The qpopper list archive ending on 30 Apr 2003
Topics covered in this issue include:
1. Re: more than one ssl cert?
erich at olypen dot com
Wed, 9 Apr 2003 16:28:04 -0700 (PDT)
2. Re: more than one ssl cert?
David Champion <dgc at uchicago dot edu>
Wed, 9 Apr 2003 18:55:59 -0500
3. Re: poppassd with RH Linux AS 2.1
Didier ALBENQUE <didier.albenque at culture.gouv dot fr>
Thu, 10 Apr 2003 11:12:24 +0200
4. tls config problem
Richard Bates <rtbgb98 at mac dot com>
Tue, 15 Apr 2003 15:27:38 -0400
5. Re: tls config problem
Joe Maimon <jmaimon at ttec dot com>
Wed, 16 Apr 2003 11:57:12 -0400
6. Re: tls config problem
Daniel Senie <dts at senie dot com>
Wed, 16 Apr 2003 12:19:41 -0400
7. Re: tls config problem
Richard Bates <bates at telehouse dot com>
Wed, 16 Apr 2003 12:22:31 -0400
8. Re: tls config problem
Daniel Senie <dts at senie dot com>
Wed, 16 Apr 2003 12:55:34 -0400
9. Fwd: tls config problem
Richard Bates <bates at telehouse dot com>
Wed, 16 Apr 2003 13:22:29 -0400
10. Re: tls config problem
Richard Bates <bates at telehouse dot com>
Wed, 16 Apr 2003 13:12:39 -0400
11. Re: tls config problem
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Wed, 16 Apr 2003 12:49:43 -0400
12. `tls config problem
Fernando 'Pearl Jam!' Figueira <p_j at terra.com dot br>
Wed, 16 Apr 2003 16:06:47 -0300
13. Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Fri, 18 Apr 2003 13:40:04 -0700
14. Re: Setting Up a qPopper 4.0.5 on RedHat
Kenneth Porter <shiva at sewingwitch dot com>
Fri, 18 Apr 2003 17:28:16 -0700
15. RE: Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Fri, 18 Apr 2003 20:28:53 -0700
16. Re: Setting Up a qPopper 4.0.5 on RedHat
Kenneth Porter <shiva at sewingwitch dot com>
Sat, 19 Apr 2003 06:40:38 -0700
17. RE: Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Sat, 19 Apr 2003 11:58:09 -0700
18. RE: Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Sun, 20 Apr 2003 10:55:16 -0700
19. Re: Setting Up a qPopper 4.0.5 on RedHat
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Sun, 20 Apr 2003 14:41:41 -0400
20. RE: Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Sun, 20 Apr 2003 20:03:12 -0700
21. RE: Setting Up a qPopper 4.0.5 on RedHat
"Bailo, John" <jbailo at vestcom dot com>
Sun, 20 Apr 2003 20:17:04 -0700
22. qpopper and error
Netlink Tech <tech at netlinkcom dot com>
Mon, 21 Apr 2003 12:28:00 -0500 (CDT)
23. RE: Setting Up a qPopper 4.0.5 on RedHat
Kenneth Porter <shiva at sewingwitch dot com>
Mon, 21 Apr 2003 10:54:22 -0700
24. Re: qpopper and error
Greg Earle <earle at isolar.DynDNS dot ORG>
Mon, 21 Apr 2003 10:57:52 -0700
25. RE: Setting Up a qPopper 4.0.5 on RedHat
Kenneth Porter <shiva at sewingwitch dot com>
Mon, 21 Apr 2003 10:58:19 -0700
26. qpopper and error (fwd)
Netlink Tech <tech at netlinkcom dot com>
Mon, 21 Apr 2003 12:58:58 -0500 (CDT)
27. Re: qpopper and error
Daniel Senie <dts at senie dot com>
Mon, 21 Apr 2003 13:53:47 -0400
28. DNS resolve problem with qpopper
Sascha Reimann <reimann at haar-systemberatung dot de>
Tue, 22 Apr 2003 11:00:32 +0200
29. Qpopper make parse error TLS/SSL
"Robert McIntosh" <mcintoshrt at attbi dot com>
Wed, 23 Apr 2003 14:52:07 -0700
30. Re: Qpopper make parse error TLS/SSL
Daniel Senie <dts at senie dot com>
Wed, 23 Apr 2003 18:09:33 -0400
31. mail problem
mdew <mdew at orcon.net dot nz>
26 Apr 2003 00:25:04 +1200
32. Re: mail problem
mdew <mdew at orcon.net dot nz>
26 Apr 2003 01:51:20 +1200
33. Fw: Qpopper v4.0.x poppassd local root exploit
"Alan W. Rateliff, II" <lists at rateliff dot net>
Mon, 28 Apr 2003 18:33:33 -0400
34. 4.0.5 and /var/mail
"J.D. Bronson" <jeff at xpec dot com>
Mon, 28 Apr 2003 18:27:23 -0500
35. Re: Fw: Qpopper v4.0.x poppassd local root exploit
Clifton Royston <cliftonr at lava dot net>
Mon, 28 Apr 2003 15:15:12 -1000
36. re outlook problems
"Simon May" <simon at imsl dot es>
Tue, 29 Apr 2003 09:44:07 +0200
37. Re: re outlook problems
Daniel Senie <dts at senie dot com>
Tue, 29 Apr 2003 08:55:29 -0400
38. Re: re outlook problems
"Simon May" <simon at imsl dot es>
Tue, 29 Apr 2003 15:29:15 +0200
39. Re: re outlook problems
Alan Brown <alanb at digistar dot com>
Tue, 29 Apr 2003 09:43:28 -0400 (EDT)
40. Re: re outlook problems
"Simon May" <simon at imsl dot es>
Tue, 29 Apr 2003 16:08:52 +0200
41. Re: re outlook problems
Daniel Senie <dts at senie dot com>
Tue, 29 Apr 2003 10:42:30 -0400
42. Re: 4.0.5 and /var/mail
Chip Old <fold at bcpl dot net>
Tue, 29 Apr 2003 14:52:23 -0400 (EDT)
43. Re: re outlook problems
Alan Brown <alanb at digistar dot com>
Tue, 29 Apr 2003 16:47:18 -0400 (EDT)
44. Re: re outlook problems
"Simon May" <simon at imsl dot es>
Wed, 30 Apr 2003 12:26:22 +0200
45. Re: re outlook problems
Daniel Senie <dts at senie dot com>
Wed, 30 Apr 2003 11:24:50 -0400
46. Re: re outlook problems
Daniel Senie <dts at senie dot com>
Wed, 30 Apr 2003 10:18:21 -0400
47. Re: re outlook problems
"Simon May" <simon at imsl dot es>
Wed, 30 Apr 2003 16:27:30 +0200
48. Re: re outlook problems
Alan Brown <alanb at digistar dot com>
Wed, 30 Apr 2003 08:26:38 -0400 (EDT)
49. Re: re outlook problems
Kenneth Porter <shiva at sewingwitch dot com>
Wed, 30 Apr 2003 10:44:02 -0700
50. Re: re outlook problems
"Ken Hohhof" <ken at mixedsignal dot com>
Wed, 30 Apr 2003 13:47:15 -0500
Date: Wed, 9 Apr 2003 16:28:04 -0700 (PDT)
From: erich at olypen dot com
Subject: Re: more than one ssl cert?
On Wed, 9 Apr 2003, David Champion wrote:
> * On 2003.04.09, in <677368276273221717920 at lists.pensive dot org>,
> * "erich@olypen dot com" <erich at olypen dot com> wrote:
> > Suppose you have a host that has more than one A record, say
> > pop3.example.com and mail.example.com.
> >
> > Is it possible to generate (or buy) a cert for each common name and chain
> > them in these files?
>
> It might work with the certs, but probably not with the keys. But the
> best way to find out is to try it.
>
>
> You *can* run qpopper from under tcp_wrappers's tcpd. Your inetd.conf
I have to run qpopper as a daemon for performance.
I just tried adding another key and cert for another A record but it
didn't seem to work. I'm out of ideas.
Date: Wed, 9 Apr 2003 18:55:59 -0500
From: David Champion <dgc at uchicago dot edu>
Subject: Re: more than one ssl cert?
* On 2003.04.09, in <371440462287299117458 at lists.pensive dot org>,
* "erich@olypen dot com" <erich at olypen dot com> wrote:
>
> I have to run qpopper as a daemon for performance.
>
> I just tried adding another key and cert for another A record but it
> didn't seem to work. I'm out of ideas.
Ah, then run it with a listener address on the command line.
popper -f /etc/mail/pop3.conf pop3.example.com:110
popper -f /etc/mail/mail.conf mail.example.com:110
(I haven't tried this, but it seems like it should work.)
--
-D. dgc at uchicago dot edu NSIT University of Chicago
"The whole thrust of the text adventure was one picture was worth
a thousand words and we would rather give you the thousand words."
- Dave Lebling, Implementor
Date: Thu, 10 Apr 2003 11:12:24 +0200
From: Didier ALBENQUE <didier.albenque at culture.gouv dot fr>
Subject: Re: poppassd with RH Linux AS 2.1
Le Wed, 09 Apr 2003 09:01:37 -0500, "Christopher L. Davis" <cld at prin dot edu> écrivait :
> The poppassd shipped with qpopper 4.0.5 doesn't seem to work on RH Linux AS
> 2.1. Anyone get it working? I'm probably the only one who can get it
> working here, and I'm up to my teeth in other projects. Spoke with someone
> that had submitted it for inclusion to qualcomm, but it just doesn't seem
> to work for me.
I have the same problem on MDK 8.2.
It doesn't compile with --with-pam, and without this option, it compiles, but does not work :
I've tried with telnet :
USER xxxx
(that's ok)
PASS xxxx
(ok)
NEWPASS yyyy
and it's waiting and nothing happen :-(
--
Didier ALBENQUE
[}{KeY2}{] je vien de reussire a installer linux
[}{KeY2}{] redhat
[}{KeY2}{] mais il me demande LOGIN
[}{KeY2}{] je met quoi ?
- #linuxfr
Date: Tue, 15 Apr 2003 15:27:38 -0400
Subject: tls config problem
From: Richard Bates <rtbgb98 at mac dot com>
I am trying to set up a ssl pop3 server....
When I try to connect by normal pop3 works OK
When I try to connect by SSL using Outlook Express using port 995 No
messages show up in the server logs and it times out
When I try to connect by SSL using Outlook Express using port 110 It
times out...
The logs show
tail /var/log/messages
Apr 15 15:25:19 mail -s[1399]: (null) at BatesiBook.telehouse.com
(172.18.1.139): -ERR Unknown command: "M-^@4^A^C".
Apr 15 15:25:19 mail -s[1399]: (null) at BatesiBook.telehouse.com
(172.18.1.139): -ERR POP EOF or I/O Error
Apr 15 15:25:19 mail -s[1399]: I/O error flushing output to client at
BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
Apr 15 15:25:19 mail -s[1399]: I/O error flushing output to client at
BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
Apr 15 15:25:19 mail -s[1400]: (null) at BatesiBook.telehouse.com
(172.18.1.139): -ERR Unknown command: "^V^C".
can someone tell me what I am doing wrong?
below are my configs
I downloaded and installed qpopper
I have the following in my /etc/inetd.conf
pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
/etc/mail/pop/qpopper.config
the file /etc/mail/pop/qpopper.config contains
set tls-options = 0x00000800
set tls-support = stls
set tls-server-cert-file = /etc/mail/certs/cert.pem
LS of /etc/mail/certs
total 12
-rw-r--r-- 1 root mail 1395 Apr 15 14:19 ca.crt
-rw-r--r-- 1 root mail 963 Apr 15 14:19 ca.key
-rw-r--r-- 1 root mail 3 Apr 15 14:19 ca.srl
-rw------- 1 root wheel 1912 Apr 15 14:19 cert.pem
-rw-r--r-- 1 root mail 741 Apr 15 14:18 req.pem
-rw-r--r-- 1 root mail 1021 Apr 15 14:19 signed-req.pem
I created the certs by typing the following commands
cd /etc/mail/certs
/usr/bin/openssl req -new -nodes -out req.pem -keyout
/etc/mail/certs/cert.pem
chmod 600 /etc/mail/certs/cert.pem
chown root:0 /etc/mail/certs/cert.pem
/usr/bin/openssl genrsa -des3 -out ca.key 1024
/usr/bin/openssl req -new -x509 -days 365 -key ca.key -out ca.crt
/usr/bin/openssl x509 -req -CA ca.crt -CAkey ca.key -days 365 -in
req.pem -out signed-req.pem -CAcreateserial
cat signed-req.pem >> cert.pem
Date: Wed, 16 Apr 2003 11:57:12 -0400
From: Joe Maimon <jmaimon at ttec dot com>
Subject: Re: tls config problem
Richard Bates wrote:
> I have changed the inetd commands as follows:
> pop3 stream tcp nowait root /usr/local/sbin/popper -s -f
> /etc/mail/pop/qpopper.config
> pop3s stream tcp nowait root /usr/local/sbin/popper -s -f
> /etc/mail/pop/qpopper.config
What happened with the line I sent you?
