Discussion:
How to configure maildir
(too old to reply)
Alfredo Martino
2002-07-02 07:41:57 UTC
Permalink
Hi to all, I'm a new courier users.

I've installed Courier-imapd in my freebsd server with sendmail.
I've tried to create new user with adduser but this user can't read email via pop3
because the maildir is not correct.

I wanto to know if courier work fine with sendmail or if i have to install qmail.
If courier work fine with sendmail how can I create new user ? I've to create first user
with adduser and then makemaildir ?

Can you help me with a little example for adding new user in my freebsd and configuring
it to read email via pop3.


Thanks in advace.
Alfredo Martino
***@guest.tlsoft.it


".... perche' TIM e' grande ...."
Bill Michell
2002-07-02 08:06:58 UTC
Permalink
Alfredo Martino writes:

> Hi to all, I'm a new courier users.
>
> I've installed Courier-imapd in my freebsd server with sendmail.
> I've tried to create new user with adduser but this user can't read email via pop3
> because the maildir is not correct.
>
> I wanto to know if courier work fine with sendmail or if i have to install qmail.
> If courier work fine with sendmail how can I create new user ? I've to create first user
> with adduser and then makemaildir ?
>
> Can you help me with a little example for adding new user in my freebsd and configuring
> it to read email via pop3.
>
>
The command you need to find out about is maildirmake.

This makes an empty maildir structure for the user.

On at least some systems, it is perfectly feasible to add a suitable maildir
to the dummy user so it will be automatically created for new users with
adduser. I'm not sure about the details for freebsd though...

--
Bill Michell
***@mics.org.uk (home)
M. Jolic
2002-07-02 09:19:01 UTC
Permalink
Hi Gurus,

i've searched the list but nothing found similar.

I've got a problem to log the user WITH domain in the Logs.

The normal way shows the user only.

from imapd.c
[...]
fprintf(stderr, "INFO: LOGIN, user=%s, ip=[%s]\n",
getenv("AUTHENTICATED"), ip);
[...]

maillog:
[...]
Jul 1 22:10:37 HOST imapd-ssl: Connection, ip=[xxx.xxx.xxx.xxx]
Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, ip=[xxx.xxx.xxx.xxx]
Jul 1 22:10:44 HOST imapd-ssl: LOGOUT, user=user1, ip=[xxx.xxx.xxx.xxx],
headers=76, body=4477
[...]
(btw: HOST is the name of the server)

So, how get we logged the virtual domain?

Like, for ex.:

user1 is a user from virtual domain example.com.

It could look like:

maillog:
[...]
Jul 1 22:10:37 HOST imapd-ssl: Connection, ip=[xxx.xxx.xxx.xxx]
Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, domain=example.com,
ip=[xxx.xxx.xxx.xxx]
Jul 1 22:10:44 HOST imapd-ssl: LOGOUT, user=user1, domain=example.com,
ip=[xxx.xxx.xxx.xxx], headers=76, body=4477
[...]

thx.

m.
M. Jolic
2002-07-02 10:56:50 UTC
Permalink
>
> make sure your users login with their full name + email address.
>

They do!

Ex: login: ***@example.com pass: pass

> e.g. ***@example.com
>
> that way it gets logged with the vhost.

No.

When somebody uses (for ex.) outlook and the login is defined as:
***@example.com (+ his password) we get this LOG:

Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, ip=[xxx.xxx.xxx.xxx]

NOT user=***@example.com ::: NO host-info!!!

Do you get something else?

>
> the problem with your vhost setup is, is that you can't have two of the same
> accounts for
> different domains,
>
> e.g. ***@example.com
> ***@foo.bar

This is handled trough vmailmgrd!

We have ***@virtualdom1.com, ***@virtualdom2.com, ***@virtualdom3.com,
***@virtualdom4.com, ***@virtualdom5.com... and so on!

Every user has to login with his FULL login-name like mentioned above.

And everything works as expected!

But we don't see any domain in the logs!

>
> i use ldap is the authentication backend and altered the me file
> /courier/etc to change the domain name to something other then
> the default domain, as it gets appended by default to the username and
> authentication fails.
>
> also i have created a hostedddomains file with domains that i host.

Is 'hosteddomains' handled by courier? If yes, how?

***

Any comments?

thx.

m.

