Eclectica Daybreak over Colburne Passage near Sidney, BC, Canada filler
shim shim shim shim
shim Home shim Software shim Avocations shim Services  
shim shim shim shim
Software
shim
shim
Documentation
 SSL Certificates
 OpenBSD RAID
 Self-Check Digits
 Bare Metal Reload
shim
Linux
 popbsmtpd
      Reference
      Installation
      Changelog
      FAQ
      Mailing Lists
      Download
shim
 Postfix
shim
 EnGarde
shim
iSeries
 CPYTOIFSF
 FTP Backup
shim
Windows
shim
shim

popbsmtpd-users

Re: popbsmtpd

From: Larry Nguyen (larry_at_<censored>)
Date: 2002-12-22 08:22:50


> Larry,
>
> So if I understand correctly, what you did below was this:
>
> - Install/configure popbsmtpd on myvietnam, known as myvietnam.org. -
> Pop your mail for account rhs from outside your network (from rr.com). -
> Send mail through myvietnam from outside your network (rr.com again).
>
> The mail you tried to send was rejected because relay access was denied.
>

This is correct.

> I can't see anything wrong with your Postfix config, but the immediate
> disabling of relaying by popbsmtpd is a problem. The duration for which
> relaying is permitted is set in popbsmtpd.conf as follows:
>
> auth_duration = 30

I have this value in popbsmtpd.conf

>
> Make sure this is a positive number; recently someone tried a negative
> number and got the result that you are getting. You can see what
> popbsmtpd thinks it is using with
>
> popbsmtpd -dc
>
> My output looks like this:
>
And mine:

[root_at_myvietnam /etc]# /usr/sbin/popbsmtpd -dc
source_log = /var/log/pop-imap-login.log
auth_db = /etc/postfix/pop-before-smtp.db
login_db = /etc/postfix/pop-before-smtp-logins.db
mynetworks = 192.168.1.
auth_duration = 30
sleep_duration = 3600
log_facility = LOG_MAIL
log_level = 1
secure-pop { enabled
        multiline = 1
        daemon = "stunnel"
        string = "spop3 connected from"
        ip_daemon = "stunnel"
        ip_string = "spop3 connected from"
        ip_scan = "spop3 connected from %[^:]:%*d"
        user_daemon = "spop3"
        user_string = "Login user="
        user_scan = "Login user=%s host=%*s [%*[^]]]"
        fail_daemon = "spop3"
        fail_string = "spop3"
}

>
> If this does not point out the problem, you can stop the daemon and run
> it from the command line with more verbose logging, and see if that
> shows up anything:
>
> popbsmtpd --loglevel=3

[root_at_myvietnam /etc]# /usr/sbin/popbsmtpd --loglevel=3
popbsmtpd: Opened configuration file /etc/popbsmtpd.conf
popbsmtpd: Closed configuration file
popbsmtpd: Command line arguments:
popbsmtpd: Run as daemon: No
popbsmtpd: Configuration file: /etc/popbsmtpd.conf
popbsmtpd: PID file: /var/run/popbsmtpd.pid
popbsmtpd: Configuration directives:
popbsmtpd: Source log: /var/log/pop-imap-login.log
popbsmtpd: Authorization DB: /etc/postfix/pop-before-smtp.db
popbsmtpd: Login DB: /etc/postfix/pop-before-smtp-logins.db
popbsmtpd: My networks ( 1 ) 192.168.1.
popbsmtpd: My networks ( 2 )
popbsmtpd: My networks ( 3 )
popbsmtpd: My networks ( 4 )
popbsmtpd: Auth. duration: 30 minutes
popbsmtpd: Sleep duration: 3600 seconds
popbsmtpd: Log facility: LOG_MAIL
popbsmtpd: Log level: 3
popbsmtpd: Protocol scheme #1 - secure-pop
popbsmtpd: Enabled: Yes
popbsmtpd: Multi-line login: Yes
popbsmtpd: Daemon: stunnel
popbsmtpd: String: spop3 connected from
popbsmtpd: IP daemon: stunnel
popbsmtpd: IP string: spop3 connected from
popbsmtpd: IP scan: spop3 connected from %[^:]:%*d
popbsmtpd: User daemon: spop3
popbsmtpd: User string: Login user=
popbsmtpd: User scan: Login user=%s host=%*s [%*[^]]]
popbsmtpd: Failed login daemon: spop3
popbsmtpd: Failed login string: Login failure user=
popbsmtpd: Protocol scheme #2 - <not configured>
popbsmtpd: Protocol scheme #3 - <not configured>
popbsmtpd: Protocol scheme #4 - <not configured>
popbsmtpd: Wrote pid 3464 to /var/run/popbsmtpd.pid
popbsmtpd: Opened source log /var/log/popopbsmtpd: Opened authorization DB /etc/postfix/pop-before-smtp.db
popbsmtpd: Opened login DB /etc/postfix/pop-before-smtp-logins.db
popbsmtpd: Start monitoring for POP logins (non-daemon) -- version 0.5.2 p-imap-login.log
popbsmtpd: Expiry tests: Current time 2002/12/22 10:14:25 (1040573665),
Cutoff time 2002/12/22 09:44:25 (1040571865)popbsmtpd: Waiting for event;
timeout in 3600 seconds

