Mail::POP3Server/mpopd v2.21 README, 19 March 2001 The mpopd wrapper script and Mail::POP3Server combined provide a configurable POP3 server that runs either as a stand-alone daemon or an inetd service. I may often refer to mpopd as the server rather than Mail::POP3Server. The module version has been largely motivated by a desire to get mpopd onto CPAN so that it is widely available. There is also a mini-website dedicate to mpopd at: http://mpopd.fredo.co.uk/ mpopd is being made available in the hope that it may prove useful, mainly to people with a decent understanding of how POP3, and MDA's/LDA's (Mail Delivery Agents) work, and who like to do things in Perl. v2.21 Turned the whole thing into a module with a wrapper: Mail::POP3Server and mpopd v2.20 tightened up command reading (uses eval'ed alarm and getc()) v2.19 reduced globals to mainly config items v2.18 fixed potentially nasty command read v2.17 02/03/01 mpopd version 2.17 was the first public release. WARNING: Although mpopd, in various guises, has been used since 1998 in several production environments controlled by us (FREDO) it has not been systematically tested yet by any third party. Please make sure you set-up and test mpopd in a non-critical environment before trying it out on real mailboxes. The mpopd_test script provided is there to aid in checking your setup's ability to open, lock, parse, restore and release mailboxes at short intervals. I recommend that you run several instances of mpopd_test on the same mailbox and gadually reduce the connect-interval from 1 to 0.2 seconds. You will need to have the: Time::HiRes module installed to be able to use mpopd_test. mpopd is provided as-is with no warranty for any particular purpose whatsoever. You use it entirely at your own risk. COPYRIGHT: Copyright (c) Mark Tiramani 1998-2001 . All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. DISCLAIMER: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Artistic License for more details. PREREQUISITES: Either, a local MDA that understands .lock file locking (e.g. procmail), or a local MDA that uses the Qmail-style maildir message store. COREQUISITES: The following module may be required for some systems when using crypt-MD5-hashed passwords: Crypt::PasswdMD5 You will need the following module if you wish to use PAM authentication: Authen::PAM You will need the following module if you wish to use the mpopd_test script: Time::HiRes mpopd has been tested on Linux 2.0.35 with Perl 5.005_3 and on several later versions up to 2.2.18 / 5.6.0 The PAM authentication has only been tested on Linux 2.2.18, Perl 5.6.0, Linux-PAM-0.74 and Authen-PAM-0.11 INSTALLATION: Installation is simplist when done as the root/super user. 1) Read and edit the mpopd.conf configuration file to suite your system. mpopd.conf is read once by each child process when mpopd is run in daemon mode. Each child process is one-off and handles only one client connection before exiting. IMPORTANT: If you intend to run mpopd as a daemon you may well need to edit the two files: mpopd_trusted mpopd_allow_deny These are used to enforce host-, network-based access rules. Reverse address lookups are performed on all clients unless they match one of those listed in mpopd_trusted. Although by default mpopd expects to find the mpopd.conf file in: /usr/local/mpopd it could be placed anywhere you like. NOTE: As distributed mpopd is set up to use Berkeley mbox type mailboxes, /etc/shadow authentication and disk-based mailbox parsing (mbox parsed-out into individual temporary message files). Read the 'User authentication' section in mpopd.conf if you want to set-up hostname-based mailspool dirs and/or virtual users. To use PAM authentication you will need to uncomment the use Authen::PAM; line in the CONFIG section in mpopd itself, and you must have a current version of Authen::PAM installed of course . To use crypt-MD5 passwords you may need to uncomment use Crypt::PasswdMD5; after installing Crypt::PasswdMD5. Slackware 7.x does not require this but I don't know what system might so the functionality is built in to mpopd and mpopd.conf. 2) As root, execute: perl Makefile.PL You will then be asked for installation paths and preferred text editor, and if these are answered the Makefile will be created. The mpopd and mpopdctl scripts will have your chosen paths inserted and placed in the chosen locations. 3) Execute: make make install (There is currently no test script or 'make test') This places the main POP3Server module in perl5/Mail/ and creates the Mail::POP3Server, mpopdctl and mpopd_test manpages. If the installation is successful all files should be in place with appropriate configuration paths etc. where necessary. mpopd will try and create all other spool, log and temp directories as and when they are needed. RUNNING mpopd: To run mpopd as a daemon I recommend you use mpopdctl: mpopdctl is a utility to help start, stop, restart, refresh, tell mpopd to re-read its config file and to edit the config file. A man page will be available for mpopdctl if you followed the installation procedure described above. To run mpopd under inetd: Place a line like the following in inetd.conf: pop3 stream tcp nowait root /usr/sbin/tcpd /usr/bin/mpop The /etc/services file must have an entry similar to this: pop3 110/tcp If you want to test mpopd on some dummy mailboxes to see how it behaves use: mpopd_test The installation should create a brief manpage: man mpopd_test DOCUMENTATION: Until better documentation is ready: To learn more about mpopd and its configuration you will have to read the mpopd.conf configuration file. Also try: man mpopd or man Mail::POP3Server and: man mpopdctl to get a bit more info on how mpopd can be configured and run. KNOWN BUGS: The octet count sent does not always strictly match the actual number sent (hasn't presented a problem in any email client I know of and allows for a bit of a short-cut). TODO: Testing by someone other than myself, particularly of all aspects of mailbox integrity and security against external attacks and exploits. Per-user mailbox-type configuration (soon). Mail::POP3Server will be gradually cleaned up and made more flexible in its range of authentication, virtual-user handling and mailbox format. Suggestions for improvements, enhancements etc. are welcomed. Mark Tiramani markjt@fredo.co.uk