The qpopper list archive ending on 1 May 2000
Topics covered in this issue include:
1. Re: qpopper 2.5.3
Alan Brown <alan at manawatu.gen dot nz>
Wed, 26 Apr 2000 02:30:54 +1200 (NZST)
2. Re: qpopper 2.5.3
"A. M. Salim" <salim at localweb dot com>
Tue, 25 Apr 2000 11:11:20 -0400 (EDT)
3. Re: qpopper 2.5.3
Admin Mailing Lists <mlist at intergrafix dot net>
Tue, 25 Apr 2000 11:35:22 -0400 (EDT)
4. Re: qpopper 2.5.3
rick pim <rick at post.queensu dot ca>
Tue, 25 Apr 2000 13:18:04 -0400 (EDT)
5. Re: ./configure --enable-log-login on Linux
"A. M. Salim" <salim at localweb dot com>
Tue, 25 Apr 2000 18:47:09 -0400 (EDT)
6. Re: Qpopper 3.0.1b1 available
"Visionary Website Creations, Inc." <visionary at visionary-web dot com>
Wed, 26 Apr 2000 22:19:28 -0400
7. Re: Qpopper 3.0.1b1 available
"Kenneth Porter" <shiva at well dot com>
Wed, 26 Apr 2000 19:46:33 -0700
8. Re: Qpopper 3.0.1b1 available
Joseph S D Yao <jsdy at cospo.osis dot gov>
Wed, 26 Apr 2000 22:53:28 -0400
9. Security bug in qpopper3 (fwd)
dejan at knuten.liu dot se
Thu, 27 Apr 2000 09:42:29 +0200 (MET DST)
10. Re: Security bug in qpopper3 (fwd)
"Kenneth Porter" <shiva at well dot com>
Thu, 27 Apr 2000 02:19:24 -0700
11. qpopper, mysql, and others
Admin Mailing Lists <mlist at intergrafix dot net>
Thu, 27 Apr 2000 10:32:25 -0400 (EDT)
12. Re: qpopper, mysql, and others
PSantos <psantos at gol.com dot br>
Thu, 27 Apr 2000 13:21:11 -0300
13. 3.0 problems
Forrest Aldrich <forrie at forrie dot com>
Thu, 27 Apr 2000 13:06:03 -0400
14. 3.0 problems
Forrest Aldrich <forrie at forrie dot com>
Thu, 27 Apr 2000 13:07:23 -0400
15. Re: Qpopper 3.0.1b1 available
"Visionary Website Creations, Inc." <visionary at visionary-web dot com>
Thu, 27 Apr 2000 13:27:40 -0400
16. Mailboxes Duplicating....
"Joseph Peterson" <jay at qtm dot net>
Thu, 27 Apr 2000 13:48:42 -0400
17. Re: Mailboxes Duplicating....
Admin Mailing Lists <mlist at intergrafix dot net>
Thu, 27 Apr 2000 14:26:13 -0400 (EDT)
18. Re: qpopper, mysql, and others
"Jeremy C. Reed" <reed at wcug.wwu dot edu>
Thu, 27 Apr 2000 12:47:52 -0700 (PDT)
19. Re: 3.0 problems (ERR POP EOF)
Forrest Aldrich <forrie at forrie dot com>
Thu, 27 Apr 2000 19:32:19 -0400
20. Re: SOLVED(1): mailboxes getting duplicated
"Kenneth Porter" <shiva at well dot com>
Thu, 27 Apr 2000 16:37:42 -0700
21. Re: 3.0 problems (ERR POP EOF)
"Kenneth Porter" <shiva at well dot com>
Thu, 27 Apr 2000 16:54:39 -0700
22. Re: Qpopper 3.0.1b1 available (library conflicts)
"Kenneth Porter" <shiva at well dot com>
Thu, 27 Apr 2000 17:00:28 -0700
23. Re: Mailboxes Duplicating....
Peter Evans <peter at gol dot com>
Fri, 28 Apr 2000 08:04:15 +0900
24. Re: 3.0 problems (ERR POP EOF)
Forrest Aldrich <forrie at forrie dot com>
Thu, 27 Apr 2000 23:12:04 -0400
25. Re: 3.0 problems (ERR POP EOF)
Forrest Aldrich <forrie at forrie dot com>
Fri, 28 Apr 2000 00:21:21 -0400
26. Re: SOLVED(1): mailboxes getting duplicated
"Kenneth Porter" <shiva at well dot com>
Thu, 27 Apr 2000 21:54:22 -0700
27. Re: UIDL corruption with MS Exchange Server ?
"A. M. Salim" <salim at localweb dot com>
Fri, 28 Apr 2000 11:28:40 -0400 (EDT)
28. Re: SOLVED(1): mailboxes getting duplicated
Randall Gellens <randy at qualcomm dot com>
Fri, 28 Apr 2000 09:20:11 -0700
29. Re: UIDL corruption with MS Exchange Server ?
Qpopper Support <qpopper at qualcomm dot com>
Fri, 28 Apr 2000 12:05:25 -0700
30. Broken Pipes.....
mjm <mike2 at gtii dot com>
Fri, 28 Apr 2000 15:12:49 -0400 (EDT)
31. Linux quota & maillock
Alexander Rusinov <boot at eurocom.od dot ua>
Fri, 28 Apr 2000 22:31:20 +0300
32. Re: unsafe fgets() in qpopper
Qpopper Support <qpopper at qualcomm dot com>
Fri, 28 Apr 2000 20:03:03 -0700
33. Qpopper 3.0.1b2 available
Qpopper Support <qpopper at qualcomm dot com>
Fri, 28 Apr 2000 20:04:45 -0700
34. Re: UIDL corruption with MS Exchange Server ?
Alan Brown <alan at manawatu.gen dot nz>
Sat, 29 Apr 2000 19:13:32 +1200 (NZST)
35. Re: Hack attempt!?!
"Spencer Yost" <yostsw at newidea.atis dot net>
Sat, 29 Apr 2000 17:15:15 -0400
36. Re: Hack attempt!?!
"Mitch Vincent" <mitch at venux dot net>
Sat, 29 Apr 2000 18:10:57 -0400
37. e: Hack attempt!?! - Oops - POP before SMTP
"Mitch Vincent" <mitch at venux dot net>
Sat, 29 Apr 2000 18:27:05 -0400
38. Patch for POP-before-SMTP (was: Re: Hack attempt!?!)
Steven Champeon <schampeo at hesketh dot com>
Sat, 29 Apr 2000 18:24:11 -0400 (EDT)
39. Re: Hack attempt!?!
Forrest Aldrich <forrie at forrie dot com>
Sat, 29 Apr 2000 18:24:07 -0400
40. Re: e: Hack attempt!?! - Oops - POP before SMTP
Steven Champeon <schampeo at hesketh dot com>
Sat, 29 Apr 2000 18:49:12 -0400 (EDT)
41. mail unobtainable (left behind) on server
Roger Arnold <rbarnold at netscape dot net>
29 Apr 00 22:34:12 PDT
42. Re: qpopper, mysql, and others
ahubbell at thehubbells dot cc
Sun, 30 Apr 2000 09:33:11 -0400
43. Re: mail unobtainable (left behind) on server
Gary Schrock <gary at eyelab.psy.msu dot edu>
Sun, 30 Apr 2000 14:57:22 -0500
44. Re: mail unobtainable (left behind) on server
Qpopper Support <qpopper at qualcomm dot com>
Sun, 30 Apr 2000 12:04:28 -0700
45. RH Linux 6.2 and Qpopper 3.0 problem
"James Nelson" <james at digit.bloomnet dot com>
Mon, 1 May 2000 07:31:20 -0500
46. Re: qpopper, mysql, and others
Admin Mailing Lists <mlist at intergrafix dot net>
Mon, 1 May 2000 11:40:18 -0400 (EDT)
47. Re: qpopper, mysql, and others
"Mitch Vincent" <mitch at venux dot net>
Mon, 1 May 2000 12:06:05 -0400
48. Re: UIDL corruption with MS Exchange Server ?
"A. M. Salim" <salim at localweb dot com>
Mon, 1 May 2000 15:07:07 -0400 (EDT)
49. Re: UIDL corruption with MS Exchange Server ?
Alan Brown <alan at manawatu.gen dot nz>
Tue, 2 May 2000 06:52:44 +1200 (NZST)
50. Outlook Express
"Spencer Yost" <yostsw at newidea.atis dot net>
Mon, 01 May 2000 17:06:38 -0400
Date: Wed, 26 Apr 2000 02:30:54 +1200 (NZST)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: qpopper 2.5.3
On Tue, 25 Apr 2000, Steven Champeon wrote:
> No, seriously - there are many ways you can cut down on spam, but no
> other all-encompassing, total-annihiliation, no-more-spam-forever ways.
