¼ø¶È»ñÎÁ/10
¤¤¤Ä¤â¤Î¥Á¥§¥Ã¥¯ †
¤¤¤Ä¤â¤Î¤è¤¦¤Ë¡¤¥·¥¹¥Æ¥à¤Ë¤Ä¤¤¤Æ¤Þ¤º¤¤ÅÀ¤¬¤Ê¤¤¤«¥Á¥§¥Ã¥¯¡¤Âбþ¤·¤è¤¦¡¥
¶ñÂÎŪ¤Ë¤Ï¡¤°ÊÁ°¤â¼¨¤·¤¿¼¡¤Î¥³¥Þ¥ó¥É¤ò»È¤¦¤³¤È¤Ë¤Ê¤ë¡¥
- freebsd-update
- portsnap
- portaudit
¤¿¤À¤·¡¤portaudit ¤Ç½Ð¤Æ¤¯¤ë·Ù¹ð¤Ë¤¹¤°Âбþ¤¹¤Ù¤¤«¤É¤¦¤«¤ÏȽÃǤ¬Æñ¤·¤¤¡¥¥»¥¥å¥ê¥Æ¥£¾å¤ÎÌäÂ꤬¤É¤ì¤¯¤é¤¤¤«¡¤ports Åù¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤¬´Ö¤Ë¹ç¤Ã¤Æ¤¤¤ë¤«¡¤¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤Ëȼ¤¦ÌäÂ̵꤬¤¤¤«Åù¡¹¡¤»öÁ°¤Ë´Êñ¤Ë¤ÇÎɤ¤¤Î¤Ç¸¡Æ¤¤·¤Æ¤«¤éºî¶È¤ò¤·¤è¤¦¡¥
(ÃÙ¤ì¤Æ¤¤¤ë¿Í¤Ï) »þ´Ö¤ò¼è¤Ã¤ÆÄɤ¤¤Ä¤¯¡¤Éü½¬¤·¤è¤¦ †
¤½¤í¤½¤íÆâÍÆŪ¤ËÃÙ¤ì¤Æ¤¤¤ë¿Í¤¬½Ð¤Æ¤¯¤ë»þ´ü¤Ê¤Î¤Ç¡¤º£²ó¤Îºî¶ÈÆâÍƤò¾¯¤Ê¤¯¤·¤Æ¤¢¤ë¡¥
ÃÙ¤ì¤Æ¤¤¤ë¿Í¤ä¡¤ÆâÍƤ¬¥¤¥Þ¥¤¥ÁÍý²ò¤Ç¤¤Æ¤Ê¤«¤Ã¤¿¿Í¤Ï¤³¤Îµ¡²ñ¤ò³è¤«¤·¤ÆÉü½¬¡¤ºÆºî¶ÈÅù¤ò¹Ô¤ª¤¦¡¥
IMAP/POP ¤ò»È¤Ã¤Æ¤ß¤ë †
¤µ¤Æ¡¤¥æ¡¼¥¶°¸¤ËÆϤ¤¤¿¥á¡¼¥ë¤ò MUA ¤ËÅϤ¹¤Î¤Ë¹¤¯»È¤ï¤ì¤Æ¤¤¤ë POP/IMAP ¤Î¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ¤â¿¨¤ì¤è¤¦.
¤¤¤Þ¤À¹¤¯»È¤ï¤ì¤Æ¤¤¤ë POP¡¤¥æ¡¼¥¶¤Ë¤È¤Ã¤Æ¤ÏÊØÍø¤À¤¬¥µ¡¼¥Ð¤Ø¤ÎÉéô¤¬¹â¤á¤Î¤¿¤á¤Ë¾¦¶È¥Ù¡¼¥¹¤Ç¤Ï¤Ê¤«¤Ê¤«ÍѤ¤¤é¤ì¤Ê¤¤ IMAP¡¤¤ÈÂç¤Þ¤«¤Ë¸À¤¨¤ë.
¤³¤³¤Ç¤Ï¡¤¾ÍèŪ¤Ê¤³¤È¤â¹Í¤¨¤Æ IMAP ¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ³Ø½¬¤·¤Æ¤ß¤è¤¦. ¤Á¤Ê¤ß¤Ë¡¤POP ¥µ¡¼¥Ð¤Ï IMAP ¥µ¡¼¥Ð¤ËÈæ¤Ù¤ì¤Ðñ½ã¤Ê¤Î¤Ç¡¤IMAP ¥µ¡¼¥Ð¤¬°·¤¨¤ì¤ÐPOP ¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ¤Ïº¤¤é¤Ê¤¤¤À¤í¤¦.
