Perdition-users January 2009

perdition-users@vergenet.net

9 participants
10 discussions

Zombie pop3s (and imaps?) processes in connect state

by Christian Balzer

Hello, we've been using perdition as a pop3/pop3s/imap/imaps proxy for about four years now, first with Debian Sarge package and now under Etch. And throughout this time I've seen pop3s (and from the looks of it the same happens with imaps) processes stuck in connect, like this: --- 16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s 28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect --- They never die off, keep the connection open, there is no traffic and the other end might be long gone. Last trace in the logs is always like this: --- Feb 5 22:05:16 pp11 perdition[7782]: Connect: hi.mi.ts.u->203.216.5.113 --- It must be something related to the SSL'ness of these service, since I'm not seeing this happening ever for imap/pop3. Alas a lot of people do use TLS with those, so it's not a generic SSL issue. Maybe the master process could kick a child handling connections in the head after "timeout" seconds in connect state? If more information is needed I can try to provide it, but note that with a rate of roughly 35 pops per second I'm a bit weary to turn on debugging. ^_- This may or may not be related to another SSL related issue, which will be for the sake of making searches in the archive more likely to find good keywords in a separate mail. Regards, Christian -- Christian Balzer Network/Systems Engineer NOC chibi(a)gol.com Global OnLine Japan/Fusion Network Services http://www.gol.com/

11 years, 7 months

rpm .spec modification

by No Body is Perfect

Hi Horms! Modifications on *spec.in ( for vanessa_logger vanessa_adt vanessa_socket perdition) are need for "rpmbuild -ta <name>.tar.gz" on Fedora >7 ? systems (rpm ver 4.4.xx) -> Copyright: GNU Lesser General Public Licence -< License: GNU (or wherever) Thanks for your magnific work ! :-)

14 years, 10 months

New perdition release?

by Thomas Vogt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Are there any plans for a new perdition release? With the changeable ldap version via configuration file is at least one useful change in the repository. Maybe experimental ipv6 support could also be added. I'm also the FreeBSD maintainer of the perdition port and i would like to bring this in the ports tree without maintaining too many local patches. Regards, Tom - -- * Thomas Vogt UNIX System Engineer - SolNet AS9044 - PGP-3239B720 * -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjbl6AACgkQGCwkYTI5tyC7PgCdGTBF7mM15RDR8ejuVo3EvUsz 5foAoIzS34h9IolJCRpqQ9G4k84iGtp/ =KoGU -----END PGP SIGNATURE-----

15 years

[Fwd: Re: How to allow roaming client to send mails via its mail server]

by Raphaël RIGNIER

15 years, 5 months

How to allow roaming client to send mails via its mail server

by Stephen Liu

Hi folks OS- Debian Etch Xen postfix courier perdition perdition-mysql MySQL Single public IP Dom0 - Debian Etch workstation Server-1, domU1 for routing with perdition and perdition-mysql installed Server-2, domU2, mail server for domain-A Server-3, domU3, mail server for domain-B etc. This is server virtualization for testing. The whole system is working nicely. Mails of domain-A are delivered to Server-2, mails of domain-B delivered to Server-3, etc. Roaming clients can login their servers to download mails. But they can't send mails via their server. Please advise how to configure perdition allowing roaming clients to send mails via their server. OR I have to use another solution? TIA B.R. Stephen L Send instant messages to your online friends http://uk.messenger.yahoo.com

15 years, 5 months

source code for perdition-pbs

by David Alix

Is it possible to get the source code for perdition-pbs without installing mercurial on my Solaris system? I'd rather not install python and Mercurial on a system that doesn't otherwise need them. Thanks ___________________________________ David Alix Information Systems and Computing David.Alix(a)isc.ucsb.edu (805)893-4456

15 years, 6 months

Regular expressions

by Stephen Vaughan

Hi, Is it possible to store regular expressions in a mysql database? We have over 13,000 RE's in our popmap.re and understandably each time a user authenticates its taking a long time to process the request. -- Best Regards, Stephen

15 years, 6 months

Forwarding connections based on domain

by Stephen Vaughan

Hi, Is it possible to proxy imap/pop3 connections based on the domain used in the username? I'm trying to avoid having to enter in thousands of email addresses into the popmap, instead having a wild card of *(a)domain.com -> server1, *(a)domain1.com -> server2 thanks -- Best Regards, Stephen

15 years, 6 months

Timeout for "connect" state sessions needed

by Christian Balzer

Hello and a happy new year, a couple of days ago one of our perdition servers exceeded the 1024 pop3 connections limit configured (normal usage is about 30-50 parallel connections). I turned out that all these connections had been eaten up by some customer trying to pop his email from China and instead of firing off a connection every 2 minutes things seemed to fail on his end and groups of 3-6 parallel connects (which failed in turn again) came hurtling in. We have been using perdition for over 4 years and have a huge customer base with over 1.5 million pop3 connects per day and never seen anything like this, so my guess here is that this is not (purely) a client thing but that the grate(sic) firewall of China is involved, too. Anyways, this is a typical example: --- Jan 7 12:15:10 pp12 perdition[16881]: Connect: 218.1.143.164->203.216.5.113 Jan 7 12:15:10 pp12 perdition[16886]: Connect: 218.1.143.164->203.216.5.113 Jan 7 12:15:10 pp12 perdition[16889]: Connect: 218.1.143.164->203.216.5.113 Jan 7 12:38:19 pp12 perdition[16881]: io_read: read: Connection timed out Jan 7 12:38:19 pp12 perdition[16881]: __token_fill_buffer: error reading input: Connection timed out Jan 7 12:38:19 pp12 perdition[16881]: token_read: token_fill_buffer Jan 7 12:38:19 pp12 perdition[16881]: read_line: token_read Jan 7 12:38:19 pp12 perdition[16881]: pop3_in_get_pw: pop3_in_get_pw: read_line Jan 7 12:38:19 pp12 perdition[16881]: main: protocol->in_get_pw Jan 7 12:38:19 pp12 perdition[16881]: Fatal Error reading authentication information from client "218.1.143.164->203.216.5.113 ": Exiting child --- Aside from being a good starting measure against a DoS attack in general a feature where one could set a timeout for the maximum time that a process is allowed to be in "connect" state (I would set this to 1 minute or less) would be a very welcome addition. The problem I raised in http://lists.vergenet.net/pipermail/perdition-users/2008-February/001973.ht… would benefit (as in workaround) from such a feature, too. Regards, Christian -- Christian Balzer Network/Systems Engineer NOC chibi(a)gol.com Global OnLine Japan/Fusion Network Services http://www.gol.com/ https://secure3.gol.com/mod-pl/ols/index.cgi/?intr_id=F-2ECXvzcr6656

15 years, 6 months

perdition processes (forks) get stuck in endless loop

by Ariel Biener

15 years, 6 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users January 2009