APOP + OpenLDAP patch for QMail



This patch againist RPMHelp.net's QMail package. [RPMHelps'net site is temporaly (I hope) down, the original RPM's can be found at: IBiblio or Mandriva Club]


Benefits:
1. APOP + LDAP authentication for auth_pop module
2. APOP passwords are stored crypted


Download from Sourceforge:http://sourceforge.net/project/showfiles.php?group_id=56399
SourceForge Summary Page:http://sourceforge.net/projects/alq/


Usage:
  1. Download from RPMHelp.net QMail package and other packages it depend on. Or You can dowload alredy patched version from this site & follow to step 7.
  2. Install source RPM (rpm -i qmail ... .src.rpm)
  3. Copy patch to SOURCE directory (/usr/src/RPM/SOURCE or /usr/src/redhat/SOURCE or something similliar)
  4. Change original SPEC file (/usr/src/RPM/SPEC/qmail.spec) on SPEC file contributed with patch
  5. Build RPM's (rpm -ba qmail.spec)
  6. Backup /tmp/tmpkey.h in some safe place, you will need it in the case of QMail recompilation. This file contains key for encrypting APOP passwords, so don't loose it (otherwise after recompilation You will loose all passwords), and don't let somebody to steel it. Delete from /tmp folder!
    At recompilation You must put this file back to tmp and rebuild rpm's with option --with tmpkey (rpm -ba qmail.spec --with tmpkey or rpm --rebuild qmail ... .src.rpm --with tmpkey)
  7. Add packaged qmail.schema into qmail schema directory or You can use default but must change in qmailUser objectclass 'userPassword' on 'popPassword' and add popPassword attribute based userPassword:
    attributeType ( 1.3.6.1.4.1.7914.1.2.1.667 NAME='popPassword' SUP=userPassword )
  8. Get encrypted user passwords with apoppwd (located in /var/qmail/bin)
  9. Include qmail.schema into OpenLdap configuration (slapd.conf)
  10. Specify to QMail openldap server configuration (/var/qmail/control/(ldapserver,ldaplogin,ldappassword,ldapbasedn,ldapobjectclass). For detailed information look on original documentation.
  11. Add users to OpenLdap database, .ldif file must contain:
    objectClass: top
    objectClass: qmailUser
    uid: acount_name
    mail: mail_address
    qmailUID: user_uid
    qmailGID: user_gid
    popPassword: {APOP}password     (password - generated by apoppwd)
    or
    popPassword: password     (for simple POP authentication )
  12. Change in '/var/qmail/supervise/qmail-pop3d/run' PASSPROG variable to '/var/qmail/bin/auth_pop'
  13. If occurs some erros on authorisation stage (like 'Error in loading shared libraries: failed to map segment from shared object') remove from '/var/qmail/supervise/qmail-pop3d/run line with softlimit.
  14. All must work!



SourceForge Logo