The qpopper list archive ending on 10 Jan 2002
Topics covered in this issue include:
1. RE: Emails are retrieved twice (sometimes 3 times) from Qpopper vesion 3.1.2.
"Stephen Conway" <sconway at wlnet dot com>
Wed, 2 Jan 2002 17:03:36 -0500
2. Re: Canonical name error...
Alan Brown <alanb at digistar dot com>
Thu, 3 Jan 2002 02:26:20 -0600 (CST)
3. Re: Canonical name error...
Alan Brown <alanb at digistar dot com>
Thu, 3 Jan 2002 02:47:16 -0600 (CST)
4. trouble with ssh
"Bernd Prager" <bernd at prager dot ws>
Thu, 3 Jan 2002 15:50:05 -0500
5. Problem with Popper 2.1.4-R3 on SCO 5.05
Salim Jamal <salim.jamal at travelinsurance dot ca>
Thu, 03 Jan 2002 13:18:19 -0800
6. Re: trouble with ssh
Clifton Royston <cliftonr at lava dot net>
Thu, 3 Jan 2002 13:50:26 -1000
7. Qpopper problems
Robert Wall <bob at web-walrus dot com>
Thu, 3 Jan 2002 17:57:25 -0600 (CST)
8. Re: trouble with ssh
"Bernd Prager" <bprager at iamerica dot net>
Thu, 3 Jan 2002 19:15:42 -0500
9. Re: trouble with ssh
Clifton Royston <cliftonr at lava dot net>
Thu, 3 Jan 2002 15:58:40 -1000
10. Re: Canonical name error...
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Thu, 3 Jan 2002 21:22:23 -0800
11. Re: Canonical name error...
Alan Brown <alanb at digistar dot com>
Fri, 4 Jan 2002 08:14:27 -0600 (CST)
12. Re: Canonical name error...
Daniel Senie <dts at senie dot com>
Fri, 04 Jan 2002 09:23:05 -0500
13. Re: trouble with ssh
"Bernd Prager" <bernd at prager dot ws>
Fri, 4 Jan 2002 13:50:25 -0500
14. OpenBSD 3.0 SSL not working
Dave Swager <dave at waveville dot net>
Sun, 06 Jan 2002 09:29:50 -0800
15. qpopper 4.0.3 undefined reference auth_user
"Michael Riedel" <mrie at fto dot de>
Mon, 7 Jan 2002 20:30:28 +0100
16. Re: Problem with Popper 2.1.4-R3 on SCO 5.05
Randall Gellens <randy at qualcomm dot com>
Mon, 7 Jan 2002 17:32:13 -0800
17. Re: OpenBSD 3.0 SSL not working
Randall Gellens <randy at qualcomm dot com>
Mon, 7 Jan 2002 17:41:45 -0800
18. Re: qpopper 4.0.3 undefined reference auth_user
Randall Gellens <randy at qualcomm dot com>
Mon, 7 Jan 2002 17:44:12 -0800
19. error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Dene Ulmschneider <dene at ulmschneiders dot com>
Tue, 08 Jan 2002 08:29:41 -0500
20. Duplicate status lines in syslog
"Mark I. Recio" <recio at web-pros dot com>
Tue, 08 Jan 2002 14:13:50 -0500
21. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Clifton Royston <cliftonr at lava dot net>
Tue, 8 Jan 2002 09:23:42 -1000
22. Cache files suddenly appearing
Kip Turk <kipt at wcc dot net>
Tue, 8 Jan 2002 14:01:01 -0600 (CST)
23. Re: qpopper 4.0.3 undefined reference auth_user
"Michael Riedel" <mrie at fto dot de>
Tue, 8 Jan 2002 22:36:48 +0100
24. Re: Cache files suddenly appearing
Clifton Royston <cliftonr at lava dot net>
Tue, 8 Jan 2002 12:02:20 -1000
25. Re: Cache files suddenly appearing
Gregory Hicks <ghicks at cadence dot com>
Tue, 8 Jan 2002 14:23:51 -0800 (PST)
26. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Dene Ulmschneider <dene at ulmschneiders dot com>
Tue, 08 Jan 2002 17:11:54 -0500
27. Re: Cache files suddenly appearing
Ted Cabeen <ted at impulse dot net>
Tue, 08 Jan 2002 14:36:29 -0800
28. Re: Cache files suddenly appearing
Kip Turk <kipt at wcc dot net>
Tue, 8 Jan 2002 16:47:50 -0600 (CST)
29. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Clifton Royston <cliftonr at lava dot net>
Tue, 8 Jan 2002 14:11:31 -1000
30. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Kenneth Porter <shiva at well dot com>
08 Jan 2002 17:01:05 -0800
31. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Dene Ulmschneider <dene at ulmschneiders dot com>
Tue, 08 Jan 2002 20:17:08 -0500
32. Emails are received twice with Qpopper 3.1.2
"Habib Abassi" <habassi at telephonyatwork dot com>
Wed, 9 Jan 2002 11:46:08 -0800
33. Re: Emails are received twice with Qpopper 3.1.2
Clifton Royston <cliftonr at lava dot net>
Wed, 9 Jan 2002 09:57:45 -1000
34. Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
Kenneth Porter <shiva at well dot com>
09 Jan 2002 11:55:25 -0800
35. Norton Antivirus intercept???
Tim Tyler <tyler at beloit dot edu>
Wed, 9 Jan 2002 14:25:33 -0600 (CST)
36. Re: Norton Antivirus intercept???
Daniel Senie <dts at senie dot com>
Wed, 09 Jan 2002 16:44:43 -0500
37. error in log
Denny-Schierz <cuall at gmx dot de>
Thu, 10 Jan 2002 11:20:26 +0100
38. Re: qpopper 4.0.3 undefined reference auth_user
Randall Gellens <randy at qualcomm dot com>
Thu, 10 Jan 2002 10:01:21 -0800
39. Re: Cache files suddenly appearing
Randall Gellens <randy at qualcomm dot com>
Thu, 10 Jan 2002 10:05:17 -0800
40. TLS/SSL
"Fernando Casas" <casasfernando at hotmail dot com>
Thu, 10 Jan 2002 15:50:07 -0300
41. Re: TLS/SSL
Daniel Senie <dts at senie dot com>
Thu, 10 Jan 2002 14:03:19 -0500
42. Re: TLS/SSL
"Fernando Casas" <casasfernando at hotmail dot com>
Thu, 10 Jan 2002 16:29:17 -0300
43. Re: Emails are received twice with Qpopper 3.1.2
Chuck Yerkes <chuck+qpopper at yerkes dot com>
Thu, 10 Jan 2002 11:51:06 -0800
44. Re: TLS/SSL
Daniel Senie <dts at senie dot com>
Thu, 10 Jan 2002 14:53:49 -0500
45. Re: qpopper 4.0.3 undefined reference auth_user
"Michael Riedel" <mrie at fto dot de>
Thu, 10 Jan 2002 22:16:20 +0100
46. ERROR in POP.log
"Habib Abassi" <habassi at telephonyatwork dot com>
Thu, 10 Jan 2002 13:28:11 -0800
47. Re: error in log
Clifton Royston <cliftonr at lava dot net>
Thu, 10 Jan 2002 12:01:54 -1000
48. Re: TLS/SSL
Clifton Royston <cliftonr at lava dot net>
Thu, 10 Jan 2002 11:59:46 -1000
49. Timeout in QPOPPER with client shutdown
Jesus Cea Avion <jcea at argo dot es>
Thu, 10 Jan 2002 23:23:44 +0100
50. Re: TLS/SSL
Kenneth Porter <shiva at well dot com>
10 Jan 2002 14:37:35 -0800
From: "Stephen Conway" <sconway at wlnet dot com>
Subject: RE: Emails are retrieved twice (sometimes 3 times) from Qpopper vesion 3.1.2.
Date: Wed, 2 Jan 2002 17:03:36 -0500
Check the client for any options to "leave copy on server" . Also check
the permisions of the mailbox your downloading, maybe the user your
logging in as, can't delete it with the current permissions,
Thanks,
Steve Conway
-----Original Message-----
From: Randall Gellens [mailto:randy at qualcomm dot com]
Sent: Wednesday, January 02, 2002 2:56 PM
To: Habib Abassi; Subscribers of Qpopper
Subject: Re: Emails are retrieved twice (sometimes 3 times) from Qpopper
vesion 3.1.2.
At 9:09 PM -0800 12/30/01, Habib Abassi wrote:
> Hi All,
> Emails are retrieved twice (sometimes 3 times) from Qpopper vesion
> 3.1.2. I am using a netscape library to connect and retrieve emails.
> After retrieving email I mark it as deleted, it should be deleted
> after quit, but when I connect again the same email still in mailbox
> and I can retrieved again .... If any body kn ow why this is happen
> and if there's a way to know that the email is marked as deleted
> before retrieving it. Thanks in advance
Try getting a trace of the session and see what is going on.
Date: Thu, 3 Jan 2002 02:26:20 -0600 (CST)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: Canonical name error...
On Wed, 2 Jan 2002, Gregory Hicks wrote:
> > Think "travelling user." You'll never have control over everything.
>
> Daniel:
>
> Even a traveling user *should* reverse lookup - even if they come from
> some unrelated ISP. Or am I not understanding the"Travelling user"
> issue?
I can show you entire countries where the number of correctly resolvig
IPs is vastly outnumberd by borked or completely non-existant rDNS
entries.
I'm sitting in one now in southeast asia. It causes merry hell trying to
make connections to my accounts all round the world via ssh as most
admins have things set in DNS paranoia mode for interactive sessions.
Date: Thu, 3 Jan 2002 02:47:16 -0600 (CST)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: Canonical name error...
On Wed, 2 Jan 2002, Clifton Royston wrote:
> One of the dangers of relying on INADDR, besides it becoming a nearly
> useless check with the Internet in its present state, is that if it
> *replaces* the raw IP address in logging, it allows an actual malicious
> attacker to trivially conceal their point of attack. I'm surprised how
> many applications not only expect INADDR to be there but blindly rely
> on it if it is.
