Perdition-users April 2011

perdition-users@vergenet.net

5 participants
6 discussions

Zombie pop3s (and imaps?) processes in connect state

by Christian Balzer

Hello, we've been using perdition as a pop3/pop3s/imap/imaps proxy for about four years now, first with Debian Sarge package and now under Etch. And throughout this time I've seen pop3s (and from the looks of it the same happens with imaps) processes stuck in connect, like this: --- 16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s 28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect --- They never die off, keep the connection open, there is no traffic and the other end might be long gone. Last trace in the logs is always like this: --- Feb 5 22:05:16 pp11 perdition[7782]: Connect: hi.mi.ts.u->203.216.5.113 --- It must be something related to the SSL'ness of these service, since I'm not seeing this happening ever for imap/pop3. Alas a lot of people do use TLS with those, so it's not a generic SSL issue. Maybe the master process could kick a child handling connections in the head after "timeout" seconds in connect state? If more information is needed I can try to provide it, but note that with a rate of roughly 35 pops per second I'm a bit weary to turn on debugging. ^_- This may or may not be related to another SSL related issue, which will be for the sake of making searches in the archive more likely to find good keywords in a separate mail. Regards, Christian -- Christian Balzer Network/Systems Engineer NOC chibi(a)gol.com Global OnLine Japan/Fusion Network Services http://www.gol.com/

11 years, 7 months

Managesieve bug recurring?

by Jesse Jarzynka

Hello All, I'm setting up perdition for IMAP and Managesieve proxying with LDAP. LDAP proxying is working fine, I'm getting my mailhost from there, but for managesieve I keep getting: "perdition.managesieve[7871]: Exiting on signal 11" and I'm wondering if it's a recurrence of this bug - http://lists.vergenet.net/pipermail/perdition-users/2010-July/002332.html . I'm using the Debian Squeeze with has the following packages in the repos: ii perdition 1.19~rc4-2 POP3 and IMAP4 Proxy server ii perdition-ldap 1.19~rc4-2 Library to allow perdition to access LDAP based popmaps Here is more of my log: Mar 30 14:40:00 perdition-dev perdition.managesieve[7871]: Connect: 10.30.40.197:37245->10.30.40.163:4190 Mar 30 14:40:00 perdition-dev perdition.managesieve[7871]: SELF: "\"IMPLEMENTATION\" \"perdition\"\r\n\"SIEVE\" \"comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date\"\r\n\"SASL\" \"PLAIN\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" \"1.19-rc4\"\r\nOK \"predition ready on perdition-dev.localnet.sys 0002b5e3\"\r\n" Mar 30 14:40:04 perdition-dev perdition.managesieve[7871]: CLIENT: "AUTHENTICATE \"PLAIN\" \"AHRlc3RhY2NvdW50MDBAbG9jYWxuZXQuY29tAFRlY2g5OTk=\"\r\n" Mar 30 14:40:04 perdition-dev perdition.managesieve[7871]: username_add_domain: username_add_domain 0 1 Mar 30 14:40:04 perdition-dev perdition.managesieve[7871]: username_add_domain: username_add_domain 0 4 ///////////////////////////// THIS RESPONSE IS FROM THE CORRECT MANAGESIEVE SERVER SO THE PROXY IS WORKING ///////////////////////////// Mar 30 14:40:04 perdition-dev perdition.managesieve[7871]: REAL: "\"IMPLEMENTATION\" \"dovecot\"\r\n\"SIEVE\" \"comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus virustest\"\r\n\"SASL\" \"PLAIN LOGIN\"\r\n\"STARTTLS\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" \"1.0\"\r\nOK \"Dovecot ready.\"\r\n" Mar 30 14:40:04 perdition-dev perdition.managesieve[7871]: Exiting on signal 11 So as you can see it exits after it connects to the correct managesieve server. I can provide any more logging and answers if someone has an idea where to look. Thanks, Jesse

13 years, 1 month

Fatal error negotiating setup

by David Severance

I've been having this once in a blue moon problem with the latest perdition 1.19-rc4 compiled on RHEL5 so I turned on debug and caught this today. If I restart perdition then everything works until the next blue moon. > Apr 13 10:29:33 proxyx perdition.imaps[22437]: Connect: > 128.200.62.206:2170->128.200.80.50:993 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: SSL connection using > AES256-SHA > Apr 13 10:29:33 proxyx perdition.imaps[22437]: SELF: "* OK > [CAPABILITY IMAP4 IMAP4REV1 LITERAL+] perdition ready on > proxyx.es.uci.edu 0002376b\r\n" > Apr 13 10:29:33 proxyx perdition.imaps[22437]: CLIENT: "2 login > \"jbrancal\" \"XXXXXX\"\r\n" > Apr 13 10:29:33 proxyx perdition.imaps[22437]: username_add_domain: > username_add_domain 0 1 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: username_add_domain: > username_add_domain 0 2 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: > vanessa_socket_daemon_setid: uid=99 euid=99 gid=99 egid=99 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: username_add_domain: > username_add_domain 0 4 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: REAL: "" > Apr 13 10:29:33 proxyx perdition.imaps[22437]: token_read: > token_fill_buffer > Apr 13 10:29:33 proxyx perdition.imaps[22437]: read_line: token_read > Apr 13 10:29:33 proxyx perdition.imaps[22437]: imap4_out_response: > read_line > Apr 13 10:29:33 proxyx perdition.imaps[22437]: imap4_out_setup: > imap4_out_response greeting > Apr 13 10:29:33 proxyx perdition.imaps[22437]: main: > protocol->out_setup -1 > Apr 13 10:29:33 proxyx perdition.imaps[22437]: Fatal error negotiating > setup. Exiting child. Not sure what to do next, any ideas? thanks, David -- David Severance Central Computing Services Office of Information Technology (949) 824-7552 sev(a)uci.edu

