The qpopper list archive ending on 9 Apr 2002
Topics covered in this issue include:
1. Regarding nowait
kkim at telcordia dot com
Fri, 5 Apr 2002 11:10:01 -0500
2. Re: Suggestion for a new and enhanced "server mode"
gsh <gsh at skima dot is>
Fri, 05 Apr 2002 16:36:37 +0000
3. Re: Inappropriate 'sendmail' quotes question [Was: Re: Suggestion for a new and enhanced "server mode"]
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 5 Apr 2002 11:44:34 -0500
4. Quoted Addresses (was Re: Suggestion for a new and enhanced "server
Chip Old <fold at bcpl dot net>
Fri, 5 Apr 2002 12:18:37 -0500 (EST)
5. Re: Regarding nowait
Joseph S D Yao <jsdy at center.osis dot gov>
Fri, 5 Apr 2002 11:49:48 -0500
6. Re: Suggestion for a new and enhanced "server mode"
Jesus Cea Avion <jcea at argo dot es>
Fri, 05 Apr 2002 20:36:35 +0200
7. Re: qpopper4.0.3 on IRIX 6.2 - fails with TCPD
Mike Peterson <mikep at onet.on dot ca>
Fri, 5 Apr 2002 13:57:37 -0500 (EST)
8. Re: qpopper4.0.3 on IRIX 6.2 - fails with TCPD
Darcy Boese <possum at fnord.niagara dot com>
Fri, 5 Apr 2002 14:29:02 -0500
9. RE: Suggestion for a new and enhanced "server mode"
"Lyle Schofield" <Lyle.Schofield at daou dot com>
Fri, 5 Apr 2002 18:25:04 -0500
10. Re: Qpopper 4.0.4fc3 available
Kenneth Porter <shiva at well dot com>
05 Apr 2002 18:04:17 -0800
11. Re: Suggestion for a new and enhanced "server mode"
Kenneth Porter <shiva at well dot com>
05 Apr 2002 18:16:34 -0800
12. qpopper and TLS/SSL
"Mikael Chambon" <qpopper-ml at cronos dot org>
Sun, 7 Apr 2002 13:32:10 +0200
13. Re: qpopper and TLS/SSL
Michael Zimmermann <zim at vegaa dot de>
Sun, 7 Apr 2002 14:12:53 +0200
14. Re: qpopper and TLS/SSL (Long Message sorry)
"Mikael Chambon" <qpopper-ml at cronos dot org>
Sun, 7 Apr 2002 14:39:42 +0200
15. Re: qpopper and TLS/SSL
Michael Zimmermann <zim at vegaa dot de>
Sun, 7 Apr 2002 15:58:47 +0200
16. Re: qpopper and TLS/SSL
Michael Zimmermann <zim at vegaa dot de>
Sun, 7 Apr 2002 16:28:05 +0200
17. Re: Suggestion for a new and enhanced "server mode"
"Mohamed M. Abbas" <mmabbas at longwood dot edu>
Mon, 8 Apr 2002 10:14:05 -0400 (EDT)
18. error flushing output to client
"Nathan Martinez" <nathanm at aaesys dot com>
Mon, 8 Apr 2002 08:52:42 -0700
19. Re: Suggestion for a new and enhanced "server mode"
Clifton Royston <cliftonr at lava dot net>
Mon, 8 Apr 2002 08:57:37 -1000
20. Re: Suggestion for a new and enhanced "server mode"
Clifton Royston <cliftonr at lava dot net>
Mon, 8 Apr 2002 09:08:26 -1000
21. Re: Suggestion for a new and enhanced "server mode"
The Little Prince <thelittleprince at asteroid-b612 dot org>
Mon, 8 Apr 2002 12:10:04 -0700 (PDT)
22. Re: qpopper and TLS/SSL
Clifton Royston <cliftonr at lava dot net>
Mon, 8 Apr 2002 09:18:21 -1000
23. Re: Suggestion for a new and enhanced "server mode"
Clifton Royston <cliftonr at lava dot net>
Mon, 8 Apr 2002 09:03:20 -1000
24. Re: qpopper and TLS/SSL
"Mikael Chambon" <qpopper-ml at cronos dot org>
Mon, 8 Apr 2002 22:54:54 +0200
25. Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
"Christopher Crowley" <ccrowley at tulane dot edu>
Mon, 8 Apr 2002 16:50:49 -0500
26. Please Test Qpopper 4.0.4fc3
Randall Gellens <randy at qualcomm dot com>
Mon, 8 Apr 2002 14:01:21 -0700
27. Re: Please Test Qpopper 4.0.4fc3
Oliver Fleischmann <ogf at bnv-bamberg dot de>
Tue, 9 Apr 2002 07:05:13 +0200 (MEST)
28. Re: error flushing output to client
Kenneth Porter <shiva at well dot com>
08 Apr 2002 23:19:05 -0700
29. Re: Please Test Qpopper 4.0.4fc3
Kenneth Porter <shiva at well dot com>
08 Apr 2002 23:30:25 -0700
30. Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
Oliver <Oliver.Egginger at dvz.fh-giessen dot de>
Tue, 9 Apr 2002 09:27:28 +0200
31. Re: Please Test Qpopper 4.0.4fc3
Wayne Heming <wheming at hemnet.com dot au>
Tue, 09 Apr 2002 18:46:29 +1000
32. Re: Please Test Qpopper 4.0.4fc3
Mark <manager at monmouth dot com>
Tue, 09 Apr 2002 08:04:34 -0400
33. Re: Please Test Qpopper 4.0.4fc3
Jesus Cea Avion <jcea at argo dot es>
Tue, 09 Apr 2002 15:07:16 +0200
34. Efficient bulk reception timeout (was: Re: Please Test Qpopper 4.0.4fc3
Jesus Cea Avion <jcea at argo dot es>
Tue, 09 Apr 2002 15:20:59 +0200
35. Trouble Connecting
"Pastor Stuart Thiessen" <sthiessen at firstfederated dot org>
Tue, 9 Apr 2002 09:46:22 -0500
36. Re: Trouble Connecting
Kenneth Porter <shiva at well dot com>
09 Apr 2002 08:19:27 -0700
37. Re: Please Test Qpopper 4.0.4fc3
Michael Zimmermann <zim at vegaa dot de>
Tue, 9 Apr 2002 17:23:07 +0200
38. Re: Please Test Qpopper 4.0.4fc3
Randall Gellens <randy at qualcomm dot com>
Tue, 9 Apr 2002 09:05:19 -0700
39. Qpopper 4.0.4fc3 Need Help
"Matthew D. Hon" <matthewhon at iname dot com>
Tue, 9 Apr 2002 11:52:32 -0500
40. Re: Please Test Qpopper 4.0.4fc3
Randall Gellens <randy at qualcomm dot com>
Tue, 9 Apr 2002 10:57:33 -0700
41. Re: Please Test Qpopper 4.0.4fc3
Oliver Fleischmann <ogf at bnv-bamberg dot de>
Tue, 9 Apr 2002 20:12:27 +0200 (MEST)
42. qpopper+SSL+outlook : unknown protocol error?
Jason Jin <jason at dataprompt dot com>
Tue, 9 Apr 2002 14:13:53 -0400 (EDT)
43. Re: Please Test Qpopper 4.0.4fc3
Anders Johansson <andjoh at cicada.linux-site dot net>
Tue, 9 Apr 2002 20:28:25 +0200
44. Re: Please Test Qpopper 4.0.4fc3
Oliver Fleischmann <ogf at bnv-bamberg dot de>
Tue, 9 Apr 2002 20:46:23 +0200 (MEST)
45. RE: Qpopper 4.0.4fc3 Need Help
"Matthew D. Hon" <matthewhon at iname dot com>
Tue, 9 Apr 2002 13:48:26 -0500
46. Re: Please Test Qpopper 4.0.4fc3
Michael Zimmermann <zim at vegaa dot de>
Tue, 9 Apr 2002 21:01:39 +0200
47. Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
"Christopher Crowley" <ccrowley at tulane dot edu>
Tue, 9 Apr 2002 14:49:32 -0500
48. Re: Please Test Qpopper 4.0.4fc3
Michael Zimmermann <zim at vegaa dot de>
Tue, 9 Apr 2002 21:50:01 +0200
49. Re: Please Test Qpopper 4.0.4fc3
Randall Gellens <randy at qualcomm dot com>
Tue, 9 Apr 2002 12:36:10 -0700
50. Re: Please Test Qpopper 4.0.4fc3
Scott McDermott <mcdermot at questra dot com>
Tue, 9 Apr 2002 16:14:39 -0400
From: kkim at telcordia dot com
Subject: Regarding nowait
Date: Fri, 5 Apr 2002 11:10:01 -0500
Hello,
Does anyone know what is the difference between
nowait and nowait.400 ?
Thanks
-K.Kim-
Date: Fri, 05 Apr 2002 16:36:37 +0000
From: gsh <gsh at skima dot is>
Subject: Re: Suggestion for a new and enhanced "server mode"
Not only Exchange but also Lotus Notes and software from Critical Path,
Syntegra and many more. They have all these features and more and
all except Exchange and Lotus Notes work well with most clients.
Rgds,
-GSH
Gregory Hicks wrote:
>>Date: Fri, 05 Apr 2002 15:17:01 +0200
>>From: Jesus Cea Avion <jcea at argo dot es>
>>
>>Problem:
>>
> [...snip...]
>
>>Solution:
>>
>>A simple and efficient database (key/value) used to store messages.
>>
>
> This is a solution that is commercially available and has a good many
> customers. The software integrates nicely with many current desktop
> apps. Comes complete with built in calendaring and appointment system.
> Unfortunately, it only *nicely* uses ONE mail reader... It has the
> potential to use many readers but deliberately does not integrate at ALL
> with any of the others.
>
> The name of this commercial package and the reader? Exchange and
> Outlook...
>
> The rest of your idea, though, are good and seem well thought out...
>
> Personally, I don't like the idea of keeping messages in a database...
> From experience, it is way too hard to guarantee good backups and thus
> be sure that you will get a usable restore... Of course, that might
> just be the product being restored...
>
> Regards,
> Gregory Hicks
>
> For
>
>>example, BerkeleyDB (http://www.sleepycat.com/)
>>
>>
> [...snip...]
>
> ---------------------------------------------------------------------
> Gregory Hicks | Principal Systems Engineer
> Cadence Design Systems | Direct: 408.576.3609
> 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479
> San Jose, CA 95134 | Internet: ghicks at cadence dot com
>
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff
>
> "The trouble with doing anything right the first time is that nobody
> appreciates how difficult it was."
