qmail-ldap 20030801 release is out

Hello qmail-ldap fans,

The new 20030801 release of qmail-ldap is out, exactly on the Swiss
national holiday. Switzerland was founded 712 years ago. For more
information go here: http://www.admin.ch/ch/e/schweiz/index.html

However the qmail-ldap hackers are not in the capital Berne but
in the far lager city of Zürich which is about half-way between
Berne and the text 'Germany'on that map. Have a look at
http://www.stzh.ch/ and http://www.zuerich.com. Claudio earned his
diploma in Electrical Engineering at the Swiss Federeal Institute
of Technology in Zürich http://www.ethz.ch (which is somewhat the
MIT of Europe). I have studied at the TBZ http://www.tbz.ch/ in
Zürich. But orginally I am from Hamburg in nothern Germany and
moved to Zürich 17 years ago (well, my parents did and so did I).

As usual you can get the patch here:

 http://www.nrg4u.com

It contains the following bugfixes and changes:

 Some cleanup and clarification in smtpd and rbl logging.

 Added Russell Nelsons antivirus patch for qmail-smtpd.
 Compile qmail-ldap with the -DSMTPEXECCHECK option and turn it on with
 the REJECTEXEC environment variable.

 Added qmail-queue patch. Compile-time option via -DALTQUEUE.

Re: qmail-ldap 20030801 release is out

Will this patch still behave under this conditions:
When the ldap entry looks like this:

dn: mail=8832010 <at> telemovil.com, ou=People, o=Telemovil
mail: 8832010 <at> telemovil.com
objectClass: top
objectClass: qmailUser
mailMessageStore: /mailstore/telemovil.com/883/8832010
uid: 8832010
mailHost: mail.telemovil.com
cn: Roberto Carlos Navas
mailAlternateAddress: rcnavas <at> telemovil.com
mailQuota: 500000000S,5000C
deliveryProgramPath: /lmtools/bin/notify.pl
mailReplyText: Prueba de Mensaje de Vacaciones...
deliveryMode: forwardonly
mailForwardingAddress: rcnavas <at> telemovil.net

The result is this:

delivery 20067: deferral:
Uh-oh:_deliveryMode_has_prog_delivery_but_has_forwardonly_set._(#4.7.0)/

I'm using 20021201a and all versions after that do the above...

Also one question: I'm serving 2 domains with qmail-ldap: mydomain.com and
mydomain.net, what is the best way to make qmail-ldap to execute a delivery
program with each incoming local message and still do a normal maildir
delivery for all mydomain.com accounts?... Also, I need that program to be
executed no matter what deliveryMode the user has.

Re: qmail-ldap 20030801 release is out

On Sat, Aug 02, 2003 at 02:48:40PM -0600, Roberto Carlos Navas wrote:
> Will this patch still behave under this conditions:
> When the ldap entry looks like this:
> 
> dn: mail=8832010 <at> telemovil.com, ou=People, o=Telemovil
> mail: 8832010 <at> telemovil.com
> objectClass: top
> objectClass: qmailUser
> mailMessageStore: /mailstore/telemovil.com/883/8832010
> uid: 8832010
> mailHost: mail.telemovil.com
> cn: Roberto Carlos Navas
> mailAlternateAddress: rcnavas <at> telemovil.com
> mailQuota: 500000000S,5000C
> deliveryProgramPath: /lmtools/bin/notify.pl
> mailReplyText: Prueba de Mensaje de Vacaciones...
> deliveryMode: forwardonly
> mailForwardingAddress: rcnavas <at> telemovil.net
> 
> The result is this:
> 
> delivery 20067: deferral:
> Uh-oh:_deliveryMode_has_prog_delivery_but_has_forwardonly_set._(#4.7.0)/
> 
> I'm using 20021201a and all versions after that do the above...
> 

This was a bug that was fixed somewhen in 2003. deliverymode forwardonly
is very restrictive, similar to setting the x-bit on a .qmail file.
forwardonly is intended for forwarding only account, anything else will

Re: Call for implementation stories and email interviews

Hallo Andre,

Tuesday, July 29, 2003, 11:18:48 AM, you wrote:

AO> Hello qmail-ldap fans,

AO> I'd like to get some feedback from you, yes you too, and you also,
AO> on your qmail-ldap installation, how it went, how you use it, how
AO> big/small it is and how satisfied you are with it.

AO> With some of you I'd like to conduct an email interview on more
AO> detailed aspects of your qmail-ldap implementation and use.

