Perdition-users

perdition-users@vergenet.net

327 discussions

by Steven Kelbley

Hi all, hoping you might be able to help me out. I have a Perdition proxy server (v1.17.1-1) setup to forward users to one of two Cyrus (v2.3.16) backend mailstores based on an LDAP query. Everything works fine except for securing the connection between Perdition and Cyrus; somehow Perdition is seemingly ignoring the STARTTLS entry in the mail server's CAPABILITY string. STARTTLS works perfectly fine connecting from the Perdition server to the Cyrus server using both "imtest" and "openssl s_client". The certs are all signed by a separate test CA I set up the other day and work fine otherwise. I've posted the log and relevant Perdition configs below, and I’ve tested the backend servers individually to ensure STARTTLS is working fine on Cyrus’ end. Have I messed something up? ##/var/log/maillog## Sep 3 10:23:34 perdition-host perdition[20007]: Connect: client.example.com -> perdition.example.com Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "* OK IMAP4 Ready perdition.example.com 00021e71\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "1 STARTTLS\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "1 OK Begin TLS negotiation now\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SSL connection using AES256-GCM-SHA384 Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "2 login \" user-test(a)email.example.com\" \"password\"" Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: username_add_domain: username_add_domain 0 1 0x260e0b4 Sep 3 10:23:34 perdition-host perdition[20007]: username_add_domain: username_add_domain 0 4 0x260e0b4 Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE] server ready\r\n* OK [ALERT] Cyrus01\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim07 CAPABILITY\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: tls_outgoing_force is set, but the real-server does not have the STARTTLS capability, connection will not be encrypted Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim07 CAPABILITY\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\nflim07 OK Completed\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim08 LOGIN {37}\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\nflim07 OK Completed\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_response: invalid tag from server 1 Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_authenticate: imap4_out_response login Sep 3 10:23:34 perdition-host perdition[20007]: SELF: " user-test(a)email.example.com {9}\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "+ go ahead\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "password\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "+ go ahead\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_response: invalid tag from server 1 Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_authenticate: imap4_out_response passwd Sep 3 10:23:34 perdition-host perdition[20007]: main: protocol->out_authenticate -1 Sep 3 10:23:34 perdition-host perdition[20007]: Fatal error authenticating user. Exiting child. ##/etc/sysconfig/perdition## RUN_PERDITION=yes POP3=no POP3S=no IMAP4=no IMAP4S=yes ##/usr/etc/perdition/perdition_imap4s.conf## (All left default except following options:) connection_logging debug listen_port 143 map_library /usr/lib/libperditiondb_ldap.so.0 map_library_opt "ldap:<redacted>" ok_line Connected to perdition IMAP proxy. protocol IMAP4S outgoing_port 143 pid_file /var/run/perdition/perdition.imap4s.pid timeout 60 ssl_mode tls_all ssl_ca_file /etc/pki/tls/certs/ca.crt ssl_ca_accept_self_signed ssl_cert_file /etc/pki/tls/private/host_perdition.crt ssl_cert_accept_self_signed ssl_key_file /etc/pki/tls/private/host_perdition.key Thanks in advance for any help, I’ve spent a good amount of time stuck on this issue. Steven Kelbley

9 years, 8 months

Perdition not recognizing STARTTLS?