>
> When a team of dedicated individuals makes a commitment to act as
> one... the sky's the limit.
>
>
Date: Fri, 5 Apr 2002 11:44:34 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: Inappropriate 'sendmail' quotes question [Was: Re: Suggestion for a new and enhanced "server mode"]
On Fri, Apr 05, 2002 at 10:48:16AM -0500, kkim at telcordia dot com wrote:
> I am haveing problem with sendmail, think it is related to
> rules of sendmail that is defined in sendmail.cf. Whenver I put
> email address surrounded by " " ( "user@domain dot com"), what sendmail
> does is it is adding the domain name at the end before it sends out so when
> I get the email, I have "user@domain.com"@domain dot com.
> Can you guys please help me how to tell or avoid appending the extra domain
> name
> at the end of email address ???
Why didn't you start a new thread with a new subject line?
What you describe is correct in accord with RFC 822. Why do you want
to put quotes around an e-mail address and pretend that you didn't?
Better, what are you really trying to do?
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
Date: Fri, 5 Apr 2002 12:18:37 -0500 (EST)
From: Chip Old <fold at bcpl dot net>
Subject: Quoted Addresses (was Re: Suggestion for a new and enhanced "server
On Fri, 5 Apr 2002, kkim at telcordia dot com wrote:
> I am haveing problem with sendmail, think it is related to rules of
> sendmail that is defined in sendmail.cf. Whenver I put email address
> surrounded by " " ( "user@domain dot com"), what sendmail does is it is
> adding the domain name at the end before it sends out so when I get the
> email, I have "user@domain.com"@domain dot com. Can you guys please help me
> how to tell or avoid appending the extra domain name at the end of email
> address ???
The obvious question is: Why are you enclosing e-mail addresses in
quotes? Sendmail is treating the quoted address as a single token when it
runs it through its rulesets. This causes "user@domain dot com" to be
interpreted as an unqualified local address, so Sendmail adds the local
domain name to qualify the address.
--
Chip Old (Francis E. Old) E-Mail: fold at bcpl dot net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
320 York Road
Towson, MD 21204 USA
Date: Fri, 5 Apr 2002 11:49:48 -0500
From: Joseph S D Yao <jsdy at center.osis dot gov>
Subject: Re: Regarding nowait
On Fri, Apr 05, 2002 at 11:10:01AM -0500, kkim at telcordia dot com wrote:
> Does anyone know what is the difference between
> nowait and nowait.400 ?
'man inetd' or 'man inetd.conf' should tell you that the following, IF
it is true for your version of 'inetd'. If it is not, then it won't.
"The optional ``max'' suffix (separated from ``wait'' or ``nowait'' by
a dot) specifies the maximum number of server instances that may be
spawned from inetd within an interval of 60 seconds. When omitted,
``max'' defaults to 40."
--
Joe Yao jsdy at center.osis dot gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
Date: Fri, 05 Apr 2002 20:36:35 +0200
From: Jesus Cea Avion <jcea at argo dot es>
Subject: Re: Suggestion for a new and enhanced "server mode"
> Better to store each message in a seperate file, just use the
> database to keep key info about that message file, storing
> large messages in such a db is problemmatic, file system is
> much more efficient. You might even keep the message in a
> prescanned format (even binary) for faster access.
If you keep separate files for headers and message bodies, fine :-)
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea at argo.es http://www.argo dot es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
Date: Fri, 5 Apr 2002 13:57:37 -0500 (EST)
From: Mike Peterson <mikep at onet.on dot ca>
Subject: Re: qpopper4.0.3 on IRIX 6.2 - fails with TCPD
Hello again,
As before, I've installed qpopper4.0.3 on IRIX 6.2, with
'--enable-debugging', and it works, complete with debug messages, when
run from 'inetd.conf' (after rebooting the system each time a
configuration change is madedue to 'inetd' problems on IRIX).
However, when I try to run it from 'tcpd', it fails to properly open
the session - the client side sees:
Trying XXX.XXX.XXX.XXX...
Connected to XXX.XXX.XXX.XXX.
Escape character is '^]'.
and there is a 'popper' started on the server, but no debugging
messages anywhere.
>Also are you sure that popper is running?
>
>netstat -an | grep 110
This shows a listener for port 110 (a server, and the test session).
Any more clues, pointers appreciated, as I can't run this without
the wrappers.
Mike.
--
Mike Peterson, Senior Network Specialist, ONet Networking Support
E-mail: mikep at onet.on.ca WWW: http://onet.on dot ca/~mikep/
Tel: 416-978-5230 Fax: 416-978-6620
Date: Fri, 5 Apr 2002 14:29:02 -0500
From: Darcy Boese <possum at fnord.niagara dot com>
Subject: Re: qpopper4.0.3 on IRIX 6.2 - fails with TCPD
> However, when I try to run it from 'tcpd', it fails to properly open
> the session - the client side sees:
>
> Trying XXX.XXX.XXX.XXX...
> Connected to XXX.XXX.XXX.XXX.
> Escape character is '^]'.
>
> and there is a 'popper' started on the server, but no debugging
> messages anywhere.
>
> This shows a listener for port 110 (a server, and the test session).
>
> Any more clues, pointers appreciated, as I can't run this without
> the wrappers.
I don't know if this applies to your specific problem, but on our
server that uses 'tcpd', a copy of the server binary (in this case,
'popper') must also be copied into a directory '/usr/etc/...'.
Pretty much the only way I know of to find out what directory that
the tcpd is using a command like 'strings /path/to/tcpd | grep /',
because it is hard-coded at compile-time.
And make sure that the line in /etc/inetd.conf is properly delimited.
Tabs are *not* treated the same as spaces. For example:
pop3<TAB>stream<TAB>tcp<TAB>nowait<TAB>root<TAB>/path/to/tcpd<TAB>popper -options
Subject: RE: Suggestion for a new and enhanced "server mode"
Date: Fri, 5 Apr 2002 18:25:04 -0500
From: "Lyle Schofield" <Lyle.Schofield at daou dot com>
I've never had any issues using Notes and other clients, provided POP3
and other Internet services are turned on. The messages are stored in a
database which only Notes can interpret, however.
Lyle Schofield
Sentient
A Division of DAOU Systems, Inc.
Kensington, Maryland USA
v:301.929.7624 f:301.929.7680 e:lyle.schofield at daou dot com
-----Original Message-----
From: gsh [mailto:gsh at skima dot is]
Sent: Friday, April 05, 2002 11:37 AM
To: Subscribers of Qpopper
Subject: Re: Suggestion for a new and enhanced "server mode"
Not only Exchange but also Lotus Notes and software from Critical Path,
Syntegra and many more. They have all these features and more and all
except Exchange and Lotus Notes work well with most clients.
Rgds,
-GSH
Gregory Hicks wrote:
>>Date: Fri, 05 Apr 2002 15:17:01 +0200
>>From: Jesus Cea Avion <jcea at argo dot es>
>>
>>Problem:
>>
> [...snip...]
>
>>Solution:
>>
>>A simple and efficient database (key/value) used to store messages.
>>
>
> This is a solution that is commercially available and has a good many
> customers. The software integrates nicely with many current desktop
> apps. Comes complete with built in calendaring and appointment
system.
> Unfortunately, it only *nicely* uses ONE mail reader... It has the
> potential to use many readers but deliberately does not integrate at
ALL
> with any of the others.
>
> The name of this commercial package and the reader? Exchange and
> Outlook...
>
> The rest of your idea, though, are good and seem well thought out...
>
> Personally, I don't like the idea of keeping messages in a database...
> From experience, it is way too hard to guarantee good backups and thus
> be sure that you will get a usable restore... Of course, that might
> just be the product being restored...
>
> Regards,
> Gregory Hicks
>
> For
>
>>example, BerkeleyDB (http://www.sleepycat.com/)
>>
>>
> [...snip...]
>
> ---------------------------------------------------------------------
> Gregory Hicks | Principal Systems Engineer
> Cadence Design Systems | Direct: 408.576.3609
> 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479
> San Jose, CA 95134 | Internet: ghicks at cadence dot com
>
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff
>
> "The trouble with doing anything right the first time is that nobody
> appreciates how difficult it was."
>
> When a team of dedicated individuals makes a commitment to act as
> one... the sky's the limit.
>
>
Subject: Re: Qpopper 4.0.4fc3 available
From: Kenneth Porter <shiva at well dot com>
Date: 05 Apr 2002 18:04:17 -0800
On Fri, 2002-04-05 at 02:57, John Nemeth wrote:
> Is 4.0.4fc2 still available (or a diff), so that we can see exactly
> what changed?
I don't recall seeing an announcement for fc2, but maybe it went on
file-and-forget. ;-) Anyway, I do have rc1 in my SRPM. (An RPM for fc3
is in progress.)
http://www.sewingwitch.com/ken/SRPMS/
Subject: Re: Suggestion for a new and enhanced "server mode"
From: Kenneth Porter <shiva at well dot com>
Date: 05 Apr 2002 18:16:34 -0800
On Fri, 2002-04-05 at 05:17, Jesus Cea Avion wrote:
> A simple and efficient database (key/value) used to store messages. For
> example, BerkeleyDB (http://www.sleepycat.com/)
>
> Qpopper would have six operations:
Not Qpopper, though. You want to make this work with *all* mail systems,
not just one POP3 server. So make this an API, perhaps with a support
daemon. You then provide Qpopper with a configuration option to use the
API. You also need to add the API to sendmail, procmail, UW-IMAP, Cyrus,
etc., any system that needs to talk to mail spools. You can then add
configurable back-ends that know how to talk not only to Sleepycat DB
but also to traditional formats like mbox and maildir.
A similar system exists for authentication systems, called PAM
(pluggable authentication modules), so you might model your API on that.
Detractors of PAM are sure to sound off on its deficiencies, so you can
use that information to avoid making the same mistakes in implementing a
mail spool API.
Once you've gathered some design info, go to SourceForge or Freshmeat
and start up a project to get this rolling. You should probably start by
researching any pre-existing projects trying to accomplish the same
thing.
From: "Mikael Chambon" <qpopper-ml at cronos dot org>
Subject: qpopper and TLS/SSL
Date: Sun, 7 Apr 2002 13:32:10 +0200
Hi all,
Well I am trying to activate POP3 over ssl with qpopper and something is
going wrong:
Here is my conf:
Redhat 7.2
qpopper4.0.4fc3
openssl-0.9.6b-8
openssl-devel-0.9.6b-8
configure
flags: --enable-log-login --enable-shy --enable-standalone --enable-debuggin
g
--with-openssl=/lib
Runtime options: /usr/local/sbin/popper -d -l 2 -s -S -T 60 -f
/etc/mail/pop/qpopper.config
qpopper.config:
set tls-support = alternate-port
set tls-server-cert-file = /etc/mail/certs/cert.pem
The problem is that as far as netstat say, qpopper is not binding on port
995, and that's what I need
for my outlook clients.
qpopper is still binding on port 110.