13 years, 1 month

Exiting on signal 11

by YANG ChengFu

Hello, I have perdition installation with imap and managesieve service, imap works very well, but managesieve never works. my setup: Debian Squeeze 6.01 perdition 1.19~rc4-2 Each time I tried to login from perdition server to real server(managesieve works on it, it is dovecot). $ telnet email.tst.gameloft.org 2000 Trying 10.137.0.45... Connected to email.tst.gameloft.org. Escape character is '^]'. "IMPLEMENTATION" "perdition" "SIEVE" "comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date" "SASL" "PLAIN" "NOTIFY" "mailto" "VERSION" "1.19" OK "predition ready on email.tst.gameloft.org 0002a618" AUTHENTICATE "PLAIN" "AGNoZW5nZnUueWFuZ0BnYW1lbG9mdC5jb20AUjNsMGFkZWQ4" Connection closed by foreign host. I got the following error message. I can find perdition.managesieve forward my authentication information to real server from tcpdump Apr 4 18:05:35 email perdition.imap4[26316]: Exiting on signal 15 Apr 4 18:05:35 email perdition.managesieve[26319]: Exiting on signal 15 Apr 4 18:05:37 email perdition.imap4[29577]: Starting perdition version=1.19-rc4 protocol=IMAP4 Apr 4 18:05:37 email perdition.managesieve[29580]: Starting perdition version=1.19-rc4 protocol=MANAGESIEVE Apr 4 18:05:37 email perdition.managesieve[29580]: add_domain="", authenticate_in=off, authenticate_timeout=1800, bind_address="", client_server_specification=off, config_file="/etc/perdition/perdition.managesieve.conf", connection_limit=0, connection_logging=on, connect_relog=300, debug=on, domain_delimiter="@", explicit_domain="", group="nogroup", imap_capability="IMAP4 IMAP4REV1", inetd_mode=off, listen_port="2000", log_facility="mail", log_passwd="always", login_disabled=off, lower_case="all", managesieve_capability=""IMPLEMENTATION" "perdition" "SIEVE" "comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date" "SASL" "PLAIN" "NOTIFY" "mailto" "VERSION" "1.19"", map_library="/usr/lib/libperditiondb_gdbm.so.0", map_library_opt="/etc/perdition/manamap.gdbm.db", no_bind_banner=off, no_daemon=off, no_lookup=off, tcp_keepalive=off, nodename="email.tst.gameloft.org", ok_line="You are so in", outgoing_port="2000", outgoing_server="", pid_file="/var/run/perdition.managesieve/perdition.managesieve.pid", pop_capability="UIDL.USER", protocol="MANAGESIEVE", server_resp_line=off, strip_domain="", timeout=1800, username="nobody", username_from_database=off, query_key="", quiet=off (mask=0x00000000 00000000) Apr 4 18:05:37 email perdition.managesieve[29580]: ssl_mode="", ssl_ca_file="", ssl_ca_path="/etc/perdition/perdition.ca/", ssl_ca_accept_self_signed="off", ssl_cert_file="/etc/perdition/perdition.crt.pem", ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off", ssl_cert_self_signed="off", ssl_cert_verify_depth=9, ssl_key_file="/etc/perdition/perdition.key.pem", ssl_listen_ciphers="", ssl_outgoing_ciphers="", ssl_no_cert_verify="off", ssl_no_client_cert_verify="off", ssl_no_cn_verify="off" ssl_passphrase_fd=0, ssl_passphrase_file="(null)", (ssl_mask=0x00000000) Apr 4 18:05:37 email perdition.managesieve[29582]: vanessa_socket_daemon_setid: uid=65534 euid=65534 gid=65534 egid=65534 Apr 4 18:05:45 email perdition.managesieve[29584]: Connect: 10.137.0.45:46365->10.137.0.45:2000 Apr 4 18:05:45 email perdition.managesieve[29584]: SELF: "\"IMPLEMENTATION\" \"perdition\"\r\n\"SIEVE\" \"comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date\"\r\n\"SASL\" \"PLAIN\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" \"1.19\"\r\nOK \"predition ready on email.tst.exmaple.org 0002a618\"\r\n" Apr 4 18:05:56 email perdition.managesieve[29584]: CLIENT: "AUTHENTICATE \"PLAIN\" \"AGNoZW5nZnUueWFuZ0BnYW1lbG9mdC5jb20AUjNsMGFkZWQ4\"\r\n" Apr 4 18:05:56 email perdition.managesieve[29584]: username_add_domain: username_add_domain 0 1 Apr 4 18:05:56 email perdition.managesieve[29584]: username_add_domain: username_add_domain 0 4 Apr 4 18:05:56 email perdition.managesieve[29584]: REAL: "\"IMPLEMENTATION\" \"dovecot\"\r\n\"SIEVE\" \"comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus virustest\"\r\n\"SASL\" \"PLAIN LOGIN GSSAPI\"\r\n\"STARTTLS\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" \"1.0\"\r\nOK \"Dovecot ready.\"\r\n" Apr 4 18:05:56 email perdition.managesieve[29584]: Exiting on signal 11 tcpdump information: 18:05:56.319139 00:12:79:8f:f1:ee > 00:12:79:3a:44:b5, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 57476, offset 0, flags [DF], proto TCP (6), length 60) 10.137.0.45.57274 > 10.137.0.130.2000: S, cksum 0x2352 (correct), 10062289:10062289(0) win 5840 <mss 1460,sackOK,timestamp 483486037 0,nop,wscale 9> 18:05:56.935100 00:12:79:3a:44:b5 > 00:12:79:8f:f1:ee, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60) 10.137.0.130.2000 > 10.137.0.45.57274: S, cksum 0x567a (correct), 2822211310:2822211310(0) ack 10062290 win 5792 <mss 1460,sackOK,timestamp 60267065 483486037,nop,wscale 9> 18:05:56.935166 00:12:79:8f:f1:ee > 00:12:79:3a:44:b5, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57477, offset 0, flags [DF], proto TCP (6), length 52) 10.137.0.45.57274 > 10.137.0.130.2000: ., cksum 0x9b40 (correct), ack 1 win 12 <nop,nop,timestamp 483486193 60267065> 18:05:56.935532 00:12:79:3a:44:b5 > 00:12:79:8f:f1:ee, ethertype IPv4 (0x0800), length 460: (tos 0x0, ttl 64, id 7228, offset 0, flags [DF], proto TCP (6), length 446) 10.137.0.130.2000 > 10.137.0.45.57274: P 1:395(394) ack 1 win 12 <nop,nop,timestamp 60267219 483486193> 18:05:56.935572 00:12:79:8f:f1:ee > 00:12:79:3a:44:b5, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57478, offset 0, flags [DF], proto TCP (6), length 52) 10.137.0.45.57274 > 10.137.0.130.2000: ., cksum 0x991a (correct), ack 395 win 14 <nop,nop,timestamp 483486193 60267219> 18:05:56.936890 00:12:79:8f:f1:ee > 00:12:79:3a:44:b5, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57479, offset 0, flags [DF], proto TCP (6), length 52) 10.137.0.45.57274 > 10.137.0.130.2000: F, cksum 0x9919 (correct), 1:1(0) ack 395 win 14 <nop,nop,timestamp 483486193 60267219> 18:05:56.937112 00:12:79:3a:44:b5 > 00:12:79:8f:f1:ee, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 7229, offset 0, flags [DF], proto TCP (6), length 52) 10.137.0.130.2000 > 10.137.0.45.57274: F, cksum 0x9919 (correct), 395:395(0) ack 2 win 12 <nop,nop,timestamp 60267220 483486193> 18:05:56.937140 00:12:79:8f:f1:ee > 00:12:79:3a:44:b5, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57480, offset 0, flags [DF], proto TCP (6), length 52) 10.137.0.45.57274 > 10.137.0.130.2000: ., cksum 0x9917 (correct), ack 396 win 14 <nop,nop,timestamp 483486193 60267220> /etc/perdition/perdition.managesieve.conf connection_logging debug log_facility mail managesieve_capability \ "\"IMPLEMENTATION\" \"perdition\" "\ "\"SIEVE\" \"comparator-i;octet "\ "comparator-i;ascii-casemap "\ "fileinto "\ "reject "\ "envelope "\ "encoded-character "\ "vacation "\ "subaddress "\ "comparator-i;ascii-numeric "\ "relational "\ "regex "\ "imap4flags "\ "copy i"\ "nclude "\ "variables "\ "body "\ "enotify "\ "environment "\ "mailbox "\ "date\" "\ "\"SASL\" \"PLAIN\" "\ "\"NOTIFY\" \"mailto\" "\ "\"VERSION\" \"1.19\"" listen_port 2000 log_passwd always lower_case all map_library /usr/lib/libperditiondb_gdbm.so.0 map_library_opt /etc/perdition/manamap.gdbm.db protocol managesieve outgoing_port 2000