¤µ¤Æ¡¤IMAP ¥µ¡¼¥Ð¤È¤·¤Æ¤Ï courier-imap ¤¬¹¤¯»È¤ï¤ì¤Æ¤¤¤ë¤Î¤Ç¼ø¶È¤Ç¤â¤³¤ì¤òÍѤ¤¤è¤¦.
¤Ê¤ª¡¤courier-imap ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È°ì½ï¤Ë courier-pop ¤â¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë¤Î¤Ç¡¤POP ¥µ¡¼¥Ð¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¤¤¡¤¤È¤¤¤¦¤È¤¤Ë courier-imap ¤òÁªÂò¤·¤Æ¤â¤è¤¤.
courier-imap ¤Î¥¤¥ó¥¹¥È¡¼¥ë(¤³¤ì¤ÏÁ°²ó´û¤Ë¤ä¤Ã¤Æ¤¢¤ë) †
courier-imap ¤ÎÀßÄê †
¤µ¤Æ¡¤¥¤¥ó¥¹¥È¡¼¥ë¤¬ºÑ¤à¤È /usr/local/etc/authlib ¤Ëǧ¾Ú´Ø·¸¤ÎÀßÄ꤬¡¤/usr/local/etc/courier-imap ¤Ë imap/pop ´Ø·¸¤ÎÀßÄê¥Õ¥¡¥¤¥ëÅù¤¬ÃÖ¤«¤ì¤ë.
¤Þ¤ºÇ§¾Ú´Ø·¸¤òÀ°Íý¤·¤è¤¦.
ǧ¾Úµ¡¹½¤½¤Î¤â¤Î¤ÎÀßÄê¤Ë¤Ä¤¤¤Æ¤Ï /usr/local/etc/authlib ¤ËÀßÄê¥Õ¥¡¥¤¥ë¤òÍÑ°Õ¤·¤Æ±¾¡¹¡Ä¤È¤Ê¤ë¤Î¤À¤¬¡¤º£²ó¤Ï userdb ¤·¤«Áª¤ó¤Ç¤¤¤Ê¤¤¤³¤È¤â¤¢¤Ã¤ÆÆäËÀßÄê¤ÏÉÔÍפʾõÂ֤Ǥ¢¤ë.
¼¡¤Ë¡¤over TLS/SSL ¤Ç»È¤¦¼«¸Êǧ¾Ú¾ÚÌÀ½ñ(courier-imap ¤Ï¤³¤ì¤òÍפ¹¤ë)¤òºî¤ë.
Àè¤Ëºî¤Ã¤¿¸°¤È¾ÚÌÀ½ñ¤È¤Ï°ã¤¦µ¡Ç½¤Î¤â¤Î¤Ê¤Î¤Ç¡¤¿·¤¿¤Ëºî¤í¤¦(ÊÑ´¹¤â²Äǽ¤È¤Ï»×¤¦¤¬).
ÊýË¡¤Ï´Êñ¤Ç¡¤¤Þ¤º /usr/local/etc/courier-imap ¤Ë¥µ¥ó¥×¥ë¤È¤·¤Æ¤ª¤¤¤Æ¤¢¤ëimapd.cnf.dist ¤È pop3d.cnf.dist ¤ò¥³¥Ô¡¼¤·¤Æ imapd.cnf ¤È pop3d.cnf ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî¤ê¡¤Ãæ¤ò¤ß¤Æ [ req_dn ] °Ê²¼¤ÎÉôʬ¤ò¼«Ê¬¤Î¥µ¡¼¥Ð¤Ë¤¢¤ï¤»¤ÆŬÀÚ¤ËÊÔ½¸¤¹¤ë.
¶ñÂÎŪ¤Ë¤Ï
cd /usr/local/etc/courier-imap cp imapd.cnf.dist imapd.cnf cp pop3d.cnf.dist pop3d.cnf chmod u+w *.cnf emacs imapd.cnf emacs pop3d.cnf
¤È¤¤¤¦´¶¤¸¤À. [ req_dn ] ¤Ë¤Ä¤¤¤Æ¤Ï°ÊÁ°¤Ë SSL ¾ÚÌÀ½ñ¤òºî¤Ã¤¿¤È¤¤ÎÀâÌÀ¤òÆɤ⤦¡¥
¤½¤ì¤«¤é¡¤
cd /usr/local/share/courier-imap/ ./mkimapdcert ./mkpop3dcert
¤È¤¹¤ë¤È¡¤/usr/local/share/courier-imap/ ¤Ë imapd.pem, pop3d.pem ¤È¤¤¤¦¼«¸Êǧ¾Ú¾ÚÌÀ½ñ¤¬¤Ç¤¤ë.