Someone has an idea ?
Thanks for all,
--
Mikael Chambon || Paris France
mikael (at) cronos.org
mikael (at) nerim.net
PGP key http://www.cronos.org/mikael/pgp/key.txt
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: qpopper and TLS/SSL
Date: Sun, 7 Apr 2002 14:12:53 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Sonntag, 7. April 2002 13:32 Mikael Chambon wrote:
> Well I am trying to activate POP3 over ssl with qpopper and something is
> going wrong:
> [...]
> configure
> flags: --enable-log-login --enable-shy --enable-standalone
> --enable-debuggin g
> --with-openssl=/lib
My hottest guess:
Have you checked the output of configure?
Did configure find the openssl-libraries successfully?
If not, configure drops the --with-openssl and continues
without it. Pipe the configure output into a file
and check it with vi; the corresponding error message is
not on the last output page and can easily be overlooked.
> Runtime options: /usr/local/sbin/popper -d -l 2 -s -S -T 60 -f
> /etc/mail/pop/qpopper.config
Second best guess:
What does the debugging output say, when you start it
and when a ssl client connects?
> qpopper.config:
> set tls-support = alternate-port
> set tls-server-cert-file = /etc/mail/certs/cert.pem
And final idea (just to empty my head completely):
I'm also additionally using
set clear-text-password =ssl
set tls-version =all
HTH
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8sDfF72vu22ltWBERAqZpAJ9FWIlWgeO6GTGTR55ndi6S77hpewCdHz9z
U4fDyD+BJclIVZbmqrean0w
=/BEq
-----END PGP SIGNATURE-----
From: "Mikael Chambon" <qpopper-ml at cronos dot org>
Subject: Re: qpopper and TLS/SSL (Long Message sorry)
Date: Sun, 7 Apr 2002 14:39:42 +0200
Thanks for your reply Michael,
here are the logs when I start popper:
=====
Apr 7 14:19:59 memnoch popper[31472]: popper: Server: first fork();
child=31473; exiting [main.c:379]
Apr 7 14:19:59 memnoch popper[31473]: popper: Server: child of first
fork(); pid=31473 [main.c:384]
Apr 7 14:19:59 memnoch popper[31473]: popper: Server: second fork();
child=31474; exiting [main.c:409]
Apr 7 14:19:59 memnoch popper[31474]: popper: Server: child of second
fork(); pid=31474 [main.c:414]
Apr 7 14:19:59 memnoch popper[31474]: calling chdir() [main.c:427]
Apr 7 14:19:59 memnoch popper[31474]: closing file descs 1024 to 0
[main.c:449]
Apr 7 14:19:59 memnoch popper[31474]: opened stdin=0; stdout=1 stderr=2;
i=0; rslt=2; msg_out=0x8070a28 [main.c:474]
Apr 7 14:19:59 memnoch popper[31474]: opened stream socket; sockfd = 5
[main.c:486]
Apr 7 14:19:59 memnoch popper[31474]: set stream socket options; sockfd = 5
[main.c:503]
Apr 7 14:19:59 memnoch popper[31474]: did bind on stream socket; sockfd = 5
[main.c:526]
Apr 7 14:20:00 memnoch popper[31474]: popper: Server: listening on
0.0.0.0:110 [main.c:534]
Apr 7 14:20:00 memnoch popper[31474]: listening using socket fd 5
[main.c:538]
Apr 7 14:20:00 memnoch popper[31474]: set fd 5 non-blocking (0x802)
[main.c:552]
====
there is nothing about ssl, and as we can see popper bind on port 110.
If I want to test a ssl connection I have to force outlook to make ssl
connection
on port 110. here are the logs, sorry it's a little ugly
=========
Apr 7 14:25:34 memnoch popper[31474]: accept=6; sockfd=5; clilen=16;
cli_addr=192.168.2.3:1256 [main.c:612]
Apr 7 14:25:34 memnoch popper[31474]: new connection; fd=6 [main.c:899]
Apr 7 14:25:34 memnoch popper[31474]: newsockfd (6) flags: 0x2 [main.c:907]
Apr 7 14:25:34 memnoch popper[31474]: set fd 6 blocking (0x2) [main.c:913]
Apr 7 14:25:34 memnoch popper[31474]: forked() for new connection;
pid=31483 [main.c:972]
Apr 7 14:25:34 memnoch popper[31483]: new child for connection [main.c:923]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: Debugging turned on
(-d) [pop_init.c:711]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: tls-support=2 (-l)
[pop_init.c:784]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: Will generate stats
records (-s) [pop_init.c:846]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: server mode is the
default (-S) [pop_init.c:851]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: timeout = 60 (-T)
[pop_init.c:881]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: Processing config
file '/etc/mail/pop/qpopper.config'; CallTime=1 [pop_config.c:1289]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: ...read line 1 (32):
set tls-support = alternate-port [pop_config.c:1325]
Apr 7 14:25:34 memnoch /usr/local/sbin/popper[31483]: Set tls-support to
alternate-port (1) [pop_config.c:1206]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...read line 2 (51):
set tls-server-cert-file = /etc/mail/certs/cert.pem [pop_config.c:1325]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: Set
tls-server-cert-file to "/etc/mail/certs/cert.pem" [pop_config.c:1222]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: Finished processing
config file '/etc/mail/pop/qpopper.config'; rslt=1 [pop_config.c:1473]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3) Servicing
request from "pandora.cronos.home" at 192.168.2.3 [pop_init.c:1173]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: before TLS;
tls_support==1 [popper.c:180]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...Initializing
OpenSSL library [pop_tls_openssl.c:224]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...have /dev/urandom;
skipping PRNG seeding [pop_tls_openssl.c:282]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...setting method to
SSLv23_server_method [pop_tls_openssl.c:306]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...allocating OpenSSL
context [pop_tls_openssl.c:336]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...setting
certificate file /etc/mail/certs/cert.pem [pop_tls_openssl.c:346]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...private key file
not set; assuming private key is in cert (/etc/mail/certs/cert.pem)
[pop_tls_openssl.c:362]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...setting private
key file /etc/mail/certs/cert.pem [pop_tls_openssl.c:367]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...verifying private
key against certificate [pop_tls_openssl.c:381]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...(tls_cipher_list
not specified) [pop_tls_openssl.c:408]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...allocating OpenSSL
connection [pop_tls_openssl.c:419]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...setting input (0)
and output (0) file descriptors [pop_tls_openssl.c:429]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: ...successfully
completed OpenSSL initialization [pop_tls_openssl.c:449]
Apr 7 14:25:35 memnoch /usr/local/sbin/popper[31483]: TLS Init
[popper.c:202]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: Attempting OpenSSL
handshake [pop_tls_openssl.c:498]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: tls accept returned 1
[pop_tls_openssl.c:501]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:507]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3)
TLSv1/SSLv3 handshake with client at pandora.cronos.home (192.168.2.3); new
session-id; cipher: RC4-MD5 (RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128)
Mac=MD5 ), 128 bits [pop_tls_openssl.c:514]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3) TLS OK
[popper.c:218]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: TLS Done
[popper.c:221]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3) Intro
[popper.c:247]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: +OK ready
[popper.c:255]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: tls write start 13
0xbfffd75c [pop_tls_openssl.c:674]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: tls write 13 2b 4f
[pop_tls_openssl.c:677]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:681]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: Qpopper ready for
input from (null) at pandora.cronos.home [192.168.2.3] [popper.c:292]
Apr 7 14:25:36 memnoch /usr/local/sbin/popper[31483]: tls read start 2048
0xbfffcf48 [pop_tls_openssl.c:579]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: tls read 13 55 53
[pop_tls_openssl.c:582]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:586]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: Received (11): "USER
acu-ml" [pop_get_command.c:105]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: home (9): '/no/where'
[pop_user.c:217]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: +OK Password required
for acu-ml. [pop_user.c:431]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: tls write start 35
0xbfffd75c [pop_tls_openssl.c:674]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: tls write 35 2b 4f
[pop_tls_openssl.c:677]
Apr 7 14:25:38 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:681]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: user returned 1;
CurrentState now auth2 [popper.c:336]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Qpopper ready for
input from acu-ml at pandora.cronos.home [192.168.2.3] [popper.c:292]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: tls read start 2048
0xbfffcf48 [pop_tls_openssl.c:579]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: tls read 16 50 41
[pop_tls_openssl.c:582]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:586]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Received: "pass
xxxxxxxxx" [pop_get_command.c:96]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: ...built: (39)
'/var/mail/' [genpath.c:158]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: genpath Spool (1)
[hash: 0; home: NULL] for user acu-ml returning /var/mail/acu-ml
[genpath.c:229]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: ...built: (39)
'/var/mail/' [genpath.c:158]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: genpath .pop (2)
[hash: 0; home: NULL] for user acu-ml returning /var/mail/.acu-ml.pop
[genpath.c:229]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Temporary maildrop
name: '/var/mail/.acu-ml.pop' [pop_dropcopy.c:1255]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: uid = 506, gid = 12,
euid = 506, egid = 12 [pop_dropcopy.c:1481]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Opened temp drop
/var/mail/.acu-ml.pop (6) [pop_dropcopy.c:1501]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Set p->drop to stream
for 6 [pop_dropcopy.c:1585]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Getting mail lock
[pop_dropcopy.c:1625]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: successfully opened
(exclusive) lock /var/mail/acu-ml.lock [maillock.c:477]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: maillock() on file
/var/mail/acu-ml (/var/mail/acu-ml.lock) [pop_dropcopy.c:1631] returning 0
(1 attempt(s)) [maillock.c:549]
Apr 7 14:25:39 memnoch /usr/local/sbin/popper[31483]: Opened spool
/var/mail/acu-ml (7) [pop_dropcopy.c:1663]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: Server mode: set
p->hold to temp drop (6) and p->drop to stream for spool (7)
[pop_dropcopy.c:1712]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: ...built: (39)
'/var/mail/' [genpath.c:158]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: genpath .cache (6)
[hash: 0; home: NULL] for user acu-ml returning /var/mail/.acu-ml.cache
[genpath.c:229]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: Read cache file
"/var/mail/.acu-ml.cache"; msg_count=0; toc_size=0; drop_size=0;
spool_end=0; first_msg_hidden=0; visible_msg_count=0 [pop_cache.c:424]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: Temp drop contains 0
(0 visible) messages in 0 octets [pop_dropcopy.c:1790]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: mailunlock() called
