[vchkpw][OT] roaming users and dovecot
I know, it's not a specific vpopmail question, more of a how to make dovecot work better with vpopmail? kind of help shout. Here it is: Does anyone know if there has been done any more work towards making dovecot compliant with vpopmail's roaming users functionality? I have seen a patch posted on this mailing list in december 2007, but it was for an older version of dovecot. Does anyone know if that patch (Ed, can you help me out?) is still appliable to the current stable version (1.1.5)? I need to add imap to a production server that only offers pop3 access to customers at the moment. The server in question was setup a number of years ago, so everything is a bit old. That's why i want to avoid recompiling qmail to add smtp-auth capability (an operation i do not master yet). If you're going to ask why dovecot?, the answer is simple: courier-imap can no longer authenticate against vpopmail, and it's been mentioned quite a few times in this mailing list that dovecot is a much better alternative. But, if you can suggest another imap server that meets the criteria (GNU licensed, not a nightmare to set up, can work well with qmail+vpopmail, has maildirquota++ support, doesn't break vpopmail's roaming users) please do! Thanks. Bogdan !DSPAM:4903571732311513114774!
[vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Hi, I used Bill Schupp's Qmail Toaster to install the following: autorespond-2.0.4 - courier-authlib-0.58 - courier-imap-4.1.2 - netqmail-1.05 - toaster-scripts-0.8.1 - ucspi-tcp-0.88 Everything works as expected except for the fact that open-smtp is NOT being updated by courier-imap upon login. Pop3 logins authenticate and update the open-smtp properly. I googled and read practically all the info on this topic, but it seems that nothing I do will get courier-imap to update the open-smtp file!! I did do:: export CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --with-authvchkpw --without-authdaemon My tcp.smtp contains: 127.:allow,RELAYCLIENT= 192.168.0.:allow,RELAYCLIENT= Have I missed something out? Any ideas or pointers will be welcome. Much thanks and rgds. Otto Rodusek.
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
IMAP-before-SMTP is possible when using Courier-IMAP v3.x. However it only works when configured --with-authvchkpw --without-authdaemon. When running --without-authdaemon, Courier-IMAP's authvchkpw code is able to make use of vpopmail's roaming user functions to allow IMAP-before-SMTP functionality. IMAP-before-SMTP is not possible when Courier-IMAP has been complied --with-authdaemon, because in this mode the user's IP address is not made available to the authvchkpw code (via the TCPREMOTEIP env var). Also note that in Courier-IMAP v4.x and later, --without-authdaemon functionality is no longer available thus preventing IMAP-before-SMTP from working. Hope that helps! Michael. - Original Message - From: Otto Rodusek (AP-SGP) [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, February 08, 2007 8:04 PM Subject: [vchkpw] qmail+vpopmail smtp-auth for roaming-users] Hi, I used Bill Schupp's Qmail Toaster to install the following: autorespond-2.0.4 - courier-authlib-0.58 - courier-imap-4.1.2 - netqmail-1.05 - toaster-scripts-0.8.1 - ucspi-tcp-0.88 Everything works as expected except for the fact that open-smtp is NOT being updated by courier-imap upon login. Pop3 logins authenticate and update the open-smtp properly. I googled and read practically all the info on this topic, but it seems that nothing I do will get courier-imap to update the open-smtp file!! I did do:: export CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --with-authvchkpw --without-authdaemon My tcp.smtp contains: 127.:allow,RELAYCLIENT= 192.168.0.:allow,RELAYCLIENT= Have I missed something out? Any ideas or pointers will be welcome. Much thanks and rgds. Otto Rodusek. -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.17.30/674 - Release Date: 7/02/2007 3:33 PM
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? Am I missing something?? Again thanks for your reply. Best regards. Otto. PS: Does your email imply that I need to downgrade my courier-imap down to v3.x to allow remote users to be able to send mail?? Michael Bowe wrote: IMAP-before-SMTP is possible when using Courier-IMAP v3.x. However it only works when configured --with-authvchkpw --without-authdaemon. When running --without-authdaemon, Courier-IMAP's authvchkpw code is able to make use of vpopmail's roaming user functions to allow IMAP-before-SMTP functionality. IMAP-before-SMTP is not possible when Courier-IMAP has been complied --with-authdaemon, because in this mode the user's IP address is not made available to the authvchkpw code (via the TCPREMOTEIP env var). Also note that in Courier-IMAP v4.x and later, --without-authdaemon functionality is no longer available thus preventing IMAP-before-SMTP from working. Hope that helps! Michael. - Original Message - From: Otto Rodusek (AP-SGP) [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, February 08, 2007 8:04 PM Subject: [vchkpw] qmail+vpopmail smtp-auth for roaming-users] Hi, I used Bill Schupp's Qmail Toaster to install the following: autorespond-2.0.4 - courier-authlib-0.58 - courier-imap-4.1.2 - netqmail-1.05 - toaster-scripts-0.8.1 - ucspi-tcp-0.88 Everything works as expected except for the fact that open-smtp is NOT being updated by courier-imap upon login. Pop3 logins authenticate and update the open-smtp properly. I googled and read practically all the info on this topic, but it seems that nothing I do will get courier-imap to update the open-smtp file!! I did do:: export CFLAGS=-DHAVE_OPEN_SMTP_RELAY ./configure --with-authvchkpw --without-authdaemon My tcp.smtp contains: 127.:allow,RELAYCLIENT= 192.168.0.:allow,RELAYCLIENT= Have I missed something out? Any ideas or pointers will be welcome. Much thanks and rgds. Otto Rodusek. -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.17.30/674 - Release Date: 7/02/2007 3:33 PM
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? Am I missing something?? The solution is simple - use SMTP-AUTH instead of imap-before-smtp. If they can authenticate via IMAP, using SMTP-AUTH-patched qmail can also use vchkpw to authenticate against the vpopmail database. I understand the desire to make things easy for the users by letting them use imap-before-smtp, but it's really not the best way to do things these days... If you really, truely must use imap-before-smtp, use a different IMAP server. Josh -- Joshua Megerman SJGames MIB #5273 - OGRE AI Testing Division You can't win; You can't break even; You can't even quit the game. - Layman's translation of the Laws of Thermodynamics [EMAIL PROTECTED]
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Otto Rodusek (AP-SGP) wrote: Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? I believe that is correct. Courier no longer provides the IP address needed to authenticate roaming users. Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? SMTP Auth. Have the roaming users login to smtp by adding a user name and password to the outgoing mail server configuration of their browser, and enable that function. (The same one they use to receive mail) Since you are using Bill Shupp's toaster, it should already be installed on your server.
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Rick Widmer([EMAIL PROTECTED])@Thu, Feb 08, 2007 at 07:49:31AM -0700: Otto Rodusek (AP-SGP) wrote: Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? I believe that is correct. Courier no longer provides the IP address needed to authenticate roaming users. Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? SMTP Auth. Have the roaming users login to smtp by adding a user name and password to the outgoing mail server configuration of their browser, and enable that function. (The same one they use to receive mail) Since you are using Bill Shupp's toaster, it should already be installed on your server. SMTP Auth is the only way to go...I've tried every other method and they just don't work well. -- ~Allie D. The chief cause of problems is solutions. -- Eric Sevareid
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Hi Joshua, Thanks for the reply. The majority of my users are using pop3 - however I have a handful of senior execs that need/want to use imap (this is tied to our webmail wapmail interfaces). This cutomer was an existing user of qmail/vpopmail/courier (installed in 2003) however we just recently went through a major upgrade. The old system worked quite well (with open-smtp) for both pop3 and imap users. It appears from Micheal Bowe's reply that courier-imap v4.xx no longer supports this (but apparentl;y 3.0.8 does) - so I guess I will need to try and install the older version of courier-imap - unless I can find a diif but easy solution. Rgds. Otto. Joshua Megerman wrote: Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? Am I missing something?? The solution is simple - use SMTP-AUTH instead of imap-before-smtp. If they can authenticate via IMAP, using SMTP-AUTH-patched qmail can also use vchkpw to authenticate against the vpopmail database. I understand the desire to make things easy for the users by letting them use imap-before-smtp, but it's really not the best way to do things these days... If you really, truely must use imap-before-smtp, use a different IMAP server. Josh
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users]
Hi All, Much thanks for all the helpful replies. I have reverted back to courier-imap v3.0.8, and all is now working as expected - open-smtp is being updated properly by both imap and pop3. Again thanks for quick replies and for pointing me in the right direction to resolve this!! Best regards to all. Otto. Rick Widmer wrote: Otto Rodusek (AP-SGP) wrote: Hi Micheal, Thanks for the reply. Indeed, I did use the --with-authvchkpw --without-authdaemon but it made no difference. If I understand your email correctly, since I'm using courier-imap 4.1.2 it is impossible for imap authentication to update the open-smtp file?? I believe that is correct. Courier no longer provides the IP address needed to authenticate roaming users. Hence it is IMPOSSIBLE for any roaming users to send mail?? So what's the solution (if any) - is it possible that ALL users who use courier-imap 4++ are unable to send email and this is acceptable to them?? SMTP Auth. Have the roaming users login to smtp by adding a user name and password to the outgoing mail server configuration of their browser, and enable that function. (The same one they use to receive mail) Since you are using Bill Shupp's toaster, it should already be installed on your server.
Re: [vchkpw] qmail+vpopmail smtp-auth for roaming-users
did u apply the patch to qmail? check shupp.org Remo Winanjaya - CBN wrote: Dear Expert, I need help for setting up qmail+vpopmail smtp-auth with roaming-users I had configured vpopmail with --enable-roaming-users= y option my /var/qmail/supervise/qmail-smtpd/run as follow: #!/bin/sh PATH=$PATH:/usr/local/bin:/var/qmail/bin export PATH VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 500 \ /usr/local/bin/tcpserver -H -R -v -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMT PD -u $VPOPMAILUID -g $VPOPMAILGID 0 25 qmail-smtpd mail2.lippogeneral.com /home/vpopmail/bin/vchkpw /bin/true 21 and my /home/vpopmail/etc/tcp.smtp below: :allow,RBLSMTPD=,REQUIREAUTH= why .. I still not able to relay .. see below message: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '[EMAIL PROTECTED]'. Subject 'test', Account: 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79 *** Our outgoing mail has been scanned by MSS. ***-*** !DSPAM:45b5b3dd111671804284693!
RE: [vchkpw] qmail+vpopmail smtp-auth for roaming-users
Your /var/qmail/supervise/qmail-smtpd/run file looks fine. Add the following line in your /etc/tcp.smtp 127.:allow,RELAYCLIENT= and run qmailctl cdb then try... Regards, Manish Jain (Sr. Engineer - IDC) Hughes Communications India Ltd. Plot-1, Sector-18, Electronic City, Gurgaon. Email: [EMAIL PROTECTED] Ph. : 91 124 3072681 91 124 3072589 -Original Message- From: Winanjaya - CBN [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 12:38 PM To: vchkpw@inter7.com Subject: [vchkpw] qmail+vpopmail smtp-auth for roaming-users Dear Expert, I need help for setting up qmail+vpopmail smtp-auth with roaming-users I had configured vpopmail with --enable-roaming-users= y option my /var/qmail/supervise/qmail-smtpd/run as follow: #!/bin/sh PATH=$PATH:/usr/local/bin:/var/qmail/bin export PATH VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 500 \ /usr/local/bin/tcpserver -H -R -v -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMT PD -u $VPOPMAILUID -g $VPOPMAILGID 0 25 qmail-smtpd mail2.lippogeneral.com /home/vpopmail/bin/vchkpw /bin/true 21 and my /home/vpopmail/etc/tcp.smtp below: :allow,RBLSMTPD=,REQUIREAUTH= why .. I still not able to relay .. see below message: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '[EMAIL PROTECTED]'. Subject 'test', Account: 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79 *** Our outgoing mail has been scanned by MSS. ***-***
[vchkpw] qmail+vpopmail smtp-auth for roaming-users
Dear Expert, I need help for setting up qmail+vpopmail smtp-auth with roaming-users I had configured vpopmail with --enable-roaming-users= y option my /var/qmail/supervise/qmail-smtpd/run as follow: #!/bin/sh PATH=$PATH:/usr/local/bin:/var/qmail/bin export PATH VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 500 \ /usr/local/bin/tcpserver -H -R -v -x /home/vpopmail/etc/tcp.smtp.cdb -c $MAXSMT PD -u $VPOPMAILUID -g $VPOPMAILGID 0 25 qmail-smtpd mail2.lippogeneral.com /home/vpopmail/bin/vchkpw /bin/true 21 and my /home/vpopmail/etc/tcp.smtp below: :allow,RBLSMTPD=,REQUIREAUTH= why .. I still not able to relay .. see below message: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '[EMAIL PROTECTED]'. Subject 'test', Account: 'mail.lippogeneral.com', Server: 'mail2.lippogeneral.com', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79 *** Our outgoing mail has been scanned by MSS. ***-***
Re: [vchkpw] Troubleshooting enable-roaming-users
Nope. I reinstalled, but still nothing. Further research turned up some threads that indicate that this is maybe just not supported with courier anymore? Can anybody confirm this? http://www.mail-archive.com/vchkpw@inter7.com/msg20495.html http://www.mail-archive.com/vchkpw@inter7.com/msg21945.html http://www.mail-archive.com/vchkpw@inter7.com/msg23726.html http://www.mail-archive.com/vchkpw@inter7.com/msg20745.html That is probably the final nail in this thread for me. I've been weighing the hassle between to enable roaming-users versus instructing all our users to reconfigure their MUAs to use SMTP-AUTH. Ok ok ok... Quinn On Thu, 2 Nov 2006 15:31:04 -0800, Tom Collins wrote: You probably just need to recompile/reinstall courier so it relinks libvpopmail and picks up the correct setting for roaming users. My guess is that your initial install didn't support roaming users, but you updated vpopmail later to enable it. libvpopmail is always statically linked (for now) so updating vpopmail requires updates to Courier-IMAP, QmailAdmin and any other app that links to libvpopmail.