¥Õ¥¡¥¤¥ë̾¤â¾ì½ê¤âÆäËÊѹ¹¤òÍפ·¤Ê¤¤¤Î¤Ç¡¤¤³¤ì¤Ç¾ÚÌÀ½ñ¤ÎºîÀ®¤Ï¤ª¤ï¤ê.
¼¡¤Ë¡¤IMAP ËÜÂΤÎÀßÄê¤ò¹Ô¤ª¤¦.
¤¤¤Ä¤â¤Î¤è¤¦¤ËÇ°¤Î°Ù¥Ð¥Ã¥¯¥¢¥Ã¥×¤ò¤È¤Ã¤Æ¤«¤é.
/usr/local/etc/courier-imap ¤Î imapd ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òÊÔ½¸¤·¤Æ¡¤¹àÌܤΠ"IMAP_CAPABILITY" ¤È "IMAP_CAPABILITY_TLS" ¤òǧ¾Ú¤¢¤ê¤Ë½¤Àµ¤¹¤ë.
¶ñÂÎŪ¤Ë¤Ï¡¤
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN AUTH=LOGIN"
¤ÎÆ󥫽ê¤ò½¤Àµ(²èÌ̤ÎÅÔ¹ç¤ÇÀÞ¤êÊÖ¤·¤Æ¤¤¤ë¤¬¡¤³Æ¡¹ 1¹Ô¤º¤Ä¤Ê¤Î¤ÇÃí°Õ)¤¹¤ì¤Ð¤è¤¤.
³Æ¡¹¡¤¥Ç¥Õ¥©¥ë¥ÈÃͤ«¤éÊѤï¤Ã¤¿Éôʬ¤ò¸«¤ì¤Ð²¿¤ò¤·¤¿¤«¤Ï¤ï¤«¤ë¤À¤í¤¦. ¤Á¤Ê¤ß¤ËÆó¤ÄÌܤκǸå¤Î AUTH=LOGIN ¤Ï(ŬÅö¤À¤¬) MS Âкö¤Ç¤¢¤ë.
¤¢¤È¡¤POP ¥µ¡¼¥Ð¤â»È¤¤¤¿¤¤¤Ê¤é¤Ð¡¤¤È¤ê¤¢¤¨¤ºÆ±ÍÍ¤Ë pop3d ¤È¤¤¤¦¥Õ¥¡¥¤¥ë(ÊÔ½¸¤¹¤ë¤Ê¤é¥Ð¥Ã¥¯¥¢¥Ã¥×¤·¤Æ¤«¤é)¤ÎÃæ¤Î2²Õ½ê¤ò
POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
POP3AUTH_TLS="LOGIN PLAIN"
¤È½¤Àµ¤·¤Æ¤ª¤±¤Ð¤è¤¤.
¤µ¤Æ¡¤¤¢¤È¤Ï IMAP ¥µ¡¼¥Ð¤Îµ¯Æ°½àÈ÷¤Ç¤¢¤ë¤¬¡¤¤³¤ì¤Ï¾ðÊ󤬤ɤ¦¤Ë¤â¾¯¤Ê¤¤.
¤·¤«¤¿¤Ê¤¤¤Î¤Ç¡¤courier-imap ¥¤¥ó¥¹¥È¡¼¥ë»þ¤Î¥á¥Ã¥»¡¼¥¸¤òÆɤà¤È¡¤ºÇ¸å¤ÎÊý¤Ë
This port has installed the following startup scripts which may cause
¡Äά¡Ä
¤È¤¢¤ë¤Î¤Ç¡¤¼ÂºÝ¤Ï¤³¤ì¤é¤Î¥¹¥¯¥ê¥×¥È¤¬µ¯Æ°Áàºî¤ò¹Ô¤¦¤Î¤À¤È¤¤¤¦¤³¤È¤Ï¤ï¤«¤ë.