[pop_dropcopy.c:1807] for /var/mail/acu-ml.lock [maillock.c:579]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3) POP login
by user "acu-ml" at (pandora.cronos.home) 192.168.2.3 [pop_log.c:244]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: +OK acu-ml has 0
visible messages (0 hidden) in 0 octets. [pop_pass.c:1446]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: tls write start 59
0xbfffd75c [pop_tls_openssl.c:674]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: tls write 59 2b 4f
[pop_tls_openssl.c:677]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:681]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: pass returned 1;
CurrentState now trans [popper.c:336]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: Qpopper ready for
input from acu-ml at pandora.cronos.home [192.168.2.3] [popper.c:292]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: tls read start 2048
0xbfffcf48 [pop_tls_openssl.c:579]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: tls read 6 53 54
[pop_tls_openssl.c:582]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:586]
Apr 7 14:25:40 memnoch /usr/local/sbin/popper[31483]: Received (4): "STAT"
[pop_get_command.c:105]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: 0 visible message(s)
(0 octets). [pop_stat.c:37]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: +OK 0 0
[pop_stat.c:41]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: tls write start 9
0xbfffd75c [pop_tls_openssl.c:674]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: tls write 9 2b 4f
[pop_tls_openssl.c:677]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:681]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: stat returned 1;
CurrentState now trans [popper.c:336]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Qpopper ready for
input from acu-ml at pandora.cronos.home [192.168.2.3] [popper.c:292]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: tls read start 2048
0xbfffcf48 [pop_tls_openssl.c:579]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: tls read 6 51 55
[pop_tls_openssl.c:582]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:586]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Received (4): "QUIT"
[pop_get_command.c:105]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Performing maildrop
update... [pop_updt.c:292]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Checking to see if
all messages were deleted [pop_updt.c:293]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Stats: acu-ml 0 0 0 0
pandora.cronos.home 192.168.2.3 [pop_updt.c:296]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: ...built: (39)
'/var/mail/' [genpath.c:158]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: genpath .cache (6)
[hash: 0; home: NULL] for user acu-ml returning /var/mail/.acu-ml.cache
[genpath.c:229]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Wrote cache file
"/var/mail/.acu-ml.cache"; msg_count=0; toc_size=0; drop_size=0; spool_end=0
[pop_cache.c:245]
Apr 7 14:25:41 memnoch /usr/local/sbin/popper[31483]: Unlinked
[pop_updt.c:311] temp drop (/var/mail/.acu-ml.pop) [pop_updt.c:145]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: Running in server
mode; spool not changed; deleting temp drop [pop_updt.c:312]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: quit returned 1;
CurrentState now halt [popper.c:336]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: +OK Pop server at
memnoch.cronos.home signing off. [popper.c:360]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: tls write start 52
0xbfffd75c [pop_tls_openssl.c:674]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: tls write 52 2b 4f
[pop_tls_openssl.c:677]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_NONE (0) [pop_tls_openssl.c:681]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: tls shutdown returned
0 [pop_tls_openssl.c:763]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: SSL_get_error says
SSL_ERROR_SYSCALL (5) [pop_tls_openssl.c:766]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: TLS shutdown Error
[pop_tls_openssl.c:789]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: freeing m_OpenSSLconn
[pop_tls_openssl.c:811]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: freeing m_OpenSSLctx
[pop_tls_openssl.c:817]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: openssl_shutdown
returning -1 [pop_tls_openssl.c:822]
Apr 7 14:25:42 memnoch /usr/local/sbin/popper[31483]: (v4.0.4fc3) Ending
request from "acu-ml" at (pandora.cronos.home) 192.168.2.3 [popper.c:377]
Apr 7 14:25:42 memnoch popper[31483]: exiting after Qpopper returned
[main.c:952]
==================
Well as we can see:
1) The ssl part worked perfectly, so I assume that configure found
openssl-libraries successfully
2) The pop3 client (outlook express) did not report any error.
3) popper understood that he should use alternate port "Set tls-support to
alternate-port "
But popper still bind on port 110 instead of 995 . :o((
I tried to put:
set clear-text-password = ssl
set tls-version = all
But the problem persist.
Which version are you using Michael ?
Does popper bind on port 995 with you ??
Thanks for all.
--
Mikael Chambon || Paris France
mikael (at) cronos.org
mikael (at) nerim.net
PGP key http://www.cronos.org/mikael/pgp/key.txt
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: qpopper and TLS/SSL
Date: Sun, 7 Apr 2002 15:58:47 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I think, I got it.
It's doing everything fine, only on the wrong port.
You are running it as a standalone daemon. And the code
looks like (see popper/main.c) popper is using the
default port 110 in standalone mode regardless of the
option use-alternate-port.
Try calling it with
/usr/local/sbin/popper 110 <and rest of options>
or
/usr/local/sbin/popper <ip_adress_to_bind_to>:110 <and rest of options>
Greetz
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8sFCX72vu22ltWBERAuzNAJ9zIphRTuoy5ideTjl5EoPCaFkwYwCfcLwf
K896UYCnLKrZBsPXXW2VZ/U
=gHBd
-----END PGP SIGNATURE-----
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: qpopper and TLS/SSL
Date: Sun, 7 Apr 2002 16:28:05 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Sonntag, 7. April 2002 15:58 I wrote:
Sorry, of course the call should read (port 995 instead of 110)
> Try calling it with
> /usr/local/sbin/popper 995 <and rest of options>
> or
> /usr/local/sbin/popper <ip_adress_to_bind_to>:995 <and rest of options>
Perhaps a claryfing note in the documentation at the places where
alternate-port is specified would help to avoid that in the future?
I dunno.
Greetz
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8sFd272vu22ltWBERApq2AJ9vLIIh+lJuR3HhLnNGiK8PYUaO7ACfVm9J
fOU150RkHsHiLWl6o5DwpYQ
=02KQ
-----END PGP SIGNATURE-----
Date: Mon, 8 Apr 2002 10:14:05 -0400 (EDT)
From: "Mohamed M. Abbas" <mmabbas at longwood dot edu>
Subject: Re: Suggestion for a new and enhanced "server mode"
On 5 Apr 2002, Kenneth Porter wrote:
> On Fri, 2002-04-05 at 05:17, Jesus Cea Avion wrote:
>
> > A simple and efficient database (key/value) used to store messages. For
> > example, BerkeleyDB (http://www.sleepycat.com/)
> >
> > Qpopper would have six operations:
>
> Not Qpopper, though. You want to make this work with *all* mail systems,
> not just one POP3 server. So make this an API, perhaps with a support
> daemon. You then provide Qpopper with a configuration option to use the
> API. You also need to add the API to sendmail, procmail, UW-IMAP, Cyrus,
> etc., any system that needs to talk to mail spools. You can then add
> configurable back-ends that know how to talk not only to Sleepycat DB
> but also to traditional formats like mbox and maildir.
Why would you have to muck around with sendmail. You'd just have to write
an MDA that understands the API and the underlying Database/File Scheme
and just tell sendmail to use that.
> A similar system exists for authentication systems, called PAM
> (pluggable authentication modules), so you might model your API on that.
> Detractors of PAM are sure to sound off on its deficiencies, so you can
> use that information to avoid making the same mistakes in implementing a
> mail spool API.
>
Are there any web-pages out there that talk about the pros/cons of the PAM
infrastrcuture?
Thanks...
Mohamed M. Abbas
mmabbas at longwood dot edu
System Administrator
Longwood College
From: "Nathan Martinez" <nathanm at aaesys dot com>
Subject: error flushing output to client
Date: Mon, 8 Apr 2002 08:52:42 -0700
I have run across a problem with one of our clients. They are using
Microsoft Outlook 2000 in Workgroup mode. Each time that they try to get
their mail, this error shows up in my logs:
Apr 8 18:45:10 mail in.qpopper[18979]: I/O error flushing output to client
laptop at 172.18.203.200 [172.18.203.200]: Operation not permitted (1)
This user has quite a bit of mail (50MB), but it should still work. Has
anyone ran across this problem before? Thanks for your help.
-Nathan Martinez
Date: Mon, 8 Apr 2002 08:57:37 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Suggestion for a new and enhanced "server mode"
On Fri, Apr 05, 2002 at 03:17:01PM +0200, Jesus Cea Avion wrote:
> Problem:
>
> - People leaves mail in the mailbox. Scanning the mailbox every time is
> a I/O hungry operation
>
> - Rewritting a partially updated mailbox is very expensive. UIDL update,
> partial mailbox deleting, mail arrives while the popper is running...
Correct, both points. These are major performance problems right
now.
> Solution:
>
> A simple and efficient database (key/value) used to store messages. For
> example, BerkeleyDB (http://www.sleepycat.com/)
However, this loses compatibility with the many existing mail-related
programs which rely on the well-known UNIX mbox format.
> Qpopper would have six operations:
>
> - Translate estándar mailboxes into the database.
>
> - Serve mails from database.
>
> - An additional tool to show statistics about users: messages in
> database, lenght, last login, quota...
>
> - An additional tool to list and delete a concrete user message.
>
> - An additional tool to delete an user and all its messages.
>
> - An additional tool to kill all popper processes, disable POP3 logins
> and reconstruct the database if it's neccesary. This operation,
> tipically, lasts 4-5 seconds.
>
> We could have have another tool to delete messages already read and
> older that a month, for example.
And you never hereafter receive mail? You need to at least have some
interface for MTAs to deliver mail into the database other than by
someone popping their mail! And nobody will want shell access to mail,
and nobody will want IMAP, and nobody will want to use procmail or
seive or maildrop or ...?
I think you're really no longer talking about redesigning Qpopper
when you add this scope, you are talking about implementing most of a
complete new mail system, and you need to make it coexist with at least
the most common dozen or so other packages that form other parts of the
mail system.
The idea of a databased mail system is potentially a good one, and is
being kicked around by a lot of people in a lot of forms. For one
implementation in progress, which I heard about on the Postfix list,
see <http://www.dbmail.org/> Note that there are still some bugs here.
However, IMHO reading Brad Knowles' Lisa 2000 paper on large mail
systems should be a prerequisite for proposing a solution like this.
<http://www.shub-internet.org/brad/papers/dihses/lisa2000/> The
bottlenecks aren't necessarily where one might assume. (For instance,
he claims the assumption that maildir improves performance is not a
given, as it requires more writes of "synchronous meta-data" to the
filesystem. That's an important factor!)