Re: [vchkpw] Troubleshooting enable-roaming-users
Which doesn't use /home/vpopmail/bin/vchkpw, which would explain why POP3-SSL connections aren't being added to the database. use sslserver as ssl wrapper around tcpserver (part of http:// www.superscript.com/ucspi-ssl/intro.html. Then you still use vpopmail and popbeforesmtp works. You can use sslserver also to provide ssmtp/ smtps. So my question should then be: How to get Courier SSL connections to pass the connect message to vpopmail? I assume this is an issue for IMAP and IMAP-SSL users as well. as far as I know this was depreciated because SMTP-AUTH was considered the way to go. I have no solution for this. We only offer popbeforesmtp and no imapbeforesmtp (that is not as trivial as it looks). cheers andrej
Re: [vchkpw] Troubleshooting enable-roaming-users
On Nov 3, 2006, at 1:42 AM, Quinn Comendant wrote: Further research turned up some threads that indicate that this is maybe just not supported with courier anymore? Can anybody confirm this? Yes, that is correct. The vchkpw code embedded in courier-imap doesn't know the IP address of the end user, so it can't update the relay table. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Troubleshooting enable-roaming-users
Ah ha, so it is in the database rather than /home/vpopmail/etc/open-smtp. And...the database contains the IPs! mysql select * from relay; +++ | ip_addr| timestamp | +++ | 83.167.100.41 | 1162456105 | | 69.236.80.73 | 1162455951 | | 63.195.16.136 | 1162445324 | | 67.161.162.12 | 1162455940 | | 71.139.185.158 | 1162449362 | | 71.202.165.159 | 1162447742 | | 208.53.81.33 | 1162454384 | | 24.61.40.57| 1162455976 | +++ 8 rows in set (0.00 sec) Now checking tcp.smtp.cdb... [EMAIL PROTECTED]/0 ~]$grep 63.195.16.136 /etc/tcprules.d/tcp.smtp.cdb Binary file /etc/tcprules.d/tcp.smtp.cdb matches And my IP address is found! So...it *should* be working, but it's not. Arrr! Anything else I can look at? Quinn On Thu, 02 Nov 2006 08:24:57 +0100, andrej wrote: Yes! then you should check if you have the 'relay' table (and whats written there) in your vpopmail mysql table. You can also look at tcp.smtp.cdb with cat tcp.smtp.cdb. You find the listed IPs at the end of the dump. cheers andrej
Re: [vchkpw] Troubleshooting enable-roaming-users
And my IP address is found! well that shows that the problem is not with vpopmail. If I remember right your problem is that your clients cant do roaming so you will have to check if your smtpd is checking the tcp.smtp.cdb at all. I assume you use tcpserver... make sure that in your run script the command and path are set correct: tcpserver -x /path/to/your/tcp.smtp.cdb cheers andrej
Re: [vchkpw] Troubleshooting enable-roaming-users
It appears I have that correct too: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` BLACKLIST=`cat /var/qmail/control/blacklists` SMTPD=/var/qmail/bin/qmail-smtpd TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb RBLSMTPD=/usr/bin/rblsmtpd HOSTNAME=`hostname` VCHKPW=/home/vpopmail/bin/vchkpw exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \ -u $QMAILDUID -g $NOFILESGID 0 smtp \ $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 21 UPDATE: I discovered the whole system DOES work if I connect via POP3, but if I connect via POP3-SSL my IP address is *not* added to the vpopmail.relay database. My POP3-SSL run file is thus: #!/bin/sh HOSTNAME=`hostname --fqdn`; rm -rf ./env/*; cat /etc/courier/pop3d-ssl | /usr/bin/envconv; exec /usr/bin/envdir ./env/ \ /usr/bin/softlimit -m 900 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME 0 995 \ /usr/bin/couriertls -server -tcpd \ /usr/sbin/pop3login \ /usr/bin/pop3d Maildir 21 Which doesn't use /home/vpopmail/bin/vchkpw, which would explain why POP3-SSL connections aren't being added to the database. So my question should then be: How to get Courier SSL connections to pass the connect message to vpopmail? I assume this is an issue for IMAP and IMAP-SSL users as well. Quinn On Thu, 02 Nov 2006 10:49:21 +0100, andrej wrote: And my IP address is found! well that shows that the problem is not with vpopmail. If I remember right your problem is that your clients cant do roaming so you will have to check if your smtpd is checking the tcp.smtp.cdb at all. I assume you use tcpserver... make sure that in your run script the command and path are set correct: tcpserver -x /path/to/your/tcp.smtp.cdb cheers andrej
Re: [vchkpw] Troubleshooting enable-roaming-users
On Nov 2, 2006, at 2:59 PM, Quinn Comendant wrote: So my question should then be: How to get Courier SSL connections to pass the connect message to vpopmail? I assume this is an issue for IMAP and IMAP-SSL users as well. You probably just need to recompile/reinstall courier so it relinks libvpopmail and picks up the correct setting for roaming users. My guess is that your initial install didn't support roaming users, but you updated vpopmail later to enable it. libvpopmail is always statically linked (for now) so updating vpopmail requires updates to Courier-IMAP, QmailAdmin and any other app that links to libvpopmail. -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
[vchkpw] Troubleshooting enable-roaming-users
Hi y'all How can I troubleshoot why roaming users (POP-before-SMTP) isn't working for me? I've compiled vpopmail with --enable-roaming-users, and recompiled everything else after installing. But I still get a 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser). I'm not quite sure the mechanisms that allow this to work. vchkpw intercepts a pop/imap connection and appends the remote IP to a cdb file used by chkuser? Thanks for any direction pointing. Quinn
Re: [vchkpw] Troubleshooting enable-roaming-users
By default, there is a file called ~vpopmail/etc/open-smtp that is in the same format as tcp.smtp. The first thing to do would be to check that this file exists and your IP has been placed in it. That will ensure at least the first half of the process is working. After every authentication where an IP is added, this file is combined with /etc/tcp.smtp and hashed in /etc/tcp.smtp.cdb. You will also want to check that this file is being created and is writable by your vpopmail user. ___ Michael Johnson 626-852-9696 Ext. 103 System Administrator [EMAIL PROTECTED] PhD Computing http://www.phdcomputing.net/ Quinn Comendant wrote: Hi y'all How can I troubleshoot why roaming users (POP-before-SMTP) isn't working for me? I've compiled vpopmail with --enable-roaming-users, and recompiled everything else after installing. But I still get a 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser). I'm not quite sure the mechanisms that allow this to work. vchkpw intercepts a pop/imap connection and appends the remote IP to a cdb file used by chkuser? Thanks for any direction pointing. Quinn
Re: [vchkpw] Troubleshooting enable-roaming-users
Thanks for the explanation... On Wed, 01 Nov 2006 07:11:25 -0800, Michael Johnson wrote: By default, there is a file called ~vpopmail/etc/open-smtp that is in the same format as tcp.smtp. The first thing to do would be to check that this file exists and your IP has been placed in it. That will ensure at least the first half of the process is working. This file (~vpopmail/etc/open-smtp) is not being created. Directory permissions appear correct. After every authentication where an IP is added, this file is combined with /etc/tcp.smtp and hashed in /etc/tcp.smtp.cdb. You will also want to check that this file is being created and is writable by your vpopmail user. This file exists at /etc/tcprules.d/tcp.smtp.cdb and is writable by the vpopmail user. Any ideas why no open-smtp file was created? Thanks, Quinn PS: here is more info on the vpopmail package I'm running: [EMAIL PROTECTED]/0 ~]$rpm -qi vpopmail-toaster Name: vpopmail-toaster Relocations: (not relocatable) Version : 5.4.13Vendor: (none) Release : 1.3.5 Build Date: Sun 08 Oct 2006 01:02:24 AM CDT Install Date: Sun 08 Oct 2006 01:57:24 AM CDT Build Host: one.strangecode.com Group : Networking/Other Source RPM: vpopmail-toaster-5.4.13-1.3.5.src.rpm Size: 1805315 License: GPL Signature : (none) Packager: Nick Hemmesch [EMAIL PROTECTED] URL : http://www.inter7.com/vpopmail Summary : Vpopmail for qmail-toaster Description : vpopmail (vchkpw) is a collection of programs and a library to automate the creation and maintence of virtual domain email for qmail installations using either a single UID/GID, or any valid UID/GID in /etc/passwd with a home directory. All the features are provided in the library for other applications which need to maintain virtual domain email accounts. It supports named or IP based domains. It works with vqadmin, qmailadmin, vqregister, sqwebmail, and courier-imap. It supports MySQL, Sybase, Oracle, LDAP, and file-based (DJB constant database) authentication. It handles 10 to 10 million users, and over 500K domains. vpopmail 5.4.13 Current settings --- vpopmail directory = /home/vpopmail uid = 89 gid = 89 roaming users = ON --enable-roaming-users password learning = OFF --disable-learn-passwords (default) md5 passwords = ON --enable-md5-passwords (default) file locking = ON --enable-file-locking (default) vdelivermail fsync = OFF --disable-file-sync (default) make seekable = ON --enable-make-seekable (default) clear passwd = ON --enable-clear-passwd (default) user dir hashing = OFF --disable-users-big-dir address extensions = ON --enable-qmail-ext ip alias = OFF --disable-ip-alias-domains (default) auth module = mysql --enable-auth-module=mysql mysql replication = OFF --disable-mysql-replication (default) sql logging = OFF --disable-sql-logging (default) mysql limits = OFF --disable-mysql-limits (default) MySQL valias = ON --enable-valias auth inc = -I/usr/include/mysql auth lib = -L/usr/lib64/mysql -lmysqlclient -lz -lm system passwords = OFF --disable-passwd (default) pop syslog = log success and errors including passwords --enable-logging=v auth logging = ON --enable-auth-logging (default) one SQL table for all domains = --enable-many-domains (default)
Re: [vchkpw] Troubleshooting enable-roaming-users
do u use mysql? Remo Quinn Comendant wrote: Thanks for the explanation... On Wed, 01 Nov 2006 07:11:25 -0800, Michael Johnson wrote: This file (~vpopmail/etc/open-smtp) is not being created. Directory permissions appear correct. This file exists at /etc/tcprules.d/tcp.smtp.cdb and is writable by the vpopmail user. Any ideas why no open-smtp file was created? Thanks, Quinn PS: here is more info on the vpopmail package I'm running: [EMAIL PROTECTED]/0 ~]$rpm -qi vpopmail-toaster Name: vpopmail-toaster Relocations: (not relocatable) Version : 5.4.13Vendor: (none) Release : 1.3.5 Build Date: Sun 08 Oct 2006 01:02:24 AM CDT Install Date: Sun 08 Oct 2006 01:57:24 AM CDT Build Host: one.strangecode.com Group : Networking/Other Source RPM: vpopmail-toaster-5.4.13-1.3.5.src.rpm Size: 1805315 License: GPL Signature : (none) Packager: Nick Hemmesch [EMAIL PROTECTED] URL : http://www.inter7.com/vpopmail Summary : Vpopmail for qmail-toaster Description : vpopmail (vchkpw) is a collection of programs and a library to automate the creation and maintence of virtual domain email for qmail installations using either a single UID/GID, or any valid UID/GID in /etc/passwd with a home directory. All the features are provided in the library for other applications which need to maintain virtual domain email accounts. It supports named or IP based domains. It works with vqadmin, qmailadmin, vqregister, sqwebmail, and courier-imap. It supports MySQL, Sybase, Oracle, LDAP, and file-based (DJB constant database) authentication. It handles 10 to 10 million users, and over 500K domains. vpopmail 5.4.13 Current settings --- vpopmail directory = /home/vpopmail uid = 89 gid = 89 roaming users = ON --enable-roaming-users password learning = OFF --disable-learn-passwords (default) md5 passwords = ON --enable-md5-passwords (default) file locking = ON --enable-file-locking (default) vdelivermail fsync = OFF --disable-file-sync (default) make seekable = ON --enable-make-seekable (default) clear passwd = ON --enable-clear-passwd (default) user dir hashing = OFF --disable-users-big-dir address extensions = ON --enable-qmail-ext ip alias = OFF --disable-ip-alias-domains (default) auth module = mysql --enable-auth-module=mysql mysql replication = OFF --disable-mysql-replication (default) sql logging = OFF --disable-sql-logging (default) mysql limits = OFF --disable-mysql-limits (default) MySQL valias = ON --enable-valias auth inc = -I/usr/include/mysql auth lib = -L/usr/lib64/mysql -lmysqlclient -lz -lm system passwords = OFF --disable-passwd (default) pop syslog = log success and errors including passwords --enable-logging=v auth logging = ON --enable-auth-logging (default) one SQL table for all domains = --enable-many-domains (default)
Re: [vchkpw] Troubleshooting enable-roaming-users