What does grep pop3s /etc/services give you?
type this at the console: netstat -a | grep pop3
You should get something like this:
tcp 0 0 *:pop3s *:* LISTEN
tcp 0 0 *:pop3 *:* LISTEN
If you telnet to (from the console..) telnet localhost pop3s does it
connect at all?
>
>
> I still get the following errors in /var/log/messages
> Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
> (172.18.1.110): -ERR Unknown command: "^V^C".
> Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
> (172.18.1.110): -ERR POP EOF or I/O Error
> Outlook Express shows
> "Unable to receive mail
> There may be a problem with the mail server or network
> Check the settings for account "Test Account" or try again.
>
> The server error encountered was: Reading data from host (null)
> failed"
>
> BTW: I moved the subscription to my work account....
>
> On Wednesday, Apr 16, 2003, at 11:32 America/New_York, Joe Maimon wrote:
>
>>
>>
>> Richard Bates wrote:
>>
>>> I am trying to set up a ssl pop3 server....
>>
>>
>> <snip>
>>
>>>
>>> I have the following in my /etc/inetd.conf
>>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>>> /etc/mail/pop/qpopper.config
>>
>>
>> It does not appear that you have inetd listening on the pop3s
>> (alternate) port. You need to check your /etc/services for the pop3s
>> service definition and add another inetd line.
>> I would recommend testing with this additional inetd line
>>
>> pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>> /etc/mail/pop/qpopper.config
>>
>> I do not know whether Outlook supports the STLS command as documented
>> in `man popper` so your -l 1 on port 110 may be failing due to that.
>>
>> <snip>
>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>
>
Date: Wed, 16 Apr 2003 12:19:41 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: tls config problem
At 11:57 AM 4/16/2003, Joe Maimon wrote:
>Richard Bates wrote:
>
>>I have changed the inetd commands as follows:
>>pop3 stream tcp nowait root /usr/local/sbin/popper -s -f
>>/etc/mail/pop/qpopper.config
>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -f
>>/etc/mail/pop/qpopper.config
From the above lines, I have this suspicion that there will be problems...
there should probably be two different config files, one for the pop3s
(995) port, and one for the pop3 (110) port so that the TLS settings are
correct.
>What happened with the line I sent you?
>
>What does grep pop3s /etc/services give you?
>type this at the console: netstat -a | grep pop3
>You should get something like this:
>tcp 0 0 *:pop3s *:* LISTEN
>tcp 0 0 *:pop3 *:* LISTEN
>
>If you telnet to (from the console..) telnet localhost pop3s does it
>connect at all?
>
>
>>
>>
>>I still get the following errors in /var/log/messages
>>Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>(172.18.1.110): -ERR Unknown command: "^V^C".
>>Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>(172.18.1.110): -ERR POP EOF or I/O Error
>>Outlook Express shows
>> "Unable to receive mail
>> There may be a problem with the mail server or network
>> Check the settings for account "Test Account" or try again.
>>
>> The server error encountered was: Reading data from host (null) failed"
>>
>>BTW: I moved the subscription to my work account....
>>
>>On Wednesday, Apr 16, 2003, at 11:32 America/New_York, Joe Maimon wrote:
>>
>>>
>>>
>>>Richard Bates wrote:
>>>
>>>>I am trying to set up a ssl pop3 server....
>>>
>>>
>>><snip>
>>>
>>>>
>>>>I have the following in my /etc/inetd.conf
>>>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>>>> /etc/mail/pop/qpopper.config
>>>
>>>
>>>It does not appear that you have inetd listening on the pop3s
>>>(alternate) port. You need to check your /etc/services for the pop3s
>>>service definition and add another inetd line.
>>>I would recommend testing with this additional inetd line
>>>
>>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>>>/etc/mail/pop/qpopper.config
>>>
>>>I do not know whether Outlook supports the STLS command as documented in
>>>`man popper` so your -l 1 on port 110 may be failing due to that.
>>>
>>><snip>
>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>
Date: Wed, 16 Apr 2003 12:22:31 -0400
Subject: Re: tls config problem
From: Richard Bates <bates at telehouse dot com>
mail# grep pop3s /etc/services
pop3s 995/tcp spop3 # pop3 protocol over TLS/SSL
pop3s 995/udp spop3
WIth your pop3s line line "pop3s stream tcp nowait root
/usr/local/sbin/popper -s -l 2 -f /etc/mail/pop/qpopper.config"
I get the same errors....
> telnet localhost pop3s
Trying 127.0.0.1...
Connected to localhost.telehouse.com.
Escape character is '^]'.
+OK Qpopper (version 4.0.5) at mail.telehouse.com starting.
EHLO mail.telehouse.com
-ERR Unknown command: "ehlo".
STARTTLS
-ERR Unknown command: "starttls".
exit
-ERR Unknown command: "exit".
quit
+OK Pop server at mail.telehouse.com signing off.
>
From my ibook
% telnet mail.telehouse.com pop3s
Trying 172.18.1.8...
Connected to mail.telehouse.com.
Escape character is '^]'.
+OK Qpopper (version 4.0.5) at mail.telehouse.com starting.
quit
+OK Pop server at mail.telehouse.com signing off.
Connection closed by foreign host.
BatesiBook/Users/bates%
Appears O.K.
Run Microsoft Entourage (MAC OSX version of Outlook) get:
/var/log/messages
Apr 16 12:12:57 mail -s[962]: I/O error flushing output to client at
BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
Apr 16 12:12:57 mail -s[962]: I/O error flushing output to client at
BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
Apr 16 12:12:58 mail -s[963]: (null) at BatesiBook.telehouse.com
(172.18.1.139): -ERR Unknown command: "^V^C".
and Entourage times out...
Run Microsoft Outlook Express (WIN2000) Get:
Apr 16 12:16:11 mail -s[1061]: (null) at thc137.telehouse.com
(172.18.1.137): -ERR POP EOF or I/O Error
Apr 16 12:16:11 mail -s[1062]: (null) at thc137.telehouse.com
(172.18.1.137): -ERR POP EOF or I/O Error
Apr 16 12:16:11 mail -s[1062]: I/O error flushing output to client at
thc137.telehouse.com [172.18.1.137]: Operation not permitted (1)
OE replys with
Your server has unexpectedly terminated the connection. Possible
causesx for this include server problems, network problems, or a long
period of inactivity. Account "Test account", Server:
mail1.telehouse.com', protocol: POP3, port 995, Secure(SSL): Yes, error
Number: 0x800ccc0f
OE with SSL and port 110
just hangs in infinity....
On Wednesday, Apr 16, 2003, at 12:19 America/New_York, Daniel Senie
wrote:
> At 11:57 AM 4/16/2003, Joe Maimon wrote:
>> Richard Bates wrote:
>>
>>> I have changed the inetd commands as follows:
>>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -f
>>> /etc/mail/pop/qpopper.config
>>> pop3s stream tcp nowait root /usr/local/sbin/popper -s -f
>>> /etc/mail/pop/qpopper.config
>
> From the above lines, I have this suspicion that there will be
> problems... there should probably be two different config files, one
> for the pop3s (995) port, and one for the pop3 (110) port so that the
> TLS settings are correct.
>
>> What happened with the line I sent you?
>>
>> What does grep pop3s /etc/services give you?
>> type this at the console: netstat -a | grep pop3
>> You should get something like this:
>> tcp 0 0 *:pop3s *:*
>> LISTEN
>> tcp 0 0 *:pop3 *:*
>> LISTEN
>>
>> If you telnet to (from the console..) telnet localhost pop3s does it
>> connect at all?
>>
>>
>>>
>>>
>>> I still get the following errors in /var/log/messages
>>> Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>> (172.18.1.110): -ERR Unknown command: "^V^C".
>>> Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>> (172.18.1.110): -ERR POP EOF or I/O Error
>>> Outlook Express shows
>>> "Unable to receive mail
>>> There may be a problem with the mail server or network
>>> Check the settings for account "Test Account" or try again.
>>>
>>> The server error encountered was: Reading data from host (null)
>>> failed"
>>>
>>> BTW: I moved the subscription to my work account....
>>>
>>> On Wednesday, Apr 16, 2003, at 11:32 America/New_York, Joe Maimon
>>> wrote:
>>>
>>>>
>>>>
>>>> Richard Bates wrote:
>>>>
>>>>> I am trying to set up a ssl pop3 server....
>>>>
>>>>
>>>> <snip>
>>>>
>>>>>
>>>>> I have the following in my /etc/inetd.conf
>>>>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>>>>> /etc/mail/pop/qpopper.config
>>>>
>>>>
>>>> It does not appear that you have inetd listening on the pop3s
>>>> (alternate) port. You need to check your /etc/services for the
>>>> pop3s service definition and add another inetd line.
>>>> I would recommend testing with this additional inetd line
>>>>
>>>> pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>>>> /etc/mail/pop/qpopper.config
>>>>
>>>> I do not know whether Outlook supports the STLS command as
>>>> documented in `man popper` so your -l 1 on port 110 may be failing
>>>> due to that.
>>>>
>>>> <snip>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>
Date: Wed, 16 Apr 2003 12:55:34 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: tls config problem
At 12:22 PM 4/16/2003, you wrote:
>mail# grep pop3s /etc/services
>pop3s 995/tcp spop3 # pop3 protocol over TLS/SSL
>pop3s 995/udp spop3
>
>WIth your pop3s line line "pop3s stream tcp nowait root
>/usr/local/sbin/popper -s -l 2 -f /etc/mail/pop/qpopper.config"
> I get the same errors....
>
>
> > telnet localhost pop3s
>Trying 127.0.0.1...
>Connected to localhost.telehouse.com.
>Escape character is '^]'.
>+OK Qpopper (version 4.0.5) at mail.telehouse.com starting.
The fact you got a readable prompt on the pop3s (995) port, indicates you
have not properly configured for "alternate port" mode. You need to fix the
contents of your config file to specify alternate port. You should have TWO
config files, one for STARTTLS (on port 110) and one for ALTERNATE-PORT
(use on port 995).
You need to fix this before anything is going to improve.
>EHLO mail.telehouse.com
>-ERR Unknown command: "ehlo".
>STARTTLS
>-ERR Unknown command: "starttls".
>exit
>-ERR Unknown command: "exit".
>quit
>+OK Pop server at mail.telehouse.com signing off.
> >
>
> From my ibook
>% telnet mail.telehouse.com pop3s
>Trying 172.18.1.8...
>Connected to mail.telehouse.com.
>Escape character is '^]'.
>+OK Qpopper (version 4.0.5) at mail.telehouse.com starting.
>quit
>+OK Pop server at mail.telehouse.com signing off.
>Connection closed by foreign host.
>BatesiBook/Users/bates%
>
>Appears O.K.
>
>Run Microsoft Entourage (MAC OSX version of Outlook) get:
>/var/log/messages
>Apr 16 12:12:57 mail -s[962]: I/O error flushing output to client at
>BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
>Apr 16 12:12:57 mail -s[962]: I/O error flushing output to client at
>BatesiBook.telehouse.com [172.18.1.139]: Operation not permitted (1)
>Apr 16 12:12:58 mail -s[963]: (null) at BatesiBook.telehouse.com
>(172.18.1.139): -ERR Unknown command: "^V^C".