Example: sendmail. Only fixed4 years after I filed this behaviour as a
security issue.
Simlar statements can apply to the uuse of ident protocols. They are
only of use to the admin of the originating machine to determine if a
particular user has been naughty or if the machine is hacked. Anyone
relying on ident data on the receiving end is merely lucky if they
haven;t been burnt by it yet.
AB
From: "Bernd Prager" <bernd at prager dot ws>
Subject: trouble with ssh
Date: Thu, 3 Jan 2002 15:50:05 -0500
This is a multi-part message in MIME format.
------=_NextPart_000_070A_01C1946E.5016CEF0
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
Hi,
I just recently imstalled version 4.0.3 on RedHat 7.0, kernel 2.4.16.,
openssh-3.0.2p1-1.
Everything works fine except ssh login. I configured qpopper with
--with-openssl.
When I try to login via ssh I get the syslog messages:
popper[22175]: (null) at 192.168.2.113 (192.168.2.113): -ERR POP EOF or
I/O Error
No further error messages.
I understand this is a pretty unspecified error message.
Can somebody help me with that?
Thanks,
-- Bernd
------=_NextPart_000_070A_01C1946E.5016CEF0
Content-Type: text/html;
charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=windows-1252">
<META content="MSHTML 6.00.2600.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Hi,</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>I just recently imstalled version 4.0.3 on RedHat
7.0, kernel
2.4.16., openssh-3.0.2p1-1.</FONT></DIV>
<DIV><FONT size=2>Everything works fine except ssh login. I configured
qpopper
with --with-openssl.</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>When I try to login via ssh I get the syslog
messages:</FONT></DIV>
<DIV><FONT size=2>popper[22175]: (null) at 192.168.2.113
(192.168.2.113): -ERR
POP EOF or I/O Error</FONT></DIV>
<DIV><FONT size=2>No further error messages.</FONT></DIV>
<DIV><FONT size=2>I understand this is a pretty unspecified error
message.</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Can somebody help me with that?</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Thanks,</FONT></DIV>
<DIV><FONT size=2>-- Bernd</FONT></DIV></BODY></HTML>
------=_NextPart_000_070A_01C1946E.5016CEF0--
Date: Thu, 03 Jan 2002 13:18:19 -0800
From: Salim Jamal <salim.jamal at travelinsurance dot ca>
Subject: Problem with Popper 2.1.4-R3 on SCO 5.05
Hi,
I'm running SCO POP3 server (version 2.1.4-R3) on SCO 5.05, and getting the
following error in my syslog:
Jan 3 13:07:50 dev_serv popper[15426]: (v2.1.4-R3) Unable to get canonical
name
of client, err = 115
Anybody know how to solve this?
Our mail server is not directly connected to the NET, nor does it have a DNS
gateway setup. It sends and receives email from a smarthost mailserver on
the network.
We are using Sendmail 8.8.8, and the SMARTHOST has been configured in
Sendmail.
Just wondering what the common problems and solutions are to this popper
error message.
Thanks!
Date: Thu, 3 Jan 2002 13:50:26 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: trouble with ssh
On Thu, Jan 03, 2002 at 03:50:05PM -0500, Bernd Prager wrote:
> I just recently imstalled version 4.0.3 on RedHat 7.0, kernel 2.4.16.,
> openssh-3.0.2p1-1.
>
> Everything works fine except ssh login. I configured qpopper with
> --with-openssl.
>
> When I try to login via ssh I get the syslog messages:
>
> popper[22175]: (null) at 192.168.2.113 (192.168.2.113): -ERR POP EOF
> or I/O Error
>
> No further error messages.
>
> I understand this is a pretty unspecified error message.
>
> Can somebody help me with that?
This is weird enough that I think we need a few more facts.
You are logging into what port number with ssh - port 110, or the
standard port number (22)?
And the syslog message is going where - to the console, or to the ssh
window you're trying to log in with, or into one of your usual system
logs?
It sort of sounds like you *might* have set qpopper up in inetd or
xinetd on port 22 instead of the usual port 110 for POP or 995 for
POP-SSl.
Alternatively, if you're trying to test POP+SSL by SSHing to the port,
the way you can telnet to a non-encrypted port - I don't think you can
do that like that. (Someone please correct me if I'm wrong, I'd like
to know.)
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Thu, 3 Jan 2002 17:57:25 -0600 (CST)
From: Robert Wall <bob at web-walrus dot com>
Subject: Qpopper problems
Hey there, I'm running Qpopper v4 on FreeBSD 4 with a trivial patch that
dumps the POP login info to my message log. I have a user that's trying
to get his mail through an MSN dial-up, using Qualcomm Eudora (version 5,
I believe). He's set up correctly, and has been connecting fine for the
last week or so. Today he can't receive any e-mail, and I'm getting the
following information in my error log:
Jan 3 16:44:39 iceberg popper[74192]: POP login for gtoman, ip
63.20.200.229 [pop_pass.c:1440]
Jan 3 16:44:55 iceberg popper[74194]: (null) at
1Cust229.tnt1.holman.wi.da.uu.net (63.20.200.229): -ERR Unknown
authentication mechanism: MSN [pop_auth.c:141]
Jan 3 16:44:56 iceberg popper[74194]: (null) at
1Cust229.tnt1.holman.wi.da.uu.net (63.20.200.229): -ERR POP EOF or I/O
Error [popper.c:794]
Jan 3 16:46:57 iceberg popper[74192]: gtoman at
1Cust229.tnt1.holman.wi.da.uu.net (63.20.200.229): -ERR POP EOF or I/O
Error [popper.c:794]
Jan 3 16:46:57 iceberg popper[74192]: I/O error flushing output to client
gtoman at 1Cust229.tnt1.holman.wi.da.uu.net [63.20.200.229]: Operation
not permitted (1) [pop_send.c:685]
Jan 3 16:46:58 iceberg popper[74192]: I/O error flushing output to client
gtoman at 1Cust229.tnt1.holman.wi.da.uu.net [63.20.200.229]: Operation
not permitted (1) [pop_send.c:685]
The second message (unknown authentication mechanism: MSN) is what is
throwing me. Eudora should authenticate using the username/password, and
MSN's proprietary software shouldn't be involved. Any ideas as to what
could be wrong (or causing this message)?
Any help you guys could give would be greatly appreciated
-----
Robert Wall (715) 855-0189
Systems Administrator bob at web-walrus dot com
Web Walrus Media
"Affordable internet solutions for your business"
From: "Bernd Prager" <bprager at iamerica dot net>
Subject: Re: trouble with ssh
Date: Thu, 3 Jan 2002 19:15:42 -0500
----- Original Message -----
From: "Clifton Royston" <cliftonr at lava dot net>
...
> On Thu, Jan 03, 2002 at 03:50:05PM -0500, Bernd Prager wrote:
> > I just recently imstalled version 4.0.3 on RedHat 7.0, kernel
2.4.16.,
> > openssh-3.0.2p1-1.
..
> > popper[22175]: (null) at 192.168.2.113 (192.168.2.113): -ERR POP EOF
> > or I/O Error
...
> This is weird enough that I think we need a few more facts.
>
> You are logging into what port number with ssh - port 110, or the
> standard port number (22)?
>
> And the syslog message is going where - to the console, or to the ssh
> window you're trying to log in with, or into one of your usual system
> logs?
>
> It sort of sounds like you *might* have set qpopper up in inetd or
> xinetd on port 22 instead of the usual port 110 for POP or 995 for
> POP-SSl.
I get the local messages in Outlook Express (Win2K):
Unable to logon to the server using Secure Password Authentication. Account:
'Home', Server: 'mail.prager.ws', Protocol: POP3, Server Response: '.',
Port: 110, Secure(SSL): No, Error Number: 0x800CCC18
The other error message above appears in /var/log/maillog on my Linux box.
Date: Thu, 3 Jan 2002 15:58:40 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: trouble with ssh
On Thu, Jan 03, 2002 at 07:15:42PM -0500, Bernd Prager wrote:
> > > I just recently imstalled version 4.0.3 on RedHat 7.0, kernel
> 2.4.16.,
> > > openssh-3.0.2p1-1.
> ..
> > > popper[22175]: (null) at 192.168.2.113 (192.168.2.113): -ERR POP EOF
> > > or I/O Error
> ...
> > This is weird enough that I think we need a few more facts.
> >
> > You are logging into what port number with ssh - port 110, or the
> > standard port number (22)?
> >
> > And the syslog message is going where - to the console, or to the ssh
> > window you're trying to log in with, or into one of your usual system
> > logs?
> >
> > It sort of sounds like you *might* have set qpopper up in inetd or
> > xinetd on port 22 instead of the usual port 110 for POP or 995 for
> > POP-SSl.
>
> I get the local messages in Outlook Express (Win2K):
> Unable to logon to the server using Secure Password Authentication. Account:
> 'Home', Server: 'mail.prager.ws', Protocol: POP3, Server Response: '.',
> Port: 110, Secure(SSL): No, Error Number: 0x800CCC18
> The other error message above appears in /var/log/maillog on my Linux box.
Could you please post your inetd or xinetd command line configuration
for qpopper (and your config file if any)? It sounds like you have port
110 set up for SSL only, and Express is trying to use it for clear-text
POP (or maybe vice versa.)
If you want to support unconditional SSL for POP, the more conventional
port to run that on is 995.
So ssh doesn't really enter into the picture?
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Thu, 3 Jan 2002 21:22:23 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Canonical name error...
Good! This is a basic Best Practice. If you have an IP
address, you MUST have a reverse entry for that. I get really
tired of working around bad administration.
You must be THIS ------>
tall to play on the Internet. If they can't follow the few
rules, then they should get a nice Compuserve account.
The RFC standards are not just there to be boring reading.
