[Dovecot] dovecot, vpopmail and djb's tcpserver
Hello!
I've tried to set up dovecot in conjuction with vpopmail, and running it under djb's tcpserver instead of (x)inetd.
Btw - there was no reference to setting dovecot up using (x)inetd either in the manuals/faqs i read, though I didn't search all that hard. Anyway, back to my Q:
vpopmail uses vchkpw as an authentication mechanism, and with tcpserver I can do relaycontrol (based on vchkpw) with roaming users. Is there anyone who have tried this, and succeeded? Right now I use two imap services to accomplish this (bincimap has support for vchkpw).
Thank you for any response.
- Lasse Danielsen
Never argue with an idiot. He'll drag you down to his level, then beat you with experience.
"Lasse Danielsen" <lasse@danielsen.tk> writes:
The proper way to authenticate roaming users is SMTP AUTH and not a botch like SMTP-after-POP/IMAP (which I assume you're trying to do as otherwise, the IMAP/POP3 server isn't concerned with relaying mail). SMTP AUTH works independently of Dovecot or BincIMAP.
-- Matthias Andree
Encrypt your mail: my GnuPG key ID is 0x052E7D95
Well, what is proper and not can be discussed, I'm sure. I prefer using the "botch" as you call it. I assume support for some kind of external authentication mechanism need to be supported in dovecot for pop/imap-before-smtp. Afaik, vchkpw is one of many such mechanism. I was just asking if this had been done before, or if it's currently unsupported.
Regards,
Lasse Danielsen
"Lasse Danielsen" <lasse@danielsen.tk> writes:
If you really need it today, how about grepping the log for now (but beware of the infamous time zone!)? You may need to set auth_verbose=yes though.
Sep 4 20:07:11 mail imap-login: Login: ma [80.135.11X.XXX]
That should be sufficient to enable SMTP for a minute or two from that IP. A couple of lines of Perl around File::Tail should do.
-- Matthias Andree
Encrypt your mail: my GnuPG key ID is 0x052E7D95
Matthias Andree wrote:
Or here's another implementation of the "botch" method:
This method does not use the system logs, but works by taking cues from a hacked POP3/IMAP server, or in my case, a hacked POP3/IMAP proxy (Perdition). Thankfully, I no longer have to hack my MTA (Postfix) for that side of the equation. ;) I use a snapshot version of Authd, for everyone's information.
However, since I implemented SMTP AUTH on my own servers, at some point, I am considering completely phasing out POP-before-SMTP because it's a Very Ugly Kludge(R). Besides, the less I have to hack, the better. ;)
--Ian.
participants (4)
-
Ian R. Justman
-
Lasse Danielsen
-
Matthias Andree
-
Timo Sirainen