by Steven Kelbley

Hi all, hoping you might be able to help me out. I have a Perdition proxy server (v1.17.1-1) setup to forward users to one of two Cyrus (v2.3.16) backend mailstores based on an LDAP query. Everything works fine except for securing the connection between Perdition and Cyrus; somehow Perdition is seemingly ignoring the STARTTLS entry in the mail server's CAPABILITY string. STARTTLS works perfectly fine connecting from the Perdition server to the Cyrus server using both "imtest" and "openssl s_client". The certs are all signed by a separate test CA I set up the other day and work fine otherwise. I've posted the log and relevant Perdition configs below, and I’ve tested the backend servers individually to ensure STARTTLS is working fine on Cyrus’ end. Have I messed something up? ##/var/log/maillog## Sep 3 10:23:34 perdition-host perdition[20007]: Connect: client.example.com -> perdition.example.com Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "* OK IMAP4 Ready perdition.example.com 00021e71\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "1 STARTTLS\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "1 OK Begin TLS negotiation now\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SSL connection using AES256-GCM-SHA384 Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "2 login \" user-test(a)email.example.com\" \"password\"" Sep 3 10:23:34 perdition-host perdition[20007]: CLIENT: "\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: username_add_domain: username_add_domain 0 1 0x260e0b4 Sep 3 10:23:34 perdition-host perdition[20007]: username_add_domain: username_add_domain 0 4 0x260e0b4 Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE] server ready\r\n* OK [ALERT] Cyrus01\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim07 CAPABILITY\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: tls_outgoing_force is set, but the real-server does not have the STARTTLS capability, connection will not be encrypted Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim07 CAPABILITY\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\nflim07 OK Completed\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "flim08 LOGIN {37}\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\nflim07 OK Completed\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_response: invalid tag from server 1 Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_authenticate: imap4_out_response login Sep 3 10:23:34 perdition-host perdition[20007]: SELF: " user-test(a)email.example.com {9}\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "+ go ahead\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: SELF: "password\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: REAL: "+ go ahead\r\n" Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_response: invalid tag from server 1 Sep 3 10:23:34 perdition-host perdition[20007]: imap4_out_authenticate: imap4_out_response passwd Sep 3 10:23:34 perdition-host perdition[20007]: main: protocol->out_authenticate -1 Sep 3 10:23:34 perdition-host perdition[20007]: Fatal error authenticating user. Exiting child. ##/etc/sysconfig/perdition## RUN_PERDITION=yes POP3=no POP3S=no IMAP4=no IMAP4S=yes ##/usr/etc/perdition/perdition_imap4s.conf## (All left default except following options:) connection_logging debug listen_port 143 map_library /usr/lib/libperditiondb_ldap.so.0 map_library_opt "ldap:<ldap_url_here>" ok_line Connected to perdition IMAP proxy. protocol IMAP4S outgoing_port 143 pid_file /var/run/perdition/perdition.imap4s.pid timeout 60 ssl_mode tls_all ssl_ca_file /etc/pki/tls/certs/ca.crt ssl_ca_accept_self_signed ssl_cert_file /etc/pki/tls/private/host_perdition.crt ssl_cert_accept_self_signed ssl_key_file /etc/pki/tls/private/host_perdition.key Thanks in advance for any help, I’ve spent a good amount of time stuck on this issue. Steven Kelbley

9 years, 8 months

Perdition 2.1 status?

by Vincent Fox

Hi, I have been using Perdition 1.19rc5 for a while, have had sporadic complaints about POP that I think could be Perdition. I noticed 2.1 is out since February, is anyone using it, and can comment on stability? I don't see any RPM for it for RHEL6/OEL6, they all seem to be the 1.19rc5 I have now. I previously built using the source RPM. Anyone happen to have one? Thanks!

9 years, 10 months

I need to know what this error is telling me

by Steve Campbell

new installation of perdition. I use the same file and content on my popmap as I do on a working production server. I see in my maillogs the following error: Fatal Error reading authentication information from client 127.0.0.1:43557->127.0.0.1:143: Exiting child It seems that perdition can't read my popmap file to get the redirection to the imap server. Can someone explain what the message is really telling me, please? Thanks steve campbell

9 years, 10 months

missing library on latest install

by Steve Campbell

I'm trying to install perdition on a new Centos 6.5 server. I'm using the rpms from opensuse repo mentioned on the downloads page. Upon startup, I getting the following message: Starting perdition services (IMAP4): dlopen of "/usr/lib/libperditiondb_gdbm.so" failed I'm not sure where this library comes from and there aren't any libperdition rpms that seem to provide this library. Can anyone set me straight, please? Thanks steve campbell