Quoting Alan Brown (alanb at digistar dot com):
> On Wed, 2 Jan 2002, Gregory Hicks wrote:
>
> > > Think "travelling user." You'll never have control over everything.
> >
> > Daniel:
> >
> > Even a traveling user *should* reverse lookup - even if they come from
> > some unrelated ISP. Or am I not understanding the"Travelling user"
> > issue?
>
> I can show you entire countries where the number of correctly resolvig
> IPs is vastly outnumberd by borked or completely non-existant rDNS
> entries.
>
> I'm sitting in one now in southeast asia. It causes merry hell trying to
> make connections to my accounts all round the world via ssh as most
> admins have things set in DNS paranoia mode for interactive sessions.
Date: Fri, 4 Jan 2002 08:14:27 -0600 (CST)
From: Alan Brown <alanb at digistar dot com>
Subject: Re: Canonical name error...
On Thu, 3 Jan 2002, Chuck Yerkes wrote:
> Good! This is a basic Best Practice. If you have an IP
> address, you MUST have a reverse entry for that. I get really
> tired of working around bad administration.
Remind me to laugh like hell when you find yourself stuck in one of the
many countries with 2 or 3 completely clueless ISPs and no other way of
getting home other than an international call.
Date: Fri, 04 Jan 2002 09:23:05 -0500
From: Daniel Senie <dts at senie dot com>
Subject: Re: Canonical name error...
At 12:22 AM 1/4/02, Chuck Yerkes wrote:
>Good! This is a basic Best Practice. If you have an IP
>address, you MUST have a reverse entry for that. I get really
>tired of working around bad administration.
>You must be THIS ------>
>tall to play on the Internet. If they can't follow the few
>rules, then they should get a nice Compuserve account.
>
>The RFC standards are not just there to be boring reading.
There's been a fair bit of discussion of just what is Best Practice in this
area. Give draft-ietf-dnsop-inaddr-required-02.txt a read, and provide some
feedback. Despite the name of the draft, at this point the document
basically strongly encourages accurate and complete configuration of
INADDR, but also strongly discourages the use of DNS lookups, including
INADDR, as any sort of "security" mechanism.
>Quoting Alan Brown (alanb at digistar dot com):
> > On Wed, 2 Jan 2002, Gregory Hicks wrote:
> >
> > > > Think "travelling user." You'll never have control over everything.
> > >
> > > Daniel:
> > >
> > > Even a traveling user *should* reverse lookup - even if they come from
> > > some unrelated ISP. Or am I not understanding the"Travelling user"
> > > issue?
> >
> > I can show you entire countries where the number of correctly resolvig
> > IPs is vastly outnumberd by borked or completely non-existant rDNS
> > entries.
> >
> > I'm sitting in one now in southeast asia. It causes merry hell trying to
> > make connections to my accounts all round the world via ssh as most
> > admins have things set in DNS paranoia mode for interactive sessions.
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
From: "Bernd Prager" <bernd at prager dot ws>
Subject: Re: trouble with ssh
Date: Fri, 4 Jan 2002 13:50:25 -0500
I do have exactly the same error message when I configure port 995.
Outlook Express:
Your server has unexpectedly terminated the connection. Possible causes for
this include server problems, network problems, or a long period of
inactivity. Account: 'Home', Server: 'mail.prager.ws', Protocol: POP3, Port:
995, Secure(SSL): Yes, Error Number: 0x800CCC0F
/var/log/messages:
popper[15310]: (null) at 192.168.2.113 (192.168.2.113): -ERR POP EOF or I/O
Error
Ok, the ssh thing was my mistake. I thought ssl is using open-ssh routines.
It's openssl-0.9.6b-8 that's on my box.
----- Original Message -----
From: "Clifton Royston" <cliftonr at lava dot net>
...
> If you want to support unconditional SSL for POP, the more conventional
> port to run that on is 995.
>
> So ssh doesn't really enter into the picture?
Date: Sun, 06 Jan 2002 09:29:50 -0800
From: Dave Swager <dave at waveville dot net>
Subject: OpenBSD 3.0 SSL not working
Sorry if this is answered elsewhere, I've looked everywhere and I'm stumped.
On the client side (Eudora 5.1, Mac or PC), I get the following error
message whether I use optional START TLS, or Required START TLS. APOP
works fine:
ERR[AUTH] You must use TLS/SSL or stronger authentication such as APOP to
connect to this server
I can't get SSL working no matter what I do. Here's the configuration:
OpenBSD ns1 3.0 GENERIC#94 i386
./configure --enable-apop --enable-popuid=popa3d --enable-debugging
--with-openssl=/usr
inetd.conf entry:
pop3 stream tcp nowait root /usr/local/sbin/popper
popper -f /etc/popper.conf
/etc/popper.conf:
set clear-text-password=tls
set tls-support=stls
set tls-server-cert-file=/etc/mail/certs/cert.pem
And finally, the trace file (generated from an earlier inetd.conf entrywith
-t):
Jan 6 09:18:38.799 2002 [655] Trace and Debug destination is file
"/etc/popper.
trace" [pop_init.c:855]
Jan 6 09:18:38.799 2002
Jan 6 09:18:38.800 2002 [655] Processing config file '/etc/popper.conf';
CallTi
me=1 [pop_config.c:1279]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] ...read line 1 (27): set clear-text-password=tls
[pop_config.c:1315]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] Set clear-text-password to TLS (2)
[pop_config.c:
1195]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] ...read line 2 (20): set tls-support=stls
[pop_co
nfig.c:1315]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] Set tls-support to STLS (2) [pop_config.c:1195]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] ...read line 3 (49): set
tls-server-cert-file=/et
c/mail/certs/cert.pem [pop_config.c:1315]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] Set tls-server-cert-file to
"/etc/mail/certs/cert
.pem" [pop_config.c:1211]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.800 2002 [655] Finished processing config file
'/etc/popper.conf
'; rslt=1 [pop_config.c:1463]
Jan 6 09:18:38.800 2002
Jan 6 09:18:38.803 2002 [655] (v4.0.3) Servicing request from
"ananse.waveville
.net" at 216.101.173.131 [pop_init.c:1153]
Jan 6 09:18:38.803 2002
Jan 6 09:18:38.803 2002 [655] before TLS; tls_support==2 [popper.c:172]
Jan 6 09:18:38.803 2002
Jan 6 09:18:38.803 2002 [655] ...Initializing OpenSSL library
[pop_tls_openssl.
c:224]
Jan 6 09:18:38.803 2002
Jan 6 09:18:38.805 2002 [655] ...have /dev/urandom; skipping PRNG seeding
[pop_
tls_openssl.c:282]
Jan 6 09:18:38.805 2002
Jan 6 09:18:38.805 2002 [655] ...setting method to SSLv23_server_method
[pop_tl
s_openssl.c:306]
Jan 6 09:18:38.805 2002
Jan 6 09:18:38.805 2002 [655] ...allocating OpenSSL context
[pop_tls_openssl.c:
336]
Jan 6 09:18:38.805 2002
Jan 6 09:18:38.805 2002 [655] ...setting certificate file
/etc/mail/certs/cert.
pem [pop_tls_openssl.c:347]
Jan 6 09:18:38.805 2002
Jan 6 09:18:38.807 2002 [655] ...private key file not set; assuming
private key
is in cert (/etc/mail/certs/cert.pem) [pop_tls_openssl.c:364]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...setting private key file
/etc/mail/certs/cert.
pem [pop_tls_openssl.c:368]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...verifying private key against certificate
[pop
_tls_openssl.c:381]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...(tls_cipher_list not specified)
[pop_tls_opens
sl.c:408]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...allocating OpenSSL connection
[pop_tls_openssl
.c:419]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...setting input (0) and output (0) file
descript
ors [pop_tls_openssl.c:430]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] ...successfully completed OpenSSL initialization
[pop_tls_openssl.c:449]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.807 2002 [655] TLS Init [popper.c:193]
Jan 6 09:18:38.807 2002
Jan 6 09:18:38.808 2002 [655] (v4.0.3) Intro [popper.c:238]
Jan 6 09:18:38.808 2002
Jan 6 09:18:38.808 2002 [655] +OK Qpopper (version 4.0.3) at ns1.waveville.net
starting. <655.1010337518 at ns1.waveville dot net> [popper.c:251]
Jan 6 09:18:38.808 2002
Jan 6 09:18:38.808 2002 [655] Qpopper ready for input from (null) at
ananse.wav
eville.net [216.101.173.131] [popper.c:285]
Jan 6 09:18:38.808 2002
Jan 6 09:18:38.820 2002 [655] Received (4): "CAPA" [pop_get_command.c:105]
Jan 6 09:18:38.820 2002
Jan 6 09:18:38.820 2002 [655] capa returned 1; CurrentState now auth1
[popper.c
:329]
Jan 6 09:18:38.820 2002
Jan 6 09:18:38.820 2002 [655] Qpopper ready for input from (null) at
ananse.wav
eville.net [216.101.173.131] [popper.c:285]
Jan 6 09:18:38.820 2002
Jan 6 09:18:38.840 2002 [655] Received (9): "USER dave"
[pop_get_command.c:105]
Jan 6 09:18:38.840 2002
Jan 6 09:18:38.841 2002 [655] home (10): '/home/dave' [pop_user.c:215]
Jan 6 09:18:38.841 2002
Jan 6 09:18:38.841 2002 [655] AllowClearText=2; (TLS/SSL not used)
[pop_user.c:
359]
Jan 6 09:18:38.841 2002
Jan 6 09:18:38.841 2002 [655] dave at ananse.waveville.net
(216.101.173.131): -
ERR [AUTH] You must use TLS/SSL or stronger authentication such as APOP to
conne
ct to this server [pop_user.c:360]
Jan 6 09:18:38.841 2002
Jan 6 09:18:38.841 2002 [655] user returned 0; CurrentState now auth1
[popper.c
:329]
Jan 6 09:18:38.841 2002
Jan 6 09:18:38.841 2002 [655] Qpopper ready for input from dave at
ananse.wavev
ille.net [216.101.173.131] [popper.c:285]
Jan 6 09:18:38.841 2002
Jan 6 09:18:38.999 2002 [655] Received (4): "QUIT" [pop_get_command.c:105]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] quit returned 1; CurrentState now halt
[popper.c:
329]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] +OK Pop server at ns1.waveville.net signing off.
