[Dovecot] Pop-before-smtp and MySQL?

Matteo Garofano

28 Nov 2005 28 Nov '05

1:40 p.m.

Hi, I found that dovecot have many nice features. Now I write because I'm tring to setup the dovecot server, I would substitute a qpopper daemon (patched for mysql authentication) The problem I find is to set up the pop-before-smtp using sql (mysq) as written in http://wiki.dovecot.org/moin.cgi/PopBSMTPAndDovecot (Waiting for post_login ;-) I would use the script popbsmtp.sh and not a perl pig. (I'm using qpopper patched to store the relay IP in mysql and it works) I set .my.cnf in /root What happen is that the $3 don't contain the IP that should be written to the DB. Is there something I miss ? I tried to modify the dovecot.conf file like this mail_executable = /usr/local/libexec/dovecot/popbsmtp.sh /usr/local/libexec/dovecot/pop3 %r "%r" and it write to the db the litteral value %r and not the ip, otherwise it write nothing. the connection with mysql works and any other operation on it works. this should be the last step for my setting.

Have you any hint?

Thanks in advance and best regards

Matteo Garofano

Show replies by date

/dev/rob0

28 Nov 28 Nov

2:06 p.m.

On Monday 2005-November-28 05:40, Matteo Garofano wrote:

...

The problem I find is to set up the pop-before-smtp using sql (mysq) snip Have you any hint?

I can't help with your pop-before-SMTP, but I can suggest that you not do that. :) The better way to do it is with SMTP AUTH, which most MUA's should support these days.

If your MTA is Postfix (which appears so from your headers) Timo has a patch which ties in SASL AUTH support without using Cyrus SASL. I use it and recommend it highly. See the Postfix SASL_README and the patch at http://dovecot.org/patches/postfix/ (for Postfix 2.2.x) or my own ports of it to the 2.3 snapshots: http://www.nodns4.us/postfix-2.3-20051121-dovecot-auth.patch.gz

http://www.nodns4.us/postfix-2.3-20050630-dovecot-auth.patch.gz still exists for those who got on the bleeding edge but were too lazy to stay there. :)

mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header

Udo Rader

2:13 p.m.

On Mon, 2005-11-28 at 06:06 -0600, /dev/rob0 wrote:

...

On Monday 2005-November-28 05:40, Matteo Garofano wrote:

...
The problem I find is to set up the pop-before-smtp using sql (mysq) snip Have you any hint?

I can't help with your pop-before-SMTP, but I can suggest that you not do that. :) The better way to do it is with SMTP AUTH, which most MUA's should support these days.

If your MTA is Postfix (which appears so from your headers) Timo has a patch which ties in SASL AUTH support without using Cyrus SASL. I use it and recommend it highly. See the Postfix SASL_README and the patch at http://dovecot.org/patches/postfix/ (for Postfix 2.2.x) or my own ports of it to the 2.3 snapshots: http://www.nodns4.us/postfix-2.3-20051121-dovecot-auth.patch.gz

http://www.nodns4.us/postfix-2.3-20050630-dovecot-auth.patch.gz still exists for those who got on the bleeding edge but were too lazy to stay there. :)

I'm not the original poster of the question, yet I have a question about this patch.

What would be the benefits of using this patch? I mean, dovecot is supposed to have its own SASL implementation (as stated in the docs) and we are even using it. So why would one need a specific patch for postfix when dovecot is completely on its own feet?

Udo

-- bestsolution.at EDV Systemhaus GmbH http://www.bestsolution.at

/dev/rob0

2:22 p.m.

On Monday 2005-November-28 06:13, Udo Rader wrote:

...

