#contents
* ¤¤¤Ä¤â¤Î¥Á¥§¥Ã¥¯ [#j7b9f076]
¤¤¤Ä¤â¤Î¤è¤¦¤Ë¡¤¥·¥¹¥Æ¥à¤Ë¤Ä¤¤¤Æ¤Þ¤º¤¤ÅÀ¤¬¤Ê¤¤¤«¥Á¥§¥Ã¥¯¡¤Âбþ¤·¤è¤¦¡¥
¶ñÂÎŪ¤Ë¤Ï¡¤°ÊÁ°¤â¼¨¤·¤¿¼¡¤Î¥³¥Þ¥ó¥É¤ò»È¤¦¤³¤È¤Ë¤Ê¤ë¡¥
+ freebsd-update
+ portsnap
+ portaudit
&ref(/materials/warning.png); ¤¿¤À¤·¡¤portaudit ¤Ç½Ð¤Æ¤¯¤ë·Ù¹ð¤Ë¤¹¤°Âбþ¤¹¤Ù¤¤«¤É¤¦¤«¤ÏȽÃǤ¬Æñ¤·¤¤¡¥¥»¥¥å¥ê¥Æ¥£¾å¤ÎÌäÂ꤬¤É¤ì¤¯¤é¤¤¤«¡¤ports Åù¤Î¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤¬´Ö¤Ë¹ç¤Ã¤Æ¤¤¤ë¤«¡¤¥Ð¡¼¥¸¥ç¥ó¥¢¥Ã¥×¤Ëȼ¤¦ÌäÂ̵꤬¤¤¤«Åù¡¹¡¤»öÁ°¤Ë´Êñ¤Ë¤ÇÎɤ¤¤Î¤Ç¸¡Æ¤¤·¤Æ¤«¤éºî¶È¤ò¤·¤è¤¦¡¥
* (ÃÙ¤ì¤Æ¤¤¤ë¿Í¤Ï) »þ´Ö¤ò¼è¤Ã¤ÆÄɤ¤¤Ä¤¯¡¤Éü½¬¤·¤è¤¦ [#ye29f2f0]
¤½¤í¤½¤íÆâÍÆŪ¤ËÃÙ¤ì¤Æ¤¤¤ë¿Í¤¬½Ð¤Æ¤¯¤ë»þ´ü¤Ê¤Î¤Ç¡¤º£²ó¤Îºî¶ÈÆâÍƤò¾¯¤Ê¤¯¤·¤Æ¤¢¤ë¡¥
ÃÙ¤ì¤Æ¤¤¤ë¿Í¤ä¡¤ÆâÍƤ¬¥¤¥Þ¥¤¥ÁÍý²ò¤Ç¤¤Æ¤Ê¤«¤Ã¤¿¿Í¤Ï¤³¤Îµ¡²ñ¤ò³è¤«¤·¤ÆÉü½¬¡¤ºÆºî¶ÈÅù¤ò¹Ô¤ª¤¦¡¥
* IMAP/POP ¤ò»È¤Ã¤Æ¤ß¤ë [#t744fd0b]
¤µ¤Æ¡¤¥æ¡¼¥¶°¸¤ËÆϤ¤¤¿¥á¡¼¥ë¤ò MUA ¤ËÅϤ¹¤Î¤Ë¹¤¯»È¤ï¤ì¤Æ¤¤¤ë POP/IMAP ¤Î¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ¤â¿¨¤ì¤è¤¦.
¤¤¤Þ¤À¹¤¯»È¤ï¤ì¤Æ¤¤¤ë POP¡¤¥æ¡¼¥¶¤Ë¤È¤Ã¤Æ¤ÏÊØÍø¤À¤¬¥µ¡¼¥Ð¤Ø¤ÎÉéô¤¬¹â¤á¤Î¤¿¤á¤Ë¾¦¶È¥Ù¡¼¥¹¤Ç¤Ï¤Ê¤«¤Ê¤«ÍѤ¤¤é¤ì¤Ê¤¤ IMAP¡¤¤ÈÂç¤Þ¤«¤Ë¸À¤¨¤ë.
¤³¤³¤Ç¤Ï¡¤¾ÍèŪ¤Ê¤³¤È¤â¹Í¤¨¤Æ IMAP ¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ³Ø½¬¤·¤Æ¤ß¤è¤¦. ¤Á¤Ê¤ß¤Ë¡¤POP ¥µ¡¼¥Ð¤Ï IMAP ¥µ¡¼¥Ð¤ËÈæ¤Ù¤ì¤Ðñ½ã¤Ê¤Î¤Ç¡¤IMAP ¥µ¡¼¥Ð¤¬°·¤¨¤ì¤ÐPOP ¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ¤Ïº¤¤é¤Ê¤¤¤À¤í¤¦.