Yes! Quinn On Wed, 01 Nov 2006 20:52:01 -0700, Remo Mattei wrote: do u use mysql? Remo Quinn Comendant wrote: Thanks for the explanation... On Wed, 01 Nov 2006 07:11:25 -0800, Michael Johnson wrote: This file (~vpopmail/etc/open-smtp) is not being created. Directory permissions appear correct. This file exists at /etc/tcprules.d/tcp.smtp.cdb and is writable by the vpopmail user. Any ideas why no open-smtp file was created? Thanks, Quinn PS: here is more info on the vpopmail package I'm running: [EMAIL PROTECTED]/0 ~]$rpm -qi vpopmail-toaster Name: vpopmail-toaster Relocations: (not relocatable) Version : 5.4.13Vendor: (none) Release : 1.3.5 Build Date: Sun 08 Oct 2006 01:02:24 AM CDT Install Date: Sun 08 Oct 2006 01:57:24 AM CDT Build Host: one.strangecode.com Group : Networking/Other Source RPM: vpopmail-toaster-5.4.13-1.3.5.src.rpm Size: 1805315 License: GPL Signature : (none) Packager: Nick Hemmesch [EMAIL PROTECTED] URL : http://www.inter7.com/vpopmail Summary : Vpopmail for qmail-toaster Description : vpopmail (vchkpw) is a collection of programs and a library to automate the creation and maintence of virtual domain email for qmail installations using either a single UID/GID, or any valid UID/GID in /etc/passwd with a home directory. All the features are provided in the library for other applications which need to maintain virtual domain email accounts. It supports named or IP based domains. It works with vqadmin, qmailadmin, vqregister, sqwebmail, and courier-imap. It supports MySQL, Sybase, Oracle, LDAP, and file-based (DJB constant database) authentication. It handles 10 to 10 million users, and over 500K domains. vpopmail 5.4.13 Current settings --- vpopmail directory = /home/vpopmail uid = 89 gid = 89 roaming users = ON --enable-roaming-users password learning = OFF --disable-learn-passwords (default) md5 passwords = ON --enable-md5-passwords (default) file locking = ON --enable-file-locking (default) vdelivermail fsync = OFF --disable-file-sync (default) make seekable = ON --enable-make-seekable (default) clear passwd = ON --enable-clear-passwd (default) user dir hashing = OFF --disable-users-big-dir address extensions = ON --enable-qmail-ext ip alias = OFF --disable-ip-alias-domains (default) auth module = mysql --enable-auth-module=mysql mysql replication = OFF --disable-mysql-replication (default) sql logging = OFF --disable-sql-logging (default) mysql limits = OFF --disable-mysql-limits (default) MySQL valias = ON --enable-valias auth inc = -I/usr/include/mysql auth lib = -L/usr/lib64/mysql -lmysqlclient -lz -lm system passwords = OFF --disable-passwd (default) pop syslog = log success and errors including passwords --enable-logging=v auth logging = ON --enable-auth-logging (default) one SQL table for all domains = --enable-many-domains (default)
Re: [vchkpw] Troubleshooting enable-roaming-users
Yes! then you should check if you have the 'relay' table (and whats written there) in your vpopmail mysql table. You can also look at tcp.smtp.cdb with cat tcp.smtp.cdb. You find the listed IPs at the end of the dump. cheers andrej
[vchkpw] Stupid roaming-users question
I've configured this before, but I can't figure out why it isn't working this time (new server). I compiled vpopmail with roaming users, and it's putting the open-smtp where it always has, under ~vpopmail/etc/. In the past, tcpserver always found it, AND the /etc/tcp.smtp.cdb file even though it was invoked thusly: -x/etc/tcp.smtp.cdb How does one get tcpserver to recognise the rules in both files? TIA, James Smallacombe PlantageNet, Inc. CEO and Janitor [EMAIL PROTECTED] http://3.am =
Re: [vchkpw] Re: Stupid roaming-users question
On Mon, 28 Aug 2006 [EMAIL PROTECTED] wrote: On Mon, 28 Aug 2006 [EMAIL PROTECTED] wrote: On Mon, 28 Aug 2006, Peter Palmreuther wrote: Hello List, On Monday, August 28, 2006 at 5:04:23 PM up wrote: I've configured this before, but I can't figure out why it isn't working this time (new server). I compiled vpopmail with roaming users, and it's putting the open-smtp where it always has, under ~vpopmail/etc/. In the past, tcpserver always found it, AND the /etc/tcp.smtp.cdb file even though it was invoked thusly: -x/etc/tcp.smtp.cdb How does one get tcpserver to recognise the rules in both files? Simple. Make /etc/tcp.smtp.cdb a symlink to ~vpopmail/etc/tcp.smtp.cdb. Sorry if I'm still confused...on the old server, I actually had simlinks the other way around. In ~vpopmail/etc/ I had simlinks to /etc/tcp.smtp and /etc/tcp.smtp.cdb and it worked. It doesn't on the new install. I tried reversing it the way you recommended, but it still doesn't work. (chowned vpopmail all the files, although open_smtp always gets created as root owned). I assume that somehow tcpserver either sees the open_smtp file when you do this, of its contents get somehow included in the tcp.smtp file, but I'm not seeing it...how does tcpserver know about the contents of the open_smtp file? replying to my own post...I found that FreeBSD ports, where I installed it from, for some reason has some nonsensical defaults, such as: --enable-tcpserver-file=/usr/local/vpopmail/etc/tcp.smtp yet, I put in a symlink from /usr/local/vpopmail/etc to /home/vpopmail/etc, which I would have thought would have fixed this, but it didn't... Please disregard...it did fix it, I just had to give vpopmail a minute to update the tcp.cdb. Sorry... James Smallacombe PlantageNet, Inc. CEO and Janitor [EMAIL PROTECTED] http://3.am =
Re: [vchkpw] Re: Stupid roaming-users question
I hope its the question thats stupid. We regretfully have no human-rights compatible fix for stupid users.
Re: [vchkpw] Re: Stupid roaming-users question
On Tue, 29 Aug 2006, Alex Borges wrote: I hope its the question thats stupid. We regretfully have no human-rights compatible fix for stupid users. Sorry for the unwanted noise...in my rush to install a bazillion different packages, it didn't occur to me that FreeBSD ports would default to what looks like a non-standard location for the cdb file. James Smallacombe PlantageNet, Inc. CEO and Janitor [EMAIL PROTECTED] http://3.am =
Re: [vchkpw] Re: Stupid roaming-users question
On Aug 28, 2006, at 11:56:03 MST, [EMAIL PROTECTED] wrote: On Tue, 29 Aug 2006, Alex Borges wrote: I hope its the question thats stupid. We regretfully have no human-rights compatible fix for stupid users. Sorry for the unwanted noise...in my rush to install a bazillion different packages, it didn't occur to me that FreeBSD ports would default to what looks like a non-standard location for the cdb file. James Smallacombe PlantageNet, Inc. CEO and Janitor [EMAIL PROTECTED] http://3.am == === man hier It is not non-standard for FreeBSD packages. vpopmail get's installed to /usr/local/vpopmail. This is in accordance with man hier. All FreeBSD packages install into /usr/local. /home, or rather /usr/home (/home is a symlink) is where user created files should live, not system libraries and binaries. From man hier: /usr local/local executables, libraries, etc. Also used as the default destination for the FreeBSD ports framework. Within local/, the general layout sketched out by hier for /usr should be used. Exceptions are the man directory (directly under local/ rather than under local/share/), ports documentation (in share/doc/port/), and /usr/local/etc (mimics /etc). NOTES This manual page documents the default FreeBSD file system layout, but the actual hierarchy on a given system is defined at the system adminis- trator's discretion. A well-maintained installation will include a cus- tomized version of this document. Bert JW Regeer smime.p7s Description: S/MIME cryptographic signature
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Thank you the problem has been solved - Original Message - From: Jeremy Kitchen [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Friday, May 19, 2006 7:28 PM Subject: Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Yes I use sslserver from ucspi-ssl. How can I solve this problem ? - Original Message - From: Jeremy Kitchen [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, May 18, 2006 11:22 PM Subject: Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
On Thursday 18 May 2006 23:19, Bulent wrote: Yes I use sslserver from ucspi-ssl. great :) How can I solve this problem ? now that you've finally given the information I asked you for, I can give you a better answer. make sure you have the -e flag set so that sslserver will set the $TCP* environment variables, which is what vchkpw uses to determine what IP is connecting to the server. the reason the -e flag exists at all is because ucspi-ssl provides a ucspi-compliant interface[1], but most programs just assume a TCP protocol (including, strangely, qmail-smtpd *boggle*) [1]: http://cr.yp.to/proto/ucspi.txt -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpkL0jxpJQHu.pgp Description: PGP signature
[vchkpw] Roaming-users could not work with secure pop3 ?
Hello I use vpopmail5.4 on qmail-1.03. I use securepop3 protocol (port 995 ) to incoming mails in my mail clients. When I use touch send/recieve or send an email to anyone with my vpopmail server, Vpopmail server could not write in open-smtp file. But When I use pop3 protocol (port 110) then it wrote open-smtp. How can I solve this problem ? Thanks
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
* Bulent [EMAIL PROTECTED] [2006-05-18 14:13:23 +0300]: I use securepop3 protocol (port 995 ) to incoming mails in my mail clients. When I use touch send/recieve or send an email to anyone with my vpopmail server, Vpopmail server could not write in open-smtp file. But When I use pop3 protocol (port 110) then it wrote open-smtp. How can I solve this problem ? http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml -- Kim Christensen We have just lost cabin pressure
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
On Thursday 18 May 2006 04:25, Kim Christensen wrote: * Bulent [EMAIL PROTECTED] [2006-05-18 14:13:23 +0300]: I use securepop3 protocol (port 995 ) to incoming mails in my mail clients. When I use touch send/recieve or send an email to anyone with my vpopmail server, Vpopmail server could not write in open-smtp file. But When I use pop3 protocol (port 110) then it wrote open-smtp. How can I solve this problem ? how are you enabling ssl? Are you using the sslserver program from ucspi-ssl? http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml way to COMPLETELY ignore the problem. *claps* -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpBU6Zs8g17W.pgp Description: PGP signature
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
That's to say, First I have to convert cdb database to mysql. don't I ? - Original Message - From: Jeremy Kitchen [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, May 18, 2006 7:43 PM Subject: Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
On Thursday 18 May 2006 11:04, Bulent wrote: That's to say, First I have to convert cdb database to mysql. don't I ? if you want to use that patch, yes, but that patch is not the solution to your problem. Please answer the question I asked you in the previous email. -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpe8iLhront2.pgp Description: PGP signature
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
I use openssl for secure pop3(port 995). Also I use cdb for database of users. - Original Message - From: Jeremy Kitchen [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: Thursday, May 18, 2006 9:07 PM Subject: Re: [vchkpw] Roaming-users could not work with secure pop3 ?
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
On Thursday 18 May 2006 12:53, Bulent wrote: I use openssl for secure pop3(port 995). ... right. What I meant was, are you using xinetd with some sort of ssl wrapper, or tcpserver with an ssl patch or sslserver from ucspi-ssl, or what? -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] http://ipaction.org/ -- defend your rights to fair use pgpaFGIPe5XLV.pgp Description: PGP signature
Re: [vchkpw] Roaming-users could not work with secure pop3 ?
My guess is that he's using a program that just encrypts a connection to localhost:110. If that's the case, it will appear that the user is coming from localhost, and therefore not possible to open up SMTP relaying for them. If you follow Bill Shupp's directions http://shupp.org/toaster/ for setting up pop/secure-pop, roaming-users should work. I'm a big fan of using SMTP AUTH instead of roaming-users (aka pop-before-smtp). If they configure their email client for SMTP AUTH, then you won't have to fix roaming-users for secure pop3. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
Re: [vchkpw] roaming-users issue
On Wed, 2005-12-28 at 09:56 +0200, Cristi Tauber wrote: hello ppl, i installed qmail + vpopmail + mysql + courier-imap on a debian 3.1 with kernel 2.6. vpopmail was configured as : ./configure --enable-logging=p --enable-auth-module=mysql \ --disable-passwd --enable-clear-passwd --disable-many-domains \ --enable-auth-logging --enable-sql-logging --enable-valias \ --disable-mysql-limits --enable-roaming-users \ --enable-relay-clear-minutes=120 --enable-learn-passwords \ --enable-libdir=/usr/lib see ?? enable-roaming-users ... qmail is with smtp-auth patch. if i put authentification on my outgoing server i can relay, but pop-before-smtp doesn't work !!! i try several vpopmail versions ... so i think is a configuration problem not vpopmail installation one. but ... i don't have a clue ... ideeas ??? Cristi a small add-on. i look-up in the relay table in mysql and the ip's authenticated with pop are there : mysql select * from relay; +++ | ip_addr| timestamp | +++ | 82.y.x.11 | 1135753861 | | 212.y.x.143| 1135756281 | +++ 2 rows in set (0.00 sec) but i cannot send : error #5.7.1 that domains insn't in my allowed rcphosts. cristi --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you.
