qmail-smtpd-auth 0.31 review

Download
by rbytes.net on

qmail-smtpd-auth is a patch for qmail that enables it to support SMTP AUTH protocol with the following auth types: LOGIN, PLAIN and C

License: GPL (GNU General Public License)
File size: 8K
Developer: Krzysztof Dabrowski
0 stars award from rbytes.net

qmail-smtpd-auth is a patch for qmail that enables it to support SMTP AUTH protocol with the following auth types: LOGIN, PLAIN and CRAM-MD5. It's based on a previous patch by Mrs.Brisby that implemented LOGIN type. This version has some enhancements and allows easy adding of new auth methods.

If you want to learn more about SMTP AUTH itself, then visit my SMTP AUTH page.

This patch adds the ESMTP AUTH option to qmail-1.03, allowing the LOGIN, PLAIN, and CRAM-MD5 AUTH types. An appropriate checkpassword tool is necessary to support the authentication. See http://cr.yp.to/checkpwd.html for more information on the interface. Note that the checkpassword tool should support all of the AUTH types
advertised by qmail-smtpd.

As reflected in the modified qmail-smtpd(8) man page, qmail-smtpd must be invoked with three arguments: hostname, checkprogram, and subprogram. If these arguments are missing, qmail-smtpd will still advertise availability of AUTH, but will fail with a permanent error when AUTH is used.

hostname is simply used to form the CRAM-MD5 challenge. qmail-smtpd invokes checkprogram, feeding it the username and password, in the case of LOGIN or PLAIN, or the username, challenge, and response, in the case of CRAM-MD5. If the user is permitted, checkprogram invokes subprogram, which just has to exit with a status of 0 for the user to be authenticated. Otherwise, checkprogram exits with a non-zero
status. subprogram can usually be /usr/bin/true (or /bin/true, depending on your flavor of OS).

If the user is successfully authenticated, the RELAYCLIENT environment variable is effectively set for the SMTP session, and the TCPREMOTEINFO environment variable is set to the authenticated username, overriding any value that tcpserver may have set. The
value of TCPREMOTEINFO is reflected in a Received header.

What's New in This Release:
bug: AUTH PLAIN 334 response not RFC compliant. Reported by Mark Crispin
.
change: Set TCPREMOTEINFO environment variable to authenticated username. (Previously only set locally to qmail-smtpd.)

qmail-smtpd-auth 0.31 keywords