13 years, 2 months

Re: [PERDITION-USERS] {Disarmed} Re: Managesieve bug recurring?

by Jesse Jarzynka

Sure, dovecot.conf - http://pastebin.com/muUEPAh8 We are using LDAP: dovecot-ldap.conf - http://pastebin.com/Qk4RDPgN <http://pastebin.com/Qk4RDPgN>Has been working fine for us. Our LDAP is a little weird but you should be able to figure it out. Check out the dovecot docs for help, they are pretty good. On Tue, Apr 26, 2011 at 3:38 PM, YANG ChengFu <chengfu.yang(a)gameloft.com>wrote: > Hello Jesse, > > thanks a look, can you share your dovecot proxy and password DB > configuration files ? > > -- > *YANG ChengFu* > UNIX Administrator/Administrateur UNIX > > 5800 St-Denis suite 1001 > Montréal (QC), H2S 3L5 > Msn/mail: chengfu.yang(a)gameloft.com > tel:(514)798-1700 x.4514 > > > > On 11-04-26 02:57 PM, Jesse Jarzynka wrote: > > I actually wound up using Dovecot myself for IMAP, POP3, and Managesieve > proxying. You might want to take a look at doing that until Simon can get > around to fixing the perdition bug. > > On Tue, Apr 26, 2011 at 2:54 PM, YANG ChengFu <chengfu.yang(a)gameloft.com>wrote: > >> Hello Simon, >> >> perdition is really a good open source software, I like it. Now I want to >> enable managesieve feature, but it always give me 11 signal errors, just >> like my previous mail mentioned. >> >> May we have your attentions on it, if managesieve works, it will be >> perfect? >> >> -- >> *YANG ChengFu* >> UNIX Administrator/Administrateur UNIX >> >> 5800 St-Denis suite 1001 >> Montréal (QC), H2S 3L5 >> Msn/mail: chengfu.yang(a)gameloft.com >> tel:(514)798-1700 x.4514 >> >> >> >> On 11-04-07 07:55 PM, Simon Horman wrote: >> >> Sorry Jesse, >> >> I haven't had time to look into it yet, but if you are getting a sig 11 >> then there is a bug. >> >> On Thu, Apr 07, 2011 at 10:47:14AM -0400, Jesse Jarzynka wrote: >> >> Hello Simon, any updates on this? Is this a confirmed bug that you are still >> working on? Just want to make sure it's not something I'm doing wrong, >> thanks! -Jesse >> >> On Tue, Apr 5, 2011 at 1:38 PM, Jesse Jarzynka <jesse(a)jessejoe.com> <jesse(a)jessejoe.com> wrote: >> >> >> Simon, >> >> I apologize but this was wrong. For some reason I turned off managesieve on >> the destination server, probably something I was testing. I am now >> confirming that perdition still exits on signal 11 when trying to >> authenticate managesieve same as before with the latest mercurial code. It >> still seems to send me to the right server and I see the managesieve >> response from the correct managesieve server, and then I get the exit 11: >> >> Apr 5 13:35:47 perdition-dev perdition.managesieve[21571]: Connect: >> 10.30.40.197:49949->*MailScanner warning: numerical links are often malicious:* 10.30.40.163:4190 <http://10.30.40.163:4190> >> Apr 5 13:35:48 perdition-dev perdition.managesieve[21571]: SELF: >> "\"IMPLEMENTATION\" \"perdition\"\r\n\"SIEVE\" \"comparator-i;octet >> comparator-i;ascii-casemap fileinto reject envelope encoded-character >> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags >> copy include variables body enotify environment mailbox date\"\r\n\"SASL\" >> \"PLAIN\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" \"1.19-rc4\"\r\nOK >> \"perdition ready on perdition-dev.localnet.sys 0002b4d8\"\r\n" >> Apr 5 13:35:50 perdition-dev perdition.managesieve[21571]: CLIENT: >> "AUTHENTICATE \"PLAIN\" >> \"AHRlc3RhY2NvdW50MDBAbG9jYWxuZXQuY29tAFRlY2g5OTk=\"\r\n" >> Apr 5 13:35:50 perdition-dev perdition.managesieve[21571]: >> username_add_domain: username_add_domain 0 1 >> Apr 5 13:35:51 perdition-dev perdition.managesieve[21571]: >> username_add_domain: username_add_domain 0 4 >> Apr 5 13:35:51 perdition-dev perdition.managesieve[21571]: REAL: >> "\"IMPLEMENTATION\" \"dovecot\"\r\n\"SIEVE\" \"comparator-i;octet >> comparator-i;ascii-casemap fileinto reject envelope encoded-character >> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags >> copy include variables body enotify environment mailbox date spamtest >> spamtestplus virustest\"\r\n\"SASL\" \"PLAIN >> LOGIN\"\r\n\"STARTTLS\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" >> \"1.0\"\r\nOK \"Dovecot ready.