There is _one_ way.
Treat all mail as suspicious until proved otherwise.
> http://www.mail-abuse.org
> http://www.spambouncer.org/
> http://www.orbs.org
All of these are attempts to keep mail OK until proved otherwise.
If you start with the premise of paranoia and that that all mail is
unwanted, then it's a lot easier - you won't get much mail either.
AB
Date: Tue, 25 Apr 2000 11:11:20 -0400 (EDT)
From: "A. M. Salim" <salim at localweb dot com>
Subject: Re: qpopper 2.5.3
Hi,
> > I was wondering how can I stop my users from receiving SPAM mail?
> > Is it something I need to setup through qpopper or sendmail. I am runing
> > sendmail 8.9.3.
> > Any links to HowTo's or advice would be greatly appreciated.
> check out http://www.mail-abuse.org
you can prevent spam/relay abuse of your mailservers but I doubt you can
(or even should!) do anything to filter your clients email to prevent them
receiving third party spam. Why? Not because I am in favor of spam, I am
not. But because any filtering mechanism you put into place will also,
sooner or later, accidentally filter true messages (non-spam, legit email)
and your users will suffer. It is best left to the recipient to decide
what to do with email adderssed to them, not for the ISP to decide it for
them.
regards
Mike Salim
http://www.localweb.com/
Date: Tue, 25 Apr 2000 11:35:22 -0400 (EDT)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: Re: qpopper 2.5.3
On Wed, 26 Apr 2000, Alan Brown wrote:
> On Tue, 25 Apr 2000, Steven Champeon wrote:
>
> > No, seriously - there are many ways you can cut down on spam, but no
> > other all-encompassing, total-annihiliation, no-more-spam-forever ways.
>
> There is _one_ way.
>
> Treat all mail as suspicious until proved otherwise.
>
so does that mean you're anti-"innocent until proven guilty" too?
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
From: rick pim <rick at post.queensu dot ca>
Date: Tue, 25 Apr 2000 13:18:04 -0400 (EDT)
Subject: Re: qpopper 2.5.3
> But because any filtering mechanism you put into place will also,
> sooner or later, accidentally filter true messages (non-spam, legit email)
> and your users will suffer.
of the three filters at mail-abuse.org, two (DUL and RBL) are _very_
unlikely to bounce legitimate mail. heck, one could claim that DUL
cannot, by its design, reject any legitimate mail.
rp
Date: Tue, 25 Apr 2000 18:47:09 -0400 (EDT)
From: "A. M. Salim" <salim at localweb dot com>
Subject: Re: ./configure --enable-log-login on Linux
Hi,
On qpopper3.0 (latest) on Linux, enabling the above facility seems to want
to log to LOG_MAIL not LOG_LOCAL0
For example, on a Linux RedHat 6.x Intel PIII platform:
./configure --enable-log-login --enable-servermode --enable-specialauth
popper.h seems to have it backwards after this config is done.
Am I missing something or is the configuration script broken?
TIA.
regards
Mike Salim.
Date: Wed, 26 Apr 2000 22:19:28 -0400
From: "Visionary Website Creations, Inc." <visionary at visionary-web dot com>
Subject: Re: Qpopper 3.0.1b1 available
I'm trying to upgrade to Qpopper 3.0.1b1 on a BSDI box and I cannot get it
to make. I have made no modifications. Anybody have any suggestions?
Here are the last few lines echoed during the make:
/usr/lib/libresolv.a(herror.o)(.data+0x14):/mnt/dump/bind/res/herror.c:
first de
fined here
make[1]: *** [popper] Error 1
make[1]: Leaving directory `/usr/libexec/src/qpopper3.0.1b1/popper'
make: *** [popper_server] Error 2
Thanks in advance,
Greg Dawson, President
Visionary Website Creations, Inc.
Post Office Box 905
Brandon, Florida 33509-0905
http://www.visionary-web.com/
visionary at visionary-web dot com
813-661-7164 phone
801-459-4789 fax
From: "Kenneth Porter" <shiva at well dot com>
Date: Wed, 26 Apr 2000 19:46:33 -0700
Subject: Re: Qpopper 3.0.1b1 available
On Wed, 26 Apr 2000 22:19:28 -0400, Visionary Website Creations, Inc.
wrote:
>/usr/lib/libresolv.a(herror.o)(.data+0x14):/mnt/dump/bind/res/herror.c:
>first defined here
Looks like a linker error, but still need a few more lines before this
to see what symbol is multiply defined. I'd guess the qpopper
autoconfig erroneously believed you were lacking some OS feature that
really was there, so it included its own definition. Once you figure
out which symbol is multiply-defined, you can look at the autoconfig
output to see why it thought you didn't have it.
If you're compiling in a window that doesn't allow you to scroll back,
I suggest redirecting all output to a file:
./configure [config-options] > configure.log 2>&1
make [make-options] > make.log 2>&1
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
Date: Wed, 26 Apr 2000 22:53:28 -0400
From: Joseph S D Yao <jsdy at cospo.osis dot gov>
Subject: Re: Qpopper 3.0.1b1 available
On Wed, Apr 26, 2000 at 07:46:33PM -0700, Kenneth Porter wrote:
> ./configure [config-options] > configure.log 2>&1
> make [make-options] > make.log 2>&1
Or, better yet, watch it while it happens:
./configure ... 2>&1 | tee config.out
make ... 2>&1 | tee make.out
If you are using the C shell [csh] or one of its ilk, these become
./configure ... |& tee config.out
make ... |& tee make.out
--
Joe Yao jsdy at cospo.osis dot gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
Date: Thu, 27 Apr 2000 09:42:29 +0200 (MET DST)
From: dejan at knuten.liu dot se
Subject: Security bug in qpopper3 (fwd)
I'm sorry if this has been discussed before, but has the claimed problem
been solved in Qpopper 3.0 final (or beta1) ?
http://lwn.net/2000/0427/a/qpopper.html
Thanks
Dejan
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 27 Apr 2000 02:19:24 -0700
Subject: Re: Security bug in qpopper3 (fwd)
On Thu, 27 Apr 2000 09:42:29 +0200 (MET DST), dejan at knuten.liu dot se
wrote:
>I'm sorry if this has been discussed before, but has the claimed problem
>been solved in Qpopper 3.0 final (or beta1) ?
>
>http://lwn.net/2000/0427/a/qpopper.html
The problem's not addressed in 3.0, and I don't see it addressed in the
changelist for 3.0.1b1.
The issue is that an attacker could provide a too-long From line that
causes qpopper to misparse a message's headers. This can be used to
spoof header lines and to attack MUA's with header and MIME bugs. The
URL includes a proposed patch.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
Date: Thu, 27 Apr 2000 10:32:25 -0400 (EDT)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: qpopper, mysql, and others
I'm in the process of consolidating all my users into a mysql DB for
authentication.
I know there are patches for qpopper and proftpd and apache, etc.. for
auth, my question is..
Some passwords of my passwords are crypt()ed, others are MD5ed..
what do these patches assume the password format is?? plain-text? MD5?
crypt?
I want to know so I know if I have to do some decryption/decoding
of them, or which i can leave as-is.
Thanx,
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Date: Thu, 27 Apr 2000 13:21:11 -0300
From: PSantos <psantos at gol.com dot br>
Subject: Re: qpopper, mysql, and others
Ola Admin,
Thursday, April 27, 2000, 11:32:25 AM, voce escreveu:
AML> I'm in the process of consolidating all my users into a mysql DB for
AML> authentication.