>
> Mail me if you want more info,
>
> With kind regards,
>
> Tjeerd van der Zee
>
> ----- Original Message -----
> From: "M. Jolic" <***@primusavitos.de>
> To: <courier-***@lists.sourceforge.net>
> Sent: Tuesday, July 02, 2002 1:16 PM
> Subject: [courier-users] courier-imap and virtual domains with vmailmgr &
> qmail...
>
>
>> Hi Gurus,
>>
>> i've searched the list but nothing found similar.
>>
>> I've got a problem to log the user WITH domain in the Logs.
>>
>> The normal way shows the user only.
>>
>> from imapd.c
>> [...]
>> fprintf(stderr, "INFO: LOGIN, user=%s, ip=[%s]\n",
>> getenv("AUTHENTICATED"), ip);
>> [...]
>>
>> maillog:
>> [...]
>> Jul 1 22:10:37 HOST imapd-ssl: Connection, ip=[xxx.xxx.xxx.xxx]
>> Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, ip=[xxx.xxx.xxx.xxx]
>> Jul 1 22:10:44 HOST imapd-ssl: LOGOUT, user=user1, ip=[xxx.xxx.xxx.xxx],
>> headers=76, body=4477
>> [...]
>> (btw: HOST is the name of the server)
>>
>> So, how get we logged the virtual domain?
>>
>> Like, for ex.:
>>
>> user1 is a user from virtual domain example.com.
>>
>> It could look like:
>>
>> maillog:
>> [...]
>> Jul 1 22:10:37 HOST imapd-ssl: Connection, ip=[xxx.xxx.xxx.xxx]
>> Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, domain=example.com,
>> ip=[xxx.xxx.xxx.xxx]
>> Jul 1 22:10:44 HOST imapd-ssl: LOGOUT, user=user1, domain=example.com,
>> ip=[xxx.xxx.xxx.xxx], headers=76, body=4477
>> [...]
>>
>> thx.
>>
>> m.
>>
>>
>>
>> -------------------------------------------------------
>> This sf.net email is sponsored by:ThinkGeek
>> Welcome to geek heaven.
>> http://thinkgeek.com/sf
>> _______________________________________________
>> courier-users mailing list
>> courier-***@lists.sourceforge.net
>> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
>>
Sam Varshavchik
2002-07-02 11:20:41 UTC
Permalink
M. Jolic writes:


> When somebody uses (for ex.) outlook and the login is defined as:
> ***@example.com (+ his password) we get this LOG:
>
> Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, ip=[xxx.xxx.xxx.xxx]
>
> NOT user=***@example.com ::: NO host-info!!!

File a bug report with microsoft. The IMAP mail client completely controls
the userid it sends to the server.


--
Sam
M. Jolic
2002-07-02 11:55:30 UTC
Permalink
> When somebody uses (for ex.) outlook and the login is defined as:
>> ***@example.com (+ his password) we get this LOG:
>>
>> Jul 1 22:10:37 HOST imapd-ssl: LOGIN, user=user1, ip=[xxx.xxx.xxx.xxx]
>>
>> NOT user=***@example.com ::: NO host-info!!!
>
> File a bug report with microsoft. The IMAP mail client completely controls
> the userid it sends to the server.

But there's only one problem:

Our Users have to login with ***@domain.com with their password and this
has to be transmitted, otherwise our server wouldn't allow to log in.

So, ***@domain.com is transmitted and via the authvmailmgr authenticated
as mentioned on www.inter7.com (->free software->courier-imap).

Maybe this could be a solution:

In imapd.c:

SetENV("DAMNEDVIRTUALUSER")=user;

and further on where the code will log through syslog:

fprintf(stderr, "INFO: LOGIN, user=%s, ip=[%s]\n",
getenv("DAMNEDVIRTUALUSER"), ip);

Is this possible?

m.
Sam Varshavchik
2002-07-02 12:43:06 UTC
Permalink
M. Jolic writes:


> Our Users have to login with ***@domain.com with their password and this
> has to be transmitted, otherwise our server wouldn't allow to log in.
>
> So, ***@domain.com is transmitted and via the authvmailmgr authenticated
> as mentioned on www.inter7.com (->free software->courier-imap).

Sounds like a vmailmgr issue. Courier-IMAP has no issue authenticating
virtual login IDs with fully-qualified domain names.

--
Sam
Roland Schneider
2002-07-02 12:40:05 UTC
Permalink
--M. Jolic wrote on 02.07.2002 15:44 +0200:

> So, ***@domain.com is transmitted and via the authvmailmgr authenticated
> as mentioned on www.inter7.com (->free software->courier-imap).
>
> Maybe this could be a solution:
>
> In imapd.c:
>
> SetENV("DAMNEDVIRTUALUSER")=user;
>
> and further on where the code will log through syslog:
>
> fprintf(stderr, "INFO: LOGIN, user=%s, ip=[%s]\n",
> getenv("DAMNEDVIRTUALUSER"), ip);
>
> Is this possible?

courier logs whatever the auth-module puts into $AUTHENTICATED:

fprintf(stderr, "INFO: LOGOUT, user=%s, ip=[%s],"
" headers=%lu, body=%lu\n",
getenv("AUTHENTICATED"), getenv("TCPREMOTEIP"),


Use one of the auth-module which comes with courier, or fix
vmailmgr (which also has a couple of other problems reported).