\"\r\n" >> Apr 5 13:35:51 perdition-dev perdition.managesieve[21571]: Exiting on >> signal 11 >> >> On Mon, Apr 4, 2011 at 10:52 AM, Jesse Jarzynka <jesse(a)jessejoe.com> <jesse(a)jessejoe.com>wrote: >> >> >> On Sat, Apr 2, 2011 at 6:09 PM, Simon Horman <horms(a)verge.net.au> <horms(a)verge.net.au> wrote: >> >> # apt-get build-dep perdition >> >> The build-dep must've grabbed something I was missing because I was >> able to compile it after that. >> >> I'm not getting the same error anymore, so that's good! I'm still not >> getting the right server from ldap with managesieve though. Here's and >> example of my IMAP auth working correctly and adding the right server: >> >> Apr 4 10:42:35 perdition-dev perdition.imap4[17368]: Starting >> perdition version=1.19-rc4 protocol=IMAP4 >> Apr 4 10:42:35 perdition-dev perdition.imap4[17368]: add_domain="", >> authenticate_in=off, authenticate_timeout=1800, bind_address="", >> client_server_specification=off, >> config_file="/home/jjarzynka/perdition.conf", connection_limit=0, >> connection_logging=on, connect_relog=300, debug=on, >> domain_delimiter="@", explicit_domain="", group="root", >> imap_capability="IMAP4 IMAP4REV1", inetd_mode=off, >> listen_port="imap2", log_facility="mail", log_passwd="never", >> login_disabled=off, lower_case="", >> managesieve_capability=""IMPLEMENTATION" "perdition" "SIEVE" >> "comparator-i;octet comparator-i;ascii-casemap fileinto reject >> envelope encoded-character vacation subaddress >> comparator-i;ascii-numeric relational regex imap4flags copy include >> variables body enotify environment mailbox date" "SASL" "PLAIN" >> "NOTIFY" "mailto" "VERSION" "1.19-rc4"", >> map_library="/usr/lib/libperditiondb_ldap.so.0.0.0", >> >> map_library_opt="ldap://ldap.localnet.sys/ou=accounts,dc=localnet,dc=com?mail,mailHost,port?one?(mail=%s)", >> no_bind_banner=off, no_daemon=off, no_lookup=off, tcp_keepalive=off, >> nodename="perdition-dev", ok_line="You are so in", >> outgoing_port="imap2", outgoing_server="", >> pid_file="/var/run/perdition.imap4s/perdition.imap4s.pid", >> pop_capability="UIDL.USER", protocol="IMAP4", server_resp_line=off, >> strip_domain="", timeout=1800, username="root", >> username_from_database=off, query_key="", quiet=off (mask=0x00000400 >> 00000000) >> Apr 4 10:42:35 perdition-dev perdition.imap4[17368]: ssl_mode="", >> ssl_ca_file="", ssl_ca_path="/usr/etc/perdition/perdition.ca/", >> ssl_ca_accept_self_signed="off", >> ssl_cert_file="/usr/etc/perdition/perdition.crt.pem", >> ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off", >> ssl_cert_self_signed="off", ssl_cert_verify_depth=9, >> ssl_key_file="/usr/etc/perdition/perdition.key.pem", >> ssl_listen_ciphers="", ssl_outgoing_ciphers="", >> ssl_no_cert_verify="off", ssl_no_client_cert_verify="off", >> ssl_no_cn_verify="off" ssl_passphrase_fd=0, >> ssl_passphrase_file="(null)", (ssl_mask=0x00000000) >> Apr 4 10:42:35 perdition-dev perdition.imap4[17370]: >> vanessa_socket_daemon_setid: uid=0 euid=0 gid=0 egid=0 >> Apr 4 10:42:41 perdition-dev perdition.imap4[17371]: Connect: >> 10.30.40.197:34045->*MailScanner warning: numerical links are often malicious:* 10.30.40.163:143 <http://10.30.40.163:143> >> Apr 4 10:42:41 perdition-dev perdition.imap4[17371]: SELF: "* OK >> [CAPABILITY IMAP4 IMAP4REV1] perdition ready on >> perdition-dev.localnet.sys 0002b0cf\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: CLIENT: "01 >> login testaccount00(a)localnet.com PASSWORD\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: >> username_add_domain: username_add_domain 0 1 >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: >> username_add_domain: username_add_domain 0 4 >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: REAL: "* OK >> [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT >> THREAD=REFERENCES SORT QUOTA IDLE] Courier-IMAP ready. Copyright >> 1998-2003 Double Precision, Inc. See COPYING for distribution >> information.\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: SELF: "flim07 >> CAPABILITY\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: REAL: "* >> CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT >> THREAD=REFERENCES SORT QUOTA IDLE\r\nflim07 OK CAPABILITY >> completed\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: SELF: "flim08 >> LOGIN {26}\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: REAL: "+ OK\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: SELF:"testaccount00(a)localnet.com {7}\r\n" <testaccount00(a)localnet.com%7B7%7D%5Cr%5Cn> >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: REAL: "+ OK\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: SELF: >> "PASSWORD\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: REAL: "flim08 >> OK LOGIN Ok.\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: SELF: "01 OK >> You are so in\r\n" >> Apr 4 10:42:51 perdition-dev perdition.imap4[17371]: Auth: >> 10.30.40.197:34045->*MailScanner warning: numerical links are often malicious:* 10.30.40.163:143 <http://10.30.40.163:143> client-secure=plaintext >> authorisation_id=NONE authentication_id="testaccount00(a)localnet.com" <testaccount00(a)localnet.com> >> server="maildrop-dovecot-dev.localnet.sys:imap2" protocol=IMAP4 >> server-secure=plaintext status="ok" >> >> >> So you can see it finds the correct mail server for this user as >> "maildrop-dovecot-dev.localnet.sys" and forwards my connection there. >> Here is my output when using managesieve on the latest mercurial code >> and the same config file