AML> I know there are patches for qpopper and proftpd and apache, etc.. for
AML> auth, my question is..
Well, after 3.0 released, I'd like to know about that patches
(Qpopper 3.0 + MySQL auth DB).... Where I found it?
Unfortunallity this informations don't run into this list.... Shame!
Obrigado e Saudações,
---------------------
Paulo Santos
um GOL na Internet Gratuita
mailto:psantos at gol.com dot br
Date: Thu, 27 Apr 2000 13:06:03 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: 3.0 problems
This happened to us before, during an upgrade to one of the release
candidates (c1?). We reported the problem here, but it still seems to persist:
Apr 27 12:56:17 machine popper[22418]: username at
+host.domain.com (xx.xx.xx.34): -ERR POP EOF or I/O error:
+Permission denied (13)
We're getting tons of these. WHAT is wrong and how can this be fixed??
_F
Date: Thu, 27 Apr 2000 13:07:23 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: 3.0 problems
Sorry, in my frustration I forgot to include:
FreeBSD-2.2.8 (currently patched) is the OS being run on.
_F
Date: Thu, 27 Apr 2000 13:27:40 -0400
From: "Visionary Website Creations, Inc." <visionary at visionary-web dot com>
Subject: Re: Qpopper 3.0.1b1 available
Kenneth,
Thanks for your help. I've now taken a closer look, but unfortunately I
don't have any experience with this kind of thing. Here are a few more
lines that show what symbol is multidefined. I'm not sure where to go from
here. Any help would be greatly appreciated. BTW, interestingly enough
... qpopper 2.5 configured without a problem.
/usr/lib/libc.a(net_data.o)(.data+0x0): multiple definition of `h_errlist'
/usr/lib/libresolv.a(herror.o)(.data+0x0):/mnt/dump/bind/res/herror.c:
first defined here
/usr/lib/libc.a(net_data.o)(.data+0x64): multiple definition of `h_nerr'
/usr/lib/libresolv.a(herror.o)(.data+0x14):/mnt/dump/bind/res/herror.c:
first defined here
make[1]: *** [popper] Error 1
make[1]: Leaving directory `/usr/libexec/src/qpopper3.0.1b1/popper'
make: *** [popper_server] Error 2
At 07:46 PM 04/26/2000 -0700, Kenneth Porter wrote:
>Looks like a linker error, but still need a few more lines before this
>to see what symbol is multiply defined. I'd guess the qpopper
>autoconfig erroneously believed you were lacking some OS feature that
>really was there, so it included its own definition. Once you figure
>out which symbol is multiply-defined, you can look at the autoconfig
>output to see why it thought you didn't have it.
Thanks again (and in advance),
Greg Dawson, President
Visionary Website Creations, Inc.
Post Office Box 905
Brandon, Florida 33509-0905
http://www.visionary-web.com/
visionary at visionary-web dot com
813-661-7164 phone
801-459-4789 fax
From: "Joseph Peterson" <jay at qtm dot net>
Subject: Mailboxes Duplicating....
Date: Thu, 27 Apr 2000 13:48:42 -0400
Has there been any resolution to the issue of a few weeks ago regarding
mailfiles being duplicated when running '--enable-servermode' and the
'mailman' web-based email script?
I need to run qpopper in servermode due to the ammount of email stored in
many of my users accounts, however a temp fix that I came up with was to
compile a second version of qpopper without the '--enable-servermode'
option, and put it in xinetd listening on a higher port, then modify the
mailman script to hit that port instead of 110.. This fix seems to work but
it is kindof messy =)
Thanks!
Date: Thu, 27 Apr 2000 14:26:13 -0400 (EDT)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: Re: Mailboxes Duplicating....
i've never seen this problem before in any version of 3.0 in servermode.
We run mailman..MTA-wise used to run sendmail, now run postfix, neither
seemed to generate what you described. this is on linux with about 6000
users.
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On Thu, 27 Apr 2000, Joseph Peterson wrote:
> Has there been any resolution to the issue of a few weeks ago regarding
> mailfiles being duplicated when running '--enable-servermode' and the
> 'mailman' web-based email script?
> I need to run qpopper in servermode due to the ammount of email stored in
> many of my users accounts, however a temp fix that I came up with was to
> compile a second version of qpopper without the '--enable-servermode'
> option, and put it in xinetd listening on a higher port, then modify the
> mailman script to hit that port instead of 110.. This fix seems to work but
> it is kindof messy =)
>
>
> Thanks!
>
>
Date: Thu, 27 Apr 2000 12:47:52 -0700 (PDT)
From: "Jeremy C. Reed" <reed at wcug.wwu dot edu>
Subject: Re: qpopper, mysql, and others
On Thu, 27 Apr 2000, Admin Mailing Lists wrote:
> Some passwords of my passwords are crypt()ed, others are MD5ed..
> I want to know so I know if I have to do some decryption/decoding
> of them, or which i can leave as-is.
The passwords are usually one-way hashes. They usually can't be decrypted
with out a lot of work such as some tool like crack.
Jeremy C. Reed
....................................................
BSD software, documentation, resources, news...
http://bsd.reedmedia.net
Date: Thu, 27 Apr 2000 19:32:19 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: Re: 3.0 problems (ERR POP EOF)
Correct; however, we backrev'd to a previous release (3.0b?) and the
problem goes away.
So, unless something has changed in the actual configuration for defaults
(Developers: has it?), then we have a problem.
Our server isn't "that" busy.
_F
At 04:27 PM 4/27/00 -0700, Kenneth Porter wrote:
>On Thu, 27 Apr 2000 13:06:03 -0400, Forrest Aldrich wrote:
>
> >This happened to us before, during an upgrade to one of the release
> >candidates (c1?). We reported the problem here, but it still seems to
> persist:
> >
> >
> >Apr 27 12:56:17 machine popper[22418]: username at
> >+host.domain.com (xx.xx.xx.34): -ERR POP EOF or I/O error:
> >+Permission denied (13)
>
>The POP EOF has usually been caused by a large mailbox, a busy server,
>and a client with a too-short timeout. The server must make a backup of
>the large mailbox during the authentication phase, and the client may
>time out before the copy is complete and the server acknowledges the
>password entry with a message count.
>
>Ken
>mailto:shiva at well dot com
>http://www.sewingwitch.com/ken/
>http://www.harrybrowne2000.org/
>
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 27 Apr 2000 16:37:42 -0700
Subject: Re: SOLVED(1): mailboxes getting duplicated
On a hunch, I went to my Compuserve POP3 account and tried manually
entering a session. The CIS server does NOT echo, it reports that it's
an NT server, and it reports absolutely no comment "noise". Only OK
responses to USER, PASS, and LIST. (LIST also reported a single dot for
end of (empty) list.) So I think you're safe in optionally eliminating
the message count, if all of CIS's customers who use POP3 aren't
complaining, and if NT's server doesn't issue noise. One would hope
that Unix clients wouldn't depend on comments.
On Thu, 13 Apr 2000 14:22:38 -0700, Kenneth Porter wrote:
>On Wed, 12 Apr 2000 20:38:00 -0700, Randall Gellens wrote:
>
>>The OK response to authentication includes drop information. This is
>>just comment noise, according to the POP spec (RFC 1939), but we've
>>had problems before when we altered or removed comment noise. Case
>>in point: some very popular clients (e.g., Netscape) had problems
>>when the OK response to RETR stopped including the octet count.
>
>I'd noticed the drop info, but figured since it was a comment, it could
>safely be dropped. I wonder if any clients do depend on this one?
>Anyone care to perform an experiment, disable the comment and see which
>clients break?
>
>If the broken clients are just testing for an empty mailbox, it might
>be possible to lie and simply report either "0 of 0" or "1 of 1" up
>front and not give the real count until the LIST command.
>
>The main advantage of having the drop info reported here is when one is
>checking "manually" with a telnet connection, where the client timeout
>is "configured" in the user's mind. I'd be happy to lose that
>capability on a busy over-worked server.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 27 Apr 2000 16:54:39 -0700
Subject: Re: 3.0 problems (ERR POP EOF)
On Thu, 27 Apr 2000 19:32:19 -0400, Forrest Aldrich wrote:
>Correct; however, we backrev'd to a previous release (3.0b?) and the
>problem goes away.