>and Entourage times out...
>
>Run Microsoft Outlook Express (WIN2000) Get:
>Apr 16 12:16:11 mail -s[1061]: (null) at thc137.telehouse.com
>(172.18.1.137): -ERR POP EOF or I/O Error
>Apr 16 12:16:11 mail -s[1062]: (null) at thc137.telehouse.com
>(172.18.1.137): -ERR POP EOF or I/O Error
>Apr 16 12:16:11 mail -s[1062]: I/O error flushing output to client at
>thc137.telehouse.com [172.18.1.137]: Operation not permitted (1)
>
>OE replys with
>Your server has unexpectedly terminated the connection. Possible causesx
>for this include server problems, network problems, or a long period of
>inactivity. Account "Test account", Server: mail1.telehouse.com',
>protocol: POP3, port 995, Secure(SSL): Yes, error Number: 0x800ccc0f
>
>OE with SSL and port 110
>just hangs in infinity....
>
>On Wednesday, Apr 16, 2003, at 12:19 America/New_York, Daniel Senie wrote:
>
>>At 11:57 AM 4/16/2003, Joe Maimon wrote:
>>>Richard Bates wrote:
>>>
>>>>I have changed the inetd commands as follows:
>>>>pop3 stream tcp nowait root /usr/local/sbin/popper -s -f
>>>>/etc/mail/pop/qpopper.config
>>>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -f
>>>>/etc/mail/pop/qpopper.config
>>
>> From the above lines, I have this suspicion that there will be
>> problems... there should probably be two different config files, one for
>> the pop3s (995) port, and one for the pop3 (110) port so that the TLS
>> settings are correct.
>>
>>>What happened with the line I sent you?
>>>
>>>What does grep pop3s /etc/services give you?
>>>type this at the console: netstat -a | grep pop3
>>>You should get something like this:
>>>tcp 0 0 *:pop3s *:*
>>>LISTEN
>>>tcp 0 0 *:pop3 *:*
>>>LISTEN
>>>
>>>If you telnet to (from the console..) telnet localhost pop3s does it
>>>connect at all?
>>>
>>>
>>>>
>>>>
>>>>I still get the following errors in /var/log/messages
>>>>Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>>>(172.18.1.110): -ERR Unknown command: "^V^C".
>>>>Apr 16 11:42:54 mail -s[821]: (null) at BackupServer.telehouse.com
>>>>(172.18.1.110): -ERR POP EOF or I/O Error
>>>>Outlook Express shows
>>>> "Unable to receive mail
>>>> There may be a problem with the mail server or network
>>>> Check the settings for account "Test Account" or try again.
>>>>
>>>> The server error encountered was: Reading data from host (null)
>>>> failed"
>>>>
>>>>BTW: I moved the subscription to my work account....
>>>>
>>>>On Wednesday, Apr 16, 2003, at 11:32 America/New_York, Joe Maimon wrote:
>>>>
>>>>>
>>>>>
>>>>>Richard Bates wrote:
>>>>>
>>>>>>I am trying to set up a ssl pop3 server....
>>>>>
>>>>>
>>>>><snip>
>>>>>
>>>>>>
>>>>>>I have the following in my /etc/inetd.conf
>>>>>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>>>>>> /etc/mail/pop/qpopper.config
>>>>>
>>>>>
>>>>>It does not appear that you have inetd listening on the pop3s
>>>>>(alternate) port. You need to check your /etc/services for the pop3s
>>>>>service definition and add another inetd line.
>>>>>I would recommend testing with this additional inetd line
>>>>>
>>>>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>>>>>/etc/mail/pop/qpopper.config
>>>>>
>>>>>I do not know whether Outlook supports the STLS command as documented
>>>>>in `man popper` so your -l 1 on port 110 may be failing due to that.
>>>>>
>>>>><snip>
>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
Date: Wed, 16 Apr 2003 13:22:29 -0400
Subject: Fwd: tls config problem
From: Richard Bates <bates at telehouse dot com>
Got it working....
new /etc/mail/pop/qpopper.config
set tls-options = 0x00000800
set tls-support = stls
set tls-support = ALTERNATE-PORT
set tls-server-cert-file = /etc/mail/certs/cert.pem
works on Microsoft Entourage
Apple Mail
Outlook Express (Win 2000)
Thank you very much for your help
Richard Bates
Begin forwarded message:
> From: Richard Bates <bates at telehouse dot com>
> Date: Wed Apr 16, 2003 13:12:39 America/New_York
> To: qpopper at lists.pensive dot org
> Subject: Re: tls config problem
>
> still getting in /var/log/messages
> Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
> (172.18.1.110): -ERR Unknown command: "^V^C".
> Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
> (172.18.1.110): -ERR POP EOF or I/O Error
>
>
> used inetd.config
> pop3 stream tcp nowait root /usr/local/sbin/popper -s
> pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
> /etc/mail/pop/qpopper.config
>
> then used inetd.config
> # pop3 stream tcp nowait root /usr/local/sbin/popper -s #COMMENTED
> OUT#
> pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
> /etc/mail/pop/qpopper.config
>
> changed /etc/mail/pop/qpopper.config
> set tls-options = 0x00000800
> set tls-support = stls
> set ALTERNATE-PORT = 995
> set tls-server-cert-file = /etc/mail/certs/cert.pem
>
>
> Tried # telnet localhost pop3s
> Trying 127.0.0.1...
> Connected to localhost.telehouse.com.
> Escape character is '^]'.
> Unable to process config file /etc/mail/pop/qpopper.config
> Connection closed by foreign host.
> mail#
>
> message in /var/log/messages
> Apr 16 13:06:40 mail -s[289]: Unrecognized option; scanning
> "alternate-port" at line 3 of config file
> /etc/mail/pop/qpopper.config; valid options are: "announce-expire",
> "announce-login-delay", "auth-file", "auto-delete",
> "bulldb-max-tries", "bulldb-nonfatal", "bulldir", "cache-dir",
> "cache-name", "check-hash-dir", "check-old-spool-loc",
> "check-password-expired", "chunky-writes", "clear-text-password",
> "config-file", "debug", "downcase-user", "drac-host", "fast-update",
> "group-bulletins", "group-no-server-mode", "group-server-mode",
> "hash-spool", "home-dir-mail", "keep-temp-drop", "kerberos",
> "kerberos-service", "log-facility", "log-login", "mail-command",
> "mail-lock-check", "max-bulletins", "no-atomic-open", "nonauth-file",
> "old-style-uid", "reverse-lookup", "server-mode", "shy", "spool-dir",
> "spool-options", "statistics", "temp-dir", "temp-name", "timeout",
> "timing", "tls-cipher-list", "tls-identity-file", "tls-passphrase",
> "tls-private-key-file", "tls-server-cert-file", "tls-support",
> "tls-version", "tls-w
>
>
>
> On Wednesday, Apr 16, 2003, at 12:50 America/New_York, Chuck Yerkes
> wrote:
>
>> man inetd and inetd.conf
>>
>>> I have the following in my /etc/inetd.conf
>> BAD:
>> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>> /etc/mail/pop/qpop
>> per.config
>>
>> GOOD:
>> pop3 stream tcp nowait root /usr/local/sbin/popper popper -s -l 1 -f
>> /etc/mail/p
>> op/qpopper.config
>>
>>
>> Note teh program name TWICE. For a clearer example, I offer my rshd:
>>
>> login stream tcp nowait root /usr/libexec/rlogind rlogind -L
>>
>
Date: Wed, 16 Apr 2003 13:12:39 -0400
Subject: Re: tls config problem
From: Richard Bates <bates at telehouse dot com>
still getting in /var/log/messages
Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
(172.18.1.110): -ERR Unknown command: "^V^C".
Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
(172.18.1.110): -ERR POP EOF or I/O Error
used inetd.config
pop3 stream tcp nowait root /usr/local/sbin/popper -s
pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
/etc/mail/pop/qpopper.config
then used inetd.config
# pop3 stream tcp nowait root /usr/local/sbin/popper -s #COMMENTED OUT#
pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
/etc/mail/pop/qpopper.config
changed /etc/mail/pop/qpopper.config
set tls-options = 0x00000800
set tls-support = stls
set ALTERNATE-PORT = 995
set tls-server-cert-file = /etc/mail/certs/cert.pem
Tried # telnet localhost pop3s
Trying 127.0.0.1...
Connected to localhost.telehouse.com.
Escape character is '^]'.
Unable to process config file /etc/mail/pop/qpopper.config
Connection closed by foreign host.
mail#
message in /var/log/messages
Apr 16 13:06:40 mail -s[289]: Unrecognized option; scanning
"alternate-port" at line 3 of config file /etc/mail/pop/qpopper.config;
valid options are: "announce-expire", "announce-login-delay",
"auth-file", "auto-delete", "bulldb-max-tries", "bulldb-nonfatal",
"bulldir", "cache-dir", "cache-name", "check-hash-dir",
"check-old-spool-loc", "check-password-expired", "chunky-writes",
"clear-text-password", "config-file", "debug", "downcase-user",
"drac-host", "fast-update", "group-bulletins", "group-no-server-mode",
"group-server-mode", "hash-spool", "home-dir-mail", "keep-temp-drop",
"kerberos", "kerberos-service", "log-facility", "log-login",
"mail-command", "mail-lock-check", "max-bulletins", "no-atomic-open",
"nonauth-file", "old-style-uid", "reverse-lookup", "server-mode",
"shy", "spool-dir", "spool-options", "statistics", "temp-dir",
"temp-name", "timeout", "timing", "tls-cipher-list",
"tls-identity-file", "tls-passphrase", "tls-private-key-file",
"tls-server-cert-file", "tls-support", "tls-version", "tls-w
On Wednesday, Apr 16, 2003, at 12:50 America/New_York, Chuck Yerkes
wrote:
> man inetd and inetd.conf
>
>> I have the following in my /etc/inetd.conf
> BAD:
> pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
> /etc/mail/pop/qpop
> per.config
>
> GOOD:
> pop3 stream tcp nowait root /usr/local/sbin/popper popper -s -l 1 -f
> /etc/mail/p
> op/qpopper.config
>
>
> Note teh program name TWICE. For a clearer example, I offer my rshd:
>
> login stream tcp nowait root /usr/libexec/rlogind rlogind -L
>
Date: Wed, 16 Apr 2003 12:49:43 -0400
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: tls config problem
man inetd and inetd.conf
> I have the following in my /etc/inetd.conf
BAD:
pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f /etc/mail/pop/qpopper.config
GOOD:
pop3 stream tcp nowait root /usr/local/sbin/popper popper -s -l 1 -f /etc/mail/pop/qpopper.config
Note the program name TWICE. For a clearer example (no wrapping),
I offer my rlogin line:
login stream tcp nowait root /usr/libexec/rlogind rlogind -L
Date: Wed, 16 Apr 2003 16:06:47 -0300
From: Fernando 'Pearl Jam!' Figueira <p_j at terra.com dot br>
Subject: `tls config problem
Hi everybody,
I was following Richard's problem to try solve mine also, but I
still have some doubts...
In my box (a Red Hat Linux), the tls-options keyword is not
recognized. I have not found a tutorial explaining the meaning of this
configuration item also. Is it a mandatory setting for TLS? Any idea why my
box does not recognize this keyword?
Thanks in advance,
Fernando
At 13:22 16/4/2003 -0400, you wrote:
>Got it working....
>
>new /etc/mail/pop/qpopper.config
>
>
>set tls-options = 0x00000800
>set tls-support = stls
>set tls-support = ALTERNATE-PORT
>set tls-server-cert-file = /etc/mail/certs/cert.pem
>
>
>works on Microsoft Entourage
> Apple Mail
> Outlook Express (Win 2000)
>
>
>Thank you very much for your help
>
>
>Richard Bates
>Begin forwarded message:
>
>>From: Richard Bates <bates at telehouse dot com>
>>Date: Wed Apr 16, 2003 13:12:39 America/New_York
>>To: qpopper at lists.pensive dot org
>>Subject: Re: tls config problem
>>
>>still getting in /var/log/messages
>>Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
>>(172.18.1.110): -ERR Unknown command: "^V^C".