AO> I'd like to get at least three responses from the following
AO> industries/categories:

AO>  ISP environment
AO>  Corporate environment
AO>  Education environment
AO>  Government environment

AO> In exchange for the work we've put into developing qmail-ldap I
AO> want you to tell me your story. I think this is a fair deal, isn't
AO> it? 

Ok, here i am ;)

I'm writing/implementing my diplom thesis "LDAP for use on schools"

This includes setting up accounts for 40000 pupils in 100 schools

Seminer Duyurusu

Re: Call for implementation stories and email interviews

Malte Woelky wrote/schrieb/scripsit:
>    cn=testuser1, ou=People, dc=schule1, dc=gelsenkirchen, dc=edu
>          mail:  testuser1 <at> schule1.gelsenkirchen.edu
>    cn=testuser1, ou=People, dc=schule2, dc=gelsenkirchen, dc=edu
>          mail:  testuser1 <at> schule2.gelsenkirchen.edu
> 
> Any idea how enode the subdomain in the pop3-login?

Have you ever heard of namespaces? There are at least three namespaces
in a qmailUser object: mail/mailAlternateAddress, uid and mailMessage-
Store. The qmailUser object establishes a mapping between these values
because they cannot normally be derived from each other. So the object
maps mail/mailAlternateAddress to mailMessageStore and uid to user-
Password and mailMessageStore. Here mail/uid act as a key in the data-
base and they must be unique in your realm, i.e. they identify a
single object. Obviously it is not valid for a the same uid or mail to
be present in different objects. Making mail unique is not hard, as it
naturally appears as a fully qualified address. Now you only need to
care about the uid. The uid must be unique within your realm, but it
does not have to be derived from any other data in the object. Unlike
as for mail you can chose a scheme for this namespace. One possible
scheme would be to simply use the same value for mail and uid. Other
possible schemes are to use a percent sign instead of an at sign or
a unique number. There are other possibilities and the choice it up
to you to chose one that fits your environment.

-Stefan
--

-- 
 junior guru                               SP666-RIPE  SMP <at> {IRC,SILC}

qmail-ldap compilation error with qmail-errno patch on RH 9 (glibc 2.3.1)

Hi there,

Im trying to upgrade a qmail-ldap server on a Linux Red Hat 9 (glibc
2.3.1). The previous patch I worked with was the 20030501 one and the
setting up was successful after applying the qmail-errno patch (a patch
that has to be included if you compile qmail on a glibc 2.3.1 system).

Now I've got a fresh copy of qmail-1.03, added the latest qmail-ldap
patch into it (20030801) and the qmail-errno patch. Same Makefile as the
older one (with the default Makefile the older patch seems to compile
well) and I get the following error:

./compile qmail-getpw.c
qmail-getpw.c: In function `main':
qmail-getpw.c:61: warning: return type of `main' is not `int'
./load qmail-getpw case.a substdio.a error.a str.a fs.a \
auto_break.o auto_usera.o
./compile     \
qmail-remote.c
qmail-remote.c: In function `quit':
qmail-remote.c:389: `wantcomp' undeclared (first use in this function)
qmail-remote.c:389: (Each undeclared identifier is reported only once
qmail-remote.c:389: for each function it appears in.)
qmail-remote.c:390: `r' undeclared (first use in this function)
qmail-remote.c:390: `stream' undeclared (first use in this function)
qmail-remote.c:392: `num' undeclared (first use in this function)
qmail-remote.c: In function `main':
qmail-remote.c:794: warning: return type of `main' is not `int'
make: *** [qmail-remote.o] Error 1

If I try to set up Makefile with the following options:

LDAPFLAGS=-DEXTERNAL_TODO -DDASH_EXT -DALTQUEUE

# Perhaps you have different ldap libraries, change them here
LDAPLIBS=-L/usr/local/lib -lldap -llber
# and change the location of the include files here
LDAPINCLUDES=-I/usr/local/include
# on Slowaris you need -lresolv and probably a LD_RUN_PATH added like
this:
#LDAPLIBS=-L/opt/OpenLDAP/lib -lldap -llber -lresolv -R/opt/OpenLDAP/lib
# for example on my Linux box I use:
#LDAPLIBS=-L/opt/OpenLDAP/lib -lldap -llber
# if you need a special include-directory for ldap headers enable this
#LDAPINCLUDES=-I/opt/OpenLDAP/include

# ZLIB needed for -DDATA_COMPRESS
#ZLIB=-lz
# of you installed zlib in a different path you can use something like
this
#ZLIB=-L/opt/zlib/lib -lz
#ZLIB=-L/usr/lib -lz
#ZINCLUDES=-I/opt/zlib/include
#ZINCLUDES=-I/usr/include