>
>So, unless something has changed in the actual configuration for defaults
>(Developers: has it?), then we have a problem.
>
>Our server isn't "that" busy.
Sounds like time to apply diff. I'd suggest configuring the working and
non-working versions and diff'ing the resulting two directory trees to
see what's different. Send the diff to the developers if it's not
obvious what the problem is.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 27 Apr 2000 17:00:28 -0700
Subject: Re: Qpopper 3.0.1b1 available (library conflicts)
On Thu, 27 Apr 2000 13:27:40 -0400, Visionary Website Creations, Inc.
wrote:
>/usr/lib/libc.a(net_data.o)(.data+0x0): multiple definition of `h_errlist'
>/usr/lib/libresolv.a(herror.o)(.data+0x0):/mnt/dump/bind/res/herror.c:
>first defined here
>/usr/lib/libc.a(net_data.o)(.data+0x64): multiple definition of `h_nerr'
>/usr/lib/libresolv.a(herror.o)(.data+0x14):/mnt/dump/bind/res/herror.c:
>first defined here
I don't see h_errlist or h_nerr in any headers under Linux or in the
qpopper distribution, so I'd suggest grepping your system headers for
those symbols and checking your man pages. It looks like your resolver
library is duplicating symbols from your C library. Perhaps the C
library already includes resolver stuff, so you just need to suppress
linking with the resolver library.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
Date: Fri, 28 Apr 2000 08:04:15 +0900
From: Peter Evans <peter at gol dot com>
Subject: Re: Mailboxes Duplicating....
Joseph Peterson (jay at qtm dot net) wrote:
> Has there been any resolution to the issue of a few weeks ago regarding
> mailfiles being duplicated when running '--enable-servermode' and the
> 'mailman' web-based email script?
Endymion Mailman?
That is a festering evil, it has caused users mailboxes to double
in size for ages. I have no idea where as I refuse to look at the
code (Obfuscated). Once or twice is fine, but a 451mb popbox is
a bit much on a 10mb quota.
> I need to run qpopper in servermode due to the ammount of email stored in
> many of my users accounts, however a temp fix that I came up with was to
> compile a second version of qpopper without the '--enable-servermode'
> option, and put it in xinetd listening on a higher port, then modify the
> mailman script to hit that port instead of 110.. This fix seems to work but
> it is kindof messy =)
Interesting fix ...
P
--
Remember The 5 K's.
The Justified Agents of Munya-munya-muuuu ...
Date: Thu, 27 Apr 2000 23:12:04 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: Re: 3.0 problems (ERR POP EOF)
I only have the binary left :) *shrug* Not sure what else I can do but
sit and wait, and pray that nobody tries to exploit the security holes. Sigh.
_F
At 04:54 PM 4/27/00 -0700, Kenneth Porter wrote:
>On Thu, 27 Apr 2000 19:32:19 -0400, Forrest Aldrich wrote:
>
> >Correct; however, we backrev'd to a previous release (3.0b?) and the
> >problem goes away.
> >
> >So, unless something has changed in the actual configuration for defaults
> >(Developers: has it?), then we have a problem.
> >
> >Our server isn't "that" busy.
>
>Sounds like time to apply diff. I'd suggest configuring the working and
>non-working versions and diff'ing the resulting two directory trees to
>see what's different. Send the diff to the developers if it's not
>obvious what the problem is.
>
>Ken
>mailto:shiva at well dot com
>http://www.sewingwitch.com/ken/
>http://www.harrybrowne2000.org/
>
Date: Fri, 28 Apr 2000 00:21:21 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: Re: 3.0 problems (ERR POP EOF)
(Randall: looks like part of your reply got cut off)
Yes, there were other problems.... many complaints about people being asked
for their password (client response to the error, I suppose
(Outlook)). Later I found some .user.pop files that I had to
remove. Once I did that, and backrev'd to the older beta executable, we
were golden.
I reviewed todays logs (all of them) and found no further clues or information.
This is a production system, so I'm gravely concerned about the security
issues with qpopper. In fact, we had a breakin last year because of
another exploit with qpopper. So, at the same time, it's difficult for me
to upgrade with problems like this. A trade off of working vs. security :)
_F
At 09:09 PM 4/27/00 -0700, Randall Gellens wrote:
>At 7:32 PM -0400 4/27/00, Forrest Aldrich wrote:
>
>> Correct; however, we backrev'd to a previous release (3.0b?) and the
>> problem goes away.
>
>Is the problem just the log entries, or are you seeing more actual client
>disconnects?
>
>>
>> So, unless something has changed in the actual configuration for
>> defaults (Developers: has it?), then we have a problem.
>
>The defaults haven't changed, but during one 3.0 beta cycle extra code was
>added to write more detail to the log when the client disconnects or there
>is another I/O error (it used to not log anything for some errors). There
>is, however, a minor bug in this, in that the error text is
>incorrect. For example, in your case where
>
>>
>> Our server isn't "that" busy.
>>
>>
>> _F
>>
>>
>> At 04:27 PM 4/27/00 -0700, Kenneth Porter wrote:
>>> On Thu, 27 Apr 2000 13:06:03 -0400, Forrest Aldrich wrote:
>>>
>>>>This happened to us before, during an upgrade to one of the release
>>>>candidates (c1?). We reported the problem here, but it still seems to
>>>>persist:
>>>>
>>>>
>>>>Apr 27 12:56:17 machine popper[22418]: username at
>>>>+host.domain.com (xx.xx.xx.34): -ERR POP EOF or I/O error:
>>>>+Permission denied (13)
>>>
>>> The POP EOF has usually been caused by a large mailbox, a busy server,
>>> and a client with a too-short timeout. The server must make a backup of
>>> the large mailbox during the authentication phase, and the client may
>>> time out before the copy is complete and the server acknowledges the
>>> password entry with a message count.
>>>
>>> Ken
>>> mailto:shiva at well dot com
>>> http://www.sewingwitch.com/ken/
>>> http://www.harrybrowne2000.org/
>
From: "Kenneth Porter" <shiva at well dot com>
Date: Thu, 27 Apr 2000 21:54:22 -0700
Subject: Re: SOLVED(1): mailboxes getting duplicated
On Thu, 27 Apr 2000 21:34:53 -0700, Randall Gellens wrote:
>If the server sent an OK response as soon as authentication
>completed, and then went and calculated the drop info while waiting
>for the next command, there would be a problem in returning errors
>that happened during the drop parse. Since the authentication
>command already completed, it would have to give an error on the next
>command, which would be very confusing to clients.
It's not so much that the error would be delayed to the next command,
but that given my suggested implementation, it wouldn't be seen until
after the LIST command had completed. The LIST command reports status
*before* listing the drop, and my suggestion was to parse the drop in
parallel with the LIST, so one wouldn't know about an error until after
it was necessary to report it.
If the drop were corrupt somewhere in the middle, the error would have
to be reported whenever the client attempted to modify the drop or read
past the point of corruption.
Ken
mailto:shiva at well dot com
http://www.sewingwitch.com/ken/
http://www.harrybrowne2000.org/
Date: Fri, 28 Apr 2000 11:28:40 -0400 (EDT)
From: "A. M. Salim" <salim at localweb dot com>
Subject: Re: UIDL corruption with MS Exchange Server ?
Hi,
We recently upgraded qpopper2.53 to qpopper3.0 and have received some
complaints from a customer who is running a MS Exchange server, that the
UIDL is being corrupted at our end (and their Exchange mailserver is
therefore losing track of "new messages" vs. "messages already read").
Anyone shed any light on this?
TIA and best regards
Mike Salim.
Date: Fri, 28 Apr 2000 09:20:11 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: SOLVED(1): mailboxes getting duplicated
At 9:54 PM -0700 4/27/00, Kenneth Porter wrote:
> On Thu, 27 Apr 2000 21:34:53 -0700, Randall Gellens wrote:
>
>>If the server sent an OK response as soon as authentication
>>completed, and then went and calculated the drop info while waiting
>>for the next command, there would be a problem in returning errors
>>that happened during the drop parse. Since the authentication
>>command already completed, it would have to give an error on the next
>>command, which would be very confusing to clients.