...
If your MTA is Postfix (which appears so from your headers) Timo has a patch which ties in SASL AUTH support without using Cyrus SASL. I use it and recommend it highly. See the Postfix SASL_README and the patch at http://dovecot.org/patches/postfix/ (for Postfix 2.2.x) or my own ports of it to the 2.3 snapshots: http://www.nodns4.us/postfix-2.3-20051121-dovecot-auth.patch.gz

http://www.nodns4.us/postfix-2.3-20050630-dovecot-auth.patch.gz still exists for those who got on the bleeding edge but were too lazy to stay there. :)

I'm not the original poster of the question, yet I have a question about this patch.

What would be the benefits of using this patch? I mean, dovecot is

The main benefit is that you don't have to use nor install Cyrus SASL. It's also very simple to set up: once you set all the options it Just Works.

...

supposed to have its own SASL implementation (as stated in the docs) and we are even using it. So why would one need a specific patch for postfix when dovecot is completely on its own feet?

IIUC Postfix cannot use Dovecot SASL without the patch. Timo could probably give a definitive answer.

mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header

Udo Rader

2:32 p.m.

On Mon, 2005-11-28 at 06:22 -0600, /dev/rob0 wrote:

...

On Monday 2005-November-28 06:13, Udo Rader wrote:

...
...
If your MTA is Postfix (which appears so from your headers) Timo has a patch which ties in SASL AUTH support without using Cyrus SASL. I use it and recommend it highly. See the Postfix SASL_README and the patch at http://dovecot.org/patches/postfix/ (for Postfix 2.2.x) or my own ports of it to the 2.3 snapshots: http://www.nodns4.us/postfix-2.3-20051121-dovecot-auth.patch.gz

http://www.nodns4.us/postfix-2.3-20050630-dovecot-auth.patch.gz still exists for those who got on the bleeding edge but were too lazy to stay there. :)

I'm not the original poster of the question, yet I have a question about this patch.

What would be the benefits of using this patch? I mean, dovecot is

The main benefit is that you don't have to use nor install Cyrus SASL. It's also very simple to set up: once you set all the options it Just Works.

...
supposed to have its own SASL implementation (as stated in the docs) and we are even using it. So why would one need a specific patch for postfix when dovecot is completely on its own feet?

IIUC Postfix cannot use Dovecot SASL without the patch. Timo could probably give a definitive answer.

Ah, I see, so it's the other way round, postfix uses dovecot for SMTP AUTH then? That would be _very_ cool indeed.

Udo

-- bestsolution.at EDV Systemhaus GmbH http://www.bestsolution.at

Lorens

4:46 p.m.

On Mon, Nov 28, 2005 at 12:40:08PM +0100, Matteo Garofano wrote:

...

Hi, I found that dovecot have many nice features. Now I write because I'm tring to setup the dovecot server, I would substitute a qpopper daemon (patched for mysql authentication) The problem I find is to set up the pop-before-smtp using sql (mysq) as written in http://wiki.dovecot.org/moin.cgi/PopBSMTPAndDovecot (Waiting for post_login ;-) I would use the script popbsmtp.sh and not a perl pig. (I'm using qpopper patched to store the relay IP in mysql and it works) I set .my.cnf in /root What happen is that the $3 don't contain the IP that should be written to the DB. Is there something I miss ? I tried to modify the dovecot.conf file like this mail_executable = /usr/local/libexec/dovecot/popbsmtp.sh /usr/local/libexec/dovecot/pop3 %r "%r" and it write to the db the litteral value %r and not the ip, otherwise it write nothing.

The first thing to do is some debugging: in the popbsmtp.sh script write the received parameters to a file, and decide where the problem is! For exemple,

echo "Login from $3, parameters 1=$1, 2=$2, 3=$3, 4=$4" >> /var/log/dovecot3

I did not need to put %r in the dovecot.conf, my line is

mail_executable = /usr/lib/dovecot/popbsmtp.sh /usr/lib/dovecot/pop3

If you put any junk afterwards, you will find that it's not $3 anymore but $4 or $5 or whatever.

My dovecot version is a 1.0stable.

Alen Salamun

4:54 p.m.

I am using pop-before-smtp with no problems with dovecot.