[vchkpw] roaming-users issue
hello ppl, i installed qmail + vpopmail + mysql + courier-imap on a debian 3.1 with kernel 2.6. vpopmail was configured as : ./configure --enable-logging=p --enable-auth-module=mysql \ --disable-passwd --enable-clear-passwd --disable-many-domains \ --enable-auth-logging --enable-sql-logging --enable-valias \ --disable-mysql-limits --enable-roaming-users \ --enable-relay-clear-minutes=120 --enable-learn-passwords \ --enable-libdir=/usr/lib see ?? enable-roaming-users ... qmail is with smtp-auth patch. if i put authentification on my outgoing server i can relay, but pop-before-smtp doesn't work !!! i try several vpopmail versions ... so i think is a configuration problem not vpopmail installation one. but ... i don't have a clue ... ideeas ??? Cristi --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you.
Re: [vchkpw] many roaming users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Kitchen wrote: | On Wednesday 18 May 2005 12:45 pm, Payal Rathod wrote: | |Hi, |The other day a friend showed interest in qmail server. He is running |sendmail for many years and wants to shift to a better MTA (for his |moderately loaded server of 3 thousand users) during hardware change. I |have advised him qmail + vpopmail combo, but am scared of one thing |only. Can cdb handle that lot of recompiling (he surely does not want |any kind of sql) because almost all his users are roaming users? | | | don't use vpopmail's roaming-users functionality if you want pop-before-smtp | authentication, use Bruce Guenter's relay-ctrl package. vpopmail's roaming users should be fine for a smaller system such as this one. You wouldn't nessarily want to use it in a clustered environment, but it should be fine for a single-server, smaller configuration. If you're clustered, or planning on clustering, then Matt Simmerson's tcpserver patch would be a good alternative. | | However, I wouldn't even use pop-before-smtp.. I would set up SMTP | authentication and require that. Agreed. SMTP authentication is the prefered method these days, but, if because of your user-base, this is not feasable, roaming users should be fine in this type of environment. | | -Jeremy | - -- /* ~Matt Brookings [EMAIL PROTECTED] GnuPG Key 7D7E5F37 ~Software developer Systems technician ~Inter7 Internet Technologies, Inc. (815)776-9465 */ banner(Support open-source!\n); void banner(char *arg) { ~ char b[50]; ~ strcpy(b, arg); ~ printf(b); } -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFClLGZ/pZz8n1+XzcRAm+rAJ4iJXApD/Z0GWwAdcV7RP8VaV8GXQCgmkyy Cb7uXMI9JVzkWdm3DCX9S3U= =3x7N -END PGP SIGNATURE-
Re: [vchkpw] many roaming users
On Saturday 21 May 2005 11:05 am, Matt Simerson wrote: On May 18, 2005, at 3:39 PM, Jeremy Kitchen wrote: On Wednesday 18 May 2005 01:26 pm, Payal Rathod wrote: On Wed, May 18, 2005 at 01:15:22PM -0500, Jeremy Kitchen wrote: don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. Any particular reason why? vpopmail's roaming-users support is poorly designed, slow, and prone to failure. I'd like to see some evidence to back up this assertion. the fact that it's based around one file (actually, 3) that can theoretically be attempted to be updated many times simultaneously (requiring locking, etc) the open-smtp file has to be locked, old entries purged, then the cdb file has to be locked, and rebuilt. If you have 10k users and their mail clients check every .. 10 minutes.. you're rebuilding this giant tcp.smtp.cdb file quite often. with relay-ctrl, it simply creates a file in a directory for each IP allowed, and checks for old ones that should be removed. This is NFS safe, requires no locking (who cares if two processes try to create the same empty file at the same time), and is a lot more fault-tolerant. Plus, since the relay-ctrl software is independent of any other qmail process, no other qmail process needs to know the location of the relay-ctrl directory, whereas vpopmail's roaming users either requires you to change where your cdb file is, or tell it specifically where your cdb file is. Also.. some people use scripts to generate their tcp.smtp.cdb file, since tcprules simply generates a cdb file based on stdin. vpopmail's roaming users breaks this. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpJrYPfjsAjd.pgp Description: PGP signature
[vchkpw] Re: many roaming users
Hello Jeremy, On Tuesday, May 24, 2005 at 10:11:21 PM Jeremy wrote: vpopmail's roaming-users support is poorly designed, slow, and prone to failure. I'd like to see some evidence to back up this assertion. the fact that it's based around one file (actually, 3) that can theoretically be attempted to be updated many times simultaneously (requiring locking, etc) the open-smtp file has to be locked, old entries purged, then the cdb file has to be locked, and rebuilt. 'open-smtp' has to be locked, yes. But cdb file hasn't. It's rebuild in a temporary file and if build successfully the old one is removed and the new one renamed. In fact vpopmail makes use of 'tcprules' to create cdb file. with relay-ctrl, it simply creates a file in a directory for each IP allowed, and checks for old ones that should be removed. This is NFS safe, requires no locking (who cares if two processes try to create the same empty file at the same time), and is a lot more fault-tolerant. And with 10k users adds a lot of things to do to find the correct file to the file system, especially if this special directory is located on an ext2 or ext3 partition, which as we all know, does not scale very well if there are a lot of directory entries. Plus, since the relay-ctrl software is independent of any other qmail process, no other qmail process needs to know the location of the relay-ctrl directory, whereas vpopmail's roaming users either requires you to change where your cdb file is, or tell it specifically where your cdb file is. ** Deleting whatever '-x' points existing tcpserver-processes and replacing it with a symlink really is hard to do ... If one does not want to adjust startup script and edit '-x' parameter directly. Also.. some people use scripts to generate their tcp.smtp.cdb file, since tcprules simply generates a cdb file based on stdin. vpopmail's roaming users breaks this. Where? As far as I've understood vpopmail source it it simply opens 'tcprules' process, passes 'open-smtp' and 'tcp.smtp' contents to STDIN of this process, and that's it. Nothing that looks to me like 'breaking generating a cdb file based on stdin', especially nothing I'd call prone to fail. Sure, for some 10k users cdb might become slow, when it comes to many necessary cdb file recreations (i.e. many altering IP addresses). But that does not necessarily mean it's slow, poorly designed or prone to fail for anybody else with much less users. It's a good, known to work reliable, solution that perfectly integrates into existing tcpserver usage ... -- Best regards Peter Palmreuther Rap is to music what Etch-A-Sketch is to art.
Re: [vchkpw] many roaming users
On May 18, 2005, at 3:39 PM, Jeremy Kitchen wrote: On Wednesday 18 May 2005 01:26 pm, Payal Rathod wrote: On Wed, May 18, 2005 at 01:15:22PM -0500, Jeremy Kitchen wrote: don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. Any particular reason why? vpopmail's roaming-users support is poorly designed, slow, and prone to failure. I'd like to see some evidence to back up this assertion. One could argue all day about whether it's poorly designed, but as I recall, you were not there when it was designed. While I completely agree that smtp-auth is a better method of allowing users to relay, anyone with even a little bit of experience working in large scale ISP or other hosting environments knows exactly how much pain and real cost is involved in getting even a small number (hundreds) of clients to update their email settings. Most places assign a dollar value to every support call and when you start doing the math, if you have 10% of this fellows 3,000 users calling in because they can't figure out how to update their ancient version of (Eudora|Outlook|Netscape] from 1995 to use SMTP-AUTH, it's going to cost his company thousands of dollars. Telling him to depreciate the use of POP before SMTP simply isn't terribly practical advise. How exactly is vpopmail roaming-users slow? You authenticate and the IP is immediately stuffed into open-smtp, which is compiled into tcp.smtp that very same second. How is that slow? The user can relay immediately. I have 600,000 users who have never once complained about it being slow. I'm sure this fellows 3,000 users have never had a problem with it being slow and never will. It's only prone to failure if you're using clusters of servers, in which case you'll have lock contention when re-writing the tcp.smtp file on a NFS mount. This does not affect many users of vpopmail and would certainly not show up on a system with only 3,000 users. I was the first to use vpopmail in such an environment and had over 10,000 users on the system when I ran into it. The tcpserver-MySQL patch was written and it's worked great for me and many others since. That hack has worked extraordinarily well for thousands of mail servers since. relay-ctrl is not, and is even, in fact, safe to use over NFS (I've done it) Using relay-ctrl on NFS is no less of a hack. On any well designed system that uses NFS, a primary limitation of scale will be NFS r/w operations between the NFS clients and server. Most often the point of using NFS is scalability. Having a cluster of boxes delivering mail for hundreds of thousands of users can quickly saturate even a the beefiest of NFS servers. Thus, a wise systems engineer will do everything he can to avoid adding to that load. So, the question becomes whether you prefer to litter /var with thousands of IP address files or use a MySQL table to store IPs. Databases were invented just for such purposes and do the job quite admirably. Matt However, I wouldn't even use pop-before-smtp.. I would set up SMTP authentication and require that. His usersuMe too. But his users have grown used to it. I suggested starting SMTP-Auth on another port and slowly switching pop-before- smtp completely off. that's what email is so handy for. You send your users an email telling them they have to change in their mail clients, and give them a URL with some pictures and instructions, and notify your support staff about the change, and train them how to handle the situation.. then send that email every week for 3 months. After the 3 months is up, shut pop-before-smtp off. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] `` Matt Simersonhttp://matt.simerson.net The Network People Inc. http://www.tnpi.biz Show me a piano falling down a mineshaft and I'll show you A-flat minor.
[vchkpw] many roaming users
Hi, The other day a friend showed interest in qmail server. He is running sendmail for many years and wants to shift to a better MTA (for his moderately loaded server of 3 thousand users) during hardware change. I have advised him qmail + vpopmail combo, but am scared of one thing only. Can cdb handle that lot of recompiling (he surely does not want any kind of sql) because almost all his users are roaming users? With warm regards, -Payal
Re: [vchkpw] many roaming users
On Wednesday 18 May 2005 12:45 pm, Payal Rathod wrote: Hi, The other day a friend showed interest in qmail server. He is running sendmail for many years and wants to shift to a better MTA (for his moderately loaded server of 3 thousand users) during hardware change. I have advised him qmail + vpopmail combo, but am scared of one thing only. Can cdb handle that lot of recompiling (he surely does not want any kind of sql) because almost all his users are roaming users? don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. However, I wouldn't even use pop-before-smtp.. I would set up SMTP authentication and require that. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgp84VSwqcz1d.pgp Description: PGP signature
Re: [vchkpw] many roaming users
On Wed, May 18, 2005 at 01:15:22PM -0500, Jeremy Kitchen wrote: don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. Any particular reason why? However, I wouldn't even use pop-before-smtp.. I would set up SMTP authentication and require that. His usersuMe too. But his users have grown used to it. I suggested starting SMTP-Auth on another port and slowly switching pop-before-smtp completely off. With warm regards, -Payal
Re[2]: [vchkpw] many roaming users
On Wednesday, May 18, 2005, 8:26:08 PM, Payal wrote: On Wed, May 18, 2005 at 01:15:22PM -0500, Jeremy Kitchen wrote: don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. Any particular reason why? because it's better? opening relay for specific ip for 120minutes (default AFAIR) is not a good idea. Authenticating each user during SMTP session is much more secure than that. However, I wouldn't even use pop-before-smtp.. I would set up SMTP authentication and require that. His usersuMe too. But his users have grown used to it. I suggested starting SMTP-Auth on another port and slowly switching pop-before-smtp completely off. what for ? You can use smtp auth and pop-before-smtp together and give your users one or two months time to reconfigure their MUAs, and then switch it off. -- regards, Sylwester Biernacki [EMAIL PROTECTED]
Re: [vchkpw] many roaming users
Payal Rathod ha scritto: Hi, The other day a friend showed interest in qmail server. He is running sendmail for many years and wants to shift to a better MTA (for his moderately loaded server of 3 thousand users) during hardware change. I have advised him qmail + vpopmail combo, but am scared of one thing only. Can cdb handle that lot of recompiling (he surely does not want any kind of sql) because almost all his users are roaming users? I use roaming user with a ~ 1600 server, the system is made by 2 frontend and an NFS server, i've used this patch to make the roaming users function work with mysql instead of cdb over NFS: http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml The server works great since 3 years. Regards.