>
> It's not so much that the error would be delayed to the next command,
> but that given my suggested implementation, it wouldn't be seen until
> after the LIST command had completed. The LIST command reports status
> *before* listing the drop, and my suggestion was to parse the drop in
> parallel with the LIST, so one wouldn't know about an error until after
> it was necessary to report it.
>
> If the drop were corrupt somewhere in the middle, the error would have
> to be reported whenever the client attempted to modify the drop or read
> past the point of corruption.
There are all sorts of errors that can happen (do an fgrep for
"[SYS/"), some temporary, and some long-term (locked-out, over quota,
disk full, wrong permissions, etc.)
What I'd like to do is speed up the process of building the drop
table, perhaps cache it in a file, so if the drop hasn't changed, or
has only had new mail appended, we wouldn't have to read through the
entire spool file.
>
> Ken
> mailto:shiva at well dot com
> http://www.sewingwitch.com/ken/
> http://www.harrybrowne2000.org/
--
Randall Gellens
Opinions are personal; facts are suspect; I speak for myself only
-------------- Randomly-selected tag: ---------------
Language is a virus from outer space. --William S. Burroughs
Date: Fri, 28 Apr 2000 12:05:25 -0700
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Re: UIDL corruption with MS Exchange Server ?
At 11:28 AM -0400 4/28/00, A. M. Salim wrote:
> Hi,
>
> We recently upgraded qpopper2.53 to qpopper3.0 and have received some
> complaints from a customer who is running a MS Exchange server, that the
> UIDL is being corrupted at our end (and their Exchange mailserver is
> therefore losing track of "new messages" vs. "messages already read").
>
> Anyone shed any light on this?
>
> TIA and best regards
> Mike Salim.
Is the Exchange Server acting as a POP client?
Do you have NO_STATUS set?
Date: Fri, 28 Apr 2000 15:12:49 -0400 (EDT)
From: mjm <mike2 at gtii dot com>
Subject: Broken Pipes.....
Hi,
Has anyone had any issues with the following error:
-ERR POP EOF or I/O error: Broken pipe (32)
Just installed qpopper 3.0(final) on a linux box with kernel 2.2.14
running.
Thanks for any input,
Mike
Date: Fri, 28 Apr 2000 22:31:20 +0300
From: Alexander Rusinov <boot at eurocom.od dot ua>
Subject: Linux quota & maillock
Hi,
I'm trying to setup user quotas on Linux (Slackware 7.0). I configured
popper with --enable-temp-drop-dir=/var/spool/pop where /var/spool/pop
is a mount point of non-quota partition.
For overquoted users I've got the following:
popper[15537]: write to newly-created lock file
/var/spool/mail/username.lock failed: Disk quota exceeded (122)
popper[15537]: username at host.name (10.10.10.10) : -ERR [SYS/TEMP]
maillock error 3: '/var/spool/mail/username'
How can I solve this problem?
Thanks!
--
Alexander Rusinov
Date: Fri, 28 Apr 2000 20:03:03 -0700
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Re: unsafe fgets() in qpopper
This problem has been fixed in Qpopper 3.0.1b2, which is now available.
Note that the problem does not occur on Solaris systems (which use
Content-Length), nor on systems which use mail or certain other
local delivery agents. I was able to reproduce it on Linux using
mail.local.
Also, note that the patch supplied in the email message may not
function correctly and may cause messages to not be recognized.
Date: Fri, 28 Apr 2000 20:04:45 -0700
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Qpopper 3.0.1b2 available
Qpopper 3.0.1b2 is available at
<ftp://ftp.qualcomm.com/eudora/servers/unix/popper/>.
A somewhat abbreviated change list is on the Qpopper web site at
<http://www.qpopper.org/changelist.html>
The full list of changes from one beta release to the next is on
the FTP site, at
<ftp://ftp.qualcomm.com/eudora/servers/unix/popper/Changes>.
The 3.0 release notes are at:
<ftp://ftp.qualcomm.com/eudora/servers/unix/popper/Release.Notes>.
Changes from 3.0.1b1 to 3.0.1b2
-------------------------------
1. Removed STDC_HEADERS from another file.
2. Fixed crash on message/external-body when mangling.
3. No longer writing incorrect error messages to log for
I/O errors on client input stream.
4. Avoid being fooled by a spoofed 'From ' line that follows
a line which overflowed our input buffer. [Based on patch
by '3APA3A']
5. Fixed some cases in which an empty .user.pop file could be
left behind.
6. Added note to INSTALL file on using elf under SCO (thanks
to Chris Loelke).
7. Added check for SCO in configure.
Date: Sat, 29 Apr 2000 19:13:32 +1200 (NZST)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: UIDL corruption with MS Exchange Server ?
On Fri, 28 Apr 2000, Qpopper Support wrote:
> Is the Exchange Server acting as a POP client?
Even if it is, why is it leaving messages on the server?
AB
Date: Sat, 29 Apr 2000 17:15:15 -0400
From: "Spencer Yost" <yostsw at newidea.atis dot net>
Subject: Re: Hack attempt!?!
Just an update on my original post about Qpopper(I don't really know if the
hacked version was even a Qpopper derivative since the hacker dumped a
binary - no source kits or compiling) hacking:
I was compromised, but caught it quickly and could clean up easily. The
hacker had installed what appeared to be a slim version of a pop server
that was also a packet sniffer. I reinstalled the OS and installed
Tripwire(should have done that months;nay years ago). This shut the
hacker out. Subsequent connection attempts came from other mail servers
at other ISPs, who were notified of the activity.
Anyways, just a summary: The message that clued me in on the fact a hack
had recently taken place was a weird message users starting received that
said, in effect:
"This server does not do APOP"
Apparently this hacked POP3 server doesn't do APOP or they don't commonly
enable it. This means if you use APOP, you might have a warning.
Thought you folks would like to know.
Spencer Yost
Owner, ATIS
Plow the Net!
http://www.atis.net
*********** REPLY SEPARATOR ***********
On 4/23/00 at 12:52 PM Qpopper Support wrote:
>At 11:20 AM -0400 4/23/00, Spencer Yost wrote:
>
>>Any
>>security issues with 3.0b19 anyone knows about? If so,, is there any
other
>>back doors, traps, cleanups I should expect?
>
>Yes! See <http://www.eudora.com/qpopper/#BUFFER>. You should
>upgrade to 3.0 (final) right away.
>
>3.0b19 is very old. When running betas, it is a good idea to keep
current.
From: "Mitch Vincent" <mitch at venux dot net>
Subject: Re: Hack attempt!?!
Date: Sat, 29 Apr 2000 18:10:57 -0400
Would anyone know of a POP before SMTP hack for Qpopper 3.0 ?
Thanks!
-Mitch
From: "Mitch Vincent" <mitch at venux dot net>
Subject: e: Hack attempt!?! - Oops - POP before SMTP
Date: Sat, 29 Apr 2000 18:27:05 -0400
I'm an idiot, have no idea why I replied to that post and asked a completely
unrelated question..
Anyway.. My initial question still stands, I just can't seem to think today
:-)
----- Original Message -----
From: Mitch Vincent <mitch at venux dot net>
To: Subscribers of Qpopper <qpopper at lists.pensive dot org>
Sent: Saturday, April 29, 2000 6:10 PM
Subject: Re: Hack attempt!?!
> Would anyone know of a POP before SMTP hack for Qpopper 3.0 ?
>
> Thanks!
>
> -Mitch
>
>
Date: Sat, 29 Apr 2000 18:24:11 -0400 (EDT)
From: Steven Champeon <schampeo at hesketh dot com>
Subject: Patch for POP-before-SMTP (was: Re: Hack attempt!?!)
On Sat, 29 Apr 2000, Mitch Vincent wrote:
> Would anyone know of a POP before SMTP hack for Qpopper 3.0 ?
You mean a way to crack a popper that's using POP-before-SMTP, as your
use of the "Hack attempt" subject line would suggest, or are you just
looking for a patch for Qpopper 3.0 that will enable POP-before-SMTP?
If the latter, let me know and I'll post my patch here.
