SMTP AUTH ֘A

SMTP AUTH 낤 I ( 2 )

SMTP AUTH ȑ M T [ o Ń O Ƃ肽

SMTP Authentication log with qmail on Debian GNU/Linux Woody by SHIBATA Akira
쐬 2004/04/19

O Ƃ肽

Debian GNU/Linux woody ̂ ŁA ɊȒP OS qmail ܂ŃC X g [ ł B

p X [ h t @ C ̌ A N X N v g ̕ύX Ȃǂ o āA SMTP AUTH ȑ M T [ o ͂ł B

Ƃ 낪 M ł 邯 ǒN M Ă 邩 킩 Ȃ B( } Q )

Apr 19 16:54:45 fletsmail qmail: 1082361285.151279 new msg 3025154
Apr 19 16:54:45 fletsmail qmail: 1082361285.151358 info msg 3025154: bytes 996 from  qp 6495 uid 64011
Apr 19 16:54:45 fletsmail qmail: 1082361285.214791 starting delivery 17: msg 3025154 to remote hogehoge@example.com
Apr 19 16:54:45 fletsmail qmail: 1082361285.217170 status: local 0/10 remote 1/20
Apr 19 16:54:45 fletsmail qmail: 1082361285.479015 delivery 17: success: 203.165.10.71_accepted_message./Remote_host_said:_250_2.0.0_i3J7sjfV00031_Message_accepted_for_delivery/
Apr 19 16:54:45 fletsmail qmail: 1082361285.479090 status: local 0/10 remote 0/20
Apr 19 16:54:45 fletsmail qmail: 1082361285.479117 end msg 3025154

̃ O fugafuga@example.com hogehoge@example.com ̃ O A w b _ ɏ Ă ̂ł A Ȃ̊ȒP ɋU ł 邩 M p ł Ȃ B SMTP AUTH authenticate ̂͂ǂ̃ [ U H ċ^ ₪ 킭 B W ł͂ ̏ ̓ O ɂ͈ ؓf Ȃ ̂ł B ς B

Authenticating log o Ȃ Ȃ o 悤 ɉ I ƃv O ~ O 킩 ̂ɂ Ă݂ A MUA ( C o ق ̃\ t g) ւ̓ [ U Ԃ Ƃ ”\ A T [ o g ̃ O ɂ͏o Ă Ȃ B C y ɕ l B ɑ k A Ȃ Ɖ ł R [ h Ă l ꂽ ̂ B

Ώ

qmail-smtpd.c Ă A w qmail-smtpd hack ̂ł͂Ȃ A F ؂ S Ă /usr/local/bin/cmd5checkpw hack ̂ A Ó ƁB x Ƃ w E A cmd5checkpw(CRAM-MD5 F ؗp) | g m ̃ [ J R s [ p b ` ܂ŏ Ă (*^v^*)

$ diff -u cmd5checkpw-0.22-orig/main.c cmd5checkpw-0.22/main.c
--- cmd5checkpw-0.22-orig/main.c        Mon Oct  9 18:07:21 2000
+++ cmd5checkpw-0.22/main.c     Sun Apr 18 14:48:52 2004
@@ -5,9 +5,11 @@
 #include <pwd.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <syslog.h>

 #define LINE_MAX 256
 #define SMTP_PASSWD_FILE "/etc/poppasswd"
+#define SYSLOG_IDENT "cmd5checkpw"
 char up[513];
 int uplen;
 static char hextab[]="0123456789abcdef";
@@ -56,6 +58,16 @@
    return(strcmp(digascii,response) && strcmp(password,challenge));
 }

+void auth_syslog(int accepted, const unsigned char *login) {
+  openlog(SYSLOG_IDENT, LOG_NOWAIT | LOG_PID, LOG_AUTHPRIV);
+  if (accepted) {
+    syslog(LOG_WARNING, "authentication failure; logname=%s", login);
+  } else {
+    syslog(LOG_INFO, "authentication success; logname=%s", login);
+  }
+  closelog();
+}
+
 void main(int argc,char **argv)
 {
   char *login;
@@ -89,6 +101,7 @@
   response = up + i;

   accepted=doit(login,challenge,response);
+  auth_syslog(accepted,login);

   for (i = 0;i < sizeof(up);++i) up[i] = 0;

̃p b ` ĂăR p C ƃC X g [ Ȃ Ń O 悤 ɂȂ B

$ make
gcc -c -g -Wall -O3   -c -o main.o main.c
main.c:72: warning: return type of `main' is not `int'
gcc -g -o cmd5checkpw main.o md5c.o hmac_md5.o
$ sudo make install
cp cmd5checkpw /bin/ ; cp cmd5checkpw.8 /usr/man/man8/
$ ls -l /bin/cmd5checkpw
-rwxr-xr-x    1 root     root        33689 Apr 18 15:07 /bin/cmd5checkpw
$ sudo useradd smtpauth
$ sudo chown smtpauth /bin/cmd5checkpw
$ sudo chmod a+s /bin/cmd5checkpw
$ ls -l /bin/cmd5checkpw
-rwsr-sr-x    1 smtpauth root        33689 Apr 18 15:07 /bin/cmd5checkpw

ۂ̃ O ͂ Ȋ

Apr 18 14:00:09 fletsmail cmd5checkpw[3232]: authentication failure; logname=abc319
Apr 18 14:00:22 fletsmail cmd5checkpw[3234]: authentication success; logname=abc319
Apr 18 14:03:19 fletsmail cmd5checkpw[3238]: authentication failure; logname=sbt
Apr 18 14:03:38 fletsmail cmd5checkpw[3240]: authentication success; logname=sitafu
Apr 18 14:15:24 fletsmail cmd5checkpw[3244]: authentication failure; logname=sitafu
Apr 18 14:16:11 fletsmail cmd5checkpw[3246]: authentication success; logname=abc319
Apr 18 14:17:18 fletsmail cmd5checkpw[3250]: authentication failure; logname=abc319
Apr 18 14:17:34 fletsmail cmd5checkpw[3252]: authentication failure; logname=abc319
Apr 18 14:17:55 fletsmail cmd5checkpw[3254]: authentication success; logname=abc319
Apr 18 14:32:31 fletsmail cmd5checkpw[3270]: authentication success; logname=abc319
ŁA ُ Ɂu authentication failure; v ő M s Ă ̂ 킩 邵 A ʂɁu authentication success; v f ă C M Ă ̂ ‚ 悤 ɂȂ E E E n Y B

SMTP AUTH 낤 I ( 1 ) @
Memorandum about Linux and Network | ق ̃W Ă݂ | T C g } b v

Ɛ

beacon

(SHIBATA Akira) , { T C g p ̍ۂɋN 邩 Ȃ s v ɑ΂ , ؐӔC 𕉂 ܂ .