Hello,
we've been using perdition as a pop3/pop3s/imap/imaps proxy for about
four years now, first with Debian Sarge package and now under Etch.
And throughout this time I've seen pop3s (and from the looks of it
the same happens with imaps) processes stuck in connect, like this:
---
16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s
28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect
13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect
---
They never die off, keep the connection open, there is no traffic and the
other end might be long gone. Last trace in the logs is always like this:
---
Feb 5 22:05:16 pp11 perdition[7782]: Connect: hi.mi.ts.u->203.216.5.113
---
It must be something related to the SSL'ness of these service, since I'm
not seeing this happening ever for imap/pop3. Alas a lot of people do use
TLS with those, so it's not a generic SSL issue. Maybe the master process
could kick a child handling connections in the head after "timeout"
seconds in connect state?
If more information is needed I can try to provide it, but note that with a
rate of roughly 35 pops per second I'm a bit weary to turn on
debugging. ^_-
This may or may not be related to another SSL related issue, which will
be for the sake of making searches in the archive more likely to find good
keywords in a separate mail.
Regards,
Christian
--
Christian Balzer Network/Systems Engineer NOC
chibi(a)gol.com Global OnLine Japan/Fusion Network Services
http://www.gol.com/
Hi,
I have perdition running great for sometime and just implemented
pop3s. POP3s works great too but the timeout value is not taking
affect on a idle connection
Here is the config:
#####
map_library /usr/local/lib/libperditiondb_ldap.so
map_library_opt "ldap://10.0.2.56
10.0.2.58/ou=EmailAccount,o=myinternalcave.com?uid,mailhost,port?one?(uid=%25s)"
username_from_database
pid_file /var/run/perdition.pop3s.pid
#log_facility /dev/null
no_lookup
outgoing_port 110
ssl_mode ssl_listen
ssl_cert_file /etc/postfix/ssl/mailssl.crt
ssl_key_file /etc/postfix/ssl/mailssl.key
ssl_ca_chain_file /etc/postfix/ssl/chain
log_facility mail
timeout 60
#######
iox1# time telnet mail.myinternalcave.com 110
Escape character is '^]'.
+OK POP3 Ready dark 0001341e
Connection closed by foreign host.
0.000u 0.015s 1:00.10 0.0% 208+912k 0+0io 0pf+0w
1minute timeout works fine on pop3 but pop3s just sits there forever it seems.
Does this feature work on pop3s?
Thanks
eric c
Hello !
I'm studying a way to connect a mobile phone with only IPv6 address to a
IMAP server and an Exchange Microsoft server which are in the IPv4 world...
I use perdition and it works for my gmail address but I have 2 problems
for other mail accounts :
1 - With a IMAP server where no SSL connection is needed, I made this
configuration for perdition.imap4.conf :
bind_address proxyv6.com
listen_port 144
protocol IMAP4
debug
connection_logging
map_library /usr/lib/libperditiondb_posix_regex.so.0.0.0
map_library_opt /etc/perdition/popmap.re
username_from_database
ssl_mode none
ssl_ca_accept_self_signed
ssl_cert_accept_self_signed
ssl_cert_accept_expired
ssl_cert_accept_not_yet_valid
ssl_no_cert_verify
ssl_no_cn_verify
And the result of the debug in /var/log/syslog :
Feb 14 07:45:07 pontenn perdition[28472]: CLIENT: "1 capability\r\n"
Feb 14 07:45:07 pontenn perdition[28472]: SELF: "* CAPABILITY IMAP4
IMAP4REV1\
r\n"
Feb 14 07:45:07 pontenn perdition[28472]: SELF: "1 OK CAPABILITY\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: CLIENT: "2 login
\"mathieu.coic(a)free.f
r\" \"*****************\"\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: username_add_domain:
username_add_doma
in 0 1
Feb 14 07:45:12 pontenn perdition[28472]: username_add_domain:
username_add_doma
in 0 4
Feb 14 07:45:12 pontenn perdition[28472]: REAL: "* OK [CAPABILITY
IMAP4REV1 X-
NETSCAPE LOGIN-REFERRALS AUTH=LOGIN] IMAP4rev1 Free\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: SELF: "flim07 CAPABILITY\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: REAL: "* CAPABILITY
IMAP4REV1 X-NETS
CAPE NAMESPACE MAILBOX-REFERRALS SCAN SORT THREAD=REFERENCES
THREAD=ORDEREDSUBJE
CT MULTIAPPEND LOGIN-REFERRALS AUTH=LOGIN\r\nflim07 OK Completed\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: SELF: "flim08 LOGIN {12}\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: REAL: "+ go ahead\r\n"
Feb 14 07:45:12 pontenn perdition[28472]: SELF: "mathieu.coic {8}\r\n"
Feb 14 07:45:15 pontenn perdition[28472]: REAL: "flim08 NO LOGIN
failed\r\n"
Feb 14 07:45:15 pontenn perdition[28472]: imap4_out_response: invalid
tag from s
erver 1
The client send well the login et the password for my account.