Steve
--
tired of being an underappreciated functionary in a soulless machine?
hesketh.com is hiring: <http://hesketh.com/careers/>
Date: Sat, 29 Apr 2000 18:24:07 -0400
From: Forrest Aldrich <forrie at forrie dot com>
Subject: Re: Hack attempt!?!
Look at DRAC http://mail.cc.umanitoba.ca/drac/index.html
This will require some mods to the sendmail (or whatever MTA you're
running) config.
_F
At 06:10 PM 4/29/00 -0400, Mitch Vincent wrote:
>Would anyone know of a POP before SMTP hack for Qpopper 3.0 ?
>
>Thanks!
>
>-Mitch
Date: Sat, 29 Apr 2000 18:49:12 -0400 (EDT)
From: Steven Champeon <schampeo at hesketh dot com>
Subject: Re: e: Hack attempt!?! - Oops - POP before SMTP
On Sat, 29 Apr 2000, Mitch Vincent wrote:
> I'm an idiot, have no idea why I replied to that post and asked a completely
> unrelated question..
:)
Sorry, should have included a smiley with my reply. The kind folks from
whom we rent our office space seem to think that HVAC is a M-F 9-5 thing,
so it's about a hundred degrees in here. Bleah. So I'm cranky.
Anyway, I've been using DRAC (Dynamic Relay Auth Control) for several
months under 2.53, and it works quite well; I recently hacked support
for it into the 3.0fc1 qpopper as well. Here's the patch:
*** pop_pass.c-nodrac Sun Apr 2 20:49:25 2000
--- pop_pass.c Sun Apr 2 21:48:40 2000
***************
*** 44,49 ****
--- 44,53 ----
#include <pwd.h>
#include "popper.h"
+ #ifdef DRAC_AUTH
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+ #endif /* DRAC_AUTH */
#define SLEEP_SECONDS 10
***************
*** 1012,1017 ****
--- 1016,1031 ----
* Initialize the last-message-accessed number
*/
p->last_msg = 0;
+
+ #ifdef DRAC_AUTH
+ {
+ char *err;
+ if (dracauth("localhost", inet_addr(p->ipaddr), &err) != 0)
+ pop_log(p, POP_PRIORITY, HERE,
+ "[DRAC] login to %s from host (%s) %s",
+ p->user, p->client, p->ipaddr );
+ }
+ #endif /* DRAC_AUTH */
p->AuthState = pass; /* plain or kerberos authenticated successfully */
and edit your Makefile in the popper dir:
*** Makefile Sun Apr 2 22:00:20 2000
--- Makefile-nodrac Sun Apr 2 20:53:03 2000
***************
*** 97,108 ****
CFLAGS = -g -fpcc-struct-return
CDEFS =
OS_DEFS = -DLINUX -DUNIX
! DEFS = -DHAVE_CONFIG_H -DDRAC_AUTH
pop_target = popauth
NETWORK_LIBS =
KERBEROS_LIBS =
DBM_LIBS = -lgdbm
! LIBS = -lgdbm -L/usr/local/src/drac-1.10 -ldrac
AR_FLAG = -r
RANLIB_CMD =
--- 97,108 ----
CFLAGS = -g -fpcc-struct-return
CDEFS =
OS_DEFS = -DLINUX -DUNIX
! DEFS = -DHAVE_CONFIG_H
pop_target = popauth
NETWORK_LIBS =
KERBEROS_LIBS =
DBM_LIBS = -lgdbm
! LIBS = -lgdbm
AR_FLAG = -r
RANLIB_CMD =
Modify the filenames and paths to suit.
Steve
PS: DRAC: http://mail.cc.umanitoba.ca/drac/index.html
--
tired of being an underappreciated functionary in a soulless machine?
hesketh.com is hiring: <http://hesketh.com/careers/>
Date: 29 Apr 00 22:34:12 PDT
From: Roger Arnold <rbarnold at netscape dot net>
Subject: mail unobtainable (left behind) on server
Roger Arnold wrote:
I wondered if someone could help me solve a problem that's affecting ever=
yone
on our server, and seams to be serious ?
Mail is being left behind on the server (and not sent to the user) leavin=
g
gaps in a users mail. For instance one user belongs to a support group fo=
r
php3 and is not getting answers to any posts, on checking the mail spool =
there
is Size of 5939801 in his mailbox ( over 5 MB of mail) and he is unable t=
o get
it, however qpopper is sending some of his mail. This is why the problem =
has
gone un-noticed for some time.
The problem only showed up when I sent him an email asking him to remove =
his
mail from the server because we don't allow such a large volume to remain=
on
the server.
Another question is how can I get qpopper to send the un-read mail to him=
?
I am using version 3.0 of qpopper on a Redhat 6.2 linux box
Thanks in advance
Roger
____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at http://webm=
ail.netscape.com.
Date: Sun, 30 Apr 2000 09:33:11 -0400
From: ahubbell at thehubbells dot cc
Subject: Re: qpopper, mysql, and others
At 10:32 AM 4/27/2000 -0400, you wrote:
>I'm in the process of consolidating all my users into a mysql DB for
>authentication.
>I know there are patches for qpopper and proftpd and apache, etc.. for
>auth, my question is..
>Some passwords of my passwords are crypt()ed, others are MD5ed..
>what do these patches assume the password format is?? plain-text? MD5?
>crypt?
>I want to know so I know if I have to do some decryption/decoding
>of them, or which i can leave as-is.
>
>Thanx,
>
>-Tony
>.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
>Anthony J. Biacco Network Administrator/Engineer
>admin at intergrafix dot net Intergrafix Internet Services
>
> "Dream as if you'll live forever, live as if you'll die today"
>http://cygnus.ncohafmuta.com http://www.intergrafix.net
>.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Tony,
As one who is using the exact setup you mention, I can tell you for a fact
that
all of the services you mention are using passwords hashed with the standard
unix crypt() call. And it works quite well I might add! One thing you didn't
mention, but should take a look at is a mail delivery agent that uses MySQL
database information instead of /etc/passwd for mail delivery. This
removes the
need to use /etc/aliases or a virtusertable (sendmail) for your users. Try
a search
on freshmeat.net for it and you will find several.
Andy H.
Network Engineer
Adrian Internet Exchange
Date: Sun, 30 Apr 2000 14:57:22 -0500
From: Gary Schrock <gary at eyelab.psy.msu dot edu>
Subject: Re: mail unobtainable (left behind) on server
At 10:34 PM 4/29/2000 -0700, you wrote:
>Mail is being left behind on the server (and not sent to the user) leaving
>gaps in a users mail. For instance one user belongs to a support group for
>php3 and is not getting answers to any posts, on checking the mail spool there
>is Size of 5939801 in his mailbox ( over 5 MB of mail) and he is unable to get
>it, however qpopper is sending some of his mail. This is why the problem has
>gone un-noticed for some time.
You know, I ran into this with my mail a while back. You didn't happen to
mention what client he's using to check his mail, but at least for me the
problem ended up being at the client end. I use eudora, and I think the
solution was something like delete lmos.dat (which I believe is the file
that eudora uses to keep track of what it's downloaded). (Note, it's been
a while since I ran into this, so I'm working from memory, so I'd suggest
that he make a backup of the file before trying anything like that).
Date: Sun, 30 Apr 2000 12:04:28 -0700
From: Qpopper Support <qpopper at qualcomm dot com>
Subject: Re: mail unobtainable (left behind) on server
At 10:34 PM -0700 4/29/00, Roger Arnold wrote:
> Roger Arnold wrote:
>
> I wondered if someone could help me solve a problem that's
> affecting everyone
> on our server, and seams to be serious ?
>
> Mail is being left behind on the server (and not sent to the user) leaving
> gaps in a users mail. For instance one user belongs to a support group for
> php3 and is not getting answers to any posts, on checking the mail
> spool there
> is Size of 5939801 in his mailbox ( over 5 MB of mail) and he is
> unable to get
> it, however qpopper is sending some of his mail. This is why the problem has
> gone un-noticed for some time.
> The problem only showed up when I sent him an email asking him to remove his
> mail from the server because we don't allow such a large volume to remain on
> the server.
