-
wayned changed the public information on the pop-before-smtp project.
2009-02-20 22:23:52 UTC by wayned
-
Great script! But I ran into a small problem with the default $pat and $out_pat for Courier-POP3 and Courier-IMAP. On my systems, the last '?:' in each pattern (at chars 74 and 78, respectively, when uncommented) seems to be erroneous and had to be removed before the pattens would match anything in my log files. Then it worked perfectly. Are the default pattens wrong, or is something strange...
2008-02-15 04:17:22 UTC by depquid
-
The legit logout line you list is useless to pop-before-smtp because it doesn't contain an IP address. Is there a way to enable that? If so, the logout pattern could be tightened to avoid the other log line.
If not, some kind of custom_match subroutine would need to be created to associate an IP with a login name (and hope that the same user doesn't login from more than one IP).
2007-10-12 15:19:48 UTC by wayned
-
Sep 30 09:21:22 mail dovecot: imap-login: Disconnected: rip=10.10.10.213, lip=10.10.10.213, TLS
Sep 30 09:21:54 mail dovecot: pop3-login: Aborted login: rip=10.10.10.213, lip=10.10.10.213, TLS
These two lines appear in the log when an dovecot syslog 1.0.0 imap/pop session are attempted but not authentication is given. The first line matches the $out_pat. I don't think this can be exploited...
2007-10-01 11:12:32 UTC by grooverdan
-
small opp - username should be before ip in contrib/pat-tester.
2007-10-01 11:06:09 UTC by grooverdan
-
File Added: mail.log.
2007-10-01 11:03:36 UTC by grooverdan
-
File Added: pop-before-smtp-policyd.
2007-10-01 11:02:29 UTC by grooverdan
-
While I like the idea of pop-before-stmp as a quick authentication mechanism I disliked the lack of user authentication.
i.e. if pleb@bigcompany.com did a pop3 there was nothing preventing pleb sending a email as ceo@bigcompany.com.
It also doesn't help if pleb did a pop3/imap connection behind a big NAT and something decided to take advantage of the open relay.
Rather than complain...
2007-10-01 11:01:22 UTC by grooverdan
-
I would like to avoid pop-before-smtp all together when using OpenWebMail or when mailing from the box (I have web contact form processors that email using the PHP mail tool and of course cron, etc...). How do I stop local IP’s from having to authenticate?
Here is what I have: if this doesn’t include the correct POP log, can you tell me where to look for that log?
/etc/mail/sendmail.cf:
2007-08-08 15:48:52 UTC by cfogarty
-
This is the pattern after trial and error, that I found worked with the www.qmailtoaster.com setup.
$pat = '^[LOGTIME] \S+ vpopmail\[\d+\]: vchkpw-pop3: \(PLAIN\) ' .
'login success \S+:(\d+\.\d+\.\d+\.\d+)';.
2007-08-07 17:42:25 UTC by loaf_fan
