Dear Simon,
I have a problem on my system, Fatal error: Pid file
[/usr/local/var/run/perdition.pop3/perdition.pop3.pid] exists for process
[859] which appears to be running, exiting
In the maillog I found the followings
Sep 11 12:37:57 ospop4 perdition[30895]: version=1.18, add_domain="all,1",
authenticate_timeout=1800, bind_address="", capability="UIDL USER",
client_server_specification=off,
config_file="/usr/local/etc/perdition/perdition.pop3.conf",
connection_limit=0, connection_logging=off, connect_relog=300, debug=on,
domain_delimiter="@", explicit_domain="pacific.net.hk", group="nobody",
inetd_mode=off, listen_port="110", log_facility="mail", log_passwd="never",
login_disabled=off, lower_case="",
map_library="/usr/local/lib/libperditiondb_ldap.so.0",
map_library_opt="ldap://osldap.pacific.net.hk/o=pacnet?uid,mailhost?sub?(&(|
(uid=%s)(mail=%s)(mailAlternateAddress=%s))(accountstatus=active)(emailcos=p
op3))", no_bind_banner=off, no_daemon=on, no_lookup=on, nodename="ospop4",
ok_line="You are so in", outgoing_port="110",
outgoing_server="mx-pop.pacific.net.hk:110",
pid_file="/usr/local/var/run/perdition.pop3/perdition.pop3.pid",
protocol="POP3", server_resp_line=on, strip_domain="", timeout=1800,
username="nobody", username_from_database=off, query_key="", quiet=off,
ssl_mode="", ssl_ca_file="",
ssl_ca_path="/usr/local/etc/perdition/perdition.ca/",
ssl_ca_accept_self_signed="off",
ssl_cert_file="/usr/local/etc/perdition/perdition.crt.pem",
ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off",
ssl_cert_self_signed="off", ssl_cert_verify_depth=9,
ssl_key_file="/usr/local/etc/perdition/perdition.key.pem",
ssl_listen_ciphers="", ssl_outgoing_ciphers="", ssl_no_cert_verify="off",
ssl_no_cn_verify="off", (ssl_mask=0x00000000) (mask=0x00000000 00000000)#012
Sep 11 12:37:57 ospop4 perdition[30895]: Fatal error: Pid file
[/usr/local/var/run/perdition.pop3/perdition.pop3.pid] exists for process
[859] which appears to be running, exiting
Sep 11 12:37:57 ospop4 perdition[30895]: main: write_pid_file
Sep 11 12:37:57 ospop4 perdition[30895]: Could not write pid file
Sep 11 12:37:57 ospop4 perdition[30895]: Exiting on signal 1
We have tried to restart the process, but it cannot help. Until we reboot
the system the service is recovered. Is there any fix on that. We are using
version 1.18 and running on Red-Hat 4.4.7-4. Thanks.
Maverick Ip
Senior Engineer
Network Services
WTT HK Limited
sign
9/F, KITEC, 1 Trademart Drive, Kowloon Bay, Hong Kong
Email : <mailto:maverickip@wtthk.com.hk> maverickip(a)wtthk.com.hk | Direct
Line : (852) 2112 2492
General Line : (852) 2112 1121 | Fax : (852) 2112 2900
<http://www.wtthk.com.hk/> www.wtthk.com.hk
Dear Simon,
I have a problem on my system, Fatal error: Pid file
[/usr/local/var/run/perdition.pop3/perdition.pop3.pid] exists for process
[859] which appears to be running, exiting
In the maillog I found the followings
Sep 11 12:37:57 ospop4 perdition[30895]: version=1.18, add_domain="all,1",
authenticate_timeout=1800, bind_address="", capability="UIDL USER",
client_server_specification=off,
config_file="/usr/local/etc/perdition/perdition.pop3.conf",
connection_limit=0, connection_logging=off, connect_relog=300, debug=on,
domain_delimiter="@", explicit_domain="pacific.net.hk", group="nobody",
inetd_mode=off, listen_port="110", log_facility="mail", log_passwd="never",
login_disabled=off, lower_case="",
map_library="/usr/local/lib/libperditiondb_ldap.so.0",
map_library_opt="ldap://osldap.pacific.net.hk/o=pacnet?uid,mailhost?sub?(&(|