¤½¤·¤ÆÇ°¤Î°Ù¤Ë /usr/local/etc/rc.d ¥Ç¥£¥ì¥¯¥È¥ê¤òÇÁ¤¤¤Æ¤ß¤ë¤È¡¤¤³¤ì¤é¤Ï³Î¤«¤Ë¤¢¤ê¡¤¤«¤Ä¡¤Â¾¤Ë courier-authdaemond ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤â¤¢¤ê, ¤³¤ì¤âƱÍͤÎÌò³ä¤òô¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
¤½¤³¤Ç¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤Î¤¦¤Á¡¤IMAP/POP ¥µ¡¼¥Ð¤Îµ¯Æ°¤Ë´ØÏ¢¤·¤½¤¦¤Ê¥¹¥¯¥ê¥×¥È "courier-authdaemond", "courier-imap-imapd", "courier-imap-imapd-ssl", "courier-imap-pop3d", "courier-imap-pop3d-ssl" ¤Î5¤Ä¤òľ¤ËÆɤó¤Ç¤ß¤è¤¦.
¤¹¤ë¤È¡¤Î㤨¤Ð courier-authdaemond ¤Ë¤Ï
# Define these courier_authdaemond_* variables in one of these files:
# /etc/rc.conf
# /etc/rc.conf.local
# /etc/rc.conf.d/courier_authdaemond
#
# DO NOT CHANGE THESE DEFAULT VALUES HERE
courier_authdaemond_enable=${courier_authdaemond_enable-"NO"} # Run courier-authdaemond
(YES/NO).
¤È½ñ¤¤¤Æ¤¢¤ê¡¤¤É¤¦¤ä¤é /etc/rc.conf ¤Ë courier_authdaemond_enable="YES" ¤Èµ½Ò¤¹¤ì¤ÐÎɤµ¤½¤¦¤À¤È¤¤¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
ƱÍͤ˾¤Î¥¹¥¯¥ê¥×¥È¥Õ¥¡¥¤¥ë¤Ë¤âµ½Ò¤¬¤¢¤ê¡¤¤³¤ì¤é¤òÁí¹ç¤¹¤ë¤È /etc/rc.conf ¤Ë
# for IMAP
courier_authdaemond_enable="YES"
courier_imap_imapd_enable="YES"
courier_imap_imapd_ssl_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_pop3d_ssl_enable="YES"
¤Ê¤É¤È½ñ¤¹þ¤à¤Î¤¬Îɤµ¤½¤¦¤À¤È¤¤¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
¾å¤Î¤è¤¦¤Ë½ñ¤¹þ¤ß¡¤Ç°¤Î°Ù¤Ë¥ê¥Ö¡¼¥È¤·¤Æ¤ª¤³¤¦.
¤½¤Î¸å¡¤lsof ¤Ê¤É¤òÍѤ¤¤Æ imapd ¤¬Æ°¤¤¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤è¤¦. ¶ñÂÎŪ¤Ë¤Ï¡¤
lsof -i4 | grep -i courier
¤È¤·¤Æ½ÐÎϤò¤ß¤¿¤È¤¤Ë¡¤
couriertc 1103 root 3u IPv4 0xc3ee59e0 0t0 TCP *:pop3s (LISTEN)
couriertc 1112 root 3u IPv4 0xc3ee5768 0t0 TCP *:pop3 (LISTEN)
couriertc 1122 root 3u IPv4 0xc3ee54f0 0t0 TCP *:imaps (LISTEN)
couriertc 1132 root 3u IPv4 0xc3ee5278 0t0 TCP *:imap (LISTEN)
¤È¤¤¤¦¤è¤¦¤Ë¡¤imap, imaps, pop3, pop3s ¤Î4¤Ä¤¬½Ð¤Æ¤¯¤ì¤Ð¤è¤¤¡¥
imapd ¤ä pop3d ¤¬Æ°¤¤¤Æ¤¤¤Ê¤¤¤è¤¦¤Ê¤é¤Ð¤â¤¦°ìÅÙÀßÄê¤ò¸«Ä¾¤½¤¦.
IMAP ÍѤΥ桼¥¶¾ðÊó¤ÎÅÐÏ¿ †
º£²ó¤Ï userdb ¤Ç¥Ñ¥¹¥ï¡¼¥É¾È¹ç¤ò¹Ô¤¦¤è¤¦¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¤Î¤Ç, IMAP ÍѤ˥桼¥¶¾ðÊó¤òÅÐÏ¿¤·¤Æ¤ª¤«¤Ê¤¤¤È¤¤¤±¤Ê¤¤.
°Ê²¼¤Î¼ê½ç¤Ç¥æ¡¼¥¶¾ðÊó¤ÎÅÐÏ¿ºî¶È¤ò¹Ô¤ª¤¦¡¥
¤è¤ê¾Ü¤·¤¯ÃΤꤿ¤¤¼Ô¤Ï¡¤http://www.courier-mta.org/FAQ.html ¤Ê¤É¤ò»²¾È¤Î¤³¤È.
