New ebuild popa3d, testers wanted

[hhg]

Hello!

I just submitted my first ebuild earlier today, and I'm looking for some
testers. The bug id is 28277.

So what is it?

Popa3d is a security oriented POP daemon. It was written by Solar Designer
to be included in his Openwall distribution.

You can find more information on the popa3d web page

I'm interested, what's in it for me?

Popa3d supports mailbox/maildir format, virtual hosts, PAM/shadow authentication.
Since it supports mailbox format and is security oriented it can be a good replacement
for qmail-pop3d for those who're running qmail and are using mailboxes.

Besides that, I like the virtual hosting scheme, which I'll explain a little later.
Popa3d also scales well, I was using it on a mail system with ~50k users,
I dont remember how many messages/day, but it has a small footprint.

I'm excited, how can I test it?

First, since it's not in the portage tree yet, we'll have to put it in
our local portage repository, follow these steps:

1. First, begin by downloading the package, either from the bug page
   or from
   my site
   
2. Enable PORTDIR_OVERLAY in /etc/make.conf
   
3. Unpack the tgz file in /usr/local/portage/net-mail (you may have to create the
   portage and net-mail directories).
   
4. Run "ebuild /usr/local/portage/net-mail/popa3d/popa3d-0.6.3.ebuild digest" to
   generate the digest.
   

Configuration

The default is to use mailbox format. If you're using maildirs on your system,
make sure to enable the 'maildir' USE flag in /etc/make.conf.

Default mailbox paths

• Mailbox: /var/mail/$USER
  
• Maildir: ~/.maildir/
  

Alternatively, you can change the default delivery path by setting the POPA3D_HOME_MAILBOX variable before emerging.

Use ~/Mailbox: POPA3D_HOME_MAILBOX="Mailbox" emerge popa3d

Use ~/Maildir (enable the maildir use flag first): POPA3D_HOME_MAILBOX=".maildir" emerge popa3d

If you just want the default .maildir or /var/mail/$USER, you just
run plain: emerge popa3d

After emerging you can run popa3d through init.d, /etc/init.d/popa3d start

If you're running PAM, the configuration file is /etc/pam.d/popa3d

Virtual hosting

If you want virtual hosting, popa3d supports name-based virtual hosts,
that are invoked by using user@domain as a username.

Okay, begin by creating a virtual home, this can pretty much be anywhere,
lets assume the default for the time being, which is /vhome.

$ mkdir /vhome
$ cd /vhome

Then create a file named 'vnamemap' which has the format 'domain:path'.
The path is relative to the virtual home, i.e.

$ echo 'test.is:test.is' > vnamemap

This means that @test.is is serviced by /vhome/test.is

$ mkdir test.is test.is/auth test.is/mail

There are two subdirectories, auth for authentication and template user (i'll come
in a moment), and mail for the actual mailboxes/maildirs.

A template user the actual system user that popa3d drops to after authentication.
The mailbox/maildir will have to be owned by this user, but the auth file should
not be owned by it, since that'd create a security hazard.

I usually allocate one user per domain, and I'll assume you do the same. Create a
user on the system with useradd, and then use that username as a templateuser
for all virtual users at test.is.

Now, for each virtual user you'd like to create:

$ echo 'templateuser:cryptedpass:' > test.is/auth/username

(for mailbox)
$ touch test.is/mail/username
$ chown templateuser:users test.is/mail/username

(for maildir)
$ maildirmake test.is/mail/username
$ chown -R templateuser:users test.is/mail/username

Now once you've got a hang of the virtual configuration, emerge popa3d using:

(replace /vhome with your virtual home path)
POPA3D_VIRTUAL_HOME_PATH="/vhome" emerge popa3d

Alternatively, you can also add POPA3D_VIRTUAL_ONLY="YES" if you dont
want popa3d to fall back on serving system users if the username is not @domain.

POPA3D_VIRTUAL_ONLY="YES" POPA3D_VIRTUAL_HOME_PATH="/vhome" emerge popa3d


Okay, that's all !! This is the setup I use for virtual mail hosting. Usually in combination
with qmail, you can create a .qmail file with:

for mailbox:
/vhome/test.is/mail/username

for maildir:
/vhome/test.is/mail/username/

Any questions/feedback are welcome. I hope this helped, and that popa3d
can be of some use to you.

[Pythonhead]

Hi,

I'm testing it out, looks good to me. A few suggestions to get it into portage quicker:

1 - Post the attachments separately as text.

2 - Put the standard 3 line header in from /usr/portage/skel.ebuild. Although they are going to start putting copyright co-ownership in headers, the developer's tools haven't been fixed to accept them yet. I was told they wouldn't put mine into portage with my name in the header until they fixed the tools, but they'd be happy to add it later.

3 - Don't hard-code the version numbers in SRC_URI, use ${P}. Same for the file in the epactch line.

[hhg]

Hi Pythonhead!

Thanks for testing. I've followed your suggestions, let's see how
it goes.