(RADIATOR) slightly OT: SMTP relay module

Charles Sprickman spork at inch.com
Mon Nov 26 10:46:13 CST 2001 

Hi,

I started playing around with this idea some time ago, but dropped it
since I'm not a true perl hacker...

This is essentially the beginnings of a small module to allow roaming
users of any sort that are authenticated by radiator to relay mail for the
duration of their session.  I settled on this method because it made more
sense to me than the numerous pop-before-smtp hacks.  It's a bit more
straightforward:  If you are an authenticated user, you can relay mail for
the duration of your session, end of story...  No hacking of your pop or
smtp server is required.

The line in sendmail.cf is pretty easy:

Kpopauth hash -a<OK> /usr/local/etc/mail/popauth

and

SLocal_check_rcpt
R$*             $: $(popauth $&{client_addr} $: <?> $)
R<?>            $@ NoPopAuth

R$*<OK>         $# OK

This is all stolen from the cf/hack/popauth.m4 distributed with sendmail.

Basically, it works.  My problem is, it doesn't work well, and I have zero
experience in any kind of advanced perl work, specifically modules and the
like.

If there's anyone that would like to help polish this, it would be nice to
get it cleaned up and thrown in the radiator contrib dir.  I could also
work out a version for qmail, and perhaps postfix with some help.

Any takers?

Thanks,

Charles


| Charles Sprickman                  | Internet Channel
| INCH System Administration Team    | (212)243-5200
| spork at inch.com                     | access at inch.com
-------------- next part --------------

# small program to update a sendmail (or possibly other) access
# list based on current logged in users outside of our normal
# IP range.  Specifically, for IPass users, but usable really for
# any remote logins that authenticate via radius such as roaming dsl.
# This can be run standalone out of cron or be called by a 
# PostAuthHook in the handler/realm used for IPass requests.
sub 
{
	# config options
	my $dbtext = "/usr/local/etc/mail/popauth";
	my $localips = "216.223.19";
	my $makemap = "/usr/sbin/makemap";
	my $dbtype = "hash";
	my $dbfile = "/usr/local/etc/mail/popauth.db";

	# connect to the db
	my $sessdb = Radius::SessGeneric::find('SDB_mysql');

	# get file handle
	open (POPAUTH, ">$dbtext") || (&main::log($main::LOG_ERR, "PopAuth.pm could not open file $dbtext") && return);

	# our query
	my $dbquery = "select FRAMEDIPADDRESS from RADONLINE where (FRAMEDIPADDRESS NOT LIKE '$localips%' AND FRAMEDIPADDRESS IS NOT NULL)";

	my $query = $sessdb->prepareAndExecute($dbquery);

	while (my @query_result = $query->fetchrow_array) 
	{
#		if ($query_result[0] =~ /^[0-9]/)
#		{
			print POPAUTH "$query_result[0]\tOK\n";
			&main::log($main::LOG_DEBUG, "PopAuth.pm added/removed IP $query_result[0] in access list");
#		}
	}

	close POPAUTH;

	my $rc = system ("$makemap $dbtype $dbfile < $dbtext");

	if ($rc > 0) 
	{
		(&main::log($main::LOG_ERR, "Unable to execute command $makemap $dbtype $dbfile on $dbtext, exit code $rc\n") && return);
	}
	return;
}

More information about the radiator mailing list