- ¤Þ¤º¶õ¤Î¥Ç¥£¥ì¥¯¥È¥ê /usr/local/etc/userdb ¤òºîÀ®¤¹¤ë.
cd /usr/local/etc mkdir userdb chmod 700 ./userdb
¤Ê¤É¤È¤¹¤ì¤Ð¤è¤¤. - (¥Ñ¥¹¥ï¡¼¥É°Ê³°¤Î)¥æ¡¼¥¶¾ðÊó¤òÅÐÏ¿¤¹¤ë
- /etc/passwd ¤«¤éºî¤ëÊýË¡
´û¤Ë¥·¥¹¥Æ¥à¤Î¥æ¡¼¥¶¤Ç¤â¤¢¤ë¤Ê¤é¤Ð´Êñ¤Ç¤ª¤¹¤¹¤á. ¤³¤Á¤é¤Ç¤ä¤í¤¦.
pw2userdb ¥³¥Þ¥ó¥É¤òÍѤ¤¤Æcd /usr/local/etc/userdb/ pw2userdb | grep ¥æ¡¼¥¶Ì¾ >> ./users
¤È¤¹¤ì¤Ð¤è¤¤. - Îí¤«¤éºî¤ëÊýË¡.
userdb ¥³¥Þ¥ó¥É¤ÇľÀܤ¤¤í¤¤¤í»ØÄꤹ¤ëÊýË¡. ¤Á¤ç¤¤ÌÌÅÝ.userdb "john@example.com" set home=/home/vmail \ mail=/home/vmail/Maildir-john-example uid=UUU gid=GGG"
¤Ê¤É¤È¤¹¤ëÊýË¡.
- /etc/passwd ¤«¤éºî¤ëÊýË¡
- ¥Ñ¥¹¥ï¡¼¥É¤òÀßÄꤹ¤ë.
cd /usr/local/etc/userdb userdbpw -hmac-md5 | userdb users/¥æ¡¼¥¶Ì¾ set hmac-md5pw
¤È¤¹¤ì¤Ð¤è¤¤. ¤³¤Î hmac-md5 ¤È¤¤¤¦¤Î¤¬ CRAM-MD5 ¤ÇÍøÍѤµ¤ì¤ë.
¤¦¤Þ¤¯¤¤¤Ã¤Æ¤¤¤ë¤«¤É¤¦¤«¡¤users ¥Õ¥¡¥¤¥ë¤ò¤Ñ¤Ã¤ÈÆɤó¤Ç³Îǧ¤·¤Æ¤ª¤³¤¦. - Äɲá¤Êѹ¹²Õ½ê¤ò͸ú¤Ë¤¹¤ë.
makeuserdb
¤È¤¹¤ì¤Ð¤è¤¤.
¤³¤Î¼ê½ç¤Ï¤¤¤«¤Ë¤âÌÌÅݤÀ¤·¡¤´Ö°ã¤¨¤ä¤¹¤½¤¦¤Ç¿´ÇÛ¤À.
¤½¤³¤Ç¡¤¤¤Á¤ó¤ÈÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤«³Îǧ¤·¤Æ¤ª¤³¤¦¡¥
courierÍѥѥ¹¥ï¡¼¥É¤¬¤¤Á¤ó¤ÈÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤«¥Á¥§¥Ã¥¯¤¹¤ë¥Ä¡¼¥ë( courierpasswd )¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤è¤¦¡¥
(¤¤¤Ä¤â¤Î¤è¤¦¤Ë psearch ¤Çõ¤·¤¿¤È¤·¤Æ)¶ñÂÎŪ¤Ë¤Ï
portinstall security/courierpasswd
¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤ë¡¥
¤³¤Î»þ¤Î¥¤¥ó¥¹¥È¡¼¥ë¥í¥°¤ò¤ß¤ë¤È¡¤
#############################################################
You should set the following build option.
MINUID=uid
Accounts with uids below this value cannot have
their passwords changed. Default value is 100.
#############################################################
#############################################################
NOTES FOR RUNNING COURIERPASSWD
In order to use courierpasswd, it must be able to access the
authdaemon domain socket, named 'socket'. When courierpasswd runs as
root, this presents no problem. However, if you need to run courierpasswd
as a non-root user, you have three options, all of which require some
manual work.
Option 1: Add the user courierpasswd will run as to the group that
owns the authdaemon socket directory in /etc/group. More than one user
can be added to the group vector in this way. This arrangement works
well if courierpasswd will be run by only a small number of users.