Which clients are being used by the affected people? It sounds to me
like the client is getting very confused about which messages it has
seen.
> Another question is how can I get qpopper to send the un-read mail to him?
I'd suggest telling the client to "fetch all message headers from
inbox" and also "remove duplicates" (or go through and pick out the
ones not seen before).
From: "James Nelson" <james at digit.bloomnet dot com>
Subject: RH Linux 6.2 and Qpopper 3.0 problem
Date: Mon, 1 May 2000 07:31:20 -0500
I've got 2 identical Dual PIII machines. One is running RH6.0 plus
patches and one is running RH6.2 plus patches. They are both on
kernel 2.2.14-- the 6.0 machine's kernel was pulled off of
sunsite.unc.edu while the 6.2 box is just using the RPM patch from
RedHat.
Qpopper3.0b34 runs just fine on my 6.0 machine. I have not tried the
final release on it. I've tried B34, 3.0, and 3.0b2 on the 6.2 system
with identical results with all 3. It refuses to run under RH 6.2.
The 6.2 machine I am working on started out as a 6.0 system then was
upgraded to 6.1 and now 6.2. It has all of the patches on it from
RedHat's site as well. (Sorry for being so verbose, but I am
suspecting that the problem I'm seeing is caused by a linking library
or legacy include issue)
Absolutely nothing shows up in the syslogs on either machine even if I
throw the special enable-logging switch. That is the first issue I
need to solve so I can debug the real problem.
The behavior of qpopper is that it simply freezed and never acutally
sends any text back to the client. Inetd closes the connection after
about 5 seconds. It is not a TCP wrappers issue.
What would qpopper do if pam were configured incorrectly??
Then warnings swithc on the compile does not appear to point to any
problems on build. I will need to try a compile again and send the
output if nobody has ideas on what could be wrong.
Any help would be appreciated.
thanks.
--James
Date: Mon, 1 May 2000 11:40:18 -0400 (EDT)
From: Admin Mailing Lists <mlist at intergrafix dot net>
Subject: Re: qpopper, mysql, and others
i didn't mention an MTA, no, but i'll be using postfix for this, which i
currently use, just not with mysql yet.
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin at intergrafix dot net Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On Sun, 30 Apr 2000 ahubbell at thehubbells dot cc wrote:
> At 10:32 AM 4/27/2000 -0400, you wrote:
> >I'm in the process of consolidating all my users into a mysql DB for
> >authentication.
> >I know there are patches for qpopper and proftpd and apache, etc.. for
> >auth, my question is..
> >Some passwords of my passwords are crypt()ed, others are MD5ed..
> >what do these patches assume the password format is?? plain-text? MD5?
> >crypt?
> >I want to know so I know if I have to do some decryption/decoding
> >of them, or which i can leave as-is.
> >
> >Thanx,
> >
> >-Tony
> >.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> >Anthony J. Biacco Network Administrator/Engineer
> >admin at intergrafix dot net Intergrafix Internet Services
> >
> > "Dream as if you'll live forever, live as if you'll die today"
> >http://cygnus.ncohafmuta.com http://www.intergrafix.net
> >.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
>
> Tony,
>
> As one who is using the exact setup you mention, I can tell you for a fact
> that
> all of the services you mention are using passwords hashed with the standard
> unix crypt() call. And it works quite well I might add! One thing you didn't
> mention, but should take a look at is a mail delivery agent that uses MySQL
> database information instead of /etc/passwd for mail delivery. This
> removes the
> need to use /etc/aliases or a virtusertable (sendmail) for your users. Try
> a search
> on freshmeat.net for it and you will find several.
>
> Andy H.
> Network Engineer
> Adrian Internet Exchange
>
From: "Mitch Vincent" <mitch at venux dot net>
Subject: Re: qpopper, mysql, and others
Date: Mon, 1 May 2000 12:06:05 -0400
Exim has great hooks for MySQL integration too.
- Mitch
----- Original Message -----
From: Admin Mailing Lists <mlist at intergrafix dot net>
To: <ahubbell at thehubbells dot cc>
Cc: Subscribers of Qpopper <qpopper at lists.pensive dot org>
Sent: Monday, May 01, 2000 11:40 AM
Subject: Re: qpopper, mysql, and others
> i didn't mention an MTA, no, but i'll be using postfix for this, which i
> currently use, just not with mysql yet.
>
> -Tony
> .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> Anthony J. Biacco Network Administrator/Engineer
> admin at intergrafix dot net Intergrafix Internet Services
>
> "Dream as if you'll live forever, live as if you'll die today"
> http://cygnus.ncohafmuta.com http://www.intergrafix.net
> .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
>
> On Sun, 30 Apr 2000 ahubbell at thehubbells dot cc wrote:
>
> > At 10:32 AM 4/27/2000 -0400, you wrote:
> > >I'm in the process of consolidating all my users into a mysql DB for
> > >authentication.
> > >I know there are patches for qpopper and proftpd and apache, etc.. for
> > >auth, my question is..
> > >Some passwords of my passwords are crypt()ed, others are MD5ed..
> > >what do these patches assume the password format is?? plain-text? MD5?
> > >crypt?
> > >I want to know so I know if I have to do some decryption/decoding
> > >of them, or which i can leave as-is.
> > >
> > >Thanx,
> > >
> > >-Tony
> > >.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> > >Anthony J. Biacco Network Administrator/Engineer
> > >admin at intergrafix dot net Intergrafix Internet Services
> > >
> > > "Dream as if you'll live forever, live as if you'll die today"
> > >http://cygnus.ncohafmuta.com http://www.intergrafix.net
> > >.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
> >
> > Tony,
> >
> > As one who is using the exact setup you mention, I can tell you for a
fact
> > that
> > all of the services you mention are using passwords hashed with the
standard
> > unix crypt() call. And it works quite well I might add! One thing you
didn't
> > mention, but should take a look at is a mail delivery agent that uses
MySQL
> > database information instead of /etc/passwd for mail delivery. This
> > removes the
> > need to use /etc/aliases or a virtusertable (sendmail) for your users.
Try
> > a search
> > on freshmeat.net for it and you will find several.
> >
> > Andy H.
> > Network Engineer
> > Adrian Internet Exchange
> >
>
>
Date: Mon, 1 May 2000 15:07:07 -0400 (EDT)
From: "A. M. Salim" <salim at localweb dot com>
Subject: Re: UIDL corruption with MS Exchange Server ?
Hi,
> On Fri, 28 Apr 2000, Qpopper Support wrote:
> > Is the Exchange Server acting as a POP client?
> Even if it is, why is it leaving messages on the server?
Thanks guys for your responses, much appreciated. I now have a little
more info (the problem persists and is not sloved).
The above is a egood question, in fact it is *not* leaving messages on the
server far as I can tell. Yet the MS Exchange server complains about
corrupted UIDLs. Strange indeed.
The situation is a little complicated by the fact that I am not operating
the MS Exchange server (nor the least bit familiar with MS Exchange).
Our client has a POP3 box on our mailserver (qpopper3.0). At the other
end, instead of running a regular mail client like Eudora or MS Outlook,
our client is running a MS Exchange server (and I do not have any details
on it's configuration though I can get specific questions answered if need
be). And that MS Exchange Server (runnign as a mail client) is
complaining of corrupetd UIDLs. In fact, it seems to be OK with all
UIDL's up to the 799th, and on the 800th it seems to lose it's marbles.
Here is a sample clip the customer sent me, after working with Microsoft
Tech Support:
-----Original Message-----
From: EP3 Support (E-mail) [mailto:support at exchangepop3 dot com]
Sent: Friday, April 28, 2000 8:22 AM
To: 'Chuck Dixon'
Subject: RE: Trace Files Zipped
Hello,
I looked at your trace file and I saw some problems. The first thing the
gateway does when it make a connection is it asks for all the unique message
ids and this is what the POP3 Host is sending back:
793 9848f6d84ec23619dcd08dcb69c0a7d2
794 4383ade720381e49aa544665b7889d1b
795 ebb1a2aee841036a44cd2ab3dff4fd54
796 572d1e9ebd4f4f68d11ed768690c9727
797 e582e9d46eb22173b5a653e151844572
798 70c2dfb3ce9732feb46b7a275c522e36
799 12c9395e3c6d27355c3bb467a6d3f7ad
800 dccf967fe4db2b93274b8ffedb054ed4
801 1+&!!c&1"!`*L!!@0a!!
