ODMR (ATRN) server for vpopmail/vchkpw + qmail
MD5 (vodmr-0.13.tar.gz) = d51b823e974c1e0be44f6015d21694af Released 30th August 2005.
What is On-Demand Mail Relay?
On-Demand Mail Relay (ODMR) / Authenticated TURN (ATRN) is defined in RFC 2645. It is a mechanism to allow SMTP mail delivery to hosts which do not have permenent network connectivity and/or a static IP address. Email can be delivered by SMTP no matter how the client connects to the internet.
The client connects to an ODMR server, authenticates itself using SMTP AUTH and requests all the email for its users. The roles of client and server then reverse and, using the existing connection, the ODMR server transmits the waiting email by regular SMTP to the client.
What is vodmr?
vodmr is an ODMR server for vpopmail/vchkpw mail servers running qmail. vpopmail is an excellent virtual mail manager and is very popular for large qmail sites. vodmr integrates neatly with your vpopmail installation. Neither vpopmail nor qmail need to be modified in any way to use vodmr. You can use qmailadmin too!
vodmr implements CRAM-MD5 for SMTP AUTH authentication, as is required by the ODMR specification. Your clients' passwords are not sent over the network. vodmr is written in perl.
It should be considered as beta software. It has been interop. tested with fetchmail 5.9.11/5.9.13/6.1.0, XATRN 1.2.2, qmail 1.03, sendmail 8.9.3/8.11.3/8.12.3 and MDaemon 5.0.7. It has been subjected to a good deal of public testing. The documentation is a (constant) work-in-progress.
The current installation instructions, FAQ and general README are listed at the top of the page, along with the source. Please download vodmr, test it, and let me know how you get along.
Who should consider using ODMR?
If you have a customer with some of the following characteristics, they may want to consider ODMR:
- On a transitory internet connection with a non-fixed IP address (which rules out ETRN)
- Have their own SMTP mail server and want to use it to receive and deliver their mail
- Are sick of mail lumped into shared POP mailboxes (a.k.a multi-drop POP) being delivered to the wrong recipient
- Don't like having their mail stolen (which rules out TURN)
- Have a firewall and/or security policy barring incoming SMTP traffic from the outside to their network (which rules out autoturn or turnmail)
Multi-drop POP may be a viable alternative to ODMR in many circumstances. I was recently asked ``What advantage is there over just retrieving it [the mail] as POP3 mail?''. I came up with these reasons.
- Vanilla POP uses clear-text authentication. The mailbox password is sent in the clear over the network. ODMR doesn't do that. (APOP is an option of course)
- Multi-drop POP clients (such as fetchmail) are big and complex, because they have to do all the processing of the mail to determine its recipients. ODMR places that burden on the ODMR server. Some service providers prefer to have the simplest possible tools at the client end of things and the complicated bits on their kit where it's easier to debug/fix. An ODMR client is very, very simple. See XATRN for Windows. It's tiny.
- Users at the far end of very thin pipes like that they don't have to have their multi-drop POP client download the message before their SMTP server gets to decide whether it'll even accept it.
- Kinda following on from that; bounces for SMTP transaction permanent failures are generated on the ODMR server side instead of the client side.
I should point out that there are many other advantages if you're using stupid MTAs that remove or rewrite message headers upon delivery. The reasons above are in addition to the advantages inherent in qmail+vpopmail.
Evaluate ODMR and multi-drop POP and pick which works best for you. Heck, look at UUCP or rsync+ssh. The messages in a Maildir are plain files -- move them around any way you like!
Service providers should install the vodmr program and enable ODMR access for their client's domain(s) using the instructions in INSTALL. FreeBSD users can use the ports collection: cd /usr/ports/mail/vodmr && make install
How do clients use ODMR?
They will need an ODMR (ATRN) client. Some that I am aware of are:
I've been told that Microsoft Exchange 2000 supports ODMR, but I have no concrete details.
These clients connect and authenticate to the ODMR server then pass the incoming SMTP traffic to the client's SMTP server. The documentation for each explains how to use it for ODMR. The vodmr FAQ includes sample usage for fetchmail.
The vodmr mailing list is email@example.com. To subscribe send a blank email to firstname.lastname@example.org and confirm the confirmation request you will be sent.
To unsubscribe from the list send a blank email to email@example.com and confirm the confirmation request you will be sent.
If you want to report a problem, submit a patch or a comment please email the vodmr mailing list -- see above -- or james .at. now .dot. ie. Please review first the FAQ, INSTALL and other documentation here for any recent updates that may be relevant to your problem.
Please include as much information about your problem as you can. Some things which are especially useful are:
- what version of vodmr and perl you are using (``perl -v'')
- name and version of your ODMR client; fetchmail, XATRN, etc
- odmrd's debugging output. Note this will include shared secrets. I'm not interested in reading your email but somebody who might intercept your message to me might be. (And let's face it, you have no reason to trust me either). You should remove or obscure secrets (and just the secrets) if this is a concern.
The TODO file in the source contains my shorthand notes on things that I want to do or am considering the merits of. Feedback on any of the items listed is very welcome.
The very latest versions of the vodmr distribution files can be viewed in the CVS repository. Beware that files in the repository are works in progress and may not be stable or fully tested. If you're somewhat familiar with CVS you can checkout files relating to a particular release instead of the (potentially unstable) development version.
Each release is tagged as RELEASE_major_minor e.g. the current release is tagged RELEASE_0_13.
I have a patch to qmailadmin and to vpopmail's vadddomain command to make them a little more useful for partnering with vodmr. The nice folks at Inter7 have been good enough to incorporate the vadddomain patch into the 5.3.20 development release of vpopmail, which will be the basis of the 5.4.0 stable release, and the qmailadmin patch has been included in qmailadmin 1.0.16.