If the authdaemon socket directory is owned by courier:courier and you
run courierpasswd as user vmail, your /etc/group file will have a line
something like this:
courier:x:465:vmail
Option 2: Some programs, such as tcpserver, allow you to separately set
the uid and gid of programs they call but don't honour the group vector
found in /etc/group. If you invoke courierpasswd from such a program,
set the gid to the group ownership of the authdaemon socket directory.
For tcpserver, you could do something like this:
#!/bin/sh
QMAILUID=`/usr/bin/id -u qmaild`
COURIERGID=`/usr/bin/id -g courier`
exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \
0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \
/usr/bin/true 2>&1
Option 3: Change the permissions on courierpasswd to set gid to the
group ownership of the socket directory. Again, if the socket directory
is owned by courier:courier, change the ownership and permissions
of courierpasswd like so:
chgrp courier courierpasswd
chmod g+s courierpasswd
Be aware that courierpasswd does not provide any max-failed-retry
functionality so it is possible for local users to perform dictionary
attacks against account passwords if courierpasswd is set up this way.
The location of the authdaemon domain socket is listed in the
authdaemonrc configuration file as the parameter authdaemonvar.
##############################################################
¤È½ñ¤¤¤Æ¤¢¤ë¡¥
Á°¼Ô¤Ï¡¤¡Öuid ¤¬(¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï)100°Ê²¼¤Î¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤Ï½ñ¤´¹¤¨¤é¤ì¤Ê¤¤¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤è¡×¤È¤¤¤¦¤â¤Î¤Ç¤¢¤ê¡¤Ä̾ï¤ÏÌäÂê¤Ê¤¤¤À¤í¤¦¡¥
¸å¼Ô¤Ï¡¤courierpasswd ¤ò¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶°Ê³°¤¬»È¤¤¤¿¤¤¾ì¹ç¤Ï¤½¤Î¤Þ¤Þ¤Ç¤Ï¤Þ¤º¤¤¤Î¤Ç¡¤°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ²ò·è¤»¤è¤ÈÊýË¡¤ò3¤Ä¤Ð¤«¤ê¼¨¤·¤Æ¤¤¤ë¡¥
¤¿¤À¤·¡¤º£²ó¤Ï¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¤Ç¤·¤«ÍøÍѤ·¤Ê¤¤¤Î¤Ç¡¤ÌäÂê¤Ê¤¤¤À¤í¤¦¡¥
¤µ¤Æ¡¤¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤¿¤é¡¤
printf '¥æ¡¼¥¶Ì¾\0¥Ñ¥¹¥ï¡¼¥É\0' | courierpasswd --stderr --stdin --verbose --cramtype md5
¤È¤·¤ÆÅÐÏ¿¤ò³Î¤«¤á¤è¤¦¡¥
Username is: ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾
Password is: ÆþÎϤ·¤¿¥Ñ¥¹¥ï¡¼¥É
Authenticated for user ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾
¤È¤¤¤¦¤è¤¦¤Ë¡¤"Authenticated" ¤È½Ð¤ì¤ÐÂç¾æÉפÀ¡¥µÕ¤Ë¡¤¤Ê¤Ë¤«¼ºÇÔ¤·¤Æ¤¤¤ë¤È¤¤ÏºÇ¸å¤¬
Authentication failuer for user ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾
¤È¤Ê¤ë¤Î¤Ç¡¤¤½¤Î¾ì¹ç¤ÏºÇ½é¤ËÁ̤äƤä¤êľ¤½¤¦¡¥
¤ä¤êľ¤·¤ò¤¹¤ë¤Ê¤é¤Ð¡¤º£²ó¤ÏÂоݥ桼¥¶¤¬1¿Í¤·¤«¤¤¤Ê¤¤¤Î¤Ç¡¤ users ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤ò¾Ã¤·¤Æ¤·¤Þ¤Ã¤Æ¡¤pw2userdb ¤«¤é¤ä¤êľ¤»¤Ð¤è¤¤¤À¤í¤¦¡¥
courier-imap ¤ÎÆ°ºî³Îǧ †
SMTP Auth ¤Î»þ¤ÈƱÍͤˡ¤2¤Ä¤Îʸ»úüËö¥¨¥ß¥å¥ì¡¼¥¿¤òÍÑ°Õ¤·¤ÆÆ°ºî³Îǧ¤ò¹Ô¤¦.
