Pegasus Mail, Samba and Qmail - mail without POP3 in LAN!

[Alexey Lobanov]

Dear friends,

I would like to announce for tests and free use a good add-on for 
Samba. It is a LAN-based interface for famous Pegasus Mail by David 
Harris, emulating his Mercury MTA.

Note that this message have passed through this system. Look in 
headers. It is working! 

http://www.cor.neva.ru/~aal/pegas/pegas+qmail-1_0.tar.gz (7k)

The file contains the patch against qmail 1.03, source of 
sendmail launcher, a piece of Samba configuration ("mailqueue 
printer"), screendumps of gateway configs.

Pegasus MAil itself and Samba are in its usual places. I believe.

Note that at the present time the rest of referred webpage is 99% 
Russian, because it is related to Pegasus maintenance in Cyrillic 
environment.

Regards,
Alexey Lobanov
al258-ripe

Start of README  ========================================

For convinient use of Pegasus Mail as an office mail client
with Samba fileserver, a full analog of well-known Mercury mail
delivery system was built.

Two components were used:
1. Qmail (http://www.qmail.org) as a basic MTA;
2. Small wrapper for sendmail;
3. Of course, The Samba.

===============
1. Objectives.

The typical modern small office computer operation assumes that:

- every person using computers havs his|her personal account on
the server (user-level security);

- while working, permanent fileservice connection with server is
established. I.e, the server knows who is who;

- persons may use different workstations, and those workstations
are based on (inherently unreliable :-) MS-Windows system. So,
all data must be on central server;

- this server is single - both for file and mail services.

In this situation any use of POP3 or IMAP for in-office mail
access seems to be an excessive entity. Or just stupid.
Additional passwords at workstations, 99% of useless garbage in
POP3 logs, et cetera, et cetera.

Pegasus+Mercury system by David Harris uses more natural way of
LAN communication with _combined_ mail+fileserver. Inbound mail
is stored by server directly into user's maildir; client scans
this directory frequently and sees new messages. Outbound mail
is placed by client to server "fake" printqueue, or to
world-writable spooldir. All this is done using existing
authorised fileservice connection.

In addition, Pegasus+Mercury offers excellent interaction
between "local" (described above) and "remote" (POP3 from home
or trip) mail clients. Mercury POP3 server just scans the same
maildir and offers only "unread" messages for retrieval. So,
being at home I have all the new-arriving mail; being in office
I can even control manually which messages I want to be copied
to home computer in evening, by "mark as unread" reader
function. Also, remote mail deletion can be optionally
prohibited; misconfigured client used in trip (or password
thief) cannot kill data in office.

David Harris wrote his Mercury MTA for Novell Netware servers
and then ported to Win32 environment. Novadays, freeware
Unix+Samba (http://samba.anu.edu.au/samba/) fileservers become
more and more popular. We migrated in May 1998 - and lost the
great features of Mercury. Now these features seems to being
restored.

2. Solution for mail receiving.

It was decided to "emulate" Mercury server using any existing
open-source MTA.  The most natural work with "maildir" was found
in Qmail (http://www.qmail.org). The required small changes in
source code (1.03) were following:

2.1. Qmail uses "very-long" names to create unique files in
Maildir. "time.pid.hostname".  Read messages assumed be moved to
another subdir.

Pegasus looks for new mail in "*.cnm" files in configurable
"new-mail" directory. "Read" new mail must have "!" as first
character of name. Tests show that DOS and Win16 versions of
Pegasus requires no "8.3" limits, being 100% satisfied by native
longname mangling in SMB. But the Win32 version does something
strange that requires Unix filenames to be strictly "8.3". Sic.
So, I decided to exclude "hostname" completely (the server is
only, no NFS) and use short 7-digit sum of time and PID when
creating new files. See qmail-local.c, qmail-pegas.diff

2.2. POP3 server of Qmail processes any regular files found in
~maildir/new/ as downloadable messages. Pegasus keeps at least
user's settings (pmail.ini) and "read" mail ("!*.cnm) in this
place. So, POP3 daemon was patched to search for filenames
containing ".cnm" and ignore ones starting from "!" while
scanning maildir. Also, mtime-check was removed. See
qmail-pop3d.c, qmail-pegas.diff

Then, upon QUIT the original POP3 daemon either moves retrieved
messages to ~Maildir/cur/, or really deletes DELE'ted ones. I
changed it: no deletion allowed, no moving done. Instead,
DELE'ted messages are renamed to "!*.cnm" - and nothing more.
Seems, it gives more flexible and safe control over office mail
from travel. I can retrieve a message again from another
computer, or make it completely invisible for POP3 by
"deleting". But the final deletion allowed in office only!

Mercury allows to control same behavior upon "per-user"
settings. Hope, I will reproduce it too - but just now I feel no
need in this flexible control.

It is recommended that user's maildir should be named just
"maildir", not "Maildir" in Samba environment. Guess why. Thus,
it works anyway - until an user tries to make something with his
maildir.

3. Sending.

The most native (and adviced by David Harris) way for Netware
sending is "printer queue". It was found very easy to reproduce
just this technique in Samba. See pmgate.sys screendump and
smb.conf piece. Note that sendmail (qmail) is invoked with
proper UID (writing it in message header), so mail forge is
blocked effectively. Just as in Netware environment.

Simple wrapper for /usr/lib/sendmail or qmail-inject is written
(see glue.c). It processes "glue" pre-header created by Pegasus,
defines destination addresses and gives the rest of message
(including standard header) to sendmail stdin. The whole idea
with fork() is got from SMAPD wrapper in TIS FWTK. I am beginner
in safe Unix programming, but some necessary checks seems to be
done. Note that this wrapper always runs with sender's rights.

4. Known problems.

4.1. Pop3 daemon improprerly does TOP on messages touched by
Pegasus (read, then marked as unread). Whole message is
downloaded. Seems, the reason is DOS line delimiters; hope, I'll
be able to patch blast() in qmail-pop3d.c soon.

4.2. Windows NT works with network printers in different way
from Win3.11, DOS LanMan and Win95. Win95 et al allows to write
to "\\server\printer\anyfilename" just as into normal file.
WinNT (4.0 WS) disallows it. To work properly with my gateway,
the Samba "printer" must be mapped to local printer port, and
this port name must be given as filename in gateway description.
It works. I have no documents explaining this difference now.
Maybe, the most proper solution for this problem is Pegasus
"user-defined gateway" interface modification. It should allow
to define directly a "printer" instead of spooldir for mail
sending, just as native Netware configuration. I believe, it
will be good for other possible gateways too.

5. Proposals.

I believe, the "Pegasus-compatible maildir" mode can be included
into Qmail mainstream. It is a quite natural way of Qmail use.
It can be either control switch to POP3 daemon and local
delivery agent, or alternative agents. The "glue" wrapper also
may be (should be) included. But seems, it should be rewritten
from scratch to conform Qmail security level :-)

This mailsystem is perfect for automatic mailsending from
databases, etc. The sending routine should simply create proper
message header and place the file into proper place (or print).
Any database engine (or interface) is able to do it, even
DOS-based one.  We use this feature intensively.

6. To all the native English-speakers: Sorry, sorry, sorry. Your
language is being abused heavily by whole world now :-(.

===================================
====
Alexey Lobanov
CPR Co.