Installing and configuring vpopmail

October 19, 2024 by Roberto Puzzanghera 139 comments

Vpopmail provides an easy way to manage virtual email domains and non /etc/passwd email accounts on your mail servers.

Changelog

Complete changelog

  • Oct 19, 2024 (v.5.6.3)
    - bug fixed: passwords with length > 8 were denied if sha-512 was disabled
  • Oct 14, 2024 (v. 5.6.2)
    - fixed a configure break where a trivial C test program exits on error with gcc-14.1 due to missing headers
    - vusaged/domain.c: fixed -Wimplicit-function-declaration compilation warning
    - vmysql.h: dropped the multicolumn PRIMARY KEY in valias table to allow multiple forwards for a given alias.
       In case one already has the valias table defined, this is the sql query for the upgrade:
       ALTER TABLE `vpopmail`.`valias` DROP PRIMARY KEY, ADD INDEX (`alias`, `domain`, `valias_type`) USING BTREE;
       ALTER TABLE `vpopmail`.`valias` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`);
  • Jun 7, 2024
    - the header files of libev are now installed in /usr/local/include/libev (was /usr/local/include) to avoid conflicts with libevent. vusaged configure command was adjusted accordingly.
  • Jan 11, 2024
    - vmysql.c: allow the insertion of a second valias row with the same alias/domain when vpopmail is configured with --enable-defaultdelivery and --enable-valias
    - bug fix in mysql.h: wrong definition of VALIAS_TABLE_LAYOUT as it was looking for DEFAULTDELIVERY definition instead of DEFAULT_DELIVERY. This bug was preventing the correct auto creation of the valias table in MySQL
    - configure.ac: solved all autoconf warnings
  • Dec 11, 2023
    - patch merged with github/brunonymous
    - vpopmail-5.6.0 released (read the upgrading notes)
  • Nov 11, 2023
    - defaultdelivery patch: vmakedotqmail won't create users' .qmail if control/defaultdelivery already has vdelivermail.
  • Oct 23, 2023
    - defaultdelivery patch: .qmail file won't be created if control/defaultdelivery already has vdelivermail

  • Sep 5, 2023
    - changed configuration option --enable-logging=e (was p). Now failed attempts will be logged with no password shown.
  • Aug 27, 2023
    - new combined patch. More info here
    * The logic of the defaultdelivery patch/feature has been revised. If configured with --enable-defauldelivery vpopmail will save control/defauldelivery in the user's .qmail and vdelivermail LDA in the domain's .qmail-default file. This will achieve multiple benefits: you have qmail forwards and sieve together and valias available. The valias table schema was changed as well.

Patch details

This is the set of my patches which are included in vpopmail starting from version 5.6.0:

  • sql-aliasdomains patch, which makes vpopmail save the aliasdomains to MySQL. This makes the dovecot sql auth driver aware of the aliasdomains, provided that you modify the sql query as well (see the dovecot page for more info).
  • defaultdelivery patch, will copy you favourite delivery agent, stored in QMAILDIR/control/defauldelivery, in the mailbox's .qmail and the vpopmail delivery agent in the domain's .qmail-default.
    More info here, have also a look to the doc/README.defaultdelivery file.
  • dovecot-sql-procedures patch
    If you want to use the dovecot's sql auth driver with one table for each domain (--disable-many-domains) you have to heavily customize your queries to the sql database. With this patch vpopmail installs the sql procedures and functions in the database when you create a new domain. The procedures can be called by dovecot to perform the auth.
    The sql stuff supports aliasdomains and mysql limits and will be loaded from ~/vpopmail/etc/disable-many-domains_procedures.sql. You can customize the sql procedure editing this file.
    You have to configure with --enable-mysql-bin=PATH as we have to install the procedures calling the mysql bin as a shell command (no way to load an sql query from a file in C language, comments welcome).
  • vusaged configure patch
    It seems that at least on Debian 11 vusaged refuses to run the configure successfully, as the MySQL libraries are not linked (configure: error: No vauth_getpw in libvpopmail). After some inspection, I noticed that avoiding the break of the configure command, the following make command will find libmysqlclient and compile with no problems, and the program works as expected.
    NB: an autoreconf -f -i into the vusaged directory is needed before configuring, as the configure.ac script was modified.
  • s/qmail cdb patch This patch, which gets vpopmail to locate correctly the qmail assign.cdb for s/qmail users, it's not used anymore because it was replaced by a similar patch, where s/qmail users should compile vpopmail with --enable-qmail-cdb-name=assign.cdb
  • recipient check patch. It can be used with Erwin Hoffmann's s/qmail to accomplish the recipient check. Not important in my installation, look at doc/README.vrcptcheck for more info.
  • vuserinfo-D_newline, a cosmetic patch which prints a new line to separate users' infos when typing vuserinfo -D <domain>
  • gcc-10-compat patch, which gets vpopmail to compile with gcc-10 and later versions
  • A fix to the following issues (patch by Ali Erturk TURKER):
    - vdelivermail.c checks spamassassin permissions, instead of maildrop permissions.
    - vopen_smtp_relay() return values corrected, so that open_smtp_relay() can detect and report database connection errors (vmysql.c, voracle.pc, vpgsql.c)
    - vdel_limits() core-dumps if a database connection is not available beforehand. (vmysql.c, voracle.pc)

Upgrading to v. 5.6.x

When upgrading from version 5.4.33 to version 5.6.x, and if you have the accounts on SQL, you should enlarge the vpopmail.pw_passwd column size, as the default password encryption is SHA512, which is longer than the old MD5; you can disable SHA512 pwd with --disable-sha512-passwords at configure time. In addition, the minimum password length was set to 12, even though you can always disable it or set as you prefer (--enable-min-pwd-length=10). The default dimension for the vpopmail.pw_passwd column is now 128; here is how you can quickly alter the table:

ALTER TABLE `vpopmail` CHANGE `pw_passwd` `pw_passwd` CHAR(128) CHARACTER SET latin1 COLLATE latin1_swedish_ci NULL DEFAULT NULL;

Setup

Create the vpopmail user and group. Be aware that the home directory below is going to be the one where vpopmail will be installed, so you can change it if you want to have vpopmail elsewhere. You can also decide to assign different uid/gid to vpopmail, as qmail will be able to determine them dinamically.

groupadd -g 89 vchkpw
useradd -g vchkpw -u 89 -d /home/vpopmail vpopmail

Download the source (original files here: http://sourceforge.net/projects/vpopmail/files/, but you can download my local copy) and configure.

NB you may have to replace --enable-incdir=/usr/include/mysql with --enable-incdir=/usr/include/mariadb in Debian and related.

VPOPMAIL_VERSION=5.6.3
cd /usr/local/src
wget https://github.com/sagredo-dev/vpopmail/archive/refs/tags/v${VPOPMAIL_VERSION}.tar.gz
tar xzf v${VPOPMAIL_VERSION}.tar.gz
cd vpopmail-${VPOPMAIL_VERSION}
chown -R root:root .

./configure \
        --enable-qmaildir=/var/qmail/ \
        --enable-qmail-newu=/var/qmail/bin/qmail-newu \
        --enable-qmail-inject=/var/qmail/bin/qmail-inject \
        --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh \
        --disable-roaming-users \
        --enable-auth-module=mysql \
        --enable-incdir=/usr/include/mysql \
        --enable-libdir=/usr/lib64 \
        --enable-logging=e \
        --disable-clear-passwd \
        --enable-auth-logging \
        --enable-sql-logging \
        --disable-passwd \
        --enable-qmail-ext \
        --enable-learn-passwords \
        --enable-mysql-limits \
        --enable-valias \
        --enable-sql-aliasdomains \
        --enable-defaultdelivery \
        --disable-min-pwd-length

--disable-roaming-users roaming users will be disabled, since we don't want to use POP before SMTP authorization. We will patch qmail with smtp-authentication instead.

--enable-auth-module=mysql builds MySQL support and  stores virtual users accounts into a mysql database.

--enable-incdir=/usr/include/mysql Your MySQL include dir (use just in case you installed mysql from binaries or source in a non standard location. Mount mysql dir somewhere if it is installed in a different machine).

--enable-libdir=/usr/lib64 Your MySQL lib dir. Obviously it might be /usr/lib on 32b systems

--disable-passwd Don't include /etc/passwd support. I don't want to manage real users, this is just a web server.

--disable-clear-passwd Clear password will not be saved to database for security reasons. If you don't want to have problems when users forget their passwords and you want to recover them quickly switch this to --enable-clear-passwd.

--enable-logging=e Logs failed attempts on syslog (no failed passwords will be shown).

--enable-sql-logging Maintain the vlog table in MySQL (shows failed authentication requests).

--enable-auth-logging Maintain a lastauth table in MySQL (shows when / how a user last accessed their email)

--enable-mysql-limits MySQL stores domain limits instead of .qmailadmin-limits files.

--enable-qmail-ext Enable qmail email address extension support (emails containing dots).

--enable-sql-aliasdomains (default) saves domain aliases to MySQL in order to validate the authentication for domain aliases when using the dovecot's sql driver, provided that you modify the password_query accordingly.

--enable-valias Store aliases in MySQL

--enable-defaultdelivery installs the delivery agent stored in /var/qmail/control/defaultdelivery into the .qmail file of each newly created user and vdelivermail agent in the .qmail-default of the newly created domains. More info here.

--disable-min-pwd-length​ disable the default minimum length of 12 characters when creating users. I choosed to disable it because I find it uncomfortable when testing the system and because we already have password strength check in qmailadmin. If you want use like this --enable-min-pwd-length=10.

Compile and install:

make install-strip

vusaged

vusaged looks up every vpopmail user and tracks how much storage space they’re using. It requires libev.

Installing libev

We need to install the header files in /usr/local/include/libev to avoid conflicts with the libevent library (they both have an event.h header file), which is probably already installed.

cd /usr/local/src
wget  http://dist.schmorp.de/libev/libev-4.33.tar.gz
tar xzvf libev-4.33.tar.gz
cd libev-4.33
chown -R root:root .
./configure --includedir=/usr/local/include/libev
make
make install
ldconfig

Installing and configuring vusaged

VPOPMAILDIR=/home/vpopmail
cd /usr/local/src/vpopmail-${VPOPMAIL_VERSION}/vusaged
CFLAGS=-I/usr/local/include/libev LIBS=`head -1 $VPOPMAILDIR/etc/lib_deps` ./configure --with-vpopmail=$VPOPMAILDIR
make
cp -f vusaged ~vpopmail/bin
cp -f etc/vusaged.conf ~vpopmail/etc

Troubleshooting

If you get an error like this after the configure command

configure: error: No vauth_getpw in libvpopmail

try to rebuild the configure script in this way:

autoreconf -f -i

and then proceed to configure and compile. I patched the configure.ac to avoid the break. This is actually a work around. If you solve the library linking error let me know. 

Take a look to the discussion in the comments, as Luca suggested a different solution, which didn't solve for me but that I'm suggesting above in this page.