now: >> >> >> Apr 4 10:47:24 perdition-dev perdition.managesieve[17401]: Starting >> perdition version=1.19-rc4 protocol=MANAGESIEVE >> Apr 4 10:47:24 perdition-dev perdition.managesieve[17401]: >> add_domain="", authenticate_in=off, authenticate_timeout=1800, >> bind_address="", client_server_specification=off, >> config_file="/home/jjarzynka/perdition.conf", connection_limit=0, >> connection_logging=on, connect_relog=300, debug=on, >> domain_delimiter="@", explicit_domain="", group="root", >> imap_capability="IMAP4 IMAP4REV1", inetd_mode=off, >> listen_port="sieve", log_facility="mail", log_passwd="never", >> login_disabled=off, lower_case="", >> managesieve_capability=""IMPLEMENTATION" "perdition" "SIEVE" >> "comparator-i;octet comparator-i;ascii-casemap fileinto reject >> envelope encoded-character vacation subaddress >> comparator-i;ascii-numeric relational regex imap4flags copy include >> variables body enotify environment mailbox date" "SASL" "PLAIN" >> "NOTIFY" "mailto" "VERSION" "1.19-rc4"", >> map_library="/usr/lib/libperditiondb_ldap.so.0.0.0", >> >> map_library_opt="ldap://ldap.localnet.sys/ou=accounts,dc=localnet,dc=com?mail,mailHost,port?one?(mail=%s)", >> no_bind_banner=off, no_daemon=off, no_lookup=off, tcp_keepalive=off, >> nodename="perdition-dev", ok_line="You are so in", >> outgoing_port="sieve", outgoing_server="", >> pid_file="/var/run/perdition.imap4s/perdition.imap4s.pid", >> pop_capability="UIDL.USER", protocol="MANAGESIEVE", >> server_resp_line=off, strip_domain="", timeout=1800, username="root", >> username_from_database=off, query_key="", quiet=off (mask=0x00000400 >> 00000000) >> Apr 4 10:47:24 perdition-dev perdition.managesieve[17401]: >> ssl_mode="", ssl_ca_file="", >> ssl_ca_path="/usr/etc/perdition/perdition.ca/", >> ssl_ca_accept_self_signed="off", >> ssl_cert_file="/usr/etc/perdition/perdition.crt.pem", >> ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off", >> ssl_cert_self_signed="off", ssl_cert_verify_depth=9, >> ssl_key_file="/usr/etc/perdition/perdition.key.pem", >> ssl_listen_ciphers="", ssl_outgoing_ciphers="", >> ssl_no_cert_verify="off", ssl_no_client_cert_verify="off", >> ssl_no_cn_verify="off" ssl_passphrase_fd=0, >> ssl_passphrase_file="(null)", (ssl_mask=0x00000000) >> Apr 4 10:47:24 perdition-dev perdition.managesieve[17403]: >> vanessa_socket_daemon_setid: uid=0 euid=0 gid=0 egid=0 >> Apr 4 10:47:44 perdition-dev perdition.managesieve[17407]: Connect: >> 10.30.40.197:44134->*MailScanner warning: numerical links are often malicious:* 10.30.40.163:4190 <http://10.30.40.163:4190> >> Apr 4 10:47:44 perdition-dev perdition.managesieve[17407]: SELF: >> "\"IMPLEMENTATION\" \"perdition\"\r\n\"SIEVE\" \"comparator-i;octet >> comparator-i;ascii-casemap fileinto reject envelope encoded-character >> vacation subaddress comparator-i;ascii-numeric relational regex >> imap4flags copy include variables body enotify environment mailbox >> date\"\r\n\"SASL\" \"PLAIN\"\r\n\"NOTIFY\" \"mailto\"\r\n\"VERSION\" >> \"1.19-rc4\"\r\nOK \"perdition ready on perdition-dev.localnet.sys >> 0002b4d8\"\r\n" >> Apr 4 10:47:49 perdition-dev perdition.managesieve[17407]: CLIENT: >> "AUTHENTICATE \"PLAIN\" >> \"AHRlc3RhY2NvdW50QGxvY2FsbmV0LmNvbQB0ZXN0\"\r\n" >> Apr 4 10:47:49 perdition-dev perdition.managesieve[17407]: >> username_add_domain: username_add_domain 0 1 >> Apr 4 10:47:50 perdition-dev perdition.managesieve[17407]: >> vanessa_socket_client_src_open: getaddrinfo dst: "deleted" "sieve": >> Name or service not known >> Apr 4 10:47:50 perdition-dev perdition.managesieve[17407]: main: >> vanessa_socket_client_open >> Apr 4 10:47:53 perdition-dev perdition.managesieve[17407]: SELF: >> "NO \"failed: Could not connect to server\"\r\n" >> Apr 4 10:47:53 perdition-dev perdition.managesieve[17407]: Auth: >> 10.30.40.197:44134->*MailScanner warning: numerical links are often malicious:* 10.30.40.163:4190 <http://10.30.40.163:4190> client-secure=plaintext >> authorisation_id=NONE authentication_id="testaccount(a)localnet.com" <testaccount(a)localnet.com> >> server="deleted:sieve" protocol=MANAGESIEVE server-secure=plaintext >> status="failed: Could not connect to server" >> >> >> This time it gets the mail server as "deleted:sieve" instead of >> "maildrop-dovecot-dev.localnet.sys". Shouldn't it be using my mail >> server defined in my ldap lookup like IMAP does? It does appear you >> have fixed whatever bug was disconnecting me immediately though. >> Thanks for your continued help. -Jesse >> >> >> ______________________________________________ >> Perdition-users mailing listPerdition-users@vergenet.nethttp://lists.vergenet.net/listinfo/perdition-users >> >> >> ______________________________________________ >> Perdition-users mailing list >> Perdition-users(a)vergenet.net >> http://lists.vergenet.net/listinfo/perdition-users >> >> >

