Koozali.org: home of the SME Server

Pop-before-SMTP

Nathan Fowler

Pop-before-SMTP
« on: April 13, 2002, 02:10:47 AM »
I've created some Perl code that grants users on the external network the ability to use the E-Smith server as a SMTP relay.  By default, only trusted networks are allows to use SMTP as a relay.  Opening up your SMTP relay to the world is a horrible idea and doing so will soon cause it to be abused by spammers.  When a user authenticates with the E-Smith POP3 server they are granted access to use the SMTP server for 10 minutes, after that they are removed and their rights to relay are revoked until they POP again.  This works with the Obtuse SMTP server, this has been tested on E-Smith 4.1.2

The program can be downloaded http://www.stickit.nu/pop-before-smtp/
The program must be run as root, the programs fork into the background in daemon mode.  There are two known programs like this out there but none that work well with the Obtuse SMTP server, I was forced to code my own.  If you have any questions please e-mail me and I will do my best to support you.

Before you try this program out, ensure you have /etc/smtpd_check_rules , this is the Obtuse SMTPD allow/deny configuration file (for lack of a better word).  This is still in a beta stage but it is believed to be bug free.

Nathan Fowler

chris meredith

Re: Pop-before-SMTP
« Reply #1 on: April 13, 2002, 05:50:06 AM »
Nice!  Works great on my hacked up 5.x install.  I put a symbolic link to /var/spool/smtpd/etc/smtpd_check_rules at /etc/smtpd_check_rules .  Not sure if it was even necessary, but I did it just in case.

Thanks, I had been looking for something like this.

Nathan Fowler

Re: Pop-before-SMTP
« Reply #2 on: April 13, 2002, 07:21:17 AM »
I just released a new version, I found a bug with the log files and reporting an incorrect local time, I won't get into the nitty-gritty of it, but the updated version is on the website.  Chris Meredith, you may want to go ahead and update.  Thanks for the positive feedback, let me know if you encounter any additional bugs along the way.

Nathan

Tom Carroll

Re: Pop-before-SMTP
« Reply #3 on: April 13, 2002, 11:29:17 PM »
Nathan, can you post something to the dev-info mailing list about your contribution?

There has been some discussion lately about this very topic and if it turns out to be a good solution, it could very well be incorporated into the next release of SME or later.  If it is not incorporated, either Mitel or one of the developers may be willing to host your contribution on their web site.

In any case, it would allow the development community to review and/or test it and provide you feedback on any issues that may be related to security.  The folks in the dev-info area are quite knowledgable when it comes to the inner workings of SME.

I look forward to looking over your work and certainly need something like this for myself.

Thanks!

Tom Carroll
Dataware Computers

Nathan Fowler

Re: Pop-before-SMTP
« Reply #4 on: April 14, 2002, 12:04:20 AM »
Sure, can you slap me a URL, I was unable to locate it on the main page, possibly because I didn't look hard enough.  I've been working with E-Smith for about two years now and love it, my version is so hacked it probably looks nothing like a vanilla distribution.  I'm glad you see the potential for this application, I would be more than happy to post it on the development site.  The real beauty of it is it does not require patching of binaries.  Based on about 2 days worth of research I found that there isn't a real solution to this issue, and those solutions present don't readily work with Obtuse SMTP.

Nathan Fowler

Maarten

Re: Pop-before-SMTP
« Reply #5 on: April 14, 2002, 02:24:04 AM »
http://www.e-smith.org/developers/

For all mailing list functions, simply send a message to the appropriate email address. The subject line and body can be left blank.


*To subscribe, send a message to devinfo-subscribe@lists.e-smith.org
*To unsubscribe, send a message to devinfo-unsubscribe@lists.e-smith.org
*For a summary of mailing list functions, send a message to devinfo-help@lists.e-smith.org
*For any other questions about the mailing list, send a message to devinfo-owner@lists.e-smith.org

Tom Carroll

Re: Pop-before-SMTP
« Reply #6 on: April 14, 2002, 02:33:54 AM »
Ah, Maarten got to it before me. :)

Bill Talcott

IMAP-before-SMTP?
« Reply #7 on: April 18, 2002, 07:17:39 PM »
Is it possible to do something like this with IMAP? We use IMAP and have a few remote users that could really benefit from something like this...