Quota setup

Setup a quota warning that will be delivered to users when they are at 90% quota

# nano ~vpopmail/domains/.quotawarn.msg

From: SomeCompany Postmaster <postmaster@yourdomain.com>
Reply-To: postmaster@yourdomain.com
To: SomeCompany User:;
Subject: Mail quota warning
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

Your mailbox on the server is now more than 90% full.

So that you can continue to receive mail,
you need to remove some messages from your mailbox.

If you require assistance with this,
please contact our support department :

  email : support@yourdomain.com
  Tel   : xx xxxx xx
chmod 600 ~vpopmail/domains/.quotawarn.msg
chown vpopmail:vchkpw ~vpopmail/domains/.quotawarn.msg

Now adjust ~vpopmail/etc/vlimits.default. I use to limit the default user quota to 100MB (in bytes):

default_quota           104857600

Configuring mysql back end

Create the vpopmail user and database. Grant all privileges to the vpopmail user. Then quit out of MySQL and save the authentication information for the vpopmail account into the vpopmail.mysql config file:

> mysql [-h mysql-IP] -u root -p 

CREATE USER 'vpopmail'@'mailserver-IP' IDENTIFIED BY 'vpopmailpwd'; 

GRANT USAGE ON * . * TO 'vpopmail'@'mailserver-IP' IDENTIFIED BY 'vpopmailpwd' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;
CREATE DATABASE IF NOT EXISTS vpopmail;
GRANT ALL PRIVILEGES ON `vpopmail` . * TO 'vpopmail'@'mailserver-IP';

> echo "mysql-IP|0|vpopmail|vpopmailpwd|vpopmail" > ~vpopmail/etc/vpopmail.mysql

where mysql-IP is the IP of the server which runs mysqld, and mailserver-IP is the IP address where qmail is running. Usually you can specify ‘localhost’ or 0.0.0.0 for both.

Creating virtual domains and virtual users

cd ~vpopmail/bin/

To add/delete a virtual domain

./vadddomain yourdomain.net [./vdeldomain yourdomain.net]

To add/delete a virtual user

./vadduser user@yourdomain.net [./vdeluser user@yourdomain.net]

To view information about user email accounts:

./vuserinfo user@yourdomain.net

name:   user
passwd: xxxxxxxxxxxx
clear passwd: xxxxxxxxx
comment/gecos: Name Surname
uid:    0
gid:    0
flags:  0
gecos: Name Surname
limits: No user limits set.
dir:       /home/vpopmail/domains/yourdomain.net/user
quota:     104857600S

These commands can be useful. But it will be much easier to manage domains and accounts when we install the vqadmin and qmailadmin web interfaces later.

You may be interested to take a look to this page concerning vpopmail testing.

Domain aliases when using the dovecot's sql auth driver

If you don't have domain aliases or this is a fresh installation you can skip this step.

If you already have domain aliases and want to switch to the dovecot's sql auth driver, don't forget to read carefully the page where the vpopmail/dovecot setup concerning domain aliases is explained, as you'll have to save your existing alias/domains pairs to MySQL.

In short, you can quickly save all your domain aliases to MySQL in this way

vsavealiasdomains -A

Type

vsavealiasdomains -h

for more options.

The database record will be saved by vpopmail for the new aliases that you will create from now on.

Comments

vadddomain error

Hi , 

I am getting error while adding domain to vpopmail. 

[root@mail bin]# ./vadddomain mydomain.com
Please enter password for postmaster:
enter password again:
Error: (vadduser) password too long (max=128)

Can you guide me in the right direction what could be going wrong.

Regards

Shailendra

Reply |

vadddomain error

fixed in v. 5.6.3

Reply |

vadddomain error

which vpopmail version? How long is the pwd you entered?

Reply |

vadddomain error

I am using  Vpopmail version 5.6.2 and the password that I am using is 10 caracters long. Below is the configure options that I used while installing 

./configure \
--enable-qmaildir=/var/qmail \
--enable-qmail-newu=/var/qmail/bin/qmail-newu \
--enable-qmail-inject=/var/qmail/bin/qmail-inject \
--enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh \
--disable-roaming-users \
--enable-auth-module=mysql \
--enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib64/mysql \
--enable-logging=e \
--disable-clear-passwd \
--enable-auth-logging \
--enable-sql-logging \
--disable-passwd \
--enable-qmail-ext \
--enable-learn-passwords \
--enable-mysql-limits \
--enable-valias \
--enable-sql-aliasdomains \
--enable-defaultdelivery \
--disable-min-pwd-length \
--disable-sha512-passwords

Regards

Shailendra

Reply |

vadddomain error

Assuming that you are saving your accounts on mysql, did you update the database schema when switching to v. 5.6.2 as mentioned in the upgrading notes?

Reply |

vadddomain error

Its a fresh install and the database schema is updated. I am testing on a new machine and will later on upgrade on the old installation.

mysql> describe vpopmail;
+-----------+-----------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------+-----------+------+-----+---------+-------+
| pw_name | char(64) | NO | PRI | NULL | |
| pw_domain | char(96) | NO | PRI | NULL | |
| pw_passwd | char(128) | YES | | NULL | |
| pw_uid | int(11) | YES | | NULL | |
| pw_gid | int(11) | YES | | NULL | |
| pw_gecos | char(64) | YES | | NULL | |
| pw_dir | char(160) | YES | | NULL | |
| pw_shell | char(20) | YES | | NULL | |
+-----------+-----------+------+-----+---------+-------+
8 rows in set (0.00 sec)

Regards

Shailendra

Reply |

vadddomain error

I get the error when disabling sha-512 passwords. It's a feature that was added by the TLK games' maintainers. I'll have a look at it

Reply |

vadddomain error

surprisingly I tested adding a domain with a 8 character long password and it gets added successfully.  For subsequent user addition also it accepts 8 caracter long password but does not work with a password longer than 8 caracters.

Thought I will let you know .  Meanwhile I will re-install without the --disable-sha512-passwords option and test.

Reply |

vadddomain error

for the time being, modify line 50 of vpopmail.h like this and recompile

#define MAX_PW_CLEAR_PASSWD 50

I think it will fix the issue (I cannot test it now). Tomorrow I'll patch it

Reply |

vusaged

vusaged

domain.c:
add on line 31:
#include

Reply |

vusaged

Thanks Ivelin, I have pulled these corrections to vpopmail in my github a couple of months ago. Also I added a pull request in the github space of vpopmail's current maintainers, but it seems that project has lost momentum

Reply |

vusaged

cd free-4.33

must be:

cd libev-4.33

Reply |

vpopmail compile

add in configure where:

   #include 
   #include 
   #include 
+  #include 
+  #include 
 
   int main() {
     struct passwd *pw;

else it will fail on latest ubuntu

Reply |

SHA512 login problem

Hello Roberto,

just moved to latest version of Vpopmail.

Got problem with loging for new user with SHA515 encryption. I can add user without any errors but cannot login via Roundcube or any other mail client. old users has no problems.

login via cmd is working for new users as well. 

 

telnet 0 89
login user@domain pwd

vpopmail_dir /home/vpopmail
domain_dir /home/vpopmail/domains/domain.com
uid 89
gid 89
name test
comment test
quota 524288000S
user_dir /home/vpopmail/domains/domain.com/test
encrypted_password $6$ HASH is HERE.
clear_text_password
no_password_change 0
no_pop 0
no_webmail 0
no_imap 0
bounce_mail 0
no_relay 0
no_dialup 0
user_flag_0 0
user_flag_1 0
user_flag_2 0
user_flag_3 0
no_smtp 0
domain_admin_privileges 0
override_domain_limits 0
no_spamassassin 0
delete_spam 0
no_maildrop 0
system_admin_privileges 0

Reply |

SHA512 login problem

Which vpopmail Auth driver for dovecot are you using? I tested SQL with

default_pass_scheme = SHA512-CRYPT

I can auth with any encryption here

Reply |

SHA512 login problem

After changing above mentioned scheme authentication start working.

thx.

Reply |

sql error

Hi Roberto,

I have installed the new vpopmail version 5.6 only for test.
When i try to add new user receive the following:

./vadduser test3@mydomain.com
Please enter password for test3@mydomain.com:
enter password again:
vmysql: sql error[2]: Data too long for column 'pw_passwd' at row 1
Failed while attempting to add user to auth backend
Error: no authentication database connection

Reply |

sql error

The new vpopmail introduces SHA512 passwords with a minimum length that can be disabled at configure time with --disable-minimum-pwd-length.

What's the size of your pw_passwd in the vpopmail dB table?

Reply |

sql error

Hi,

pw_passwd  is  char 40 . This DB is working good with 5.4.33 + yours pach, but not with v. 5.6

mysql> describe vpopmail;               
+-----------------+-------------+------+-----+---------+-------+
| Field           | Type        | Null | Key | Default | Extra |
+-----------------+-------------+------+-----+---------+-------+
| pw_name         | char(32)    | NO   | PRI | NULL    |       |
| pw_domain       | char(96)    | NO   | PRI | NULL    |       |
| pw_passwd       | char(40)    | YES  |     | NULL    |       |
| pw_clear_passwd | varchar(20) | YES  |     | NULL    |       |
| pw_uid          | int         | YES  |     | NULL    |       |
| pw_gid          | int         | YES  |     | NULL    |       |
| pw_gecos        | char(48)    | YES  |     | NULL    |       |
| pw_dir          | char(160)   | YES  |     | NULL    |       |
| pw_shell        | char(20)    | YES  |     | NULL    |       |
+-----------------+-------------+------+-----+---------+-------+
9 rows in set (0.01 sec)

Reply |

sql error

Hi,

the pw_passwd column is now char(128) to allow SHA512 passwords, and with a minimum length of 12 chars. I'll add a note about it.

You can increase the pw_passwd dimension

Reply |

sql error

Hi Roberto,

after change column pw_passwd to char(128) I able to add new user.
But with this user i can't login. Only with existing old users the login is successfull.
In v. 5.6 the password is changed not only length but and the format - the old passwords begins with $1$, the new ones with $6$.

Reply |

sql error

Which pwd scheme do you have in your config? I have md5-crypt. It works with both

Reply |

sql error

for configure in v. 5.6 use exact the same option like in your guide nothing additional

Reply |

sql error

the new 5.6 enables sha512-passwords, which are those starting with $6. Can you check that sha512-passwords are enabled looking for

#define SHA512_PASSWORDS 1

in your vpopmail/include/config.h file?

