qmail + spamcontrol patch SMTP auth

Hi folks. I'm really hoping someone can take a stab at an auth issue
for me. I've done my homework, and just can't seem to pass the test.

I have a qmail-1.03 setup with spamcontrol-2418 patches applied. I
have my run line setup:

export SMTPAUTH=""
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c
"$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-
smtpd /bin/cmd5checkpw /bin/true 2>&1

The problem is that no matter what I do, I can't get authorization to
pass. I have confirmed that it is running fine using /usr/local/bin/
recordio directly on the command line. I have also confirmed that it
works fine through qmail-popup tests:

sudo -u qmaild /var/qmail/bin/qmail-popup blah /bin/cmd5checkpw id

In fact, every test I can put together confirms that both /bin/
cmd5checkpw (against qmail/users/authuser) and /bin/checkpassword
(against system users) both work fine. I've authenticated against
them running as root, qmaild, and my local user, so I'm pretty sure
it's not the standard permissions issues.

But whenever it's running within tcpserver on port 25, auth fails
every time, with the standard:
Reject::ORIG::Failed_Auth: P:ESMTPA S:***my ip/host*** H: 'login' ?=
'wkoffel'

Any thoughts at all here? I had an older smtp auth patch working, but
I needed some other features of spamcontrol and didn't want to hand-
merge patches together.

I have years of history with qmail, and know once I can crack this
nut, it'll be back to running smoothly for me again, but this one is
driving me nuts!

Re: qmail + spamcontrol patch SMTP auth

Another piece of data, there is always about a 2-3 second delay before
the auth rejects. Not sure if this is standard behavior or a symptom
of the problem. Almost seems like the auth-mechanism is busy,
perhaps, and spamcontrol bails on waiting for it to respond? Dunno,
that's a bit of a shot in the dark.


On Jul 30, 11:10 pm, wkoffel wrote:
> Hi folks. I'm really hoping someone can take a stab at an auth issue
> for me. I've done my homework, and just can't seem to pass the test.
>
> I have a qmail-1.03 setup with spamcontrol-2418 patches applied. I
> have my run line setup:
>
> export SMTPAUTH=""
> exec /usr/local/bin/softlimit -m 2000000 \
> /usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c
> "$MAXSMTPD" \
> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-
> smtpd /bin/cmd5checkpw /bin/true 2>&1
>
> The problem is that no matter what I do, I can't get authorization to
> pass. I have confirmed that it is running fine using /usr/local/bin/
> recordio directly on the command line. I have also confirmed that it
> works fine through qmail-popup tests:
>
> sudo -u qmaild /var/qmail/bin/qmail-popup blah /bin/cmd5checkpw id
>
> In fact, every test I can put together confirms that both /bin/
> cmd5checkpw (against qmail/users/authuser) and /bin/checkpassword
> (against system users) both work fine. I've authenticated against
> them running as root, qmaild, and my local user, so I'm pretty sure
> it's not the standard permissions issues.
>
> But whenever it's running within tcpserver on port 25, auth fails
> every time, with the standard:
> Reject::ORIG::Failed_Auth: P:ESMTPA S:***my ip/host*** H: 'login' ?=
> 'wkoffel'
>
> Any thoughts at all here? I had an older smtp auth patch working, but
> I needed some other features of spamcontrol and didn't want to hand-
> merge patches together.
>
> I have years of history with qmail, and know once I can crack this
> nut, it'll be back to running smoothly for me again, but this one is
> driving me nuts!

Re: qmail + spamcontrol patch SMTP auth

One more post to myself here before I call it a night. Here's the
clearest example of the weirdness going on here. Why does auth work
when I run smtpd directly, but fails with an indentical interaction
when running under tcpserver? They are running as the same user, best
I can tell (qmaild)

[wkoffel@sauna qmail-1.03]$ sudo -u qmaild /var/qmail/bin/qmail-smtpd /
bin/cmd5checkpw /bin/true
220 myhost.com ESMTP
AUTH LOGIN
334 VXNlcm5hbWU6
d2tvZmZlbA==
334 UGFzc3dvcmQ6
Zm9vYmFy
Accept::ORIG::Valid_Auth: P:EMSTPA S:unknown:unknown H: 'login' ?=
'wkoffel'
235 ok, go ahead (#2.0.0)

[wkoffel@sauna qmail-1.03]$ sudo /var/qmail/bin/qmailctl start
Starting qmail
[wkoffel@sauna qmail-1.03]$ telnet myhost.com 25
Trying 72.70.48.3...
Connected to myhost.com (myip).
Escape character is '^]'.
220 myhost.com ESMTP
AUTH LOGIN
334 VXNlcm5hbWU6
d2tvZmZlbA==
334 UGFzc3dvcmQ6
Zm9vYmFy
535 authentication failed (#5.7.1)
^]close

telnet> close
Connection closed.
[wkoffel@sauna qmail-1.03]$