Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]

["Dan Diehl" <dan@xxxxxxxxxxxx>]

Thanks for the tips. I'm going to wait a little longer to see if Cobalt
posts an official package fix, but if not, I'll use your advice.

Dan Diehl

----- Original Message -----
From: zim <zim@xxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Tuesday, July 25, 2000 3:15 PM
Subject: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 -
Qpopper]


> At 12:17 25.07.00 -0500, dan@xxxxxxxxxxxx wrote:
>
> >I just installed the new Raq2 Qpopper package on my Raq 2 and rebooted. I
> >also installed the POP before SMTP package about a month ago. Before I
> >installed the Qpopper fix everything worked fine. Now I get the message
> >below from any account on the server.
>
> The format of the POP login lines in the log changed.
> Instead of "login by user" it says now "login for user"
> (or vice versa, i don't remember exactly).
>
> Assuming that the pop-per-smtp is the same on
> a RaQ2 as on a RaQ3 the following needs to be
> done:
>
> Telnet to your server, look at the log.
> Check the poprelayd script and change
> the scanaddr() subroutine to accept the
> new format. Stop and restart poprelayd.
>
> I posted the poprelayd script which I'm
> using on a RaQ3 early sunday into cobalt_users.
> Subject was:
> RaQ3: Modified poprelayd script for qpopper 3.0.2
>
> But I assume the script is identical on both
> RaQ2 and RaQ3 - it's only a perl script, hmmm?
>
> BTW. The modified script I posted accepts old and new
> qpopper format as well as IMAP-login lines.
> Perhaps Cobalt wants to include it into the
> pop-before-smtp package? If so - feel free to do it.
>
>
> Michael
>
> --
>
> Samurais help each other - victims don't.
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>