13 years, 3 months

Help with perdition-mysql and gmail proxy

by Jessica Dove

I've been trying to figure out how to setup perdition with mysql and proxy gmail, but have not had any luck! I read this post, http://permalink.gmane.org/gmane.mail.perdition.user/1721, which leads to believe its possible. perdition 1.18 cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=10.04 DISTRIB_CODENAME=lucid DISTRIB_DESCRIPTION="Ubuntu 10.04.1 LTS" Here's the error's I see, which makes me think its not looking up mysql db correctly. Apr 24 12:31:22 desktop perdition[4517]: Connect: 127.0.0.1->127.0.0.1 Apr 24 12:31:22 desktop perdition[4517]: SSL connection using AES256-SHA Apr 24 12:31:22 desktop perdition[4517]: username_add_domain: username_add_domain 1 1 Apr 24 12:31:22 desktop perdition[4517]: getserver: do_dbserver_get Apr 24 12:31:25 desktop perdition[4517]: Auth: 127.0.0.1->127.0.0.1 user=" megamind(a)webeclouding.com" passwd="XXXXXXX" server="(null)" port="993" status="failed: Could not determine server" Apr 24 12:31:25 skytap-desktop perdition[4517]: token_read: token_fill_buffer Apr 24 12:31:25 skytap-desktop perdition[4517]: read_line: token_read Apr 24 12:31:25 skytap-desktop perdition[4517]: imap4_in_get_pw: read_imap4_line 1 Apr 24 12:31:25 skytap-desktop perdition[4517]: main: protocol->in_get_pw Apr 24 12:31:25 skytap-desktop perdition[4517]: Fatal Error reading authentication information from client 127.0.0.1->127.0.0.1: Exiting child Perdition.conf desktop:~# cat /etc/perdition/perdition.conf ###################################################################### # perdition.conf # A|add_domain STATE[,STATE...][,STRIP_DEPTH]: # Appends a domain to the USER based on the IP address connected to in # given state(s). # (default "") #A servername_lookup,1 add_domain servername_lookup,1 # a|authenticate_in: # User is authenticated by perdition before connection to real-server. #a #authenticate_in # B|no_bind_banner: # Use uname to generate banner of even if bind_address is in effect. #B #no_bind_banner # b|bind_address SERVER[,SERVER...] # Bind to these addresses and ports. # (default "") #b 127.0.0.1 #bind_address 127.0.0.1 # C|connection_logging: # Log all comminication recieved from end-users or real servers or sent # from perdition. # Note: debug must be in effect for this option to take effect. #C #connection_logging # connect_relog SECONDS: # How often to relog the connection. # Zero for no relogging. # (default 300) #connect_relog 300 # c|client_server_specification: # Allow end-user to specify the real-server. #c #client_server_specification # D|domain_delimiter STRING: # Delimiter between username and domain. # (default "@") #D @ #domain_delimiter \# # d|debug: # Turn on verbose debuging. #d debug # e|explicit_domain STRING # With -A, use STRING as the default domain rather than deriving # from the IP address connected to. #explicit_domain some.domain # F|log_facility FACILITY: # Facility to log to. # (default "mail") #F mail #log_facility /dev/null # g|group GROUP: # Group to run as. # (default "nobody") #g nobody #group nobody # I|capability|pop_capability|imap_capability STRING: # Capabilities for the protocol. #I IMAP4 IMAP4REV1 LITERAL+ #I IMAP4 IMAP4REV1 imap_capability IMAP4 # i|inetd_mode: # Run in inetd mode. #i #inetd_mode # L|connection_limit LIMIT: # Maximum number of connections to accept simultaneously. A value of zero # sets no limit on the number of simultaneous connections. # (default 0) #L 64 #connection_limit 64 # l|listen_port PORT_NUMBER|PORT_NAME: # Port to listen on. # (default "protocol dependent") #l 110 #listen_port 110 # login_disabled # Do not allow users to log in. #login_disabled # log_passwd STATE # Log the users password, otherwise just report it as "XXXXXX". # (default "never") #log_passwd never #log_passwd fail #log_passwd ok log_passwd always # lower_case STATE[,STATE...]: # Convert usernames to lower case according the the locale in given # state(s). # (default "") #lower_case servername_lookup # M|map_library FILENAME: # Library to open that provides functions to look up the server for a user. # M /usr/lib/libperditiondb_gdbm.so.0 map_library /usr/lib/libperditiondb_gdbm.so.0 map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition" # m|map_library_opt STRING: # String option for the map_library. # (default "") #m "" #map_library_opt "/etc/perdition/perdition_lookup.gdbm.db" # no_daemon: # Do not detach from terminal. #no_daemon # n|no_lookup # Disable host and port lookup. #n #no_lookup # O|ok_line # Use STRING as the OK line to send to the client. # Overriden by server_ok_line. #O You are so in ok_line Access Granted # server_ok_line: # This option is depricated and now has the same effect as o|server_resp_line # It may be removed in a future release # o|server_resp_line: # If authentication with the back-end server is successful then send the # servers +OK line to the client, instead of generting one. #o #server_resp_line # P|protocol PROTOCOL: # Protocol to use # (default "POP3") #P POP3 #protocol POP3 # p|outgoing_port PORT_NAME|PORT_NUMBER: # Default real-server port. # (default "protocol dependent") #p 110 outgoing_port 993 # s|outgoing_server: SERVER[,SERVER...] # Default server(s). # (default "") #s sarah:110,locahost #outgoing_server sarah:110,localhost #outgoing_server