration > > > > Hello, > > > > I have a vpopmail server that I would like to integrate with > > my billing server. The billing server is behind a firewall, and > > the mail server is not. > > > > I'd like to connect via an encrypted shell, like SSH, but I'd > > also like the connection to be persistent, to avoid connection > > costs for batch operations. I'd also like to provide a FIFO > > queue mechanism so that if the mail server reboots, anyone > > working on the billing server won't get error messages when > > they attempt to provision services. Then, when the mail server > > comes back up, the SSH tunnel is re-established and the > > queued operations begin to execute. > > > > However, so far in my google searches I haven't seen anything > > that would help me implement a persistent SSH connection > > with a FIFO queue. > > > > Can anyone give me tips? > > > > Thanks! > > > > -- > > Jesse Guardiani, Systems Administrator > > WingNET Internet Services, > > P.O. Box 2605 // Cleveland, TN 37320-2605 > > 423-559-LINK (v) 423-559-5145 (f) > > http://www.wingnet.net > > > > > > -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
Re: [vchkpw] vpopmail + billing server integration
On Wednesday 08 September 2004 11:19 am, Chris Ess wrote: > > I'd like to connect via an encrypted shell, like SSH, but I'd > > also like the connection to be persistent, to avoid connection > > costs for batch operations. I'd also like to provide a FIFO > > queue mechanism so that if the mail server reboots, anyone > > working on the billing server won't get error messages when > > they attempt to provision services. Then, when the mail server > > comes back up, the SSH tunnel is re-established and the > > queued operations begin to execute. > > > > However, so far in my google searches I haven't seen anything > > that would help me implement a persistent SSH connection > > with a FIFO queue. > > > > Can anyone give me tips? > > Have you considered > > 1. A VPN between the two? solves encryption, but not persistence. Also, that's a rather heavy-weight solution. > 2. Using an on-demand connection method rather than a persistent method? Trying to avoid it. Our CSRs see the billing server pause while the hook executes to provision a service. I want to keep that pause time to a minimum. > 3. Just connecting to a dedicated socket or service rather than SSH? Not secure, and how would that work? I thought vpopmail's only manipulation system is either SQL or command line based... > 4. The security issues inherent in connecting your billing server to your > mailserver? Sure. People do it all the time, right? > To keep this topic vaguely vpopmail-related, have you considered keeping > all of the necessary vpopmail information (or at least most of it) in a > MySQL database or some other separate data repository and having something > on your billing server update that? It's been suggested. I'm not happy with that solution though. I'd rather keep it command line based. > (Or, alternatively, why not run the > MySQL database on your billing server if you go that route? Kills scalability. Bad solution. -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
Re: [vchkpw] vpopmail + billing server integration
Hi, Here is something we built into vpopmail for sites like yours. Use mysql on the email server. Have the billing system insert an entry in the vpopmail table, leaving the directory field blank. vpopmail will automatically create the users directory and update the database when any program tries to deliver mail to the user, or authenticate as the user. If the mysql connection fails, write the user information to a flat file. Then have a cron job check for updates to the file and send them over to the mysql server when it becomes available. Hope that helps, Ken Jones On Wednesday 08 September 2004 10:10 am, you wrote: > Hello, > > I have a vpopmail server that I would like to integrate with > my billing server. The billing server is behind a firewall, and > the mail server is not. > > I'd like to connect via an encrypted shell, like SSH, but I'd > also like the connection to be persistent, to avoid connection > costs for batch operations. I'd also like to provide a FIFO > queue mechanism so that if the mail server reboots, anyone > working on the billing server won't get error messages when > they attempt to provision services. Then, when the mail server > comes back up, the SSH tunnel is re-established and the > queued operations begin to execute. > > However, so far in my google searches I haven't seen anything > that would help me implement a persistent SSH connection > with a FIFO queue. > > Can anyone give me tips? > > Thanks! ---
Re: [vchkpw] vpopmail + billing server integration
Would you consider using IPSec? As far as I know, IPSec encrypts packets at IP level so you'll avoid batch operations. - Original Message - From: "Jesse Guardiani" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 08, 2004 6:10 PM Subject: [vchkpw] vpopmail + billing server integration Hello, I have a vpopmail server that I would like to integrate with my billing server. The billing server is behind a firewall, and the mail server is not. I'd like to connect via an encrypted shell, like SSH, but I'd also like the connection to be persistent, to avoid connection costs for batch operations. I'd also like to provide a FIFO queue mechanism so that if the mail server reboots, anyone working on the billing server won't get error messages when they attempt to provision services. Then, when the mail server comes back up, the SSH tunnel is re-established and the queued operations begin to execute. However, so far in my google searches I haven't seen anything that would help me implement a persistent SSH connection with a FIFO queue. Can anyone give me tips? Thanks! -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
Re: [vchkpw] vpopmail + billing server integration
> I'd like to connect via an encrypted shell, like SSH, but I'd > also like the connection to be persistent, to avoid connection > costs for batch operations. I'd also like to provide a FIFO > queue mechanism so that if the mail server reboots, anyone > working on the billing server won't get error messages when > they attempt to provision services. Then, when the mail server > comes back up, the SSH tunnel is re-established and the > queued operations begin to execute. > > However, so far in my google searches I haven't seen anything > that would help me implement a persistent SSH connection > with a FIFO queue. > > Can anyone give me tips? Have you considered 1. A VPN between the two? 2. Using an on-demand connection method rather than a persistent method? 3. Just connecting to a dedicated socket or service rather than SSH? 4. The security issues inherent in connecting your billing server to your mailserver? To keep this topic vaguely vpopmail-related, have you considered keeping all of the necessary vpopmail information (or at least most of it) in a MySQL database or some other separate data repository and having something on your billing server update that? (Or, alternatively, why not run the MySQL database on your billing server if you go that route? That gets around the connection issues mentioned above although it does not fix any possible security issues.) Sincerely, Chris Ess System Administrator / CDTT (Certified Duct Tape Technician)
[vchkpw] vpopmail + billing server integration
Hello, I have a vpopmail server that I would like to integrate with my billing server. The billing server is behind a firewall, and the mail server is not. I'd like to connect via an encrypted shell, like SSH, but I'd also like the connection to be persistent, to avoid connection costs for batch operations. I'd also like to provide a FIFO queue mechanism so that if the mail server reboots, anyone working on the billing server won't get error messages when they attempt to provision services. Then, when the mail server comes back up, the SSH tunnel is re-established and the queued operations begin to execute. However, so far in my google searches I haven't seen anything that would help me implement a persistent SSH connection with a FIFO queue. Can anyone give me tips? Thanks! -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