[popper.c:351]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] pTLS->m_pPOP->tls_started == false
[pop_tls_opens
sl.c:807]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] freeing m_OpenSSLconn [pop_tls_openssl.c:811]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] freeing m_OpenSSLctx [pop_tls_openssl.c:817]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] openssl_shutdown returning 0
[pop_tls_openssl.c:8
22]
Jan 6 09:18:38.999 2002
Jan 6 09:18:38.999 2002 [655] (v4.0.3) Ending request from "dave" at
(ananse.wa
veville.net) 216.101.173.131 [popper.c:369]
Jan 6 09:18:38.999 2002
I know the client supports SSL, I check other accounts using it.
Any ideas?
-Dave
From: "Michael Riedel" <mrie at fto dot de>
Date: Mon, 7 Jan 2002 20:30:28 +0100
Subject: qpopper 4.0.3 undefined reference auth_user
hi,
if i compile the poppassd i get the following error:
# make gcc -o poppassd auth_user.o poppassd.o -lresolv -ldrac -
L/usr/lib/drac - ldrac -ldl -lpam \ ../common/libcommon.a
poppassd.o: In function `chkPass':
/usr/src/qpopper4.0.3/password/poppassd.c:1197: undefined reference to
`auth_user' collect2: ld returned 1 exit status make: *** [poppassd]
Error 1
I configure qpopper with:
./configure --with-openssl --with-drac=/usr/lib/drac --enable-log-login
- -enable-specialauth --with-pam=pop3 --enable-servermode --enable-
debugging --enable-keep-temp-drop --enable-poppassd
I search the archives of this list and found the fix for 4.0.1 but this
is implemented in 4.0.3 and it still doesn't run.
Any hints ?
Michael
--
Bye
|\/|ichael Riedel
Date: Mon, 7 Jan 2002 17:32:13 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Problem with Popper 2.1.4-R3 on SCO 5.05
At 1:18 PM -0800 1/3/02, Salim Jamal wrote:
>I'm running SCO POP3 server (version 2.1.4-R3) on SCO 5.05, and getting the
>following error in my syslog:
>
>Jan 3 13:07:50 dev_serv popper[15426]: (v2.1.4-R3) Unable to get canonical
>name
> of client, err = 115
>
>Anybody know how to solve this?
>
>Our mail server is not directly connected to the NET, nor does it have a DNS
>gateway setup. It sends and receives email from a smarthost mailserver on
>the network.
>
>We are using Sendmail 8.8.8, and the SMARTHOST has been configured in
>Sendmail.
>
>Just wondering what the common problems and solutions are to this popper
>error message.
See the FAQ entry <http://www.eudora.com/qpopper/faq.html#canonical>.
Also, I very strongly suggest upgrading to Qpopper 4 right away. See
FAQ entries <http://www.eudora.com/qpopper/faq.html#exploit>,
<http://www.eudora.com/qpopper/faq.html#versions.latest>, and
<http://www.eudora.com/qpopper/faq.html#versions.notify>.
--
Date: Mon, 7 Jan 2002 17:41:45 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: OpenBSD 3.0 SSL not working
At 9:29 AM -0800 1/6/02, Dave Swager wrote:
>Sorry if this is answered elsewhere, I've looked everywhere and I'm stumped.
>
>On the client side (Eudora 5.1, Mac or PC), I get the following
>error message whether I use optional START TLS, or Required START
>TLS. APOP works fine:
>
>ERR[AUTH] You must use TLS/SSL or stronger authentication such as
>APOP to connect to this server
>Jan 6 09:18:38.807 2002 [655] ...successfully completed OpenSSL
>initialization [pop_tls_openssl.c:449]
>Jan 6 09:18:38.820 2002 [655] Received (4): "CAPA" [pop_get_command.c:105]
>Jan 6 09:18:38.840 2002 [655] Received (9): "USER dave"
>[pop_get_command.c:105]
>Jan 6 09:18:38.841 2002 [655] AllowClearText=2; (TLS/SSL not used)
>[pop_user.c:359]
According to this log, Qpopper initialized TLS/SSL just fine, and the
client issued a CAPA command, so it should know that TLS/SSL is
supported, yet it failed to send an STLS command. I'd suggest
double-checking that you told the client to use STLS (try making it
required and see what happens). Then, if you still have trouble,
enable debug logging on the client. If it's Eudora 5.1, then Eudora
technical support should be able to help. See
<http://www.eudora.com/techsupport/>.
--
Date: Mon, 7 Jan 2002 17:44:12 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: qpopper 4.0.3 undefined reference auth_user
At 8:30 PM +0100 1/7/02, Michael Riedel wrote:
>hi,
>
>if i compile the poppassd i get the following error:
>
> # make gcc -o poppassd auth_user.o poppassd.o -lresolv -ldrac -
>L/usr/lib/drac - ldrac -ldl -lpam \ ../common/libcommon.a
>poppassd.o: In function `chkPass':
>/usr/src/qpopper4.0.3/password/poppassd.c:1197: undefined reference to
>`auth_user' collect2: ld returned 1 exit status make: *** [poppassd]
>Error 1
>
>I configure qpopper with:
>
>./configure --with-openssl --with-drac=/usr/lib/drac --enable-log-login
>- -enable-specialauth --with-pam=pop3 --enable-servermode --enable-
>debugging --enable-keep-temp-drop --enable-poppassd
>
>I search the archives of this list and found the fix for 4.0.1 but this
>is implemented in 4.0.3 and it still doesn't run.
>
>Any hints ?
>
>Michael
>--
>
>Bye
> |\/|ichael Riedel
Why are you adding '--enable-specialauth'? Have you tried it without
specifying this? Qpopper 4.0's configure script generally is able to
figure out if this is needed or not, so you're better off not
specifying it. Try doing a 'make realclean', then re-run
./configure, leaving out '--enable-specialauth'.
--
Date: Tue, 08 Jan 2002 08:29:41 -0500
From: Dene Ulmschneider <dene at ulmschneiders dot com>
Subject: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
--=====================_76973579==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
Has anyone else had trouble trying to make Qpopper 4.0.3 n RHL 7.2?
I get errors when running make install and just make. Here is the output
that I get on both commands:
MAKE ERROR-
cd ./popper && make all
make[1]: Entering directory `/home/deneu/installs/popper/qpopper4.0.3/popper'
gcc -c -I.. -I.. -I. \
-I../mmangle -I../common \
-g -O2 -DHAVE_CONFIG_H -DLINUX -DUNIX pop_dele.c -o pop_dele.o
In file included from /usr/include/bits/posix1_lim.h:126,
from /usr/include/limits.h:144,
from
/usr/lib/gcc-lib/i386-redhat-linux/2.96/include/limits.h:130,
from
/usr/lib/gcc-lib/i386-redhat-linux/2.96/include/syslimits.h:7,
from
/usr/lib/gcc-lib/i386-redhat-linux/2.96/include/limits.h:11,
from /usr/include/bits/socket.h:31,
from /usr/include/sys/socket.h:35,
from popper.h:62,
from pop_dele.c:29:
/usr/include/bits/local_lim.h:36:26: linux/limits.h: No such file or directory
In file included from /usr/include/sys/socket.h:35,
from popper.h:62,
from pop_dele.c:29:
/usr/include/bits/socket.h:305:24: asm/socket.h: No such file or directory
In file included from /usr/include/errno.h:36,
from popper.h:178,
from pop_dele.c:29:
/usr/include/bits/errno.h:25:26: linux/errno.h: No such file or directory
make[1]: *** [pop_dele.o] Error 1
make[1]: Leaving directory `/home/deneu/installs/popper/qpopper4.0.3/popper'
make: *** [popper_server] Error 2
MAKE INSTALL ERROR-
/usr/bin/install -c -m 0644 -o root ./man/popper.8 /usr/local/man/man8/
/usr/bin/install: cannot create regular file `/usr/local/man/man8/': Is a
directory
make: *** [install] Error 1
Any help would be GREATLY appreciated.