This option is enabled by default, but it can be disabled at configure time with --disable-sha512-passwords

PS if the answer is yes, I would try to do an strace against a vpopmail telnet session:

> strace -fF -o output.log telnet 0 89
> login user@domain pwd

just to see what's happening

Reply |

sql error

Hi,

here is the output.log

39458 execve("/usr/bin/telnet", ["telnet", "0", "89"], 0x7fff41ed4268 /* 16 vars */) = 0 
39458 brk(NULL)                         = 0x563523baf000
39458 arch_prctl(0x3001 /* ARCH_??? */, 0x7ffcd36da670) = -1 EINVAL (Invalid argument)
39458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f59f8a6d000
39458 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
39458 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
39458 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=33243, ...}, AT_EMPTY_PATH) = 0
39458 mmap(NULL, 33243, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f59f8a64000
39458 close(3)                          = 0
39458 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libstdc++.so.6", O_RDONLY|O_CLOEXEC) = 3
39458 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
39458 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=2260296, ...}, AT_EMPTY_PATH) = 0
39458 mmap(NULL, 2275520, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f59f8838000
39458 mprotect(0x7f59f88d2000, 1576960, PROT_NONE) = 0
39458 mmap(0x7f59f88d2000, 1118208, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9a000) = 0x7f59f88d2000
39458 mmap(0x7f59f89e3000, 454656, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ab000) = 0x7f59f89e3000
39458 mmap(0x7f59f8a53000, 57344, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x21a000) = 0x7f59f8a53000
39458 mmap(0x7f59f8a61000, 10432, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f59f8a61000
39458 close(3)                          = 0
39458 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
39458 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\237\2\0\0\0\0\0"..., 832) = 832
39458 pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
39458 pread64(3, "\4\0\0\0 \0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0"..., 48, 848) = 48
39458 pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0 =\340\2563\265?\356\25x\261\27\313A#\350"..., 68, 896) = 68
39458 newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=2216304, ...}, AT_EMPTY_PATH) = 0
39458 pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
39458 mmap(NULL, 2260560, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f59f8610000
39458 mmap(0x7f59f8638000, 1658880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f59f8638000
39458 mmap(0x7f59f87cd000, 360448, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bd000) = 0x7f59f87cd000
39458 mmap(0x7f59f8825000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x214000) = 0x7f59f8825000
39458 mmap(0x7f59f882b000, 52816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f59f882b000
39458 close(3)                          = 0
39458 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
39458 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
39458 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=940560, ...}, AT_EMPTY_PATH) = 0
39458 mmap(NULL, 942344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f59f8529000
39458 mmap(0x7f59f8537000, 507904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f59f8537000
39458 mmap(0x7f59f85b3000, 372736, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8a000) = 0x7f59f85b3000
39458 mmap(0x7f59f860e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe4000) = 0x7f59f860e000
39458 close(3)                          = 0
39458 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
39458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
39458 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=125488, ...}, AT_EMPTY_PATH) = 0
39458 mmap(NULL, 127720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f59f8509000
39458 mmap(0x7f59f850c000, 94208, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f59f850c000
39458 mmap(0x7f59f8523000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f59f8523000
39458 mmap(0x7f59f8527000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1d000) = 0x7f59f8527000
39458 close(3)                          = 0
39458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f59f8507000
39458 arch_prctl(ARCH_SET_FS, 0x7f59f85083c0) = 0
39458 set_tid_address(0x7f59f8508690)   = 39458
39458 set_robust_list(0x7f59f85086a0, 24) = 0
39458 rseq(0x7f59f8508d60, 0x20, 0, 0x53053053) = 0
39458 mprotect(0x7f59f8825000, 16384, PROT_READ) = 0
39458 mprotect(0x7f59f8527000, 4096, PROT_READ) = 0
39458 mprotect(0x7f59f860e000, 4096, PROT_READ) = 0
39458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f59f8505000
39458 mprotect(0x7f59f8a53000, 45056, PROT_READ) = 0
39458 mprotect(0x563522bf1000, 4096, PROT_READ) = 0
39458 mprotect(0x7f59f8aa7000, 8192, PROT_READ) = 0
39458 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
39458 munmap(0x7f59f8a64000, 33243)     = 0
39458 getrandom("\x20\xbe\xf1\x69\x6f\xc6\xdf\xd9", 8, GRND_NONBLOCK) = 8
39458 brk(NULL)                         = 0x563523baf000
39458 brk(0x563523bd0000)               = 0x563523bd0000
39458 rt_sigaction(SIGTSTP, {sa_handler=0x563522beaf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[], sa_f
lags=0}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
39458 newfstatat(1, "", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
39458 write(1, "Trying 0.0.0.0...\n", 18) = 18
39458 close(-1)                         = -1 EBADF (Bad file descriptor)
39458 socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
39458 setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
39458 connect(3, {sa_family=AF_INET, sin_port=htons(89), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
39458 openat(AT_FDCWD, "/etc/telnetrc", O_RDONLY) = -1 ENOENT (No such file or directory)
39458 openat(AT_FDCWD, "/root/.telnetrc", O_RDONLY) = -1 ENOENT (No such file or directory)
39458 write(1, "Connected to 0.\n", 16) = 16
39458 write(1, "Escape character is '^]'.\n", 26) = 26
39458 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
39458 rt_sigaction(SIGINT, {sa_handler=0x563522be5a90, sa_mask=[INT], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[], sa_fla
gs=0}, 8) = 0
39458 rt_sigaction(SIGQUIT, {sa_handler=0x563522be5c90, sa_mask=[QUIT], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[], sa_f
lags=0}, 8) = 0
39458 rt_sigaction(SIGWINCH, {sa_handler=0x563522be46d0, sa_mask=[WINCH], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[], sa
_flags=0}, 8) = 0
39458 rt_sigaction(SIGTSTP, {sa_handler=0x563522beaf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=0x563522beaf20, sa_mask=[
TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [1])            = 0
39458 ioctl(1, FIONBIO, [1])            = 0
39458 ioctl(3, FIONBIO, [1])            = 0
39458 setsockopt(3, SOL_SOCKET, SO_OOBINLINE, [1], 4) = 0
39458 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (in [3], left {tv_sec=0, tv_nsec=0})
39458 recvfrom(3, "+OK \r\n", 8191, 0, NULL, NULL) = 6
39458 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [1], left {tv_sec=0, tv_nsec=0})
39458 write(1, "+OK \n", 5)             = 5
39458 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
39458 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [0])
39458 read(0, "login test3@svoge.bg 123\n", 8191) = 25
39458 pselect6(4, [0 3], [3], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [3], left {tv_sec=0, tv_nsec=0})
39458 sendto(3, "login test3@svoge.bg 123\r\n", 26, 0, NULL, 0) = 26
39458 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
39458 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [3])
39458 recvfrom(3, "+OK+\r\nvpopmail_dir /home/vpopmai"..., 8186, 0, NULL, NULL) = 362
39458 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 2 (in [3], out [1], left {tv_sec=0, tv_nsec=0})
39458 write(1, "+OK+\nvpopmail_dir /home/vpopmail"..., 349) = 349
39458 recvfrom(3, "no_webmail 0\r\nno_imap 0\r\nbounce_"..., 7824, 0, NULL, NULL) = 52
39458 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 2 (in [3], out [1], left {tv_sec=0, tv_nsec=0})
39458 write(1, "no_webmail 0\nno_imap 0\nbounce_ma"..., 48) = 48
39458 recvfrom(3, "no_dialup 0\r\nuser_flag_0 0\r\nuser"..., 7772, 0, NULL, NULL) = 216
39458 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [1], left {tv_sec=0, tv_nsec=0})
39458 write(1, "no_dialup 0\nuser_flag_0 0\nuser_f"..., 203) = 203
39458 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
39458 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [0])
39458 read(0, "\35", 8167)              = 1
39458 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=0x563522beaf20, sa_mask=[TSTP],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [0])            = 0
39458 ioctl(1, FIONBIO, [0])            = 0
39458 write(1, "\n", 1)                 = 1
39458 newfstatat(0, "", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
39458 write(1, "telnet> ", 8)           = 8
39458 read(0, "", 1024)                 = 0
39458 shutdown(3, SHUT_RDWR)            = 0
39458 close(3)                          = 0
39458 write(1, "Connection closed.\n", 19) = 19
39458 brk(0x563523bf3000)               = 0x563523bf3000
39458 rt_sigaction(SIGTSTP, {sa_handler=0x563522beaf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[TSTP],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 rt_sigaction(SIGTSTP, {sa_handler=0x563522beaf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=0x563522beaf20, sa_mask=[
TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [1])            = 0
39458 ioctl(1, FIONBIO, [1])            = 0
39458 pselect6(2, NULL, [1], NULL, NULL, NULL) = 1 (out [1])
39458 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=0x563522beaf20, sa_mask=[TSTP],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [0])            = 0
39458 ioctl(1, FIONBIO, [0])            = 0
39458 rt_sigaction(SIGTSTP, {sa_handler=0x563522beaf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=SIG_DFL, sa_mask=[TSTP],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [1])            = 0
39458 ioctl(1, FIONBIO, [1])            = 0
39458 pselect6(2, NULL, [1], NULL, NULL, NULL) = 1 (out [1])
39458 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, {sa_handler=0x563522beaf20, sa_mask=[TSTP],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f59f8652520}, 8) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
39458 ioctl(0, FIONBIO, [0])            = 0
39458 ioctl(1, FIONBIO, [0])            = 0
39458 close(-1)                         = -1 EBADF (Bad file descriptor)
39458 exit_group(0)                     = ?
39458 +++ exited with 0 ++

Reply |

sql error

First of all, can you confirm that you have pw_passwd with char(128) and that sha512-password is enabled in your vpopmail/include/config.h?

The first part of your strace shows a successfull login via telnet... it's not clear to me what's happening thereafter, but I don't see any other login attempt. Can you try again with one of those account with SHA password please? 

Reply |

sql error

I confirm,

my pw_passwd column is 128 and sha512-password is enabled by default. The 5.6 source is not touched .

