Re: [exim] Exim with 'Prayer' webmail daemon

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Exim with 'Prayer' webmail daemon
Chris Wakelin wrote:
> W B Hacker wrote:
>> Might there
>> be a guru online form the Cambridge or Reading Uni teams who has
>> guidance on getting the 'Prayer' Webmail daemon to speak to
>> Exim-not-Sendmail for sending traffic off-box?
>>
>> I have:
>>
>> FreeBSD 6.X & 7.X
>>
>> - Exim 4.6X,
>>
>> -- fixed-never-users eximd and root
>>
>> -- privileged users include 'prayer'
>>
>> -- 'prayer' in same group as exim and dovecot
>
> We just have in Exim's configure file
>
> never_users = root
> trusted_users = prayer
>
> prayer has it's own group, i.e. not shared with Exim. Dovecot is on a
> completely different server.


ACK.

And when we finish 'hacking' so, too will be 'some of' the smtpd.

The aim is to replace Usermin, which we use for multiple account,
multiple back-ends, 'foreign and domestic' single connection, single OR
two-stage sign-in.

Meanwhile, we have ID'ed the problem(s) and fixed half of them,


1) Destination addresses had to be entered with caret-brackets, as in:

<wbh@???> not wbh@???

Technically correct - just unexpected. Absent those, something was
balking, though Exim careth not from the CLI. (I gave the prayer user a
logn and shell then su'ed to that for testing).

Not sure what was happening inside Prayer - I'll try 'Tee' or 'tee' on
it later today.

I should also soon be testing an agnostic if-then-else that furnishes
those '<' and '>' IF absent, ELSE not.



2) Working with a patched Prayer 1.1.0, which used as sender:

'username' + '@' + 'domain'

eg: 'From: wbh@???@conducive.org'
(not that Exim cared about that part..)

- around 4AM I cut in code from Prayer 1.3.1 that uses just 'username'
if it sees that it already contains the '@'.

...and it is now working.

Both of the above are temporary, as our login UID may have nothing to do
with an email address, but is of the form:

<personal ID><unit ID><department ID>

The DB looks those up, SELECT'ing $local_part and $domain for Exim ^
Dovecot.

So this only works for the edge case wherein we set:

<personal ID> = $local_part
<unit ID> ='@'
<department ID> = $domain

The change we'll make is to use *only* the stored 'From:' address, and
simply refuse to send w/o one having been furnished.

'Looking good' - I don't mind a bit of perl, python, or ruby here and
there, but am very much looking forward to compiled C - which is no
harder to alter in this case, and much more efficient.

..menawhile I've joined the Prayer list, so will take this over there...


Thanks,

Bill

>
>>
>> - Dovecot 1.02beta3 thru 1.1X (1.7 no longer handles SQL auth properly)
>>
>> Dovecot works nicely with Prayer for reading folders.
>>
>> - prayer 1.1.0 (later versions are Linux-only
>>
>> -- patched to correct Cambridge-unique short Username & password
>>
>> -- patched to discard debris in the URL so it can reconnect on-click
>>
>> Exim's ~/configure is set to allow relay from the on-box 'prayer'
>> (unless I have missed something)
>>
>> The oddity:
>>
>> Prayer can send with 'Sendmail', if I shut Exim down and enable
>> Sendmail. It cannot send with Exim, despite either a direct call to
>> /usr/local/sbin/exim in ~prayer.cf OR the redirect in
>> /etc/mail/mailer.cf mapping calls to the sendmail binary to exim.
>
> We just have
> sendmail_path = (path to exim binary)
>
>> I can find nothing in any of the following logs to indicate why so:
>>
>> - /var/log/exim~
>>
>> - /var/log/maillog
>>
>> - /var/log/all.log
>>
>> - /var/log/messages
>>
>> - /var/log/console.log
>>
>> - /var/log/prayer/prayer or /var/spool/prayer/logs/prayer
>>
>>
>> Seems *weird* to me, 'coz I would expect that (at least) Cambridge is
>> using 'Prayer' with Exim...
>
> Us too of course!
> Do you get an error in Prayer's session_log?


Not.

>
>> Suspicion:
>>
>> - While 'prayer' drops 'root' and runs as EUID 'prayer - could it be
>> reverting to 'root' UID when calling the Exim binary?
>>
>> Sendmail seems to see it as having originated traffic as 'root@'.
>
> That *is* odd! Maybe something that happens in BSD but not Linux? (We
> run Prayer and Exim on Ubuntu 8.04 and SuSE Enterprise 9)
>
>> But - if so - why no log evidence *anywhere*?
>
> What are your log settings in Prayer and Exim?
>
>> Any guidance appreciated.
>>
>> I'd like to shed perl/PHP/Ruby/python webmail in favor of compiled 'C'.
>>
>> Thanks,
>>
>> Bill Hacker
>
>
> Best Wishes,
> Chris
>
>