tomclegg.net


Diary
Examples
Hire Tom
Mostly Mozart
Patches
School
Scrapbook
Software
    allaboutme
    byteswap
    checksocks
    djbdns-ipv6
    dsprec
    fresnel
    fresnel
    logger
    mail-transport-agent
  >maildirpop3d<
    mp3cat
    qmail-bmf-wildcard
    rawrms
    stationbreak
Telephones




colocation
comments
davidireland
edsgranola
faq
funsites
goodlooking
goodmovies
google-earth-saucy-amd64
houserules
liberating
resume
resume2
scratch
shopping
snacks
todo
university
warisbogus

 maildirpop3d
Posted December 14, 2007

Offer multiple POP and IMAP mailboxes (with distinct passwords) using a single shell account.

Summary

  1. System administrator installs maildirpop3d.
  2. System administrator creates a unix account called "joe".
  3. System administrator puts example.com:joe in control/virtualdomains.
  4. Joe creates a mailbox for kat@example.com with password "foo".
  5. POP3 and IMAP work with username "kat@example.com" and password "foo".
  6. Joe creates a mailbox for larry@example.com with password "bar".
  7. POP3 and IMAP work with username "larry@example.com" and password "bar".

Programs

maildirpop3d is executed by qmail-popup to authenticate a username/password pair. It invokes qmail-pop3d on the appropriate maildir.

maildircheckpw-dovecot is executed by the dovecot IMAP server to authenticate a username/password pair. It tells dovecot where the appropriate maildir is, and which userid to use. Since version 0.6.

maildirpasswd is executed by unix users. It sets the individual mailbox passwords.

How maildirpop3d finds mailboxes

If qmail-popup receives a username like "joe-foo", and ~joe/Maildir-foo is a directory, then maildirpop3d invokes qmail-pop3d (as joe) on ~joe/Maildir-foo.

If qmail-popup receives a username like "foo@example.com", and "example.com:joe" appears in /var/qmail/control/virtualdomains, and ~joe/Maildir-foo is a directory, then maildirpop3d invokes qmail-pop3d (as joe) on ~joe/Maildir-foo. Since version 0.3.

If the supplied username is "joe-foo-bar-baz", then maildirpop3d looks first for a user called "joe-foo-bar-baz", then "joe-foo-bar", then "joe-foo", then "joe". If a user called "joe-foo-bar" exists, then maildirpop3d will not look for users called "joe-foo" or "joe", even if ~joe-foo-bar/Maildir-baz/ does not exist.

How passwords are stored

maildirpasswd foo is invoked by joe to set the password for the joe-foo mailbox. The password is encrypted and stored in ~joe/Maildir-foo/passwd.

How to install (part 1)

First, install the maildirpop3d programs: 

mkdir -p /usr/local/src
cd /usr/local/src
fetch http://tomclegg.net/software/maildirpop3d-0.8.tar.gz
tar xzf maildirpop3d-0.8.tar.gz
cd maildirpop3d-0.8
make install

How to install (part 2, POP3)

Add maildirpop3d to your existing POP3 service. It runs between qmail-popup and qmail-pop3d. 

exec tcpserver -vRl YOUR.HOST.NAME.HERE 0 pop3 \
  /var/qmail/bin/qmail-popup YOUR.HOST.NAME.HERE \
  /usr/local/sbin/maildirpop3d /var/qmail/bin/qmail-pop3d Maildir

If you're using a checkpassword program other than checkpassword, or if checkpassword is not in your PATH, then you need to add the path to checkpassword as the last argument to maildirpasswd: 

exec tcpserver -vRl YOUR.HOST.NAME.HERE 0 pop3 \
  /var/qmail/bin/qmail-popup YOUR.HOST.NAME.HERE \
  /usr/local/sbin/maildirpop3d /var/qmail/bin/qmail-pop3d \
  Maildir /PATH/TO/CHECKPASSWORD

How to install (part 3, IMAP)

Install dovecot. 

cd /usr/ports/mail/dovecot && make install
cd /usr/local/etc
cp -ip dovecot-example.conf dovecot.conf

Edit the configuration file (/usr/local/etc/dovecot.conf).

  • Change "protocols = imap pop3" to "protocols imap". The pop3 server might work as well; I haven't tried it.
  • Add "ssl_disable = yes" or configure SSL certificates and settings.
  • Add "disable_plaintext_auth = no".
  • Replace "default_mail_env = mbox:/var/qmail/%u" with "default_mail_env = maildir:%h".
  • Comment out "passdb pam {" and the matching "}".
  • Uncomment "passdb checkpassword {" and the matching "}".
  • In the "passdb checkpassword" section, add "args = /usr/local/sbin/maildircheckpw-dovecot".
  • Comment out "userdb passwd {" and the matching "}".
  • Uncomment "userdb prefetch {" and the matching "}".

If you made those changes and removed the comments, you would have something like this sample dovecot.conf.

Enable dovecot in /etc/rc.conf. 

echo >>/etc/rc.conf 'dovecot_enable="YES"'

Start dovecot. 

/usr/local/etc/rc.d/dovecot.sh start

Test using an IMAP client like squirrelmail.

The above method prevents the IMAP server from accessing regular user maildirs like /home/joe/Maildir using username "joe" and joe's unix password. A future version will fix this. Meanwhile, I came up with a truly awful hack to make both work at once.

How to use

If your username is joe and you want a separate mailbox called joe-lists, do this: 

cd
maildirmake Maildir-lists
echo ./Maildir-lists/ >.qmail-lists
maildirpasswd lists
Changing password for POP mailbox joe-lists@YOUR.HOST.NAME.HERE
New password: bar
New password (again): bar
Ok, putting encrypted password 0ZsfajRLIfp0w in ~/Maildir-lists/passwd

(Your password will not really appear on your screen.)

You can pick up your mail by configuring your mail reader like this: 

POP server: YOUR.HOST.NAME.HERE
Username: joe-lists
Password: bar

If virtualdomains contains the line "example.com:joe", you can use these settings: 

POP server: YOUR.HOST.NAME.HERE
Username: lists@example.com
Password: bar

This package is released under the GNU General Public License.

Note: None of this stuff has any kind of warranty.