¤¿¤À¤·¡¤Æ°ºî³Îǧ¤Ç¤â¤¿¤Ä¤¤¤Æ¤¤¤ë¤È courier-imap ¥µ¡¼¥Ð¤¬Àܳ¤òÀڤäƤ·¤Þ¤¦¤Î¤Ç¡¤¤³¤ì¤Ë;͵¤ò»ý¤¿¤»¤Æ¤ª¤¤¿¤¤.
¤½¤Î¤¿¤á¤Î½àÈ÷¤òÀè¤Ë¤·¤Æ¤ª¤³¤¦. ¶ñÂÎŪ¤Ë¤Ï¡¤/usr/local/etc/courier-imap/imapd ¥Õ¥¡¥¤¥ë¤Î
IMAP_IDLE_TIMEOUT=60
¤È¤¤¤¦Éôʬ¤¬¡Ö60ÉÃÈ¿±þ¤¬¤Ê¤±¤ì¤ÐÀÚÃǡפȤ¤¤¦°ÕÌ£¤Ê¤Î¤Ç¡¤¤³¤Î 60 ¤òŬÅö¤ËÁý¤ä¤·¤Æ¤ª¤±¤Ð¤è¤¤.
Î㤨¤Ð 180 ¤°¤é¤¤¤Ë¤¹¤ì¤ÐÌäÂê¤Ê¤¤¤À¤í¤¦.
¤Ê¤ª¡¤¤³¤Î¥Õ¥¡¥¤¥ë¤òÊÔ½¸¤·¤¿¤é courier-imap ¥µ¡¼¥Ð¤ò°ìöÄä¤á¤ÆºÆÅÙÆ°¤«¤µ¤Ê¤¤¤È¤¤¤±¤Ê¤¤¤Î¤Ç¤½¤¦¤·¤Æ¤ª¤³¤¦.
¶ñÂÎŪ¤Ë¤Ï
/usr/local/etc/rc.d/courier-imap-imapd stop /usr/local/etc/rc.d/courier-imap-imapd start
¤È¤·¤Æ¤ª¤±¤Ð¤è¤¤.
¤µ¤Æ¡¤¤Ç¤Ï SMTP Auth ¤Î»þ¤ÈƱ¤¸¤è¤¦¤Ë¥Æ¥¹¥È¤·¤Æ¤ß¤è¤¦.
Shell-A ¤Ç¡¤telnet localhost 143 ¤È¤¹¤ë¤È
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
¤Ê¤É¤È¸À¤Ã¤Æ¤¯¤ë. ¤³¤³¤Ç¡¤
a authenticate cram-md5
¤ÈÆþÎϤ¹¤ë¤È
+ PG5hbmlrYS1pbWFwQHNlcnZlcj4=
¤Ê¤É¤È¥µ¡¼¥Ð¤«¤éʸ»úÎó¤¬Á÷¤é¤ì¤Æ¤¯¤ë.
¤³¤Îʸ»úÎó PG5hbmlrYS1pbWFwQHNlcnZlcj4= ¤ËÂФ·¤Æ¡¤Á°²ó¤ÈƱÍÍ¤Ë Shell-B¤Ç userdb-test-cram-md5 ¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆÊÖÅúÍÑʸ»úÎó¤òºî¤ë.
Î㤨¤Ð¼¡¤Î¤è¤¦¤Ë¤Ê¤ë¤À¤í¤¦.
Username? testuser ¢« IMAP ÍѤËÅÐÏ¿¤·¤¿¥æ¡¼¥¶Ì¾
Password? password ¢« IMAP ÍѤËÅÐÏ¿¤·¤¿¥Ñ¥¹¥ï¡¼¥É
Send: AUTH CRAM-MD5 (or for imap, A AUTHENTICATE CRAM-MD5)
Paste the challenge here:
+ PG5hbmlrYS1pbWFwQHNlcnZlcj4= ¢« º£¤Îʸ»úÎó¤òÄ¥¤êÉÕ¤±¤ë
Send this response:
dGVzdHVzZXIgYjlkMDA5MzQ4YmVjMzlkNzcwMWU4MWRiZWE3NmZhN2M= ¢« ·ë²Ì¤¬Ê֤äƤ¯¤ë
¤³¤ÎºÇ¸å¤Îʸ»úÎó dGVzdHVzZXIgYjlkMDA5MzQ4YmVjMzlkNzcwMWU4MWRiZWE3NmZhN2M= ¤¬ IMAP ¥µ¡¼¥Ð¤Ë½Ð¤¹¤Ù¤ÊÖ»ö¤Ë¤Ê¤ë¤Î¤Ç¡¤¤³¤ì¤ò Shell-A ¤Ç¤Îºî¶È¤Î³¤¤ËÄ¥¤êÉÕ¤±¤ÆÊÖÅú¤È¤¹¤ë.