String is:

$pat = '^(... .. ..:..:..) \S+ dovecot: imap-login: Login: user=<\S+>, method=\S+, rip=(\d+\.\d+\.\d+\.\d+)';

BR, Alen

Lorens wrote:

...

On Mon, Nov 28, 2005 at 12:40:08PM +0100, Matteo Garofano wrote:

...
Hi, I found that dovecot have many nice features. Now I write because I'm tring to setup the dovecot server, I would substitute a qpopper daemon (patched for mysql authentication) The problem I find is to set up the pop-before-smtp using sql (mysq) as written in http://wiki.dovecot.org/moin.cgi/PopBSMTPAndDovecot (Waiting for post_login ;-) I would use the script popbsmtp.sh and not a perl pig. (I'm using qpopper patched to store the relay IP in mysql and it works) I set .my.cnf in /root What happen is that the $3 don't contain the IP that should be written to the DB. Is there something I miss ? I tried to modify the dovecot.conf file like this mail_executable = /usr/local/libexec/dovecot/popbsmtp.sh /usr/local/libexec/dovecot/pop3 %r "%r" and it write to the db the litteral value %r and not the ip, otherwise it write nothing.

The first thing to do is some debugging: in the popbsmtp.sh script write the received parameters to a file, and decide where the problem is! For exemple,

echo "Login from $3, parameters 1=$1, 2=$2, 3=$3, 4=$4" >> /var/log/dovecot3

I did not need to put %r in the dovecot.conf, my line is

mail_executable = /usr/lib/dovecot/popbsmtp.sh /usr/lib/dovecot/pop3

If you put any junk afterwards, you will find that it's not $3 anymore but $4 or $5 or whatever.

My dovecot version is a 1.0stable.

Matteo Garofano

5:21 p.m.

Thanks again, I made some debugging but it didn't helped. I wrote something similar to the line you suggested at the top of the popbsmtp.sh script this is the result:

dovecot: Nov 28 14:50:41 Info: Dovecot v1.0-stable starting up dovecot: Nov 28 14:50:42 Info: auth(default): mysql: Connected to postfix Login from , parameters 1=/usr/local/libexec/dovecot/pop3, 2=, 3=, 4= dovecot: Nov 28 14:50:59 Info: pop3-login: Login: teo@xarrampicate.it [192.168.100.70]

it seems that no variable is passed during the execution of the mail_execute commands

compilation options: ./configure --with-mysql --without-passwd --without-passwd-file --without-shadow

the dovecot.conf file is:

protocols = pop3 ssl_disable = yes disable_plaintext_auth = no log_path = /var/log/dovecot3 log_timestamp = "%b %d %H:%M:%S " login_user = dovecotauth first_valid_uid = 50 default_mail_env = mbox:/tmp:INBOX=/var/spool/mail/%u mail_log_prefix = "%Us(%u):" protocol imap { } protocol pop3 { mail_executable = /usr/local/libexec/dovecot/popbsmtp.sh /usr/local/libexec/dovecot/pop3 } auth default { mechanisms = plain passdb = sql /usr/local/etc/dovecot-sql.conf userdb = sql /usr/local/etc/dovecot-sql.conf user = dovecot }

the popbsmtp.sh is:

#!/bin/sh echo "Login from $3, parameters 1=$1, 2=$2, 3=$3, 4=$4" >> /var/log/dovecot3 ( IP=echo $3 | sed 's/\]//' if [ -n "$IP" ] then export HOME=/root/ echo "replace into relay_ip VALUES('$IP','RELAY',now());" | mysql postfix export HOME=/ fi ) >> /var/log/dovecot3 2>&1

exec $*

dovecot is: 1.0-stable

still in the limbo... thanks for any help te0x

----- Original Message ----- From: "Lorens" dovecot.fdop@tagged.lorens.org To: "Matteo Garofano" m.garofano@internetware.it Cc: dovecot@dovecot.org Sent: Monday, November 28, 2005 3:46 PM Subject: Re: [Dovecot] Pop-before-smtp and MySQL?

