-   Linux - Networking (
-   -   Qpopper not getting email (using PAM/Samba Winbind Auth) (

Josh_T_2 12-18-2003 02:19 PM

Qpopper not getting email (using PAM/Samba Winbind Auth)
I originally installed Debian 3.0 (stable) and Samba 3 to do some testing on adding a Linux based file server to a Windows 2000 domain. I'm pretty sure Samba is working correctly - joined it to our domain ADS style and winbind works good for using Windows usernames for Samba. However, I noticed you can use winbind and Linux's PAM to authenticate any PAM aware application, so I decided to try making a intranet email server that "automagically" has accounts available for any Windows account.

Debian defaults to installing Exim as the SMTP part, and I installed qpopper for the POP3 part because it supports pam. I could send and receive using standard Linux usernames with the default packages, so I altered qpopper's pam file as follows:

FILE: /etc/pam.d/qpopper
#auth required shadow
#account required

#jdt 12-16-2003
auth required /lib/security/
account required /lib/security/

Then I could successfully authenticate via POP3 using Windows usernames as winbind creates them ("DOMAIN+user"). Tested exim with "exim -bt DOMAIN+user" - it refused to accept that apparently because it doesn't see their home dir, so I reconfigured samba to use /home/DOMAIN as all Windows user's home dir, then exim successfully accepts mail for the Windows users and puts it in /var/spool/mail/domain+user files. However, qpopper says the users have 0 messages when they connect. (note I'm testing using netcat and manually issuing the POP3/SMTP commands, if that makes a difference) - which confuses me because qpopper worked fine when using local linux accounts before I changed its pam file.

So do I have a qpopper problem, or could this be an exim or a pam or a samba problem? qpopper and exim are pretty much at debian's defaults as I couldn't find anything obviously wrong with their config. Is what I am trying to do even feasible? Or will I have problems down the road even if I can get this to work because of the winbind dynamically setting UIDs for the Windows account.

Thanks ahead of time for any insight or tips anyone can provide.

chort 12-18-2003 02:42 PM

Have you verified that Exim is actually writing data to the mboxes? Did you compile Qpopper for mbox, maildir, hashdirs, etc? The spool layout might be different than what Qpopper expects. Did you compile Qpopper with debugging support? If so you can enable debugging and increase the log level to see where it's trying to read from.

Josh_T_2 12-19-2003 09:57 AM

Well, I've been experimenting all morning with no luck...

Exim writes data to /var/spool/mail/ directory, as long as the user's home dir exists. Its single text file per user that starts with From, which should be mbox format.

I didn't compile qpopper - I used apt-get to install the package from Debian stable. Anyway, the default config seems to use the same format as exim - with the default pam config mail works fine for normal Linux accounts, but not Windows Domain accounts. I ran into trouble after I modified the pam file (/etc/pam.d/qpopper) to auth via winbind - I can successfully authenticate using Windows accounts, but they have no mail via POP3, even if exim put mail for them in /var/spool/mail. I tried enabling debugging - support seems to be compiled in, but I didn't see anything that really could help me.

I also tried replacing qpopper with the popa3d package - same result - works great by local Linux accounts by default - change its pam file, and Windows accounts can log in but don't get mail.

chort 12-19-2003 11:52 AM

You could truss -p the qpopper process and see what syscalls it's making, i.e. what files it's trying to open. The point is, it's looking like qpopper is not opening the right mailspool file. Maybe it's opening just the "user" mbox rather than "domain+user".

Josh_T_2 12-19-2003 12:21 PM

Not sure what truss is, but I think strace will do the same thing. Looks like my problem is here - I'll Google to see what it means...

[pid 8581] lstat64("/var/mail/MYDOMAIN+hrx", 0xbfffdbec) = -1 ENOENT (No such file or directory)

Josh_T_2 12-19-2003 12:28 PM

Ok, it appears to be a case problem - Winbind uses capitals for the domain, but exim is lowercasing it when it makes the mbox (/var/mail/mydomain+hrx).

Josh_T_2 12-19-2003 12:45 PM

Got it solved - switched to popa3d (liked it better than qpopper), all I need to do is use all lowercase for the POP username and it works. Thanks for the help.

chort 12-19-2003 12:47 PM

qpopper has a setting that will lower-case all. I can't remember if that's a compile time or run time option. It's in their PDF file at (I think that's where it redirects to, you can try too).

Josh_T_2 12-19-2003 12:52 PM

Ok - its downcase-user in the config file for qpopper. Thanks.

All times are GMT -5. The time now is 08:41 AM.