SMTP AUTH ȑ M T [ o Ń O Ƃ肽
Debian GNU/Linux woody ̂ ŁA ɊȒP OS qmail ܂ŃC X g [ ł B
p X [ h t @ C ̌ A N X N v g ̕ύX Ȃǂ o āA SMTP AUTH ȑ M T [ o ͂ł B
Ƃ 낪 M ł 邯 ǒN M Ă 邩 킩 Ȃ B( } Q )
Apr 19 16:54:45 fletsmail qmail: 1082361285.151279 new msg 3025154 Apr 19 16:54:45 fletsmail qmail: 1082361285.151358 info msg 3025154: bytes 996 fromqp 6495 uid 64011 Apr 19 16:54:45 fletsmail qmail: 1082361285.214791 starting delivery 17: msg 3025154 to remote hogehoge@example.com Apr 19 16:54:45 fletsmail qmail: 1082361285.217170 status: local 0/10 remote 1/20 Apr 19 16:54:45 fletsmail qmail: 1082361285.479015 delivery 17: success: 203.165.10.71_accepted_message./Remote_host_said:_250_2.0.0_i3J7sjfV00031_Message_accepted_for_delivery/ Apr 19 16:54:45 fletsmail qmail: 1082361285.479090 status: local 0/10 remote 0/20 Apr 19 16:54:45 fletsmail qmail: 1082361285.479117 end msg 3025154
̃ O fugafuga@example.com hogehoge@example.com ̃ O A w b _ ɏ Ă ̂ł A Ȃ̊ȒP ɋU ł 邩 M p ł Ȃ B SMTP AUTH authenticate ̂͂ǂ̃ [ U H ċ^ ₪ 킭 B W ł͂ ̏ ̓ O ɂ͈ ؓf Ȃ ̂ł B ς B
Authenticating log o Ȃ Ȃ o 悤 ɉ I ƃv O ~ O 킩 ̂ɂ Ă݂ A MUA ( C o ق ̃\ t g) ւ̓ [ U Ԃ Ƃ \ A T [ o g ̃ O ɂ͏o Ă Ȃ B C y ɕ l B ɑ k A Ȃ Ɖ ł R [ h Ă l ꂽ ̂ B
qmail-smtpd.c Ă A w qmail-smtpd hack ̂ł͂Ȃ A F S Ă /usr/local/bin/cmd5checkpw hack ̂ A Ó ƁB x Ƃ w E A cmd5checkpw(CRAM-MD5 F ؗp) | g m ̃ [ J R s [ p b ` ܂ŏ Ă (*^v^*)
$ diff -u cmd5checkpw-0.22-orig/main.c cmd5checkpw-0.22/main.c --- cmd5checkpw-0.22-orig/main.c Mon Oct 9 18:07:21 2000 +++ cmd5checkpw-0.22/main.c Sun Apr 18 14:48:52 2004 @@ -5,9 +5,11 @@ #include <pwd.h> #include <stdio.h> #include <unistd.h> +#include <syslog.h> #define LINE_MAX 256 #define SMTP_PASSWD_FILE "/etc/poppasswd" +#define SYSLOG_IDENT "cmd5checkpw" char up[513]; int uplen; static char hextab[]="0123456789abcdef"; @@ -56,6 +58,16 @@ return(strcmp(digascii,response) && strcmp(password,challenge)); } +void auth_syslog(int accepted, const unsigned char *login) { + openlog(SYSLOG_IDENT, LOG_NOWAIT | LOG_PID, LOG_AUTHPRIV); + if (accepted) { + syslog(LOG_WARNING, "authentication failure; logname=%s", login); + } else { + syslog(LOG_INFO, "authentication success; logname=%s", login); + } + closelog(); +} + void main(int argc,char **argv) { char *login; @@ -89,6 +101,7 @@ response = up + i; accepted=doit(login,challenge,response); + auth_syslog(accepted,login); for (i = 0;i < sizeof(up);++i) up[i] = 0;
̃p b ` ĂăR p C ƃC X g [ Ȃ Ń O 悤 ɂȂ B
$ make gcc -c -g -Wall -O3 -c -o main.o main.c main.c:72: warning: return type of `main' is not `int' gcc -g -o cmd5checkpw main.o md5c.o hmac_md5.o $ sudo make install cp cmd5checkpw /bin/ ; cp cmd5checkpw.8 /usr/man/man8/ $ ls -l /bin/cmd5checkpw -rwxr-xr-x 1 root root 33689 Apr 18 15:07 /bin/cmd5checkpw $ sudo useradd smtpauth $ sudo chown smtpauth /bin/cmd5checkpw $ sudo chmod a+s /bin/cmd5checkpw $ ls -l /bin/cmd5checkpw -rwsr-sr-x 1 smtpauth root 33689 Apr 18 15:07 /bin/cmd5checkpw
ۂ̃ O ͂ Ȋ
ŁA ُ Ɂu authentication failure; v ő M s Ă ̂ 킩 邵 A ʂɁu authentication success; v f ă C M Ă ̂ 悤 ɂȂ E E E n Y B SMTP AUTH 낤 I ( 1 ) @Apr 18 14:00:09 fletsmail cmd5checkpw[3232]: authentication failure; logname=abc319 Apr 18 14:00:22 fletsmail cmd5checkpw[3234]: authentication success; logname=abc319 Apr 18 14:03:19 fletsmail cmd5checkpw[3238]: authentication failure; logname=sbt Apr 18 14:03:38 fletsmail cmd5checkpw[3240]: authentication success; logname=sitafu Apr 18 14:15:24 fletsmail cmd5checkpw[3244]: authentication failure; logname=sitafu Apr 18 14:16:11 fletsmail cmd5checkpw[3246]: authentication success; logname=abc319 Apr 18 14:17:18 fletsmail cmd5checkpw[3250]: authentication failure; logname=abc319 Apr 18 14:17:34 fletsmail cmd5checkpw[3252]: authentication failure; logname=abc319 Apr 18 14:17:55 fletsmail cmd5checkpw[3254]: authentication success; logname=abc319 Apr 18 14:32:31 fletsmail cmd5checkpw[3270]: authentication success; logname=abc319
(SHIBATA Akira) , { T C g p ̍ۂɋN 邩 Ȃ s v ɑ , ؐӔC ܂ .