> Example:
>
> You could have a central mailbox database. Every email in the database
> would have a unique UID. Every message resides in two register, for
> example. One register contains the message body. The other register has
> the message headers, which can be modified by qpopper (UIDL, Status,
> etc).
...
> When an user enters POP3, qpopper would translate new messages in user
> standard mailbox into the database (erasing the original mailbox). Then,
> the messages are served from the database. The message migration can be
> implemented, also, with a cron job to migrate mailboxes with infrequent
> logins.
If you're keeping initial messages delivered from [your MTA] in mbox
format, this probably means you're doing this mbox scan on many
sessions, which means you're doing a large part of the I/O currently
needed.
> Advantages:
>
> - You don't need scan anything when you have the messages in the
> database. You know, everytime, how many messages an user has, lenght,
> and so on. If new email arrives, you migrate it to the database.
This is the key advantage, but really this part boils down to having
a better message info cache system, which can be implemented without
completely reimplementing Qpopper into a database.
> - You can delete individual messages without needing a mailbox
> rewriting.
You still have to rewrite the database... but you do save on avoiding
repeated handling of the old saved messages. (Maildir also wins on
this.)
> - You can modify headers without expensive I/O, since headers (tipically
> <2Kbytes) are kept separated from message bodies.
Qpopper shouldn't be modifying the headers, other than to add a UID
(which can be avoided!)
> - New messages arriving while qpopper is working don't require mailbox
> rewriting.
They require loading into the database at the next POP session,
though.
> - Berkeley DB, for example, can retrieves partial registers. That is,
> you can have a 15 MB message, and you don't need to read it in a shot.
> In fact, you can read the message in 64 Kbytes chunks, for example, to
> keep memory and I/O small.
That doesn't actually reduce I/O, just splits it up. Qpopper doesn't
read the whole 15MB in one chunk either.
> - Berkeley DB overhead in disk space and CPU is fairly small.
...
I think many of these are valid points, but some don't apply, and
some offer simpler solutions.
To make my concerns clear: I don't totally reject the idea of using a
database for mail. You are also correct that it is critical for
performance to eliminate the cases where Qpopper now needs to
completely rewrite a mailbox. However, I think to properly implement
this database proposal, it will need to go far beyond the scope of
Qpopper, and much of the gains from the Qpopper-specific portions of it
could be gotten in simpler ways.
Perhaps another way of putting it is: if all these changes were made
to Qpopper as you describe, would it still be Qpopper at the end and
usable as it is now, or would it be a totally different beast?
For Qpopper to be able to work as it does now, for systems using just
mbox format, but also be able to work as you describe, then its present
mailbox I/O would need to be abstracted to a separate mailbox interface
I/O layer, somewhat along the lines of the UW-imapd "c-client" code.
(I don't personally like the UW code style, but there are clean ways to
implement the same goal.)
This would be a good first step for Qpopper because it creates a
clean abstraction which would enable a number of enhancements, starting
with integrating maildir in a coherent way, but also including a direct
interface to databased mailsystems like you're describing.
All IMHO. As your sig says "Things are not so easy."
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Mon, 8 Apr 2002 09:08:26 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Suggestion for a new and enhanced "server mode"
On Fri, Apr 05, 2002 at 07:25:28AM -0800, Gregory Hicks wrote:
> > Date: Fri, 05 Apr 2002 15:17:01 +0200
> > From: Jesus Cea Avion <jcea at argo dot es>
> > Problem:
> [...snip...]
> >
> > Solution:
> >
> > A simple and efficient database (key/value) used to store messages.
>
> This is a solution that is commercially available and has a good many
> customers. The software integrates nicely with many current desktop
> apps. Comes complete with built in calendaring and appointment system.
> Unfortunately, it only *nicely* uses ONE mail reader... It has the
> potential to use many readers but deliberately does not integrate at ALL
> with any of the others.
>
> The name of this commercial package and the reader? Exchange and
> Outlook...
A bad implementation doesn't disprove the value of the basic idea.
(Though it does nicely prove that the idea itself is not a panacea!)
At this point, I think the scalability of database mail solutions is
unproven one way or the other. The idea has definite potential, and
might prove to be incredibly high performance, or might yet prove to be
inferior to a well-designed structure resting on the standard UNIX file
system (which is, let us not forget, a database in its own right, just
a peculiarly limited and optimized one.)
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Mon, 8 Apr 2002 12:10:04 -0700 (PDT)
From: The Little Prince <thelittleprince at asteroid-b612 dot org>
Subject: Re: Suggestion for a new and enhanced "server mode"
on a little tangent and off-topic..i'm attempting to write a Maildir patch
for qpopper (which will probably just be included in my mysql patch). To
be honest, i'm not well versed in Maildir operations. If anyone has any
comments, documents I should read, or any caveats they feel
I should be aware of, please let me know.
Thanx,
--Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince at asteroid-b612.org http://www.asteroid-b612 dot org
"Strange, but it seems, there's a mutiny brewing inside of me"
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Date: Mon, 8 Apr 2002 09:18:21 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper and TLS/SSL
On Sun, Apr 07, 2002 at 01:32:10PM +0200, Mikael Chambon wrote:
> Hi all,
>
> Well I am trying to activate POP3 over ssl with qpopper and something is
> going wrong:
>
> Here is my conf:
>
> Redhat 7.2
> qpopper4.0.4fc3
> openssl-0.9.6b-8
> openssl-devel-0.9.6b-8
>
> configure
> flags: --enable-log-login --enable-shy --enable-standalone --enable-debuggin
> g
> --with-openssl=/lib
>
> Runtime options: /usr/local/sbin/popper -d -l 2 -s -S -T 60 -f
> /etc/mail/pop/qpopper.config
>
> qpopper.config:
> set tls-support = alternate-port
> set tls-server-cert-file = /etc/mail/certs/cert.pem
>
> The problem is that as far as netstat say, qpopper is not binding on port
> 995, and that's what I need
> for my outlook clients.
You have to explicitly set the port it should bind to. IIRC, it's "-P 995"
"alternate-port" sets the style of operation for TLS, it doesn't
specify a port.
This doesn't bite as many people as it could, just because most users
launch qpopper from [x]inetd rather than running standalone.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
Date: Mon, 8 Apr 2002 09:03:20 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Suggestion for a new and enhanced "server mode"
On Mon, Apr 08, 2002 at 10:14:05AM -0400, Mohamed M. Abbas wrote:
> On 5 Apr 2002, Kenneth Porter wrote:
>
> > On Fri, 2002-04-05 at 05:17, Jesus Cea Avion wrote:
> >
> > > A simple and efficient database (key/value) used to store messages. For
> > > example, BerkeleyDB (http://www.sleepycat.com/)
> > >
> > > Qpopper would have six operations:
> >
> > Not Qpopper, though. You want to make this work with *all* mail systems,
> > not just one POP3 server. So make this an API, perhaps with a support
> > daemon. You then provide Qpopper with a configuration option to use the
> > API. You also need to add the API to sendmail, procmail, UW-IMAP, Cyrus,
> > etc., any system that needs to talk to mail spools. You can then add
> > configurable back-ends that know how to talk not only to Sleepycat DB
> > but also to traditional formats like mbox and maildir.
Basically the same thing I was suggesting, but from a different
angle. (I was focusing on "you have to make Qpopper interface with a
general mailbox API", Kenneth is focusing on the "you have to provide a
general mailbox API for mail software to interface with.")
> Why would you have to muck around with sendmail. You'd just have to write
> an MDA that understands the API and the underlying Database/File Scheme
> and just tell sendmail to use that.
You can, though then you have to fork/exec your separate MDA. An API
would give you the option of direct integration to MTAs so they don't
need to fork, which turns out to be very significant for performance.
For instance, postfix claims to deliver 3-4 times as many
messages/second when doing local delivery with its native (persistent)
"local" daemon, vs. when using procmail, and my initial tests seem to
bear that out. If we are talking about overall mail server efficiency,
that's not to be sneezed at.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
From: "Mikael Chambon" <qpopper-ml at cronos dot org>
Subject: Re: qpopper and TLS/SSL
Date: Mon, 8 Apr 2002 22:54:54 +0200
Okay thanks Clifton,
Michael Zimmermann already told where I was wrong,
Thanks again guys,
--
Mikael Chambon || Paris France
mikael (at) cronos.org
mikael (at) nerim.net
PGP key http://www.cronos.org/mikael/pgp/key.txt
----- Original Message -----
From: "Clifton Royston" <cliftonr at lava dot net>
To: "Mikael Chambon" <qpopper-ml at cronos dot org>
Cc: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Monday, April 08, 2002 9:18 PM
Subject: Re: qpopper and TLS/SSL
> On Sun, Apr 07, 2002 at 01:32:10PM +0200, Mikael Chambon wrote:
> > Hi all,
> >
> > Well I am trying to activate POP3 over ssl with qpopper and something is
> > going wrong:
> >
> > Here is my conf:
> >
> > Redhat 7.2
> > qpopper4.0.4fc3
> > openssl-0.9.6b-8
> > openssl-devel-0.9.6b-8
> >
> > configure
> >
flags: --enable-log-login --enable-shy --enable-standalone --enable-debuggin
> > g
> > --with-openssl=/lib
> >
> > Runtime options: /usr/local/sbin/popper -d -l 2 -s -S -T 60 -f
> > /etc/mail/pop/qpopper.config
> >
> > qpopper.config:
> > set tls-support = alternate-port
> > set tls-server-cert-file = /etc/mail/certs/cert.pem
> >
> > The problem is that as far as netstat say, qpopper is not binding on
port
> > 995, and that's what I need
> > for my outlook clients.
>
> You have to explicitly set the port it should bind to. IIRC, it's "-P 995"
>
> "alternate-port" sets the style of operation for TLS, it doesn't
> specify a port.
>
> This doesn't bite as many people as it could, just because most users
> launch qpopper from [x]inetd rather than running standalone.
>
> -- Clifton
>
> --
> Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
> "What do we need to make our world come alive?
> What does it take to make us sing?
> While we're waiting for the next one to arrive..." - Sisters of Mercy
>
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
Date: Mon, 8 Apr 2002 16:50:49 -0500
Clifton -
Thanks for the reply and for your effort sealing the seams between these two
applications.
And I apologize for not sending my original message to the list.