Thanks
Dene Ulmschneider
----------------------------------------------------------
dene at ulmschneiders dot com -
http://www.ulmschneiders.com -
----------------------------------------------------------
deneu at dsltechie dot com -
http://www.dsltechie.com -
----------------------------------------------------------
--=====================_76973579==_.ALT
Content-Type: text/html; charset="us-ascii"
<html>
Has anyone else had trouble trying to make Qpopper 4.0.3 n RHL 7.2?<br>
I get errors when running make install and just make. Here is the output
that I get on both commands:<br><br>
<b>MAKE ERROR-<br>
</b>cd ./popper && make all<br>
make[1]: Entering directory
`/home/deneu/installs/popper/qpopper4.0.3/popper'<br>
gcc -c -I.. -I.. -I. \<br>
-I../mmangle -I../common
\<br>
-g -O2 -DHAVE_CONFIG_H
-DLINUX -DUNIX pop_dele.c -o pop_dele.o<br>
In file included from /usr/include/bits/posix1_lim.h:126,<br>
from /usr/include/limits.h:144,<br>
from /usr/lib/gcc-lib/i386-redhat-linux/2.96/include/limits.h:130,<br>
from /usr/lib/gcc-lib/i386-redhat-linux/2.96/include/syslimits.h:7,<br>
from /usr/lib/gcc-lib/i386-redhat-linux/2.96/include/limits.h:11,<br>
from /usr/include/bits/socket.h:31,<br>
from /usr/include/sys/socket.h:35,<br>
from popper.h:62,<br>
from pop_dele.c:29:<br>
/usr/include/bits/local_lim.h:36:26: linux/limits.h: No such file or
directory<br>
In file included from /usr/include/sys/socket.h:35,<br>
from popper.h:62,<br>
from pop_dele.c:29:<br>
/usr/include/bits/socket.h:305:24: asm/socket.h: No such file or
directory<br>
In file included from /usr/include/errno.h:36,<br>
from popper.h:178,<br>
from pop_dele.c:29:<br>
/usr/include/bits/errno.h:25:26: linux/errno.h: No such file or
directory<br>
make[1]: *** [pop_dele.o] Error 1<br>
make[1]: Leaving directory
`/home/deneu/installs/popper/qpopper4.0.3/popper'<br>
make: *** [popper_server] Error 2<br><br>
<b>MAKE INSTALL ERROR-<br>
</b>/usr/bin/install -c -m 0644 -o root ./man/popper.8
/usr/local/man/man8/<br>
/usr/bin/install: cannot create regular file `/usr/local/man/man8/': Is a
directory<br>
make: *** [install] Error 1<br><br>
<br>
Any help would be GREATLY appreciated.<br><br>
Thanks<br><br>
<x-sigsep><p></x-sigsep>
Dene Ulmschneider<br>
----------------------------------------------------------<br>
dene at ulmschneiders dot com<x-tab> </x-tab><x-tab> </x-tab>-<br>
<a href="http://www.ulmschneiders.com/" eudora="autourl">http://www.ulmschneiders.com</a><x-tab> </x-
----------------------------------------------------------<br>
deneu at dsltechie dot com<x-tab> </x-tab><x-tab> </x-tab><x-tab&g
<a href="http://www.dsltechie.com/" eudora="autourl">http://www.dsltechie.com</a><x-tab> &am
----------------------------------------------------------</html>
--=====================_76973579==_.ALT--
Date: Tue, 08 Jan 2002 14:13:50 -0500
Subject: Duplicate status lines in syslog
From: "Mark I. Recio" <recio at web-pros dot com>
Hello!
I have recently compiled and installed qpopper 4.0.3 on a Solaris 7 box. It
was originally configured only with --enable-home-dir-mail=Mailbox and run
with -sc by inetd.
I was not receiving any log messages in any of the normal places, so I 'make
realclean'ed, recompiled, and installed it again (again with -sc in
inetd.conf) like so:
./configure --enable-log-facility=LOG_MAIL --enable-home-dir-mail=Mailbox
Now I have too much of a good thing. When I look at /var/log/syslog now, I
get two identical lines for each transaction (see below). Is that normal?
(The FAQ suggests that you will only see one line of stats per transaction.)
Jan 8 14:05:45 cas qpopper[10633]: Stats: kswan 0 0 12 417569
blah.protecttheinnocent.com XXX.XXX.XXX.XXX
Jan 8 14:05:45 cas qpopper[10633]: Stats: kswan 0 0 12 417569
blah.protecttheinnocent.com XXX.XXX.XXX.XXX
Anyone have any ideas?
Two identical login messages are also displayed when --enable-log-login is
set as well.
TIA!
Mark
--
Mark I. Recio mailinglist at Web-Pros dot Com
C.I.O. - Web-Pros Inc. http://www.web-pros.com
Date: Tue, 8 Jan 2002 09:23:42 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
On Tue, Jan 08, 2002 at 08:29:41AM -0500, Dene Ulmschneider wrote:
>
> Has anyone else had trouble trying to make Qpopper 4.0.3 n RHL 7.2?
> I get errors when running make install and just make. Here is the
> output that I get on both commands:
Did you run configure first? It looks like it's getting pointed to the
wrong include directories, which shouldn't happen if you ran configure.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Tue, 8 Jan 2002 14:01:01 -0600 (CST)
From: Kip Turk <kipt at wcc dot net>
Subject: Cache files suddenly appearing
I installed Qpopper4.0.3 today with the following options:
./configure --enable-debugging --enable-servermode --enable-specialauth
--disable-shy --enable-hash-spool=2 --with-log-facility=LOG_LOCAL0
--enable-timing --enable-temp-drop-dir=/var/poptemp --with-drac
This is the same configuration I used with 3.1.2, with the exception of
adding --with-drac. DRAC is working fine, however, I'm now seeing a ton
of .username.cache files inside /var/poptemp. This was a fresh tar.gz
file and it compiled and worked fine on another system (one RH 6.2 and
one RH 7.1 in fact). This system is another RH 6.2 and this seems to be
the only issue. I've tried setting --disable-cache-dir in the
configuration options, but it's ignored. I can't find any files that
would contain a run-time option. I've verified that /etc/inetd.conf
looks to /usr/bin/popper and manually copied the compiled binary into
place to insure it was using the correct one. Any ideas what could
possibly be wrong here? I'm currently running a cron once a minute to
delete the .cache files, but I'd much rather have the mystery explained.
Thanks,
--
Kip Turk spamdies at wcc dot net
Systems Administrator/Killer of Spam/Writer of Code/Penguin Proponent
West Central Net - tel: 915.234.5678 / 800.695.9016 fax: 915.656.0071
-.-. --- -.. . / -- --- -. -.- . -.-- --..-- / .... .- -.-. -.- . .-.
From: "Michael Riedel" <mrie at fto dot de>
Date: Tue, 8 Jan 2002 22:36:48 +0100
Subject: Re: qpopper 4.0.3 undefined reference auth_user
On 7 Jan 2002 at 17:44, Randall Gellens wrote:
> Why are you adding '--enable-specialauth'? Have you tried it without
> specifying this? Qpopper 4.0's configure script generally is able to
> figure out if this is needed or not, so you're better off not
> specifying it. Try doing a 'make realclean', then re-run ./configure,
> leaving out '--enable-specialauth'. --
>
I tried it, but it doesn't help.
--
Bye
|\/|ichael Riedel
Date: Tue, 8 Jan 2002 12:02:20 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Cache files suddenly appearing
On Tue, Jan 08, 2002 at 02:01:01PM -0600, Kip Turk wrote:
> I installed Qpopper4.0.3 today with the following options:
>
> ./configure --enable-debugging --enable-servermode --enable-specialauth
> --disable-shy --enable-hash-spool=2 --with-log-facility=LOG_LOCAL0
> --enable-timing --enable-temp-drop-dir=/var/poptemp --with-drac
>
> This is the same configuration I used with 3.1.2, with the exception of
> adding --with-drac. DRAC is working fine, however, I'm now seeing a ton
> of .username.cache files inside /var/poptemp. This was a fresh tar.gz
> file and it compiled and worked fine on another system (one RH 6.2 and
> one RH 7.1 in fact). This system is another RH 6.2 and this seems to be
> the only issue. I've tried setting --disable-cache-dir in the
> configuration options, but it's ignored. I can't find any files that
> would contain a run-time option. I've verified that /etc/inetd.conf
> looks to /usr/bin/popper and manually copied the compiled binary into
> place to insure it was using the correct one. Any ideas what could
> possibly be wrong here? I'm currently running a cron once a minute to
> delete the .cache files, but I'd much rather have the mystery explained.
"It's a feature." No, really.
The cache files store the precomputed UIDLs on messages in the mailbox,
and some similar information, so that qpopper does not need to scan the
mailbox every time it's invoked if there are no new messages. I'm not
sure if you can disable it - there's probably a way - but if you do it
will slow down your qpopper startup times and put extra load on your
system. In general, caches are good, and these files are small so
shouldn't be eating up unnecessary amounts of disk space.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Tue, 8 Jan 2002 14:23:51 -0800 (PST)
From: Gregory Hicks <ghicks at cadence dot com>
Subject: Re: Cache files suddenly appearing
> Date: Tue, 8 Jan 2002 12:02:20 -1000
> From: Clifton Royston <cliftonr at lava dot net>
>
> On Tue, Jan 08, 2002 at 02:01:01PM -0600, Kip Turk wrote:
> > I installed Qpopper4.0.3 today with the following options:
> >
> > ./configure --enable-debugging --enable-servermode --enable-specialauth
> > --disable-shy --enable-hash-spool=2 --with-log-facility=LOG_LOCAL0
> > --enable-timing --enable-temp-drop-dir=/var/poptemp --with-drac
[...snip...]
>
> The cache files store the precomputed UIDLs on messages in the mailbox,
> and some similar information, so that qpopper does not need to scan the
> mailbox every time it's invoked if there are no new messages. I'm not
> sure if you can disable it - there's probably a way - but if you do it
> will slow down your qpopper startup times and put extra load on your
> system. In general, caches are good, and these files are small so
> shouldn't be eating up unnecessary amounts of disk space.
Actually, what you really want to do is to put the cache dir on another
spindle and then leave it alone - unless your temp-drop-dir is *truly*
small. This increases your throughput and splits the I/O load.
For instance, on our main mail server with 2,200 users, the drop dir is
only a WHOPPING 20.2K in size...
Regards,
Gregory Hicks
---------------------------------------------------------------------
Gregory Hicks | Principal Systems Engineer
Cadence Design Systems | Direct: 408.576.3609
555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479
San Jose, CA 95134 | Internet: ghicks at cadence dot com
"The trouble with doing anything right the first time is that nobody
appreciates how difficult it was."
When a team of dedicated individuals makes a commitment to act as
one... the sky's the limit.
Policy: ASCII/text attchmnts alway read. PDF maybe read. Others, by
necessity, may be ignored. Don't take it personally, it's a time and
compatability issue.
Date: Tue, 08 Jan 2002 17:11:54 -0500
From: Dene Ulmschneider <dene at ulmschneiders dot com>
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
--=====================_108311156==_.ALT
Content-Type: text/plain; charset="us-ascii"; format=flowed
Yes I did.
From
/home/deneu/installs/popper/qpopper4.0.3
I did
./configure --enable-specialauth --enable-shy
it seemed to configure OK. (is there a specific location form which I
should configure?)