Here is the output with old SHA password logn :

40597 execve("/usr/bin/telnet", ["telnet", "0", "89"], 0x7ffe6933a148 /* 16 vars */) = 0
40597 brk(NULL) = 0x556fbcb3a000
40597 arch_prctl(0x3001 /* ARCH_??? */, 0x7ffd27d12720) = -1 EINVAL (Invalid argument)
40597 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff3a28b2000
40597 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
40597 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
40597 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=33243, ...}, AT_EMPTY_PATH) = 0
40597 mmap(NULL, 33243, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ff3a28a9000
40597 close(3) = 0
40597 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libstdc++.so.6", O_RDONLY|O_CLOEXEC) = 3
40597 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
40597 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=2260296, ...}, AT_EMPTY_PATH) = 0
40597 mmap(NULL, 2275520, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff3a267d000
40597 mprotect(0x7ff3a2717000, 1576960, PROT_NONE) = 0
40597 mmap(0x7ff3a2717000, 1118208, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9a000) = 0x7ff3a2717000
40597 mmap(0x7ff3a2828000, 454656, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ab000) = 0x7ff3a2828000
40597 mmap(0x7ff3a2898000, 57344, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x21a000) = 0x7ff3a2898000
40597 mmap(0x7ff3a28a6000, 10432, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ff3a28a6000
40597 close(3) = 0
40597 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
40597 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\237\2\0\0\0\0\0"..., 832) = 832
40597 pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
40597 pread64(3, "\4\0\0\0 \0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0"..., 48, 848) = 48
40597 pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0 =\340\2563\265?\356\25x\261\27\313A#\350"..., 68, 896) = 68
40597 newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=2216304, ...}, AT_EMPTY_PATH) = 0
40597 pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
40597 mmap(NULL, 2260560, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff3a2455000
40597 mmap(0x7ff3a247d000, 1658880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7ff3a247d000
40597 mmap(0x7ff3a2612000, 360448, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bd000) = 0x7ff3a2612000
40597 mmap(0x7ff3a266a000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x214000) = 0x7ff3a266a000
40597 mmap(0x7ff3a2670000, 52816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ff3a2670000
40597 close(3) = 0
40597 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
40597 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
40597 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=940560, ...}, AT_EMPTY_PATH) = 0
40597 mmap(NULL, 942344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff3a236e000
40597 mmap(0x7ff3a237c000, 507904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7ff3a237c000
40597 mmap(0x7ff3a23f8000, 372736, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8a000) = 0x7ff3a23f8000
40597 mmap(0x7ff3a2453000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe4000) = 0x7ff3a2453000
40597 close(3) = 0
40597 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
40597 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
40597 newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=125488, ...}, AT_EMPTY_PATH) = 0
40597 mmap(NULL, 127720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff3a234e000
40597 mmap(0x7ff3a2351000, 94208, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7ff3a2351000
40597 mmap(0x7ff3a2368000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7ff3a2368000
40597 mmap(0x7ff3a236c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1d000) = 0x7ff3a236c000
40597 close(3) = 0
40597 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff3a234c000
40597 arch_prctl(ARCH_SET_FS, 0x7ff3a234d3c0) = 0
40597 set_tid_address(0x7ff3a234d690) = 40597
40597 set_robust_list(0x7ff3a234d6a0, 24) = 0
40597 rseq(0x7ff3a234dd60, 0x20, 0, 0x53053053) = 0
40597 mprotect(0x7ff3a266a000, 16384, PROT_READ) = 0
40597 mprotect(0x7ff3a236c000, 4096, PROT_READ) = 0
40597 mprotect(0x7ff3a2453000, 4096, PROT_READ) = 0
40597 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff3a234a000
40597 mprotect(0x7ff3a2898000, 45056, PROT_READ) = 0
40597 mprotect(0x556fbadb4000, 4096, PROT_READ) = 0
40597 mprotect(0x7ff3a28ec000, 8192, PROT_READ) = 0
40597 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
40597 munmap(0x7ff3a28a9000, 33243) = 0
40597 getrandom("\xc1\xd0\xb2\xe2\x03\x36\x20\xc6", 8, GRND_NONBLOCK) = 8
40597 brk(NULL) = 0x556fbcb3a000
40597 brk(0x556fbcb5b000) = 0x556fbcb5b000
40597 rt_sigaction(SIGTSTP, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
40597 newfstatat(1, "", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
40597 write(1, "Trying 0.0.0.0...\n", 18) = 18
40597 close(-1) = -1 EBADF (Bad file descriptor)
40597 socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
40597 setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
40597 connect(3, {sa_family=AF_INET, sin_port=htons(89), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
40597 openat(AT_FDCWD, "/etc/telnetrc", O_RDONLY) = -1 ENOENT (No such file or directory)
40597 openat(AT_FDCWD, "/root/.telnetrc", O_RDONLY) = -1 ENOENT (No such file or directory)
40597 write(1, "Connected to 0.\n", 16) = 16
40597 write(1, "Escape character is '^]'.\n", 26) = 26
40597 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
40597 rt_sigaction(SIGINT, {sa_handler=0x556fbada8a90, sa_mask=[INT], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
40597 rt_sigaction(SIGQUIT, {sa_handler=0x556fbada8c90, sa_mask=[QUIT], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
40597 rt_sigaction(SIGWINCH, {sa_handler=0x556fbada76d0, sa_mask=[WINCH], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
40597 rt_sigaction(SIGTSTP, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [1]) = 0
40597 ioctl(1, FIONBIO, [1]) = 0
40597 ioctl(3, FIONBIO, [1]) = 0
40597 setsockopt(3, SOL_SOCKET, SO_OOBINLINE, [1], 4) = 0
40597 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (in [3], left {tv_sec=0, tv_nsec=0})
40597 recvfrom(3, "+OK \r\n", 8191, 0, NULL, NULL) = 6
40597 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [1], left {tv_sec=0, tv_nsec=0})
40597 write(1, "+OK \n", 5) = 5
40597 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
40597 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [0])
40597 read(0, "login baiborko@svoge.bg mypw"..., 8191) = 35
40597 pselect6(4, [0 3], [3], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [3], left {tv_sec=0, tv_nsec=0})
40597 sendto(3, "login baiborko@svoge.bg mypw"..., 36, 0, NULL, 0) = 36
40597 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
40597 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [3])
40597 recvfrom(3, "+OK+\r\nvpopmail_dir /home/vpopmai"..., 8186, 0, NULL, NULL) = 359
40597 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 2 (in [3], out [1], left {tv_sec=0, tv_nsec=0})
40597 write(1, "+OK+\nvpopmail_dir /home/vpopmail"..., 342) = 342
40597 recvfrom(3, "no_dialup 0\r\nuser_flag_0 0\r\nuser"..., 7827, 0, NULL, NULL) = 216
40597 pselect6(4, [0 3], [1], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [1], left {tv_sec=0, tv_nsec=0})
40597 write(1, "no_dialup 0\nuser_flag_0 0\nuser_f"..., 203) = 203
40597 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
40597 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [0])
40597 read(0, "", 8157) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 pselect6(4, [0 3], [3], [3], {tv_sec=0, tv_nsec=0}, NULL) = 1 (out [3], left {tv_sec=0, tv_nsec=0})
40597 sendto(3, "\4", 1, 0, NULL, 0) = 1
40597 pselect6(4, [0 3], [], [3], {tv_sec=0, tv_nsec=0}, NULL) = 0 (Timeout)
40597 pselect6(4, [0 3], [], [3], NULL, NULL) = 1 (in [0])
40597 read(0, "\35", 8156) = 1
40597 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [0]) = 0
40597 ioctl(1, FIONBIO, [0]) = 0
40597 write(1, "\n", 1) = 1
40597 newfstatat(0, "", {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
40597 write(1, "telnet> ", 8) = 8
40597 read(0, "", 1024) = 0
40597 shutdown(3, SHUT_RDWR) = 0
40597 close(3) = 0
40597 write(1, "Connection closed.\n", 19) = 19
40597 brk(0x556fbcb7e000) = 0x556fbcb7e000
40597 rt_sigaction(SIGTSTP, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 rt_sigaction(SIGTSTP, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [1]) = 0
40597 ioctl(1, FIONBIO, [1]) = 0
40597 pselect6(2, NULL, [1], NULL, NULL, NULL) = 1 (out [1])
40597 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [0]) = 0
40597 ioctl(1, FIONBIO, [0]) = 0
40597 rt_sigaction(SIGTSTP, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [1]) = 0
40597 ioctl(1, FIONBIO, [1]) = 0
40597 pselect6(2, NULL, [1], NULL, NULL, NULL) = 1 (out [1])
40597 rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, {sa_handler=0x556fbadadf20, sa_mask=[TSTP], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7ff3a2497520}, 8) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
40597 ioctl(0, FIONBIO, [0]) = 0
40597 ioctl(1, FIONBIO, [0]) = 0
40597 close(-1) = -1 EBADF (Bad file descriptor)
40597 exit_group(0) = ?
40597 +++ exited with 0 +++

Reply |

sql error

ok, but this is a successfull login with the old MD5 password. Can you show a test with a failure (using a login with a new SHA512 pwd)?

Reply |

sql error

In addition, since those sha-password are longer than the old $1$ MD5 I think that you have to modify the size of the pw_passwd column, otherwise the string could be truncated when saving

Reply |

Failing to add Domain

I'm using Debian 12 and sqmail 4.2.27 with vpopmail and your patch.  I am able to build and install fine but when I try to create a domain I get this:

vadddomain smtp.test.com
Please enter password for postmaster:  
enter password again:  
Error: (vadduser) Domain does not exist

However, the domain is there:

la ../domains/ 
total 12
drwx------ 3 vpopmail vchkpw 4096 Oct 11 15:16 .
drwxr-xr-x 8 vpopmail vchkpw 4096 Oct 10 16:37 ..
drwx------ 2 vpopmail vchkpw 4096 Oct 11 15:16 smtp.test.com

And there is a .qmail-default in the dir.  If I try to create postmaster@smtp.test.com it still says Domain does not exist.

Any ideas what is causing this?  Here is config:

./configure --enable-maildrop  \
--enable-maildrop-prog=/usr/bin/maildrop \
--enable-onchange-script \
--enable-auth-module=mysql \
--enable-incdir=/usr/include/mariadb \
--enable-libdir=/usr/lib/x86_64-linux-gnu \
--enable-logging=e \
--enable-auth-logging \
--enable-sql-logging \
--enable-qmail-ext \
--enable-defaultdelivery \
--enable-passwd

Reply |

Failing to add Domain

I suspect that s/qmail saves the users/cdb file in a different position. And I remember that eh mentioned that thing when replying to a post of mine a few days ago.

Can you confirm that the /var/qmail/users/cdb file exists? If yes look for an entry with your domain. Search for an entry in control/virtualdomain as well.

Post the masqueraded results please

Reply |

Failing to add Domain

Yes, you are correct.  EH changed the cdb file to be /var/qmail/assign.cdb.   And I see that the domain was added to /var/qmail/assign.  If I copy assign.cdb to cdb and try to add domain, vadddomain says it already exists.

Reply |

Failing to add Domain

I guess you can easily patch the source. I'll do it when I'll find the time

Reply |

Failing to add Domain

Can you give me a hint?  What file is involved?

Reply |

Failing to add Domain

you have to adjust the vpopmail.c file

grep -r "users/"

vpopmail.c:                snprintf (linebuf, sizeof (linebuf), "%s/users/assign", QMAILDIR);
vpopmail.c:  snprintf(tmpstr1, sizeof(tmpstr1), "%s/users/assign", QMAILDIR);
vpopmail.c:  snprintf(assign_file, sizeof(assign_file), "%s/users/assign", QMAILDIR);
vpopmail.c:  snprintf(cdb_file, sizeof(cdb_file), "%s/users/cdb", QMAILDIR);

Reply |

Failing to add Domain

can you test this patch with s/qmail please https://notes.sagredo.eu/files/qmail/patches/vpopmail/combined_patch/roberto_vpopmail-5.4.33.patch-2023.10.12

you have to define the dir where the cdb file is at compilation time in this way

--enable-usersdir=/var/qmail

This should work with s/qmail

Reply |

Failing to add Domain

I think you meant --enable-usersdir=/var/qmail/users ?

But I'm getting these errors from config:

configure: WARNING: unrecognized options: --enable-defaultdelivery, --enable-usersdir

Reply |

Failing to add Domain

always do

autoreconf -f -i

before configuring my vpopmail patch.

I think I misunderstood where the assign and cdb files are located in s/qmail. I think they are located as /var/qmail/assign and /var/qmail/cdb. Am I correct?

