February 2006

Is now available for access. I obviously am not going to give out all the necessary details here …
Documentation for openvpn is HERE

I will provide documentation for the openvpn server within the next few days.
If anyone requires access before then or would like to test, we are setting up an openCA server for cert and key management, but I can manually create on for you in the mean time.


There is a new qmail-ldap patch released today - 20060201
There are some minor bug fixes that do not really effect us and there are some feature enhancements. Below is short description from the change log:

    Rewritten forwarding code in auth_pop and auth_imap. The copyloop is now
    using stdin and stdout for communicating with the client. This should fix
    a problem with ssl encrypted sessions. Additionally write polling was
    implemented. This should give better reaction on slow links.

    ~control/goodmailaddr allows more ways to check if a address is allowed:
    foobar@qmail-ldap.org full match, user & domain
    @qmail-ldap.org match domain only (all users are allowed)
    abuse@ allow specific user for all domains
    foo-catchall@qmail-ldap.org allow addresses like foo-bar@qmail-ldap.org
    or foo-bar-baz@qmail-ldap.org
    will only work if compiled with DASH_EXT
    catchall@qmail-ldap.org same as @qmail-ldap.org

    Enhance qmail-verify to check against ~users/cdb and /etc/passwd if local-
    delivery is enabled (like qmail-lspawn does). This makes RCPTCHECK usefull
    in mixed user environments.

    Minor enhancements in qmail-verify error handling.

    Some cleanup in qmail-smtpd mostly log stuff.

    Set RELAYCLIENT everytime we allow relaying because of some reason (SMTP AUTH
    or relaymailfrom). Requested by many so that qmail-scanner can make additional
    decisions based on RELAYCLIENT.

    Just use malloc() instead of the code in alloc.c that code could be exploited
    on 64-Bit systems with a lot of RAM and no limits.

I will build and test the new patch on Ophelia so that we are in time for the change in 2 weeks.