Chris
----- Original Message -----
From: "Clifton Royston" <cliftonr at lava dot net>
To: "Christopher Crowley" <ccrowley at tulane dot edu>
Sent: Monday, April 08, 2002 4:42 PM
Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and
enhanced "server mode"
> On Mon, Apr 08, 2002 at 04:34:18PM -0500, Christopher Crowley wrote:
> > >
> > > For Qpopper to be able to work as it does now, for systems using
just
> > > mbox format, but also be able to work as you describe, then its
present
> > > mailbox I/O would need to be abstracted to a separate mailbox
interface
> > > I/O layer, somewhat along the lines of the UW-imapd "c-client" code.
> > > (I don't personally like the UW code style, but there are clean ways
to
> > > implement the same goal.)
> >
> > I have a perennial problem because our mail system uses both Qpopper and
> > UW-IMAP. User's mail files become corrupted when they check with both
> > simultaneously. I have to fix it by hand.
>
> I feel your pain.
>
> > We use mbox format. The drives which house the mail are locally attached
> > storage on the mail server.
> >
> > I think that the last time this was discussed there were some allusions
to a
> > possible patch.
> >
> > Has anyone successfully modified either application to allow it to use
the
> > same locking mechanism as the other?
>
> I'm running with a patch that does this, and trying to find time to get
> it cleaned up for submission. It does work in practice, but I am not
> sure about the maintainability, and I have to rewrite the low-level
> locking routine because I don't think it's portable to anything but a
> BSD-style UNIX (uses O_CREAT|O_EXCL|O_EXLOCK on open.)
>
> Once it is cleaned up, I will submit it. I'm sorry for all the
> delays.
>
> -- Clifton
>
> --
> Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
> "What do we need to make our world come alive?
> What does it take to make us sing?
> While we're waiting for the next one to arrive..." - Sisters of Mercy
>
Date: Mon, 8 Apr 2002 14:01:21 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Please Test Qpopper 4.0.4fc3
I'd like to release 4.0.4 as soon as possible, so I'm asking for your
help. Please try out 4.0.4fc3 and let me know of any problems.
Date: Tue, 9 Apr 2002 07:05:13 +0200 (MEST)
From: Oliver Fleischmann <ogf at bnv-bamberg dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
Good morning,
On Mon, 8 Apr 2002, Randall Gellens wrote:
> I'd like to release 4.0.4 as soon as possible, so I'm asking for your
> help. Please try out 4.0.4fc3 and let me know of any problems.
we run 4.0.4fc3 since the day you have released it on a linux machine
with about 3000 users. No unusual problems yet.
We always had big trouble with hanging popper processes laying around for
ever and keeping mailboxes locked. As it seems, with the new version that
has much improved though not fully gone away.
THanks for your effort!
Sincerely
Oliver
Subject: Re: error flushing output to client
From: Kenneth Porter <shiva at well dot com>
Date: 08 Apr 2002 23:19:05 -0700
On Mon, 2002-04-08 at 08:52, Nathan Martinez wrote:
> I have run across a problem with one of our clients. They are using
> Microsoft Outlook 2000 in Workgroup mode. Each time that they try to get
> their mail, this error shows up in my logs:
>
> Apr 8 18:45:10 mail in.qpopper[18979]: I/O error flushing output to client
> laptop at 172.18.203.200 [172.18.203.200]: Operation not permitted (1)
>
> This user has quite a bit of mail (50MB), but it should still work. Has
> anyone ran across this problem before? Thanks for your help.
Looks like a classic client-side timeout. Qpopper is busy copying the
spool right after the password is issued, and Outlook is timing out
waiting for this to complete.
Subject: Re: Please Test Qpopper 4.0.4fc3
From: Kenneth Porter <shiva at well dot com>
Date: 08 Apr 2002 23:30:25 -0700
On Mon, 2002-04-08 at 14:01, Randall Gellens wrote:
> I'd like to release 4.0.4 as soon as possible, so I'm asking for your
> help. Please try out 4.0.4fc3 and let me know of any problems.
I installed it last week. Today it served about 2700 requests. No
strange log messages and no complaints from the users.
From: Oliver <Oliver.Egginger at dvz.fh-giessen dot de>
Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
Date: Tue, 9 Apr 2002 09:27:28 +0200
By the way ...
We use qpopper in production and we are happy with it.
Supplementary we want to reoffer a IMAP service.
For various reasons we will use the UW IMAP daemon.
Theoretical a user may access her mailbox at same time
via qpopper and the UW IMAP daemon.
Current we use qpopper 4.0.3.
Are there any any known problems with regard to file locking ?
- oliver
> Clifton -
>
> Thanks for the reply and for your effort sealing the seams between these
> two applications.
>
> And I apologize for not sending my original message to the list.
>
> Chris
>
>
> ----- Original Message -----
> From: "Clifton Royston" <cliftonr at lava dot net>
> To: "Christopher Crowley" <ccrowley at tulane dot edu>
> Sent: Monday, April 08, 2002 4:42 PM
> Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and
> enhanced "server mode"
>
> > On Mon, Apr 08, 2002 at 04:34:18PM -0500, Christopher Crowley wrote:
> > > > For Qpopper to be able to work as it does now, for systems using
>
> just
>
> > > > mbox format, but also be able to work as you describe, then its
>
> present
>
> > > > mailbox I/O would need to be abstracted to a separate mailbox
>
> interface
>
> > > > I/O layer, somewhat along the lines of the UW-imapd "c-client" code.
> > > > (I don't personally like the UW code style, but there are clean ways
>
> to
>
> > > > implement the same goal.)
> > >
> > > I have a perennial problem because our mail system uses both Qpopper
> > > and UW-IMAP. User's mail files become corrupted when they check with
> > > both simultaneously. I have to fix it by hand.
> >
> > I feel your pain.
> >
> > > We use mbox format. The drives which house the mail are locally
> > > attached storage on the mail server.
> > >
> > > I think that the last time this was discussed there were some allusions
>
> to a
>
> > > possible patch.
> > >
> > > Has anyone successfully modified either application to allow it to use
>
> the
>
> > > same locking mechanism as the other?
> >
> > I'm running with a patch that does this, and trying to find time to get
> > it cleaned up for submission. It does work in practice, but I am not
> > sure about the maintainability, and I have to rewrite the low-level
> > locking routine because I don't think it's portable to anything but a
> > BSD-style UNIX (uses O_CREAT|O_EXCL|O_EXLOCK on open.)
> >
> > Once it is cleaned up, I will submit it. I'm sorry for all the
> > delays.
> >
> > -- Clifton
> >
> > --
> > Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
> > "What do we need to make our world come alive?
> > What does it take to make us sing?
> > While we're waiting for the next one to arrive..." - Sisters of Mercy
--
Oliver Egginger
FH Giessen-Friedberg
DV-Zentrum
Wiesenstrasse 14
35390 Giessen
Tel. +49 641 309-1283
Fax +49 641 309-2908
Mail: Oliver.Egginger at dvz.fh-giessen dot de
*************************************************************************
Die aktuellen Sprechzeiten des DV-Zentrums für
E-Mail-Angelegenheiten finden Sie unter:
http://www.fh-giessen.de/WEB_NADM/dvz/personen.shtml
*************************************************************************
Date: Tue, 09 Apr 2002 18:46:29 +1000
From: Wayne Heming <wheming at hemnet.com dot au>
Subject: Re: Please Test Qpopper 4.0.4fc3
Another install with no problems reported
Compiled and worked first go. No complaints.
FreeBSD 4.4-RC #5
Wayne
Date: Tue, 09 Apr 2002 08:04:34 -0400
From: Mark <manager at monmouth dot com>
Subject: Re: Please Test Qpopper 4.0.4fc3
At 05:01 PM 4/8/2002, Randall Gellens wrote:
>I'd like to release 4.0.4 as soon as possible, so I'm asking for your
>help. Please try out 4.0.4fc3 and let me know of any problems.
Running BSDI 4.01 and v4.0.4fc3 with about 600K pops a day. No problems
with compiling and as you see, no problems with it running. Look forward to
4.04
Mark
Date: Tue, 09 Apr 2002 15:07:16 +0200
From: Jesus Cea Avion <jcea at argo dot es>
Subject: Re: Please Test Qpopper 4.0.4fc3
> I'd like to release 4.0.4 as soon as possible, so I'm asking for your
> help. Please try out 4.0.4fc3 and let me know of any problems.
I'm running 4.0.4fc3 without a glitch. Sparc Solaris 2.5.1 here.
Reading "CHANGES" I see an important missing feature: server timeout
while sending an email to the client.
Check list archives around 14/Jan/2002 :-)
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea at argo.es http://www.argo dot es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
Date: Tue, 09 Apr 2002 15:20:59 +0200
From: Jesus Cea Avion <jcea at argo dot es>
Subject: Efficient bulk reception timeout (was: Re: Please Test Qpopper 4.0.4fc3
> Reading "CHANGES" I see an important missing feature: server timeout
> while sending an email to the client.
>
> Check list archives around 14/Jan/2002 :-)
To overcome the potential performance problem of to setup an alarm for
every written data chunk, a possibility would be:
- Setup the alarm for, let's say, 5 minutes.
- Set a flag to 0
- For every chunk written (or syscall interrupted), check the flag. If
the flag is 2, the connection has timeout-ed and must be shutdown. If
the flag is 3, setup a new alarm and set the flag to 0.
- Set the flag to 1.
- In the alarm signal routine, if the flag is 1, set the flag to 3. If
the flag is 0, set the flag to 2.
So your overhead will go every 5 minutes, instead for every chunk.
The legend would be:
0 -> timer running, no outgoing traffic.
1 -> timer running, outgoing traffic in progress.
2 -> timer expired, without traffic. The connection must be shutdown.
3 -> timer expired, outgoing traffic fine. Setup a new timer.
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea at argo.es http://www.argo dot es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
From: "Pastor Stuart Thiessen" <sthiessen at firstfederated dot org>
Subject: Trouble Connecting
Date: Tue, 9 Apr 2002 09:46:22 -0500
This is a multi-part message in MIME format.
------=_NextPart_000_08FE_01C1DFAB.6828F1C0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I have Qpopper 4.0.3. I am installing it on a Red Hat 7.2 system. I
previously used Red Hat 6 system with Qpopper 3 and had absolutely no
problem. Now, with this newer system, I am having all kinds of
problems. Here is where I am at.
I am able to telnet to my local interface and eth0 and access Qpopper
with no problem. However, when I attempt to telnet from another box on
the same network, I get connection refused. I looked at the
troubleshooting guide to follow its instructions and I still have
problems.
What do you suggest I look at next?