¤½¤·¤Æ
a OK LOGIN Ok.
¤È¤Ê¤ì¤Ð¡¤IMAP ¥µ¡¼¥Ð¤Îǧ¾Ú¤¬Ä̤俤Ȥ¤¤¦¤³¤È¤Ë¤Ê¤ê¡¤Æ°ºî¤¬³Îǧ¤Ç¤¤¿¤³¤È¤Ë¤Ê¤ë.
¤¢¤È¤Ï¤¤¤Ä¤â¤Î¤è¤¦¤Ë ^] ¤È¤·¤Æ¤«¤é quit ¤È¤¹¤ì¤ÐÈ´¤±¤é¤ì¤ë.
¤Ê¤ª¡¤POP ¥µ¡¼¥Ð¤òΩ¤Á¾å¤²¤¿¤Ê¤é¤ÐƱÍͤ˥ƥ¹¥È¤¬²Äǽ¤Ç¤¢¤ë.
¤½¤ÎºÝ¤Ï
telnet localhost 110
¤È¤¹¤ë¤È¡¤
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
¤È¤Ê¤ë¤Î¤Ç¡¤¤³¤³¤Ç
capa
¤ÈÆþÎϤ¹¤ë¤È
SASL CRAM-MD5 CRAM-SHA
STLS
TOP
USER
LOGIN-DELAY 10
PIPELINING
UIDL
IMPLEMENTATION Courier Mail Server
.
¤È±þÅú¤¬Ê֤äƤ¯¤ë.
¤³¤³¤Ç
auth cram-md5
¤ÈÆþÎϤ¹¤ë¤È
+ PG5hbmlrYS1pbWFwQHNlcnZlcj4=
¤Ê¤É¤È¥µ¡¼¥Ð¤«¤éʸ»úÎó¤¬Á÷¤é¤ì¤Æ¤¯¤ë¤Î¤Ç¡¤
¤³¤ì¤Ë userdb-test-cram-md5 ¥³¥Þ¥ó¥É¤ÇÊÖÅúÍÑʸ»úÎó¤òºîÀ®¤·¤ÆÄ¥¤êÉÕ¤±¤ë¤È
+OK logged in.
¤Èǧ¾Ú¤µ¤ì¤ë¤È¤¤¤¦Î®¤ì¤Ë¤Ê¤ë.
;͵¤¬¤¢¤ì¤ÐŬÅö¤Ê MUA ¤Ç IMAP ¥µ¡¼¥Ð¤ËÀܳ¤·¤Æ¤ß¤è¤¦.
¤µ¤é¤Ë;͵¤¬¤¢¤ì¤Ð¡¤IMAP over TLS/SSL ÀßÄê¤Ç¥µ¡¼¥Ð¤ËÀܳ¤·¤Æ¤ß¤è¤¦.
¥ì¥Ý¡¼¥È †
ÅÓÃæ¤Ç¡ÖÄ´¤Ù¤è¡×Åù¤È»Ø¼¨¤µ¤ì¤¿»ö¹à¤Ë¤Ä¤¤¤ÆÄ´ºº¤ò¹Ô¤¤¡¤Êó¹ð¤»¤è.
¤â¤Á¤í¤ó³Æ¼«¤Î
- ½ê°(³ØÉô¡¤³Ø²Ê)
- ³ØÀÒÈÖ¹æ
- ³Øǯ
- »á̾
- Æü»þ
- ´Î¿´¤Î¥ì¥Ý¡¼¥ÈÆâÍÆ(ÆÀ¤¿Ãθ«¡¤ºî¶È¤Ë¤Ä¤¤¤Æµ¤¤Å¤¤¤¿¤³¤ÈÅù)
¤ò½ñ¤¯¤Î¤ò˺¤ì¤Ê¤¤¤è¤¦¤Ë.
about Icons, ClipArts †
Some icons in this page are downloadable at ICONFINDER.
The "note" icon designed by Marco Martin is distributed with the LGPL licence,
the "warning" icon designed by Alexandre Moore with the GPL licence
and the "triangle" icon designed by Joseph North is distributed with the Creative Commons (Attribution-Noncommercial-Share Alike 3.0 Unported) licence.
Some clip arts used in this page are downloadable at Open Clip Art Library.
We deeply appreciate their superb works. With licence, they describe that "the actual clipart content on open clipart library is Public domain" in the web.