Any help is appreciated.
Dene
At 02:23 PM 1/8/2002, Clifton Royston wrote:
>On Tue, Jan 08, 2002 at 08:29:41AM -0500, Dene Ulmschneider wrote:
> >
> > Has anyone else had trouble trying to make Qpopper 4.0.3 n RHL 7.2?
> > I get errors when running make install and just make. Here is the
> > output that I get on both commands:
>
>Did you run configure first? It looks like it's getting pointed to the
>wrong include directories, which shouldn't happen if you ran configure.
>
> -- Clifton
>
>--
> Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
> WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Thank you,
Dene Ulmschneider
----------------------------------------------------------
dene at ulmschneiders dot com -
http://www.ulmschneiders.com -
----------------------------------------------------------
deneu at dsltechie dot com -
http://www.dsltechie.com -
----------------------------------------------------------
--=====================_108311156==_.ALT
Content-Type: text/html; charset="us-ascii"
<html>
Yes I did.<br>
From<br>
<i>/home/deneu/installs/popper/qpopper4.0.3<br><br>
</i>I did<br>
./configure --enable-specialauth --enable-shy<br><br>
it seemed to configure OK. (is there a specific location form which I
should configure?)<br><br>
Any help is appreciated.<br><br>
Dene<br><br>
At 02:23 PM 1/8/2002, Clifton Royston wrote:<br>
<blockquote type=cite class=cite cite>On Tue, Jan 08, 2002 at 08:29:41AM
-0500, Dene Ulmschneider wrote:<br>
> <br>
> Has anyone else had trouble trying to make Qpopper
4.0.3 n RHL 7.2?<br>
> I get errors when running make install and just
make. Here is the<br>
> output that I get on both commands:<br><br>
Did you run configure first? It looks like it's getting pointed to
the<br>
wrong include directories, which shouldn't happen if you ran
configure.<br><br>
-- Clifton<br><br>
-- <br>
Clifton Royston -- LavaNet Systems Architect --
cliftonr at lava dot net<br>
WWJD? "JWRTFM!" - Scott Dorsey
(kludge) "JWG" - Eddie Aikau </blockquote>
<x-sigsep><p></x-sigsep>
Thank you,<br><br>
Dene Ulmschneider<br>
----------------------------------------------------------<br>
dene at ulmschneiders dot com<x-tab> </x-tab><x-tab> </x-tab>-<br>
<a href="http://www.ulmschneiders.com/" eudora="autourl">http://www.ulmschneiders.com</a><x-tab> </x-
----------------------------------------------------------<br>
deneu at dsltechie dot com<x-tab> </x-tab><x-tab> </x-tab><x-tab&g
<a href="http://www.dsltechie.com/" eudora="autourl">http://www.dsltechie.com</a><x-tab> &am
----------------------------------------------------------</html>
--=====================_108311156==_.ALT--
From: Ted Cabeen <ted at impulse dot net>
Subject: Re: Cache files suddenly appearing
Date: Tue, 08 Jan 2002 14:36:29 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
In message <148359011779909238820 at lists.pensive dot org>, Gregory Hicks writes:
>> The cache files store the precomputed UIDLs on messages in the mailbox,
>> and some similar information, so that qpopper does not need to scan the
>> mailbox every time it's invoked if there are no new messages. I'm not
>> sure if you can disable it - there's probably a way - but if you do it
>> will slow down your qpopper startup times and put extra load on your
>> system. In general, caches are good, and these files are small so
>> shouldn't be eating up unnecessary amounts of disk space.
>
>Actually, what you really want to do is to put the cache dir on another
>spindle and then leave it alone - unless your temp-drop-dir is *truly*
>small. This increases your throughput and splits the I/O load.
>
>For instance, on our main mail server with 2,200 users, the drop dir is
>only a WHOPPING 20.2K in size...
One thing to note is that those cache files can cause problems if you're not
careful to delete them when you delete a user. If you don't do so, if you
delete a user and then recreate it shortly thereafter with a different UID,
the user won't be able to check their mail until the old files are removed.
I wrote a patch that allows the .cache and .lock files to go in user home
directories, if you want them there.
- --
Ted Cabeen http://www.pobox.com/~secabeen ted at impulse dot net
Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeen at pobox dot com
"I have taken all knowledge to be my province." -F. Bacon secabeen at cabeen dot org
"Human kind cannot bear very much reality."-T.S.Eliot cabeen at netcom dot com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OpenBSD)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE8O3RtoayJfLoDSdIRAqL9AJ9+a0UK2efHn/O3SimyDg34uXqYEACghFST
cEJn4sNiA0nvfZg8xfmcJ2M
=qMO9
-----END PGP SIGNATURE-----
Date: Tue, 8 Jan 2002 16:47:50 -0600 (CST)
From: Kip Turk <kipt at wcc dot net>
Subject: Re: Cache files suddenly appearing
On Tue, 8 Jan 2002, Ted Cabeen wrote:
> In message <148359011779909238820 at lists.pensive dot org>, Gregory Hicks writes:
> >> The cache files store the precomputed UIDLs on messages in the mailbox,
> >> and some similar information, so that qpopper does not need to scan the
> >> mailbox every time it's invoked if there are no new messages. I'm not
> >> sure if you can disable it - there's probably a way - but if you do it
> >> will slow down your qpopper startup times and put extra load on your
> >> system. In general, caches are good, and these files are small so
> >> shouldn't be eating up unnecessary amounts of disk space.
> >
> >Actually, what you really want to do is to put the cache dir on another
> >spindle and then leave it alone - unless your temp-drop-dir is *truly*
> >small. This increases your throughput and splits the I/O load.
> >
> >For instance, on our main mail server with 2,200 users, the drop dir is
> >only a WHOPPING 20.2K in size...
>
> One thing to note is that those cache files can cause problems if you're not
> careful to delete them when you delete a user. If you don't do so, if you
> delete a user and then recreate it shortly thereafter with a different UID,
> the user won't be able to check their mail until the old files are removed.
> I wrote a patch that allows the .cache and .lock files to go in user home
> directories, if you want them there.
I'm not overly concerned with the sizes and, after reading up on it a
bit more, can see the benefits of the cache. I've already moved the
cache directory to another location, though it was mostly to keep my
operators from panicing about all the new files in the drop zone. I'll
add the code to our User Management System to remove the .cache with the
user (thanks for that tip). What puzzles me is that these files only
appear on one system running 4.0.3. If it's a feature, I'd expect it to
exist on all my servers (10 mail servers running various platforms).
These servers are all independent, not clustered so every installation
is unique, though I've configured them nearly identically in most cases
(had to add bulldb for a couple of customers).
--
Kip Turk spamdies at wcc dot net
Systems Administrator/Killer of Spam/Writer of Code/Penguin Proponent
West Central Net - tel: 915.234.5678 / 800.695.9016 fax: 915.656.0071
-.-. --- -.. . / -- --- -. -.- . -.-- --..-- / .... .- -.-. -.- . .-.
Date: Tue, 8 Jan 2002 14:11:31 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
On Tue, Jan 08, 2002 at 05:11:54PM -0500, Dene Ulmschneider wrote:
>
> Yes I did.
> From
> /home/deneu/installs/popper/qpopper4.0.3
> I did
> ./configure --enable-specialauth --enable-shy
> it seemed to configure OK. (is there a specific location form which I
> should configure?)
No, in the directory where you're building the package is just fine.
I haven't noticed any similar reports to the mailing list of inability to
get it to configure and make properly.
What OS is this running on? Is it a Linux box as I assumed?
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
From: Kenneth Porter <shiva at well dot com>
Date: 08 Jan 2002 17:01:05 -0800
Have you tried building from an RPM? You can download mine from
http://www.sewingwitch.com/ken/SRPMS/. Build with "rpmbuild --ba
qpopper*.src.rpm". Install with "rpm -Uvh qpopper*.i386.rpm".
Date: Tue, 08 Jan 2002 20:17:08 -0500
From: Dene Ulmschneider <dene at ulmschneiders dot com>
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
I am running RHL 7.2
Dene
At 07:11 PM 1/8/2002, Clifton Royston wrote:
>On Tue, Jan 08, 2002 at 05:11:54PM -0500, Dene Ulmschneider wrote:
> >
> > Yes I did.
> > From
> > /home/deneu/installs/popper/qpopper4.0.3
> > I did
> > ./configure --enable-specialauth --enable-shy
> > it seemed to configure OK. (is there a specific location form which I
> > should configure?)
>
> No, in the directory where you're building the package is just fine.
>I haven't noticed any similar reports to the mailing list of inability to
>get it to configure and make properly.
>
> What OS is this running on? Is it a Linux box as I assumed?
>
> -- Clifton
>
>--
> Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
> WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Thank you,
Dene Ulmschneider
----------------------------------------------------------
dene at ulmschneiders dot com -
http://www.ulmschneiders.com -
----------------------------------------------------------
deneu at dsltechie dot com -
http://www.dsltechie.com -
----------------------------------------------------------
Subject: Emails are received twice with Qpopper 3.1.2
Date: Wed, 9 Jan 2002 11:46:08 -0800
From: "Habib Abassi" <habassi at telephonyatwork dot com>
Hi All,
IS IT POSSIBLE with QPopper(3.1.2) a user account receives two emails
with same Message-Id and a different Received id !!!
First Email Header:
Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
id g03K9PF0000205568; Thu, 3 Jan 2002 20:09:25 GMT
Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
Date: Thu, 3 Jan 2002 20:02:02 GMT
Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
Second Email Header:
Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
id g03KA5F0000205897; Thu, 3 Jan 2002 20:10:05 GMT
Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
Date: Thu, 3 Jan 2002 20:02:02 GMT
Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
Thanks.
Date: Wed, 9 Jan 2002 09:57:45 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: Emails are received twice with Qpopper 3.1.2
On Wed, Jan 09, 2002 at 11:46:08AM -0800, Habib Abassi wrote:
> Hi All,
>
> IS IT POSSIBLE with QPopper(3.1.2) a user account receives two emails
> with same Message-Id and a different Received id !!!
