.TH cmd5apoppw 8 .SH NAME cmd5apoppw \- check a cram-md5 authentication .SH SYNOPSIS .B cmd5apoppw .I subprogram [ .I args ... ] .SH DESCRIPTION .B cmd5apoppw reads descriptor 3 through end of file and then closes descriptor 3. There must be at most 512 bytes of data before end of file. The information supplied on descriptor 3 is a login name terminated by \e0, a cram-md5 challenge terminated by \e0, and a cram-md5 response terminated by \e0. .B cmd5apoppw encrypts the challenge with keyed MD5 using passwords from .BR ~/.apop . It's compared with response (3rd parameter) and if they are the same then .B cmd5apoppw uses .B execvp to run .B subprogram with the given arguments. If they differ then it returns -1. If challenge and response differ, .B cmd5apoppw exits 1. If .B cmd5apoppw is misused, it may instead exit 2. If there is a temporary problem checking the password, .B cmd5apoppw exits 111. .B cmd5apoppw does not provide PLAIN nor LOGIN authtype. .SH "CHECKPASSWORD-COMPATIBLE TOOLS" .B cmd5apoppw tries to conform to the .B checkpassword interface. There are other tools that offer the same interface as .BR checkpassword . Applications that use .B checkpassword are encouraged to take the .B checkpassword name as an argument, so that they can be used with different .BR checkpassword -compatible tools. Note that these tools do not follow the .B getopt interface. Optional features are controlled through (1) the tool name and (2) environment variables. .SH "FILES" ~/.apop - this file contains user's APOP and SMTP-AUTH password in any encoded format. The text will be extracted via .B deapop command, whose default location is /usr/local/sbin. Note that text in ~/.apop is NOT encrypted. The reason for saving in encoded format is because it won't be exposed by user's misoperation or filesystem trouble. User have to make it unreadable by others. .SH "EXTENDED MAIL ACCOUNT" We can use extra mail address by creating ~/.qmail-suffix in qmail world. Also we can create many mail accounts in virtualdomain with or without creating real user in /etc/passwd. .B cmdapoppw will take appropriate password file other than default ~/.apop when that mail account is controled by another dot-qmail file. The file name will be decided by the same manner as dot-qmail. If you are using .B foo@vdom.example.co.jp, which is controled by .B /some/dir/.qmail-foo, just put its password in .B /some/dir/.apop-foo . In this case, smtp-auth user name for mail user agent should be .B "foo@vdom.example.co.jp" . .SH "VERSION" This documentation describes .B cmd5apoppw version 1. See .B http://www.gentei.org/software/qmapop-smtp-auth/ for updates. .SH "SEE ALSO" checkpassword(8)