¤µ¤Æ¡¤IMAP ¥µ¡¼¥Ð¤È¤·¤Æ¤Ï courier-imap ¤¬¹¤¯»È¤ï¤ì¤Æ¤¤¤ë¤Î¤Ç¼ø¶È¤Ç¤â¤³¤ì¤òÍѤ¤¤è¤¦.
¤Ê¤ª¡¤courier-imap ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È°ì½ï¤Ë courier-pop ¤â¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë¤Î¤Ç¡¤POP ¥µ¡¼¥Ð¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¤¤¡¤¤È¤¤¤¦¤È¤¤Ë courier-imap ¤òÁªÂò¤·¤Æ¤â¤è¤¤.
** courier-imap ¤Î¥¤¥ó¥¹¥È¡¼¥ë(¤³¤ì¤ÏÁ°²ó´û¤Ë¤ä¤Ã¤Æ¤¢¤ë) [#x4f701f6]
** courier-imap ¤ÎÀßÄê [#mcfc6e1d]
¤µ¤Æ¡¤¥¤¥ó¥¹¥È¡¼¥ë¤¬ºÑ¤à¤È /usr/local/etc/authlib ¤Ëǧ¾Ú´Ø·¸¤ÎÀßÄ꤬¡¤/usr/local/etc/courier-imap ¤Ë imap/pop ´Ø·¸¤ÎÀßÄê¥Õ¥¡¥¤¥ëÅù¤¬ÃÖ¤«¤ì¤ë.
¤Þ¤ºÇ§¾Ú´Ø·¸¤òÀ°Íý¤·¤è¤¦.
ǧ¾Úµ¡¹½¤½¤Î¤â¤Î¤ÎÀßÄê¤Ë¤Ä¤¤¤Æ¤Ï /usr/local/etc/authlib ¤ËÀßÄê¥Õ¥¡¥¤¥ë¤òÍÑ°Õ¤·¤Æ±¾¡¹¡Ä¤È¤Ê¤ë¤Î¤À¤¬¡¤º£²ó¤Ï userdb ¤·¤«Áª¤ó¤Ç¤¤¤Ê¤¤¤³¤È¤â¤¢¤Ã¤ÆÆäËÀßÄê¤ÏÉÔÍפʾõÂ֤Ǥ¢¤ë.
&ref(/materials/notes.png); ¼¡¤Ë¡¤over TLS/SSL ¤Ç»È¤¦¼«¸Êǧ¾Ú¾ÚÌÀ½ñ(courier-imap ¤Ï¤³¤ì¤òÍפ¹¤ë)¤òºî¤ë.
Àè¤Ëºî¤Ã¤¿¸°¤È¾ÚÌÀ½ñ¤È¤Ï°ã¤¦µ¡Ç½¤Î¤â¤Î¤Ê¤Î¤Ç¡¤¿·¤¿¤Ëºî¤í¤¦(ÊÑ´¹¤â²Äǽ¤È¤Ï»×¤¦¤¬).
ÊýË¡¤Ï´Êñ¤Ç¡¤¤Þ¤º /usr/local/etc/courier-imap ¤Ë¥µ¥ó¥×¥ë¤È¤·¤Æ¤ª¤¤¤Æ¤¢¤ëimapd.cnf.dist ¤È pop3d.cnf.dist ¤ò¥³¥Ô¡¼¤·¤Æ imapd.cnf ¤È pop3d.cnf ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî¤ê¡¤Ãæ¤ò¤ß¤Æ [ req_dn ] °Ê²¼¤ÎÉôʬ¤ò¼«Ê¬¤Î¥µ¡¼¥Ð¤Ë¤¢¤ï¤»¤ÆŬÀÚ¤ËÊÔ½¸¤¹¤ë.
¶ñÂÎŪ¤Ë¤Ï
cd /usr/local/etc/courier-imap
cp imapd.cnf.dist imapd.cnf
cp pop3d.cnf.dist pop3d.cnf
chmod u+w *.cnf
emacs imapd.cnf
emacs pop3d.cnf
¤È¤¤¤¦´¶¤¸¤À. [ req_dn ] ¤Ë¤Ä¤¤¤Æ¤Ï°ÊÁ°¤Ë SSL ¾ÚÌÀ½ñ¤òºî¤Ã¤¿¤È¤¤ÎÀâÌÀ¤òÆɤ⤦¡¥
¤½¤ì¤«¤é¡¤
cd /usr/local/share/courier-imap/
./mkimapdcert
./mkpop3dcert
¤È¤¹¤ë¤È¡¤/usr/local/share/courier-imap/ ¤Ë imapd.pem, pop3d.pem ¤È¤¤¤¦¼«¸Êǧ¾Ú¾ÚÌÀ½ñ¤¬¤Ç¤¤ë.
¥Õ¥¡¥¤¥ë̾¤â¾ì½ê¤âÆäËÊѹ¹¤òÍפ·¤Ê¤¤¤Î¤Ç¡¤¤³¤ì¤Ç¾ÚÌÀ½ñ¤ÎºîÀ®¤Ï¤ª¤ï¤ê.
