Plesk is such a queer duck. I like its control panel but it sure does some screwy things to the system configuration.
I see something in your spamdyke configuration file that could be causing the SMTP AUTH problem. You have the following line commented out: smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true This is actually two commands -- smtp_auth and cmd5checkpw. They should be given on two separate lines and they should offer encrypted authentication: smtp-auth-command-encryption=/var/qmail/bin/smtp_auth /var/qmail/bin/true smtp-auth-command-encryption=/var/qmail/bin/cmd5checkpw /var/qmail/bin/true I suspect the authentication is failing because cmd5checkpw is the program that can actually process your credentials but it's not being started (because your configuration file lists it as a parameter to smtp_auth). However, you're correct that you don't need it with 3.0.0 and later -- spamdyke now automatically detects successful authentication without running the commands itself. Next, your "config-test" is giving strange results because you probably used this command: spamdyke -f /etc/spamdyke.conf /var/qmail/bin/qmail-smtpd Plesk doesn't patch qmail-smtpd to provide SMTP AUTH, so spamdyke can't see it. Instead, Plesk uses relaylock for that purpose. You should really test with: spamdyke -f /etc/spamdyke.conf /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true With that command line, the SMTP AUTH banners will appear and spamdyke won't complain about it any more. So in summary, you can either use Plesk's relaylock OR you can use spamdyke's "smtp-auth-command-encryption" directive. Using both is unnecessary and wastes server resources. If you have some users (or servers) that need to relay without authenticating, continue using relaylock. If you don't, create an empty access file and use spamdyke's "smtp-auth-command-encryption" and "access-file" instead of relaylock. It's a bit more efficient. To answer your last question about qmail-smtpd's command line, it doesn't have one by default. Most of the time, when you see command line options passed to qmail-smtpd, you're looking at a patched version of qmail-smtpd. (In Plesk's case, the extra options are not parameters to qmail-smtpd, they're actually parameters to relaylock.) Typically, any parameters are commands to process SMTP AUTH attempts. The authentication commands always come in pairs -- the auth command and a "true" command. This is a holdover from DJB's original "checkpassword" program, which runs the second command if the authentication is successful. I think his intent was that successful authentications could have side-effects, such as logging or unlocking resources. The password-checking program could be generic (i.e. only check the password) and the second command could perform the side-effect. In practice, this hasn't happened. People have simply written password-checking programs that perform the side-effects internally. "true" is used as the side-effect command because it's small and fast. For more information on "checkpassword" (but not much more), see DJB's site: http://cr.yp.to/checkpwd/interface.html -- Sam Clippinger Grimmi Meloni wrote: > Hi, > > I've been using spamdyke for about 2 weeks now, and I'm quite satisfied > with the results. Thanks for this great tool. > > As the subject states, I'm running a Plesk 8.1 based system. Today I > upgraded from the 2.6.3 version, to the 3.1.0. > > The good news is: I got everything working so far. > > But what made me curious are two things: > > With the old 2.6.3 I could use the --smtp-auth-command option, with the > new 3.1.0 this does not work anymore. "Not working anymore" in this case > means, that I have to remove this option or my client gets an error > message. In the logs it looks like authentication is tried twice. Really > weired, but since Plesk delivers a SMTP_AUTH capable server, this is no > problem - at least my relaying tests all failed when not authenticated. > So I think I'm still good. > > During the trial and error phase of this, I ran the --config-test option > of spamdyke. Although smtp authentication works, the config-test gives > me this warning: > > WARNING: /var/qmail/bin/qmail-smtpd does not appear to offer SMTP AUTH > support. Please use the "smtp-auth-command" flag or the > "smtp-auth-command-encryption" flag as well as the "access-file" and > "local-domains-file" flags so spamdyke will be able to authenticate > users and correctly allow them to relay. > > Now I'm wondering why this warning occurs at all. Is it a > misconfiguration on my part, or just the config-test failing to detect > the SMTP AUTH capabilities of my qmail_smtpd? > > bye, Michael > > P.S.: Although offtopic: Can anybody point me to a place where the > commandline of qmail_smtpd is explained? Basically I would like to know, > why /var/qmail/bin/true has to be in the commandline twice, or even > better, what qmail_smtpd in general does with it's parameters? Thanks. > > ------------- my spamdyke.conf ------------ > log-level=2 > local-domains-file=/var/qmail/control/rcpthosts > max-recipients=5 > idle-timeout-secs=60 > graylist-dir=/var/qmail/gray > graylist-min-secs=300 > graylist-max-secs=1814400 > reject-empty-rdns > reject-unresolvable-rdns > reject-ip-in-cc-rdns > greeting-delay-secs=5 > check-dnsrbl=zombie.dnsbl.sorbs.net > check-dnsrbl=dul.dnsbl.sorbs.net > check-dnsrbl=bogons.cymru.com > #smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true > /var/qmail/bin/cmd5checkpw /var/qmail/bin/true > local-domains-file=/var/qmail/control/rcpthosts > reject-missing-sender-mx > hostname=v31616.vierfpeile.de > tls-certificate-file=/var/qmail/control/servercert.pem > ---------------end my spamdyke.conf------------ > > > ------------ my xinetd.d config for smtp_psa --------- > server = /var/qmail/bin/tcp-env > server_args = -Rt0 /usr/local/bin/spamdyke -f > /etc/spamdyke.conf /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd > /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw > /var/qmail/bin/true > ------------ my xinetd.d config for smtp_psa --------- > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users