9 years, 10 months

saslauthd and perdition

by István Király

Hello List(s), ... When using saslauthd for authentication with a remote imap server, in this case perdition IMAP4, there seems to be a compatibility issue. After LOGIN, perdition is sending the CAPABILITY tag before the OK. saslauthd expects an OK, but receives the CAPABILITY first and then closes the connection. saslauthd[8454] :do_auth : auth failure: [user=x(a)test.d250.hu] [service=imap] [realm=] [mech=rimap] [reason=[ALERT] Unexpected response from remote authentication server] I was able to alter the last lines of auth_rimap.c, and hack this out, but this should be implemented properly. I assume, perdition behaves standard compliant within the IMAP4 protocol, however it could send the combined "a OK [CAPABILITY ... ]" as dovecot does. Is there a technical reason for the two separate messages? I was not able to manipulate this behavior with configuration arguments. saslauthd on the other hand could read the CAPABILITY tag, skip it, and process the next tag to read an OK, and then close the connection, with the Unexpected response error eventually. I'm not sure which is the more standard compliant approach, but if my assumption is correct, auth_rimap.c should be modified for increased compatibility. Thank you, ... Greetings, -- Király István +36 209 753 758 LaKing(a)D250.hu <http://d250.hu>

9 years, 10 months

Little problem with libperditiondb_posix_regex

by Christophe H.

Hi list, While searching the web and perdition-users mailing list archive, I did not found the answer to this case. I encounter a little problem with libperditiondb_posix_regex . The context is simple : Perdition listening to IMAPS connections (from public network), with 3 backend IMAP servers on LAN. The configuration is quite simple too ;) : (this is running on Debian Wheezy , with Debian provided perdition package : version 1.19~rc5-1+b1) /etc/perdition/perdition.imap4s.conf _____ log_facility local5 timeout 40 imap_capability "IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE SORT QUOTA ACL ACL2=UNION STARTTLS" ssl_mode ssl_listen ssl_cert_file /etc/perdition/mtprx.stux.fr.crt ssl_key_file /etc/perdition/mtprx.stux.fr.key # M|map_library FILENAME: # Library to open that provides functions to look up the server for a # user. # M /usr/lib/libperditiondb_gdbm.so.0 #map_library /usr/lib/libperditiondb_gdbm.so.0 map_library /usr/lib/libperditiondb_posix_regex.so.0 # map_library "" # m|map_library_opt STRING: # String option for the map_library. # (default "") #m "" map_library_opt "/etc/perdition/transport.re" bind_address 0.0.0.0,[2a01:xxx:xxx:xxx:xx:xx:feef:6101] _____ /etc/perdition/transport.re _____ (.*)(a)stuxnet.org: mta.stux.fr:143 (.*)(a)contacts.stux.fr: zimbra.stux.fr:143 (.*)(a)stux.fr.eu.org: $1@publicmx.stux.fr:143 ____ For the 2 first lines on transport.re, no problem : auth is forwarded without rewriting and works well. For the last, I try to extract the first part of e-mail address to forward only this to the "publicmx" host. Perdition has been restarted after update of "transport.re" (according to documentation : regex are processed only one, while starting the daemon) But when auth is made on the backend server, the whole e-mail address is used ... (It's useful to say that the dovecot IMAP service works well on this backend). ____ May 1 17:16:41 publicmx dovecot: auth-worker(19430): Error: bsdauth(myuser(a)stux.fr.eu.org,172.18.10.61): getpwnam() failed: Operation not permitted May 1 17:16:43 publicmx dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<myuser(a)stux.fr.eu.org>, method=PLAIN, rip=172.18.10.61, lip=172.18.2.25, session=<AxT4Jlj4CwCsEgo9> ____ Did I made a mistake in configuration ? My regex seems to match, but is it compliant for this use case ? Thanks for all your replies ;) . Regards, Christophe.

10 years

timeout connect process imap

by Dominique Marant

Hi, I see that I still have old imap connection process that I have to kill it manually. ... nobody 28199 0.0 0.2 57972 2712 ? S Mar20 0:00 perdition.imap4: connect (bilas) nobody 29060 0.0 0.2 57872 2732 ? S Mar12 0:00 perdition.imaps: connect (hoogsvon) nobody 29684 0.0 0.2 57872 2716 ? S Mar07 0:00 perdition.imaps: connect (dojo) nobody 30241 0.0 0.2 57872 2716 ? S Mar05 0:00 perdition.imaps: connect (dojo) nobody 30877 0.0 0.2 57872 2712 ? S Mar11 0:00 perdition.imaps: connect (tason) ... Is it possible to automatically kill all imap processes "connect" older than x days? My perdition.imap4s.conf: timeout 60 authenticate_timeout 60 Is it possible to add a parameter connect_timeout? (I am currently in version 1.19-rc4) Regards, Dominique