¼¡¤Ë¡¤IMAP ËÜÂΤÎÀßÄê¤ò¹Ô¤ª¤¦.
&ref(/materials/warning.png);¤¤¤Ä¤â¤Î¤è¤¦¤ËÇ°¤Î°Ù¥Ð¥Ã¥¯¥¢¥Ã¥×¤ò¤È¤Ã¤Æ¤«¤é.
/usr/local/etc/courier-imap ¤Î imapd ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òÊÔ½¸¤·¤Æ¡¤¹àÌܤΠ"IMAP_CAPABILITY" ¤È "IMAP_CAPABILITY_TLS" ¤òǧ¾Ú¤¢¤ê¤Ë½¤Àµ¤¹¤ë.
¶ñÂÎŪ¤Ë¤Ï¡¤
> IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
> IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN AUTH=LOGIN"
¤ÎÆ󥫽ê¤ò½¤Àµ(²èÌ̤ÎÅÔ¹ç¤ÇÀÞ¤êÊÖ¤·¤Æ¤¤¤ë¤¬¡¤³Æ¡¹ 1¹Ô¤º¤Ä¤Ê¤Î¤ÇÃí°Õ)¤¹¤ì¤Ð¤è¤¤.
³Æ¡¹¡¤¥Ç¥Õ¥©¥ë¥ÈÃͤ«¤éÊѤï¤Ã¤¿Éôʬ¤ò¸«¤ì¤Ð²¿¤ò¤·¤¿¤«¤Ï¤ï¤«¤ë¤À¤í¤¦. ¤Á¤Ê¤ß¤ËÆó¤ÄÌܤκǸå¤Î AUTH=LOGIN ¤Ï(ŬÅö¤À¤¬) MS Âкö¤Ç¤¢¤ë.
¤¢¤È¡¤POP ¥µ¡¼¥Ð¤â»È¤¤¤¿¤¤¤Ê¤é¤Ð¡¤¤È¤ê¤¢¤¨¤ºÆ±ÍÍ¤Ë pop3d ¤È¤¤¤¦¥Õ¥¡¥¤¥ë(ÊÔ½¸¤¹¤ë¤Ê¤é¥Ð¥Ã¥¯¥¢¥Ã¥×¤·¤Æ¤«¤é)¤ÎÃæ¤Î2²Õ½ê¤ò
> POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
> POP3AUTH_TLS="LOGIN PLAIN"
¤È½¤Àµ¤·¤Æ¤ª¤±¤Ð¤è¤¤.
¤µ¤Æ¡¤¤¢¤È¤Ï IMAP ¥µ¡¼¥Ð¤Îµ¯Æ°½àÈ÷¤Ç¤¢¤ë¤¬¡¤¤³¤ì¤Ï¾ðÊ󤬤ɤ¦¤Ë¤â¾¯¤Ê¤¤.
¤·¤«¤¿¤Ê¤¤¤Î¤Ç¡¤courier-imap ¥¤¥ó¥¹¥È¡¼¥ë»þ¤Î¥á¥Ã¥»¡¼¥¸¤òÆɤà¤È¡¤ºÇ¸å¤ÎÊý¤Ë
> This port has installed the following startup scripts which may cause
> ¡Äά¡Ä
¤È¤¢¤ë¤Î¤Ç¡¤¼ÂºÝ¤Ï¤³¤ì¤é¤Î¥¹¥¯¥ê¥×¥È¤¬µ¯Æ°Áàºî¤ò¹Ô¤¦¤Î¤À¤È¤¤¤¦¤³¤È¤Ï¤ï¤«¤ë.
¤½¤·¤ÆÇ°¤Î°Ù¤Ë /usr/local/etc/rc.d ¥Ç¥£¥ì¥¯¥È¥ê¤òÇÁ¤¤¤Æ¤ß¤ë¤È¡¤¤³¤ì¤é¤Ï³Î¤«¤Ë¤¢¤ê¡¤¤«¤Ä¡¤Â¾¤Ë courier-authdaemond ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤â¤¢¤ê, ¤³¤ì¤âƱÍͤÎÌò³ä¤òô¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
¤½¤³¤Ç¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤Î¤¦¤Á¡¤IMAP/POP ¥µ¡¼¥Ð¤Îµ¯Æ°¤Ë´ØÏ¢¤·¤½¤¦¤Ê¥¹¥¯¥ê¥×¥È "courier-authdaemond", "courier-imap-imapd", "courier-imap-imapd-ssl", "courier-imap-pop3d", "courier-imap-pop3d-ssl" ¤Î5¤Ä¤òľ¤ËÆɤó¤Ç¤ß¤è¤¦.
