Source Code
This is the real meat-and-bones of this whole project. In order to get these
modules to work together, you will need to make some (relatively easy) changes
as listed in the installation notes. It is vital
that your MTA and POP3 daemons
output lines to syslog that popAuth3 can interpret and act upon. Alternatively, it is equally important that the regular
expressions within popAuth3 match those mail log lines appropriately.
popauth3; Current Version: 3.0.1
The popAuth3 project is comprised of several files including the core source
(and license file), report generation utilities, and various support scripts.
At a minimum, you need the core source and the copyright license files. All
other files can be considered optional as they are not required by the core
source file to do its work. Note: Microsoft Internet Explorer
treats *.pl files as executable (and may prevent you from viewing them). You
must right-click, then select "Save As" in order to download these files. The files
are listed and described as (install them as specified on
the install page):
- Minimal
- popauth.pl -- The core
source file (this is the main program).
- COPYING -- The copyright license
file.
- Recommended
- popauth.log -- Named
after the log file that popAuth3 generates, this is the logrotate
support file that enables you to rotate popAuth3's log files (to avoid
filling up your HDD on a single huge file).
- Optional: Reporting
- listsessions.pl
-- Nicely displays all authenticated relay sessions, showing a lot
of useful information about each session.
- listrbl.pl -- Nicely
displays the entire contents of the local RBL cache, showing a lot
of useful information about each RBL entry (i.e.: Why black-listed,
when, whether null-routed/for how long, etc).
- listrepeats.pl
-- Nicely displays only those RBL cache entries which have repeatedly
attempted to contact your mail server (useful to see any entries that
are, have been, or will be null-routed).
- removerblentry.pl
-- Used by listrbl.pl and listrepeats.pl to remove entries from the
local RBL cache. Unfortunately, you will have to do this from time
to time -- user error happens. NOTE: This requires that the directory
that contains the RBL cache data file be world writable! This is exactly
why I moved my cache files into a directory separate from the remaining
postfix configuration files.
- listreport.css
-- Cascading Style Sheet used by the HTML report output for in-browser
display.
- printable.css
-- Cascading Style Sheet used by the HTML report output for printing.
- index.html-sample
-- A sample HTML document to illustrate how you might access
the various HTML report utilities listed above.
- Optional: Support
- poplog -- A simple tailer
script to watch popAuth3's log file in real-time.
Internet Explorer Users: If you are unable to view/download
the source files listed above, a .ZIP archive of the popAuth3 source tree,
as presented on this web site, is available
here. Right-Click, Save As... to download it.
vm-pop3d
You will need to make some changes to three source files for vm-pop3d to log
POP authentications on one line. Several people have reported tweaks like this
to the vm-pop3d developer mailing list, but I made this change before I discovered
their versions. My version reports everything needed to establish enough data
for popAuth3's use, so it is good enough. When commenting someone else's code,
I tend to put my initials and a time-date stamp on or near the lines that I
alter, clearly labeling changes that I have made. If you are interested in
what I changed, then you are welcome to find my initials, WWK, in these source
files. Otherwise, just replace your copies of these files and recompile vm-pop3d
as recommended in its INSTALL file. The changed files are:
Internet Explorer Users: If you are unable to view/download
the source files listed above, a .ZIP archive of these three source files is
available here. Please note this is
not the complete vm-pop3d program source! Right-Click, Save As...
to download it.
The Future
As with any major source project, I have other objectives for popAuth3. Namely,
I hope to achieve:
- Separate the configuration values from the source code into a separate
popauth.conf file. Have this file stored either in
/etc/
or in/etc/popauth/
.
- Generalize popAuth3 such that it can be more readily applied to MTAs other
than postfix. I'm going to need configuration examples from people actually using popAuth3 with these other MTAs to accomplish
this because I am strictly a postfix user.
- Find a way to run popAuth3 as a user other than root. You'll note that
everything above assumes you will install popAuth3 as root, and popAuth3
will run as root. While it works in this context, and many other similar tools do as well, I just want to go out and try
this for the sake of even tighter security control.
- Move the local RBL cache, session tracking file, and fisher tracking files
to a MySQL data store rather than the current flat-file format. Better
yet, make it optional whether to use flat-files or an RDBMS.
- Write a fully featured installer for popAuth3. Granted, there is only so
much that can be done for this. For example, it is unlikely that an installer
can be written that will automatically generate the regular expressions
needed within the popAuth3 source to match any given POP daemon. However,
it would be nice to automatically handle most of the installation procedure
such as path detection, directory creation, data file initialization, FIFO & syslog preparation, etc.
- While I'm of the mind set that production Linux servers shouldn't have
GUIs, it would be nice to have a GUI manager for popAuth3 for editing it's
configuration, restarting it, and editing the RBL cache file (perhaps a
network version that can be run from workstations to manipulate these files
on the server).
- Carefully consider and implement user change/feature requests based on
feedback.
Contributing Authors: William Kimball
Problems with this page can be reported via e-mail to: <popauth3 at kimballstuff dot com>
Last modified: $Date: 2006-01-13T12:30:12+07:00$