...

On Mon, Nov 28, 2005 at 12:40:08PM +0100, Matteo Garofano wrote:

...
Hi, I found that dovecot have many nice features. Now I write because I'm tring to setup the dovecot server, I would substitute a qpopper daemon (patched for mysql authentication) The problem I find is to set up the pop-before-smtp using sql (mysq) as written in http://wiki.dovecot.org/moin.cgi/PopBSMTPAndDovecot (Waiting for post_login ;-) I would use the script popbsmtp.sh and not a perl pig. (I'm using qpopper patched to store the relay IP in mysql and it works) I set .my.cnf in /root What happen is that the $3 don't contain the IP that should be written to the DB. Is there something I miss ? I tried to modify the dovecot.conf file like this mail_executable = /usr/local/libexec/dovecot/popbsmtp.sh /usr/local/libexec/dovecot/pop3 %r "%r" and it write to the db the litteral value %r and not the ip, otherwise it write nothing.

The first thing to do is some debugging: in the popbsmtp.sh script write the received parameters to a file, and decide where the problem is! For exemple,

echo "Login from $3, parameters 1=$1, 2=$2, 3=$3, 4=$4" >> /var/log/dovecot3

I did not need to put %r in the dovecot.conf, my line is

mail_executable = /usr/lib/dovecot/popbsmtp.sh /usr/lib/dovecot/pop3

If you put any junk afterwards, you will find that it's not $3 anymore but $4 or $5 or whatever.

My dovecot version is a 1.0stable.

Lorens

7:23 p.m.

On Mon, Nov 28, 2005 at 04:21:27PM +0100, Matteo Garofano wrote:

...

dovecot: Nov 28 14:50:41 Info: Dovecot v1.0-stable starting up dovecot: Nov 28 14:50:42 Info: auth(default): mysql: Connected to postfix Login from , parameters 1=/usr/local/libexec/dovecot/pop3, 2=, 3=, 4= dovecot: Nov 28 14:50:59 Info: pop3-login: Login: teo@xarrampicate.it [192.168.100.70]

it seems that no variable is passed during the execution of the mail_execute commands

It does seems that way. Sorry, I cannot explain that. Maybe you have a different version than I do, but they are both -stable and your dovecot.conf syntax resembles mine. No idea... maybe something in the compilation (you give your compilation options so I suppose you compiled it yourself; I took a debian package).

Matteo Garofano

29 Nov 29 Nov

2:39 p.m.

I can add, i run dovecot standalone not inetd or xinetd. does it change something about the pop-before-smtp issue ?

Thanks te0x

----- Original Message ----- From: "Lorens" dovecot.fdop@tagged.lorens.org To: "Matteo Garofano" m.garofano@internetware.it Cc: dovecot@dovecot.org Sent: Monday, November 28, 2005 6:23 PM Subject: Re: [Dovecot] Pop-before-smtp and MySQL?

...

On Mon, Nov 28, 2005 at 04:21:27PM +0100, Matteo Garofano wrote:

...
dovecot: Nov 28 14:50:41 Info: Dovecot v1.0-stable starting up dovecot: Nov 28 14:50:42 Info: auth(default): mysql: Connected to postfix Login from , parameters 1=/usr/local/libexec/dovecot/pop3, 2=, 3=, 4= dovecot: Nov 28 14:50:59 Info: pop3-login: Login: teo@xarrampicate.it [192.168.100.70]

it seems that no variable is passed during the execution of the mail_execute commands

It does seems that way. Sorry, I cannot explain that. Maybe you have a different version than I do, but they are both -stable and your dovecot.conf syntax resembles mine. No idea... maybe something in the compilation (you give your compilation options so I suppose you compiled it yourself; I took a debian package).

Lorens

4:16 p.m.