¤¹¤ë¤È¡¤Î㤨¤Ð courier-authdaemond ¤Ë¤Ï
> # Define these courier_authdaemond_* variables in one of these files:
> # /etc/rc.conf
> # /etc/rc.conf.local
> # /etc/rc.conf.d/courier_authdaemond
> #
> # DO NOT CHANGE THESE DEFAULT VALUES HERE
> &br;
> courier_authdaemond_enable=${courier_authdaemond_enable-"NO"} # Run courier-authdaemond
> (YES/NO).
¤È½ñ¤¤¤Æ¤¢¤ê¡¤¤É¤¦¤ä¤é /etc/rc.conf ¤Ë courier_authdaemond_enable="YES" ¤Èµ½Ò¤¹¤ì¤ÐÎɤµ¤½¤¦¤À¤È¤¤¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
ƱÍͤ˾¤Î¥¹¥¯¥ê¥×¥È¥Õ¥¡¥¤¥ë¤Ë¤âµ½Ò¤¬¤¢¤ê¡¤¤³¤ì¤é¤òÁí¹ç¤¹¤ë¤È /etc/rc.conf ¤Ë
> # for IMAP
> courier_authdaemond_enable="YES"
> courier_imap_imapd_enable="YES"
> courier_imap_imapd_ssl_enable="YES"
> courier_imap_pop3d_enable="YES"
> courier_imap_pop3d_ssl_enable="YES"
¤Ê¤É¤È½ñ¤¹þ¤à¤Î¤¬Îɤµ¤½¤¦¤À¤È¤¤¤¦¤³¤È¤¬¿ä¬¤Ç¤¤ë.
&ref(/materials/notes.png); ¾å¤Î¤è¤¦¤Ë½ñ¤¹þ¤ß¡¤Ç°¤Î°Ù¤Ë¥ê¥Ö¡¼¥È¤·¤Æ¤ª¤³¤¦.
¤½¤Î¸å¡¤lsof ¤Ê¤É¤òÍѤ¤¤Æ imapd ¤¬Æ°¤¤¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤è¤¦. ¶ñÂÎŪ¤Ë¤Ï¡¤
lsof -i4 | grep -i courier
¤È¤·¤Æ½ÐÎϤò¤ß¤¿¤È¤¤Ë¡¤
> couriertc 1103 root 3u IPv4 0xc3ee59e0 0t0 TCP *:pop3s (LISTEN)
> couriertc 1112 root 3u IPv4 0xc3ee5768 0t0 TCP *:pop3 (LISTEN)
> couriertc 1122 root 3u IPv4 0xc3ee54f0 0t0 TCP *:imaps (LISTEN)
> couriertc 1132 root 3u IPv4 0xc3ee5278 0t0 TCP *:imap (LISTEN)
¤È¤¤¤¦¤è¤¦¤Ë¡¤imap, imaps, pop3, pop3s ¤Î4¤Ä¤¬½Ð¤Æ¤¯¤ì¤Ð¤è¤¤¡¥
imapd ¤ä pop3d ¤¬Æ°¤¤¤Æ¤¤¤Ê¤¤¤è¤¦¤Ê¤é¤Ð¤â¤¦°ìÅÙÀßÄê¤ò¸«Ä¾¤½¤¦.
** IMAP ÍѤΥ桼¥¶¾ðÊó¤ÎÅÐÏ¿ [#jb182cbb]
º£²ó¤Ï userdb ¤Ç¥Ñ¥¹¥ï¡¼¥É¾È¹ç¤ò¹Ô¤¦¤è¤¦¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¤Î¤Ç, IMAP ÍѤ˥桼¥¶¾ðÊó¤òÅÐÏ¿¤·¤Æ¤ª¤«¤Ê¤¤¤È¤¤¤±¤Ê¤¤.
&ref(/materials/notes.png); °Ê²¼¤Î¼ê½ç¤Ç¥æ¡¼¥¶¾ðÊó¤ÎÅÐÏ¿ºî¶È¤ò¹Ô¤ª¤¦¡¥
¤è¤ê¾Ü¤·¤¯ÃΤꤿ¤¤¼Ô¤Ï¡¤http://www.courier-mta.org/FAQ.html ¤Ê¤É¤ò»²¾È¤Î¤³¤È.
+ ¤Þ¤º¶õ¤Î¥Ç¥£¥ì¥¯¥È¥ê /usr/local/etc/userdb ¤òºîÀ®¤¹¤ë.
cd /usr/local/etc
mkdir userdb
chmod 700 ./userdb
¤Ê¤É¤È¤¹¤ì¤Ð¤è¤¤.
+ (¥Ñ¥¹¥ï¡¼¥É°Ê³°¤Î)¥æ¡¼¥¶¾ðÊó¤òÅÐÏ¿¤¹¤ë
-- /etc/passwd ¤«¤éºî¤ëÊýË¡
´û¤Ë¥·¥¹¥Æ¥à¤Î¥æ¡¼¥¶¤Ç¤â¤¢¤ë¤Ê¤é¤Ð´Êñ¤Ç¤ª¤¹¤¹¤á. ¤³¤Á¤é¤Ç¤ä¤í¤¦.
pw2userdb ¥³¥Þ¥ó¥É¤òÍѤ¤¤Æ
cd /usr/local/etc/userdb/
pw2userdb | grep ¥æ¡¼¥¶Ì¾ >> ./users
¤È¤¹¤ì¤Ð¤è¤¤.
