On a slightly different note, I'd like to add that I think it would make
since for the vchkpw module to take only the top and second level part of
the dns information it gets back from rev. of the ip address. IE.
192.168.1.2 revs. back to mail.test.com. vchkpw will then try to use that
FQDN as the domain information for the virtual client. I think it should
only use the test.com part and forget everything to the left of the 2nd lvl
... ie, mail. This would keep you from having to have two different records
for the domain. One mx pointing to mail.test.com with a matching A record,
but then making a different .rev record that only has test.com in it. Not
complaining, just a thought... If I knew enough 'c', I'd probably do it
myself and throw it out as a patch to anyone who wanted it. But alas, I'm
not that hot... ;) Any thoughts as to why this would be a 'bad' idea? I
don't see any harm in it.
Chris Bunnell
----- Original Message -----
From: "Randy Harmon" <[EMAIL PROTECTED]>
To: "Ben Beuchler" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, November 18, 2000 4:26 PM
Subject: Re: Problems with reverse-IP domains: authentication ceases to work
after upgrade
> Thanks for the reply, Ben. Oh, and thanks for the other reply.
> This email will clarify.
>
> > There is no way what you are describing CAN be done without
> IP-based
> > domains. If you read the POP RFCs (1725 is the main one) you
> will see
>
> Yes. That's why I configured for IP-based virtual domains, just as
> I had in my earlier version of vpopmail. It works fine with my
> earlier version of vpopmail. I have my ip addresses' reverse-DNS
> set up right, I've been using NON-username%domain.com addresses
> (just bare usernames).
>
> The problem is, the same exact logins cease to work when the new
> version, configured as I originally stated, is installed.
>
> In other words, the new vpopmail is not recognizing ip-based
> virtual domains as advertised, or the way it's documented is just
> not quite complete.
>
> Others reported this same problem upgrading from 3.x to 4.x; I'm
> hoping to find someone who's solved the same situation.
>
> Thanks!
>
> Randy
>
> ----- Original Message -----
> From: Ben Beuchler <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, November 18, 2000 4:11 PM
> Subject: Re: Problems with reverse-IP domains: authentication
> ceases to work after upgrade
>
>
> > On Sat, Nov 18, 2000 at 03:14:10PM -0800, Randy Harmon wrote:
> >
> > > I've done everything that's documented for allowing
> authentication
> > > to use server foobar.com, username fred. I see a number of
> others
> > > have encountered the same problem as I: it doesn't work. I see
> no
> > > solutions in the mailing list archive. How frustrating. Maybe
> > > with this thread, a resolution can make it into the archives.
> >
> > <SNIP>
> >
> > > When I start using the new version, the authentication doesn't
> work
> > > unless I use user%domain.com. While this is fine for some of
> my
> > > users, others are already well-established with IP-based email
> > > domains and I don't wish to make them all change their
> usernames.
> >
> > There is no way what you are describing CAN be done without
> IP-based
> > domains. If you read the POP RFCs (1725 is the main one) you
> will see
> > that the domain name is not part of the transaction. Hence, you
> need to
> > specify the exact user some other way. This means one of three
> options:
> >
> > 1) Use a different IP address for each domain and a POP client
> that
> > understands this.
> >
> > 2) Create user names that are unique across ALL domains.
> >
> > 3) Incorporate the domain name into the login. This is really
> just
> > a more logical version of #2.
> >
> > Ben
> >
> > --
> > Ben Beuchler
> [EMAIL PROTECTED]
> > MAILER-DAEMON (612)
> 321-9290 x101
> > Bitstream Underground
> www.bitstream.net
> >
>
>