>>Apr 16 12:58:47 mail -s[456]: (null) at BackupServer.telehouse.com
>>(172.18.1.110): -ERR POP EOF or I/O Error
>>
>>
>>used inetd.config
>>pop3 stream tcp nowait root /usr/local/sbin/popper -s
>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>>/etc/mail/pop/qpopper.config
>>
>>then used inetd.config
>># pop3 stream tcp nowait root /usr/local/sbin/popper -s #COMMENTED OUT#
>>pop3s stream tcp nowait root /usr/local/sbin/popper -s -l 2 -f
>>/etc/mail/pop/qpopper.config
>>
>>changed /etc/mail/pop/qpopper.config
>>set tls-options = 0x00000800
>>set tls-support = stls
>>set ALTERNATE-PORT = 995
>>set tls-server-cert-file = /etc/mail/certs/cert.pem
>>
>>
>>Tried # telnet localhost pop3s
>>Trying 127.0.0.1...
>>Connected to localhost.telehouse.com.
>>Escape character is '^]'.
>>Unable to process config file /etc/mail/pop/qpopper.config
>>Connection closed by foreign host.
>>mail#
>>
>>message in /var/log/messages
>>Apr 16 13:06:40 mail -s[289]: Unrecognized option; scanning
>>"alternate-port" at line 3 of config file /etc/mail/pop/qpopper.config;
>>valid options are: "announce-expire", "announce-login-delay",
>>"auth-file", "auto-delete", "bulldb-max-tries", "bulldb-nonfatal",
>>"bulldir", "cache-dir", "cache-name", "check-hash-dir",
>>"check-old-spool-loc", "check-password-expired", "chunky-writes",
>>"clear-text-password", "config-file", "debug", "downcase-user",
>>"drac-host", "fast-update", "group-bulletins", "group-no-server-mode",
>>"group-server-mode", "hash-spool", "home-dir-mail", "keep-temp-drop",
>>"kerberos", "kerberos-service", "log-facility", "log-login",
>>"mail-command", "mail-lock-check", "max-bulletins", "no-atomic-open",
>>"nonauth-file", "old-style-uid", "reverse-lookup", "server-mode", "shy",
>>"spool-dir", "spool-options", "statistics", "temp-dir", "temp-name",
>>"timeout", "timing", "tls-cipher-list", "tls-identity-file",
>>"tls-passphrase", "tls-private-key-file", "tls-server-cert-file",
>>"tls-support", "tls-version", "tls-w
>>
>>
>>
>>On Wednesday, Apr 16, 2003, at 12:50 America/New_York, Chuck Yerkes wrote:
>>
>>>man inetd and inetd.conf
>>>
>>>>I have the following in my /etc/inetd.conf
>>>BAD:
>>>pop3 stream tcp nowait root /usr/local/sbin/popper -s -l 1 -f
>>>/etc/mail/pop/qpop
>>>per.config
>>>
>>>GOOD:
>>>pop3 stream tcp nowait root /usr/local/sbin/popper popper -s -l 1 -f
>>>/etc/mail/p
>>>op/qpopper.config
>>>
>>>
>>>Note teh program name TWICE. For a clearer example, I offer my rshd:
>>>
>>>login stream tcp nowait root /usr/libexec/rlogind rlogind -L
>
_____________________________________________________________________________
M.Sc. Fernando 'PearlJam' C. Figueira
Eng. de Computacao
E-mail: pj at blader dot com - ICQ# 25569351
Interesses: PDI, Comp. Grafica, SmartCards, Sistemas Corporativos
Outros: Cinema, Teatro, RPG
_____________________________________________________________________________
Rich Cook:
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe trying to
produce bigger and better idiots. So far, the Universe is winning."
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: Setting Up a qPopper 4.0.5 on RedHat
Date: Fri, 18 Apr 2003 13:40:04 -0700
Situation:
Two RedHat 7.3 installations, a development and a production mail server.
Both were installed with qpopper 4.0.5.
The development machine works perfectly!
The production does not ( auuggh ).
Steps:
On the machine that is not working, I believe that the popper is not being
started by xinetd.d
Trying telnet localhost 110
Produces: telnet: connect to address 127.0.0.1: Connection refused
Confirmed /etc/services, /etc/xinetd.conf, hosts.allow, /etc/xinetd.d/pop3
and all are the same on both machines.
Deleted the ipop3 file from /etc to prevent redhat from loading its one pop
server
up2date to get the latest imap installed (its not installed on the working
machine, but a newsgroup post suggested it)
Did another make with the configuration options set to tracing and set the
trace file and debug flags in xinetd.conf, restarted it, but I do not see
any trace file.
My guess is because popper ( qpopper ) is not being started, so it won't
trace.
What do you suggest?
Date: Fri, 18 Apr 2003 17:28:16 -0700
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
--On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John"
<jbailo at vestcom dot com> wrote:
> up2date to get the latest imap installed (its not installed on the working
> machine, but a newsgroup post suggested it)
That's probably what bit you. The UW-IMAP package includes the ipop3d proxy
daemon, the default Red Hat POP3 server. It probably installed its file in
/etc/xinetd.d.
Note that the imapd server coexists fine with qpopper, you just need to
disable its POP3 proxy server.
(Please reply to the list.)
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Date: Fri, 18 Apr 2003 20:28:53 -0700
-----Original Message-----
From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
>That's probably what bit you. The UW-IMAP package includes the ipop3d proxy
>daemon, the default Red Hat POP3 server. It probably installed its file in
>/etc/xinetd.d.
But the problem existed prior to up2date for IMAP
>Note that the imapd server coexists fine with qpopper, you just need to
>disable its POP3 proxy server.
---
Here is the contents of my xinetd.conf:
____________________________________________________________________________
___________
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
includedir /etc/xinetd.d
pop3 stream tcp nowait root /usr/local/lib/popper qpopper -t /root/poplog -d
-s
____________________________________________________________________________
___________
the only ipop* file in /etc/xinetd.d is ipop2. There is also an imap and
imap2, all have disable = yes. My pop3 file looks like:
____________________________________________________________________________
___________
{
disable = no
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/local/lib/popper
server_args = qpopper -s
port = 110
}
____________________________________________________________________________
___________
as recommended by qualcomm for redhat.
also, if i use setup, system services, the list shows that imap is not
selected (not sure if that means much )
Date: Sat, 19 Apr 2003 06:40:38 -0700
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
--On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John" <jbailo at vestcom dot com>
wrote:
> Trying telnet localhost 110
> Produces: telnet: connect to address 127.0.0.1: Connection refused
Any firewall running? Any log activity in /var/log at the moment you attempt
the telnet? ("ls -lt /var/log | head").
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Date: Sat, 19 Apr 2003 11:58:09 -0700
-----Original Message-----
From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
Sent: Saturday, April 19, 2003 6:41 AM
To: Subscribers of Qpopper
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
--On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John" <jbailo at vestcom dot com>
wrote:
> Trying telnet localhost 110
> Produces: telnet: connect to address 127.0.0.1: Connection refused
>Any firewall running?
No firewall on the server ( external firewal )
Any log activity in /var/log at the moment you attempt
>the telnet? ("ls -lt /var/log | head").
Are you sure thats the right command? See below.
___________________________________________________________________________
[root@IVNWMAIL root]# ls -lt /var/log | head
total 2808
-rw------- 1 root root 236465 Apr 19 11:50 cron
-rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
-rw------- 1 root root 157977 Apr 19 11:49 messages
-rw------- 1 root root 4259 Apr 19 11:49 secure
-rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
-rw-r--r-- 1 root root 13728 Apr 19 08:09 up2date
-rw-r--r-- 1 root root 24160 Apr 19 04:02 rpmpkgs
-rw------- 1 root root 17441 Apr 19 04:02 maillog
drwxr-xr-x 2 root root 4096 Apr 19 00:00 sa
[root@IVNWMAIL root]#
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Date: Sun, 20 Apr 2003 10:55:16 -0700
Ok, I got my qpopper working thanks to you guys.
The trick was there was a pop3s that was enabled in /etc/xinetd.d and must
have been been blocking the port, so i set its file to disable = yes.
New question:
If i configure a /etc/xinetd.d/pop3, do i also need to add the pop3 line in
/etc/xinetd.conf? -- it seems to be redundant.
-----Original Message-----
From: Bailo, John
Sent: Saturday, April 19, 2003 11:58 AM
To: Subscribers of Qpopper
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
-----Original Message-----
From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
Sent: Saturday, April 19, 2003 6:41 AM
To: Subscribers of Qpopper
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
--On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John" <jbailo at vestcom dot com>
wrote:
> Trying telnet localhost 110
> Produces: telnet: connect to address 127.0.0.1: Connection refused
>Any firewall running?
No firewall on the server ( external firewal )
Any log activity in /var/log at the moment you attempt
>the telnet? ("ls -lt /var/log | head").
Are you sure thats the right command? See below.
___________________________________________________________________________
[root@IVNWMAIL root]# ls -lt /var/log | head
total 2808
-rw------- 1 root root 236465 Apr 19 11:50 cron
-rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
-rw------- 1 root root 157977 Apr 19 11:49 messages
-rw------- 1 root root 4259 Apr 19 11:49 secure
-rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
-rw-r--r-- 1 root root 13728 Apr 19 08:09 up2date
-rw-r--r-- 1 root root 24160 Apr 19 04:02 rpmpkgs
-rw------- 1 root root 17441 Apr 19 04:02 maillog
drwxr-xr-x 2 root root 4096 Apr 19 00:00 sa
[root@IVNWMAIL root]#
Date: Sun, 20 Apr 2003 14:41:41 -0400
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
You need to read up and learn how xinetd.conf works.
Get familiar with the man page, grab the Nemeth
book (Unix System Admin Handbook).
Also, "netstat -an" would show you what was listened
on (you'd see that port 110 was already being used by something).
fstat or lsof could show you WHAT is using on that port.
Quoting Bailo, John (jbailo at vestcom dot com):
> Ok, I got my qpopper working thanks to you guys.
>
> The trick was there was a pop3s that was enabled in /etc/xinetd.d and must
> have been been blocking the port, so i set its file to disable = yes.
>
> New question:
>
> If i configure a /etc/xinetd.d/pop3, do i also need to add the pop3 line in
> /etc/xinetd.conf? -- it seems to be redundant.
>
>
>
>
> -----Original Message-----
> From: Bailo, John
> Sent: Saturday, April 19, 2003 11:58 AM
> To: Subscribers of Qpopper
> Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
>
>
>
>
> -----Original Message-----
> From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
> Sent: Saturday, April 19, 2003 6:41 AM
> To: Subscribers of Qpopper
> Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
>
>
> --On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John" <jbailo at vestcom dot com>
> wrote:
>
> > Trying telnet localhost 110
> > Produces: telnet: connect to address 127.0.0.1: Connection refused
>
> >Any firewall running?
>
> No firewall on the server ( external firewal )
>
> Any log activity in /var/log at the moment you attempt
> >the telnet? ("ls -lt /var/log | head").
>
> Are you sure thats the right command? See below.
>
> ___________________________________________________________________________
>
> [root@IVNWMAIL root]# ls -lt /var/log | head
> total 2808
> -rw------- 1 root root 236465 Apr 19 11:50 cron
> -rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
> -rw------- 1 root root 157977 Apr 19 11:49 messages
> -rw------- 1 root root 4259 Apr 19 11:49 secure
> -rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
> -rw-r--r-- 1 root root 13728 Apr 19 08:09 up2date
> -rw-r--r-- 1 root root 24160 Apr 19 04:02 rpmpkgs
> -rw------- 1 root root 17441 Apr 19 04:02 maillog
> drwxr-xr-x 2 root root 4096 Apr 19 00:00 sa
> [root@IVNWMAIL root]#
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Date: Sun, 20 Apr 2003 20:03:12 -0700
Thanks!
I'm ignorant and I know it...so I will follow your intelligent advice :D
-----Original Message-----
From: Chuck Yerkes [mailto:chuck+qpopper at yerkes dot com]
Sent: Sunday, April 20, 2003 11:42 AM
To: Subscribers of Qpopper
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
You need to read up and learn how xinetd.conf works.
