13.3 Testing Your POP Server

The easiest way to test the POP server is to connect to it with your favorite MUA. Can you retrieve mail? If so, congratulations.

If the POP server doesn't work, check the log file /service/qmail-pop3d/log/main/current if that file exists. If it doesn't exist, multilog isn't running, probably due to a protection error or typo in the log/run file, so do a ps and look for clues in the readproctitle line. If the log file exists, it may contain a diagnostic message that identifies the problem. If this doesn't work, check each installation step to diagnose the problem. There are two major categories of problems. Either you can connect to the POP server and then "something" goes wrong or you cannot connect to the POP server at all.

13.3.1 You Cannot Connect to the POP Server

If you cannot connect to the POP server at all but the other parts of qmail are running, it is likely that there's a typo or protection error in the run file.

As root run:

# svstat /service/qmail-pop3d /service/qmail-pop3d/log

You should see something like this:

/service/qmail-pop3d: up (pid 37197) 5021 seconds /service/qmail-pop3d/log: up (pid 37198) 5022 seconds

showing "up" as the status for both. If not, check the permissions and contents of the failing run file.

13.3.2 You Can Connect, but Then Something Fails

This is actually a good sign as it means that the supervise processes are running and the run scripts are at least partially correct. There are two primary reasons for a connection starting and then failing; a good way to find out the precise nature of the problem is to use telnet to manually step through the POP session to see exactly what happens.

First connect to the POP server with telnet like this:

telnet localhost 110

(If the POP server is running on a particular IP address or different port, telnet to the appropriate place.) After a few seconds you should see a banner from the POP server, something like this:

Connected to example.com. Escape character is '^]'. +OK <54559.982199402@example.com>

If you don't get the "+OK" line, then check the run script for typos. Most likely the qmail-popup line is wrong in some way. If that looks right check that the tcprules (/service/popd/rules.cdb) has been created with the correct entries.

If you receive the +OK line, tcpserver has successfully started qmail-popup. The next step is to try and log in by entering the login and password like this:

USER yourlogin PASS yourpassword

(Substitute a valid login and password for "yourlogin" and "yourpassword.")

If the output is like this:

-ERR authorization failed Connection closed by foreign host.

and you are sure you entered the login and password correctly, then the problem is likely to be that checkpassword is unable to check the login and password.

For debugging purposes, run it directly from the shell:

# perl -e 'printf "someuser\000topsecret\000123456\000"'>foo # ./checkpassword sh 3<foo $ id uid=174(someuser) gid=84(somegroup) groups=84(somegroup) $ pwd /home/someuser $

The input to checkpassword is on file descriptor 3, consisting of a username, password, and timestamp, or other added info, each terminated by a null byte. (The standard version of checkpassword ignores the contents of the timestamp, but the field has to be present.) In this example, the Perl line puts the input into a file. Be sure to put double quotes inside single quotes. Then, as superuser, so it can change to another user ID, run checkpassword opening the file on descriptor 3, and tell it to run the shell as the next program. Then use id and pwd to verify that the user, group, and home directory are correct. This test isn't very useful for the standard version of checkpassword but can be a major timesaver when you're debugging a custom version for a POP toaster, as I explain later in this chapter.

POP Servers and POP-before-SMTP

The POP-before-SMTP relay control scheme, discussed in Chapter 7, requires a few extra items in the listening script in order to track the IP addresses from which users have logged in for POP mail. The modified version of the listening script with the extra steps is described in Chapter 7.


Qmail and LDAP

Lightweight Directory Access Protocol (LDAP) is the most common system used to handle address book-style data shared over a network. It's far more complex than what qmail needs to drive a POP toaster, but for organizations that already use LDAP to keep the company directory, qmail-ldap at http://www.nrg4u.com/ (described in "Life with qmail-ldap" at http://www.lifewithqmail.org/ldap/) does a good job of integrating qmail with LDAP. The LDAP directory keeps all of the information for user accounts such as its email addresses, the username, what host it's on in a clustered system, and a variety of qmail-like delivery options such as deliver to a Maildir, forward to another address, or run a program.

Installing and integrating qmail-ldap is considerably more work than any of the other patches mentioned in this book, both because the LDAP directory has to be adjusted to include the fields that qmail-ldap needs, and because the patch itself is very extensive and has a lot of options that the system manager needs to understand and configure. The patch does work, and it's reported to be in use in mail systems that support millions of users, so for a really big system, it's definitely worth a look.




qmail
qmail
ISBN: 1565926285
EAN: 2147483647
Year: 2006
Pages: 152

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net