# TLS (SMTP encryption) in qmail-smtpd and qmail-remote, see TLS.readme
# You need OpenSSL for this
# use -DTLS_REMOTE to enable tls support in qmail-remote
# use -DTLS_SMTPD to enable tls support in qmail-smtpd
# use -DTLSDEBUG to enable additional tls debug information in
qmail-remote
#TLS=-DTLS_REMOTE -DTLS_SMTPD
# Path to OpenSSL includes
#TLSINCLUDES=-I/usr/local/include
# Path to OpenSSL libraries
#TLSLIBS=-L/usr/local/lib -lssl -lcrypto
# Path to OpenSSL binary
#OPENSSLBIN=/usr/local/bin/openssl
#OPENSSLBIN=openssl

# to make the Netscape download progress bar work with qmail-pop3d
# uncomment the next line (allready done)
MNW=-DMAKE_NETSCAPE_WORK 

# to enable the auto-maildir-make feature uncomment the next line
MDIRMAKE=-DAUTOMAILDIRMAKE

# to enable the auto-homedir-make feature uncomment the next line
HDIRMAKE=-DAUTOHOMEDIRMAKE

# on most systems we need this to make auth_pop and auth_imap
SHADOWLIBS=-lcrypt
# OpenBSD Systems seems to have no libcrypt, so comment the line out if
you
# get linking problems
# To use shadow passwords under some Linux OS, uncomment the next two
lines.
# SHADOWLIBS=-lcrypt -lshadow
# SHADOWOPTS=-DPW_SHADOW
# To use shadow passwords under Solaris, uncomment the SHADOWOPTS line.

# to enable the possibility to log and debug imap and pop uncoment the
# next line
DEBUG=-DDEBUG
# WARNING: you need a NONE DEBUG auth_* to run with inetd

# for profiling ...
#INCTAI=../libtai-0.60
#LIBTAI=../libtai-0.60

# Just for me, make from time to time a backup
#BACKUPPATH=/backup/qmail-backup/qmail-ldap.`date "+%Y%m%d-%H%M"`.tar

I get the following error:

[root <at> snoopy qmail-1.03]# make setup check
./load auth_pop checkpassword.o check.o control.o qldap-ldaplib.o \
qldap-debug.o output.o auto_qmail.o dns.o timeoutconn.o timeoutread.o \
ip.o base64.o digest_md4.o digest_md5.o digest_rmd160.o digest_sha1.o \
ipalloc.o constmap.o case.a getln.a open.a env.a stralloc.a alloc.a \
substdio.a str.a qldap-mdm.o wait.a qldap-errno.o error.a fs.a \
ndelay.a prot.o -L/usr/local/lib -lldap -llber -lcrypt \
`cat dns.lib` `cat socket.lib`
checkpassword.o(.text+0x86): In function `main':
: undefined reference to `log_init'
checkpassword.o(.text+0xab): In function `main':
: undefined reference to `log'
checkpassword.o(.text+0xc3): In function `main':
: undefined reference to `log'
checkpassword.o(.text+0x12a): In function `main':
: undefined reference to `log'
checkpassword.o(.text+0x15a): In function `main':
: undefined reference to `log'
checkpassword.o(.text+0x1b8): In function `main':
: undefined reference to `log'
checkpassword.o(.text+0x1e7): more undefined references to `log' follow
checkpassword.o(.text+0x54a): In function `check_ldap':
: undefined reference to `qldap_mailhosts'
checkpassword.o(.text+0x56a): In function `check_ldap':
: undefined reference to `log'
checkpassword.o(.text+0x634): In function `check_passwd':
: undefined reference to `log'
checkpassword.o(.text+0x689): In function `check_passwd':
: undefined reference to `log'
checkpassword.o(.text+0x6bf): In function `check_passwd':
: undefined reference to `log'
checkpassword.o(.text+0x703): In function `cmp_passwd':
: undefined reference to `log'
checkpassword.o(.text+0x799): more undefined references to `log' follow
collect2: ld returned 1 exit status
make: *** [auth_pop] Error 1

I've also tried other options in qmail's Makefile. Could someone give me
a clue about if it looks like a bug or just a bad setting up /
configuration?