Get familiar with the man page, grab the Nemeth
book (Unix System Admin Handbook).
Also, "netstat -an" would show you what was listened
on (you'd see that port 110 was already being used by something).
fstat or lsof could show you WHAT is using on that port.
Quoting Bailo, John (jbailo at vestcom dot com):
> Ok, I got my qpopper working thanks to you guys.
>
> The trick was there was a pop3s that was enabled in /etc/xinetd.d and must
> have been been blocking the port, so i set its file to disable = yes.
>
> New question:
>
> If i configure a /etc/xinetd.d/pop3, do i also need to add the pop3 line
in
> /etc/xinetd.conf? -- it seems to be redundant.
>
>
>
>
> -----Original Message-----
> From: Bailo, John
> Sent: Saturday, April 19, 2003 11:58 AM
> To: Subscribers of Qpopper
> Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
>
>
>
>
> -----Original Message-----
> From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
> Sent: Saturday, April 19, 2003 6:41 AM
> To: Subscribers of Qpopper
> Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
>
>
> --On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John"
<jbailo at vestcom dot com>
> wrote:
>
> > Trying telnet localhost 110
> > Produces: telnet: connect to address 127.0.0.1: Connection refused
>
> >Any firewall running?
>
> No firewall on the server ( external firewal )
>
> Any log activity in /var/log at the moment you attempt
> >the telnet? ("ls -lt /var/log | head").
>
> Are you sure thats the right command? See below.
>
>
___________________________________________________________________________
>
> [root@IVNWMAIL root]# ls -lt /var/log | head
> total 2808
> -rw------- 1 root root 236465 Apr 19 11:50 cron
> -rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
> -rw------- 1 root root 157977 Apr 19 11:49 messages
> -rw------- 1 root root 4259 Apr 19 11:49 secure
> -rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
> -rw-r--r-- 1 root root 13728 Apr 19 08:09 up2date
> -rw-r--r-- 1 root root 24160 Apr 19 04:02 rpmpkgs
> -rw------- 1 root root 17441 Apr 19 04:02 maillog
> drwxr-xr-x 2 root root 4096 Apr 19 00:00 sa
> [root@IVNWMAIL root]#
From: "Bailo, John" <jbailo at vestcom dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Date: Sun, 20 Apr 2003 20:17:04 -0700
p.s. -- you guys should advertise this mailing list on newsgroups. because
there were about 1000 listings of people with the same problem and no valid
answers !
-----Original Message-----
From: Bailo, John
Sent: Sunday, April 20, 2003 8:03 PM
To: 'qpopper at lists.pensive dot org'
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
Thanks!
I'm ignorant and I know it...so I will follow your intelligent advice :D
-----Original Message-----
From: Chuck Yerkes [mailto:chuck+qpopper at yerkes dot com]
Sent: Sunday, April 20, 2003 11:42 AM
To: Subscribers of Qpopper
Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
You need to read up and learn how xinetd.conf works.
Get familiar with the man page, grab the Nemeth
book (Unix System Admin Handbook).
Also, "netstat -an" would show you what was listened
on (you'd see that port 110 was already being used by something).
fstat or lsof could show you WHAT is using on that port.
Quoting Bailo, John (jbailo at vestcom dot com):
> Ok, I got my qpopper working thanks to you guys.
>
> The trick was there was a pop3s that was enabled in /etc/xinetd.d and must
> have been been blocking the port, so i set its file to disable = yes.
>
> New question:
>
> If i configure a /etc/xinetd.d/pop3, do i also need to add the pop3 line
in
> /etc/xinetd.conf? -- it seems to be redundant.
>
>
>
>
> -----Original Message-----
> From: Bailo, John
> Sent: Saturday, April 19, 2003 11:58 AM
> To: Subscribers of Qpopper
> Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
>
>
>
>
> -----Original Message-----
> From: Kenneth Porter [mailto:shiva at sewingwitch dot com]
> Sent: Saturday, April 19, 2003 6:41 AM
> To: Subscribers of Qpopper
> Subject: Re: Setting Up a qPopper 4.0.5 on RedHat
>
>
> --On Friday, April 18, 2003 1:40 PM -0700 "Bailo, John"
<jbailo at vestcom dot com>
> wrote:
>
> > Trying telnet localhost 110
> > Produces: telnet: connect to address 127.0.0.1: Connection refused
>
> >Any firewall running?
>
> No firewall on the server ( external firewal )
>
> Any log activity in /var/log at the moment you attempt
> >the telnet? ("ls -lt /var/log | head").
>
> Are you sure thats the right command? See below.
>
>
___________________________________________________________________________
>
> [root@IVNWMAIL root]# ls -lt /var/log | head
> total 2808
> -rw------- 1 root root 236465 Apr 19 11:50 cron
> -rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
> -rw------- 1 root root 157977 Apr 19 11:49 messages
> -rw------- 1 root root 4259 Apr 19 11:49 secure
> -rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
> -rw-r--r-- 1 root root 13728 Apr 19 08:09 up2date
> -rw-r--r-- 1 root root 24160 Apr 19 04:02 rpmpkgs
> -rw------- 1 root root 17441 Apr 19 04:02 maillog
> drwxr-xr-x 2 root root 4096 Apr 19 00:00 sa
> [root@IVNWMAIL root]#
Date: Mon, 21 Apr 2003 12:28:00 -0500 (CDT)
From: Netlink Tech <tech at netlinkcom dot com>
Subject: qpopper and error
Hello all,
I have been getting this error logged with some users.
Outlook express is what they are using.
I/O error flushing output to client someuser at somehost [their IP]:
Operation not permitted (1)
I compiled qpopper-4.0.5 on RedHat 6.2 with:
./configure --enable-poppassd --enable-chunky-writes=1
make
make install
Does anyone have any ideas what is going on here?
I haven't been able to find it in the documentation yet.
Thanks,
Curt
Date: Mon, 21 Apr 2003 10:54:22 -0700
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
--On Saturday, April 19, 2003 11:58 AM -0700 "Bailo, John"
<jbailo at vestcom dot com> wrote:
> Are you sure thats the right command? See below.
>
> ___________________________________________________________________________
>
> [root@IVNWMAIL root]# ls -lt /var/log | head
> total 2808
> -rw------- 1 root root 236465 Apr 19 11:50 cron
> -rw-r--r-- 1 root root 19136220 Apr 19 11:49 lastlog
> -rw------- 1 root root 157977 Apr 19 11:49 messages
> -rw------- 1 root root 4259 Apr 19 11:49 secure
> -rw-rw-r-- 1 root utmp 184704 Apr 19 11:49 wtmp
Yep. You can see all the log files that were written to when you made the
attempt. Now you go to each one and use tail to see what lines were just
written to them. Note that maillog wasn't touched, but secure and messages
were.
I see you got it working. This is just to follow up and illustrate how I'd
pursue the debugging.
Subject: Re: qpopper and error
Date: Mon, 21 Apr 2003 10:57:52 -0700
From: Greg Earle <earle at isolar.DynDNS dot ORG>
> Hello all,
>
> I have been getting this error logged with some users.
> Outlook express is what they are using.
>
> I/O error flushing output to client someuser at somehost [their IP]:
> Operation not permitted (1)
>
> I compiled qpopper-4.0.5 on RedHat 6.2 with:
>
> ./configure --enable-poppassd --enable-chunky-writes=1
> make
> make install
>
>
> Does anyone have any ideas what is going on here?
> I haven't been able to find it in the documentation yet.
I've seen this happen when the client times out (and drops the TCP
connection) before the "qpopper" server process has finished reading
their spool file. (The "qpopper" server keeps the TCP connection
open to the client, even though there's nobody home, while it's still
reading the spool file.)
Someone sent 2 20 Mbyte TIFF files to a user at my work. Their
spool file became 56 Mbytes total. They use Apple's Mail.app
as their POP mail reader. The client timed out while "qpopper"
(running on an old slow loaded machine) was still reading the spool file.
Those errors showed up in the log file.
(What's even more annoying - there's no way to specify a POP timeout
in the Mac OS X Mail.app client, that I can see. I think it defaults
to 120 seconds, but I'm not sure.)
- Greg
Date: Mon, 21 Apr 2003 10:58:19 -0700
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: RE: Setting Up a qPopper 4.0.5 on RedHat
--On Sunday, April 20, 2003 8:17 PM -0700 "Bailo, John" <jbailo at vestcom dot com>
wrote:
> p.s. -- you guys should advertise this mailing list on newsgroups. because
> there were about 1000 listings of people with the same problem and no valid
> answers !
I do mention it when I answer a qpopper question in a newsgroup. But the
qpopper page shows up as the first result when I google for it.
<http://www.google.com/custom?q=qpopper>
<http://www.eudora.com/qpopper/>
Alas, the mailing list isn't mentioned on this page and you have to go to the
FAQ page to find the subscription information. And there's no web-based search
system to search the archives.
Date: Mon, 21 Apr 2003 12:58:58 -0500 (CDT)
From: Netlink Tech <tech at netlinkcom dot com>
Subject: qpopper and error (fwd)
Additional information.
inetd.conf entry is:
pop-3 stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/popper qpopper -scC
I am not attempting to run TLS/SSL.
I had originally compiled with just the default for chunky-writes, but I
recompiled with --enable-chunky-writes=1 (only on tls sessions).
It did not changed the errors regarding I/O flushing.
Curt
---------- Forwarded message ----------
Date: Mon, 21 Apr 2003 12:28:00 -0500 (CDT)
From: Netlink Tech <tech at netlinkcom dot com>
To: qpopper at lists.pensive dot org
Subject: qpopper and error
Hello all,
I have been getting this error logged with some users.
Outlook express is what they are using.
I/O error flushing output to client someuser at somehost [their IP]:
Operation not permitted (1)
I compiled qpopper-4.0.5 on RedHat 6.2 with:
./configure --enable-poppassd --enable-chunky-writes=1
make
make install
Does anyone have any ideas what is going on here?
I haven't been able to find it in the documentation yet.
Thanks,
Curt
Date: Mon, 21 Apr 2003 13:53:47 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: qpopper and error
At 01:28 PM 4/21/2003, Netlink Tech wrote:
>Hello all,
>
>I have been getting this error logged with some users.
>Outlook express is what they are using.
>
> I/O error flushing output to client someuser at somehost [their IP]:
>Operation not permitted (1)
Usual reason:
Outlook's timeout is set to 1 minute. Outlook appears to have a broken
concept of timeout. It seems to time out when a message takes longer than
this amount of time to transfer, not when there's been more than this
period of time between packets from the server. Brain damaged software
results in lots of support calls.
Generally we see problems of this sort when users are sending large
attachments back and forth, such as bloated PowerPoint files.
Solutions:
1. Have the user set the timeout to the maximum allowed. Unfortunately,
this is only 5 minutes.
2. Clobber the monster email that's in the user's mailbox.
3. Try to convince customer to use a higher-quality client product.
>I compiled qpopper-4.0.5 on RedHat 6.2 with:
>
>./configure --enable-poppassd --enable-chunky-writes=1
>make
>make install
>
>
>Does anyone have any ideas what is going on here?
>I haven't been able to find it in the documentation yet.
>
>Thanks,
>
>Curt
Date: Tue, 22 Apr 2003 11:00:32 +0200
From: Sascha Reimann <reimann at haar-systemberatung dot de>
Subject: DNS resolve problem with qpopper
Hi,
i have the problem that qpopper always try
to resolve ip addresses. In the xinetd.d config
file, see below,
service pop-3
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/pop3
server_args = pop3 -R -s
log_on_success += USERID
log_on_failure += USERID
nice = 19
}
i try to prevent the lookups with the -R option.
But it doesnt work. The connect from another
workstations needs 10 - 15 sec.! I cant list
all workstations in the host file, because
we use dracd for SMTP after POP.
Any idea?
Many thanks for help!
Kind regards,
Sascha Reimann
From: "Robert McIntosh" <mcintoshrt at attbi dot com>
Subject: Qpopper make parse error TLS/SSL
Date: Wed, 23 Apr 2003 14:52:07 -0700
Hi,
I'm attempting to install Qpopper on RH 9 with TLS/SSL, Mailbox, and
standalone options.