Re: [vchkpw] many roaming users
On Wednesday 18 May 2005 01:26 pm, Payal Rathod wrote: On Wed, May 18, 2005 at 01:15:22PM -0500, Jeremy Kitchen wrote: don't use vpopmail's roaming-users functionality if you want pop-before-smtp authentication, use Bruce Guenter's relay-ctrl package. Any particular reason why? vpopmail's roaming-users support is poorly designed, slow, and prone to failure. relay-ctrl is not, and is even, in fact, safe to use over NFS (I've done it) However, I wouldn't even use pop-before-smtp.. I would set up SMTP authentication and require that. His usersuMe too. But his users have grown used to it. I suggested starting SMTP-Auth on another port and slowly switching pop-before-smtp completely off. that's what email is so handy for. You send your users an email telling them they have to change in their mail clients, and give them a URL with some pictures and instructions, and notify your support staff about the change, and train them how to handle the situation.. then send that email every week for 3 months. After the 3 months is up, shut pop-before-smtp off. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpg9RvvDmhFP.pgp Description: PGP signature
Re: [vchkpw] many roaming users
On Wednesday 18 May 2005 01:50 pm, Davide Giunchi wrote: Payal Rathod ha scritto: Hi, The other day a friend showed interest in qmail server. He is running sendmail for many years and wants to shift to a better MTA (for his moderately loaded server of 3 thousand users) during hardware change. I have advised him qmail + vpopmail combo, but am scared of one thing only. Can cdb handle that lot of recompiling (he surely does not want any kind of sql) because almost all his users are roaming users? I use roaming user with a ~ 1600 server, the system is made by 2 frontend and an NFS server, i've used this patch to make the roaming users function work with mysql instead of cdb over NFS: http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml that's a hack, and I would not recommend using it. it's not tcpserver's job to handle specific functions such as this. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgp76NuGenJaX.pgp Description: PGP signature
Re[2]: [vchkpw] many roaming users
On Wednesday, May 18, 2005, 9:46:30 PM, Jeremy wrote: http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml that's a hack, and I would not recommend using it. it's not tcpserver's job to handle specific functions such as this. However sometimes you have to do sth even if it looks bad and is not scalable ;) I also use such config and waiting for my customers to change their muas to use smtpauth. -- regards, Sylwester Biernacki [EMAIL PROTECTED]
Re: [vchkpw] many roaming users
On Wednesday 18 May 2005 02:57 pm, Sylwester S. Biernacki wrote: On Wednesday, May 18, 2005, 9:46:30 PM, Jeremy wrote: http://www.tnpi.biz/internet/mail/toaster/patches/tcpserver-mysql.shtml that's a hack, and I would not recommend using it. it's not tcpserver's job to handle specific functions such as this. However sometimes you have to do sth even if it looks bad and is not scalable ;) why, when there are such better alternatives? http://untroubled.org/relay-ctrl/ It's simple, easy to use, easy to set up, and fits in with the UNIX mindset of doing things. Simple tools with specific functions that interact with each other. 6 of one half dozen of the other, I suppose. I guess I'm just a purist and don't patch anything unless I absolutely have to. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED] pgpbgQebHPf1Q.pgp Description: PGP signature
[vchkpw] SMTP-AUTH and --enable-roaming-users
Hi there, scenario: netqmail 1.05 plus SMTP-AUTH Bill Shupp's patch vpopmail-5.4.8 compiled with just --enable-logging=v Many MAC's mua clients claims that they're unable to Send email smtp-authenticated; I've noticed that these email clients (Entourage mainly) makes APOP auth. Maybe SMTP-AUTH (MD5-CRAM o plain text) doesn't like encrypted password like APOP? The only provisory workaround seems to compile vpopmail with --enable-roaming-users but I'm concerned about this because it seems to enable two ways to open my qmail... Do I worry about this or it could be a right configuration? thanks in advance for your advice --Abel
Re: [vchkpw] courier-imap roaming-users problem
Newer version of courier-imap will no longer be able to write the IPs into the relay table. This is because all authentication has now been moved out of courier (and sqwebmail) and into the courier-authlib package. As has always been the case, authdaemon doesn't support POP before SMTP. That's why I chose never to use authdaemon. Now that courier no longer supports POP before SMTP via the authvchkpw module, it's just one more good reason not to use courier-imap for POP3 services. Use qmails pop3d instead. That way POP users still get roaming access. IMAP users are users newer email clients that support SMTP AUTH and should be directed to use that instead. I have overcome this via the relay-ctrl package. My roaming users don't roam very often, but -do- (and are required to) use DDNS. Via their DDNS record, I can easily access their machine if need be...but I digress. I have written a -simple- perl cron that reverse queries their name/ip mapping, and updates the relay-ctrl directory of the allowed ip's that can relay. This way, I'm still using courier. (not that qmail-pop is bad, I've used it too...just have courier in this case) Just my approach. -Chris
[vchkpw] courier-imap roaming-users problem
Hi there. I'm using qmail, vpopmail (mysql) with roaming-users, and courier-imap on my FreeBSD Box. The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). We compile authlib and courier-imap in this way: courier-authlib $ ./configure --without-authpam --without-authldap --without-authpwd --without-authmysql --without-authpgsql --without-authshadow --without-authuserdb --without-authcustom --without-authcram --without-authdaemon --with-authvchkpw courier-imap export CFLAGS=-DHAVE_OPEN_SMTP_RELAY -DHAVE_VLOGAUTH /configure --prefix=/usr/local/courier-imap --disable-root-check --with-trashquota --enable-unicode --enable-roaming-users=y Any suggestion or idea? Thanks in advance Jesús Arnáiz
Re: [vchkpw] courier-imap roaming-users problem
On Feb 4, 2005, at 6:11 AM, Jesús Arnáiz wrote: The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). Actually authvchkpw is a version of vchkpw that's integrated with courier-imap. It never calls vchkpw directly, so it's behaving as expected. Unfortunately, I don't know about using roaming users (pop before smtp) with courier. I've always used SMTP AUTH as the sole relaying mechanism on our servers. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] courier-imap roaming-users problem
On Feb 4, 2005, at 10:25 AM, Tom Collins wrote: On Feb 4, 2005, at 6:11 AM, Jesús Arnáiz wrote: The problem is that, although I compiled courier with authvchkpw-auth it seems not to call this program. I think so because I see (with ktrace and truss) that courier authenticate my users reading the mysql database and it adds also the info data to the relay table on MySQL directly (I mean, not using vchkpw as it should do). So, the user is authenticated and can read his e-mail but he isn't added to the tcp.smtp.cdb file (tcpserver). Actually authvchkpw is a version of vchkpw that's integrated with courier-imap. It never calls vchkpw directly, so it's behaving as expected. Well, at least as documented. Unfortunately, I don't know about using roaming users (pop before smtp) with courier. I've always used SMTP AUTH as the sole relaying mechanism on our servers. Newer version of courier-imap will no longer be able to write the IPs into the relay table. This is because all authentication has now been moved out of courier (and sqwebmail) and into the courier-authlib package. As has always been the case, authdaemon doesn't support POP before SMTP. That's why I chose never to use authdaemon. Now that courier no longer supports POP before SMTP via the authvchkpw module, it's just one more good reason not to use courier-imap for POP3 services. Use qmails pop3d instead. That way POP users still get roaming access. IMAP users are users newer email clients that support SMTP AUTH and should be directed to use that instead. Matt `` Matt Simersonhttp://matt.simerson.net The Network People Inc. http://www.tnpi.biz The chief danger in life is that you may take too many precautions. - Alfred Adler ``
Re: [vchkpw] roaming users
When I do the command qmailctl cdbmy box reload /etc/tcp.smtp and /etc/tcp.pop3. It is not reading from /home/vpopmail/etc/tcp.smtp. How can I get it to read the ~vpopmail/etc/tcp.smtp instead, and how can I know that my vpopmail is recompiling my tcp.smtp file when there is pop authentication.ThanksRaymondUpon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3 you can check version with ~vpopmail/bin/vadduser -v and you need to recompile Qmailadmin for update version. I still can not do pop before smtp. qmailctl cdb ~vpopmail/bin/clearopensmtp qmailctl restart /--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp where is tcp.smtp? I use the whereis command for the tcp.smtp, it tells me its located in /etc/tcp.smtp.I don't know what is the problem you need to use 'locate' command On Thursday 17 June 2004 05:09 pm, Raymond Luong wrote: I jus t upgraded my vpopmail 5.4.3 to 5.4.4 with roaming user enable. here is my following configuration:./configure \--enable-roaming-users \ --enable-tcprules-prog=/usr/local/bin/tcprules /--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-relay-clear-minutes=180--enable-logging=p \ /--disable-passwd \--enable-clear-passwd \--disable-domain-quotas \ /--enable-auth-module=mysql \--disable-many-domains \--enable-auth-logging \--enable-mysql-logging \ /--enable-valias \--disable-mysql-limits�then I follow with:make�make install-stripThere was no error in return, everything seem to compile fine.Upon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3. I would like to know is that true or not? Does qmailadmin check vpopmail version everrytime or does it just record the vpopmail version when it was� install.My next problem. It seem even though I enable roaming users for vpopmail, I still can not do pop before smtp. When I try to send from outlook express, still tell me I'm not on the allow rcpthosts list. Is there some step I'm missing?I check my tcprules and tcp.smtp files and they� where they support to be but when I use the whereis command for the tcp.smtp, it tells me its located in /etc/tcp.smtp.I don't know what is the problem. Can someone offer me some suggestion.Raymond -- Best Regard, Songrit Srilasak Technical Support Network Administrators eGuide (Thailand) Co., Ltd. 25th Flr., Empire Tower (park wing), 195 South Sathorn Rd., Yannawa, Sathorn, Bangkok 10120 Tel: 0-2670-0888 ext 600 Fax: 0-2670-0889
Re: [vchkpw] roaming users
>From what you are saying, I will have to recompile everything to get roaming user to work?raymond Franck (Linuxpourtous) wrote: I just upgraded my vpopmail 5.4.3 to 5.4.4 with roaming user enable. There was no error in return, everything seem to compile fine.Upon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3. I would like to know is that true or not? Yes, that is true. Qmailadmin is staticlly linked to vpopmail, which means that every time you recompile vpopmail you have to compile _everything_ that uses it. Qmailadmin, sqwebmail, the qmail-smtpd patch that verifies incoming email... anything that uses vpopmail for authentication. Rick
Re: [vchkpw] roaming users
please don't post html only messages to mailing lists (or even multipart/alternative) use text only. On Friday 18 June 2004 11:06 am, Raymond Luong wrote: When I do the command qmailctl cdb my box reload /etc/tcp.smtp and /etc/tcp.pop3. It is not reading from /home/vpopmail/etc/tcp.smtp. How can I get it to read the ~vpopmail/etc/tcp.smtp instead, and how can I know that my vpopmail is recompiling my tcp.smtp file when there is pop authentication. the cdb file that tcpserver reads is specified on tcpserver's command line. http://cr.yp.to/ucspi-tcp/tcpserver.html simply modify your tcpserver command line for the respective service and restart it. Simple as that. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
I would like to add, since my qmailctl cdb is still reading off my /etc/tcp.smtp, and assuming my vpopmail is recompileing my tcp.smtp everytime someone login through pop3, can I just edit my qmailctl and qmail-smtp file and point the tcp.smtp at my ~vpopmail/etc/tcp.smtp? Will that work. I am afraid to do it because my mail box is a live production box. Don't want to do it unless I get more feed back.raymond When I do the command qmailctl cdbmy box reload /etc/tcp.smtp and /etc/tcp.pop3. It is not reading from /home/vpopmail/etc/tcp.smtp. How can I get it to read the ~vpopmail/etc/tcp.smtp instead, and how can I know that my vpopmail is recompiling my tcp.smtp file when there is pop authentication.ThanksRaymond
Re: [vchkpw] roaming users
On Friday 18 June 2004 11:30 am, Raymond Luong wrote: I would like to add, since my qmailctl cdb is still reading off my /etc/tcp.smtp, and assuming my vpopmail is recompileing my tcp.smtp everytime someone login through pop3, can I just edit my qmailctl and qmail-smtp file and point the tcp.smtp at my ~vpopmail/etc/tcp.smtp? Will that work. I am afraid to do it because my mail box is a live production box. Don't want to do it unless I get more feed back. well, if you're using vpopmail's roaming users you'll probably want to use vpopmail's built in function to rebuild the cdb file or you won't get the proper relay entries (at least until the next time someone checks their mail) ~vpopmail/bin/clearopensmtp Then just tell tcpserver to look at that cdb file and you're all set. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
Well, I'm really sorry, and I'm very thankful for your help but can you give me more detail on how to tell my tcpserver to look at my ~vpopmail/etc/tcp.smtp instead. Also, I am using vpopmail's roaming usres function, but it is not working. thats why I'm writing this email. raymond On Friday 18 June 2004 11:30 am, Raymond Luong wrote: I would like to add, since my qmailctl cdb is still reading off my /etc/tcp.smtp, and assuming my vpopmail is recompileing my tcp.smtp everytime someone login through pop3, can I just edit my qmailctl and qmail-smtp file and point the tcp.smtp at my ~vpopmail/etc/tcp.smtp? Will that work. I am afraid to do it because my mail box is a live production box. Don't want to do it unless I get more feed back. well, if you're using vpopmail's roaming users you'll probably want to use vpopmail's built in function to rebuild the cdb file or you won't get the proper relay entries (at least until the next time someone checks their mail) ~vpopmail/bin/clearopensmtp Then just tell tcpserver to look at that cdb file and you're all set. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
http://scripkitchen.com/godkills.jpg -- please, think of the kittens! On Friday 18 June 2004 11:43 am, Raymond Luong wrote: Well, I'm really sorry, and I'm very thankful for your help but can you give me more detail on how to tell my tcpserver to look at my ~vpopmail/etc/tcp.smtp instead. http://cr.yp.to/ucspi-tcp/tcpserver.html look at the -x flag. Then, look at your startup script. It should magically come to you. Also, I am using vpopmail's roaming usres function, but it is not working. thats why I'm writing this email. right, probably because you're not telling tcpserver to look at the proper file. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