Thanks in advance,

Inaki 

Re: qmail-ldap compilation error with qmail-errno patch on RH 9 (glibc 2.3.1)

On Mon, Aug 04, 2003 at 03:00:40PM +0200, Iñaki Fernández wrote:
> Now I've got a fresh copy of qmail-1.03, added the latest qmail-ldap
> patch into it (20030801) and the qmail-errno patch. Same Makefile as the
> older one (with the default Makefile the older patch seems to compile
> well) and I get the following error:
> qmail-remote.c: In function `quit':
> qmail-remote.c:389: `wantcomp' undeclared (first use in this function)
> qmail-remote.c:389: (Each undeclared identifier is reported only once
> qmail-remote.c:389: for each function it appears in.)
> qmail-remote.c:390: `r' undeclared (first use in this function)
> qmail-remote.c:390: `stream' undeclared (first use in this function)
> qmail-remote.c:392: `num' undeclared (first use in this function)
> qmail-remote.c: In function `main':

andre forgot an #ifdef.

--- qmail-remote.c~	Mon Aug  4 15:24:32 2003
+++ qmail-remote.c	Mon Aug  4 15:24:32 2003
 <at>  <at>  -386,6 +386,7  <at>  <at> 
   outhost();
   out(append);
   out(".\n");
+#ifdef DATA_COMPRESS
   if (wantcomp == 1) {
 	  r = 100 - (int)(100.0*stream.total_out/stream.total_in);
 	  if (r < 0) {
 <at>  <at>  -396,6 +397,7  <at>  <at> 
 	  out("Dynamic data compression saved ");
 	  out(num); out("%.\n");
   }
+#endif
   outsmtptext();
   zerodie();
 }

--

-- 
http://2suck.net/hhwl.html - http://www.bsws.de/
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Ilginizi çekebilecek 3 teklifimiz var !!!

1 - Yiyerek-içerek, yorulmadan, terlemeden ve ilaç kullanmadan kilolarinizi 
asagiya veya yukariya kontrol edebilirsiniz.

      www.saglikliyasam.info/Kilo_Kontrol_Urunleri.html

2 - Haftalarla ölçebileceginiz kadar kisa bir sürede, kirisikliklardan kurtulmus,
daha genç ve siki bir cilde kavusabilirsiniz. Dünyada pek çok ödül kazanmis
inanilmaz bir ürün simdi elinizin altinda

      www.saglikliyasam.info/Dis_Beslenme_Urunleri.html

3 - Amaçlariniza, hayallerinize ve tutkulariniza kavusmaniz artik imkansiz
degil. Uluslararasi bir kurulusta part-time, full-time veya istediginiz kadar
çalisarak ek bir gelir ya da inanamayacaginiz yeni bir yasam elde edebilirsiniz.

      www.saglikliyasam.info/Distributorluk.html

-------------------------------------------------------------------------------
Mail listemizden çikmak için lütfen REMOVE subject'li bir mail'i
duyuru <at> saglikliyasam.info adresine gönderiniz.
-------------------------------------------------------------------------------

Re[2]: Call for implementation stories and email interviews

Hallo Stefan,

Monday, August 4, 2003, 2:20:02 PM, you wrote:

SP> Malte Woelky wrote/schrieb/scripsit:
>>    cn=testuser1, ou=People, dc=schule1, dc=gelsenkirchen, dc=edu
>>          mail:  testuser1 <at> schule1.gelsenkirchen.edu
>>    cn=testuser1, ou=People, dc=schule2, dc=gelsenkirchen, dc=edu
>>          mail:  testuser1 <at> schule2.gelsenkirchen.edu
>> 
>> Any idea how enode the subdomain in the pop3-login?

[..]

SP> care about the uid. The uid must be unique within your realm, but it
SP> does not have to be derived from any other data in the object. Unlike
SP> as for mail you can chose a scheme for this namespace. One possible
SP> scheme would be to simply use the same value for mail and uid. Other
SP> possible schemes are to use a percent sign instead of an at sign or
SP> a unique number. There are other possibilities and the choice it up
SP> to you to chose one that fits your environment.

Many thanks for your detailed information - now I am on the right
way. I was a little bit stuck with my thoughts of the same uid both in
dc=schule1 and dc=schule2 ...

Since I also need for certain tasks an unique system login and and smb-username
I realised that there is no other way than choosing a unique uid over all schools.

Another Argument is that there's a good possibility that two peoples
with the same Name get to the same school, think of 'Markus Müller',
so I'm forced to use numbers after the logigal username even in one
school. I choodes the shema:

        uid: <uname><rising number>

Thanks for your help.

--

-- 
Best regards,
 Malte                            mailto:malte.woelky <at> gmx.de