I'm unsure if the --with-openssl= refers to the executable or the library
for openssl.
No problems with the home-dir-mail=Mailbox or standalone options, but with
trying to install it with TLS/SSL for OpenSSL 0.9.7a I receive the following
messages:
#./configure --enable-home-dir-mail=Mailbox --enable-standalon
e --with-openssl=/usr/include/openssl
cd ./popper && make all
make[1]: Entering directory `/usr/src/qpopper4.0.5/popper'
gcc -c -I.. -I.. -I. \
-I../mmangle -I../common -I/usr/include/openssl/include \
-g -O2 -DHAVE_CONFIG_H -DLINUX -DUNIX pop_get_command.c -o
pop_get_command.o
make[1]: Leaving directory `/usr/src/qpopper4.0.5/popper'
[root@ganymede qpopper4.0 dot 5]# make > makeresults
In file included from /usr/include/openssl/ssl.h:179,
from pop_tls.h:41,
from pop_get_command.c:25:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
In file included from /usr/include/openssl/ssl.h:179,
from pop_tls.h:41,
from pop_get_command.c:25:
/usr/include/openssl/kssl.h:132: parse error before "krb5_enctype"
/usr/include/openssl/kssl.h:134: parse error before "FAR"
/usr/include/openssl/kssl.h:135: parse error before '}' token
/usr/include/openssl/kssl.h:147: parse error before "kssl_ctx_setstring"
/usr/include/openssl/kssl.h:147: parse error before '*' token
/usr/include/openssl/kssl.h:148: parse error before '*' token
/usr/include/openssl/kssl.h:149: parse error before '*' token
/usr/include/openssl/kssl.h:149: parse error before '*' token
/usr/include/openssl/kssl.h:150: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before "kssl_ctx_setprinc"
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:153: parse error before "kssl_cget_tkt"
/usr/include/openssl/kssl.h:153: parse error before '*' token
/usr/include/openssl/kssl.h:155: parse error before "kssl_sget_tkt"
/usr/include/openssl/kssl.h:155: parse error before '*' token
/usr/include/openssl/kssl.h:157: parse error before "kssl_ctx_setkey"
/usr/include/openssl/kssl.h:157: parse error before '*' token
/usr/include/openssl/kssl.h:159: parse error before "context"
/usr/include/openssl/kssl.h:160: parse error before "kssl_build_principal_2"
/usr/include/openssl/kssl.h:160: parse error before "context"
/usr/include/openssl/kssl.h:163: parse error before "kssl_validate_times"
/usr/include/openssl/kssl.h:163: parse error before "atime"
/usr/include/openssl/kssl.h:165: parse error before "kssl_check_authent"
/usr/include/openssl/kssl.h:165: parse error before '*' token
/usr/include/openssl/kssl.h:167: parse error before "enctype"
In file included from pop_tls.h:41,
from pop_get_command.c:25:
/usr/include/openssl/ssl.h:909: parse error before "KSSL_CTX"
/usr/include/openssl/ssl.h:931: parse error before '}' token
make[1]: *** [pop_get_command.o] Error 1
make: *** [popper_server] Error 2
Any hints?
TIA!
-Robert McIntosh
Date: Wed, 23 Apr 2003 18:09:33 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: Qpopper make parse error TLS/SSL
At 05:52 PM 4/23/2003, Robert McIntosh wrote:
>Hi,
>
>I'm attempting to install Qpopper on RH 9 with TLS/SSL, Mailbox, and
>standalone options.
There are some issues building for RH9. I've been working on this, and
should be able to provide you with a set of work-arounds for the short
term, and will be working with Randall to ensure these issues are resolved
in the next release.
The compile problem you see below is the result of needing
-I/usr/kerberos/include in your compile flags. It appears the version of
OpenSSL included in RH9 relies on a header file from there, where older
versions didn't.
>I'm unsure if the --with-openssl= refers to the executable or the library
>for openssl.
>
>No problems with the home-dir-mail=Mailbox or standalone options, but with
>trying to install it with TLS/SSL for OpenSSL 0.9.7a I receive the following
>messages:
>
>#./configure --enable-home-dir-mail=Mailbox --enable-standalon
>e --with-openssl=/usr/include/openssl
>
>cd ./popper && make all
>make[1]: Entering directory `/usr/src/qpopper4.0.5/popper'
>gcc -c -I.. -I.. -I. \
> -I../mmangle -I../common -I/usr/include/openssl/include \
> -g -O2 -DHAVE_CONFIG_H -DLINUX -DUNIX pop_get_command.c -o
>pop_get_command.o
>make[1]: Leaving directory `/usr/src/qpopper4.0.5/popper'
>[root@ganymede qpopper4.0 dot 5]# make > makeresults
>In file included from /usr/include/openssl/ssl.h:179,
> from pop_tls.h:41,
> from pop_get_command.c:25:
>/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
>In file included from /usr/include/openssl/ssl.h:179,
> from pop_tls.h:41,
> from pop_get_command.c:25:
>/usr/include/openssl/kssl.h:132: parse error before "krb5_enctype"
>/usr/include/openssl/kssl.h:134: parse error before "FAR"
>/usr/include/openssl/kssl.h:135: parse error before '}' token
>/usr/include/openssl/kssl.h:147: parse error before "kssl_ctx_setstring"
>/usr/include/openssl/kssl.h:147: parse error before '*' token
>/usr/include/openssl/kssl.h:148: parse error before '*' token
>/usr/include/openssl/kssl.h:149: parse error before '*' token
>/usr/include/openssl/kssl.h:149: parse error before '*' token
>/usr/include/openssl/kssl.h:150: parse error before '*' token
>/usr/include/openssl/kssl.h:151: parse error before "kssl_ctx_setprinc"
>/usr/include/openssl/kssl.h:151: parse error before '*' token
>/usr/include/openssl/kssl.h:153: parse error before "kssl_cget_tkt"
>/usr/include/openssl/kssl.h:153: parse error before '*' token
>/usr/include/openssl/kssl.h:155: parse error before "kssl_sget_tkt"
>/usr/include/openssl/kssl.h:155: parse error before '*' token
>/usr/include/openssl/kssl.h:157: parse error before "kssl_ctx_setkey"
>/usr/include/openssl/kssl.h:157: parse error before '*' token
>/usr/include/openssl/kssl.h:159: parse error before "context"
>/usr/include/openssl/kssl.h:160: parse error before "kssl_build_principal_2"
>/usr/include/openssl/kssl.h:160: parse error before "context"
>/usr/include/openssl/kssl.h:163: parse error before "kssl_validate_times"
>/usr/include/openssl/kssl.h:163: parse error before "atime"
>/usr/include/openssl/kssl.h:165: parse error before "kssl_check_authent"
>/usr/include/openssl/kssl.h:165: parse error before '*' token
>/usr/include/openssl/kssl.h:167: parse error before "enctype"
>In file included from pop_tls.h:41,
> from pop_get_command.c:25:
>/usr/include/openssl/ssl.h:909: parse error before "KSSL_CTX"
>/usr/include/openssl/ssl.h:931: parse error before '}' token
>make[1]: *** [pop_get_command.o] Error 1
>make: *** [popper_server] Error 2
>
>Any hints?
>TIA!
>-Robert McIntosh
Subject: mail problem
From: mdew <mdew at orcon.net dot nz>
Date: 26 Apr 2003 00:25:04 +1200
nirvana:/home/mdew# telnet 10.0.0.6 110
Trying 10.0.0.6...
Connected to 10.0.0.6.
Escape character is '^]'.
+OK Qpopper (version 4.0.4) at mdew starting. <2108 dot 1051258306@mdew>
user mdew
+OK Password required for mdew.
pass xxxxx
-ERR [SYS/PERM] Unable to process From lines (envelopes), change
recognition modes or check for corrupted mail drop.
+OK Pop server at mdew signing off.
Connection closed by foreign host.
Ive read http://www.eudora.com/qpopper/faq.html#from.lines
where abouts are these .user.pop files? I cant seem to find them.
find / -name *".pop"* doesnt come up with anything.
Ive dist-upgraded to 4.0.5, still the same problem.
Using Debian Sid.
--
mdew <mdew at orcon.net dot nz>
Subject: Re: mail problem
From: mdew <mdew at orcon.net dot nz>
Date: 26 Apr 2003 01:51:20 +1200
ah yes, after a bit of probing, i found the problem...
/var/spool/pop/.mdew.pop was my problem :/
thanks to those who help :)
--
mdew <mdew at orcon.net dot nz>
From: "Alan W. Rateliff, II" <lists at rateliff dot net>
Subject: Fw: Qpopper v4.0.x poppassd local root exploit
Date: Mon, 28 Apr 2003 18:33:33 -0400
Anyone seen this?
--
Alan W. Rateliff, II : RATELIFF.NET
Independent Technology Consultant : alan2 at rateliff dot net
(Office) 850/350-0260 : (Mobile) 850/559-0100
-------------------------------------------------------------
[System Administration][IT Consulting][Computer Sales/Repair]
----- Original Message -----
From: "dong-h0un U" <xploit at hackermail dot com>
To: <bugtraq at securityfocus dot com>
Sent: Monday, April 28, 2003 10:12 AM
Subject: Qpopper v4.0.x poppassd local root exploit
>
>
> =======================================
> INetCop Security Advisory #2003-0x82-016
> =======================================
>
>
> * Title: Qpopper v4.0.x poppassd local root exploit
>
>
> 0x01. Description
>
>
> Qpopper poppassd is a program that changes system passwords thus allowing
users
> to change their mail passwords.
> We found security bug to poppassd that is included to basis to Qpopper
v4.0.x.
> Through this security bug, allow root user's authority to general user.
> For reference, poppassd is daemon that is executed by root (uid 0).
>
> example>
> /etc/services: epass 106/tcp poppassd
> /etc/inetd.conf: epass stream tcp nowait root /usr/sbin/tcpd poppassd
>
> Vulnerability can presume as following.
> There is dochild() function to 711 lines of 'password/poppassd.c' code.
>
> __
> ...
> 170 #define PASSWD_BINARY "/usr/bin/passwd" /* TBD: config.h
*/
> 171 #define SMBPASSWD_BINARY "/usr/bin/smbpasswd" /* TBD: config.h
*/
> ...
> 711 int dochild (int master, char *slavedev, char *userid, int smb)
> 712 {
> ...
> 781 if (!smb)
> 782 {
> 784 setregid ( pw->pw_gid, pw->pw_gid ); // It's natural.
> 785 setreuid ( pw->pw_uid, pw->pw_uid ); // It's natural. ;-)
> 786
> 787 execl ( pwd_binary, "passwd", NULL ); // ok, is executed by
general user.
> 788
> 789 err_msg ( HERE, "can't exec %s", pwd_binary );
> 790 exit ( 1 );
> 791 }
> 792 else
> 793 {
> 794 TRACE ( trace_file, POP_DEBUG, HERE, "...changing smb
password" );
> 795 execl ( smb_binary, "smbpasswd", userid, NULL ); // Ooops, is
executed by root user.
> 796
> 797 err_msg ( HERE, "can't exec %s", smb_binary );
> 798 exit ( 1 );
> 799 }
> 800 }
> ...
> --
>
> Setuid of "/usr/bin/smbpasswd" is not established.
> Certainly, "/usr/bin/smbpasswd" may be executed as root competence.
> Root setuid of poppassd is established.
>
> --
> [x82@xpl017elz password]$ cat Makefile | grep install
> # * - Added patch by Steven Champeon to fix install and lib.
> installdir = ${exec_prefix}/bin
> INSTALL = /usr/bin/install -c
> install:
> ${INSTALL} -m 4755 -o root -g 0 poppassd ${installdir}/poppassd; \
> echo "Installed poppassd as ${installdir}/poppassd"
> [x82@xpl017elz password]$ pwd
> /qpopper4.0.5/password
> [x82@xpl017elz password]$ ls -al /usr/local/bin/poppassd
> -rwsr-xr-x 1 root root 108300 Apr 17 00:55
/usr/local/bin/poppassd
> [x82@xpl017elz password]$ poppassd -?