Nathan Fowler

Re: IMAP-before-SMTP?
« Reply #8 on: April 19, 2002, 04:38:48 AM »
Sure, it's definately possible and just as easy.  Would you like me to code an IMAP-before-SMTP daemon for you?

Nathan Fowler

Re: IMAP-before-SMTP?
« Reply #9 on: April 20, 2002, 08:34:02 AM »
Bill, I went ahead and created your IMAP-before-smtp code.  New versions are available at http://www.stickit.nu/pop-before-smtp

I now support:
IMAP-before-SMTP
POPssl-before-SMTP
POP-before-SMTP

I've also modified the universal smtp-cleanup script to work with all versions, note that you may also run multiple different daemons on the same machine at the same time with no problems, such as IMAP, POP, and POPssl support while only needing to invoke the smtp-cleanup script once.

As always, let me know if you encounter any problems.

Nathan Fowler
evilghost@stickit.nu

Bill Talcott

Re: IMAP-before-SMTP?
« Reply #10 on: April 22, 2002, 08:08:20 PM »
Thanks, this should make things a lot easier for our remote users.

Could you (or someone else) do a writeup for us Linux newbies? Telling exactly what we would have to add/remove/change from a vanilla install to get this working? I'm not quite sure what needs to go where, and how to make it run automatically.

Thanks again for this,
Bill

Nathan Fowler

Re: IMAP-before-SMTP?
« Reply #11 on: April 22, 2002, 08:56:22 PM »
Certainly.  It's quite simple:

Login to your E-Smith box as root from the console.  If you are not familar with the way you should to this, simply do the following:

Hit [Alt]-[F2]
Login as root.
Enter the root password.

Do the following steps in exact order.
cd /root
wget --tries=3 -nc -c -nd -r --level=1 "http://www.stickit.nu/pop-before-smtp/install.sh"
chmod 700 install.sh
pico -w install.sh     'Note that you must edit this file and save your changes!
./install.sh

If you have any problems let me know.

Nathan Fowler

Re: Check for a working installation
« Reply #12 on: April 23, 2002, 01:03:05 AM »
After running the install script (See above post 04-22-02 11:56), you should verify that the installation was successful.  At the console type:

ps -aux|grep /var/pop

You should see some running instances of the program...if you do not the installation failed.  Also type:

ls /var/pop-before-smtp

You should see the following files:
pop-before-smtp
popSSL-before-smtp
imap-before-smtp
smtp-cleanup

If you do not the installation failed.


Also,
cat /etc/rc.d/rc.local |grep /var/pop-before-smtp
You should see some declarations for calling the daemons you selected, if you do not, chances are you were not root when you logged in.

To kill the processes, simply kill the PID's.  It is not recommended that you kill -9 them, but gracefully kill the, doing a -9 (SIGHUP I believe) can cause the smtpd_check_rules to become corrupted.  If they do, don't panic, they are very eays to recover from template.  If they corrupt let me know and I'll give you the command.

To view your log files simply cat out the contents located in /var/pop-before-smtp

For those of you that installed it, please kick me an email over to evilghost@stickit.nu I'd like to see how many folks are running it.

Bill Talcott

Re: Check for a working installation
« Reply #13 on: April 23, 2002, 01:43:13 AM »
It looks good according to the commands you listed, and it seemed to work when I did a quick test from an outside ISP. I'm going to do some more testing and make sure, but everything looks good so far.

If the need should ever arise, how would this be uninstalled?

Nathan Fowler

Re: Check for a working installation
« Reply #14 on: April 23, 2002, 07:38:45 PM »
To uninstall the program simply run the following as root:

#Kill the PID's of the pop-before-smtp programs:
kill ps -aux |grep /var/pop |awk '{print $2}' > /dev/null

#Remove the pop-before-smtp directory:
rm -rf /var/pop-before-smtp

#Remove the bottom lines in rc.local that call the /var/pop-before-smtp programs
# and save the file:
pico -w /etc/rc.d/rc.local

That's it :)

Nathan

Italo Masiello

Re: Check for a working installation
« Reply #15 on: April 24, 2002, 07:18:58 PM »
I installed it on a e-smith 5.1.2 server and the installation went fine, except that after the first email test I ran, the successive ones failed. I don't think I missed something in the installation since it worked the first time, but I don't understand why it stopped working. Nathan, do you know what it is?
Thanks

Italo Masiello

Re: Check for a working installation
« Reply #16 on: April 24, 2002, 07:30:12 PM »
Nevermind Nathan, I understood!
I run the command "ps -aux|grep /var/pop" and saw that only 2 out of the 3 instances were running. So I waited a few minutes, retried again, and POPed another test email...this time it went fine. So I guess you have to wait a certain amount of time before you can resend again. I am correct?

