Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 407
  • Last Modified:

How do you view when a user last accessed their email in qmail, installed on gentoo?

How do you view when a user last accessed their email in qmail, installed on gentoo?
0
BrettAMair
Asked:
BrettAMair
  • 2
  • 2
1 Solution
 
Syngin9Commented:
VQAdmin shows the last login at least.

It may already be installed and available at http://<servername>/cgi-bin/vqadmin/vqadmin.cgi

Or you can get the program from here:

http://www.inter7.com/index.php?page=vqadmin

Unfortunately, I'm unsure where vpopmail keeps this information.

(Now that I think about it, this is assuming you use vpopmail which seems to be the most popular software for Maildir storage with Qmail.)
0
 
BrettAMairAuthor Commented:
Actually, I'm using courier-imap. VQAdmin is not installed and I'm trying to avoid installing anything new.
0
 
Syngin9Commented:
I don't think Courier-IMAP would be storing your email.  It just provides access to it via the IMAP protocol.

You might be using system accounts instead though.

Does the directory /home/vpopmail exist?
0
 
BrettAMairAuthor Commented:
I do not have that directory. I thought qmail I thought qmail was the MTA and courier-imapd was the system that allowed access via IMAP and POP3. If I do rc-status, it is the only running service that seems to make sense. However, my knowledge on this subject is very minimal.

Thanks,
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
A short-ish tutorial on the basics of Email is apparently in order here:

1) The mail server (in your case, QMail) takes messages from users & the rest of the world and delivers them based upon several configuration parameters. These programs (like sendmail, postfix, QMail, exim, and Exchange) are called MTA's [Mail Transfer Agents] -- because they generally transfer messages from one server to another, not to end users.
  a) Upon receipt of local mail, messages are delivered (usually into a Maildir for QMail) to await "pickup" by the end user(s). NOTE: Qmail CAN use the *nix traditional mbox format -- but then you've wasted one of the BEST reasons for using QMail to begin with!
 b) Upon receipt of non-local (remote) mail, messages are usually checked to make sure they are FROM a local user (or another authorized user) and then delivered via SMTP port 25 to the MX server for the domain of each recipient. The MTA us usually dependent upon the local system's DNS CLIENT (not server!) processes for this determination (see /etc/resolv.conf).
 c)Many mail programs, including QMail, have the option to listen on "non-standard" ports. Common ones (thus, making them standard???) include:
     587 [submission] -- usually configured to REQUIRE authentication & used solely for user submission of outbound messages (freeing port 25 [SMTP] to handle only outside mail coming into the system)
    465 [smtps] -- usually configured to REQUIRE both SSL/TLS communications AND authentication. (If all you need is SSL.TLS, the listening agent on port 25 can usually already handle that)

2) POP and IMAP are 2 different protocols for USERS to retrieve mail messages from their MTA
 a) POP3 [port 110] is popular with ISPs and other providers who want to keep their storage requirements low. Users typically (by default) MOVE messages off the server to the client system (user's desktop) when mail is FETCHed. Move implies that, once successfully downloaded, the message is DELETED on the server, but this can be overridden by client programs that can request that the messages NOT be deleted on the server.
 b) IMAP is popular with businesses and other providers who don't care about the storage of the messages, but instead want (or need) to have a "centralized" storage & retrieval system. For example, a web interface that allows access to old, as well as new, messages. (NOTE: Exchange is a modified IMAP with many LDAP extensions). IMAP also allows users to have multiple systems (desktop/laptop) that are easily kept "synchronized" with regards to their e-mail accounts.
 c) In virtually ALL cases, the POP and/or IMAP services are performed SEPARATELY from the MTA function. Thus, QMAIL delivers mail to a MailDir or MBox -- NOT to a user. In this case, is sounds like you've chosen courier-imapd. It will provide POP & IMAP access to your users. (If you support non-LAN connected users, I strongly encourage you to look into POPS and IMAPS -- the SSL/TLS enabled cousins to POP & IMAP. They are inherently supported by the courier-imapd packages, providing you have the SSL/TLS infrastructure (keys) in place. But that is a topic for another time & place.

3) The programs we all run on our desktops & laptops to READ & SEND messages are called MUA's [Mail User Agents]. Popular ones are Outlook, Outlook Express, Thunderbird, and MANY MANY more! Their job is to manage messages for individual users. They will generally talk to MTAs on both inbound (POP or IMAP) and outbound (SMTP, SUBMISSION, or SMTPS) ports. Nearly ALL MUAs support both POP & IMAP connections, as well as SSL/TLS versions of both.

4) The "generic" path of an e-mail message is therefore that it is created by the SENDER's MUA, which send is to the SENDER's MTA, where it is "authenticated" & sent to the RECIPIENT's MTA, which holds it for RECIPIENT to fetch with their MUA. This is the way virtually ALL e-mail is handled -- except when you send messages to people on your OWN domain, in which case the only difference is that the SENDER and RECIPIENT MTA is the same.

So... applying all of that to the question at-hand:

If you're not using vpopmail, or any other user management facility, then you're using the system auth facility... meaning your e-mail users are also system users (have login accounts).

We've already determined that you're using Courier-imapd. The default location for HOW you authenticate users is in /etc/courier/imap & /etc/courier/pop. The default (I believe) four courier is NOT to log each authenticaion to /var/log/messages. If yours is set to log, it search for imapd entries there.

To my knowledge, there is no "database" or "file touch" that is unique to a user CHECKING their mail. HOWEVER, with Maildirs you CAN see when the last time they CHECKED their mail AND found a new message -- You see, in the case of MailDirs, new mail is delivered to the folder .../Maildir/new .... then, when a user checks for new messages, they are MOVED to .../Maildir/cur -- so the modify times on the new & cur folders will tell you the last time they (user/owner of the Maildir folder) checked for mail AND actually received something.

If that will suffice, then you're good to go there.... if you really want to see WHEN each user logs in to check mail, I think you'll first have to turn ON the logging facility in Courier. Read the configuration notes in /etc/courier/* to see how to do this.

Good Luck!

I hope this helps... someone!

Dan
IT4SOHO

0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now