> poppassd [-?] [-d] [-l 0|1|2] [-p [passd-path]] [-R] [-s [smbpasswd-path]]
> [-t trace-file] [-v] [-y log-facility]
> [x82@xpl017elz password]$
> --
>
> Fatal vulnerability !! It happens because general user can control
smbpasswd's path.
> '-s' option capacitates it.
>
>
> 0x02. Vulnerable Packages
>
>
> It's poppassd version that is included to qpopper regardless of improved
version.
>
> --
> [x82@xpl017elz /tmp]$ poppassd -v
> poppassd version 4.0.5b2
> [x82@xpl017elz /tmp]$
> --
>
> Vendor site: http://www.qualcomm.com/
>
> qpopper4.0.5 (Inclusion)
> -qpopper4.0.5.tar.gz
> +Linux
> +*BSD
> +SunOS
> +AIX
> +IRIX
> +SCO_SV
> +Other
> qpopper4.0.4 (Inclusion)
> -qpopper4.0.4.tar.gz
> qpopper4.0.3 (Inclusion)
> -qpopper4.0.3.tar.gz
> qpopper4.0.x
>
> beta version: qpopper4.0.*
>
>
> 0x03. Exploit
>
>
> We finished exploit. (Tested it in Linux.)
>
>
> [x82@xpl017elz /tmp]$ ./0x82-Local dot Qp0ppa55d -u x82 -p mypasswd
>
> Qpopper v4.0.x poppassd local root exploit.
> by Xpl017Elz
>
> [+] make code.
> [+] execute poppassd.
> 200 xpl017elz poppassd v4.0.5b2 hello, who are you?
> [+] input username.
> 200 your password please.
> [+] input password.
> 200 your new password please.
> [+] input fake new password.
> [+] wait, 2sec.
> [+] Ok, exploited successfully.
> [*] It's Rootshell !
>
> [root@xpl017elz /root]# id
> uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
> [root@xpl017elz /root]#
>
>
> 0x04. Patch
>
>
> It is vendor's share that trim vulnerability.
> Can reduce danger that remove setuid simply, or designate wheel group.
>
> # chmod -s poppassd
>
> or,
>
> # chgrp wheel poppassd
> # chmod o-rx poppassd
> # chmod u+s poppassd
>
> And, very excellent poppassd package version exists.
> poppassd in Qpopper package does not use for the present. :-p
>
> --
>
>
> P.S: Sorry, for my poor english.
>
>
> --
> By "dong-houn yoU" (Xpl017Elz), in INetCop(c) Security.
>
> MSN & E-mail: szoahc(at)hotmail(dot)com,
> xploit(at)hackermail(dot)com
>
> INetCop Security Home: http://www.inetcop.org (Korean hacking game)
> My World: http://x82.i21c.net & http://x82.inetcop.org
>
> GPG public key: http://x82.inetcop.org/h0me/pr0file/x82.k3y
> --
>
>
> --
> _______________________________________________
> Get your free email from http://www.hackermail.com
>
> Powered by Outblaze
>
Date: Mon, 28 Apr 2003 18:27:23 -0500
From: "J.D. Bronson" <jeff at xpec dot com>
Subject: 4.0.5 and /var/mail
I am running solaris 9 and have noticed this on solaris 7,8, and now 9.
I use qpopper as standalone and of course /var/mail
Perms on /var/mail are:
drwxrwsr-x 2 root mail 512 Apr 28 18:25 mail
I run Sendmail 8.12.9 and use mail.local for delivery and it is set to dump
as GID mail.
Things work fine, but at times one or more of my user's file in /var/mail
are no longer 600 but 660.
I have seen this on my own spool and I use Eudora 5.2 as a client.
I dont know why qpopper is changing the perms on the mail spool, but it is
not sendmail and no other pop3 daemon I have tested will do this.
What is going on? - I want all the user mail spool files mode 600 for safety.
thanks!
--
J.D. Bronson
Aurora Health Care
Information Services
Milwaukee, Wisconsin USA
Main Office: 414.978.3000
Date: Mon, 28 Apr 2003 15:15:12 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Fw: Qpopper v4.0.x poppassd local root exploit
On Mon, Apr 28, 2003 at 06:33:33PM -0400, Alan W. Rateliff, II wrote:
> Anyone seen this?
Saw the announcement to bugtraq, certainly, a couple hours ago. We
just turned off poppassd here while we look at the situation and
determine if it's a real problem and what the relevant factors are in
whether it applies.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
"If you ride fast enough, the Specialist can't catch you."
"What's the Specialist?" Samantha says.
"The Specialist wears a hat," says the babysitter. "The hat makes noises."
She doesn't say anything else.
Kelly Link, _The Specialist's Hat_
From: "Simon May" <simon at imsl dot es>
Subject: re outlook problems
Date: Tue, 29 Apr 2003 09:44:07 +0200
Hi All,
I know that this is a question that has been asked many times.
Regarding the problems with outlook express "Operation not permitted
qpoppper"
The problem seems to be made worst by anti virus scanning of email on the
client.
Has anyone found an answer for this problem.
Further I don't think just saying "use another client" is really an answer,
I'm sure that like myself many of us do not have the privilege of dictating
to our users the email client they use
and are stuck with these MS products POPing the server.
Kind Regards
Simon May
Network Administrator
Internet Marketing S.L.
Date: Tue, 29 Apr 2003 08:55:29 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: re outlook problems
At 03:44 AM 4/29/2003, Simon May wrote:
>Hi All,
>I know that this is a question that has been asked many times.
>Regarding the problems with outlook express "Operation not permitted
>qpoppper"
>The problem seems to be made worst by anti virus scanning of email on the
>client.
>Has anyone found an answer for this problem.
Well, since you don't want to hear "use another client" then the next
response is "Call Microsoft and ask them to fix their problem."
>Further I don't think just saying "use another client" is really an answer,
>I'm sure that like myself many of us do not have the privilege of dictating
>to our users the email client they use
>and are stuck with these MS products POPing the server.
Since you're stuck with Microsoft product, you might as well try calling
Microsoft and asking them why their mail program times out so quickly. This
is assuming you've already gone into the Advanced tab on the configuration
and set the timeout to 5 minutes. That helps some, but if someone sends you
a large attachment, you're likely still in trouble.
Some people think of "timeout" as the time during which a program senses no
network activity. Microsoft seems to think of "timeout" as the time between
the start of the POP transaction and the end of it, regardless of network
activity. That's the only explanation I've been able to find for this problem.
We have customers using a broad spectrum of POP clients. It's only
Microsoft clients that give up in the middle of a perfectly good and
productive POP session and hang up the phone as it were. There appears to
be nothing the POP server can do to help.
From: "Simon May" <simon at imsl dot es>
Subject: Re: re outlook problems
Date: Tue, 29 Apr 2003 15:29:15 +0200
Well the problem is not a timeout problem at all
You can get outlook to wait as long as you like
the problem is that outlook is trying place emails
back on the server, (I think) shutting outlook down and deleting
Pop3uidl.dbx from your mail store sorts this out.
Why outylook wants to do this I don't understand.
There is no reason to assume that this is a problem with
outlook and not a problem with the server.
I think everyone is too ready to blame MS
if you are having timeout problems
then try
pop3 stream tcp nowait.80 root /usr/local/sbin/popper qpopper -s -R -T 600
in inetd.conf the -T being the time out
I never get the timeout problem with this config.
but I still get "Operation is not ...."
what the Operation is I'm not sure.
Kind Regards
Simon May
Network Administrator
Internet Marketing S.L.
Telephone 971 72 92 04
Fax 971 71 92 04
Email simon at imsl dot es
----- Original Message -----
> Some people think of "timeout" as the time during which a program senses
no
> network activity. Microsoft seems to think of "timeout" as the time
between
> the start of the POP transaction and the end of it, regardless of network
> activity. That's the only explanation I've been able to find for this
problem.
Date: Tue, 29 Apr 2003 09:43:28 -0400 (EDT)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: re outlook problems
On Tue, 29 Apr 2003, Simon May wrote:
> Well the problem is not a timeout problem at all
> You can get outlook to wait as long as you like
> the problem is that outlook is trying place emails
> back on the server, (I think) shutting outlook down and deleting
> Pop3uidl.dbx from your mail store sorts this out.
But this isn't documented.
> Why outylook wants to do this I don't understand.
Embrace, extend, render incompaible.
> There is no reason to assume that this is a problem with
> outlook and not a problem with the server.
None of the other MUA packages do it.
> I think everyone is too ready to blame MS
>
With good reason. MS software won't work with qpopper, while everything
else works fine and MS refuse to discuss the problem with anyone, or
even acknowledge it exists other than to suggest switching to MS based
servers.
> if you are having timeout problems
> then try
> pop3 stream tcp nowait.80 root /usr/local/sbin/popper qpopper -s -R -T 600
> in inetd.conf the -T being the time out
Been there, done that. Still had problems with users on slowish mosdems
and large messages.
AB
From: "Simon May" <simon at imsl dot es>
Subject: Re: re outlook problems
Date: Tue, 29 Apr 2003 16:08:52 +0200
----- Original Message -----
>
> > Well the problem is not a timeout problem at all
> > You can get outlook to wait as long as you like
> > the problem is that outlook is trying place emails
> > back on the server, (I think) shutting outlook down and deleting
> > Pop3uidl.dbx from your mail store sorts this out.
>
> But this isn't documented.
have a look through http://insideoe.tomsterdam.com
> > Why outlook wants to do this I don't understand.
>
> Embrace, extend, render incompatible.
don't forget FUD fear, uncertainty and doubt
>
> > There is no reason to assume that this is a problem with
> > outlook and not a problem with the server.
>
> None of the other MUA packages do it.
Are we sure of that every time the question comes up
it's often "Oh the outlook problem" change clients and that's it!
Remember that 99% of my users and most others have no problem using
outlook ... and most of the problems I see are related to broadband usage
not slow connections and moving to qpopper solve a lot more problems than
it created
>
> I think everyone is too ready to blame MS
>
> With good reason. MS software won't work with qpopper, while everything
> else works fine and MS refuse to discuss the problem with anyone, or
> even acknowledge it exists other than to suggest switching to MS based
> servers.
Well as I'm not part of the development team but a happy to be useful user
I have not idea if MS has been contacted.
I was hoping that these emails would get people interested in trying to
solve the problem
not just continuing to go it's all MS's fault if we really want to get to
them then the best way to do it is
get their mail agent to work well with qpopper then there would truly be an
alternative for administrators.
Simon May
Date: Tue, 29 Apr 2003 10:42:30 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: re outlook problems
At 10:08 AM 4/29/2003, Simon May wrote:
>----- Original Message -----
> >
> > > Well the problem is not a timeout problem at all
> > > You can get outlook to wait as long as you like
> > > the problem is that outlook is trying place emails
> > > back on the server, (I think) shutting outlook down and deleting
> > > Pop3uidl.dbx from your mail store sorts this out.
> >
> > But this isn't documented.
>have a look through http://insideoe.tomsterdam.com
>
>
> > > Why outlook wants to do this I don't understand.
> >
> > Embrace, extend, render incompatible.
>don't forget FUD fear, uncertainty and doubt
>
> >
> > > There is no reason to assume that this is a problem with
> > > outlook and not a problem with the server.
> >
> > None of the other MUA packages do it.
>Are we sure of that every time the question comes up
>it's often "Oh the outlook problem" change clients and that's it!
>
>Remember that 99% of my users and most others have no problem using
>outlook ... and most of the problems I see are related to broadband usage
>not slow connections and moving to qpopper solve a lot more problems than
>it created
Do you have any way of tracking which version of Outlook your customers are
using? It is entirely possible there are a few bad versions out there
(remember, Microsoft has released a LOT of patches to that program) that
have trouble. It might be useful to determine if the issues are with
Outlook Express vs. Outlook (which are really separate programs despite a
common base name) and which version numbers are involved.
> >
> > I think everyone is too ready to blame MS
> >
> > With good reason. MS software won't work with qpopper, while everything
> > else works fine and MS refuse to discuss the problem with anyone, or
> > even acknowledge it exists other than to suggest switching to MS based
> > servers.
>
>Well as I'm not part of the development team but a happy to be useful user
>I have not idea if MS has been contacted.
