head	1.8;
access;
symbols;
locks; strict;
comment	@# @;


1.8
date	97.03.18.03.50.44;	author david;	state Exp;
branches;
next	1.7;

1.7
date	96.12.16.19.00.56;	author david;	state Exp;
branches;
next	1.6;

1.6
date	96.12.11.03.07.10;	author david;	state Exp;
branches;
next	1.5;

1.5
date	96.12.09.04.36.22;	author david;	state Exp;
branches;
next	1.4;

1.4
date	96.11.25.23.51.51;	author david;	state Exp;
branches;
next	1.3;

1.3
date	96.11.25.01.52.36;	author david;	state Exp;
branches;
next	1.2;

1.2
date	96.11.23.05.21.06;	author david;	state Exp;
branches;
next	1.1;

1.1
date	96.11.23.05.19.59;	author david;	state Exp;
branches;
next	;


desc
@Initial Version.
@


1.8
log
@New version fixes security-by-obscurity bug as detailed in this README file.
@
text
@                      Qmail MailDir2Smtp Shell Scripts
                                Version 1.7
                               David Summers
                        david@@summersoft.fay.ar.us
          ftp://summersoft.fay.ar.us:/pub/qmail/qmail-smtp-1.7.tar.gz

LEGAL MUMBO JUMBO:
These files are in the public domain.  If you improve on them I would appreciate
receiving the improvements.  I can not garuntee that these will work for you. 
I can not be held responsible if this does anything bad to you or your computer.

Here is a set of scripts which I find usefully exploits the maildir2smtp
capabilities of QMAIL.

My setup has a Solaris 2.5 server and Linux clients.  Each client uses Linux
diald to establish a PPP connection to the network when the smtpcall script is
called from crontab.  This script telnets to the server, logs in, and connects
with the "qsmtpd" server which validates the login, without transmitting the 
password in the clear, similarly to the simple idea from RFC 1725 (APOP), and then
blasts the mail across the network to the client smtp port.  Since the PPP
connection is established automatically by diald whenever there is network
traffic from the client, qmail can send e-mail any time from the client to the
server.

I haven't investigated the ability to queue mail from the client to the server
but if you wanted to do that then just have the client establish the reverse
connection; these scripts should help.

Pre-requisites for both client and server:
The "perl-5(.003)" package.
The "md5sum" program (can be found in GNU textutils).

The file names and descriptions follow:

Name         Description
=====        ============
smtpcall     Call a remote site.
smtpmkdir    Create a /var/spool/qmail spool directory for a user.
smtpq        List the number and names of files in the /var/spool/qmail queues.
qsmtpd       Server process to receive a remote call and send the queued files.


Here is the sequence of setup and operation.

On the server side:

1. Set up /usr/local/bin/qsmtpd as a server process
   (maybe in /etc/inetd.conf??? Haven't tried inetd.conf yet).
2. Set up USER in the /etc/qmail/control/passwords file with home directory of
   /var/spool/qmail/USER like so:
   incoming.dom.ain:USER:SecretPassword:/Path/To/Maildir
3. smtpmkdir USER
4. Set up /var/qmail/virtualdomains to point to USER for that host.
5. Stop and Start qmail to make new virtualdomains active.

On the client side:

o. Set up /var/qmail/control/passwords to be only readable by root.
   The format is: host:USER:password:/Path/To/Maildir
o. Set up crontab for root to start up /usr/local/bin/smtpcall periodically:
   30 * * * * /usr/local/bin/smtpcall host port USER


CHANGES:
1997/03/17 Version 1.7 - Fixed the incredibly stupid "security-by-obscurity"
                         problem where any user on the server that could read
                         the password file could have someone else's e-mail
                         transferred to him. Now uses an extension of the
                         /etc/qmail/control/passwords file that has the Maildir
                         added.
1996/12/16 Version 1.6 - Fixed duplicate e-mail problem.
                         Fixed defunct(zombie) process problem.
                         Added e-mail logging to client side.
1996/12/10 Version 1.5 - Fixed timeouts to wait forever after initial handshake
                         so that big files can be transferred and duplicate e-mail
                         doesn't get sent.
1996/12/07 Version 1.4 - Moved smtpsend to qsmtpd and re-wrote in perl.
                         Fixed qsmtpd and smtpcall to use RFC-1725 (APOP) MD5SUM
                            to validate the user and password so the password
                            doesn't have to be transferred in the clear.
                         Got rid of smtppass (now part of smtpcall perl script).
1996/11/24 Version 1.3 - Added logging to smtpsend.
1996/11/24 Version 1.2 - Fixed smtpsend to act as login server.
1996/09/01 Version 1.1 - Fixed smtppass to use parameters $1 $2 correctly.
1996/09/01 Version 1.0 - Initial Version.
@