Anyway, thanks a bunch! great script!

Nathan Fowler

Re: Check for a working installation
« Reply #17 on: April 24, 2002, 07:35:43 PM »
Well, the way the program works is after you POP you are granted access to the SMTP server with relay rights for 10 minutes.  When your IP's time has expired it is removed from the SMTP configuration and your rights to the SMTP server to relay are denied.  What this means is:

If you POP, compose an email (during which 10 minutes pass), and attempt to send that mail it will fail because your IP has expired.

This may have been the scenario that you described.  There shouldn't be any "waiting" period, changes should be instantenous (spelling?).

Some clients natively support POP-before-SMTP, others have to be told.  If you are using Outlook/Outlook Express check for an option that says "Check for mail before sending" or something along those lines.  I believe Eudora has a pop-before-smtp option as well.

Thanks for the positive feed-back, I'm glad this script is working for you.  If you continue to have problems let me know, I'll be more than happy to help you on a 1-on-1 basis.

Nathan

Nathan Fowler

New Version
« Reply #18 on: May 02, 2002, 09:09:35 AM »
Bill Talcott was nice enough to point out an assumption that I had made about the local network, assuming it was 192.168.1.0/24, this was completely my fault, when I design code I do it for my system and if there is a need I release it to the public.  I've since then redesigned the code to grab the Local netmask and IP and build a local network filter.  If you are using old versions before MAY 01, 2002 please update at this time.

To update:
Just kill the PID's of the running programs.
Download the contents of http://www.stickit.nu/pop-before-smtp to /var/pop-before-smtp overwriting the existing contents...

Abe Loveless

Re: New Version
« Reply #19 on: May 03, 2002, 10:50:15 AM »
Nathan,

I'm getting ready to give your script a try.  One question though, I've got almost 2,000 users.... any idea how much all these extra daemons are going to load down my server??  (Of course, all my users feel they need to POP their e-mail every minute or two.)

I'm taking a leap of faith, switching my main e-mail server from NTMail to SME 5.1.2.  I haven't seen any posts from people with this kind of a user load, so I don't really know what'll happen anyway.

Thanks,
Abe

Abe Loveless

Re: New Version
« Reply #20 on: May 03, 2002, 10:59:27 AM »
Also, is this added to the template system?  Or the next time I do something to the server that requires a console-save or will I need to re-install the script?


Thanks again
Abe

Actually, I just installed it, so I guess I'll deal with it one way or another.

Nathan Fowler

Re: New Version
« Reply #21 on: May 03, 2002, 05:00:36 PM »
Abe,
That is a good question, the script isn't really as intensive as one would think, I'm using it on about 50+ users and I don't notice any type of problems.  I wouldn't say it's resource intensive as all.  It's simply tailing the /var/log/secure and watching for connections, then adding them to the smtpd_check_rules file.  I guess the only thing that would be intensive is if there was a massive flood of unique POP requests, then File IO would increase to handle each individual IP, but as far as processor utilization, this should always be minimal.

As far as a console save destroying the pop-before-smtp:
Because the script is installed in it's own directory, and is called from rc.local (a non-templated file), you shouldn't have any issues with making system changes and losing the pop-before-smtp configuration.

Hope this answered your question,
Nathan Fowler
evilghost@stickit.nu

Tom Carroll

Re: New Version
« Reply #22 on: May 06, 2002, 08:30:57 AM »
Nathan, to allow for the maximum flexibility, can I run both popSSL-before-smtp and imap-before-smtp at the same time?

Thanks!

Tom Carroll
Dataware Computers

Tom Carroll

Re: New Version
« Reply #23 on: May 06, 2002, 08:32:30 AM »
Ah, nevermind, I found my answer several posts back... :)

Tom Carroll
Dataware Computers

Nathan Fowler

Re: Possible problems with Logrotate
« Reply #24 on: May 08, 2002, 06:16:12 PM »
Evidently when logrotate successfully runs it temporarily breaks X-before-smtp because the tail -f /var/log/messages or /var/log/secure is broken.  This requires a restart of the x-before-smtp services.  Do you guys know of any work arounds or fixes?  My first thoughts are to create another cron.daily job that simply kills and restarts the services but I'm not sure if this will do what we need it to.