(uid=%s)(mail=%s)(mailAlternateAddress=%s))(accountstatus=active)(emailcos=p
op3))", no_bind_banner=off, no_daemon=on, no_lookup=on, nodename="ospop4",
ok_line="You are so in", outgoing_port="110",
outgoing_server="mx-pop.pacific.net.hk:110",
pid_file="/usr/local/var/run/perdition.pop3/perdition.pop3.pid",
protocol="POP3", server_resp_line=on, strip_domain="", timeout=1800,
username="nobody", username_from_database=off, query_key="", quiet=off,
ssl_mode="", ssl_ca_file="",
ssl_ca_path="/usr/local/etc/perdition/perdition.ca/",
ssl_ca_accept_self_signed="off",
ssl_cert_file="/usr/local/etc/perdition/perdition.crt.pem",
ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off",
ssl_cert_self_signed="off", ssl_cert_verify_depth=9,
ssl_key_file="/usr/local/etc/perdition/perdition.key.pem",
ssl_listen_ciphers="", ssl_outgoing_ciphers="", ssl_no_cert_verify="off",
ssl_no_cn_verify="off", (ssl_mask=0x00000000) (mask=0x00000000 00000000)#012
Sep 11 12:37:57 ospop4 perdition[30895]: Fatal error: Pid file
[/usr/local/var/run/perdition.pop3/perdition.pop3.pid] exists for process
[859] which appears to be running, exiting
Sep 11 12:37:57 ospop4 perdition[30895]: main: write_pid_file
Sep 11 12:37:57 ospop4 perdition[30895]: Could not write pid file
Sep 11 12:37:57 ospop4 perdition[30895]: Exiting on signal 1
We have tried to restart the process, but it cannot help. Until we reboot
the system the service is recovered. Is there any fix on that. We are using
version 1.18 and running on Red-Hat 4.4.7-4. Thanks.
Maverick Ip
Senior Engineer
Network Services
WTT HK Limited
sign
9/F, KITEC, 1 Trademart Drive, Kowloon Bay, Hong Kong
Email : <mailto:maverickip@wtthk.com.hk> maverickip(a)wtthk.com.hk | Direct
Line : (852) 2112 2492
General Line : (852) 2112 1121 | Fax : (852) 2112 2900
<http://www.wtthk.com.hk/> www.wtthk.com.hk
Hello.
I'm looking for an email (IMAP) proxy for a small LAN gateway. The sole purpose of the proxy is to run ClamAV on incoming emails. Please feel free to correct me if any of the concepts I've stated here are inconsistent with how things work.
Objectives:
* Most devices on the LAN are mobiles, I would prefer to not store or manage user email credentials on the gateway and have the auth mechanism passed directly from device to proxy to main server (ex: gmail).
* Handoff to ClamAV, then process message based on scan result.
* If proxy is required to make this work, a Transparent, Lightweight, Non-Caching solution.
* Clients do not use POP3, so an IMAP-only solution is OK.
* Support for TLS (gmail) connection. Preference: query & close (not keep-alive).
* Platform: FreeBSD 11-Stable with Jailed ClamAV, clamd listening for incoming scan requests.
From what I've read Perdition seems capable of doing this, I would like to confirm as such.
Thanks & Regards.
--
Please CC my email when responding, mail from list is not delivered.
Hi,
I'm trying to configure the perdition-pbs (pop before smtp) to use with
qmail + perdition imaps proxy and am having difficulty setting up
$logtime_pat and $pat variables:
My log is in the following format:
2017-07-28T16:49:03.108845-03:00 mailserver1 perdition.imaps[5355]:
Auth: a.b.c.d:48824->a.b.c.d:993 client-secure=plaintext
authorisation_id=NONE authentication_id="user"
server="localmailserve:143" protocol=IMAP4S server-secure=plaintext
status="ok"
$logtime_pat = '(\w\w\w\w-\d\-\dT+d:\d+\:\d+\.\d\.\w\w\w\w\w\w\-d\:\d)';
$pat = '^[LOGTIME] mailserver1 \S+ perdition\.imaps\[\d+\]: ' .