1.7
log
@Fixed some more problems.
1. Duplicate e-mail.
2. Zombie(defunct) processes.
3. Logging e-mail messages to client side.
@
text
@d2 1
a2 1
                                Version 1.6
d5 1
a5 1
          ftp://ftp.engr.uark.edu:/pub/qmail/qmail-smtp-1.6.tar.gz
d49 5
a53 4
2. Set up user in the /etc/passwd file log in with home directory of
   /var/spool/qmail/user.
3. smtpmkdir user
4. Set up /var/qmail/virtualdomains to point to user for that host.
d59 1
a59 1
   The format is: host:user:password
d61 1
a61 1
   30 * * * * /usr/local/bin/smtpcall host port user
d65 6
@


1.6
log
@Fixed timeouts so duplicate files don't get sent and big files can be
transferred.
@
text
@d2 1
a2 1
                                Version 1.5
d4 2
a5 2
                          dws@@summersoft.fay.ar.us
          ftp://ftp.engr.uark.edu:/pub/qmail/qmail-smtp-1.5.tar.gz
d64 6
a69 2
1996/12/10 Versino 1.5 - Fixed timeouts to wait forever after initial handshake so
   that big files can be transferred and duplicate e-mail doesn't get sent.
d71 4
a74 3
   Fixed qsmtpd and smtpcall to use RFC-1725 (APOP) MD5SUM to validate the user
      and password so the password doesn't have to be transferred in the clear.
   Got rid of smtppass (now part of smtpcall perl script).
@


1.5
log
@New version which uses APOP style client and server and doesn't transmitt
password in the clear across the network.
@
text
@d2 1
a2 1
                                Version 1.4
d5 1
a5 1
          ftp://ftp.engr.uark.edu:/pub/qmail/qmail-smtp-1.4.tar.gz
d64 2
@


1.4
log
@Added logging to smtpsend.
@
text
@d2 1
a2 1
                                Version 1.3
d5 1
a5 1
          ftp://ftp.engr.uark.edu:/pub/qmail/qmail-smtp-1.3.tar.gz               
d12 1
a12 1
Here is a set of shell scripts which I find usefully exploits the maildir2smtp
d18 6
a23 4
with the "smtpsend" server which validates the login and then blasts the mail
across the network to the client smtp port.  Since the PPP connection is
established automatically by diald whenever there is network traffic, qmail can
send e-mail any time from the client to the server.
d29 3
a31 2
Pre-requisites:
The "expect" package must be installed on the client.
a38 1
smtppass     Used in smtpcall to get the password for a site and user.
d40 1
a40 1
smtpsend     Server process to receive a remote call and send the queued files.
d47 3
a49 2
1. Set up /usr/local/bin/smtpsend as a server process (maybe in /etc/inetd.conf).
2. Set up user in the /etc/passwd file to log in with home directory of
d64 4
d71 1
a71 1
1996/09/01 Version 1.0
@


1.3
log
@Fixed smtpsend to be a server process.
@
text
@d2 1
a2 1
                                Version 1.2
d5 1
a5 1
          ftp://ftp.engr.uark.edu:/pub/qmail/qmail-smtp-1.2.tar.gz               
d61 1
@


1.2
log
@Added remoteip.
@
text
@d17 5
a21 5
called from crontab.  This script telnets to the server, logs in, and starts the
smtpsend script which blasts the mail across the network to the client smtp
port.  Since the PPP connection is established automatically by diald whenever
there is network traffic, qmail can send e-mail any time from the client to the
server.
a33 1
remoteip     Returns the IP of the logged-in user.
d38 1
a38 1
smtpsend     Receive a remote call and send the queued files.
d45 6
a50 5
o. Set up user in the /etc/passwd file to log in with home directory of
   /var/spool/qmail/user and shell of /usr/local/bin/smtpsend.
o. smtpmkdir user
o. Set up /var/qmail/virtualdomains to point to user for that host.
o. Stop and Start qmail to make new virtualdomains active.
d57 1
a57 1
   30 * * * * /usr/local/bin/smtpcall host user
d61 1
a61 1
1996/11/22 Version 1.2 - Fixed smtpsend to get IP address even if not in the DNS.
@


1.1
log
@Initial revision
@
text
@d34 3
a36 2
smtpcall     Call a remote site
smtpmkdir    Create a /var/spool/qmail spool directory for a user
@
