checkpassword only works as root, authentication with spamdyke, qmail
You can test checkpassword with
printf "%s\0%s\0%s\0" user password Y123456 | /usr/bin/checkpassword id 3<&0 But it only gives the right result when you are root. Why ? I have set spamdyke to use checkpassword smtp-auth-command=/usr/bin/checkpassword /bin/true I think that is a problem when running "/etc/init.d/qmail start". I have ... rblsmtpd="/usr/local/bin/spamdyke -l -f /etc/spamdyke.conf" ... ... sh -c "start-stop-daemon --start --quiet --user qmaild \ --pidfile /var/run/tcpserver_smtpd.pid --make-pidfile \ --exec /usr/bin/tcpserver -- -R -H \ -u `id -u qmaild` -g `id -g nobody` -x /etc/tcp.smtp.cdb 0 smtp \ $rblsmtpd /usr/sbin/qmail-smtpd 2>&1 \ | $logger &" I am not an expert but it seems to work if `id -u mails` is replaced with `id -u root` Ok, but from a security aspect is that the right solution? I mean qmail-smtpd will run as root which is not as intended. |
Quote:
Quote:
There are a number of alternatives to checkpassword. I cannot advise the best solution; for a commercial system, you should probably operate a separate password database for remote smtp users, rather than give qmail access to the system passwords. |
All times are GMT -5. The time now is 10:54 AM. |