-- Îí¤«¤éºî¤ëÊýË¡.
userdb ¥³¥Þ¥ó¥É¤ÇľÀܤ¤¤í¤¤¤í»ØÄꤹ¤ëÊýË¡. ¤Á¤ç¤¤ÌÌÅÝ.
userdb "john@example.com" set home=/home/vmail \
mail=/home/vmail/Maildir-john-example uid=UUU gid=GGG"
¤Ê¤É¤È¤¹¤ëÊýË¡.
+ ¥Ñ¥¹¥ï¡¼¥É¤òÀßÄꤹ¤ë.
cd /usr/local/etc/userdb
userdbpw -hmac-md5 | userdb users/¥æ¡¼¥¶Ì¾ set hmac-md5pw
¤È¤¹¤ì¤Ð¤è¤¤. ¤³¤Î hmac-md5 ¤È¤¤¤¦¤Î¤¬ CRAM-MD5 ¤ÇÍøÍѤµ¤ì¤ë.
¤¦¤Þ¤¯¤¤¤Ã¤Æ¤¤¤ë¤«¤É¤¦¤«¡¤users ¥Õ¥¡¥¤¥ë¤ò¤Ñ¤Ã¤ÈÆɤó¤Ç³Îǧ¤·¤Æ¤ª¤³¤¦.
+ Äɲá¤Êѹ¹²Õ½ê¤ò͸ú¤Ë¤¹¤ë.
makeuserdb
¤È¤¹¤ì¤Ð¤è¤¤.
¤³¤Î¼ê½ç¤Ï¤¤¤«¤Ë¤âÌÌÅݤÀ¤·¡¤´Ö°ã¤¨¤ä¤¹¤½¤¦¤Ç¿´ÇÛ¤À.
¤½¤³¤Ç¡¤¤¤Á¤ó¤ÈÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤«³Îǧ¤·¤Æ¤ª¤³¤¦¡¥
&ref(/materials/warning.png); courierÍѥѥ¹¥ï¡¼¥É¤¬¤¤Á¤ó¤ÈÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤«¥Á¥§¥Ã¥¯¤¹¤ë¥Ä¡¼¥ë( courierpasswd )¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤è¤¦¡¥
(¤¤¤Ä¤â¤Î¤è¤¦¤Ë psearch ¤Çõ¤·¤¿¤È¤·¤Æ)¶ñÂÎŪ¤Ë¤Ï
portinstall security/courierpasswd
¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤ë¡¥
¤³¤Î»þ¤Î¥¤¥ó¥¹¥È¡¼¥ë¥í¥°¤ò¤ß¤ë¤È¡¤
> #############################################################
> &br;
> You should set the following build option.
> &br;
> MINUID=uid
> Accounts with uids below this value cannot have
> their passwords changed. Default value is 100.
> &br;
> #############################################################
> #############################################################
> NOTES FOR RUNNING COURIERPASSWD
> &br;
> In order to use courierpasswd, it must be able to access the
> authdaemon domain socket, named 'socket'. When courierpasswd runs as
> root, this presents no problem. However, if you need to run courierpasswd
> as a non-root user, you have three options, all of which require some
> manual work.
> &br;
> Option 1: Add the user courierpasswd will run as to the group that
> owns the authdaemon socket directory in /etc/group. More than one user
> can be added to the group vector in this way. This arrangement works
> well if courierpasswd will be run by only a small number of users.
> If the authdaemon socket directory is owned by courier:courier and you
> run courierpasswd as user vmail, your /etc/group file will have a line
> something like this:
> &br;
> courier:x:465:vmail
> &br;
> Option 2: Some programs, such as tcpserver, allow you to separately set
> the uid and gid of programs they call but don't honour the group vector
> found in /etc/group. If you invoke courierpasswd from such a program,
> set the gid to the group ownership of the authdaemon socket directory.
> For tcpserver, you could do something like this:
> &br;
> #!/bin/sh
> &br;
> QMAILUID=`/usr/bin/id -u qmaild`
> COURIERGID=`/usr/bin/id -g courier`
> &br;
> exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \
> 0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \
> /usr/bin/true 2>&1
> &br;
> Option 3: Change the permissions on courierpasswd to set gid to the
> group ownership of the socket directory. Again, if the socket directory
> is owned by courier:courier, change the ownership and permissions
> of courierpasswd like so:
> &br;
> chgrp courier courierpasswd
> chmod g+s courierpasswd
> &br;
> Be aware that courierpasswd does not provide any max-failed-retry
> functionality so it is possible for local users to perform dictionary
> attacks against account passwords if courierpasswd is set up this way.
