Perdition-users August 2011

perdition-users@vergenet.net

3 participants
3 discussions

Zombie pop3s (and imaps?) processes in connect state

by Christian Balzer

Hello, we've been using perdition as a pop3/pop3s/imap/imaps proxy for about four years now, first with Debian Sarge package and now under Etch. And throughout this time I've seen pop3s (and from the looks of it the same happens with imaps) processes stuck in connect, like this: --- 16836 ? S 5:31 0 120 32179 2204 0.0 perdition.pop3s 28070 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 7782 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect 24468 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 14180 ? S 0:00 0 120 32311 1568 0.0 \_ perdition.pop3s: connect 13503 ? S 0:00 0 120 32311 1564 0.0 \_ perdition.pop3s: connect --- They never die off, keep the connection open, there is no traffic and the other end might be long gone. Last trace in the logs is always like this: --- Feb 5 22:05:16 pp11 perdition[7782]: Connect: hi.mi.ts.u->203.216.5.113 --- It must be something related to the SSL'ness of these service, since I'm not seeing this happening ever for imap/pop3. Alas a lot of people do use TLS with those, so it's not a generic SSL issue. Maybe the master process could kick a child handling connections in the head after "timeout" seconds in connect state? If more information is needed I can try to provide it, but note that with a rate of roughly 35 pops per second I'm a bit weary to turn on debugging. ^_- This may or may not be related to another SSL related issue, which will be for the sake of making searches in the archive more likely to find good keywords in a separate mail. Regards, Christian -- Christian Balzer Network/Systems Engineer NOC chibi(a)gol.com Global OnLine Japan/Fusion Network Services http://www.gol.com/

11 years, 7 months

Managesieve segfault bug. Test case and work around included

by Steven Kurylo

Hi, I've tried perdition_1.19~rc4-3 but I still get a segfault. I'm running cyrus 2.4.8, and I can avoid the segfault under two scenarios: 1) With "sasl_mech_list: LOGIN PLAIN" and "allowplaintext: no" in my cyrus config 2) With "sasl_mech_list: PLAIN" and "allowplaintext: yes" in my cyrus config In my environment, we have a client which can't do TLS, so a special sieve daemon which allows plaintext listens on local host for it. Originally #2 also offered LOGIN and I that's how I ran into the segfault. It seems to be something in the sieve banner parsing. I've made a python script to act as a sieve server (see attached): ./server.py Then I run perdition: perdition.managesieve -d --no_daemon --listen_port=2006 -C --outgoing_server=127.0.0.1:2005 -f '' --pid_file /tmp/sieve.pid Then I telnet to 2006 and paste : AUTHENTICATE "PLAIN" "<real auth string>" I either get an OK or a segfault in perdition. server.py will cycle through the specified banners, so you can continue to telnet to try each banner test case out. Let me know if you need any further information. Thanks. -- Steven Kurylo

12 years, 10 months

Apple Mail and AUTHENTICATE PLAIN

by Jernej Porenta

Hello, we are expiriencing issues with latest Apple Mail (OS X Lion) and perdition 1.19-rc4. The problem (as it seems) lies in Apple Mail way of using AUTHENTICATE PLAIN with perdition. The log from Apple mail shows: READ Aug 14 21:00:09.405 [kCFStreamSocketSecurityLevelNegotiatedSSL] -- host:imap_host -- port:993 -- socket:0x7fb51fc20b60 -- thread:0x7fb51f125e10 * OK [CAPABILITY IMAP4 AUTH=LOGIN LITERAL+ IMAP4REV1] perdition ready on imap_host 0002b2fb WROTE Aug 14 21:00:09.413 [kCFStreamSocketSecurityLevelNegotiatedSSL] -- host:imap_host -- port:993 -- socket:0x7fb51fc20b60 -- thread:0x7fb51fb448e0 1.219 AUTHENTICATE LOGIN READ Aug 14 21:00:09.437 [kCFStreamSocketSecurityLevelNegotiatedSSL] -- host:imap_host -- port:993 -- socket:0x7fb51fc20b60 -- thread:0x7fb51fb448e0 1.219 NO AUTHENTICATE mechanism not supported, mate I know that there are some issues with latest Apple Mail (http://goo.gl/RmCGc), but I am unable to resolve them. Does anyone of you have a similar case and knows how to resolve it? I have tried to change the imap_capability, but it does not resolve the issue. Thank you in advance, regards, Jernej

12 years, 11 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users August 2011