menu
me
resume
blog [rss]
bio
my company
ticket stubs
awards/articles

photography
family
events
places
things
bitleap

communicate
gpg public key
contact

articles
viewcvs php syntax highlighting
courier-imap mysql auth extensions

people
alana
andy
andy
brady
daniel
doug
guy
kevin
lindsay
mike
patrick
ryan
sam
stevie

sites
bitleap
off the hook
cacti
gizmodo
Copyright 2006 Ian Berry.

This site makes heavy use of CSS, so it probably only looks good in 5.0+ browsers.

RSS [blog, comments]

change background image

Login
articles
Courier-IMAP MySQL Authentication Hacks

Courier-IMAP is a popular IMAP server implementation that I have been playing a lot with at work lately. We make heavy use of MySQL for authentication, accounting, and lookups where possible, making Courier-IMAP's MySQL authentication module appealing to us. While basic authentication using MySQL works out of the box, there are two additional things that we try and support. One is knowing when a given user has last checked their mail, and another is supporting POP/IMAP before SMTP so roaming users can send mail through our SMTP servers.

Both of these features can be implemented by executing SQL queries after a successful login, which is not supported out of the box. Therefore I wrote a patch for Courier-IMAP that provides IMAP before SMTP and "mail last read" support by executing two SQL queries after the user logs in. Both of these SQL queries can be changed/disabled in the authmysqlrc file.

Applying the Patch

This patch was created against Courier-IMAP version 3.0.4, so I recommend that you use this version if at all possible. You will need to download it below.

courier-imap-sql-updates.patch

Untar the Courier-IMAP source and copy the patch file into the source directory. You can apply the patch to your source tree by executing the following command.

patch -p1 < courier-imap-sql-updates.patch

Now you can configure, build, and install Courier-IMAP like you normally would.

Configuring the Patch

After finished installing, you will need to edit your MySQL authentication config file which is usually located at /usr/lib/courier-imap/etc/authmysqlrc. The two new configuration options that have been added are MYSQL_QUERY_LASTREAD and MYSQL_QUERY_POPB4SMTP. You will need to define the SQL queries that should be executed after each login for both of these options. The %s variable for the MYSQL_QUERY_LASTREAD option will be substituted with the user's full login name, while the user's client IP address will be substituted with the MYSQL_QUERY_POPB4SMTP option.

Below is an example of these two configuration options in action.

MYSQL_QUERY_LASTREAD    REPLACE INTO mail_last_read (address, tstamp) VALUES ('%s', NULL) MYSQL_QUERY_POPB4SMTP   REPLACE INTO mail_pop_before_smtp (ip, expires, email_local, email_domain) VALUES (INET_ATON('%s'), NOW() + 1800, '%s', '%s')

Development Update (7/24/2005)

Someone has been kind of enough to take on the task of rewriting this patch for courier-authlib 0.56. Although this patch is untested by me, I hope someone finds it useful.

Download the updated patch

Development Update (4/23/2005)

A few people have asked me about Courier-IMAP version 4 support for this patch. Unfortunately, I no longer work for the organization that I originally wrote the patch for. I am also told that the authentication code in version 4 has been completely reworked.

Luckily, a user was nice enough to point me towards a page containing a comprehensive list of POP/IMAP before SMTP solutions for postfix. It looks like the pop-before-SMTP.pl script has a versatile log-based solution to the POP/IMAP before SMTP problem.

Changelog

11/26/2004: Update patch from 3.0.4 to 3.0.8.
09/03/2004: Update patch from 3.0.3 to 3.0.4.
05/10/2004: Update patch from 2.2.1 to 3.0.3.