On Tue, Nov 29, 2005 at 01:39:49PM +0100, Matteo Garofano wrote:

...

...
...
it seems that no variable is passed during the execution of the mail_execute commands

I can add, i run dovecot standalone not inetd or xinetd. does it change something about the pop-before-smtp issue ?

Mine is standalone, so that's not the problem.

Sorry. Since nobody else is helping, try another way...

Timo Sirainen

2 Dec 2 Dec

12:20 p.m.

On 28.11.2005, at 13:40, Matteo Garofano wrote:

...

I would use the script popbsmtp.sh and not a perl pig. (I'm using qpopper patched to store the relay IP in mysql and it works) I set .my.cnf in /root What happen is that the $3 don't contain the IP that should be written to the DB. Is there something I miss ?

I don't know why that script had $3 there, Dovecot has never given any parameters to imap/pop3 processes. But the IP address exists in IP environment, so you can just remove the "IP=.." line from the script and it should work. I updated the wiki already.

Lorens

3:07 p.m.

On Fri, Dec 02, 2005 at 12:20:58PM +0200, Timo Sirainen wrote:

...

I don't know why that script had $3 there, Dovecot has never given any parameters to imap/pop3 processes. But the IP address exists in IP environment, so you can just remove the "IP=.." line from the script and it should work. I updated the wiki already.

Never? Then I have some bizarre version compiled with an obscure patch by someone else... my config is

% protocol pop3 { % pop3_uidl_format = %f % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/pop3 % } % % protocol imap { % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/imap % }

% # head -3 /usr/lib/dovecot/popbsmtp.log % #!/bin/sh % % echo "Login parameters 1=$1, 2=$2, 3=$3, 4=$4, IP=$IP" >> /var/log/dovecot-t

I added on IP just now, never thought it could be there already.

% # tail -1 /var/log/dovecot-t % Login parameters 1=/usr/lib/dovecot/imap, 2=[xxmyloginxx, 3=xxxmyIPxx], 4=, IP=xxxmyIPxx

So, yes, IP is already in the environment, cool, the IP= line in my script was more or less useless (I add a pipe grep to avoid inserting local-net IPs, but that's minor), but on the version I have (1.0-stable, debian testing package 0.99.20050712-2), $2 and $3 do get there in *some* way . . .

Good to see the problem solved in any case, and since removing IP= would work on my version too, wiki is OK without further modifications.

HAND

Timo Sirainen

5:56 p.m.

On 2.12.2005, at 15:07, Lorens wrote:

...

% # tail -1 /var/log/dovecot-t % Login parameters 1=/usr/lib/dovecot/imap, 2=[xxmyloginxx, 3=xxxmyIPxx], 4=, IP=xxxmyIPxx

Oh. This is done with verbose_proctitle=yes setting, but it's only meant to be human-readable, and you shouldn't rely on it being in any specific format..

Matteo Garofano

7 Dec 7 Dec

10:15 a.m.

Thanks very much, It works ! Now I can manage the swich from qpopper to dovecot and offer also the imap service. I hope it helps somebody else. Bye Te0x

----- Original Message ----- From: "Lorens" dovecot.fdop@tagged.lorens.org To: dovecot@dovecot.org Sent: Friday, December 02, 2005 2:07 PM Subject: Re: [Dovecot] Pop-before-smtp and MySQL?

...

On Fri, Dec 02, 2005 at 12:20:58PM +0200, Timo Sirainen wrote:

...
I don't know why that script had $3 there, Dovecot has never given any parameters to imap/pop3 processes. But the IP address exists in IP environment, so you can just remove the "IP=.." line from the script and it should work. I updated the wiki already.

Never? Then I have some bizarre version compiled with an obscure patch by someone else... my config is

% protocol pop3 { % pop3_uidl_format = %f % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/pop3 % } % % protocol imap { % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/imap % }

% # head -3 /usr/lib/dovecot/popbsmtp.log % #!/bin/sh % % echo "Login parameters 1=$1, 2=$2, 3=$3, 4=$4, IP=$IP" >> /var/log/dovecot-t

I added on IP just now, never thought it could be there already.

