Discontinued! The courier-authlib provides a much better and more flexible interface!
qmail-chkpw is a checkpassword compliant tool to do SMTP authentication against its own password file. It can do AUTH PLAIN, AUTH LOGIN and AUTH CRAM-MD5.
qmail-chkpw will be discussed on the openqmail mailing list.
This describes how to install
qmail-chkpw  as a separate package. If you did install it together with openQmail move on to the Configuration.
Download the sources and extract it. Change into the source folder and check the files
conf-man . Then simply run:
Thats it. If eQmail or derivatives are installed in
/var/qmail  there should be now
/var/qmail/bin/qmail-chkpw  and the password file
/var/qmail/users/smtpauth . By default both files are owned by qmaild.qmail and
qmail-chkpw  is executable by this owner.
During the installation an empty password file
users/smtpauth  will be created if it doesn't exists. It looks like:
# This file is used by qmail-chkpw # # Format of this file is one user:pass per line (without empty lines) # Like so... # j0edogger:sm311yf33t # j1mdogger:$6$ZkiGKjCK$VDvQqJ04j8DwZIoK.C0lbj/QRgpjsM8En4P4x8mTPgYWfnR0CVOrCE7XOvqPeEmXe38LSk/wloZa0Y407L5Ve/
Important!   Lines beginning with
#  are comments and will be ignored. Empty lines are not allowed. A line MUST NOT start with a white space.
qmail-chkpw  as an argument to
qmail-smtpd  or use it with qmail-pwrap (recommended).
The standard behavior of
qmail-chkpw  is to check passwords. Additional it supports two options to encrypt passwords. The encrypted password will be printed to
-e        prompt for password input on the command line and encrypt it.
-r        read a password from
stdin  and encrypt it.
qmail-chkpw -e  to manual encrypt a password on the command line:
$ qmail-chkpw -e $ New password: <put "testpass" here and hit enter> $ Repeat password: <repeat "testpass" and hit enter> $ $6$QkB7Kb3G$pyYT/beGjy1u9BFGX70Py3qZnVfuGWB5zE9C4FKrus9atP.jZzj9meyA1xh1jsBJnES0P/TcapPKu/16/8CxS.
To automate the encryption of passwords there can be done something like this:
$ qmail-chkpw -e 2>tmpfile
The encrypted password will be written to
tmpfile  and can be used for further processing. Or in case the password was inserted and checked by an external tool:
$ echo -n "password" | qmail-chkpw -r 2>tmpfile
This could be an example only. There multiple ways to handle the pipe. It is the users responsibility to complete such automation.
Adding the user “foo” for AUTH LOGIN and the user “bar” for AUTH CRAM-MD5 the file
smtpauth  will have the following entries:
# This file is used by qmail-chkpw # # Format of this file is one user:pass per line (without empty lines) # foo:$6$ZkiGKjCK$VDvQqJ04j8DwZIoK.C0lbj/QRgpjsM8En4P4x8mTPgYWfnR0CVOrCE7XOvqPeEmXe38LSk/wloZa0Y407L5Ve/ bar:pass
Important!  The first matching username will be used. Thus a username can have either an encrypted password or not.