Reply |

Failing to add Domain

The file has been changed to assign.cdb.  There is no cdb file by itself.  The location of this file is: /var/qmail/users/assign.cdb

Reply |

Failing to add Domain

can you try with this new patch please? https://notes.sagredo.eu/files/qmail/patches/vpopmail/combined_patch/roberto_vpopmail-5.4.33.patch-2023.10.13

PS you have to configure s/qmail in this way

autoreconf -f -i
--enable-sqmail-cdb

Reply |

Failing to add Domain

Excellent!  Works great.  Thanks for fixing it and thanks for all that you do to support qmail!

Reply |

Failing to add Domain

ok. So I have to modify a bit my patch

Reply |

Using vpopmail with LDAP instead of mysql.

Hi Roberto, thank you so much for the quide. I've managed to create a full-fledged email server that I can send and receive emails. 

However, I've been wondering if have you ever tried using LDAP instead of MySQL. I am trying to create a lab-test that uses LDAP and the options below but I keep getting the error "Segmentation fault (core dumped)"

./configure --enable-qmaildir=/var/qmail/ --enable-qmail-newu=/var/qmail/bin/qmail-newu --enable-qmail-inject=/var/qmail/bin/qmail-inject --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh --disable-roaming-users --enable-auth-module=ldap --enable-incdir=/usr/local/ldap/include --enable-libdir=/usr/local/ldap/lib --enable-logging=y --enable-clear-passwd --enable-auth-logging --disable-sql-logging --disable-passwd --enable-qmail-ext --disable-learn-passwords --disable-mysql-limits --enable-valias --disable-sql-aliasdomains --enable-domainquotas --enable-defaultdelivery
echo "localhost|389|cn=userx,dc=namex,dc=com|password|dc=namex,dc=com" > ~vpopmail/etc/vpopmail.ldap
sudo chown vpopmail:vchkpw ~vpopmail/etc/vpopmail.ldap
sudo chmod 640 ~vpopmail/etc/vpopmail.ldap

Reply |

Using vpopmail with LDAP instead of mysql.

Hi Jeff, no I've never played with LDAP nor with vpopmail nor with qmail.

In this case strace is your friend :-) I'd also disable all additional modules that depends on LDAP (auth-logging valias sql-logging) and add them once you have it working.

Let us know if your LDAP config finally works!

Reply |

Clear Failed PW in logs

I'm using vpopmail on Debian.  I would still like to see a users password when using vuserinfo but I would like to stop showing failed passwords in the file: /var/log/mail.log.  Is this possible without deleting the clear password column in mysql?

Reply |

Clear Failed PW in logs

It depends on the logging variable at configuration time

--enable-logging=OPT  Log to syslog: n=nothing, e=errors only (default), y=all attempts, p=errors with passwords, v=verbose (all attempts, with passwords).

I agree with you that the failed passwords shouldn't be shown for security reasons, as we can find there mistypings that are very close to the real passwords. My goal is to log failed attempts so that I can feed fail2ban with them. Maybe we can simply use 

--enable-logging=e

if you find a way to log failed attempts with no pwd shown, please let me know

Reply |

Clear Failed PW in logs

It doesn't seem to work for me.  Did you drop the clear password column in mysql?  I wonder if that is necessary?

Reply |

Clear Failed PW in logs

No, it's not important. Both these tests

--enable-logging=e \
--enable-clear-passwd \

and

--enable-logging=e \
--disable-clear-passwd \

give the same result. I have this in my syslog when failing the pwd during smtpd conversation

Sep  7 18:06:26 qt vpopmail[9936]: vchkpw-submission: password fail test2@mydomain:127.0.0.1

Reply |

Clear Failed PW in logs

Yes, I confirm that using

--enable-logging=e

will log the failure with no pwd

Sep  5 23:11:04 qt vpopmail[10212]: vchkpw-submission: password fail postmaster@mydomain.tld:127.0.0.1

I'll change the configuration option in this guide accordingly

Reply |

... under "Configuring mysql backend" ... when hit the ... mysql -h 192.168.1.108 -u root -p

... When I hit the ... mysql -h 192.168.1.108 -u root -p   ... Then the system asking for "Enter password:"  ... HowTo know the password ??

grdt.

Reply |

... under

It is the root password that you set when you installed your mysql server

Reply |

Maybe some typos with quotawarn

Hi Roberto,

imho you have some typos with the filename for the quotawarn message.

The manual says that the quotawarn.msg file should be with a leading dot --> .quotawarn.msg

"quotawarn.msg:X-Comment: Rename/Copy this file to ~vpopmail/domains/.quotawarn.msg, and make appropriate changes"

Otherwise it was not working with my installation.

And maybe you could change the quotawarn limit from 90% to 80% in maildirquota.h 

QUOTA_WARN_PERCENT 80

with your patch because I think 90% is rather late for a warning.

Regards,

Herbert

Reply |

Maybe some typos with quotawarn

Thank you. Corrected

Reply |

Sub default-libmysqlclient-dev for libmariadb-dev-compat in ubuntu 22.04

while trying to install the following:

apt install build-essential autoconf automake libmariadb-dev default-libmysqlclient-dev

 default-libmysqlclient-dev in Ubuntu 22.04 complains about versioning.

After substituting default-libmysqlclient-dev for libmariadb-dev-compat compiling vpopmail goes without a problem.

Reply |

Sub default-libmysqlclient-dev for libmariadb-dev-compat in ubuntu 22.04

Thanks for the advise. So Ubuntu is a bit different from Debian 11, where I tested the above recently

Reply |

Vpopmail minor fixes

Hi Roberto

While reviewing vpopmail internals, I came across some bugs which annoyed me. I created a patch to fix those:

1 - vdelivermail.c checks spamassassin permissions, instead of maildrop permissions.

2- vopen_smtp_relay() return values corrected, so that open_smtp_relay() can detect and report database connection errors (vmysql.c, voracle.pc, vpgsql.c )

3- vdel_limits() core-dumps if a database connection is not available beforehand. (vmysql.c, voracle.pc )

The patch will cleanly apply on "vpopmail-5.4.33.tar.gz + vpopmail-5.4.33_gcc-10-compat.patch", since I don't use any other patches.

The fixes are pretty straighforward. Feel free to incorporate them into your "roberto_vpopmail-5.4.33.patch".

Reply |

vpopmail.c assumes database server to be mysql with non standard mode.

I'm using PostgreSQL for database and I noticed vpopmail's SQL escape is not good at all. PostgreSQL(and Oracle) follows ANSI SQL standard string literal. Even MySQL has ANSI_QUOTES mode.

https://dev.mysql.com/doc/refman/8.0/en/string-literals.html

Therefore, vpopmail can be vulnerable to SQL injection. I've requested CVE for this.

This is a quick and dirty patch to disable injections.

diff --git a/vpopmail.c b/vpopmail.c
index a2bdc0b..a7aa9ca 100644
--- a/vpopmail.c
+++ b/vpopmail.c
@@ -3984,8 +3984,6 @@ char *maildir_to_email (const char *maildir)
return email;
}

-/* escape these characters out of strings: ', \, " */
-#define ESCAPE_CHARS "'\"\\"

/* qnprintf - Custom version of snprintf for creating SQL queries with escaped
* strings.
@@ -4113,9 +4111,25 @@ int qnprintf (char *buffer, size_t size, const char *format, ...)

}
while (*s != '\0') {
- if (strchr (ESCAPE_CHARS, *s) != NULL) {
- if (++printed < (int)size) *b++ = '\\';
- }
+ /*
+ Standard SQL literal string requires '(single quote) escape. e.g. It's => It''s
+ Standard SQL identifier string requires "(double quote) escape. e.g. It"s => It""s
+ Original qnprintf() was using #define ESCAPE_CHARS "'\"" and escape meta by '\\' which is invalid and useless for standard SQL.
+ Since qnprintf() may be used for SQL identifers, both ' and " are escaped as literal/identifier for better mitigation.
+ MySQL may escape ' by \, so \ is escaped as well. This is the reason why database specific escape function must be used.
+ */
+ switch (*s) {
+ case '\'':
+ if (++printed < (int)size) *b++ = '\'';
+ break;
+ case '"':
+ if (++printed < (int)size) *b++ = '"';
+ break;
+ case '\\':
+ if (++printed < (int)size) *b++ = '\\';
+ break;
+ default:
+ }
if (++printed < (int)size) *b++ = *s;
s++;
}

This may result in broken string (e.g. pw_clear_passwd), but it much better than injections.

Reply |

vpopmail.c assumes database server to be mysql with non standard mode.

Enabling ANSI_QUOTES in mariadb-10.5 throws qmailadmin into a segfault both when entering quotes in any field and when not... Did you try to talk to vpopmail also with qmailadmin?

Edit: vpopmail is unusable. Some examples

# vuserinfo -D sagredo.eu        
vmysql: sql error[5]: Unknown column 'sagredo.eu' in 'where clause'

# telnet 0 89             
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
+OK  
login myusername@mydomain mypwd
-ERR 8.206 Invalid Login

Reply |

SQLite support added to Vpopmail

Hi,

Patrice who works in my company has added SQLite support to Vpopmail. I am looking for volunteers to test this version. :-) Patrice merged the patches from Roberto and the patches from the FreeBSD port.

The source code is available on GitHub :

https://github.com/brunonymous/vpopmail

You can see the changes made:

https://github.com/brunonymous/vpopmail/blob/main/ChangeLog

Feel free to comment or report bugs.

Bruno

Reply |

SQLite support added to Vpopmail

Thanks a lot for sharing :-) The changelog seems to be very very interesting

I'll have a look in the following days and test it

PS you may want to add this modification I did a few days ago to vmysql.c, which solves a compilation break on debian 11 / gcc-10

+#ifndef MANY_DOMAINS 
+#ifdef SQL_ALIASDOMAINS
int vcreate_pwd_query_proc()
{
  char sql_file[256], command[256];
@@ -1913,8 +2005,7 @@
 
  fclose(sql);
}
+#endif
+#endif

Reply |

missing file smtp.tmp

im missing file  smtp.tmp in directory ~vpopmail/etc/
i think vpopmail didnt installed corretly but i dont get any error :(

any ideas?