802 %l*"!n'3"!dbQ"!M&&"!
803 +Vk"!Whh!!ZEJ"![j,!!
804 a4@!!Z1\"!/!(#!$,G"!
805 hU##!>M)"!X&C!!e0T!!
806 hIY!!a=m"!a%R!!~8!#!
807 j8g!!?&##!Z,Z"!_c4"!
808 Yll"!WFd!!O%c"!Kok!!
809 $eX!!bX3"!?O~"!/(i!!
810 X7J!!FN("!jF5!!F_m"!
811 U7B"!GcD"!,`=!!`FI"!
812 $V/!!;K2!!/MH"!V\K"!
813 m,Y"!1X>!!?JM"!Za/"!
814 4i:!!+$Z!!]n7"!V<_!!
815 NkN"!G85!!9,3"!VJ9"!
816 ?*?"!J(N"!9\L!!/1m"!
817 UXU!!I)\!!+Kj!!!Dd"!
818 f\@"!'k*"!]pp!!eT/!!
819 ZB8"!lSP"!<F&#!7GJ"!
820 UR,!!_3Y"!eDO"!W4%!!
821 A,g"!BnR"!$1T!!L=B"!
822 VGg!!a,N!!VOe!!f$H"!
823 >-$!!X$l"!_9<"!bp*!!
824 ''7"!6(<"!?Jc"!G`I"!
825 Bf!"!TL\!!~p-"!ma!#!
826 RE+"!c]F!!Vj*"!p4A"!
827 @G&!!JlT!!b^!#!`WX!!
828 @mT!!;Xh!!H\`!!&M<"!
829 Z;B"!0mV!!La"#!*[^!!
830 *,:!!9mm!!aV2"!25:"!
831 4+I"!/N#"!Dk*"!b-m"!
832 _$Z!!]Wk!!dIF!!i$b!!
833 "DU"!4]("!<LA!!f1F!!
834 V;/!!`"O!!"dn!!OB1!!
835 #48!!<3h!!GoC"!%D*"!
836 Lg,"!V~a!!R1C"!79,"!
837 oI@"!6,F"!/#g!!ob0"!
838 ^5)"!lUH!!:nc!!Bjg!!
839 hmK"!%f,"!VE&!!?Z$#!
840 ``C!!;c1"!d6'!!Y$W!!
841 X4l!!UOj"!=D?"!6DV"!
842 ldb"!]N[!!=nH"!6:J"!
843 GJg"!?-V!!`SC!!CU;!!
844 D~/"!/M""!j\Z"!n13"!
845 VSU!!U~U!!$j;"!g<A!!
846 7@_!!\`d!!a4~"!!C@!!
847 70I!!27]!!!Vo!!UG+"!
848 Kc/"!T8+"!ogl"!oc@!!
849 A60!!kCh!!,ol"!(JA!!
850 \!H!!fiX"!,NF!!@"M"!
851 g(H!!X0)!!Y%D!!:?b!!
852 (*X!!3!N!!\`e!!bY[!!
853 MU&"!U]a"!8!]"!W5*"!
854 b?+!!e$T"!\g;!!&R3"!
855 ~>n"!7\h!!Fb2!!"UR!!
856 7!U"!$X/!!PKd"!4Y;!!
857 W]d"!4*$"!5)-#!+l?"!
858 N_j"!g0U"!c]6!!7(]"!
859 EC9"!<F5!!];$"!*S8"!
860 ')-"!=8@!!NQ-!!9>2!!
861 fKL"!~^Q!!MO%"!TFl"!
862 mUU!!bpM"!9Vn!!BQd!!
863 LF_!!i?!"!*-,#!j9V"!
864 >Ae!!LN:!!l),!!(")#!
865 *)n"!IU~"!f2J"!P]%"!
866 ]Qn"!i8'"!h-Y"![GK"!
867 3?L!!-,I!!@+0"![fa"!
868 +$_"!/7o"!nCb"!7]0"!
869 ?Dc!!d!-"!~if"!cFM!!
870 9K&"!6Nl!!2%%"!4eA!!
871 AYU"!OOg!!MEk!!2/D"!
872 KQ\"!Mi,!!#gW"!4g<!!
873 =e`"!+fK"!O:H!!/0O!!
874 B#V!!aLo"!7S%!!$gW"!
875 4)G"!HS'"!O1k"!ldZ!!
876 ;B5"!@kA"!g*'"!k2O!!
877 4'U"!1B^!!gWS"!nV>!!
878 c\d"!J97!!#aO!!L]U!!
879 ^$9!!l8;"!\dc"!^Ke"!
880 maA"!mJ=!!m%%"!8T'!!
881 dA<!!(@D!!:'e!!pE<!!
882 (,&#!<QK!!#2X"!_H'"!
883 d80"!n4F"!M[9"!lag!!
884 3Nm!!nLi"!Ul~!!i[B"!
885 gU>!!?gM!!Wg\!!Xd]!!
886 #AR"!)_$!!Sp2!!fln"!
887 ABO!!_'f!!<@@"!-+e"!
888 $\["!+#O"!Tf(!!PI)"!
889 >I##!32C"!6jm!!oc8"!
890 d7f!!$BE!!?Pn"!CJ#"!
891 d~>!!e3A!!3ZV!!T"/"!
892 $C="!;J/"!kgQ!!$:~"!
893 d:M"!\`3"!0<W"!8F("!
894 ]SD"!:gY"!Sf["!B>d"!
895 ]fT"!:T<!!X$!#!NH!!!
896 5A"#!J6;!!jnF"!4*8!!
897 G:"#!fU0"!(dK!!&Yb!!
898 G1)!!)B`!!6TQ!!]Rl!!
899 D14!!l;6!!5IK"!X#^!!
900 ak2"!Z$m!!9de!!7he"!
901 J8`!!mp&#!W@8!!\#n"!
902 -62!!-=j"!2fO!!9)d!!
903 e_b"!#_O"!BVl"!aYY"!
904 Qc2"!WVH!!?Fh"!Q6d"!
905 I@,"!7X-"!J7;!!k^7!!
906 3PL!!9S?"!H&F!!WRR"!
907 B)Z!!iD0!!Z^%!!`Tj!!
908 Ce]"!@iF!!EZl!!]V'"!
909 <E-"!$8!"!9=K"!I4F!!
910 GOL!!CDF"!i>b!!V>=!!
911 "3d!!Rc7!!+`f"!dPl"!
912 G`$#!"Qn!!?7g"!<d@!!
Up to about 800 everything is fine. Then the POP3 Host is sending junk. I
will ask a developer to look into this but I think that if that is what is
being sent then there is nothing we can do about this except ignore it. I
would ask your ISP to look at this the POP3 command to look at the message
ids is
uidl
It may be possible that there is a limit of 800 messages that is where it
looks like it is failing.
Regards
Exchange POP3
Date: Tue, 2 May 2000 06:52:44 +1200 (NZST)
From: Alan Brown <alan at manawatu.gen dot nz>
Subject: Re: UIDL corruption with MS Exchange Server ?
On Mon, 1 May 2000, A. M. Salim wrote:
>...And that MS Exchange Server (runnign as a mail client) is
> complaining of corrupetd UIDLs. In fact, it seems to be OK with all
> UIDL's up to the 799th, and on the 800th it seems to lose it's marbles.
800 new messages per pop3 session is a bit extreme isn't it?
It definitely looks like a bug, but you really should consider using
SMTP ETRN for delivery to the client. It has the added advantage of not
munging envelope information on the way past.
AB
Date: Mon, 01 May 2000 17:06:38 -0400
From: "Spencer Yost" <yostsw at newidea.atis dot net>
Subject: Outlook Express
How do you make Outlook Express (version 5) work with strong
authentication? It doesn't appear to be able to do APOP and I can not
allow clear text passwords for obvious security reasons.
Thanks!
Spencer Yost
Owner, ATIS
Plow the net! http://www.atis.net