This has nothing to do with Qpopper, it's a problem in your mail
delivery system - sendmail or whatever. That's what puts in the
"Received:" lines. It looks like the lower server (earlier one) in
these received lines delivered the same message twice to the upper one.
That's long before qpopper gets hold of it.
-- Clifton
> First Email Header:
>
> Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K9PF0000205568; Thu, 3 Jan 2002 20:09:25 GMT
> Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
> Date: Thu, 3 Jan 2002 20:02:02 GMT
> Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
>
> Second Email Header:
>
> Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03KA5F0000205897; Thu, 3 Jan 2002 20:10:05 GMT
> Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
> Date: Thu, 3 Jan 2002 20:02:02 GMT
> Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Subject: Re: error while trying to make Qpopper 4.0.3 on RH Linux 7.2
From: Kenneth Porter <shiva at well dot com>
Date: 09 Jan 2002 11:55:25 -0800
On Tue, 2002-01-08 at 17:18, Dene Ulmschneider wrote:
> At 08:01 PM 1/8/2002, you wrote:
> >Have you tried building from an RPM? You can download mine from
> >http://www.sewingwitch.com/ken/SRPMS/. Build with "rpmbuild --ba
> >qpopper*.src.rpm". Install with "rpm -Uvh qpopper*.i386.rpm".
>
> I see a 1 and 2 there - do I need both?
Those are "release" numbers and indicate any changes made by the
packager, but not changes in the source tarball. Use the -2.
Note that the directory also contains the release candidate for 4.0.4.
This is what I'm running.
From: Tim Tyler <tyler at beloit dot edu>
Subject: Norton Antivirus intercept???
Date: Wed, 9 Jan 2002 14:25:33 -0600 (CST)
Qpopper experts,
I just went live with our ssl implementation of qpopper today and I am
finding mixed results. Many Eudora users of 5.1 have to go into options and
add our site as a trusted certificate. This is fine. However, quite a few
clients with Eudora 5.1 simply keep working and never force the Trust issue.
They do have "if available, starttls" or "require ttl". But if they click
on the button next to it, it states they have never accessed a TTLS server.
So they are continuing to work in plain text mode. Why? If we require ttl,
shouldn't it force the process? Well it appears to still retrieve in plain
text mode since they still get the "never accessed a ttls server response.
In some cases, we know that Norton AntiVirus is acting as an intercept for
filtering email. If we take out the Norton intercept address and put them
back to our server with their standard username, they start to work properly
with SSL. But some people do NOT have Norton intercepting their email as
far as I can tell; i.e., they have our standard server and their standard
username. So why might their client not attempt to negotiate an SSL
connection?
Could Norton be working in the background to intercept somehow? What else
might I look for?
Also, Am I correct in assuming that Norton probably can't be used for
direct email filtering if one wants SSL protection?
--
Tim Tyler
Network Manager - Beloit College
tyler at beloit dot edu
Go Packers! Go Badgers!
1999&2000 Rose Bowl Champions!
Date: Wed, 09 Jan 2002 16:44:43 -0500
From: Daniel Senie <dts at senie dot com>
Subject: Re: Norton Antivirus intercept???
At 03:25 PM 1/9/02, Tim Tyler wrote:
>Qpopper experts,
> I just went live with our ssl implementation of qpopper today and I am
>finding mixed results. Many Eudora users of 5.1 have to go into options and
>add our site as a trusted certificate.
We spent the $125/year to buy a cert. Relatively cheap solution to that.
> This is fine. However, quite a few
>clients with Eudora 5.1 simply keep working and never force the Trust issue.
>They do have "if available, starttls" or "require ttl". But if they click
>on the button next to it, it states they have never accessed a TTLS server.
>So they are continuing to work in plain text mode. Why? If we require ttl,
>shouldn't it force the process?
In my tests, if I set Require TLS, and the server doesn't provide it,
Eudora reports an error and exits.
> Well it appears to still retrieve in plain
>text mode since they still get the "never accessed a ttls server response.
>
> In some cases, we know that Norton AntiVirus is acting as an intercept for
>filtering email.
This is an annoyance. They do it badly, IMO.
> If we take out the Norton intercept address and put them
>back to our server with their standard username, they start to work properly
>with SSL.
Note that if you have Norton 2001 (what I've tested with) on a machine with
Eudora 5.1, you'll still have full virus protection. When Eudora tries to
write attachments to the hard disk, Norton Antivirus will notice the virus,
and pop up an alert window. Works great without Norton trying to proxy
anything.
> But some people do NOT have Norton intercepting their email as
>far as I can tell; i.e., they have our standard server and their standard
>username. So why might their client not attempt to negotiate an SSL
>connection?
> Could Norton be working in the background to intercept somehow? What else
>might I look for?
The way Norton's intercept works is to set itself up on port 110 on
127.0.0.1. So if your mail client is trying to use 127.0.0.1 as a mail
server, then it's going to be an issue. If it's using the real name/address
of the server, it's not an issue.
> Also, Am I correct in assuming that Norton probably can't be used for
>direct email filtering if one wants SSL protection?
You are correct. They haven't gotten the SSL stuff into their proxy, and
intercepting isn't viable. As I mentioned above, with Eudora it's not
important.
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
Date: Thu, 10 Jan 2002 11:20:26 +0100
From: Denny-Schierz <cuall at gmx dot de>
Subject: error in log
Guten Tag qpopper,
hi,
i have some errors in my log file, and i don't know what to do
in.qpopper[4807]: Config file nesting exceeds 100; will not process config file /etc/qpopper.conf [pop_config.c:1283]
what does it mean?
cu denny
--
Mit freundlichen Grüssen
Denny-Schierz mailto:cuall at gmx dot de
Date: Thu, 10 Jan 2002 10:01:21 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: qpopper 4.0.3 undefined reference auth_user
At 10:36 PM +0100 1/8/02, Michael Riedel wrote:
> On 7 Jan 2002 at 17:44, Randall Gellens wrote:
>
>> Why are you adding '--enable-specialauth'? Have you tried it without
>> specifying this? Qpopper 4.0's configure script generally is able to
>> figure out if this is needed or not, so you're better off not
>> specifying it. Try doing a 'make realclean', then re-run ./configure,
>> leaving out '--enable-specialauth'. --
>>
>
> I tried it, but it doesn't help.
> --
>
> Bye
> |\/|ichael Riedel
Does it work if you do a 'make realclean' and then re-run
./configure, leaving off both '--enable-poppassd' and
'--enable-specialauth'?
Date: Thu, 10 Jan 2002 10:05:17 -0800
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Cache files suddenly appearing
At 2:01 PM -0600 1/8/02, Kip Turk wrote:
> I installed Qpopper4.0.3 today with the following options:
>
> ./configure --enable-debugging --enable-servermode --enable-specialauth
> --disable-shy --enable-hash-spool=2 --with-log-facility=LOG_LOCAL0
> --enable-timing --enable-temp-drop-dir=/var/poptemp --with-drac
>
> This is the same configuration I used with 3.1.2, with the exception of
> adding --with-drac. DRAC is working fine, however, I'm now seeing a ton
> of .username.cache files inside /var/poptemp.
Cache files are a new feature in Qpopper 4. See the Release Notes
and the Administrator's Guide for more information.
> I've tried setting --disable-cache-dir in the
> configuration options, but it's ignored. I can't find any files that
> would contain a run-time option.
Please see the Administrator's Guide for information on how to set a
run-time options file, and how to disable cache files if you decide
you don't want them.
From: "Fernando Casas" <casasfernando at hotmail dot com>
Subject: TLS/SSL
Date: Thu, 10 Jan 2002 15:50:07 -0300
Hi, i´m new to the list. I´m from argentina so please excuse my bad english.
I´m having trouble with TLS/SSL with the fabubous QPOPPER. Everything but
that it´s going smoothly and let me tell you QPOPPER RULEEESS. ;)
Ok, i´ll proceed with the problem description.
My compile options were:
./configure --enable-server-mode --enable-standalone --enable-shy --enable-b
ulletins --disable-old-spool-loc --enable-home-dir-mail=Mailbox --with-opens
sl
And my config file its tuned like this:
set server-mode
set reverse-lookup
set fast-update
set statistics = true
set tls-support = stls
set tls-server-cert-file = /etc/mail/certs/cert.pem
I´m using Outlook Express 5.5 (also tried with OUTLOOK 2K). When i try to
connect to the POP3 server, without SSL, everything gows smoothly. But when
i configure OU to use SSL on port 110, i get this msg:
A secure connection to the server could not be established. Account:
'192.168.0.70', Server: '192.168.0.70', Protocol: POP3, Port: 110,
Secure(SSL): Yes, Error Number: 0x800CCC1A
And QPOPPER write this to the logs:
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at 192.168.0.71
(192.168.0.71): -ERR Unknown command: "\200a^A^C^A".
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at 192.168.0.71
(192.168.0.71): -ERR POP EOF or I/O Error
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at 192.168.0.71
(192.168.0.71): -ERR Unknown command: "\200b^A\200^A".
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at 192.168.0.71
(192.168.0.71): -ERR POP EOF or I/O Error
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at 192.168.0.71
(192.168.0.71): -ERR Unknown command: "^V^C".
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at 192.168.0.71
(192.168.0.71): -ERR POP EOF or I/O Error
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
(1)
Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27691]: (null) at 192.168.0.71
(192.168.0.71): -ERR POP EOF or I/O Error
Also i tried to set TLS-SUPPORT to ALTERNARTE-PORT, in that case SSL WORKS
GREAT, but normal why DON´T. The logs tells that a TLS HANDSHAKE FAILED in
that case.
In both cases i´m using ONLY port 110. Because i can´t find the way to tell
QPOPPER to bind SSL to port 995 and normal POP3 to port 110.
Any ideas? Articles to read? Anything?
