This patch againist
RPMHelp.net's
QMail package.
[RPMHelps'net site is temporaly (I hope) down, the original RPM's can be
found at:
IBiblio or
Mandriva
Club]
Benefits:
1. APOP + LDAP authentication for auth_pop module
2. APOP passwords are stored crypted
Download from RPMHelp.net QMail package and other packages it depend on. Or You can dowload alredy
patched version from this site & follow to step 7.
Install source RPM (rpm -i qmail ... .src.rpm)
Copy patch to SOURCE directory (/usr/src/RPM/SOURCE or /usr/src/redhat/SOURCE or something similliar)
Change original SPEC file (/usr/src/RPM/SPEC/qmail.spec) on SPEC file contributed with patch
Build RPM's (rpm -ba qmail.spec)
Backup /tmp/tmpkey.h in some safe place, you will need it in the case of QMail recompilation. This file
contains key for encrypting APOP passwords, so don't loose it (otherwise after recompilation You will loose all
passwords), and don't let somebody to steel it. Delete from /tmp folder!
At recompilation You must put this file back to tmp and rebuild rpm's with option --with tmpkey (rpm -ba qmail.spec --with
tmpkey or rpm --rebuild qmail ... .src.rpm --with tmpkey)
Add packaged qmail.schema into qmail schema directory or You can use default but must change in qmailUser objectclass
'userPassword' on 'popPassword' and add popPassword attribute based userPassword:
Get encrypted user passwords with apoppwd (located in /var/qmail/bin)
Include qmail.schema into OpenLdap configuration (slapd.conf)
Specify to QMail openldap server configuration (/var/qmail/control/(ldapserver,ldaplogin,ldappassword,ldapbasedn,ldapobjectclass).
For detailed information look on original documentation.
Add users to OpenLdap database, .ldif file must contain:
objectClass: top
objectClass: qmailUser
uid: acount_name
mail: mail_address
qmailUID: user_uid
qmailGID: user_gid
popPassword: {APOP}password (password - generated by apoppwd) or
popPassword: password (for simple POP authentication )
Change in '/var/qmail/supervise/qmail-pop3d/run' PASSPROG variable to '/var/qmail/bin/auth_pop'
If occurs some erros on authorisation stage (like 'Error in loading shared libraries: failed to map segment from
shared object') remove from '/var/qmail/supervise/qmail-pop3d/run line with softlimit.