% # tail -1 /var/log/dovecot-t % Login parameters 1=/usr/lib/dovecot/imap, 2=[xxmyloginxx, 3=xxxmyIPxx], 4=, IP=xxxmyIPxx

So, yes, IP is already in the environment, cool, the IP= line in my script was more or less useless (I add a pipe grep to avoid inserting local-net IPs, but that's minor), but on the version I have (1.0-stable, debian testing package 0.99.20050712-2), $2 and $3 do get there in *some* way . . .

Good to see the problem solved in any case, and since removing IP= would work on my version too, wiki is OK without further modifications.

HAND

Odhiambo Washington

10:19 a.m.

Can you please detail the whole solution in black and white for the archives? * On 07/12/05 09:15 +0100, Matteo Garofano wrote:

...

Thanks very much, It works ! Now I can manage the swich from qpopper to dovecot and offer also the imap service. I hope it helps somebody else. Bye Te0x

----- Original Message ----- From: "Lorens" To: Sent: Friday, December 02, 2005 2:07 PM Subject: Re: [Dovecot] Pop-before-smtp and MySQL?

...
On Fri, Dec 02, 2005 at 12:20:58PM +0200, Timo Sirainen wrote:

...
I don't know why that script had $3 there, Dovecot has never given any parameters to imap/pop3 processes. But the IP address exists in IP environment, so you can just remove the "IP=.." line from the script and it should work. I updated the wiki already.

Never? Then I have some bizarre version compiled with an obscure patch by someone else... my config is

% protocol pop3 { % pop3_uidl_format = %f % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/pop3 % } % % protocol imap { % mail_executable = /usr/lib/dovecot/popbsmtp.log /usr/lib/dovecot/imap % }

% # head -3 /usr/lib/dovecot/popbsmtp.log % #!/bin/sh % % echo "Login parameters 1=$1, 2=$2, 3=$3, 4=$4, IP=$IP" >> /var/log/dovecot-t

I added on IP just now, never thought it could be there already.

% # tail -1 /var/log/dovecot-t % Login parameters 1=/usr/lib/dovecot/imap, 2=[xxmyloginxx, 3=xxxmyIPxx], 4=, IP=xxxmyIPxx

So, yes, IP is already in the environment, cool, the IP= line in my script was more or less useless (I add a pipe grep to avoid inserting local-net IPs, but that's minor), but on the version I have (1.0-stable, debian testing package 0.99.20050712-2), $2 and $3 do get there in *some* way . . .

Good to see the problem solved in any case, and since removing IP= would work on my version too, wiki is OK without further modifications.

HAND

-Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Positive, adj.: Mistaken at the top of one's voice. -- Ambrose Bierce, "The Devil's Dictionary"

Lorens

2:34 p.m.

On Wed, Dec 07, 2005 at 11:19:15AM +0300, Odhiambo Washington wrote:

...

Can you please detail the whole solution in black and white for the archives?

It's on the wiki.

...

...
----- Original Message ----- From: "Lorens" dovecot.fdop@tagged.lorens.org

...
Good to see the problem solved in any case

[...]

...
wiki is OK without further modifications.

The problem was that the solution I posted on the wiki only worked for me because an unrelated diagnostics switch was set, and this was not specified. Timo corrected my code so it works in the general case, and thus the original problem (the code on the wiki not working) will not happen again.

The wiki URL is http://wiki.dovecot.org/moin.cgi/PopBSMTPAndDovecot

HAND.

6869

Age (days ago)

6878

Last active (days ago)

List overview

16 comments

7 participants

participants (7)

/dev/rob0
Alen Salamun
Lorens
Matteo Garofano
Odhiambo Washington
Timo Sirainen
Udo Rader