Thanks,
Stuart
------=_NextPart_000_08FE_01C1DFAB.6828F1C0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>I have Qpopper 4.0.3. I am
installing it on a
Red Hat 7.2 system. I previously used Red Hat 6 system with
Qpopper 3 and
had absolutely no problem. Now, with this newer system, I am
having all
kinds of problems. Here is where I am at.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I am able to telnet to my local
interface and eth0
and access Qpopper with no problem. However, when I attempt to
telnet from
another box on the same network, I get connection refused. I
looked at the
troubleshooting guide to follow its instructions and I still have
problems.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>What do you suggest I look at
next?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Thanks,</FONT></DIV>
<DIV><FONT face=Arial size=2><BR>Stuart</FONT></DIV></BODY></HTML>
------=_NextPart_000_08FE_01C1DFAB.6828F1C0--
Subject: Re: Trouble Connecting
From: Kenneth Porter <shiva at well dot com>
Date: 09 Apr 2002 08:19:27 -0700
On Tue, 2002-04-09 at 07:46, Pastor Stuart Thiessen wrote:
> I have Qpopper 4.0.3. I am installing it on a Red Hat 7.2 system. I previously used Red Hat 6 system with Qpopper 3 and had absolutely no problem. Now, with this newer system, I am having all kinds of problems. Here is where I am at.
>
> I am able to telnet to my local interface and eth0 and access Qpopper with no problem. However, when I attempt to telnet from another box on the same network, I get connection refused. I looked at the troubleshooting guide to follow its instruction
nd I still have problems.
Sounds like a firewall. RH7.2 started shipping with a default firewall
designed for a workstation, so it's pretty tight. Make sure you open the
POP ports you need. Also check tcp_wrappers. You may need to enable the
service in /etc/hosts.allow.
Just to see if this is the issue, totally disable the firewall and
enable all addresses and all services in hosts.allow.
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
Date: Tue, 9 Apr 2002 17:23:07 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Montag, 8. April 2002 23:01 Randall Gellens wrote:
> I'd like to release 4.0.4 as soon as possible, so I'm asking for your
> help. Please try out 4.0.4fc3 and let me know of any problems.
No problems compiling and running it (with very low traffic)
on linux SuSE 7.3. Green light here.
As I saw, you preferred to set 'hangup', when a write to the client
fails (instead of Clifton Royston's solution to catch SIGHUP and SIGPIPE
signals). May I ask you - out of curiosity and the wish to learn -
for a rationale about this? Or is this a matter of taste and coding style?
Greetings
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8swdb72vu22ltWBERAp75AJ45vqwHaXxe+wE1IbmcmGBpGlVG1QCfZQCX
MporKOkzcsnq0w/URMgPuno
=WV6+
-----END PGP SIGNATURE-----
Date: Tue, 9 Apr 2002 09:05:19 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Please Test Qpopper 4.0.4fc3
At 5:23 PM +0200 4/9/02, Michael Zimmermann wrote:
> As I saw, you preferred to set 'hangup', when a write to the client
> fails (instead of Clifton Royston's solution to catch SIGHUP and SIGPIPE
> signals). May I ask you - out of curiosity and the wish to learn -
> for a rationale about this? Or is this a matter of taste and coding style?
This was simply a case of trying to do a minimal patch for the
immediate problem. I like Clifton's solution and want to include it
very soon.
From: "Matthew D. Hon" <matthewhon at iname dot com>
Subject: Qpopper 4.0.4fc3 Need Help
Date: Tue, 9 Apr 2002 11:52:32 -0500
I have downloaded and run the ./configure script. I have followed the
directions on the web site to the best of my abilities and I still cannot
get qpopper to work. I am running Redhat 7.2. When I try to do a telnet to
check if things are working I get the connection refused error message. Any
ideas or tell me where to start?
Matthew
Date: Tue, 9 Apr 2002 10:57:33 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Please Test Qpopper 4.0.4fc3
At 7:05 AM +0200 4/9/02, Oliver Fleischmann wrote:
>We always had big trouble with hanging popper processes laying around for
>ever and keeping mailboxes locked.
What does a kernel trace on the processes show? (Something like
truss(1) or ktrace(1) or whatever your system has.)
Date: Tue, 9 Apr 2002 20:12:27 +0200 (MEST)
From: Oliver Fleischmann <ogf at bnv-bamberg dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
On Tue, 9 Apr 2002, Randall Gellens wrote:
> At 7:05 AM +0200 4/9/02, Oliver Fleischmann wrote:
>
> >We always had big trouble with hanging popper processes laying around for
> >ever and keeping mailboxes locked.
>
> What does a kernel trace on the processes show? (Something like
> truss(1) or ktrace(1) or whatever your system has.)
Strace shows the processes waiting in a "read(0, " call; I have never
been able to get more information out of it.
I have even set up a debug-enabled qpopper with strace on a special port
number, but when I told one of our users to actually use that special
port, such hangs never occured again on that special port, so I never got
a detailed log of what happens. Really strange thing!
Oliver
From: Jason Jin <jason at dataprompt dot com>
Subject: qpopper+SSL+outlook : unknown protocol error?
Date: Tue, 9 Apr 2002 14:13:53 -0400 (EDT)
Hi, all ,
I'm trying to settup POP3 over SSL with outlook/outlook express.
and I would appreciate some help.
system
sun solaris 2.6
qpopper 4.0.3 (latest stable)
openssl 0.9.6c
configure with
./configure --with-openssl --enable-timing \
--enable-debugging --enable-auth-file=/etc/pop.allow
it compiles without error. then first I testd normal POP3
session,i It works fine. next I want enable a SSL session.
service enabled in /etc/inetd.conf
spop3 stream tcp nowait root /usr/local/sbin/popper qpopper -d -t /var/adm/qpopper.log -s -f /etc/mail/pop/qpopper.config
#pop3 and spop3 are defined /etc/services
spop3 995/tcp # PostOfficeProtocol 3 over SSL
qpopper.config :
set tls-support = alternate-port
set tls-server-cert-file = /etc/mail/certs/cert.pem
telnet localhost 995 give me the qpop3 banner, however client connection
failed.
[jason@flounder jason]$ openssl s_client -connect localhost:995 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 00156F08 [00158FD0] (130 bytes => 130 (0x82))
0000 - 80 80 01 03 01 00 57 00-00 00 20 00 00 16 00 00 ......W... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 07 00 00 05 .........f......
0020 - 00 00 04 05 00 80 03 00-80 01 00 80 08 00 80 00 ................
0030 - 00 65 00 00 64 00 00 63-00 00 62 00 00 61 00 00 .e..d..c..b..a..
0040 - 60 00 00 15 00 00 12 00-00 09 06 00 40 00 00 14 `........... at . dot .
0050 - 00 00 11 00 00 08 00 00-06 00 00 03 04 00 80 02 ................
0060 - 00 80 47 8c fc 3c cb 46-80 c5 47 ba 2c 65 9e a4 ..G..<.F..G.,e..
0070 - 38 b5 ac b7 0e cf dd 11-35 c6 18 08 81 3d 81 54 8.......5....=.T
0080 - be 39 .9
SSL_connect:SSLv2/v3 write client hello A
read from 00156F08 [0015E530] (7 bytes => 7 (0x7))
0000 - 2b 4f 4b 20 51 70 6f +OK Qpo
SSL_connect:error in SSLv2/v3 read server hello A
13787:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460:
can somebody help explain what does this error message means.
Thanks,
jason
From: Anders Johansson <andjoh at cicada.linux-site dot net>
Subject: Re: Please Test Qpopper 4.0.4fc3
Date: Tue, 9 Apr 2002 20:28:25 +0200
On Tuesday 09 April 2002 20:12, Oliver Fleischmann wrote:
> On Tue, 9 Apr 2002, Randall Gellens wrote:
> > At 7:05 AM +0200 4/9/02, Oliver Fleischmann wrote:
> > >We always had big trouble with hanging popper processes laying around
> > > for ever and keeping mailboxes locked.
> >
> > What does a kernel trace on the processes show? (Something like
> > truss(1) or ktrace(1) or whatever your system has.)
>
> Strace shows the processes waiting in a "read(0, " call; I have never
> been able to get more information out of it.
>
> I have even set up a debug-enabled qpopper with strace on a special port
> number, but when I told one of our users to actually use that special
> port, such hangs never occured again on that special port, so I never got
> a detailed log of what happens. Really strange thing!
>
> Oliver
That sounds very much like the problem I had a while back. It was one
particular mail that always caused it, all others went through fine but on
that particular mail qpopper would hang in a read just like yours. I sent the
mail that caused the problems to Mr. Gellens but when I asked him if he had
been able to reproduce it I never received a reply so I assume he couldn't.
Perhaps the problem is specific to certain machines only?
Anders
Date: Tue, 9 Apr 2002 20:46:23 +0200 (MEST)
From: Oliver Fleischmann <ogf at bnv-bamberg dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
On Tue, 9 Apr 2002, Anders Johansson wrote:
> > Strace shows the processes waiting in a "read(0, " call; I have never
> > been able to get more information out of it.
> >
> > I have even set up a debug-enabled qpopper with strace on a special port
> > number, but when I told one of our users to actually use that special
> > port, such hangs never occured again on that special port, so I never got
> > a detailed log of what happens. Really strange thing!
> >
> > Oliver
>
> That sounds very much like the problem I had a while back. It was one
> particular mail that always caused it, all others went through fine but on
> that particular mail qpopper would hang in a read just like yours. I sent the
> mail that caused the problems to Mr. Gellens but when I asked him if he had
> been able to reproduce it I never received a reply so I assume he couldn't.
> Perhaps the problem is specific to certain machines only?
Possibly, but there must be a random element, too, because if I kill that
hanging processes manually, the users can retrieve their mail without
problems. In fact, we haven't found a way to reproduce the hangs.
Our machine is a dual-Pentium II with SuSE Linux 6.4 (Kernel 2.2.x), rock
solid in any respect.
Oliver
From: "Matthew D. Hon" <matthewhon at iname dot com>
Subject: RE: Qpopper 4.0.4fc3 Need Help
Date: Tue, 9 Apr 2002 13:48:26 -0500
With RedHat 7.2 I cannot find a inetd.conf file. Do I just put the same line
in the xinetd.conf file as I would in the other?
-----Original Message-----
From: Pastor Stuart Thiessen [mailto:sthiessen at firstfederated dot org]
Sent: Tuesday, April 09, 2002 12:38 PM
To: Matthew D. Hon
Subject: Re: Qpopper 4.0.4fc3 Need Help
I had the same problem. It is a firewall issue. By default, RedHat blocks
port 110 where POP comes in. Do you know how to use ipchains to configure
the firewall? If not, I can send you the commands that worked for me.