10 years, 1 month

Fwd: Re: Failed to log client mail on Apple since 10.9.1

by Christophe Carles

OK, I used telnet to port 143 of cyrus. The reply : * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS] moncayo2.ibcg.biotoul.fr Cyrus IMAP4 v2.3.7-Invoca-RPM-2.3.7-12.el5_7.2 server ready I have changed these settings in /etc/perdition/perdition.imap4s.conf : imap_capability IMAP4 IMAP4REV1 LITERAL+ ID STARTTLS And now it's OK with MAIL frome apple 10.9.2 and 10.9.1 Thank you for your help. Regards, Christophe Le 13/03/2014 17:43, Marc Michele a écrit : > Am 13.03.2014 17:21, schrieb Christophe Carles: >> OK, where can I found more explication about it ? Especially for AUTH ? > I use telnet to port 143 of cyrus to get imap capability string for my > installation. To get more information i think you should read the rfcs > for imap a good starting point is: http://tools.ietf.org/html/rfc3501 > >>>> Which version of cyrus you use and on which distribution? >> Cyrus 0.91 on Centos 5.10 > Serious, i think it should be at last 2.x > > Marc > -- Christophe Carles CNRS - LMGM Service Informatique Bât. IBCG 118, route de Narbonne 31062 Toulouse Cedex9 sinfo(a)ibcg.biotoul.fr Tél : 05.61.33.59.60 Fax : 05.61.33.58.86

