A modern mail transfer agent suite around eQmail

User Tools

Site Tools



qmail-pwrap is a wrapper to use multiple checkpassword compliant tools. Thus multiple different authentication backends can be used.

Version: qmail-pwrap-0.3
Release: 25th April 2016
Download: qmail-pwrap-latest.tgz         
Checksum: sha256sum

qmail-pwrap will be discussed on the openqmail mailing list.


This describes how to install  qmail-pwrap  as a separate package. If you did install it together with openQmail move on to the Configuration.

Extract the downloaded sources. Change into the source folder and check the files  conf-qmail  and  conf-usrgrp . Then simply run:

make install

Thats it. If eQmail or derivatives are installed in  /var/qmail  there should be now  /var/qmail/bin/qmail-pwrap  and the config file  /var/qmail/control/checkpwtools 


During the installation the config file  control/checkpwtools  will be created. It looks like:

# config file for qmail-pwrap
# Add one tool  per line.  Lines beginning with a '#' and empty lines
# will be ignored. If a tool can not be `stat`'ed it will be ignored.
# Thus the absolute path have to be given.

The config file can be edited on the fly. Add the tools which are necessary. After saving it the changes are active. The empty line is just an example to show that this line will be ignored.

Beware that

  • empty lines will be ignored
  • lines starting with a  #  will be ignored
  • if a tool can not be stat'ed, the line/tool will be ignored
  • it have to be readable by the owner of qmail-pwrap (usually qmaild, access rights 0644)

Attention: If not at least one valid checkpassword entry was found, authentication will be denied.

To activate  qmail-pwrap  add it as argument to  qmail-smtpd . By using ucspi-tcp/daemontools it is similar to this:

exec /usr/bin/tcpserver -p -v -R -x /etc/tcprules.d/tcp.qmail-smtp.cdb \
    -c 40 -u 201 -g 200 0 smtp /var/qmail/bin/qmail-smtpd /var/qmail/qmail-pwrap /bin/true

By using xinetd set it in the related start file, e.g.  /var/qmail/boot/qmail-xinetd :

/var/qmail/bin/qmail-smtpd /var/qmail/bin/qmail-pwrap 2>&1 1>&3 3>&- | /var/qmail/bin/splogger xinetd-smtpd 3>&-

The AUTH environment variable

Doing authentication is controlled by an environment variable  AUTH . If it is not set,  qmail-pwrap  sets  AUTH=1 . Thus authentication is active by default. To deactivate authentication set the environment variable explicit to  AUTH=0 . After successful authentication  qmail-pwrap  changes it to  AUTH=<authenticated username> , otherwise it stays untouched. Thus can be used for further processing/filtering.

Last modified: 2018/09/20 15:11

Page Tools