Hi, > >Then create a file called 'sql' in the qmail control dir with the following > >layout > > > >server localhost > >port 3306 > >database vpopmail > >table relay > >user vpopmailuser > >pass vpopmailpassword > >time 1800 > > > >Add the -S switch to your qmail-smtpd script and restart the servers. >
Make sure 100% that /var/qmail/control/sql file is either chowned 'qmaild', chgrouped 'nofiles', or BOTH! I forgot about that one time and changed ownership on that file to vpopmail:vchkpw (during a server migration), and started qmail. Apparently I didn't tail qmail-smtpd/log/current while tcpserver was complaining about control/sql file "Permission denied". This was for a few days before I found out my mail server was AN OPEN RELAY. fixing the permissions on the sql file and restarting qmail fixed the problem. > This is for tcpserver, correct? (Because the current version of vPopmail > has a control file like this now. > > And what does your full smptd line look like now? > > e.g. I have (no tcpserver patch): > > env - PATH="/var/qmail/bin:/usr/local/bin" \ > tcpserver -p -H -l0 -R -c 512 -x \ > /var/qmail/vpopmail/etc/tcp.smtp.cdb -u 301 -g 302 \ > 0 smtp /var/qmail/bin/qmail-smtpd foo.bar.org \ > /var/qmail/vpopmail/bin/vchkpw /bin/true & > > after the patch it would be? > > env - PATH="/var/qmail/bin:/usr/local/bin" \ > tcpserver -p -H -l0 -R -c 512 -x \ > -S \ > 0 smtp /var/qmail/bin/qmail-smtpd foo.bar.org \ > /var/qmail/vpopmail/bin/vchkpw /bin/true & > If you are no longer needing the cdb file (example allowing particular ips/subnets to relay) just omit the -x option. Although I use -S for mysql relay info, I also still use the -x option to call a static file that rarely ever changes: -x /etc/tcp.smtp.cdb I think this is better than depending on the mysql db also for static relayclients (unless they're over a 1000), and also in case of mysql database failure, the static relayclients would still be able to relay mail (because it's read from cdb on disk), while roaming users will fail - better than both client groups failing. Respectfully, Tim Hasson