>
>I was hoping that these emails would get people interested in trying to
>solve the problem
>not just continuing to go it's all MS's fault if we really want to get to
>them then the best way to do it is
>get their mail agent to work well with qpopper then there would truly be an
>alternative for administrators.
If someone with a financial interest in dealing with Microsoft wants to
make some introductions, that'd be fine. Open source products usually don't
make attempts to market themselves as such, which makes this a bit more
difficult. Microsoft gives away OE for free, so they too may have little
interest in fixing things. I, for one, would be willing to talk with
someone in Microsoft's software engineering or sustaining engineering who's
able to actually work on, debug and fix such a problem. I'd be happy to
provide a test system for them to test against even. But I won't talk with
10 levels of tech support or pay Microsoft for a support incident for a
matter that I have no financial interest in solving.
This is one of many clashes between the Microsoft approach and the open
source approach to doing business.
Date: Tue, 29 Apr 2003 14:52:23 -0400 (EDT)
From: Chip Old <fold at bcpl dot net>
Subject: Re: 4.0.5 and /var/mail
On Mon, 28 Apr 2003 18:27 -0500, J.D. Bronson wrote to Subscribers of Qpopper:
> I am running solaris 9 and have noticed this on solaris 7,8, and now 9.
> I use qpopper as standalone and of course /var/mail
> Perms on /var/mail are:
>
> drwxrwsr-x 2 root mail 512 Apr 28 18:25 mail
>
> I run Sendmail 8.12.9 and use mail.local for delivery and it is set to
> dump as GID mail. Things work fine, but at times one or more of my
> user's file in /var/mail are no longer 600 but 660. I have seen this on
> my own spool and I use Eudora 5.2 as a client. I dont know why qpopper
> is changing the perms on the mail spool, but it is not sendmail and no
> other pop3 daemon I have tested will do this.
>
> What is going on? - I want all the user mail spool files mode 600 for
> safety.
On a Solaris machine (and many others derived from System 5) /var/mail
ownership is root:mail with rwxrwxrwt (mode 1777) permissions. Anyone can
create files in /var/mail, but the sticky bit prevents users from writing
to or deleting files they don't own. Ownership of individual mailboxes is
username:mail, with -rw-rw---- (mode 660) permissions. Granted that
probably isn't the best way to do it, but mail-handling apps compiled to
run under Solaris often expect those permissions and barf if they are set
differently.
Your drwxrwsr-x (775) [permissions on /var/mail and -rw------- (600) on
individual mailboxes is more in keeping with the way it's done on
Berkeley-derived systems.
You're right that it isn't sendmail that is altering permissions.
Sendmail doesn't write to mailboxes. When mail is received for "jdoe",
sendmail accepts delivery and passes the message off to the local delivery
agent (typically mail.local), which delivers the message to the
appropriate mailbox. If the LDA is compiled under Solaris it probably by
default sets the permissions on any new mailboxes it creates to 660. I
know this is true on our Solaris 2.6, 7, and 9 machines. I don't know for
sure, but I suspect that is also true of any other app compiled under
Solaris that can create mail spool files.
On my Solaris machines, if I set 600 permissions on a mailbox, no program
(including Qpopper) seems to alter it. However if the mailbox is deleted,
then later on recreated by mail.local or whatever, the new mailbox has 660
permissions.
--
Chip Old (Francis E. Old) E-Mail: fold at bcpl dot net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
Baltimore County Public Library
320 York Road
Towson, MD 21204 USA
Date: Tue, 29 Apr 2003 16:47:18 -0400 (EDT)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: re outlook problems
On Tue, 29 Apr 2003, Daniel Senie wrote:
> If someone with a financial interest in dealing with Microsoft wants to
> make some introductions, that'd be fine. Open source products usually don't
> make attempts to market themselves as such, which makes this a bit more
> difficult. Microsoft gives away OE for free, so they too may have little
> interest in fixing things.
They have a financial interest in only having one server work properly
with OE. It doesn't take a rocket scientist to work that out when the
only response I've ever had from them is a hard sell on MS server-ware
and no actual interest in making the client work with pop3 servers from
anyone else.
Outlook is the only client I've ever used where download timeouts
_can't_ be disabled.
It is NOT the only client which had the timeout apply on a per message
basis, regardless of throughput. Eudora used to do that too, but the
timeouts could be set to several hours for large messages on slow
links(or disabled altogether).
AB
From: "Simon May" <simon at imsl dot es>
Subject: Re: re outlook problems
Date: Wed, 30 Apr 2003 12:26:22 +0200
Well I see that the code that produces the error
I/O error flushing output to client xxxx at x.x.x.x. [x.x.x.x]: Operation
not permitted (1)
is in pop_send.c
To be exact the pop_write_flush routine
the question must be why is there an I/O error
It seems to me that outlook express is trying to leave mail on the server
even though it is not set to do so.
Maybe this is the result of previous timeouts
Simon
Date: Wed, 30 Apr 2003 11:24:50 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: re outlook problems
At 10:27 AM 4/30/2003, Simon May wrote:
>Okay so this is what I'm seeing happening.
>The client machine says that it is collecting msg 3 of 5 and just hangs
>there until it timesout
OK.
>On the server
>1. there is often no mail in the spool file and if there is it has had the
>STATUS header added
qpopper moves the contents of the mailbox to the tempdrop area, so that it
is possible for new mail to arrive while qopper is managing its mail. There
are options for dealing with this.
>2. there is a qpopper proccess running
The qpopper process also likely still has open the file in the tempdrop area.
>3. there is no lock file.
No lock file is necessarily needed, since the mailbox file is not locked
while transferring contents from the file in the tempdrop area.
>So to sort the problem I kill the proccess
Which makes a mess.
>delete the spool file
>delete the Pop3uidl.dbx file on the client
>and reboot the client
>
>That sorts the problem
>Note that it is on a 10Mb LAN
Fine. Transfer speed is likely not the issue. That does not, however, rule
out timeouts as the root issue.
So we still don't know why this is happening. What would help is a packet
trace of the TCP session using a Sniffer(tm), Etherreal or tcpdump. It is
our contention that the qpopper process is having the TCP session ripped
out from under it. That would be caused by the client (OE) sending a TCP
FIN or RST packet. The contention is that the client indeed IS closing the
TCP session.
In the cases I've personally explored on this problem, the OE client was
resetting the TCP session. I have no idea why, as the data flow was fine.
Assumption made was that the timeout algorithm Microsoft used was flawed.
Since OE is closed-source, there was no way to look inside and find the
problem.
Date: Wed, 30 Apr 2003 10:18:21 -0400
From: Daniel Senie <dts at senie dot com>
Subject: Re: re outlook problems
At 09:58 AM 4/30/2003, Simon May wrote:
>The problem is that I'm pretty sure that the session is not closing.
Well, looking at the state of the connection sure says otherwise.
>It seems that OE is trying to write back to the spool
Ummm, you want to explain what you mean by that? OE doesn't write to
anything on the server. Qpopper does. If It's trying to send messages to
the server, that's fine, but not what you said.
>The mail spool STATUS: gets altered to RO or U
>and then the whole thing hangs and then OE waits for a reply it never gets
>though you see a qpopper proccess sitting there.
Can you perhaps explain this more clearly? I really can't decipher what it
is you're claiming is happening.
It's helpful to talk about the message flow between the client (OE in this
case) and server (qpopper), and discuss what actions each of these programs
is taking locally to its own disks. Only messages are passed between, and
we'd need to understand what those messages are, and whether the session is
still active at any given point.
Dan
>Simon
>
>
>----- Original Message -----
>From: "Daniel Senie" <dts at senie dot com>
>To: "Simon May" <simon at imsl dot es>
>Cc: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
>Sent: Wednesday, April 30, 2003 3:19 PM
>Subject: Re: re outlook problems
>
>
> > At 06:26 AM 4/30/2003, Simon May wrote:
> > >Well I see that the code that produces the error
> > > I/O error flushing output to client xxxx at x.x.x.x. [x.x.x.x]:
>Operation
> > >not permitted (1)
> > >is in pop_send.c
> > >To be exact the pop_write_flush routine
> > >
> > >the question must be why is there an I/O error
> >
> > When the socket underneath qpopper (and the TCP Session associated) are
> > closed because the remote end terminates it, it's REALLY REALLY hard to
> > write to that socket.
> >
> > There's NOTHING that can be done on the server end to deal with the fact
> > that the device on the remote end of the TCP session closed the session.
> >
> >
> > >It seems to me that outlook express is trying to leave mail on the server
> > >even though it is not set to do so.
> > >
> > >Maybe this is the result of previous timeouts
> > >
> > >Simon
> >
> > -----------------------------------------------------------------
> > Daniel Senie dts at senie dot com
> > Amaranth Networks Inc. http://www.amaranth.com
> >
From: "Simon May" <simon at imsl dot es>
Subject: Re: re outlook problems
Date: Wed, 30 Apr 2003 16:27:30 +0200
Okay so this is what I'm seeing happening.
The client machine says that it is collecting msg 3 of 5 and just hangs
there until it timesout
On the server
1. there is often no mail in the spool file and if there is it has had the
STATUS header added
2. there is a qpopper proccess running
3. there is no lock file.
So to sort the problem I kill the proccess
delete the spool file
delete the Pop3uidl.dbx file on the client
and reboot the client
That sorts the problem
Note that it is on a 10Mb LAN
Simon
Date: Wed, 30 Apr 2003 08:26:38 -0400 (EDT)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: re outlook problems
On Wed, 30 Apr 2003, Simon May wrote:
> Well I see that the code that produces the error
> I/O error flushing output to client xxxx at x.x.x.x. [x.x.x.x]: Operation
> not permitted (1)
> is in pop_send.c
> To be exact the pop_write_flush routine
>
> the question must be why is there an I/O error
Because the client has disconnected. The output being flushed is to the
IP connection, not to disk.
AB
Date: Wed, 30 Apr 2003 10:44:02 -0700
From: Kenneth Porter <shiva at sewingwitch dot com>
Subject: Re: re outlook problems
--On Wednesday, April 30, 2003 12:26 PM +0200 Simon May <simon at imsl dot es> wrote:
> I/O error flushing output to client xxxx at x.x.x.x. [x.x.x.x]: Operation
> not permitted (1)
> is in pop_send.c
> To be exact the pop_write_flush routine
Outlook probably just rudely dropped the connection.
[I'll read any reply on the list. No need to cc me.]
From: "Ken Hohhof" <ken at mixedsignal dot com>
Subject: Re: re outlook problems
Date: Wed, 30 Apr 2003 13:47:15 -0500
> The client machine says that it is collecting msg 3 of 5 and just hangs
> there until it timesout
When I see this, the problem will occur on the same message each time the
person tries to check mail. We fix the problem by deleting the offending
email message from the mailspool or having the customer do it via webmail.
The poplock times out on its own if you let it. Also we have changed the
Linux settings to retry TCP connections fewer times than default to speed up
the poplock timeout. But when the person checks mail next time, they get
all the messages again starting with #1 because the server never got a QUIT
command.
Sounds like a killer email, rather than an Outlook or qpopper problem.
Granted, mail clients like Eudora are better about flagging bad messages and
asking what to do rather than just choking on them.
Personally, I retrieve tons of email each day from at least 3 of our
mailservers all running qpopper, using Outlook Express, without ever seeing
the problem you describe. BUT, I have the Preview Pane disabled. Have you
tried having a couple customers who regularly get this problem turn off
Preview Pane? The other situation I regularly see that is similar is when
Norton Antivirus (having inserted itself between the mail client and the
mail server) chokes on a certain message.
I have heard claims that both OE and Netscape Messenger will cause problems
if you have it set to check mail every N minutes and it takes longer than N
minutes to download all the mail. Supposedly the mail clients are too
stupid to realize they already have a session with the mailserver and will
start issuing POP3 commands that conflict with the current state with the
mailserver. Like sending a RETR (asking qpopper to "flush" i.e. send a
message to the client) while another messages is already being retrieved?
But personally I'm not so sure this is true, I haven't noticed that turning
off this feature in the email client has any effect on the phenomenon.
Last updated on 30 Apr 2003 by Pensive Mailing List Admin