Reply |

missing file smtp.tmp

You can create it manually with a plain text editor

Reply |

Installing and configuring vusaged

from tutorial

cd /usr/local/src/vpopmail-5.4.33/vusaged
./configure
make
cp -f vusaged /home/vpopmail/bin
cp -f etc/vusaged.conf /home/vpopmail/etc

command make didnt work 

make: *** No objects specified and no makefile found. Stop.

but in folder i have a makefile

-rw-r--r-- 1 root root 2053 lut 28 2011 Makefile.in

Reply |

Installing and configuring vusaged

I think you are in the wrong directory

Reply |

Installing and configuring vusaged

which directory should it be?

mine is /usr/local/src/vpopmail-5.4.33/vusaged

Reply |

Installing and configuring vusaged

It works here... I'd suggest to to download again and recompile

Reply |

vpopmail issue

Hi

i had a problem when execute

make install-strip
vauth.c: In function ‘vcreate_pwd_query_proc’:
vauth.c:1906:3: error: ‘MYSQLBIN’ undeclared (first use in this function); did you mean ‘MYSQL_BIND’?
1906 | MYSQLBIN, MYSQL_UPDATE_SERVER, MYSQL_UPDATE_PORT, MYSQL_UPDATE_DATABASE,
| ^~~~~~~~
| MYSQL_BIND
vauth.c:1906:3: note: each undeclared identifier is reported only once for each function it appears in
vauth.c: In function ‘vauth_getall’:
vauth.c:752:13: warning: ‘strncat’ specified bound 2048 equals destination size [-Wstringop-overflow=]
752 | strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [Makefile:636: libvpopmail_a-vauth.o] Error 1
make[2]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make[1]: *** [Makefile:714: install-recursive] Error 1
make[1]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make: *** [Makefile:1037: install-strip] Błąd 2

what do i miss?

i installed

mysql-server 8.0
mysql-client 8.0
libmysqlclient-dev
libmysqlclient21

Reply |

vpopmail issue

The new combined patch of today (Mar 17, 2022) should solve this compilation problem

Reply |

vpopmail issue

I am having the same problem on Debian Buster.  Using this config:

./configure   \
        --enable-maildrop-prog=/usr/bin/maildrop \
        --enable-onchange-script \
        --enable-qmaildir=/var/qmail/ \
        --enable-qmail-newu=/var/qmail/bin/qmail-newu \
        --enable-qmail-inject=/var/qmail/bin/qmail-inject \
        --enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh \
        --disable-roaming-users \
        --enable-auth-module=mysql \
        --enable-incdir=/usr/include/mysql \
        --enable-libdir=/usr/lib64 \
        --enable-logging=p \
        --enable-auth-logging \
        --enable-sql-logging \
        --disable-valias \
        --enable-qmail-ext \
        --enable-learn-passwords \
        --enable-mysql-limits \
        --enable-sql-aliasdomains \
        --enable-defaultdelivery

Reply |

vpopmail issue

Hi, can you post the error you get? 

Reply |

vpopmail issue

did you solve installing the packeges listed below?

Reply |

vpopmail issue

finally I solved as well. My system is ubuntu server 18.04 I've executed:

apt-get install default-libmysqlclient-dev default-libmysqld-dev

Reply |

vpopmail issue

thank you. The same for me in a debian server where libmysqlclient was missing. Now I added this to the current page

Reply |

vpopmail issue

I have the same problem, and I tried to recompile vpopmail and re-patch but the error persists

Reply |

vpopmail issue

Hi, can you post your configure command, please?

Reply |

vpopmail issue

Do u mean command ./configure ?

Reply |

vpopmail issue

I saw your configure results. How did you patch vpopmail? Did you get any errors when patching?

Reply |

vpopmail issue

i used command patch -p1 < ../roberto_vpopmail-5.4.33.patch

and resort:

patching file Makefile.am
patching file configure.in
patching file doc/README.defaultdelivery
patching file doc/README.dovecot-pwd-query
patching file doc/README.sql-aliasdomains
patching file dovecot/pwd-query_disable-many-domains.sql
patching file vmysql.c
patching file vmysql.h
patching file vpgsql.c
patching file vpopmail.c
patching file vpopmail.h
patching file vsavealiasdomains.c

no errors

Reply |

vpopmail issue

I can't reproduce your configure results that you posted before.

Can you post the configure command that you are using, please?

Reply |

vpopmail issue

Solved

i repatched vpopmail i again execute make install-strip and now it return no errors

thanks you :)

Reply |

error with make install-strip

Hi,

when i execute

make install-strip

i get a messenge:

make[2]: Exit the directory '/downloads/vpopmail-5.4.33/cdb'
make[2]: Entering the directory '/downloads/vpopmail-5.4.33'.
rm -f libvpopmail.a
ar cru libvpopmail.a libvpopmail_a-vpopmail.o libvpopmail_a-md5.o libvpopmail_a-bigdir.o libvpopmail_a-vauth.o libvpopmail_a-file_lock.o libvpopmail_a-vpalias.o libvpopmail_a-seek. o libvpopmail_a-vlimits.o libvpopmail_a-maildirquota.o libvpopmail_a-vutil.o libvpopmail_a-vlistlib.o libvpopmail_a-backfill.o libvpopmail_a-client.o libvpopmail_a-conf.o libvpopmail_a-ippp.o cdb/*.o
ar: `u' modifier ignored since `D' is the default (see `U')
ranlib libvpopmail.a
gcc -o vchkpw vchkpw.o md5.o hmac_md5.o libvpopmail.a -Xlinker -R -Xlinker /usr/lib/ -L/usr/lib/ -lmysqlclient -lz -lm -lcrypt
/usr/bin/ld: cannot find -lz
collect2: error: ld returned 1 exit status
Makefile:548: commands for object 'vchkpw' failed
make[2]: *** [vchkpw] Error 1
make[2]: Exit directory '/downloads/vpopmail-5.4.33'.
Makefile:714: commands for object 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/downloads/vpopmail-5.4.33'.
Makefile:424: commands for object 'all' failed
make: *** [all] Error 2

any ideas?

Reply |

error with make install-strip

it seems that you are missing the zlib package...

Reply |

problem with passwords containing special characters like %

I'm doinig a fresh installation, decided to compile with --enable-clear-passwd and am running into the following problem:

# /home/vpopmail/bin/vadduser user@mydomain.tld '%#RxtraMtbx#37%'
vmysql: sql error[2]: Data too long for column 'pw_clear_passwd' at row 1
Failed while attempting to add user to auth backend
Error: no authentication database connection

Using "%#" or "%+" or the like doesn't seem possible, but "%R" works.

OS: OpenSUSE 15.2
DB: MariaDB 10.4.17
Server-Character-Set: UTF-8 Unicode (utf8mb4)
Database "vpopmail" was created using collation "utf8mb4_general_ci", which is the default for standard MariaDB installation.

I'm ok with changing passwords for existing users (have to import a couple of existing domains) but am afraid there may be other issues with passwords and authentication.

Or is it just the clear password which is the problem and authentication with whatever client will be ok even when passwords like '%RxtraMT#66%' are used?

Reply |

problem with passwords containing special characters like %

Hi, I tested that password and it was accepted here... 

which vpopmail version and patch?

PS tested both with mariadb-10.5.9 (query from command line) and mariadb-10.0.0.112

Reply |

problem with passwords containing special characters like %

Hi and thx for the quick reply.

vpopmail is v5.4.33, as well is the patch.

Did download and patch as directed above:

wget https://notes.sagredo.eu/files/qmail/tar/vpopmail-5.4.33.tar.gz
wget https://notes.sagredo.eu/files/qmail/patches/vpopmail/roberto_vpopmail-5.4.33.patch
tar xzf vpopmail-5.4.33.tar.gz
cd vpopmail-5.4.33
chown -R root.root .
patch -p1 < ../roberto_vpopmail-5.4.33.patch

Language of the OS installaition is German.

status of MariaDB-server:

MariaDB [(none)]> status;
--------------
mysql Ver 15.1 Distrib 10.4.17-MariaDB, for Linux (x86_64) using EditLine wrapper

Connection id: 134
Current database: vpopmail
Current user: root@localhost
SSL: Not in use
Current pager: less
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.4.17-MariaDB MariaDB package
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /run/mysql/mysql.sock
Uptime: 1 day 20 hours 42 min 5 sec

Also recompile with --disable-clear-passwd doesn't make any difference. The error stays the same, even though the password is not stored in the database in clear text.

Reply |

problem with passwords containing special characters like %

Unfortunately I've no idea at the moment, a I can't reproduce the issue...

Reply |

aliasdomain patch compilation issue

Hi Roberto!

Recently I switched to the SQL driver and of course ran into the aliasdomains issue, so today I gave your patch a shot using a new alpine-3.13 build.

However, it runs into a snag:

gcc -o vchkpw vchkpw.o md5.o hmac_md5.o libvpopmail.a -Xlinker -R -Xlinker /usr/lib -L/usr/lib -lmysqlclient -lz -lm -lcrypt 
/usr/lib/gcc/x86_64-alpine-linux-musl/10.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: libvpopmail.a(libvpopmail_a-vpopmail.o): in function `vdeldomain':
vpopmail.c:(.text+0x1117): undefined reference to `vdelete_sql_aliasdomain'
/usr/lib/gcc/x86_64-alpine-linux-musl/10.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: libvpopmail.a(libvpopmail_a-vpopmail.o): in function `vaddaliasdomain':
vpopmail.c:(.text+0x760c): undefined reference to `vcreate_sql_aliasdomain'
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:549: vchkpw] Error 1
make[2]: Leaving directory '/usr/src/vpopmail/vpopmail-5.4.33'

This is after running autoreconf.

I did also apply the GCC 10 patch, because without it the compilation broke on MYSQL definitions.

Suggestions?

Reply |

aliasdomain patch compilation issue

Hi Wouter!

I thought I have corrected this compilation issue in the feb 15 patch... can you confirm that you downloaded this latest version marked as 2021.02.15? Just look at the first line of the patch file

which gcc version?

PS gcc-10 compat patch is already included into the latest sql-aliasdomains patch

Reply |

You step "Installing and configuring vpopmail"

... Do I need to have MySQL or MariaDB, installed before I run Your step "Installing and configuring vpopmail" ?

grdt.

Reply |

You step

One of the two. It does not make any difference

Reply |

Problem compiling vpopmail with postgresql support on alpine 12

Hi,

I try compile vpopmail with pgsql support on alpine 12 and I get error:

make[2]: Entering directory '/usr/src/vpopmail-5.4.33'
gcc -I. -I/usr/include -I. -fPIC -c -o libvpopmail_a-vauth.o `test -f 'vauth.c' || echo './'`vauth.c
vauth.c: In function 'vauth_deldomain':
vauth.c:395:15: error: 'sqlBufUpdate' undeclared (first use in this function); did you mean 'SqlBufUpdate'?
qnprintf( sqlBufUpdate, SQL_BUF_SIZE,
^~~~~~~~~~~~
SqlBufUpdate
vauth.c:395:15: note: each undeclared identifier is reported only once for each function it appears in
vauth.c:398:19: warning: implicit declaration of function 'PGresultStatus'; did you mean 'PQresultStatus'? [-Wimplicit-function-declaration]
if( !pgres || PGresultStatus(pgres)!=PGRES_COMMAND_OK) {
^~~~~~~~~~~~~~
PQresultStatus
vauth.c: In function 'vauth_deluser':
vauth.c:448:15: error: 'sqlBufUpdate' undeclared (first use in this function); did you mean 'SqlBufUpdate'?
qnprintf( sqlBufUpdate, SQL_BUF_SIZE,
^~~~~~~~~~~~
SqlBufUpdate
vauth.c: In function 'vauth_getall':
vauth.c:525:7: warning: 'strncat' specified bound 2048 equals destination size [-Wstringop-overflow=]
strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [Makefile:636: libvpopmail_a-vauth.o] Error 1
make[2]: Leaving directory '/usr/src/vpopmail-5.4.33'
make[1]: *** [Makefile:714: all-recursive] Error 1
make[1]: Leaving directory '/usr/src/vpopmail-5.4.33'
make: *** [Makefile:424: all] Error 2

Can somebody tell what I should do to fix this problem?