Sorry for another lengthy message. I also attached my popbsmtpd.conf. I
hope you don't mind me asking for help like this. I feel really bad.

Thanks again.

-Larry

>
> I hope this helps; let me know how you succeed. If you can't get it
> going, send me the logging output and the configuration file.
>
> Regards,
> Marcus Redivo
>
> Larry Nguyen said:
>> Marcus,
>>
>> Thought I won't need popbsmtpd until now :) I went through your
>> how-to, tested each step successfully, i.e, manually add the IP into
>> pop-before-smtp, regenerate the database, send a test message
>> successfully, edit syslog-ng.conf, able to see user login when doing
>> cat /var/log/pop-imap-login.log.
>>
>> I did edit main.cf to set the 2 tests smtpd_client_restrictions and
>> smtpd_recipient_restricions to include check_client_access
>> hash:/etc/postfix/pop-before-smtp, reload postfix, start popbsmtpd.
>> When trying to send a message I received
>>
>>
>> Dec 21 09:37:37 myvietnam postfix/smtpd[2499]: reject: RCPT from
>> rrcs-sw-24-153-136-148.biz.rr.com[24.153.136.148]: 554
>> <larrynguyenus yahoo.com>: Recipient address rejected: Relay access
>> denied; from=<rhs myvietnam.org> to=<larrynguyenus yahoo.com>
>>
>> Below is my postconf | grep smtpd
>>
>> smtpd_banner = $myhostname ESMTP $mail_name
>> smtpd_client_restrictions = permit_mynetworks,check_client_access
>> hash:/etc/postfix/pop-before-smtp,hash:/etc/postfix/access
>> smtpd_delay_reject = no
>> smtpd_error_sleep_time = 5
>> smtpd_etrn_restrictions =
>> smtpd_hard_error_limit = 100
>> smtpd_helo_required = yes
>> smtpd_helo_restrictions =
>> smtpd_junk_command_limit = 1000
>> smtpd_recipient_limit = 1000
>> smtpd_recipient_restrictions = permit_mynetworks,check_client_access
>> hash:/etc/postfix/pop-before-smtp,reject_maps_rbl,check_relay_domains
>> smtpd_restriction_classes =
>> smtpd_sasl_auth_enable = no
>> smtpd_sasl_local_domain = $myhostname
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sender_restrictions =
>> permit_mynetworks,hash:/etc/postfix/access,reject_unknown_sender_domain
>> smtpd_soft_error_limit = 10
>> smtpd_timeout = 300
>>
>> For some reason popbsmtpd enable relaying after user log in then
>> disable it right away. Please see below.
>>
>>
>> Dec 21 09:29:36 myvietnam spop3[2482]: Login user=rhs host=localhost
>> [127.0.0.1] nmsgs=0/0
>> Dec 21 09:29:36 myvietnam popbsmtpd[2456]: Relaying ENABLED (started)
>> for user rhs at 24.153.136.148
>> Dec 21 09:29:36 myvietnam popbsmtpd[2456]: Relaying DISABLED for
>> 24.153.136.148
>> Dec 21 09:29:36 myvietnam spop3[2482]: Logout user=rhs host=localhost
>> [127.0.0.1] nmsgs=0 ndele=0
>>
>> I apologize for the long email and really do appreciate your help.
>>

>>
>> -Larry


This archive was generated by hypermail 2.1.6 on 2005-11-05 00:15:06 PST


shim