Thanks,
Stuart
----- Original Message -----
From: "Matthew D. Hon" <matthewhon at iname dot com>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Tuesday, 09 April 2002 11:52
Subject: Qpopper 4.0.4fc3 Need Help
> I have downloaded and run the ./configure script. I have followed the
> directions on the web site to the best of my abilities and I still cannot
> get qpopper to work. I am running Redhat 7.2. When I try to do a telnet to
> check if things are working I get the connection refused error message.
Any
> ideas or tell me where to start?
>
> Matthew
>
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
Date: Tue, 9 Apr 2002 21:01:39 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Dienstag, 9. April 2002 20:12 Oliver Fleischmann wrote:
> [about hanging popper processes laying around]
> Strace shows the processes waiting in a "read(0, " call; I have never
> been able to get more information out of it.
Am I wrong, Randall, that this smells of the old hang-up situation
which Clifton tried to solve with his signal-patch?
Wouldn't it be worth, Olivier, to try a 4.0.4fc3 plus Clifton's
patches (or similiar) on your site?
Just as an idea.
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8szqU72vu22ltWBERAutjAJ0X9tLdTt5XaodjSqUqcfS3U0oyeACeKwSe
NdWNCz7XL5AxAbT251Nytqw
=FmUR
-----END PGP SIGNATURE-----
From: "Christopher Crowley" <ccrowley at tulane dot edu>
Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and enhanced "server mode"
Date: Tue, 9 Apr 2002 14:49:32 -0500
Yes, there is a problem.
The locking mechanisms are not the same, and thereby there is no coordinated
locking system between qpopper and uw-imap.
Chris
----- Original Message -----
From: "Oliver" <Oliver.Egginger at dvz.fh-giessen dot de>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Tuesday, April 09, 2002 2:27 AM
Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new and
enhanced "server mode"
> By the way ...
> We use qpopper in production and we are happy with it.
> Supplementary we want to reoffer a IMAP service.
> For various reasons we will use the UW IMAP daemon.
> Theoretical a user may access her mailbox at same time
> via qpopper and the UW IMAP daemon.
> Current we use qpopper 4.0.3.
> Are there any any known problems with regard to file locking ?
>
> - oliver
>
>
>
> > Clifton -
> >
> > Thanks for the reply and for your effort sealing the seams between these
> > two applications.
> >
> > And I apologize for not sending my original message to the list.
> >
> > Chris
> >
> >
> > ----- Original Message -----
> > From: "Clifton Royston" <cliftonr at lava dot net>
> > To: "Christopher Crowley" <ccrowley at tulane dot edu>
> > Sent: Monday, April 08, 2002 4:42 PM
> > Subject: Re: c-client & Qpopper coexist? WAS: Re: Suggestion for a new
and
> > enhanced "server mode"
> >
> > > On Mon, Apr 08, 2002 at 04:34:18PM -0500, Christopher Crowley wrote:
> > > > > For Qpopper to be able to work as it does now, for systems using
> >
> > just
> >
> > > > > mbox format, but also be able to work as you describe, then its
> >
> > present
> >
> > > > > mailbox I/O would need to be abstracted to a separate mailbox
> >
> > interface
> >
> > > > > I/O layer, somewhat along the lines of the UW-imapd "c-client"
code.
> > > > > (I don't personally like the UW code style, but there are clean
ways
> >
> > to
> >
> > > > > implement the same goal.)
> > > >
> > > > I have a perennial problem because our mail system uses both Qpopper
> > > > and UW-IMAP. User's mail files become corrupted when they check
with
> > > > both simultaneously. I have to fix it by hand.
> > >
> > > I feel your pain.
> > >
> > > > We use mbox format. The drives which house the mail are locally
> > > > attached storage on the mail server.
> > > >
> > > > I think that the last time this was discussed there were some
allusions
> >
> > to a
> >
> > > > possible patch.
> > > >
> > > > Has anyone successfully modified either application to allow it to
use
> >
> > the
> >
> > > > same locking mechanism as the other?
> > >
> > > I'm running with a patch that does this, and trying to find time to
get
> > > it cleaned up for submission. It does work in practice, but I am not
> > > sure about the maintainability, and I have to rewrite the low-level
> > > locking routine because I don't think it's portable to anything but a
> > > BSD-style UNIX (uses O_CREAT|O_EXCL|O_EXLOCK on open.)
> > >
> > > Once it is cleaned up, I will submit it. I'm sorry for all the
> > > delays.
> > >
> > > -- Clifton
> > >
> > > --
> > > Clifton Royston -- LavaNet Systems Architect --
cliftonr at lava dot net
> > > "What do we need to make our world come alive?
> > > What does it take to make us sing?
> > > While we're waiting for the next one to arrive..." - Sisters of Mercy
>
> --
> Oliver Egginger
> FH Giessen-Friedberg
> DV-Zentrum
> Wiesenstrasse 14
> 35390 Giessen
> Tel. +49 641 309-1283
> Fax +49 641 309-2908
> Mail: Oliver.Egginger at dvz.fh-giessen dot de
>
>
> *************************************************************************
> Die aktuellen Sprechzeiten des DV-Zentrums für
> E-Mail-Angelegenheiten finden Sie unter:
> http://www.fh-giessen.de/WEB_NADM/dvz/personen.shtml
> *************************************************************************
>
From: Michael Zimmermann <zim at vegaa dot de>
Subject: Re: Please Test Qpopper 4.0.4fc3
Date: Tue, 9 Apr 2002 21:50:01 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At Dienstag, 9. April 2002 20:46 Oliver Fleischmann wrote:
> Possibly, but there must be a random element, too, because if I kill that
> hanging processes manually, the users can retrieve their mail without
> problems. In fact, we haven't found a way to reproduce the hangs.
Sure. But in a way it looks like, as if it is _statistically_ reproducable
on your site (with a low probability, but nevertheless a probability above zero,
and the recent changes in the same area allready provided significant change).
And if I recall the several discussions correctly, this
bug was haunting us now for a longer time allready.
If I can help (and in case you should want to try that approach),
I will; just contact me off-list. I could provide you with Clifton's
patch adopted to 4.0.4rc3 for example. But Clifton or Randall would
know better certainly.
Michael
- --
Michael Zimmermann (Vegaa Safety and Security for Internet Services)
<zim at vegaa dot de> phone +49 89 6283 7632 hotline +49 163 823 1195
Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8s0Xp72vu22ltWBERAqjDAKCFvaAXclPzZmVXBRnKNdPScFvOswCcDUCA
XtfGLEbbLD1mH7nniNXtDiw
=PVeD
-----END PGP SIGNATURE-----
Date: Tue, 9 Apr 2002 12:36:10 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Please Test Qpopper 4.0.4fc3
At 8:28 PM +0200 4/9/02, Anders Johansson wrote:
>I sent the
>mail that caused the problems to Mr. Gellens but when I asked him if he had
>been able to reproduce it I never received a reply so I assume he couldn't.
I couldn't reproduce it. Do I need to use a certain client?
Date: Tue, 9 Apr 2002 16:14:39 -0400
From: Scott McDermott <mcdermot at questra dot com>
Subject: Re: Please Test Qpopper 4.0.4fc3
Randall Gellens on Mon 8/04 14:01 -0700:
> I'd like to release 4.0.4 as soon as possible, so I'm asking for your
> help. Please try out 4.0.4fc3 and let me know of any problems.
I upgraded from 4.0.3 (working fine with SSL) to 4.0.4fc3
identical config, nothing changed at all. Now I'm getting this from SSL
clients (all Outlook 2000)
here's sanitized info:
: (v4.0.4fc3) TLSv1/SSLv3 handshake with client at userjoe.ddns.our.domain.com (10.20.10.248); new session-id; cipher: RC4-MD5 (RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 ), 128 bits [pop_tls_openssl.c:514]
: (v4.0.4fc3) POP login by user "userjoe" at (userjoe.ddns.our.domain.com) 10.20.10.248 [pop_log.c:244]
: I/O Error [pop_tls_openssl.c:730]
: Error writing to client [pop_send.c:729]
: userjoe at userjoe.ddns.our.domain.com (10.20.10.248): -ERR SIGHUP or SIGPIPE flagged [pop_send.c:495]
: userjoe at userjoe.ddns.our.domain.com (10.20.10.248): -ERR POP hangup from mailserver.our.domain.com [popper.c:813]
: TLS shutdown Error [pop_tls_openssl.c:789]
: (v4.0.4fc3) Timing for userjoe at userjoe.ddns.our.domain dot com (error) auth=0 init=0 clean=0 [popper.c:384]
configure:
./configure \
--prefix=/opt/local \
--sysconfdir=/etc/qpopper \
--enable-debugging \
--enable-servermode \
--enable-specialauth \
--with-pam=pop3 \
--enable-log-login \
--enable-shy \
--enable-spool-dir=/var/mail \
--enable-temp-drop-dir=/var/mail/qptmp \
--enable-cache-dir=/var/mail/qpcache \
--enable-uw-kludge \
--without-kerberos5 \
--enable-timing \
--enable-status \
--disable-check-pw-max \
--disable-old-spool-loc \
--disable-update-abort \
--enable-fast-update \
--with-openssl=/opt/local \
--enable-chunky-writes=0
superserver config:
service pop3s
{
bind = 1.2.3.4
id = pop3s_roc
port = 995
flags = REUSE
passenv = PATH
wait = no
socket_type = stream
user = root
group = mail
groups = no
server = /opt/local/sbin/sqpopper-4.0.4fc3
server_args = -F -l 2 -s -S -T 300 -f /etc/qpopper/sqpopper-roc
no_access
only_from = 0.0.0.0
}
config file:
set tls-version = all
set tls-server-cert-file = /etc/ssl/certs/sqpopper-roc-public.pem
set tls-private-key-file = /etc/ssl/private/sqpopper-roc-private.pem
set clear-text-password = tls
set chunky-writes = never
linkages:
$ ldd /opt/local/sbin/sqpopper-4.0.4fc3
libresolv.so.2 => /lib/libresolv.so.2 (0x4001b000)
libdl.so.2 => /lib/libdl.so.2 (0x4002a000)
libpam.so.0 => /lib/libpam.so.0 (0x4002e000)
libssl.so.0 => /opt/local/lib/libssl.so.0 (0x40036000)
libcrypto.so.0 => /opt/local/lib/libcrypto.so.0 (0x40064000)
libc.so.6 => /lib/libc.so.6 (0x40127000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
like I said, no config or cert changes, same openssl library, worked
fine before upgrade. Platform Linux 2.2, glibc 2.1.
Any ideas? Any more info needed?
Last updated on 9 Apr 2002 by Pensive Mailing List Admin