> &br;
> The location of the authdaemon domain socket is listed in the
> authdaemonrc configuration file as the parameter authdaemonvar.
> &br;
> ##############################################################
¤È½ñ¤¤¤Æ¤¢¤ë¡¥
Á°¼Ô¤Ï¡¤¡Öuid ¤¬(¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï)100°Ê²¼¤Î¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤Ï½ñ¤´¹¤¨¤é¤ì¤Ê¤¤¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤è¡×¤È¤¤¤¦¤â¤Î¤Ç¤¢¤ê¡¤Ä̾ï¤ÏÌäÂê¤Ê¤¤¤À¤í¤¦¡¥
¸å¼Ô¤Ï¡¤courierpasswd ¤ò¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶°Ê³°¤¬»È¤¤¤¿¤¤¾ì¹ç¤Ï¤½¤Î¤Þ¤Þ¤Ç¤Ï¤Þ¤º¤¤¤Î¤Ç¡¤°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ²ò·è¤»¤è¤ÈÊýË¡¤ò3¤Ä¤Ð¤«¤ê¼¨¤·¤Æ¤¤¤ë¡¥
¤¿¤À¤·¡¤º£²ó¤Ï¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¤Ç¤·¤«ÍøÍѤ·¤Ê¤¤¤Î¤Ç¡¤ÌäÂê¤Ê¤¤¤À¤í¤¦¡¥
¤µ¤Æ¡¤¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤¿¤é¡¤
printf '¥æ¡¼¥¶Ì¾\0¥Ñ¥¹¥ï¡¼¥É\0' | courierpasswd --stderr --stdin --verbose --cramtype md5
¤È¤·¤ÆÅÐÏ¿¤ò³Î¤«¤á¤è¤¦¡¥
> Username is: &color(blue){ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾};
> Password is: &color(blue){ÆþÎϤ·¤¿¥Ñ¥¹¥ï¡¼¥É};
> Authenticated for user &color(blue){ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾};
¤È¤¤¤¦¤è¤¦¤Ë¡¤"Authenticated" ¤È½Ð¤ì¤ÐÂç¾æÉפÀ¡¥µÕ¤Ë¡¤¤Ê¤Ë¤«¼ºÇÔ¤·¤Æ¤¤¤ë¤È¤¤ÏºÇ¸å¤¬
> Authentication failuer for user &color(blue){ÆþÎϤ·¤¿¥æ¡¼¥¶Ì¾};
¤È¤Ê¤ë¤Î¤Ç¡¤¤½¤Î¾ì¹ç¤ÏºÇ½é¤ËÁ̤äƤä¤êľ¤½¤¦¡¥
¤ä¤êľ¤·¤ò¤¹¤ë¤Ê¤é¤Ð¡¤º£²ó¤ÏÂоݥ桼¥¶¤¬1¿Í¤·¤«¤¤¤Ê¤¤¤Î¤Ç¡¤ users ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤ò¾Ã¤·¤Æ¤·¤Þ¤Ã¤Æ¡¤pw2userdb ¤«¤é¤ä¤êľ¤»¤Ð¤è¤¤¤À¤í¤¦¡¥
** courier-imap ¤ÎÆ°ºî³Îǧ [#ab1b5fa2]
SMTP Auth ¤Î»þ¤ÈƱÍͤˡ¤2¤Ä¤Îʸ»úüËö¥¨¥ß¥å¥ì¡¼¥¿¤òÍÑ°Õ¤·¤ÆÆ°ºî³Îǧ¤ò¹Ô¤¦.
¤¿¤À¤·¡¤Æ°ºî³Îǧ¤Ç¤â¤¿¤Ä¤¤¤Æ¤¤¤ë¤È courier-imap ¥µ¡¼¥Ð¤¬Àܳ¤òÀڤäƤ·¤Þ¤¦¤Î¤Ç¡¤¤³¤ì¤Ë;͵¤ò»ý¤¿¤»¤Æ¤ª¤¤¿¤¤.
&ref(/materials/notes.png); ¤½¤Î¤¿¤á¤Î½àÈ÷¤òÀè¤Ë¤·¤Æ¤ª¤³¤¦. ¶ñÂÎŪ¤Ë¤Ï¡¤/usr/local/etc/courier-imap/imapd ¥Õ¥¡¥¤¥ë¤Î
> IMAP_IDLE_TIMEOUT=60
¤È¤¤¤¦Éôʬ¤¬¡Ö60ÉÃÈ¿±þ¤¬¤Ê¤±¤ì¤ÐÀÚÃǡפȤ¤¤¦°ÕÌ£¤Ê¤Î¤Ç¡¤¤³¤Î 60 ¤òŬÅö¤ËÁý¤ä¤·¤Æ¤ª¤±¤Ð¤è¤¤.
Î㤨¤Ð 180 ¤°¤é¤¤¤Ë¤¹¤ì¤ÐÌäÂê¤Ê¤¤¤À¤í¤¦.