Roland
M. Jolic
2002-07-02 13:16:04 UTC
Permalink
> courier logs whatever the auth-module puts into $AUTHENTICATED:
>
> fprintf(stderr, "INFO: LOGOUT, user=%s, ip=[%s],"
> " headers=%lu, body=%lu\n",
> getenv("AUTHENTICATED"), getenv("TCPREMOTEIP"),
>
>
> Use one of the auth-module which comes with courier, or fix
> vmailmgr (which also has a couple of other problems reported).
>

Do you know about other problems? What kind of?

The problem is:

We're using qmail with vmailmgrd (for virtual hosts) with pop & smtp. So we
decided to use courier-imap as an additional module because it's faster than
pop and we like the possbility to keep messages in folders or to mark them
as seen/deleted...

But we don't want to have a conf for vmailmgr (qmail) and another for imap.

We're just talking about a solution with qmail & SQL where every user (vdoms
too) is listed in the SQL-table. There are solution for qmail to handle this
(auth via SQL).

The Benefit is that users who want to connect via imap could be
authenticated through the auth-SQL too.

So we have only ONE database for the whole mail-system.

Is anybody using this? (or similiar?)

milli
Toni Mattila
2002-07-02 13:19:27 UTC
Permalink
Hi,

> > Our Users have to login with ***@domain.com with their password and this
> > has to be transmitted, otherwise our server wouldn't allow to log in.
> >
> > So, ***@domain.com is transmitted and via the authvmailmgr authenticated
> > as mentioned on www.inter7.com (->free software->courier-imap).
> Sounds like a vmailmgr issue. Courier-IMAP has no issue authenticating
> virtual login IDs with fully-qualified domain names.

So far I haven't met any issues with vmailmgr-auth module. It's just that
in logfiles the domain is stripped from the username. So the auth works
100%, only thing is that the info doesn't get in full to the logfile.

Regards,
Toni Mattila
Roland Schneider
2002-07-02 14:03:13 UTC
Permalink
--M. Jolic wrote on 02.07.2002 17:05 +0200:

>> courier logs whatever the auth-module puts into $AUTHENTICATED:
>>
>> fprintf(stderr, "INFO: LOGOUT, user=%s, ip=[%s],"
>> " headers=%lu, body=%lu\n",
>> getenv("AUTHENTICATED"), getenv("TCPREMOTEIP"),
>>
>>
>> Use one of the auth-module which comes with courier, or fix
>> vmailmgr (which also has a couple of other problems reported).
>>
>
> Do you know about other problems? What kind of?

Authentification only works a few times and such things...
Check out the archives and consult the vpopmail-mailinglist.

$ grep -ihE "^Subject:.*(vmail|vpopmail|vchkp)" * | sort | uniq

Subject: RE: [courier-users] Courier-IMAP+vpopmail
Subject: RE: [courier-users] Re: Vpopmail READ THIS
Subject: Re: [courier-users] Qmail, Courier-imap, and vmailmgr
Subject: [courier-users] Courier IMAP + Qmail + Vpopmail + PHP
Subject: [courier-users] Courier imap-1.4.5 and vpopmail-5.3.6
Subject: [courier-users] Courier-IMAP 1.3.8 + Vpopmail 5.2 problems with
default domain
Subject: [courier-users] Courier-IMAP+vpopmail
Subject: [courier-users] Courier-IMAP+vpopmail Msg2
Subject: [courier-users] Re: Vpopmail READ THIS
Subject: [courier-users] Re: Vpopmail READ THIS
Subject: [courier-users] Re: courier-imap needs restart to auth vpopmail users
Subject: [courier-users] User authenticated but unable to read new mail
(vpopmail 5.2 +courier 1.4.4)
Subject: [courier-users] courier-imap needs restart to auth vpopmail users
Subject: [courier-users] vpopmail user confused how Courier-IMAP controls qmail
delivery

I usually scroll quickly whenever v* gets mentioned...

> We're just talking about a solution with qmail & SQL where every user (vdoms
> too) is listed in the SQL-table. There are solution for qmail to handle this
> (auth via SQL).
>
> The Benefit is that users who want to connect via imap could be
> authenticated through the auth-SQL too.