Reply |

Problem compiling vpopmail with postgresql support on alpine 12

You have compilation breaks because vpopmail is not compatible with the new gcc-10.

Try this patch (you may want to apply only the changes to vpgsql.c): https://notes.sagredo.eu/files/qmail/patches/vpopmail/vpopmail-5.4.33_gcc-10-compat.patch

Let me know if it works

Reply |

Using dovecot-lda with vpopmail valias database table

Hi Robert

I have an extensive valias table, and I recently added sieve filtering. 

As mentioned above in the thread between you and Eric, dovecot-lda doesn't respect the vpopmail.valias entries in the database, and instead relies on .qmail-alias files. That meant that for mail to be delivered to my aliases, I either needed to create a .qmail-alias file for each one (which would be a mess), or keep using vdelivermail and skip sieve filtering.

As an alternative to Eric's solution of creating .qmail-alias files, you can --enable-valias and add an entry for the destination account to the valias table and keep the delivery agent set to vdelivermail. 

This is my .qmail-default file (I prefer to use bounce)

| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox

To add the valias to the database table, I use this: (replacing mailboxname and example.com as appropriate)

INSERT INTO `valias` (`id`, `alias`, `domain`, `valias_line`) 
VALUES (NULL, 'mailboxname', 'example.com', '|/var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER');

Hopefully this helps someone else out there.

If I had more time, I'd look at  patching dovecot to use the valias table. Maybe one day.

Reply |

Using dovecot-lda with vpopmail valias database table

Hi Michael, thanks for your contribution, it's very much appreciated.

I think I am missing something on how things work in your configuration. You are using vdelivermail in your .qmail-default so you are giving up on sieve filters and vdelivermail can work well with valiases even without your hack... what I am missing?

Reply |

Using dovecot-lda with vpopmail valias database table

Hi Robert

I was trying to show is that you can use the valias table from vpopmail and still make sieve filtering work, without having to set up any .qmail-alias files.

The existing instructions and comments suggest you had to choose one or the other.

Reply |

Using dovecot-lda with vpopmail valias database table

I don't understand how  you can have sieve working if you have vdelivermail in your .qmail-default

Reply |

Using dovecot-lda with vpopmail valias database table

Ah, that's the magic: I have an entry in the valias table for my actual mailbox name, that tells it to use dovecot's deliver program.

So:

  1. I have alias@example.com that resolves to michael@example.com
  2. And an entry in the valias table for michael@example.com, that tells vdelivermail to call dovecot's deliver program (which will process the sieve rules).

Now, when an email for alias@example.com arrives, vdelivermail finds the alias michael@example.com and tells vdelivermail to deliver to that address. Vdelivermail then finds my alias for michael@example.com and calls dovecot's deliver to complete the delivery (which also processes the sieve rules).

Hopefully that's a bit clearer?

Michael

Reply |

Using dovecot-lda with vpopmail valias database table

That's clear now, even though this can be a solution suitable just for servers with a small bunch of users and for administrators who know what they are doing, otherwise patching vpopmail and/or dovecot would be needed. Anyway it's good to know. Thank you 

Reply |

vpopmail installation issue

Hi Mr Roberto,

i am facing an issue while running this command "make install-strip", below is the message:

/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x0): multiple definition of `MYSQL_READ_SERVER'; vconvert.o:(.bss+0x0): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x8): multiple definition of `MYSQL_READ_PORT'; vconvert.o:(.bss+0x8): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x10): multiple definition of `MYSQL_READ_SOCKET'; vconvert.o:(.bss+0x10): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x18): multiple definition of `MYSQL_READ_USER'; vconvert.o:(.bss+0x18): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x20): multiple definition of `MYSQL_READ_PASSWD'; vconvert.o:(.bss+0x20): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x28): multiple definition of `MYSQL_READ_DATABASE'; vconvert.o:(.bss+0x28): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x30): multiple definition of `MYSQL_UPDATE_SERVER'; vconvert.o:(.bss+0x30): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x38): multiple definition of `MYSQL_UPDATE_PORT'; vconvert.o:(.bss+0x38): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x40): multiple definition of `MYSQL_UPDATE_SOCKET'; vconvert.o:(.bss+0x40): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x48): multiple definition of `MYSQL_UPDATE_USER'; vconvert.o:(.bss+0x48): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x50): multiple definition of `MYSQL_UPDATE_PASSWD'; vconvert.o:(.bss+0x50): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x58): multiple definition of `MYSQL_UPDATE_VPORT'; vconvert.o:(.bss+0x58): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x60): multiple definition of `MYSQL_UPDATE_DATABASE'; vconvert.o:(.bss+0x60): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:552: vconvert] Error 1
make[2]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make[1]: *** [Makefile:714: install-recursive] Error 1
make[1]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make: *** [Makefile:1037: install-strip] Error 2

what shoud I do next? any settings need to be done in vpopmail folder?

Thank you

Regards, Kenny

Reply |

vpopmail installation issue

Today I released two patches, one for qmail and another for vpopmail, which solve these compilation breaks.

Reply |

vpopmail installation issue

No idea... any suspicious message from configure & make commands?

Reply |

vpopmail installation issue

Hi Mr Roberto,

my Linux is openSUSE Tumbleweed

mysql is MariaDB version 10.4.14

while running the configure command no issue, the summary as below:

vpopmail 5.4.33
Current settings

vpopmail directory = /home/vpopmail
domains directory = /home/vpopmail/domains
uid = 89
gid = 89
roaming users = OFF --disable-roaming-users (default)
password learning = ON --enable-learn-passwords
md5 passwords = ON --enable-md5-passwords (default)
file locking = ON --enable-file-locking (default)
vdelivermail fsync = OFF --disable-file-sync (default)
make seekable = ON --enable-make-seekable (default)
clear passwd = ON --enable-clear-passwd (default)
user dir hashing = ON --enable-users-big-dir (default)
address extensions = ON --enable-qmail-ext
ip alias = OFF --disable-ip-alias-domains (default)
onchange script = OFF --disable-onchange-script (default)
domain quotas = OFF --disable-domainquotas (default)
auth module = mysql --enable-auth-module=mysql
mysql replication = OFF --disable-mysql-replication (default)
sql logging = ON --enable-sql-logging
mysql limits = OFF --disable-mysql-limits (default)
SQL valias table = OFF --disable-valias (default)
auth inc = -I/usr/include/mysql
auth lib = -Xlinker -R -Xlinker /usr/lib64/mysql -L/usr/lib64/mysql -lmysqlclient -lz -lm
system passwords = OFF --disable-passwd (default)
pop syslog = show failed attempts with clear text password --enable-logging=p
auth logging = ON --enable-auth-logging (default)
all domains in one SQL table = --enable-many-domains (default)
spamassassin = OFF --disable-spamassassin (default)
maildrop = OFF --disable-maildrop (default)

but when i tried to run "make install-strip", the error message pop up :

gcc -o vdominfo vdominfo.o libvpopmail.a -Xlinker -R -Xlinker /usr/lib64/mysql -L/usr/lib64/mysql -lmysqlclient -lz -lm -lcrypt
gcc -o vconvert vconvert.o libvpopmail.a -Xlinker -R -Xlinker /usr/lib64/mysql -L/usr/lib64/mysql -lmysqlclient -lz -lm -lcrypt
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x0): multiple definition of `MYSQL_READ_SERVER'; vconvert.o:(.bss+0x0): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x8): multiple definition of `MYSQL_READ_PORT'; vconvert.o:(.bss+0x8): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x10): multiple definition of `MYSQL_READ_SOCKET'; vconvert.o:(.bss+0x10): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x18): multiple definition of `MYSQL_READ_USER'; vconvert.o:(.bss+0x18): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x20): multiple definition of `MYSQL_READ_PASSWD'; vconvert.o:(.bss+0x20): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x28): multiple definition of `MYSQL_READ_DATABASE'; vconvert.o:(.bss+0x28): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x30): multiple definition of `MYSQL_UPDATE_SERVER'; vconvert.o:(.bss+0x30): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x38): multiple definition of `MYSQL_UPDATE_PORT'; vconvert.o:(.bss+0x38): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x40): multiple definition of `MYSQL_UPDATE_SOCKET'; vconvert.o:(.bss+0x40): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x48): multiple definition of `MYSQL_UPDATE_USER'; vconvert.o:(.bss+0x48): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x50): multiple definition of `MYSQL_UPDATE_PASSWD'; vconvert.o:(.bss+0x50): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x58): multiple definition of `MYSQL_UPDATE_VPORT'; vconvert.o:(.bss+0x58): first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: libvpopmail.a(libvpopmail_a-vauth.o):(.bss+0x60): multiple definition of `MYSQL_UPDATE_DATABASE'; vconvert.o:(.bss+0x60): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:552: vconvert] Error 1
make[2]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make[1]: *** [Makefile:714: install-recursive] Error 1
make[1]: Leaving directory '/usr/local/src/vpopmail-5.4.33'
make: *** [Makefile:1037: install-strip] Error 2

do we need to define MYSQL data in vmysql.h?

thank you

Reply |

vpopmail installation issue

I didn't test it against mariadb-10.4, but I would try to declare with #ifndef those variables in mysql.h

Reply |

vpopmail installation issue

Hi Mr Roberto,

i deleted the vpopmail setup folder and extracted the zip file again, then this time i just run a "./configure" without any options and then "make install-strip", this time no error came out... then i tried to run again "./configure" with options then "make install-strip" .. no more error popup.

i continued your steps until netqmail setup which mean i done all the Patching steps. Now i hit another error, while i run "make setup check" in netqmail-1.06 folder, i got below error:

./load qmail-qmtpd rcpthosts.o control.o constmap.o \
received.o date822fmt.o now.o qmail.o cdb.a fd.a wait.a \
datetime.a open.a getln.a sig.a case.a env.a stralloc.a \
alloc.a substdio.a error.a str.a fs.a auto_qmail.o
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: received.o:/usr/local/src/netqmail-1.06/received.c:24: multiple definition of `relayclient'; qmail-qmtpd.o:/usr/local/src/netqmail-1.06/qmail-qmtpd.c:76: first defined here
/usr/lib64/gcc/x86_64-suse-linux/10/../../../../x86_64-suse-linux/bin/ld: received.o:/usr/local/src/netqmail-1.06/received.c:25: multiple definition of `relayclientlen'; qmail-qmtpd.o:/usr/local/src/netqmail-1.06/qmail-qmtpd.c:77: first defined here
collect2: error: ld returned 1 exit status
make: *** [Makefile:1591: qmail-qmtpd] Error 1

any idea?