¤Ê¤ª¡¤¤³¤Î¥Õ¥¡¥¤¥ë¤òÊÔ½¸¤·¤¿¤é courier-imap ¥µ¡¼¥Ð¤ò°ìöÄä¤á¤ÆºÆÅÙÆ°¤«¤µ¤Ê¤¤¤È¤¤¤±¤Ê¤¤¤Î¤Ç¤½¤¦¤·¤Æ¤ª¤³¤¦.
¶ñÂÎŪ¤Ë¤Ï
/usr/local/etc/rc.d/courier-imap-imapd stop
/usr/local/etc/rc.d/courier-imap-imapd start
¤È¤·¤Æ¤ª¤±¤Ð¤è¤¤.
&ref(/materials/notes.png); ¤µ¤Æ¡¤¤Ç¤Ï SMTP Auth ¤Î»þ¤ÈƱ¤¸¤è¤¦¤Ë¥Æ¥¹¥È¤·¤Æ¤ß¤è¤¦.
''Shell-A'' ¤Ç¡¤telnet localhost 143 ¤È¤¹¤ë¤È
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
¤Ê¤É¤È¸À¤Ã¤Æ¤¯¤ë. ¤³¤³¤Ç¡¤
> a authenticate cram-md5
¤ÈÆþÎϤ¹¤ë¤È
> + PG5hbmlrYS1pbWFwQHNlcnZlcj4=
¤Ê¤É¤È¥µ¡¼¥Ð¤«¤éʸ»úÎó¤¬Á÷¤é¤ì¤Æ¤¯¤ë.
¤³¤Îʸ»úÎó ''PG5hbmlrYS1pbWFwQHNlcnZlcj4='' ¤ËÂФ·¤Æ¡¤Á°²ó¤ÈƱÍÍ¤Ë ''Shell-B''¤Ç userdb-test-cram-md5 ¥³¥Þ¥ó¥É¤ò»È¤Ã¤ÆÊÖÅúÍÑʸ»úÎó¤òºî¤ë.
Î㤨¤Ð¼¡¤Î¤è¤¦¤Ë¤Ê¤ë¤À¤í¤¦.
> Username? testuser &color(blue){¢« IMAP ÍѤËÅÐÏ¿¤·¤¿¥æ¡¼¥¶Ì¾};
> Password? password &color(blue){¢« IMAP ÍѤËÅÐÏ¿¤·¤¿¥Ñ¥¹¥ï¡¼¥É};
> Send: AUTH CRAM-MD5 (or for imap, A AUTHENTICATE CRAM-MD5)
> Paste the challenge here:
> + PG5hbmlrYS1pbWFwQHNlcnZlcj4= &color(blue){¢« º£¤Îʸ»úÎó¤òÄ¥¤êÉÕ¤±¤ë};
> Send this response:
> dGVzdHVzZXIgYjlkMDA5MzQ4YmVjMzlkNzcwMWU4MWRiZWE3NmZhN2M= &color(blue){¢« ·ë²Ì¤¬Ê֤äƤ¯¤ë};
¤³¤ÎºÇ¸å¤Îʸ»úÎó ''dGVzdHVzZXIgYjlkMDA5MzQ4YmVjMzlkNzcwMWU4MWRiZWE3NmZhN2M='' ¤¬ IMAP ¥µ¡¼¥Ð¤Ë½Ð¤¹¤Ù¤ÊÖ»ö¤Ë¤Ê¤ë¤Î¤Ç¡¤¤³¤ì¤ò ''Shell-A'' ¤Ç¤Îºî¶È¤Î³¤¤ËÄ¥¤êÉÕ¤±¤ÆÊÖÅú¤È¤¹¤ë.
¤½¤·¤Æ
> a OK LOGIN Ok.
¤È¤Ê¤ì¤Ð¡¤IMAP ¥µ¡¼¥Ð¤Îǧ¾Ú¤¬Ä̤俤Ȥ¤¤¦¤³¤È¤Ë¤Ê¤ê¡¤Æ°ºî¤¬³Îǧ¤Ç¤¤¿¤³¤È¤Ë¤Ê¤ë.
¤¢¤È¤Ï¤¤¤Ä¤â¤Î¤è¤¦¤Ë ^] ¤È¤·¤Æ¤«¤é quit ¤È¤¹¤ì¤ÐÈ´¤±¤é¤ì¤ë.
¤Ê¤ª¡¤POP ¥µ¡¼¥Ð¤òΩ¤Á¾å¤²¤¿¤Ê¤é¤ÐƱÍͤ˥ƥ¹¥È¤¬²Äǽ¤Ç¤¢¤ë.
¤½¤ÎºÝ¤Ï
telnet localhost 110
¤È¤¹¤ë¤È¡¤
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> +OK Hello there.