The table can be queried natively with authmysql, check out
the MYSQL_SLECT_CLAUSE for use with splitted login/domain.

Roland
Toni Mattila
2002-07-02 14:39:18 UTC
Permalink
Hi,

> >> Use one of the auth-module which comes with courier, or fix
> >> vmailmgr (which also has a couple of other problems reported).
> >
> > Do you know about other problems? What kind of?
>
> Authentification only works a few times and such things...
> Check out the archives and consult the vpopmail-mailinglist.

Please. Don't confuse two diffrent products. Vpopmail by inter7 and
vmailmgr by Bruce Guenter.

In this case we were just wondering why the authentication module doesn't
pass on the full username, or why isn't the full username logged.

Besides thes the logging-thing, I'm 100% satisfied with vmailmgr. It's
less quirky than vpopmail(i'm running also vpopmail in diffrent setup).

With vpopmail 5.2 and authvchkpw I haven't noticed any problems. I'm
running authpam and authvchkpw in chain(no authdaemon involved). There are
about 600+ domains with about 5-30 users in each.

Regars,
Toni Mattila
Leonard Chan
2002-07-02 23:56:02 UTC
Permalink
Alfredo Martino writes:

> Hi to all, I'm a new courier users.
>
> I've installed Courier-imapd in my freebsd server with sendmail.
> I've tried to create new user with adduser but this user can't read email via pop3
> because the maildir is not correct.
>
> I wanto to know if courier work fine with sendmail or if i have to install qmail.

I don't think sendmail can work directly with courier-imapd.

> If courier work fine with sendmail how can I create new user ? I've to create first user
> with adduser and then makemaildir ?

You should create a Maildir in your skeletion directory. Once done, adduser
should be able to copy the structure to your newly created user's home dir.
"man adduser" will give you more info on skeleton dir.

>
> Can you help me with a little example for adding new user in my freebsd and configuring
> it to read email via pop3.

I just disabled sendmail (sendmail_enable="NONE" in /etc/rc.conf) and
install ports/mail/courier

>
>
> Thanks in advace.
> Alfredo Martino
> ***@guest.tlsoft.it
>
>
> ".... perche' TIM e' grande ...."
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> courier-users mailing list
> courier-***@lists.sourceforge.net
> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Binand Raj S.
2002-07-03 01:55:03 UTC
Permalink
On Wednesday 03 July 2002 07:25 am, Leonard Chan wrote:
> > I wanto to know if courier work fine with sendmail or if i have to
> > install qmail.
>
> I don't think sendmail can work directly with courier-imapd.

If procmail is the local delivery agent for sendmail, then this
/etc/procmailrc delivers mails to ~/Maildir for all users:

***@mail[~] cat /etc/procmailrc
DEFAULT=$HOME/Maildir/

One can fiddle around with procmail scripts for virtual domains also,
I suppose. sendmail needn't be the issue here. The trailing slash is
important, and when setup correctly, procmail will even create ~/Maildir
for you.

Binand
M. Jolic
2002-07-04 11:09:07 UTC
Permalink
Hi Gurus and everybody who is using qmail with VMAILMGR and Courier-IMAP!

After several tests we've found the problem and solved it!

No, it's not Outlook or anything else:

It's the authvmailmgr-module from vmailmgr.

So, if you want to log the user of a virtual domain who is using
courier-imap here's how to handle this:


The authentication-module of vmailmgr sends the "virtual name" of the domain
only! The solution:

Set an ENV with a name where no prog is using this ENV, except the
(modified) imapd from courier-imap:

look at "authvlib.cc" from the source of vmailmgr:

[...]
if(!lookup_baseuser(fulluser, basepw, virtname))
fail_login("Invalid or unknown base user or domain");
presetenv("VUSER=", virtname);
/*
the following line must be added! The ENV-Name can be different, but
notice to change this in the imapd.c too!
*/
presetenv("FULL_USER=", fulluser);

if(!virtname) {
if(virtual_only)
[...]

Notice: We add the ENV "FULL_USER" to the code so that the full
functionality of vmailmgr for qmail will be untouched!

Then make it with: make
and copy the program authvmailmgr to the auth-dir of courier-imap where your
original authvmailmgr resides.