My startup script is my qmailctl script right? I'm really sorry about the stupid question. This is like navigate the Universe for me. raymond http://scripkitchen.com/godkills.jpg -- please, think of the kittens! On Friday 18 June 2004 11:43 am, Raymond Luong wrote: Well, I'm really sorry, and I'm very thankful for your help but can you give me more detail on how to tell my tcpserver to look at my ~vpopmail/etc/tcp.smtp instead. http://cr.yp.to/ucspi-tcp/tcpserver.html look at the -x flag. Then, look at your startup script. It should magically come to you. Also, I am using vpopmail's roaming usres function, but it is not working. thats why I'm writing this email. right, probably because you're not telling tcpserver to look at the proper file. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
http://scriptkitchen.com/godkills.jpg --- please, think of the kittens. On Friday 18 June 2004 11:57 am, Raymond Luong wrote: My startup script is my qmailctl script right? I'm really sorry about the stupid question. This is like navigate the Universe for me. not likely. You should go back and look at whatever you used to install and set up qmail to see where it says your startup scripts are. If you can't figure it out you should remove what you have and follow www.lifewithqmail.org so you know what you're doing. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
Re: [vchkpw] roaming users
Is the start up script my qmail-smtpd run file. Because in that file it has a command -v -x /etc/tcp.smtp.cdb \ if I change that to ~vpopmail/etc/tcp.smtp.cdb will that work. Also do I need to change qmailctl to point to ~vpopmail/etc/tcp.smtp I followed the instruction from http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm in building my box. Thanks a lot for your input so far. Raymond http://scriptkitchen.com/godkills.jpg --- please, think of the kittens. On Friday 18 June 2004 11:57 am, Raymond Luong wrote: My startup script is my qmailctl script right? I'm really sorry about the stupid question. This is like navigate the Universe for me. not likely. You should go back and look at whatever you used to install and set up qmail to see where it says your startup scripts are. If you can't figure it out you should remove what you have and follow www.lifewithqmail.org so you know what you're doing. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
[vchkpw] roaming users
I jus t upgraded my vpopmail 5.4.3 to 5.4.4 with roaming user enable. here is my following configuration:./configure \--enable-roaming-users \ --enable-tcprules-prog=/usr/local/bin/tcprules--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-relay-clear-minutes=180--enable-logging=p \--disable-passwd \--enable-clear-passwd \--disable-domain-quotas \--enable-auth-module=mysql \--disable-many-domains \--enable-auth-logging \--enable-mysql-logging \--enable-valias \--disable-mysql-limits then I follow with:make make install-stripThere was no error in return, everything seem to compile fine.Upon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3. I would like to know is that true or not? Does qmailadmin check vpopmail version everrytime or does it just record the vpopmail version when it was install.My next problem. It seem even though I enable roaming users for vpopmail, I still can not do pop before smtp. When I try to send from outlook express, still tell me I'm not on the allow rcpthosts list. Is there some step I'm missing?I check my tcprules and tcp.smtp files and they where they support to be but when I use the whereis command for the tcp.smtp, it tells me its located in /etc/tcp.smtp.I don't know what is the problem. Can someone offer me some suggestion.Raymond
Re: [vchkpw] roaming users
Upon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3 you can check version with ~vpopmail/bin/vadduser -v and you need to recompile Qmailadmin for update version. I still can not do pop before smtp. qmailctl cdb ~vpopmail/bin/clearopensmtp qmailctl restart /--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtpbr / where is tcp.smtp? I use the whereis command for the tcp.smtp, it tells me its located in /etc/tcp.smtp.br /I don't know what is the problem you need to use 'locate' command On Thursday 17 June 2004 05:09 pm, Raymond Luong wrote: I jus t upgraded my vpopmail 5.4.3 to 5.4.4 with roaming user enable. here is my following configuration:.br //configure \--enable-roaming-users \ br /--enable-tcprules-prog=/usr/local/bin/tcprulesbr /--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtpbr / --enable-relay-clear-minutes=180--enable-logging=p \br /--disable-passwd \br /--enable-clear-passwd \--disable-domain-quotas \br /--enable-auth-module=mysql \br /--disable-many-domains \--enable-auth-logging \br /--enable-mysql-logging \br /--enable-valias \br /--disable-mysql-limitsbr /then I follow with:br /makebr /make install-stripbr /There was no error in return, everything seem to compile fine.Upon exiting my qmailadmin, it tells me the version of qmailadmin and vpopmail I'm using. The vpopmail still say version 5.4.3. I would like to know is that true or not? Does qmailadmin check vpopmail version everrytime or does it just record the vpopmail version when it was install.br /My next problem. It seem even though I enable roaming users for vpopmail, I still can not do pop before smtp. When I try to send from outlook express, still tell me I'm not on the allow rcpthosts list. Is there some step I'm missing?br /I check my tcprules and tcp.smtp files and they where they support to be but when I use the whereis command for the tcp.smtp, it tells me its located in /etc/tcp.smtp.br /I don't know what is the problem. Can someone offer me some suggestion.br /br /Raymondbr /br /br /br / -- Best Regard, Songrit Srilasak Technical Support Network Administrators eGuide (Thailand) Co., Ltd. 25th Flr., Empire Tower (park wing), 195 South Sathorn Rd., Yannawa, Sathorn, Bangkok 10120 Tel: 0-2670-0888 ext 600 Fax: 0-2670-0889
[vchkpw] I had a problem with this (Was: Re: [vchkpw] How do I enable roaming users?)
FYI...I couldn't get -enable-roaming-users=y working on a recent installation. Solution turned out to not use the 5.2.2 version on the Inter7 site and download the 5.4.0 dev snapshot! Worked like a treat after that... (Netqmail-1.05 on RH9 install). -marc Marc Nicholas - Geekythings, Inc. Vox: 416.543.4896 SMS: [EMAIL PROTECTED] From: Axiom [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Sat, 28 Feb 2004 14:06:15 -0700 To: [EMAIL PROTECTED] Subject: [vchkpw] How do I enable roaming users? Hi All, I'm having great difficulty with something that I feel is pretty straight forward. I cannot figure out how to get enable roaming users. I am running a system with FreeBSD 5.1 + qmail + vpopmail + courier-imap. All I want to be able to do is add the --enable-roaming-users=y option to my vpopmail installation. Apparently I didn't add this option when I originally installed vpopmail because I have edited ~vpopmail/etc/tcp.smtp to include my local network (192.168.1:allow,RELAYCLIENT=) to be able to relay mail through the server and then ran the ~vpopmail/bin/clearopensmtp program to update my ~vpopmail/etc/tcp.smtp.cdb file. I am still unable to send mail using Outlook 2003 from 192.168.1.2 address. I've tried re-compiling vpopmail and including the --enable-roaming-users=y and then re-installing it to the same location (/usr/local/Apps/Vpopmail) but it has made no difference. How can I enable roaming users in my current situation? It seems like it should just work for me already. Thank you in advance for any help, :: Casey Ralls :: :: Vector Networking Solutions :: :: http://www.vectorns.com :: :: [EMAIL PROTECTED] ::
[vchkpw] How do I enable roaming users?
Hi All, I'm having great difficulty with something that I feel is pretty straight forward. I cannot figure out how to get enable roaming users. I am running a system with FreeBSD 5.1 + qmail + vpopmail + courier-imap. All I want to be able to do is add the --enable-roaming-users=y option to my vpopmail installation. Apparently I didn't add this option when I originally installed vpopmail because I have edited ~vpopmail/etc/tcp.smtp to include my local network (192.168.1:allow,RELAYCLIENT=) to be able to relay mail through the server and then ran the ~vpopmail/bin/clearopensmtp program to update my ~vpopmail/etc/tcp.smtp.cdb file. I am still unable to send mail using Outlook 2003 from 192.168.1.2 address. I've tried re-compiling vpopmail and including the --enable-roaming-users=y and then re-installing it to the same location (/usr/local/Apps/Vpopmail) but it has made no difference. How can I enable roaming users in my current situation? It seems like it should just work for me already. Thank you in advance for any help, :: Casey Ralls :: :: Vector Networking Solutions :: :: http://www.vectorns.com :: :: [EMAIL PROTECTED] ::
Re: [vchkpw] How do I enable roaming users?
On Sat, 2004-02-28 at 15:06, Axiom wrote: [snip] and then ran the ~vpopmail/bin/clearopensmtp program to update my ~vpopmail/etc/tcp.smtp.cdb file. is tcpserver configured to look at that file? -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
[vchkpw] Re: How do I enable roaming users?
No... tcpserver is not running although it is installed with my ucspi-tcp package. I am running qmail with the following startup script which is located at /var/qmail/rc #!/bin/sh exec env - PATH=/var/qmail/bin:$PATH \ qmail-start ./Maildir/ splogger qmail I tried adding -x/etc/tcp.smtp.cdb to the end of the qmail-start so that it would look at a tcp.smtp.cdb file but that did not work either. I will do anything to enable roaming users. I am running short on more ideas here. Should I change my configuration somehow to include tcpserver? Maybe I should run qmail using tcpserver instead of just the qmail-start command? I appreciate your time and help, -Casey Jeremy Kitchen writes: On Sat, 2004-02-28 at 15:06, Axiom wrote: [snip] and then ran the ~vpopmail/bin/clearopensmtp program to update my ~vpopmail/etc/tcp.smtp.cdb file. is tcpserver configured to look at that file? -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE :: Casey Ralls :: :: Vector Networking Solutions :: :: http://www.vectorns.com :: :: [EMAIL PROTECTED] ::
Re: [vchkpw] Re: How do I enable roaming users?
http://scriptkitchen.com/godkills.jpg --- please, think of the kittens On Sat, 2004-02-28 at 15:15, Axiom wrote: No... tcpserver is not running although it is installed with my ucspi-tcp package. I am running qmail with the following startup script which is located at /var/qmail/rc #!/bin/sh exec env - PATH=/var/qmail/bin:$PATH \ qmail-start ./Maildir/ splogger qmail that's qmail-send. how are you starting up qmail-smtpd? it has to be run with either tcpserver or some form of *inetd or similar tool. I tried adding -x/etc/tcp.smtp.cdb to the end of the qmail-start so that it would look at a tcp.smtp.cdb file but that did not work either. again, that's qmail-send, wouldn't have any effect on smtp. I will do anything to enable roaming users. I am running short on more ideas here. Should I change my configuration somehow to include tcpserver? Maybe I should run qmail using tcpserver instead of just the qmail-start command? first figure out how you are starting it, as that is not how you are starting it. -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [vchkpw] Re: How do I enable roaming users?
On Sat, 2004-02-28 at 15:36, Axiom wrote: Sorry about the top posting. I have never heard of top posting before. I just had to look it up on google to see what it even meant. Now I know :) I am not sure how qmail-smtpd is running. I don't even see it in my process list anywhere. I am running qmail + vpopmail + courier-imap. you probably won't, it's only active when there is a connection active. The only other thing that I can see is that in my /etc/rc.local startup script i have a line that says: csh -cf '/command/svscanboot ' that's starting svscan on /service. that's from daemontools. Could that have something to do with how qmail-smtpd is running? maybe, if you're running it under daemontools. How does qmail-smtpd usually start with a qmail + vpopmail setup? it must be started under a superserver such as tcpserver, inetd, xinetd, etc. I assume you're using freebsd, so you can't use netstat -anp to get the process id of what is listening on port 25. The thing is, you should know how it's starting, because you set it up. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
[vchkpw] Re: How do I enable roaming users?
Jeremy Kitchen writes: On Sat, 2004-02-28 at 15:36, Axiom wrote: Sorry about the top posting. I have never heard of top posting before. I just had to look it up on google to see what it even meant. Now I know :) I am not sure how qmail-smtpd is running. I don't even see it in my process list anywhere. I am running qmail + vpopmail + courier-imap. you probably won't, it's only active when there is a connection active. The only other thing that I can see is that in my /etc/rc.local startup script i have a line that says: csh -cf '/command/svscanboot ' that's starting svscan on /service. that's from daemontools. Could that have something to do with how qmail-smtpd is running? maybe, if you're running it under daemontools. How does qmail-smtpd usually start with a qmail + vpopmail setup? it must be started under a superserver such as tcpserver, inetd, xinetd, etc. I assume you're using freebsd, so you can't use netstat -anp to get the process id of what is listening on port 25. The thing is, you should know how it's starting, because you set it up. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE Ahh yes... You've jogged my memory a bit. I am starting qmail-smtpd using inetd with the following line: smtpstream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd Could I just add -x/etc/tcp.smtp.cdb to the end of that line? :: Casey Ralls :: :: Vector Networking Solutions :: :: http://www.vectorns.com :: :: [EMAIL PROTECTED] ::
[vchkpw] How do I enable roaming users?
Hi all, I'm trying to enable roaming users with my vpopmail installation. I am now to the point where i am trying to get qmail-smtpd to look at a tcp.smtp.cdb file so that I can allow certain networks to relay through my server. I was running qmail-smtpd with inetd and now I am running it with tcpserver like this: tcpserver -x/etc/tcp.smtp.cdb -u102 -g101 0 smtp /var/qmail/bin/qmail-smtpd I have created /etc/tcp.smtp with the following info in it: 192.168.1:allow,RELAYCLIENT= :allow Now i'm expecting to be able to relay from my Outlook which is located at 192.168.1.2 but it is still not working. I get a reply from the server saying 553 sorry, that domain isn't in my list of allowed rcpthosts Does anyone see for any reason why my setup is not looking at the tcp.smtp.cdb file? Or is there something wrong with my file? :: Casey Ralls :: :: Vector Networking Solutions :: :: http://www.vectorns.com :: :: [EMAIL PROTECTED] ::
Re: [vchkpw] How do I enable roaming users?