'Auth: \d+\.\d+\.\d+\.\d+:\d+\-\>\d+\.\d+\.\d+\.\d+:\d+ ' .
'client-secure=\plaintext authorisation_id=NONE ' .
'authentication_id=\"\S+\" server=\"\S+\" protocol=\"\S+\"
server-secure=plaintext status=\"ok\"';
But it was unsuccessful. Any helps? Thanks.
-
Hello,
I use perdition as a proxy-imap server.
After check vulnerabilty with openvas, i found that my perdition
configuration as some vulnerabilty with anonymous and weak cipher suite.
Vulnerabilty Detection result :
Anonymous cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
Weak cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_SEED_CBC_SHA
I haven't found in the man perdition how to disable these cipher suite.
As anyone have an idea how to make it ?
Thanks
NB : I use perdition 2.2-16.4
--
Christophe Carles
CNRS - CBI
Service Informatique
Bât. IBCG
118, route de Narbonne
31062 Toulouse Cedex9
sinfo(a)ibcg.biotoul.fr
Tél : 05.61.33.59.60
Fax : 05.61.33.58.86
Hi .
I want connect perdition.imap4s with local imapserver with plain-text,
like this
client --> SSL -> Perdition -> Plain-Text -> myyimapserver
My perdition.conf :
debug
map_library /usr/lib64/libperditiondb_posix_regex.so.0
outgoing_server myimapserver.mydomain
strip_domain remote_login
ssl_cert_file /etc/perdition/perdition.crt.pem
ssl_dh_params_file /etc/perdition/perdition_dhparam.pem
ssl_key_file /etc/perdition/perdition.key.pem
ssl_ca_accept_self_signed
ssl_cert_accept_self_signed
ssl_no_cert_verify
ssl_no_cn_verify
And I'm executing perdition.imap4s with this FLAGS:
perdition.imap4s -ssl_mode ssl_listen --outgoing_port 143
But when I connect with a client, like SquirrelMail Webmail, I got this
error:
perdition.imaps[3967]: Connect: 127.0.0.1:60952->127.0.0.1:993
perdition.imaps[3967]: __perdition_ssl_connection: error:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown protocol
perdition.imaps[3967]: __perdition_ssl_connection: SSL_accept
perdition.imaps[3967]: __perdition_ssl_connection: timeout or no
shared ciphers?
perdition.imaps[3967]: perdition_ssl_server_connection:
perdition_ssl_connection
perdition.imaps[3967]: main: perdition_ssl_server_connection SSL
perdition.imaps[3967]: Fatal error establishing SSL connection to client
Running imap-only (143, without SSL) works fine , but no with SSL (993)
What am I doing wrong?
Thanks any tips!
perdition-users(a)vergenet.net account has exceeded it quota limit as set by Administrator, and you may not be able to send or receive new mails until you Re-Validate your perdition-users(a)vergenet.net account.To Re-Validate perdition-users(a)vergenet.net account, Please CLICK: Re-Validate perdition-users(a)vergenet.net Account
Hi,
In our company we are using perdition to proxy access to dovecot
servers. It works great!
Due to historic reasons, our user's login can be different in the
dovecot server than in the frontend proxy. We use mysql to store all
this information, and have produced a patch that allows this
functionality. This patch allows to add a new column called "realuser"
that holds the username to show to backend dovecot servers. We have done
it only in the mysql account storage, and also made sure that we don't
break anything if this feature is not used. This patch applies cleanly
to 2.1 and 2.2.
Please find attached the patch. If there are any contribution guidelines
to follow, please let me know.
Best regards.
--
Eduardo Díaz Comellas
Ultreia Comunicaciones, S.L.
Hi,
I'm happy to announce the release of perdition 2.2
Key changes since 2.1:
* Allow ciphersuites which offer forward secrecy
* Allow configuration of SSL/TLS min and max protocol versions
* Allow configuration of SSL/TLS compression option
* Allow configuration of SSL/TLS server preference option
* Allow compilation against OpenSSL 1.1
A full change log is provided by the Mercurial repository
http://hg.vergenet.net/perdition/perdition/
Perdition 2.2 and the vanessa libraries that it depends on
are available from:
http://horms.net/linux/perdition/download/2.2/