¤È¤Ê¤ë¤Î¤Ç¡¤¤³¤³¤Ç
> capa
¤ÈÆþÎϤ¹¤ë¤È
> SASL CRAM-MD5 CRAM-SHA
> STLS
> TOP
> USER
> LOGIN-DELAY 10
> PIPELINING
> UIDL
> IMPLEMENTATION Courier Mail Server
> .
¤È±þÅú¤¬Ê֤äƤ¯¤ë.
¤³¤³¤Ç
> auth cram-md5
¤ÈÆþÎϤ¹¤ë¤È
> + PG5hbmlrYS1pbWFwQHNlcnZlcj4=
¤Ê¤É¤È¥µ¡¼¥Ð¤«¤éʸ»úÎó¤¬Á÷¤é¤ì¤Æ¤¯¤ë¤Î¤Ç¡¤
¤³¤ì¤Ë userdb-test-cram-md5 ¥³¥Þ¥ó¥É¤ÇÊÖÅúÍÑʸ»úÎó¤òºîÀ®¤·¤ÆÄ¥¤êÉÕ¤±¤ë¤È
> +OK logged in.
¤Èǧ¾Ú¤µ¤ì¤ë¤È¤¤¤¦Î®¤ì¤Ë¤Ê¤ë.
&ref(/materials/notes.png); ;͵¤¬¤¢¤ì¤ÐŬÅö¤Ê MUA ¤Ç IMAP ¥µ¡¼¥Ð¤ËÀܳ¤·¤Æ¤ß¤è¤¦.
¤µ¤é¤Ë;͵¤¬¤¢¤ì¤Ð¡¤IMAP over TLS/SSL ÀßÄê¤Ç¥µ¡¼¥Ð¤ËÀܳ¤·¤Æ¤ß¤è¤¦.
* ¥ì¥Ý¡¼¥È [#k98f188f]
ÅÓÃæ¤Ç¡ÖÄ´¤Ù¤è¡×Åù¤È»Ø¼¨¤µ¤ì¤¿»ö¹à¤Ë¤Ä¤¤¤ÆÄ´ºº¤ò¹Ô¤¤¡¤Êó¹ð¤»¤è.
¤â¤Á¤í¤ó³Æ¼«¤Î
+ ½ê°(³ØÉô¡¤³Ø²Ê)
+ ³ØÀÒÈÖ¹æ
+ ³Øǯ
+ »á̾
+ Æü»þ
+ ´Î¿´¤Î¥ì¥Ý¡¼¥ÈÆâÍÆ(ÆÀ¤¿Ãθ«¡¤ºî¶È¤Ë¤Ä¤¤¤Æµ¤¤Å¤¤¤¿¤³¤ÈÅù)
¤ò½ñ¤¯¤Î¤ò˺¤ì¤Ê¤¤¤è¤¦¤Ë.
* about Icons, ClipArts [#iade841a]
Some icons in this page are downloadable at [[ICONFINDER:http://www.iconfinder.net/]].
The "note" icon &ref(/materials/notes.png); designed by [[Marco Martin:http://www.notmart.org/]] is distributed with the LGPL licence,
the "warning" icon &ref(/materials/warning.png); designed by [[Alexandre Moore:http://nuovext.pwsp.net/]] with the GPL licence
and the "triangle" icon &ref(/materials/JNorth_arrow-right-sm.png); designed by [[Joseph North:http://sweetie.sublink.ca/]] is distributed with the [[Creative Commons (Attribution-Noncommercial-Share Alike 3.0 Unported):http://creativecommons.org/licenses/by-nc-sa/3.0/]] licence.
Some clip arts used in this page are downloadable at [[Open Clip Art Library:http://www.openclipart.org/]].
We deeply appreciate their superb works. With licence, they describe that "the actual clipart content on open clipart library is Public domain" in the web.
// ¨¬¨¨®¨¯¨°¨±¨²¨³¨´¨µ¨¶
// ¥³¥Þ¥ó¥É¥é¥¤¥óÆþÎϤϡֹÔƬ¤ò¥Ö¥é¥ó¥¯¤Ç»Ï¤á¤ë¡×.
// ¥³¥Þ¥ó¥É¥é¥¤¥ó½ÐÎϤϡֹÔƬ¤ò > ¤Ç»Ï¤á¤ë¡×.
// ¼Â½¬¥¢¥¤¥³¥ó
// &ref(/materials/notes.png);
// Ãí°Õ¥¢¥¤¥³¥ó
// &ref(/materials/warning.png);
// Link ¥¢¥¤¥³¥ó
// &ref(/materials/JNorth_arrow-right-sm.png);
// OK ¥¢¥¤¥³¥ó
// &ref(/materials/OK.png);
// NG ¥¢¥¤¥³¥ó
// &ref(/materials/NG.png);
// Âçʸ»ú¤Ç¤Î¶¯Ä´
// CENTER:&size(24){''¤Û¤²¤Û¤²''};
// programu source ɽµ
// #highlighter(language=ruby,number=on,cache=on){{}}