- Original Message - From: Axiom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, February 28, 2004 5:31 PM Subject: [vchkpw] How do I enable roaming users? I have created /etc/tcp.smtp with the following info in it: 192.168.1:allow,RELAYCLIENT= :allow OK here is your problem I believe. The lines should read: 192.168.1.:allow,RELAYCLIENT= ^ Notice the . that I have that you are missing. It's been so long since I set mine up, but I know I dont' have the second line in my tcp.smtp Rob G [EMAIL PROTECTED]
RE: [vchkpw] How do I enable roaming users?
I have created /etc/tcp.smtp with the following info in it: 192.168.1:allow,RELAYCLIENT= :allow OK here is your problem I believe. The lines should read: 192.168.1.:allow,RELAYCLIENT= ^ Notice the . that I have that you are missing. It's been so long since I set mine up, but I know I dont' have the second line in my tcp.smtp Rob G [EMAIL PROTECTED] Yep that worked... Finally it's all working :) Thank you so much for your help... and Thank you to Jeremy Kitchen also. -Casey --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.598 / Virus Database: 380 - Release Date: 2/28/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.598 / Virus Database: 380 - Release Date: 2/28/2004
Re: [vchkpw] Re: How do I enable roaming users?
On Sat, 2004-02-28 at 15:54, Axiom wrote: Ahh yes... You've jogged my memory a bit. I am starting qmail-smtpd using inetd with the following line: smtpstream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd Could I just add -x/etc/tcp.smtp.cdb to the end of that line? no, inetd does not have support for tcprules files. You'd be better off using tcpserver anyways, it's much better. qmail-smtpd (stock) doesn't take any arguments so anything you put behind it will be ignored. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
[vchkpw] Roaming users / POP toasters
How are people on this list using POP before SMTP (Roaming users) when their POP3 server is separate from their SMTP server? The way that I understand that roaming users work is that once you pop in and check mail, the POP3 server rebuilds the tcpserver cdb file with the users IP address added as RELAYCLIENT. How does the separate SMTP server receive this file in a timely manner? Are you NFS mounting the tcpserver CDB file? If so, how is performance in this scenario? Thanks for any response. John Councilman Broadband Systems Engineer / Postmaster Knology [EMAIL PROTECTED] Cell: 706-773-5076 Office: 706-634-6742 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.581 / Virus Database: 368 - Release Date: 2/9/2004
[vchkpw] [patch]5.4.2 vpgsql.c with --enable-roaming-users=y
Hi, version: vpopmail 5.4.2 file: vpgsql.c option: --enable-roaming-users=y It doesn't update tcp.smtp.cdb after pop3 auth. (clearopensmtp updates tcp.smtp.cdb) vmysql.c and voracle.pc (and vsybase.c?) have the same problem, I think. vopen_smtp_relay() shouldn't return 0 to update tcp.smtp.cdb. vpopmail.c:2433 int open_smtp_relay() { #ifdef USE_SQL /* store the user's ip address into the sql relay table */ if (vopen_smtp_relay()) { /* generate a new tcp.smtp.cdb file */ if (update_rules() != 0) { fprintf (stderr, Error. update_rules failed\n); return (-1); } } #else But vopen_smtp_relay() returns 0 after insert or update. vpgsql.c:614 int vopen_smtp_relay() { ... if ( ipaddr == NULL ) { return 0; } if ( (err=vauth_open()) != 0 ) return 0; ... if(!pgres || PQresultStatus(pgres)!= PGRES_COMMAND_OK ) { /* need to return non-zero value if value inserted */ if( pgres ) PQclear(pgres); return 1; } if( pgres ) PQclear(pgres); return 0; } So, my idea to fix this problem is the following. It works. --- vpgsql.c.orig 2004-02-26 19:44:58.0 +0900 +++ vpgsql.c.fix2004-02-26 21:09:26.0 +0900 @@ -658,11 +658,11 @@ if(!pgres || PQresultStatus(pgres)!= PGRES_COMMAND_OK ) { /* need to return non-zero value if value inserted */ if( pgres ) PQclear(pgres); -return 1; +return 0; } if( pgres ) PQclear(pgres); - return 0; + return 1; } Or I think that a comment about return value in vmysql.c is thoughtful. What's good idea? --- Ken Nonaka nonaka at imasy or jp
RE: [vchkpw] Roaming users / POP toasters
We do it, but we are using MySQL auth. The servers only need to see the sql server to get the information. Im also using the tcpserver patch so as to not have to rebuild the cdb file. Shane From: John [mailto:[EMAIL PROTECTED] Sent: Friday, 27 February 2004 12:11 AMTo: [EMAIL PROTECTED]Subject: [vchkpw] Roaming users / POP toasters How are people on this list using POP before SMTP (Roaming users) when their POP3 server is separate from their SMTP server? The way that I understand that roaming users work is that once you pop in and check mail, the POP3 server rebuilds the tcpserver cdb file with the users IP address added as RELAYCLIENT. How does the separate SMTP server receive this file in a timely manner? Are you NFS mounting the tcpserver CDB file? If so, how is performance in this scenario? Thanks for any response. John Councilman Broadband Systems Engineer / Postmaster Knology [EMAIL PROTECTED] Cell: 706-773-5076 Office: 706-634-6742 ---Outgoing mail is certified Virus Free.Checked by AVG anti-virus system (http://www.grisoft.com).Version: 6.0.581 / Virus Database: 368 - Release Date: 2/9/2004
Re: [vchkpw] Re: roaming users
Alex, Jeremy, Michael and the rest, I just have to say that I have belonged to a number of email lists and this has to be the best one for signal to noise ratio. That being said, further investigations have lead me to some discoveries. I will share them with you briefly because the symptoms were a little confusing and lead me to think the problem was something other than what it actually is. This is one for the trouble shooting list that seems right up there with Is it plugged in? 1) After further testing I was able to determine that my smtp after pop3 auth is working fine. 2) After questioning the owner of one lovely little cafe he gave me the email to his network person. He was able to quickly determine the root of the problem. The public network that I use when I am out at lovely little cafe's is personaltelco.net. personaltelco.net blocks outgoing traffic to port 25 on any machine in the world. They do this for good reason. Spam control. By blocking outgoing smtp traffic on all of their public nodes they eliminate the possibility of some less than honorable people sending out masses of UCE's through open/broken relays. 3) This network person thanked me for my information and is now informing personaltelco.net that one of their nodes is broken and ALLOWING outgoing smtp traffic. Personaltelco is fixing that since they don't want a bunch of spammers wearing Rush Limbaugh lapel pins sucking up their bandwidth and getting them listed in an rbl. Possible Solutions: 1) Destroy all spammers and take back our network 2) Write a small proxy listener that I can connect to and forward the traffic to my smtp server. 3) Continue being happy using my sqwebmail install when I am out a lovely little cafes Of the possible solutions 3 seems to be the easiest, 2 will be the one that I will probably do and 1 seems like the funnest. Sorry for the noise and thanks for the help. I guess you learn something everyday. I've got to get back to work. sparky
Re: [vchkpw] Re: roaming users
On Wednesday 25 February 2004 1:47 pm, davila wrote: Alex, Jeremy, Michael and the rest, I just have to say that I have belonged to a number of email lists and this has to be the best one for signal to noise ratio. That being said, further investigations have lead me to some discoveries. I will share them with you briefly because the symptoms were a little confusing and lead me to think the problem was something other than what it actually is. This is one for the trouble shooting list that seems right up there with Is it plugged in? 1) After further testing I was able to determine that my smtp after pop3 auth is working fine. 2) After questioning the owner of one lovely little cafe he gave me the email to his network person. He was able to quickly determine the root of the problem. The public network that I use when I am out at lovely little cafe's is personaltelco.net. personaltelco.net blocks outgoing traffic to port 25 on any machine in the world. They do this for good reason. Spam control. By blocking outgoing smtp traffic on all of their public nodes they eliminate the possibility of some less than honorable people sending out masses of UCE's through open/broken relays. 3) This network person thanked me for my information and is now informing personaltelco.net that one of their nodes is broken and ALLOWING outgoing smtp traffic. Personaltelco is fixing that since they don't want a bunch of spammers wearing Rush Limbaugh lapel pins sucking up their bandwidth and getting them listed in an rbl. Possible Solutions: 1) Destroy all spammers and take back our network 2) Write a small proxy listener that I can connect to and forward the traffic to my smtp server. 3) Continue being happy using my sqwebmail install when I am out a lovely little cafes Of the possible solutions 3 seems to be the easiest, 2 will be the one that I will probably do and 1 seems like the funnest. Option 4: run an additional smtp tcpserver on port 587 ( mail message submission ) Most likely they are not blocking port 587 Ken Jones
[vchkpw] Re: roaming users
OR as Ken suggests I could just make my life easier and follow standard conventions. ;-) Ken Jones writes: On Wednesday 25 February 2004 1:47 pm, davila wrote: Alex, Jeremy, Michael and the rest, I just have to say that I have belonged to a number of email lists and this has to be the best one for signal to noise ratio. That being said, further investigations have lead me to some discoveries. I will share them with you briefly because the symptoms were a little confusing and lead me to think the problem was something other than what it actually is. This is one for the trouble shooting list that seems right up there with Is it plugged in? 1) After further testing I was able to determine that my smtp after pop3 auth is working fine. 2) After questioning the owner of one lovely little cafe he gave me the email to his network person. He was able to quickly determine the root of the problem. The public network that I use when I am out at lovely little cafe's is personaltelco.net. personaltelco.net blocks outgoing traffic to port 25 on any machine in the world. They do this for good reason. Spam control. By blocking outgoing smtp traffic on all of their public nodes they eliminate the possibility of some less than honorable people sending out masses of UCE's through open/broken relays. 3) This network person thanked me for my information and is now informing personaltelco.net that one of their nodes is broken and ALLOWING outgoing smtp traffic. Personaltelco is fixing that since they don't want a bunch of spammers wearing Rush Limbaugh lapel pins sucking up their bandwidth and getting them listed in an rbl. Possible Solutions: 1) Destroy all spammers and take back our network 2) Write a small proxy listener that I can connect to and forward the traffic to my smtp server. 3) Continue being happy using my sqwebmail install when I am out a lovely little cafes Of the possible solutions 3 seems to be the easiest, 2 will be the one that I will probably do and 1 seems like the funnest. Option 4: run an additional smtp tcpserver on port 587 ( mail message submission ) Most likely they are not blocking port 587 Ken Jones
Re: [vchkpw] Re: roaming users
davila wrote: 1) Destroy all spammers and take back our network 2) Write a small proxy listener that I can connect to and forward the traffic to my smtp server. 3) Continue being happy using my sqwebmail install when I am out a lovely little cafes Of the possible solutions 3 seems to be the easiest, 2 will be the one that I will probably do and 1 seems like the funnest. Sorry for the noise and thanks for the help. I guess you learn something everyday. I've got to get back to work. Actually, 1 is the best, if you can figure out how to do it. Hopefully something that gives them as much grief in their last few minutes of life as they have spread to the rest of the world! 2 isn't as hard as it seems at first. Just start a second instance of SMTP on a different port, and configure your mail client to send to that port. I used 24, and am able to slip mail out past my ISP that is also blocking port 25. (Which is a good idea IMHO. It stops all the mail servers that are built into the latest viruses.) Just copy your SMTP run script into a new directory, (possibly in /var/qmail/supervise) change 25 to 24 and link it to /services. It will still respect your settings for things like roaming users as long as you only change the port. Then there is #4, find out what outgoing mail server they are using, and point your mail client at it. The problem is you may have to change your outgoing mail settings a lot. I've recommended this to my clients for a long time. I have web hosting and incoming mail, but my clients access the internet through someone else. I have them point pop/imap at my server, and SMTP at their ISP's server. Rick
[vchkpw] roaming users
Hello, I've been through the archives and poked around in google and cannot find an answer to this one. I set up and have been running qmail/vpopmail/smtp-after-pop3 for the last two years. I recently, 6 months ago, rebuilt my qmail/vpopmail from scratch due to a harddrive failure. When I rebuilt it, from clean sources and following the steps in David Sill's qmail handbook I enabled roaming users. I configured my laptop's email client to download my email from my qmail server. Worked beautifully. I sent email after the pop3 auth. Worked beautifully. I did this from a cafe with a wireless connection. Now the only place I can send email from is that same cafe. The symptom is that if I try to connect to my qmail smtp server (port 25) from the cafe where I can send email it works beautifully, from anyplace else qmail won't even allow a connection on port 25. Even after pop3 auth. I am assuming that the ip address of the lovely little cafe is now cached someplace by vpopmail. I am also assuming that: 1) there must be some way to clear that cache (if it exsists) 2) I don't fully understand the concept of roaming users in vpopmail 3) there is some configuration bit that I missed that will when used allow me to send email from many lovely little cafes which are much closer to my house. To address these things I am asking: 1) If the cache does exsist where is the documention that tells me how to clear it? 2) If its possible to have roaming users to use variable ip addresses where is the documentation for that? any help would be great. sparky
Re: [vchkpw] roaming users
