we've been using perdition as a pop3/pop3s/imap/imaps proxy for about
four years now, first with Debian Sarge package and now under Etch.
And throughout this time I've seen pop3s (and from the looks of it
the same happens with imaps) processes stuck in connect, like this:
16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s
28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
They never die off, keep the connection open, there is no traffic and the
other end might be long gone. Last trace in the logs is always like this:
Feb 5 22:05:16 pp11 perdition: Connect: hi.mi.ts.u->18.104.22.168
It must be something related to the SSL'ness of these service, since I'm
not seeing this happening ever for imap/pop3. Alas a lot of people do use
TLS with those, so it's not a generic SSL issue. Maybe the master process
could kick a child handling connections in the head after "timeout"
seconds in connect state?
If more information is needed I can try to provide it, but note that with a
rate of roughly 35 pops per second I'm a bit weary to turn on
This may or may not be related to another SSL related issue, which will
be for the sake of making searches in the archive more likely to find good
keywords in a separate mail.
Christian Balzer Network/Systems Engineer NOC
chibi(a)gol.com Global OnLine Japan/Fusion Network Services
My perdition director seems to be working fine with unencrypted POP and
IMAP connections, but logs the following when I try to connect from
Thunderbird using TLS:
SELF: "* OK IMAP4 Ready yankee 0001de1f\r\n"
CLIENT: "1 capability\r\n"
SELF: "* CAPABILITY IMAP4 IMAP4REV1\r\n"
SELF: "1 OK CAPABILITY\r\n"
CLIENT: "2 STARTTLS\r\n"
SELF: "2 OK Begin TLS negotiation now\r\n"
main: username_mangle STATE_GET_SERVER
Fatal error manipulating username for client "22.214.171.124": Exiting
What should I do to get TLS working?
Robert C. Sheets
Modifications on *spec.in ( for vanessa_logger vanessa_adt
vanessa_socket perdition) are need for "rpmbuild -ta <name>.tar.gz" on
Fedora >7 ? systems (rpm ver 4.4.xx)
-> Copyright: GNU Lesser General Public Licence
-< License: GNU (or wherever)
Thanks for your magnific work ! :-)
-----BEGIN PGP SIGNED MESSAGE-----
Are there any plans for a new perdition release? With the changeable
ldap version via configuration file is at least one useful change in the
repository. Maybe experimental ipv6 support could also be added.
I'm also the FreeBSD maintainer of the perdition port and i would like
to bring this in the ports tree without maintaining too many local patches.
* Thomas Vogt UNIX System Engineer - SolNet AS9044 - PGP-3239B720 *
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Having tried to roll out the CDB patch, we found a problem or two with it as follows:
len_return argument to cdb_seek was incorrect
Off by one error adding null terminator
Null terminator incorrectly quoted
Removed debugging statements from original patch
File handle not correctly closed on failed lookup
Corrected comment quoting for C style
Some rewriting for better readability
Patch against the current copy held on the Mercurial Repository attached.
Huge thanks to Paul Tipper who helped extensively with this patch.
Mail & Systems Support
University of Lancaster
I've just setup perdition and MySQL and I've got it sort of working...
but I want to split some users here and some there.
So I want to have:
some1(a)user.com to server1: imap
some1(a)user.com to server2: pop
some2(a)user.com to server3: imap
some2(a)user.com to server4: pop
The MySQL config has three fields:
user, port, hostname,
I dont seem to be able to see or understand how to make some users go
to different place depending on the connection type.
ie: imap connections to this server on that port and pop to this on
can anyone explain?
I am new on perdition, and I got this statement in paper about perdition:
"The size of these deployments range from 2,500 to in excess of 250,000
accounts with up to 8 real-servers"
Its mean perdition only support to 8 real servers ? Am I right ?
In my email system, we have about 40K users and split to 15 servers. Is
there any detail information about the maximum real servers will be
supported by perdition ?
What will happened if we have more than 8 real servers that will be access
using Perdition proxy ?
Thanks in advance.