Thanks,
Nathan

Bala

Re: Possible problems with Logrotate
« Reply #25 on: May 09, 2002, 09:05:17 PM »
Nathan

Thanks for your script... It works fine for me ....and around 10 users...

Thanks again.

BaLa

Nathan Fowler

Re: Possible problems with Logrotate
« Reply #26 on: May 09, 2002, 10:49:39 PM »
Anytime, I'm glad you like it.  It is nice to be able to give back to the community when you have the chance.  Let me know if you find any problems,

Nathan

Franco

Re: Pop-before-SMTP
« Reply #27 on: May 13, 2002, 10:40:05 PM »
Thank you very much for the development of this script.  Been looking into setting up a mail server using Esmith, but this feature was missing.  Keep up the good work!

Nathan Fowler

Re: Thanks
« Reply #28 on: May 13, 2002, 10:51:18 PM »
Thanks for the positive feedback, glad you were able to move over to E-Smith as a result of this script.  Let me know if you have any problems, I would be more than happy to help you out.

Nathan

David Stanton

Re: Possible problems with Logrotate
« Reply #29 on: May 14, 2002, 02:00:44 AM »
Greetings. I installed the pop before smtp, and it puts the correct pop'd addresses in the log file, however since I'm behind a router all the obtuse daemon can see is the router's IP address. Does anyone know a way around this or am I just missing something easy?

Nathan Fowler

Re: Possible problems with Logrotate
« Reply #30 on: May 14, 2002, 02:03:28 AM »
Is the router doing port forwarding on 25 to the E-Smith box?

David Stanton

Re: Possible problems with Logrotate
« Reply #31 on: May 14, 2002, 02:14:33 AM »
Yep, If I force the email address in to the config file:

allow:192.168.1.1:remoteuser@mydomain.xxx:ALL

The remoteuser@mydomain.com can use smtpd from outside the trusted network. I set the IP to ensure that the daemon thinks the mail is coming from 192.168.1.1

The default setup by e-smith is

allow:192.168.1.1:ALL:*@mydomain.com
noto:192.168.1.1

so it will allow incoming for all your virtual domains then disallow anything else from the router.

Nathan Fowler wrote:
>
> Is the router doing port forwarding on 25 to the E-Smith box?

Nathan Fowler

Re: Port Forwarding with a Router
« Reply #32 on: May 14, 2002, 08:44:53 AM »
David, I was going to address this outside of the forum but your mailer daemon bounced the message.  Your configuration offers several severe security concerns.

First of all, by forwarding 192.168.1.1 and setting the smtpd_check_rules
to default allow smtp relay access you are defeating the purpose of
smtpd_check_rules and opening yourself to become a public relay.  You will
soon be abused by spammers.

Secondly, why use a router to begin with.  E-Smith acts as a rather robust,
efficient, and secure router.  The use of another hardware router isn't
really necessary nor is it any more secure.  Most embedded routers are
actually less secure (Cisco IOS, NetGear, LinkSys, etc).

If you are truly going to be a production server or e-mail server it's
really in your best interest to use E-Smith as your primary interface.  There really is no advantage to using a router as a front-end and in this case is actually making your network less secure.  If it's a wireless router you could always place it behind the E-Smith box and retain the same functionality.

Hope this helped.  The flaw isn't in the configuration of E-Smith or the
script itself but rather your network configuration.

Nathan

Jim Gonzales

Re: New Version
« Reply #33 on: May 18, 2002, 12:19:21 AM »
I don't know if this has been covered already - I searched and couldn't find any references to it...

It looks like the imap-before-smtp (maybe even pop-before-smtp, but I don't use it) is storing the wrong time in the imap-before-smtpd.log file.  It's tagging each entry with the time the daemon originally started.

I think things will work as expected if you change line 67 from

$time = $date;

to

$time = localtime();

It looks like $date was being initialized once outside of the driving while loop, and therefore never got updated in realtime.

Nathan Fowler

Re: New Version
« Reply #34 on: May 18, 2002, 12:25:56 AM »
Yeah, I found that on 5/02/2002 and updated it in the new version.  Also added some other features, make sure you update.

Nathan

Nathan Fowler

Re: New Version
« Reply #35 on: May 18, 2002, 12:28:33 AM »
Hah, Jim nevermind.  I thought I fixed it but I never did.  You are exactly correct.  I'll take care of updating it now, thanks!

Nathan Fowler

Re: Another New Version
« Reply #36 on: May 18, 2002, 12:35:15 AM »
Thankfully, Jim Gonzales reported a stupid mistake on my end that caused the Time/Date stamping of the events to be the time/date the daemon itself was spawned.  I have corrected these issues and published a new version of the code on http://www.stickit.nu/pop-before-smtp , it is strongly recommended that you update at this time.  Jim, if I didn't say it before, thank you for reporting these issues.  I'm supprized I never noticed it but I very rarely check the logs.

If you guys have any issues updating let me know.  Basically all you need to do is kill the pop-before-XXX processes, downoad and overwrite the new binaries.

If you have any problems let me know.  You know an RPM sure would be nice, perhaps I'll have to look into creating one.

Jim Gonzales

Re: Another New Version
« Reply #37 on: May 18, 2002, 03:03:16 AM »
Nathan - I'm glad to help, and thank *YOU* for providing the script.

Jim

dsweet

Re: Another New Version
« Reply #38 on: May 20, 2002, 05:05:58 AM »
Nathan,
I am rather new to additions to the server, however I am looking to provide external email from my e-smith box. Is there an instruction on "how to" install the script to a current 5.12 e smith box. Thank you D.Sweet

Nathan Fowler

INSTALLATION AND UNINSTALLATION INSTRUCTIONS
« Reply #39 on: May 20, 2002, 08:26:17 AM »
Installation Instructions:
Login to your E-Smith box as root from the console. If you are not familar with the way you should do this, simply do the following:

Hit [Alt]-[F2]
Login as root.
Enter the root password.

Do the following steps in exact order:
cd /root
wget --tries=3 -nc -c -nd -r --level=1 "http://www.stickit.nu/pop-before-smtp/install.sh"
chmod 700 install.sh
pico -w install.sh 'Note that you must edit this file and save your changes!
./install.sh

After running the install script you should verify that the installation was successful. At the console type:

ps -aux --cols=900|grep before-smtp
ps -aux --cols=900|grep smtp-cleanup

You should see some running instances of the program...if you do not the installation failed to spawn the daemons, are you root?

Also type:

ls /var/pop-before-smtp

You should see the following files:
pop-before-smtp
popSSL-before-smtp
imap-before-smtp
smtp-cleanup

If you do not the installation failed, were you root?

Also,
cat /etc/rc.d/rc.local |grep /var/pop-before-smtp

You should see some declarations for calling the daemons you selected, if you do not, chances are you were not root when you logged in.
To kill the processes, simply kill the PID's. It is not recommended that you kill -9 them, but gracefully kill the, doing a -9 (SIGHUP I believe) can cause the smtpd_check_rules to become corrupted. If they do, don't panic, they are very eays to recover from template. If they corrupt let me know and I'll give you the command.

To view your log files simply cat out the contents located in /var/pop-before-smtp


Uninstallation Instructions (Not recommended ;o )
To uninstall the program simply run the following as root:

#Kill the PID's of the pop-before-smtp programs:
kill ps -aux --cols=900|grep before-smtp|awk '{print $2}' > /dev/null
kill ps -aux --cols=900|grep smtp-cleanup|awk '{print $2}' > /dev/null

#Remove the pop-before-smtp directory:
rm -rf /var/pop-before-smtp

#Remove the bottom lines in rc.local that call the /var/pop-before-smtp programs
# and save the file:
pico -w /etc/rc.d/rc.local

That's it :)

If you have any questions let me know,

Nathan Fowler
evilghost@stickit.nu

dsweet

Re: INSTALLATION AND UNINSTALLATION INSTRUCTIONS
« Reply #40 on: May 20, 2002, 09:28:32 AM »
below is what happened in doing the install - it appears to have run correctly - but I have not been outside the LAN to check mail yet. I will advise if it does not work and see what corrections need to be done.
Thank you for the help,
Dsweet


login: root
Password:
   UW PICO(tm) 4.0                File: install.sh                   Modified
   UW PICO(tm) 4.0                File: install.sh                   Modified

#!/bin/bash
# Directons:
# Simply uncomment the daemons you wish to run, then execute this script.

echo Creating the POP-Before-SMTP directory
mkdir /var/pop-before-smtp
cd /var/pop-before-smtp
wget --tries=3 -nc -c -nd -r --level=1 "http://www.stickit.nu/pop-before-smtp"
rm -rf  /var/pop-before-smtp/*.gif  /var/pop-before-smtp/????  /var/pop-before-
chmod 700 /var/pop-before-smtp/*


# Uncomment the daemons you wish to run here.  Note that smtp-cleanup
# is required!

#echo /var/pop-before-smtp/imap-before-smtp >> /etc/rc.d/rc.local
echo /var/pop-before-smtp/pop-before-smtp >> /etc/rc.d/rc.local
#echo /var/pop-before-smtp/popSSL-before-smtp >> /etc/rc.d/rc.local
echo /var/pop-before-smtp/smtp-cleanup >> /etc/rc.d/rc.local

                               [ Wrote 29 lines ]

[root@web-e-smith /root]# ./install.sh
Creating the POP-Before-SMTP directory
--00:16:16--  http://www.stickit.nu/pop-before-smtp
           => pop-before-smtp'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.stickit.nu/pop-before-smtp/ [following]
--00:16:16--  http://www.stickit.nu/pop-before-smtp/
           => index.html'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K -> .

00:16:16 (1.16 MB/s) - index.html' saved [1221]

Loading robots.txt; please ignore errors.
--00:16:16--  http://www.stickit.nu/robots.txt
           => robots.txt'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 404 Not Found
00:16:17 ERROR 404: Not Found.

--00:16:17--  http://www.stickit.nu/icons/blank.gif
           => blank.gif'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 148 [image/gif]

    0K ->                                                        [100%]

00:16:17 (144.53 KB/s) - blank.gif' saved [148/148]

--00:16:17--  http://www.stickit.nu/pop-before-smtp/?N=D
           => ?N=D'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K -> .

00:16:17 (1.16 MB/s) - ?N=D' saved [1221]

--00:16:17--  http://www.stickit.nu/pop-before-smtp/?M=A
           => ?M=A'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K -> .

00:16:17 (1.16 MB/s) - ?M=A' saved [1221]

--00:16:17--  http://www.stickit.nu/pop-before-smtp/?S=A
           => ?S=A'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K -> .

00:16:18 (1.16 MB/s) - ?S=A' saved [1221]

--00:16:18--  http://www.stickit.nu/pop-before-smtp/?D=A
           => ?D=A'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K -> .

00:16:18 (1.16 MB/s) - ?D=A' saved [1221]

--00:16:18--  http://www.stickit.nu/icons/back.gif
           => back.gif'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 216 [image/gif]

    0K ->                                                        [100%]

00:16:18 (105.47 KB/s) - back.gif' saved [216/216]

File index.html' already there, will not retrieve.
--00:16:18--  http://www.stickit.nu/icons/text.gif
           => text.gif'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 229 [image/gif]

    0K ->                                                        [100%]

00:16:18 (111.82 KB/s) - text.gif' saved [229/229]

--00:16:18--  http://www.stickit.nu/pop-before-smtp/INSTALL.html
           => INSTALL.html'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 2,866 [text/html]

    0K -> ..                                                     [100%]

00:16:19 (26.16 KB/s) - INSTALL.html' saved [2866/2866]

--00:16:19--  http://www.stickit.nu/icons/unknown.gif
           => unknown.gif'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 245 [image/gif]

    0K ->                                                        [100%]

00:16:19 (119.63 KB/s) - unknown.gif' saved [245/245]

--00:16:19--  http://www.stickit.nu/pop-before-smtp/imap-before-smtp
           => imap-before-smtp'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 3,288 [text/plain]

    0K -> ...                                                    [100%]

00:16:19 (26.11 KB/s) - imap-before-smtp' saved [3288/3288]

--00:16:19--  http://www.stickit.nu/icons/script.gif
           => script.gif'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 242 [image/gif]

    0K ->                                                        [100%]

00:16:20 (236.33 KB/s) - script.gif' saved [242/242]

--00:16:20--  http://www.stickit.nu/pop-before-smtp/install.sh
           => install.sh'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 982 [application/x-sh]

    0K ->                                                        [100%]

00:16:20 (958.98 KB/s) - install.sh' saved [982/982]

--00:16:20--  http://www.stickit.nu/pop-before-smtp/pop-before-smtp
           => pop-before-smtp'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 3,424 [text/plain]

    0K -> ...                                                    [100%]

00:16:20 (25.72 KB/s) - pop-before-smtp' saved [3424/3424]

--00:16:20--  http://www.stickit.nu/pop-before-smtp/popSSL-before-smtp
           => popSSL-before-smtp'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 3,547 [text/plain]

    0K -> ...                                                    [100%]

00:16:21 (26.04 KB/s) - popSSL-before-smtp' saved [3547/3547]

--00:16:21--  http://www.stickit.nu/pop-before-smtp/smtp-cleanup
           => smtp-cleanup'
Connecting to www.stickit.nu:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 2,219 [text/plain]

    0K -> ..                                                     [100%]

00:16:21 (54.17 KB/s) - smtp-cleanup' saved [2219/2219]


FINISHED --00:16:21--
Downloaded: 23,511 bytes in 16 files
All done.
Installed in /var/pop-before-smtp
[root@web-e-smith /root]# ps -aux --cols=900|grep before-smtp
root      6731  0.0  0.3  3120 1724 pts/0    S    00:16   0:00 perl /var/pop-be
ore-smtp/smtp-cleanup
root      6734  0.0  0.1  1740  600 pts/0    R    00:17   0:00 grep before-smtp
[root@web-e-smith /root]# ps -aux --cols=900|grep smtp-cleanup
root      6731  0.0  0.3  3128 1732 pts/0    S    00:16   0:00 perl /var/pop-be
ore-smtp/smtp-cleanup
root      6737  0.0  0.1  1740  604 pts/0    S    00:18   0:00 grep smtp-cleanu
[root@web-e-smith /root]# ls /var/pop-before-smtp
imap-before-smtp  pop-before-smtp     smtp-cleanup
IP                popSSL-before-smtp  smtp-cleanup.log
[root@web-e-smith /root]# cat /etc/rc.d/rc.local |grep /var/pop-before-smtp
/var/pop-before-smtp/pop-before-smtp
/var/pop-before-smtp/smtp-cleanup
[root@web-e-smith /root]#

Nathan Fowler

May 28 - NEW VERSION, FIXED PROBLEMS WITH LOGROTATE
« Reply #41 on: May 28, 2002, 10:09:55 PM »
New versions of pop-before-smtp, imap-before-smtp, and popSSL-before-smtp have been published, using the tail --follow=name I am able to tail the file based on the name, not file descriptor.  This is necessary because when logorotate is successfully run it renames the file, and tail begins following the renamed file.  This causes the code to "break" because the renamed logfile is no longer active.  The code has been updated and republished, it is strongly recommended that you update at this time.  This should be the solution to the logrotate problems as posted on 05/08/2002.

I have also created a "stop_daemons" script which will quickly stop all XXX-before-smtp services with a single script.

If you do not know how to update please let me know.
As always, please report any bugs.
Thanks,

Nathan Fowler

Pablo Linares

POP-BEFORE-SMTP Config
« Reply #42 on: May 30, 2002, 07:11:22 PM »
Hi all!
Maybe a stupid question.
Will the SMTP-BEFORE-SMTP configuration and daemons remain untouched and active after modifing something through "Configure This Server"?
Since I believe all templates and configuration file are re-created using the new templates you picked.

If this is the case, what should be the procedure to include pop-before-smtp into the custom templates folder, as the message that explain how to modify the httpd template to change the listening port of apache (wich will not return to 80 after modifying the sys configuration)

Thanks a lot!

Nathan Fowler

Re: POP-BEFORE-SMTP Config
« Reply #43 on: May 30, 2002, 07:36:19 PM »
I think you're a bit confused, so let me help clarify things:

Pop-before-smtp doesn't rely on anything dealing with the Apache.
The modification of system parameters and templates will not affect the pop-before-smtp daemons.  No templated files are modified by pop-before-smtp, therefore when a template is expanded no changes are overwritten that affect pop-before-smtp (excluding the smtpd_check_rules but since these are dynamically updated and changed by the pop-before-smtp daemons this file being re-expanded doesn't matter at all.  If a custom template was used with pop-before-smtp, well lets just say it wouldn't work).

The only system file updated statically by pop-before-smtp is /etc/rc.d/rc.local during the install, which is not templated.

Again, since pop-before-smtp does not rely on any templated files the use of a custom template is not required, actually there is no place for a custom template to perform the type of action that the pop-before-smtp daemons perform.

Hope this helped,

Nathan

pk

Re: POP-BEFORE-SMTP Config
« Reply #44 on: June 02, 2002, 05:42:37 AM »
Hi Nathan;

First I would like to thank you for all the work you have done with popb4smtp.

I have a newbie question...super basic, but I want to make sure I am doing this right.

In order for the scripts to work, it is necessary to change the Pop and imap server access from private to public? Right?

I did not notice that in the instructions...probably a no brainer since you need to allow public access, but want to verify that a required step.

If that is a required step, are there any secuirty considerations? As you know, the manual makes an issue of this.

http://www.e-smith.org/docs/manual/5.1/admin-otheremailsettings.html

The statment does not see like a big deal to me...but should there be any concerns?

FWIW, I changed the setting to public and tailed the pop-before-smtp, maillog and cleanup log...and all looks like it works great.

Thanks...Paul

pk

Re: POP-BEFORE-SMTP Config
« Reply #45 on: June 02, 2002, 10:22:27 PM »
Hmmmm, I may have typed too soon. a few hours later popb4smtp stopped working...I was -t the pop-before-smtp, maillog and cleanup log. Requests where passing through as mail was being checked, but then it stopped, no new entries, I tried a reboot....but remote email continued to fail.

I posted a new message here

http://forums.contribs.org/index.php?topic=4442.msg15426#msg15426

as to what I am trying to accomplish...maybe I am just going about this the wrong way.

anyway, I plan to remove popb4smtp and reinstall and see what happens

Thanks
Paul

Nathan Fowler

JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "POPP
« Reply #46 on: June 07, 2002, 04:54:40 AM »
New versions of pop-before-smtp, imap-before-smtp, and popSSL-before-smtp have been published, fixing an issue with frequent poppers.  These update daemons were published on June 06, 2002:

A file, the name being the IP address of the client is created when a client
connects.  The time/date stamp of that file is used in the smtp_cleanup program and is assigned a date/time when the file is created.  When the time/date stamp of the IP file + 10 minutes is less than NOW the file is deleted.  Since some clients are connecting so frequently, here is the delimma:

A client connects at 3:30, 3:33, 3:36, 3:39, 4:41
The IP file is created on 3:30
The IP file is deleted on 4:40

If the client has not popped since 4:40 they will get the denied error message because the time/date stamp of the IP file still reads 3:30 despite the fact that they are frequently connecting.  The code has been updated to refresh the time/date stamp on an IP file that already exists.

The code has been updated and republished, it is strongly recommended that you update at this time.  Special thanks to Paul (pk) for working with me on this and pointing out this bug.

If you do not know how to update please let me know.
As always, please report any bugs.
Thanks,

Nathan Fowler

Daley Lay

Re: JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "
« Reply #47 on: June 07, 2002, 06:46:06 AM »
Hi There,

If i have installed smtpd_check_rules from myezsrerver.com, can i install this???

pk

Re: JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "
« Reply #48 on: June 07, 2002, 06:51:23 AM »
Daley;

My understanding is YES, you can install...I have installed and believe that it works good in conjunction with pop-beforep-smtp

Daley Lay

Re: JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "
« Reply #49 on: June 07, 2002, 07:00:14 AM »
Hi PK,

Shd i download is from http://www.stickit.nu/pop-before-smtp/
? and is that any rpm version?

Nathan Fowler

Re: JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "
« Reply #50 on: June 07, 2002, 07:00:24 AM »
Daley, yes.  As a matter of fact, I have installed that exact same package. :)

Nathan Fowler

Re: JUNE 06, NEW VERSION, FIXED PROBLEM WITH FREQUENT "
« Reply #51 on: June 07, 2002, 07:05:28 AM »
Negative on the RPM for now, I just don't have the time.  Yes the URL you posted is the correct source for the installation.

Hope this helped,
Nathan