Is there a way for perdition to not send "flim08 LOGIN" ?
2 - My second problem is the connection with an Exchange server. I used
a mobile phone which has a Exchange Client and it's the result of syslog :
Feb 14 07:51:25 pontenn perdition[28531]: SELF: "* OK IMAP4 Ready
fe80::2bd:3a
ff:fe72:ee46%eth1 0001e6ab\r\n"
Feb 14 07:51:25 pontenn perdition[28531]: CLIENT: "OPTIONS
/Microsoft-Server-Act
iveSync HTTP/1.1\r\nAccept: */*\r\nAccept-Encoding: gzip\r\nUser-Agent:
N900/1.1
\r\nHost: proxyv6.com\r\nConnection: Keep-Alive\r\nAuthorization: Basic
dTEwNTQ2
MjptYUNvaTU2\r\nContent-Length: 0\r\n\r\n"
Feb 14 07:51:28 pontenn perdition[28531]: SELF: "OPTIONS BAD
Unrecognised comm
and, mate\r\n"
Feb 14 07:51:31 pontenn perdition[28531]: SELF: "Accept: BAD
Unrecognised comm
and, mate\r\n"
Feb 14 07:51:34 pontenn perdition[28531]: SELF: "Accept-Encoding: BAD
Unrecogn
ised command, mate\r\n"
Feb 14 07:51:37 pontenn perdition[28531]: SELF: "User-Agent: BAD
Unrecognised
command, mate\r\n"
Feb 14 07:51:40 pontenn perdition[28531]: SELF: "Host: BAD
Unrecognised comman
d, mate\r\n"
Feb 14 07:51:43 pontenn perdition[28531]: SELF: "Connection: BAD
Unrecognised
command, mate\r\n"
Feb 14 07:51:46 pontenn perdition[28531]: SELF: "Authorization: BAD
Unrecognis
ed command, mate\r\n"
Feb 14 07:51:49 pontenn perdition[28531]: SELF: "Content-Length: BAD
Unrecogni
sed command, mate\r\n"
Feb 14 07:51:52 pontenn perdition[28531]: SELF: "* BAD Invalid tag,
mate\r\n"
Feb 14 07:52:22 pontenn perdition[28531]: CLIENT: ""
Feb 14 07:52:22 pontenn perdition[28531]: token_read: token_fill_buffer
Feb 14 07:52:22 pontenn perdition[28531]: read_line: token_read
Feb 14 07:52:22 pontenn perdition[28531]: imap4_in_get_pw: read_imap4_line 1
Feb 14 07:52:22 pontenn perdition[28531]: main: protocol->in_get_pw
Can perdition just forward the flag OPTIONS to the Exchange server ?
Thanks for the response,
Mathieu Coïc
Hi,
I've been attempting to setup perdition to use multiple servers for the
same user names, but it doesn't seem possible which is a shame. In my
googling attempts I ran into this email:
http://lists.vergenet.net/pipermail/perdition-users/2009-November/002214.ht…
That's exactly what I would like to do.
Currently, perdition has no way of handling a server being down. If
user1: serverA, and serverA is down, user1 is out of luck.
I shouldn't think it would be hard to have user1:
serverA,serverB,serverC and just have perdition go to the next server
when the first times out.
Also, if this was in place you would probably want an option to say
"dont_return_to_master." The point of this being, if serverA goes down
and connections go to B, when A comes back up you don't want connections
going back there automatically or you will have user1 on both A and B.
Some IMAP servers have a major issue with conflicting sessions.
Anyway just some ideas.
But just to verify, perdition can't do backup IMAP servers, correct?
--
================================
David Halik
System Administrator
OIT-CSS Rutgers University
dhalik(a)jla.rutgers.edu
================================