Thank you

Reply |

vpopmail installation issue

I suppose you are compiling with gcc 10. Look at this https://gcc.gnu.org/gcc-10/porting_to.html

Reply |

vpopmail installation issue

It seems the same kind of error of vpopmail compilation.. did you try to download the sources, patching and compiling again?

Reply |

vpopmail installation issue

Hi Mr Roberto,

yes, i have redownloaded again the netqmail-1.06 file from your source and also the original source, then patch again.. but no luck.. both also same issue... what i have done, i just patch the file which only with smtp-auth, qmail-tls and force-tls. then it's works.

After that, when i tried to start Qmail and i found that the Daemontool was not start. for OpenSuse Tumbleweed, no more /etc/inittab use in the system, so what i have done, i need to ln that svscanboot file to /etc/rc.d/ then add it as auto start then completed Qmail Setup.

Thanks for the help.

Reply |

vpopmail installation issue

In the event of a systemd linux it is sufficient to start all services by rc.local, which should be created as a service in systemd

Reply |

vchkpw auth errors

May need to fix suid permissions for vpopmail's vchkpw after compiling to avoid auth errors.

eg

chmod ug+s /home/vpopmail/bin/vchkpw

Reply |

vchkpw auth errors

It wouldn't be better to run qmail-smtpd as vpopmail:vchkpw instead of letting everyone (not only qmail-smtpd) execute vchkpw with the owner's priviledges?

Reply |

libev missing

Hello Roberto,

I think I've found a small error in your guide: the latest available libev version is 4.27 and not 4.22: http://dist.schmorp.de/libev/libev-4.27.tar.gz

Ciao !

Reply |

valias doesn't work

Hello,

For some reason, vpopmail valias (i.e., storing valiases inside the MySQL database) doesn't work with chkuser, even if we configure both to do so. With valiases stored inside the database, vchkuser will reject emails sent to aliases (no mailbox). At least with me, chkuser only recognized valiases using the dot-qmail format. So, make sure to compile vpopmail with --disable-valias and --enable-qmail-ext as instructed, and remember that you will need to configure dot-qmail files for your aliases in the /home/vpopmail/domain/DOMAINNAME directory.

Reply |

Vusage configure error

I get this message during the configure phase of vusage and can't progress from there:

configure: error: No vauth_getpw in libvpopmail

So I am proceeding without implementing vusage (I also don't really acare about user quotas) so I hioe this will still work

Reply |

Vusage configure error

I faced this issue myself a couple of days ago on a Debian 11. Unfortunately the Luca's fix below didn't help.

I realized that, for unknown reasons, the configure is not linking the libmysqlclient libraries. But patching the configure not to break at that point results in a successfull compilation when make is runned (it finds libmysqlclient). I have vusaged running apparently with no issues for now.

Have a look to this patch

Reply |

Vusage configure error

Same here, OS: Ubuntu 18.04

Reply |

Vusage configure error

look here (first item on google!) http://vchkpw.inter7.narkive.com/ftLwnnZq/vusaged-compile-error

Anyway everything will work even without vusaged

Reply |

Vusage configure error

Which unfortunately doesn't provide a solution...

If anyone managed to workaround this issue plz share here

Reply |

Vusage configure error

Try this:

LIBS=`head -1 /home/vpopmail/etc/lib_deps` ./configure --with-vpopmail=/home/vpopmail

Reply |

Vusage configure error

it worked for me

Reply |

--disable-valias

Hi Roberto,

As far I know and dovecot-lda is concerned it is not the presence of the configuration flag --enable-valias that hinders dovecot LDA from delivering to aliases it is the absence of a .qmail-'alias' alias file

Eric

Reply |

if the aliases are stored in

if the aliases are stored in the database, why the .qmail-alias is needed?

Reply |

valias

Hi Roberto,

I was only trying to point out that dovecot-lda is not affected by the --disable-valias/--enable-valias flags. On the other hand vdelivermail is affected and will use dot-qmail files in one case and the virtual alias database in the other case.
Dovecot-lda and --enable-valias can live quite happily together as long as you use dot-qmail files for you aliases.

Eric

Reply |

I agree. I will clarify this

I agree. I will clarify this in the lines above

Reply |

libev Version changed

Hi Roberto!

The libev 4.11 not exits, this changed to 4.22, at link http://dist.schmorp.de/libev/libev-4.22.tar.gz

Reply |

Permission issue on tcp.*

First of all, Roberto - THANK YOU for taking the time to put this resource together! I've formerly used JMS' tutorials etc but that was years ago. Once qmail etc is set up and working, you almost never have to touch it again except for security updates or maintenance so it's easy to forget the inner workings!

I have everything going so far but haven't been able to get passed the testing stages; When I telnet to 587, the logs for qmail-submission gives me this:

warning: dropping connection, unable to read /home/vpopmail/etc/tcp.submission.cdb: access denied 

Can you please confirm what the perms are supposed to be? Right now they're owned by root at 644. Any pointers on this would be greatly appreciated!!

Reply |

Hi Wlad,

Hi Wlad,

yes the priviledges are correct. It's strange because every user should be able to read that file.. 

Anyway, who is the user who runs qmail-smtpd and qmail-submission? If you migrated from JMS configuration you may have to check/adjust the priviledges of the ~vpopmail/ dir.  In particular I suggest to check if the vpopmail:vchkpw userIDs are 89:89 (if I remember well JMS configuration uses non standard IDs for users..). 

Reply |

Ok... I feel stupid.

Ok... I feel stupid. ~vpopmail main dir was owned by root:root grrrr. Works now. ALL those dang hours - that happens when it's late, going on no sleep :) Again Roberto, thank you for this great guide! Lots of Coffee incoming to you haha

Reply |

ps -ef|grep qmail

ps -ef|grep qmail
root       606  1831  0 11:17 pts/0    00:00:00 grep --color=auto qmail
root      1865  1863  0 Jan08 pts/0    00:00:00 supervise qmail-smtpd
root      1871  1863  0 Jan08 pts/0    00:00:00 supervise qmail-send
root      1875  1863  0 Jan08 pts/0    00:00:00 supervise qmail-submission
qmaill    1877  1866  0 Jan08 pts/0    00:00:00 /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/smtpd
qmaill    1879  1872  0 Jan08 pts/0    00:00:00 /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/send
qmaill    1881  1874  0 Jan08 pts/0    00:00:00 /usr/local/bin/multilog t /var/log/qmail/vpopmaild
qmaill    1884  1876  0 Jan08 pts/0    00:00:00 /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/submission
qmails   16495  1871  0 02:13 pts/0    00:00:00 qmail-send
vpopmail 16497  1865  0 02:13 pts/0    00:00:00 /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.smtp.cdb -c 20 -u 89 -g 89 0 25 /var/qmail/bi                                                                    n/qmail-smtpd
vpopmail 16499  1875  0 02:13 pts/0    00:00:00 /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.submission.cdb -c 20 -u 89 -g 89 0 587 /var/q                                                                    mail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bin/true
root     16508 16495  0 02:13 pts/0    00:00:00 qmail-lspawn | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
qmailr   16509 16495  0 02:13 pts/0    00:00:00 qmail-rspawn
qmailq   16510 16495  0 02:13 pts/0    00:00:00 qmail-clean
qmails   16511 16495  0 02:13 pts/0    00:00:00 qmail-todo
qmailq   16512 16495  0 02:13 pts/0    00:00:00 qmail-clean

Wow long/ugly past - but all ownerships seem fine from looking at this and I'm perplexed. As for JMS, that was years ago on a separate server. I founds this guide last night and like the fact that things can be updated with the most current - in regards to paches etc. Versions of other sources:

Vpopmail: 5.4.33,
libev: 4.22
netqmail: 1.06
libsrs2: 1.0.18
libdomainkeys: 0.69

And yes, id -g/-u vpopmail:vchkpw are both 89; I've turned every kind of permission based type of app off (apparmor for instance), every firewall etc etc with no change. I got no errors during compilation and did everything step by step and in order on this brand new server running ubuntu with multiple IPs. Speaking of IPs that was something I was going to ask about as well on how to specifically bind 587/25 to a specific IP but as long as MX records are set up properly there shouldn't be a need for that.

Roberto, sorry about the long post - just trying to figure this one out as everything seems to be running fine and like you said perms are right...

Reply |

Charset?

Hello,

Some clients change their passwords with non-ascii char like "?š??žýáíé", but these characters are broken in MySQL as clear passwords. Any idea what charset set to Mysql db or how to set vpopmail to use UTF-8? Everythink else is in UTF...

Anyway if i do /home/vpopmail/bin/vuserinfo user@domain.cc clear password is ok, but in MySQL

SELECT pw_clear_passwd FROM vpopmail WHERE  pw_name .... password is broken

Reply |

Hi, which tool are you using

Hi, which tool are you using to change the pwd? I can use UTF8 characters here when connecting via imap/roundcube pwd plugin, but if I try with qmailadmin I get an error...

PS: and I can retrieve the clear pwd with an SQL query

Reply |

Solved :)It was

Solved :)

It was misconfigured MySQL. I have no idea what charset did connection use when it was not configured but when I set this to my.cnf it start working correctly

[client]

default-character-set=utf8

[mysqld]

collation-server = utf8_unicode_ci
init-connect= 'SET NAMES utf8'
character-set-server=utf8


[mysql]

default-character-set=utf8

Other problem is password from outlook... But I think there is no solution for clients using non UTF8 charset...

Reply |

Vpopmail configure

Hello!

While running ./configure on Gentoo systems (probably on other systems also) you have to add following options:

--enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib64/mysql

Vpopmail works also with MariaDB 5.5.37 

BTW THX for great tutorial ;)

Best Regards

Winnetou

Reply |

  Hello Winnetou This

Hello Winnetou

This is the default location for mysql and mariadb, and I suppose that normally you don't even need to add those options, as the library will be automatically found. I  just added them for those (like me) who compile from source or don't use the package provided by their own distro

Reply |

Hello! I'm aware that

Hello!

I'm aware that those paths are default and ./configure should find them, but it didn't, that's why I decided to post a comment ;)

When I run ./configure without those 2 optins it failed. I was installing qmail and vpopmail on freshly installed Gentoo 

Reply |

If I understand well,

If I understand well, omitting those two options gets vpopmail not to find the libraries?

Anyway as soon as possible I will add a clarification on the purpose

Reply |

I am installing vpopmail and

I am installing vpopmail and vusaged on CentOS release 6.4 (Final)

but i encountered the error on vusaged.

[root@Dev vusaged]# /etc/rc.d/rc.vusaged start
Starting vusaged: failed

What is the problem? I am googling bu i couldn't found the solution.

please help me!!

Reply |

can you dostrace

can you do

strace /etc/rc.d/rc.vusaged start

and see what happens?

Reply |

it works now

It works now. I uninstalled the libev source then installed libev using yum rpmforge repository.

# make uninstall
# yum -y install libev libev-devel

Sorry for the late reply. I totally forgot about this. I gave up last time and set up qmailtoaster on Centos 6 which was successful.

Now, I am experimenting qmail again using this setup. :)

Reply |

Recent comments
See also...
Recent posts

RSS feeds