Hello,
we've been using perdition as a pop3/pop3s/imap/imaps proxy for about
four years now, first with Debian Sarge package and now under Etch.
And throughout this time I've seen pop3s (and from the looks of it
the same happens with imaps) processes stuck in connect, like this:
---
16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s
28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
---
They never die off, keep the connection open, there is no traffic and the
other end might be long gone. Last trace in the logs is always like this:
---
Feb 5 22:05:16 pp11 perdition[7782]: Connect: hi.mi.ts.u->203.216.5.113
---
It must be something related to the SSL'ness of these service, since I'm
not seeing this happening ever for imap/pop3. Alas a lot of people do use
TLS with those, so it's not a generic SSL issue. Maybe the master process
could kick a child handling connections in the head after "timeout"
seconds in connect state?
If more information is needed I can try to provide it, but note that with a
rate of roughly 35 pops per second I'm a bit weary to turn on
debugging. ^_-
This may or may not be related to another SSL related issue, which will
be for the sake of making searches in the archive more likely to find good
keywords in a separate mail.
Regards,
Christian
--
Christian Balzer Network/Systems Engineer NOC
chibi(a)gol.com Global OnLine Japan/Fusion Network Services
http://www.gol.com/
Hello list,
My perdition director seems to be working fine with unencrypted POP and
IMAP connections, but logs the following when I try to connect from
Thunderbird using TLS:
Connect: 128.146.221.167->206.71.169.193
SELF: "* OK IMAP4 Ready yankee 0001de1f\r\n"
CLIENT: "1 capability\r\n"
SELF: "* CAPABILITY IMAP4 IMAP4REV1\r\n"
SELF: "1 OK CAPABILITY\r\n"
CLIENT: "2 STARTTLS\r\n"
SELF: "2 OK Begin TLS negotiation now\r\n"
username_mangle: username_strip
main: username_mangle STATE_GET_SERVER
Fatal error manipulating username for client "128.146.221.167": Exiting
child
What should I do to get TLS working?
Thanks!
--
Robert C. Sheets
Picosecond Software
Hi Horms!
Modifications on *spec.in ( for vanessa_logger vanessa_adt
vanessa_socket perdition) are need for "rpmbuild -ta <name>.tar.gz" on
Fedora >7 ? systems (rpm ver 4.4.xx)
-> Copyright: GNU Lesser General Public Licence
-< License: GNU (or wherever)
Thanks for your magnific work ! :-)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello
Are there any plans for a new perdition release? With the changeable
ldap version via configuration file is at least one useful change in the
repository. Maybe experimental ipv6 support could also be added.
I'm also the FreeBSD maintainer of the perdition port and i would like
to bring this in the ports tree without maintaining too many local patches.
Regards,
Tom
- --
* Thomas Vogt UNIX System Engineer - SolNet AS9044 - PGP-3239B720 *
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkjbl6AACgkQGCwkYTI5tyC7PgCdGTBF7mM15RDR8ejuVo3EvUsz
5foAoIzS34h9IolJCRpqQ9G4k84iGtp/
=KoGU
-----END PGP SIGNATURE-----
Hi.
I'am trying to install a Comodo Cert to perdition and replace the
self-signed certs.....
>From Comodo i have:
- enjoy_comodo_ssl.crt
- commercial.key
- Entrust Root
- intermediate certificate (AAA Intermediate)
With "Entrust Root" and "intermediate certificate" I create one file and
that put in: ssl_ca_chain_file
I created that file this way: cat EntrustSecureServerCA.crt
AAACertificateServices_2.crt > /tmp/ca_bundle.crt
I have modify the following lines:
ssl_cert_file /path/to/enjoy_comodo_ssl.crt
ssl_key_file /path/to/commercial.key
ssl_ca_chain_file /path/to/ca_bundle.crt
Then i restarted Perdition, and when i run:
openssl s_client -port 993
depth=0 /C=CL/postalCode=7561115/ST=Metropolitana/L=Santiago/streetAddress=Las Condes/streetAddress=Av. Rosario Norte 555, Piso 10/O=Enjoy Gestion Ltda/OU=Servicios Web/OU=Issued through Enjoy Gestion Ltda. E-PKI Manager/OU=Comodo PremiumSSL Wildcard
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=CL/postalCode=7561115/ST=Metropolitana/L=Santiago/streetAddress=Las Condes/streetAddress=Av. Rosario Norte 555, Piso 10/O=Enjoy Gestion Ltda/OU=Servicios Web/OU=Issued through Enjoy Gestion Ltda. E-PKI Manager/OU=Comodo PremiumSSL Wildcard
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=CL/postalCode=7561115/ST=Metropolitana/L=Santiago/streetAddress=Las Condes/streetAddress=Av. Rosario Norte 555, Piso 10/O=Enjoy Gestion Ltda/OU=Servicios Web/OU=Issued through Enjoy Gestion Ltda. E-PKI Manager/OU=Comodo PremiumSSL Wildcard
verify error:num=21:unable to verify the first certificate
verify return:1
Verify return code: 21 (unable to verify the first certificate)
Why can not verify the cert?, What i am doing wrong?
when i connect with Outlook I got the same error.
Thanks a lot...
Michael.-
Hi,
I try to install perdition on a freebsd 5.5-RELEASE-p8 machine, but
unfortunatly without success :(.
The following error occures when I try to install from ports:
# pwd
/usr/ports/mail/perdition
# make
[...]
checking for crypt in -lcrypt... yes
checking for poptGetContext in -lpopt... no
configure: error: ""
"**********************************************************************"
"* perdition requires the popt options parsing library available from"
"* ftp://ftp.rpm.org/pub/rpm/ and mirrors."
"**********************************************************************"
===> Script "configure" failed unexpectedly.
Please report the problem to thomas(a)bsdunix.ch [maintainer] and attach
the "/usr/ports/mail/perdition/work/perdition-1.17.1/config.log"
including the output of the failure of your make command. Also, it might
be a good idea to provide an overview of all packages installed on your
system (e.g. an `ls /var/db/pkg`).
*** Error code 1
Stop in /usr/ports/mail/perdition.
But popt ist installed:
# pkg_info | grep popt
popt-1.7_5 A getopt(3) like library with a number of enhancements, fro
# ls /usr/local/lib | grep popt
libpopt.a
libpopt.la
libpopt.so
libpopt.so.0
Even if I try to compile perdition manualy the popt library can not be
found.
Has anyone a hint what I can do to get perdition up and running on my
freebsd machine?
Cheers and thanks,
Christian
--
Christian Schöpplein
Landeshauptstadt München
- Schul- und Kultusreferat
- ZIB admins(a)musin.de
- Netze und Servermanagement 089 / 233-43042