10 years, 2 months

Failed to log client mail on Apple since 10.9.1

by Christophe Carles

Hello, I use perdition to make a mail-proxy for outside mails customers. This work very well with most of software mails customers. I set up this in order to make acces for smartphone and over tablets. Recently, users reported me difficulties connecting with the e-mail software of Apple "MAIL". J have made some test and i don't understand what it could be ? The Os server : Centos 6.5 The version of perdition is perdition-1.19rc5-3.7.x86_64 Installation from repos : http://download.opensuse.org/repositories/home:/horms:/perdition/CentOS_Cen… The perdition configuration : _*/etc/sysconfig/perdition : *_ RUN_PERDITION=yes POP3=no POP3S=no IMAP4=no IMAP4S=yes _* *__*/etc/perdition/perdition.imap4s.conf*_ bind_address 193.48.191.9 # adresse d'écoute du service connection_logging # On logue toutes les communications imap_capability IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR # On annonce la capacité imap aux clients protocol IMAP4S # protocole utilisé outgoing_port 993 ## Numero du port utilisé outgoing_server 0.0.0.0 # serveur de renvoie par défaut. On attribue un serveur par utilisateur. ssl_cert_file /etc/pki/tls/certs/ares.biotoul.fr.pem # chemin vers le certificat ssl_key_file /etc/pki/tls/private/ares.biotoul.fr.key # chemin vers la clé du certificat ssl_no_cert_verify # On ne vérifie pas la cryptographie inclus dans le certificat du backend ssl_no_cn_verify # On ne vérifie pas le nom inclus dans le CN du certificat du backend I use popmap for users in order to permit access : _*/etc/perdition/popmap : *_ carles(a)biotoul.fr _*Here are logs from client apple 10.9.2 (the last) with MAIL : *_ INITIATING CONNECTION Mar 13 11:39:11.381 host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x0 -- thread:0x61000047a240 CONNECTED Mar 13 11:39:11.442 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x61000047a240 READ Mar 13 11:39:11.443 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x61000047a240 * OK [CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR] perdition ready on tourmalet.ibcg.biotoul.fr 0002abbf WROTE Mar 13 11:39:11.445 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60000067c700 1.54 ID ("name" "Mac OS X Mail" "version" "7.2 (1874)" "os" "Mac OS X" "os-version" "10.9.2 (13C64)" "vendor" "Apple Inc.") READ Mar 13 11:39:14.447 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60800066f8c0 1.54 BAD Unrecognised command, mate WROTE Mar 13 11:39:14.452 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60800066f8c0 2.54 AUTHENTICATE PLAIN (*** 32 bytes hidden ***) READ Mar 13 11:39:17.455 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60800066f8c0 2.54 BAD Mate, try AUTHENTICATE <mechanism> WROTE Mar 13 11:39:17.459 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60800066f8c0 3.54 AUTHENTICATE PLAIN ************************ READ Mar 13 11:39:20.462 [kCFStreamSocketSecurityLevelTLSv1_0] -- host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0 -- thread:0x60800066f8c0 3.54 BAD Mate, try AUTHENTICATE <mechanism> _* *__*And here are logs from server perdition*__*: *_ Starting perdition version=1.19-rc5 protocol=IMAP4S Mar 13 11:47:08 tourmalet perdition.imaps[2622]: add_domain="", authenticate_in=off, authenticate_timeout=1800, bind_address="192.168.12.2", client_server_sp ecification=off, config_file="/etc/perdition/perdition.imap4s.conf", connection_limit=0, connection_logging=on, connect_relog=300, debug=on, domain_delimiter ="@", explicit_domain="", group="nobody", imap_capability="IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR", inetd_mode=off, listen_port="imaps", log_facility ="mail", log_passwd="never", login_disabled=off, lower_case="", managesieve_capability=""IMPLEMENTATION" "perdition" "SIEVE" "comparator-i;octet comparator- i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date" "SASL" "PLAIN" "NOTIFY" "mailto" "VERSION" "1.19-rc5"", map_library="/usr/lib64/libperditiondb_gdbm.so.0", map_libr ary_opt="", no_bind_banner=off, no_daemon=off, no_lookup=off, tcp_keepalive=off, nodename="tourmalet.ibcg.biotoul.fr", ok_line="You are so in", outgoing_port ="993", outgoing_server="0.0.0.0", pid_file="/var/run/perdition.imaps/perdition.imaps.pid", pop_capability="UIDL.USER", protocol="IMAP4S", server_resp_line=o ff, strip_domain="", timeout=1800, username="nobody", username_from_database=off, query_key="", quiet=off (mask=0x00000028 00000000) Mar 13 11:47:08 tourmalet perdition.imaps[2622]: ssl_mode="", ssl_ca_file="", ssl_ca_path="/etc/perdition/perdition.ca/", ssl_ca_accept_self_signed="off", ss l_cert_file="/etc/pki/tls/certs/tourmalet.ibcg.biotoul.fr.pem", ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off", ssl_cert_self_signed="off", ssl_ cert_verify_depth=9, ssl_key_file="/etc/pki/tls/private/tourmalet.ibcg.biotoul.fr.key", ssl_listen_ciphers="", ssl_outgoing_ciphers="", ssl_no_cert_verify="o n", ssl_no_client_cert_verify="off", ssl_no_cn_verify="on" ssl_passphrase_fd=0, ssl_passphrase_file="", (ssl_mask=0x00000000) Mar 13 11:47:08 tourmalet perdition.imaps[2625]: vanessa_socket_daemon_setid: uid=99 euid=99 gid=99 egid=99 Mar 13 11:47:24 tourmalet perdition.imaps[2627]: Connect: 192.168.8.10:49753->192.168.12.2:993 Mar 13 11:47:24 tourmalet perdition.imaps[2627]: SSL connection using AES128-SHA Mar 13 11:47:24 tourmalet perdition.imaps[2627]: SELF: "* OK [CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR] perdition ready on tourmalet.ibcg. biotoul.fr 0002ab61\r\n" Mar 13 11:47:24 tourmalet perdition.imaps[2627]: CLIENT: "1.20 ID (\"name\" \"Mac OS X Mail\" \"version\" \"7.2 (1874)\" \"os\" \"Mac OS X\" \"os-version\" \ "10.9.2 (13C64)\" \"vendor\" \"Apple Inc.\")\r\n" Mar 13 11:47:27 tourmalet perdition.imaps[2627]: SELF: "1.20 BAD Unrecognised command, mate\r\n" Mar 13 11:47:27 tourmalet perdition.imaps[2627]: CLIENT: "2" Mar 13 11:47:27 tourmalet perdition.imaps[2627]: CLIENT: ".20 AUTHENTICATE PLAIN YmlndWV0AGJpZ3VldABCYXkzMyFFczEw\r\n" Mar 13 11:47:30 tourmalet perdition.imaps[2627]: SELF: "2.20 BAD Mate, try AUTHENTICATE <mechanism>\r\n" Mar 13 11:47:30 tourmalet perdition.imaps[2627]: CLIENT: "3" Mar 13 11:47:30 tourmalet perdition.imaps[2627]: CLIENT: ".20 AUTHENTICATE PLAIN AGJpZ3VldABCYXkzMyFFczEw\r\n" Mar 13 11:47:33 tourmalet perdition.imaps[2627]: SELF: "3.20 BAD Mate, try AUTHENTICATE <mechanism>\r\n" Mar 13 11:47:33 tourmalet perdition.imaps[2627]: CLIENT: "" Mar 13 11:47:33 tourmalet perdition.imaps[2627]: token_read: token_fill_buffer Mar 13 11:47:33 tourmalet perdition.imaps[2627]: read_line: token_read Mar 13 11:47:33 tourmalet perdition.imaps[2627]: imap4_in_get_auth: read_imap4_line 1 Mar 13 11:47:33 tourmalet perdition.imaps[2627]: main: protocol->in_get_auth Mar 13 11:47:33 tourmalet perdition.imaps[2627]: Fatal Error reading authentication information from client 192.168.8.10:49753->192.168.12.2:993: Exiting chi ld Mar 13 11:47:36 tourmalet perdition.imaps[2628]: Connect: 192.168.8.10:49754->192.168.12.2:993 Mar 13 11:47:36 tourmalet perdition.imaps[2628]: SSL connection using AES128-SHA Mar 13 11:47:36 tourmalet perdition.imaps[2628]: SELF: "* OK [CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR] perdition ready on tourmalet.ibcg. biotoul.fr 0002ab61\r\n" Mar 13 11:47:36 tourmalet perdition.imaps[2628]: CLIENT: "1.21 ID (\"name\" \"Mac OS X Mail\" \"version\" \"7.2 (1874)\" \"os\" \"Mac OS X\" \"os-version\" \ "10.9.2 (13C64)\" \"vendor\" \"Apple Inc.\")\r\n" Mar 13 11:47:39 tourmalet perdition.imaps[2628]: SELF: "1.21 BAD Unrecognised command, mate\r\n" Mar 13 11:47:39 tourmalet perdition.imaps[2628]: CLIENT: "2" Mar 13 11:47:39 tourmalet perdition.imaps[2628]: CLIENT: ".21 AUTHENTICATE PLAIN YmlndWV0AGJpZ3VldABCYXkzMyFFczEw\r\n" Mar 13 11:47:42 tourmalet perdition.imaps[2628]: SELF: "2.21 BAD Mate, try AUTHENTICATE <mechanism>\r\n" Mar 13 11:47:45 tourmalet perdition.imaps[2628]: CLIENT: "" Mar 13 11:47:45 tourmalet perdition.imaps[2628]: token_read: token_fill_buffer Mar 13 11:47:45 tourmalet perdition.imaps[2628]: read_line: token_read Mar 13 11:47:45 tourmalet perdition.imaps[2628]: imap4_in_get_auth: read_imap4_line 1 Mar 13 11:47:45 tourmalet perdition.imaps[2628]: main: protocol->in_get_auth Mar 13 11:47:45 tourmalet perdition.imaps[2628]: Fatal Error reading authentication information from client 192.168.8.10:49754->192.168.12.2:993: Exiting chi ld I have made some tests with ssl_mode but no more access. Is any one can have an idea ? Thank you -- Christophe Carles CNRS - LMGM Service Informatique Bât. IBCG 118, route de Narbonne 31062 Toulouse Cedex9 sinfo(a)ibcg.biotoul.fr Tél : 05.61.33.59.60 Fax : 05.61.33.58.86

10 years, 2 months

← Newer
1
2
3
4
5
6
7
8
...
33
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users