davila wrote: 1) there must be some way to clear that cache (if it exsists) ~vpopmail/bin/clearopensmtp does that job. Somewhere in your install instructions you should be adding that to crontab so it is run periodically. 2) I don't fully understand the concept of roaming users in vpopmail If you add --enable-roaming-users when you comile vpopmail, vdelivermail will add the IP address of mail users that successfully login to check mail to a list. (~vpopmail/etc/open_smtp) That list is combined with another list of clients that is always allowed to relay. (I don't remember right now where that list is kept. My base mail setup doesn't change much.) The combined lists ends up in a cdb file (~vpopmail/etc/tcp.smtp.cdb) which is used to decide if an incoming smtp request will be allowed. (Your file names may be different.) 3) there is some configuration bit that I missed that will when used allow me to send email from many lovely little cafes which are much closer to my house. If old entries are not removed, you are probably missing the cron job. If new entries are not being added, are you sure you are really using the right vdelivermail binary? If the binary is right maybe you have mixed two different sets of installation instructions. Different people put things in different places in their toasters, so you may not be able to mix them. To address these things I am asking: 1) If the cache does exsist where is the documention that tells me how to clear it? There isn't a lot of documentation... or there is a lot of documentation on the individual parts, but not much on how it all fits together. The biggest problem with Qmail is that it works so well, when there is a problem, I don't remember anything about how to set it up and I have to learn it all over. 2) If its possible to have roaming users to use variable ip addresses where is the documentation for that? It is possible. I mostly used Bill Shupp's patches and toaster, but I use CDB instead of MySQL, so I had to change a few things. http://www.shupp.org/ Rick
[vchkpw] Re: roaming users
Rick Great! I found exactly what you were talking about and indeed the ip addresses are there. I checked cron and the clearopensmtp job is there. I ran clearopensmtp by hand and it did not clear the file /home/vpopmail/etc/open-smtp I cleared the open-smtp file by hand and tried to send from my laptop rather than sqwebmail and still no dice. I have yet to read the docs for clearopensmtp. That may not be working correctly due to misconfiguration. Now that I know where to look I should beable to knock this one out quickly. Thanks for the help! sparky Rick Widmer writes: davila wrote: 1) there must be some way to clear that cache (if it exsists) ~vpopmail/bin/clearopensmtp does that job. Somewhere in your install instructions you should be adding that to crontab so it is run periodically. 2) I don't fully understand the concept of roaming users in vpopmail If you add --enable-roaming-users when you comile vpopmail, vdelivermail will add the IP address of mail users that successfully login to check mail to a list. (~vpopmail/etc/open_smtp) That list is combined with another list of clients that is always allowed to relay. (I don't remember right now where that list is kept. My base mail setup doesn't change much.) The combined lists ends up in a cdb file (~vpopmail/etc/tcp.smtp.cdb) which is used to decide if an incoming smtp request will be allowed. (Your file names may be different.) 3) there is some configuration bit that I missed that will when used allow me to send email from many lovely little cafes which are much closer to my house. If old entries are not removed, you are probably missing the cron job. If new entries are not being added, are you sure you are really using the right vdelivermail binary? If the binary is right maybe you have mixed two different sets of installation instructions. Different people put things in different places in their toasters, so you may not be able to mix them. To address these things I am asking: 1) If the cache does exsist where is the documention that tells me how to clear it? There isn't a lot of documentation... or there is a lot of documentation on the individual parts, but not much on how it all fits together. The biggest problem with Qmail is that it works so well, when there is a problem, I don't remember anything about how to set it up and I have to learn it all over. 2) If its possible to have roaming users to use variable ip addresses where is the documentation for that? It is possible. I mostly used Bill Shupp's patches and toaster, but I use CDB instead of MySQL, so I had to change a few things. http://www.shupp.org/ Rick
Re: [vchkpw] roaming users
On Tuesday 24 February 2004 5:36 pm, davila wrote: Hello, I've been through the archives and poked around in google and cannot find an answer to this one. I set up and have been running qmail/vpopmail/smtp-after-pop3 for the last two years. I recently, 6 months ago, rebuilt my qmail/vpopmail from scratch due to a harddrive failure. When I rebuilt it, from clean sources and following the steps in David Sill's qmail handbook I enabled roaming users. I configured my laptop's email client to download my email from my qmail server. Worked beautifully. I sent email after the pop3 auth. Worked beautifully. I did this from a cafe with a wireless connection. Now the only place I can send email from is that same cafe. The symptom is that if I try to connect to my qmail smtp server (port 25) from the cafe where I can send email it works beautifully, from anyplace else qmail won't even allow a connection on port 25. Even after pop3 auth. If it does not allow a connection from some locates but it does allow a connection from another location then it's highly possible the connection is being blocked by the network you are on. Many sites block outbound port 25 connections. An easy way to test is: telnet your-mail-servers-ip 25 If you do not get a connection then it is being blocked by some firewall. Ken Jones
Re: [vchkpw] roaming users
- Original Message - From: davila [EMAIL PROTECTED] 2) I don't fully understand the concept of roaming users in vpopmail Here is some text that I wrote so it could be distributed with vpopmail-5.4.0 as README.roamingusers : November 2003 : Michael Bowe [EMAIL PROTECTED] VPOPMAIL ROAMING USERS ~~ Latest version available from : http://www.pipeline.com.au/staff/mbowe/isp/webmail-server.htm With qmail, the typical way to control mail relaying is to put a list of rules into a file called tcp.smtp. The tcprules program is then used to compile this file into cdb database format with the output being stored in a file called tcp.smtp.cdb. The tcpserver program is configured (using the -x parameter) to read this file and thus know which SMTP clients are permitted to relay mail. This type of configuration works well if there is a known range of IP addresses that are permitted to relay mail. eg the IP's on the qmail server's local LAN. However if the qmail server needs to provide outbound SMTP services for clients who may be connecting from any IP, you are going to run into problems. What is needed is some way to automate the process of granting users the ability to relay mail, without opening up access to all and sundry on the Internet. vpopmail includes a solution for this problem. The solution is known as roaming users and is implemented with a technique known as POP-before-SMTP. Once a client has successfully authenticated via POP3, vpopmail will add the client's IP to a list. vpopmail then merges this list with the contents of the tcp.smtp file and runs the tcprules program to compile a new version of the tcp.smtp.cdb file. Thus the client can now relay mail. In addition to storing the client's IP address, vpopmail will also store the time of authentication. The postmaster uses a cronjob on the qmail server to periodically (eg once per hour) run the clearopensmtp program. This program scans through the list of roaming clients and removes any entries that exceed the nominated age (eg 3 hours). This ensures that the list of IPs does not grow out of bounds, and that the roaming IPs are closed within a reasonable timeframe after being opened. Configuration options for vpopmail that relate to roaming users : ./configure \ --enable-roaming-users \ - enable roaming users functionality --enable-tcprules-prog=path \ - defaults to /usr/local/bin/tcprules --enable-tcpserver-file=path \- defaults to /home/vpopmail/etc/tcp.smtp --enable-relay-clear-minutes=minutes - defaults to 180 Notes : qmail servers are typically built with the tcp.smtp files being located in the /etc directory. This is not usually suitable for vpopmail roaming users, since the /etc directory will (should) not have write permissions for the vpopmail user. Therefore it is not going to be possible for vpopmail to write out updated versions of the tcp.smtp.cdb file. For use with roaming users, it is recommended that the tcp.smtp files are stored in ~vpopmail/etc If a POP user auths, and their IP already exists in the roaming IP list, the timestamp for the entry is updated, but the tcprules program is not run. There is no need to rebuild the tcp.smtp.cdb file as the IP address is already permitted to relay. Rebuilding the file will only waste disk and CPU time. If the vpopmail server is using the default cdb authentication backend, then the list of roaming IPs will be stored in a file called ~vpopmail/etc/open-smtp. If the vpopmail server is using the MySQL backend, the roaming IPs will be stored in a database table called relay. The SQL backend will give better performance on a busy server. Either way though, you should be cautious about enabling roaming user functionality on a very busy server, as a large amount of disk and CPU will be used with the continual rebuilding of the tcp.smtp.cdb file. If the server is busy enough you could run into nasty file locking issues which will cause vpopmail password authentication to intermittently fail. If you absolutely must have POP-before-SMTP functionality on your busy server, then there are only two possible solutions that I can think of : 1) you could try putting the tcp.smtp files onto a RAM disk, or 2) use vpopmail's MySQL auth backend, plus use Matt Simerson's tcpserver patch that allows all of the tcp.smtp files to be stored in MySQL http://matt.simerson.net/computing/mail/qmail/ucspi-tcp-0.88-mysql.patch Over time POP-before-SMTP seems to slowly becoming a less favored way of allowing roaming users to relay mail. SMTP-Auth appears to becoming the more preferred option, as it scales much more easily on a busy server. However for a small to medium sized server, POP-before-SMTP is still quite a workable option. If you would like investigate the use of SMTP-Auth, take a look at this patch http://www.fehcom.de/qmail/smtpauth.html#PATCHES
Re: [vchkpw] Re: roaming users
On Tue, 2004-02-24 at 18:33, davila wrote: Rick Great! I found exactly what you were talking about and indeed the ip addresses are there. I checked cron and the clearopensmtp job is there. I ran clearopensmtp by hand and it did not clear the file /home/vpopmail/etc/open-smtp I cleared the open-smtp file by hand and tried to send from my laptop rather than sqwebmail and still no dice. none of that should have any impact on your ability to connect to port 25. what are the contents of the ~vpopmail/etc/tcp.smtp file also, what ISP is your mail server on, and what ISP are you trying to connect to it from? -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [vchkpw] Re: roaming users
On Tue, 2004-02-24 at 19:02, Alex Martin wrote: davila wrote: I checked cron and the clearopensmtp job is there. I ran clearopensmtp by hand and it did not clear the file /home/vpopmail/etc/open-smtp I cleared the open-smtp file by hand and tried to send from my laptop rather than sqwebmail and still no dice. I have yet to read the docs for clearopensmtp. That may not be working correctly due to misconfiguration. Now that I know where to look I should beable to knock this one out quickly. I might guess that your /etc/tcp.smtp is not getting compiled into /etc/tcp.smtp.cdb. Usually this is done with '/usr/sbin/qmailctl cdb'. I am not familiar with roaming users but I believe that this tcp control system is used. See http://cr.yp.to/ucspi-tcp/tcpserver.html This is of course assuming you are using ucspi-tcp and probably daemontools. and whatever 'toaster' includes '/usr/sbin/qmailctl' remember, any 'qmailctl' file is NOT part of the standard qmail distribution, and may be COMPLETELY different from 'toaster' to 'toaster'. Do not assume that someone has the exact same set up as you, I try to be as general as possible with my advice so that I'm telling you exactly what you need to do, so long as you know how you have your system configured (which you should) Still though, the advice that has been given (at least what I have read so far) is off track of the problem. The problem is not that he can't relay, the problem is that he can't CONNECT. vpopmail's roaming-users support would have no impact on this, unless the default rule for the tcprules file being used for smtp is to deny the connection. -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [vchkpw] Re: roaming users
Hello, I might guess that your /etc/tcp.smtp is not getting compiled into /etc/tcp.smtp.cdb. Usually this is done with '/usr/sbin/qmailctl cdb'. I am not familiar with roaming users but I believe that this tcp control system is used. See http://cr.yp.to/ucspi-tcp/tcpserver.html This is of course assuming you are using ucspi-tcp and probably daemontools. and whatever 'toaster' includes '/usr/sbin/qmailctl' Sorry, I hadn't considered how unique this script is on my toaster. It originally came from Dave Sill's Life With Qmail. snip qmailctl script tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp /etc/tcp.smtp chmod 644 /etc/tcp.smtp.cdb echo Reloaded /etc/tcp.smtp. snip remember, any 'qmailctl' file is NOT part of the standard qmail distribution, and may be COMPLETELY different from 'toaster' to 'toaster'. Of course. I did assume though that considering he is using vpopmail that he followed this relatively standard toaster setup. Still though, the advice that has been given (at least what I have read so far) is off track of the problem. The problem is not that he can't relay, the problem is that he can't CONNECT. vpopmail's roaming-users support would have no impact on this, unless the default rule for the tcprules file being used for smtp is to deny the connection. I reread this and I think you are correct, I missed this. A default deny rule seems like it would explain this behavior. davila are you lurking? Alex Martin http://www.rettc.com
Re: [vchkpw] Re: roaming users
On Tue, 2004-02-24 at 20:00, Alex Martin wrote: Sorry, I hadn't considered how unique this script is on my toaster. It originally came from Dave Sill's Life With Qmail. snip qmailctl script tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp /etc/tcp.smtp chmod 644 /etc/tcp.smtp.cdb echo Reloaded /etc/tcp.smtp. snip that's more like it ;) remember, any 'qmailctl' file is NOT part of the standard qmail distribution, and may be COMPLETELY different from 'toaster' to 'toaster'. Of course. I did assume though that considering he is using vpopmail that he followed this relatively standard toaster setup. lots of 'toasters' are adding 'qmailctl' scripts. I even saw one that started/stopped svscan to control qmail. One would hope that he had the sense to follow LWQ, however, that is unfortunately not always the case. In fact, most people who have problems AREN'T using LWQ, and that's probably why they have problems ;) davila are you lurking? reminds me of irc :) [00:00:05] *** Joins #vpopmail - random_person [00:00:08] random_person hey guys, I've got a question [00:00:15] *** Quits - random_person (quit: leaving) -Jeremy -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE