Ask Bjørn Hansen (a...@develooper.com)

User Information

Display Name:

Ask Bjørn Hansen

Partial Email Address:

a...@develooper.com

Posts:

538	total
4	in Class::DBI
1	in Dojo Tookit
9	in MogileFS
15	in Perl 5 Porters
35	in Perlbal
474	in qpsmtpd

5 Most Recent

All Posts

1) Ask Bjørn Hansen Re: qpsmtpd with TLS and AUTH

+1 vote

Tak Rasmus! Could you make the diff with "diff -u"? - ask

qpsmtpd

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

Tak Rasmus!

Could you make the diff with "diff -u"?


   - ask

--  
http://localrobot.com/

On Feb 18, 2010, at 14:18, Rasmus Skaarup <rasmus@gal.dk> wrote:

>
> Patch is attached. User can now choose between cram-md5 and plain  
> authentication. If no option is chosen, it defaults to cram-md5 -  
> which is backwards compatible.
>
> Br
> Rasmus Skaarup
>
> <auth_flat_file.patch>
>
>
>
> On 18/02/2010, at 22.45, Rasmus Skaarup wrote:
>
>>
>> Gmail apparently only supports AUTH PLAIN.
>>
>> But why their mail servers responds with "AUTH CRAM-MD5" and  
>> proceeds with a plain mechanism is not really playing nice.
>>
>> I added support for the plain mechanism in the auth_flat_file  
>> plugin (which was rather easy - why isn't this a selectable  
>> feature? Should I post a patch?) so my mail server now tells "AUTH  
>> CRAM-MD5 PLAIN" and Gmail now chooses "AUTH PLAIN" and  
>> authentication succeeds.
>>
>> Br
>> Rasmus
>>
>>
>> On 16/02/2010, at 18.33, Baltasar Cevc wrote:
>>
>>> Hi Rasmus,
>>>
>>>> ...
>>>> @400000004b7ac0e606cba59c 44729 running plugin (auth-cram-md5):  
>>>> auth::auth_flat_file
>>>> @400000004b7ac0e606cd9d84 44729 auth::auth_flat_file plugin:  
>>>> Authentication for: <secretuser@secretdomain.invalid>
>>>> @400000004b7ac0e606cfeb5c 44729 trying to get config for  
>>>> flat_auth_pw
>>>> @400000004b7ac0e606d51b7c 44729 auth::auth_flat_file plugin:  
>>>> passClear NOT defined
>>>> @400000004b7ac0e606d80594 44729 auth::auth_flat_file plugin:  
>>>> passHash defined: 5a8cf0b98d4e09d155f6cd64f5b708fb - <87e78.4b7ac0dc@denene.dvconsulting.dk 
>>>> > - 7a66033f5c7208945ad2c36b9e92100c
>>>> @400000004b7ac0e606db265c 44729 Plugin auth::auth_flat_file, hook  
>>>> auth-cram-md5 returned DENY, authflat/cram-md5 - wrong password
>>>> @400000004b7ac0e606de04bc 44729 535 Authentication failed for [email protected: m...@dvconsulting.dk] 
>>>>  - authflat/cram-md5 - wrong password
>>>> @400000004b7ac0e606e196cc 44729 Authentication failed for [email protected: m...@dvconsulting.dk] 
>>>>  - authflat/cram-md5 - wrong password
>>> ...
>>> I don't use the auth plugins myself, but maybe this general  
>>> information will help you as I've noticed the corresponding error  
>>> in your trace:
>>> If you want to use the MD5-mechanisms, you need a clear-text  
>>> password. Only plain and login will function with a password hash.  
>>> Be sure that your server only announces mechanims that are  
>>> supported for all users - the announcement takes place before the  
>>> user is known, thus if you have one single user without a  
>>> plaintext password, it would be unable to login otherwise (the  
>>> client would probably try CRAM-MD5 and then - by definition - fail  
>>> to authenticate).
>>>
>>> Cheers,
>>> Baltasar
>>>
>>> ((( Baltasar Cevc
>>>
>>>
>>> ) World wide web:
>>> # http://www.openairkino.net/ (a project for the local youth;  
>>> German only)
>>> # http://technik.juz-kirchheim.de/ (programming and admin projects)
>>> # http://baltasar.cevc-topp.de/ (private homepage)
>>> ) Phone:
>>> +49 178 691 22 33
>>> )
>>>
>>>
>>>
>>>
>>>
>>
>

2) Ask Bjørn Hansen Re: Switching to qpsmtpd, a few questions

+1 vote

Oh - your performance with qpsmtpd will certainly be better than what you have now then! ... and...

qpsmtpd

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Feb 17, 2010, at 8:28, Jost Krieger wrote:

>> If you do spamassassin and such, that will be the resource intensive
>> part. qpsmtpd might help over other MTAs though in filtering more of
>> the mail in cheaper ways first.
>
> Yes, we do. But that's already perl right now. The hardest thing is
> qmail-scanner as a qmail-queue wrapper. This forks a perl for every
> message that gets so far.

Oh - your performance with qpsmtpd will certainly be better than what you have now then!

> In fact, some of the policy filtering is hidden in the greylisting
> daemon, because there it's perl and doesn't fork.

... and the code cleaner. :-)

>>> 4. Is this the right place for bug reports about included plugins?
>>
>> Yup! Best form of bug reports are fixes in your github repository though. We also have a little-used bug tracker at http://code.google.com/p/smtpd/issues/list
>
> I've got to understand things a bit more before that ...

Obviously. :-) I'm just pointing it out because for many users qpsmtpd is more of a development platform than an application; so if you are going to do work based on it then you'll be better off starting with a git clone than a tar ball.

- ask

--
http://develooper.com/ - http://askask.com/

3) Ask Bjørn Hansen Re: Switching to qpsmtpd, a few questions

+1 vote

If you don't do any heavy processing (spamassassin or virus scanning basically) then ~20/second (or...

qpsmtpd

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Feb 17, 2010, at 3:41, Jost Krieger wrote:

> 1. How many SMTP sessions can be expected on commodity hardware under
> Linux (RedHat), with prefork?

If you don't do any heavy processing (spamassassin or virus scanning basically) then ~20/second (or whatever a million day works out to when your server is busiest) shouldn't be a problem.

If you do spamassassin and such, that will be the resource intensive part. qpsmtpd might help over other MTAs though in filtering more of the mail in cheaper ways first.

> 2. How fast is this (I've read Chris Lewis saying 300 sessions/sec)?

That doesn't sound unreasonable, but as soon as you add the spam filtering it goes down -- imagine even just 5 DNS lookups for blacklists and such and now you're also doing 1500 DNS lookups a second.

[...]
> 4. Is this the right place for bug reports about included plugins?

Yup! Best form of bug reports are fixes in your github repository though. We also have a little-used bug tracker at http://code.google.com/p/smtpd/issues/list

- ask

4) Ask Bjørn Hansen Re: Patching require_resolvable_fromhost

+1 vote

suggested, Thank you for making a git repository with the change; I pulled it into = my branch. -...

qpsmtpd

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Feb 6, 2010, at 12:41, Larry Nedry wrote:

> Here's my patch for require_resolvable_fromhost.  As Chris Lewis =
suggested,
> delaying rejection until the RCPT TO hook solved the problem.

Thank you for making a git repository with the change; I pulled it into =
my branch.

 - ask=

5) Ask Bjørn Hansen Re: Correct way to fix bugs

+1 vote

Hi Peter! You did the right thing; except it's better to send patches to the list than pull...

qpsmtpd

[ Profile | Reply to group ]

[ Flat Thread Threaded ]

On Jan 18, 2010, at 8:32, Peter J. Holzer wrote:

> In mid-November I found a bug in Qpsmtpd::config. I created issue 29 on
> Google Code (http://code.google.com/p/smtpd/issues/detail?id=29) and
> some time later checked a fix into my github repository and

Hi Peter!

You did the right thing; except it's better to send patches to the list than pull requests. (So have it in github, but also send the patches to the list for review).

It's basically just:

git format-patch HEAD^.. # or HEAD~5..HEAD~3 or whatever you need to specify the patch series
git send-email 000*

I think my concern with your change was if it was the right thing to do for configuration plugins (as you noted in a comment in your code, too).

- ask

--
http://develooper.com/ - http://askask.com/

Highlight

Profile | Posts (538)

Home > People > Ask Bjørn Hansen