sarah:110 #outgoing_server sarah # pid_file FILENAME # Path for pidfile. Must be a full path starting with a '/'. # To allow perdition to remove the pid file after the owner of # the perdition process is changed to a non-root user, it is advised to # specify a pid file in a subdirectory of the system var state directory # (usually /var/run). This subdirectory should be unique to this perdition # invocation and will be created and have its owner and permitions set to # allow perdition to subsequently remove the pid file. # Empty for no pid file. Not used in inetd mode. # default <var_state_dir>/<basename>/<basename>.pid #pid_file /var/run/perdition/perdition.pid #pid_file /var/run/perdition.pop3/perdition.pop3.pid #pid_file /var/run/perdition.pop3s/perdition.pop3s.pid #pid_file /var/run/perdition.imap4/perdition.imap4.pid #pid_file /var/run/perdition.imap4s/perdition.imap4s.pid # S|strip_domain: STATE[,STATE...] # Allow domain portion of username to be striped in given state(s) # (default "") #S all #strip_domain servername_lookup # t|timeout SECONDS: # Idle timeout. Zero for infinite timeout. # (default 1800) #t 1800 #timeout 1800 # u|username USERNAME: # User to run as. # (default "nobody") #u nobody #username nobody # U|username_from_database: # Substitute username from popmap lookup. #U #username_from_database # q|quiet: # Only log errors. Overriden by debug. #q #quiet # query_key FORMAT[,FORMAT...]: # Speficy a list of query strings to search for in the popmap. #query_key \\U #query_key \\u,\\D\\d #query_key \\I #query_key \\u\\da_domain,\\da_domain ###################################################################### # Options below relate to SSL/TLS support. # They are not available if perdition is compiled without SSL support. ###################################################################### # ssl_mode MODE[,MODE ...]:: # Use SSL and or TLS for the listening and/or outgoing connections. ssl_mode ssl_listen #ssl_mode tls_listen_force # ssl_ca_chain_file: # Chain file containing Certificate Authorities to use when # verifying certificates. Overrides ssl_ca_file and ssl_ca_path # (default "") #ssl_ca_chain_file /etc/perdition/perdition.ca.pem # ssl_ca_file FILENAME: # File containing Certificate Authorities to use when verifying certificates. # When building the Certificate Authorities chain, ssl_ca_file is used # first, if set, and then ssl_ca_path, if set. # (default "") #(recommended location "/etc/perdition/perdition.ca.pem") #ssl_ca_file /etc/perdition/perdition.ca.pem # ssl_ca_path PATHNAME: # Derectory containing Certificate Authorities files to use when verifying # certificates. # When building the Certificate Authorities chain, ssl_ca_file is used # first, if set, and then ssl_ca_path, if set. # (default "/etc/perdition/perdition.ca/") #ssl_ca_path /etc/perdition/perdition.ca/ # ssl_ca_accept_self_signed: # Accept self-signed certificates. #ssl_ca_accept_self_signed # ssl_cert_file FILENAME: # Certificate chain to use when listening for SSL or TLS connections. # (default "/etc/perdition/perdition.crt.pem") #ssl_cert_file /etc/perdition/perdition.crt.pem # ssl_cert_accept_self_signed: # Accept self-signed certificates. #ssl_cert_accept_self_signed # ssl_cert_accept_expired: # Accept expired certificates. This includes server certificates # and certificats authority certificates. #ssl_cert_accept_expired # ssl_cert_accept_not_yet_valid: # Accept certificates that are not yet valid. This includes server # certificates and certificats authority certificates. #ssl_cert_accept_not_yet_valid # ssl_cert_verify_depth DEPTH: # Chain Depth to recurse to when vierifying certificates. # (default 9) #ssl_cert_verify_depth 9 # ssl_key_file FILENAME: # Public key to use when listening for SSL or TLS connections. # (default "/etc/perdition/perdition.key.pem") #ssl_key_file /etc/perdition/perdition.key.pem # ssl_listen_ciphers STRING: # Cipher list when listening for SSL or TLS connections. # If empty ("") then openssl's default will be used. # (default "") #ssl_listen_ciphers "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" # ssl_outgoing_ciphers STRING: # Cipher list when making outgoing SSL or TLS connections. # If empty ("") then openssl's default will be used. # (default "") #ssl_outgoing_ciphers "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" # ssl_no_cert_verify: # Don't cryptographically verify the real-server's certificate. ssl_no_cert_verify # ssl_no_cn_verify: # Don't verify the real-server's common name with the name used # to connect to the server. ssl_no_cn_verify MYSQL dB: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 101 Server version: 5.1.41-3ubuntu12.10 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | dbPerdition | +--------------------+ 2 rows in set (0.00 sec) mysql> use dbPerdition; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> select * from tblPerdition; +---------------------------+----------------+------+ | user | servername | port | +---------------------------+----------------+------+ | cindy(a)webeclouding.com | imap.gmail.com | 993 | | megamind(a)webeclouding.com | imap.gmail.com | 993 | +---------------------------+----------------+------+ 2 rows in set (0.00 sec) mysql>

13 years, 3 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users April 2011