Go to the source of courier-imap and look into the path imap for imapd.c.
Open the file and look for:
[...]
writes("* BYE Courier-IMAP server shutting down\r\n");
writes(tag);
writes(" OK LOGOUT completed\r\n");
writeflush();
emptytrash();
/*
Original: getenv("AUTHENTICATED")
NOW: getenv("FULL_USER")
*/
fprintf(stderr, "INFO: LOGOUT, USER=%s, ip=[%s],"
" headers=%lu, body=%lu\n",
getenv("FULL_USER"), getenv("TCPREMOTEIP"),
header_count, body_count);
exit(0);
}

if (strcmp(curtoken->tokenbuf, "LIST") == 0
[...]

Now we put the "FULL_USER"-ENV instead of "AUTHENTICATED"-ENV, because
according to vmailmgr the variable "fulluser" contains the domain and the
virtual user!

Next step:

STOP imap (& imap-ssl if your using)
make
make install (or copy the imapd to /usr/lib/courier-imap/bin or whereever
your imap-path is)

After you've overwritten the original imapd-prog: start it again and log
into your mailbox via imap and logout.
Look in the maillog (/var/log/maillog) and you should see something like:

INFO: LOGOUT, USER=domain.com-test, ip=[xxx.xxx.xxx.xxx], headers=0, body=0

Now you have the "alternative" Login from the user:

Login: ***@domain.com -> Becomes: domain.com-test

Login: domain.com-test -> Besomes: domain.com-test

I was surprised why NOBODY is interested to get the size of a virtual user
who is getting mails via imap over vmailmgr-auth!!!!

Any ideas?

milli
Sam Varshavchik
2002-08-27 15:38:04 UTC
Permalink
R'twick Niceorgaw writes:

> Hi all,
> I have setup a webadmin password in /etc/courier/webadmin/password file
> using "make install-webadmin-password", but when I try to login to webadmin,
> I'm getting invalid password. I can see my password is correct in the
> password file.

Make sure the ownership/permission of the webadmin wrapper in cgi-bin are
correct.
R'twick Niceorgaw
2002-08-27 15:49:04 UTC
Permalink
I have it root.root mode 555
is it correct or do i need to change it ?

----- Original Message -----
From: "Sam Varshavchik" <***@courier-mta.com>
To: "Courier-Users List" <courier-***@lists.sourceforge.net>
Sent: Tuesday, August 27, 2002 1:37 PM
Subject: [courier-users] Re: webadmin : invalid password


> R'twick Niceorgaw writes:
>
> > Hi all,
> > I have setup a webadmin password in /etc/courier/webadmin/password file
> > using "make install-webadmin-password", but when I try to login to
webadmin,
> > I'm getting invalid password. I can see my password is correct in the
> > password file.
>
> Make sure the ownership/permission of the webadmin wrapper in cgi-bin are
> correct.
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone? Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _______________________________________________
> courier-users mailing list
> courier-***@lists.sourceforge.net
> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
>
Sam Varshavchik
2002-08-27 17:46:09 UTC
Permalink
Chris MacLeod writes:

> hmm, ok. Not sure how to go about figuring this one out then.
>
> There is no bounce, the application is using me as a relay (and it's
> allowed) and it makes a connection and then sits there. Nothing else in
> the logs, and no bounced message. But if I point it at a sendmail relay
> it works fine, weird.

Check your DNS setup. Check that the application's IP address resolves
backwards and forwards through DNS. Check that there are no broken
firewalls in between that block the ident port.

It's probably a long DNS/ident timeout on connect.
Chris MacLeod
2002-08-27 19:01:05 UTC
Permalink
On Tue, 2002-08-27 at 15:45, Sam Varshavchik wrote:
> Check your DNS setup. Check that the application's IP address resolves
> backwards and forwards through DNS. Check that there are no broken
> firewalls in between that block the ident port.

nope, not DNS forward and reverse is good.
I have ident turned off at the mta so I doubt that's it unless this
cruft app requiress ident.

The box can relay fine off my MTA it's this crufty application which
seems to hold a grudge against courier (since it works with a sendmail
relay) hence why I'm needing to look at the helo and everything to see
if the problem is there.
Sam Varshavchik
2002-08-27 20:43:04 UTC
Permalink
Chris MacLeod writes:

> The box can relay fine off my MTA it's this crufty application which
> seems to hold a grudge against courier (since it works with a sendmail
> relay) hence why I'm needing to look at the helo and everything to see
> if the problem is there.

You'll need to look at the packet level trace anyway.

I recall a similar bug in some old Perl Mail:: module, which believed it
could accomplish its duty simply by flinging SMTP commands one after another
at the server, without bothering to wait for the server to reply. That's not
going to work very well (sendmail might tolerate this abuse, but it violates
the PIPELINING restrictions and won't work with Courier).
Continue reading on narkive:
Loading...