Thanks in advance.
Fernando.
**************************
Fernando Casas
LAN-WAN-Internet-Seguridad
Soporte GNU/Linux
celular: 156-162861
email: fernando at secdata.com dot ar
http://www.secdata.com.ar
**************************
Date: Thu, 10 Jan 2002 14:03:19 -0500
From: Daniel Senie <dts at senie dot com>
Subject: Re: TLS/SSL
At 01:50 PM 1/10/02, Fernando Casas wrote:
>Hi, i´m new to the list. I´m from argentina so please excuse my bad
english.
>I´m having trouble with TLS/SSL with the fabubous QPOPPER. Everything but
>that it´s going smoothly and let me tell you QPOPPER RULEEESS. ;)
>Ok, i´ll proceed with the problem description.
>My compile options were:
>
>./configure --enable-server-mode --enable-standalone --enable-shy
--enable-b
>ulletins --disable-old-spool-loc --enable-home-dir-mail=Mailbox
--with-opens
>sl
>
>And my config file its tuned like this:
>
>set server-mode
>set reverse-lookup
>set fast-update
>set statistics = true
>set tls-support = stls
>set tls-server-cert-file = /etc/mail/certs/cert.pem
You are missing a config line telling qpopper where to find your private
key. May not be the only problem, but it certainly is one problem.
>I´m using Outlook Express 5.5 (also tried with OUTLOOK 2K). When i try to
>connect to the POP3 server, without SSL, everything gows smoothly. But when
>i configure OU to use SSL on port 110, i get this msg:
Well, if you're going to use OE, you have to set up a second instance of
qpopper, on port 995, with set tls-support=alternate-port. You see, the
folks at Microsoft haven't figured out this STARTTLS thing. Hopefully they
will get around to fixing their product at some point. Until then, you have
to run two separate configs of qpopper.
>A secure connection to the server could not be established. Account:
>'192.168.0.70', Server: '192.168.0.70', Protocol: POP3, Port: 110,
>Secure(SSL): Yes, Error Number: 0x800CCC1A
>
>And QPOPPER write this to the logs:
>
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "\200a^A^C^A".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "\200b^A\200^A".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "^V^C".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27691]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>
>Also i tried to set TLS-SUPPORT to ALTERNARTE-PORT, in that case SSL WORKS
>GREAT, but normal why DON´T. The logs tells that a TLS HANDSHAKE FAILED
in
>that case.
>
>In both cases i´m using ONLY port 110. Because i can´t find the way to
tell
>QPOPPER to bind SSL to port 995 and normal POP3 to port 110.
So you were looking for the right things. If you're running from inetd or
xinetd, you'd have to tell that software that you'd like it to respond on
port 995 as well as 110.
>Any ideas? Articles to read? Anything?
>Thanks in advance.
>Fernando.
>
>**************************
> Fernando Casas
>
> LAN-WAN-Internet-Seguridad
> Soporte GNU/Linux
>
>celular: 156-162861
>email: fernando at secdata.com dot ar
>http://www.secdata.com.ar
>**************************
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
From: "Fernando Casas" <casasfernando at hotmail dot com>
Subject: Re: TLS/SSL
Date: Thu, 10 Jan 2002 16:29:17 -0300
Mmmm, the private KEY is in the CERTIFICATE. And i didn´t have any problems
with that.
Can anybody tell me how to tell QPOPPER to bind to port 995. I´m running it
in STAND ALONE mode. So NO INETD or XINETD available. But if INETD is the
ONLY solution well, i´ll recompile and use it that WAY.
I try the solution proposed in the administrator guide, about THREE conf
files. But didn´t work. Sincerely, i didn´t understand it so may be i did it
WRONG. A production working example of the conf file(s) will be WELCOME. =D.
Thanks a lot for your help DANIEL.
Fernando
PD: i can´t believe OUTLOOK® 2000 can´t support STLS command =(
----- Original Message -----
From: "Daniel Senie" <dts at senie dot com>
To: "Fernando Casas" <casasfernando at hotmail dot com>; "Subscribers of Qpopper"
<qpopper at lists.pensive dot org>
Sent: Thursday, January 10, 2002 4:03 PM
Subject: Re: TLS/SSL
At 01:50 PM 1/10/02, Fernando Casas wrote:
>Hi, i´m new to the list. I´m from argentina so please excuse my bad
english.
>I´m having trouble with TLS/SSL with the fabubous QPOPPER. Everything but
>that it´s going smoothly and let me tell you QPOPPER RULEEESS. ;)
>Ok, i´ll proceed with the problem description.
>My compile options were:
>
>./configure --enable-server-mode --enable-standalone --enable-shy --enable-
b
>ulletins --disable-old-spool-loc --enable-home-dir-mail=Mailbox --with-open
s
>sl
>
>And my config file its tuned like this:
>
>set server-mode
>set reverse-lookup
>set fast-update
>set statistics = true
>set tls-support = stls
>set tls-server-cert-file = /etc/mail/certs/cert.pem
You are missing a config line telling qpopper where to find your private
key. May not be the only problem, but it certainly is one problem.
>I´m using Outlook Express 5.5 (also tried with OUTLOOK 2K). When i try to
>connect to the POP3 server, without SSL, everything gows smoothly. But when
>i configure OU to use SSL on port 110, i get this msg:
Well, if you're going to use OE, you have to set up a second instance of
qpopper, on port 995, with set tls-support=alternate-port. You see, the
folks at Microsoft haven't figured out this STARTTLS thing. Hopefully they
will get around to fixing their product at some point. Until then, you have
to run two separate configs of qpopper.
>A secure connection to the server could not be established. Account:
>'192.168.0.70', Server: '192.168.0.70', Protocol: POP3, Port: 110,
>Secure(SSL): Yes, Error Number: 0x800CCC1A
>
>And QPOPPER write this to the logs:
>
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "\200a^A^C^A".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "\200b^A\200^A".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
192.168.0.71
>(192.168.0.71): -ERR Unknown command: "^V^C".
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
>output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
>(1)
>Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27691]: (null) at
192.168.0.71
>(192.168.0.71): -ERR POP EOF or I/O Error
>
>Also i tried to set TLS-SUPPORT to ALTERNARTE-PORT, in that case SSL WORKS
>GREAT, but normal why DON´T. The logs tells that a TLS HANDSHAKE FAILED in
>that case.
>
>In both cases i´m using ONLY port 110. Because i can´t find the way to tell
>QPOPPER to bind SSL to port 995 and normal POP3 to port 110.
So you were looking for the right things. If you're running from inetd or
xinetd, you'd have to tell that software that you'd like it to respond on
port 995 as well as 110.
>Any ideas? Articles to read? Anything?
>Thanks in advance.
>Fernando.
>
>**************************
> Fernando Casas
>
> LAN-WAN-Internet-Seguridad
> Soporte GNU/Linux
>
>celular: 156-162861
>email: fernando at secdata.com dot ar
>http://www.secdata.com.ar
>**************************
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
Date: Thu, 10 Jan 2002 11:51:06 -0800
From: Chuck Yerkes <chuck+qpopper at yerkes dot com>
Subject: Re: Emails are received twice with Qpopper 3.1.2
Quoting Clifton Royston (cliftonr at lava dot net):
On Wed, Jan 09, 2002 at 11:46:08AM -0800, Habib Abassi wrote:
> IS IT POSSIBLE with QPopper(3.1.2) a user account receives two emails
> with same Message-Id and a different Received id !!!
No.
You are getting the message twice (as is sendmail).
I've seen a LOT of duplicate deliveries behind
PIX firewall's using the SMTP proxy (or "fixup").
It terminates the some packets early, so the INSIDE machine
things see that the message is done, but the OUTSIDE fails.
The answer, at this point, is to turn off this piece of crap
proxy.
Individuals at Cisco have acknowledged this and agree that the
proxy is crap, but there's been no official ack.
Also, you might consider Sendmail 8.11.6 or even 8.12 (8.12
is extraordinarily fast).
> First Email Header:
>
> Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K9PF0000205568; Thu, 3 Jan 2002 20:09:25 GMT
> Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
> Date: Thu, 3 Jan 2002 20:02:02 GMT
> Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
>
> Second Email Header:
>
> Received: from YYYYY by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03KA5F0000205897; Thu, 3 Jan 2002 20:10:05 GMT
> Received: from XXXXX by XXXXX (8.10.2/1.1.29.3/04Oct01-0217PM)
> id g03K22F0000204697; Thu, 3 Jan 2002 20:02:02 GMT
> Date: Thu, 3 Jan 2002 20:02:02 GMT
> Message-Id: <200201032002 dot g03K22F0000204697@XXXXX >
Date: Thu, 10 Jan 2002 14:53:49 -0500
From: Daniel Senie <dts at senie dot com>
Subject: Re: TLS/SSL
At 02:29 PM 1/10/02, you wrote:
>Mmmm, the private KEY is in the CERTIFICATE. And i didn´t have any
problems
>with that.
No, it doesn't work that way. You must have the following TWO lines in your
config:
set tls-server-cert-file=<cert file>
set tls-private-key-file=<private key file>
>Can anybody tell me how to tell QPOPPER to bind to port 995. I´m running
it
>in STAND ALONE mode. So NO INETD or XINETD available. But if INETD is the
>ONLY solution well, i´ll recompile and use it that WAY.
Someone else should be able to answer this. I personally run qpopper from
xinetd for a variety of reasons.
>I try the solution proposed in the administrator guide, about THREE conf
>files. But didn´t work. Sincerely, i didn´t understand it so may be i
did it
>WRONG. A production working example of the conf file(s) will be WELCOME.
=D.
The config file tells qpopper HOW to run the TLS protocol (set
tls-support=<option>) but does not tell it what port to run it on.
>Thanks a lot for your help DANIEL.
>Fernando
>
>PD: i can´t believe OUTLOOK® 2000 can´t support STLS command =(
Worse: Outlook (all versions I've tried, Express and otherwise) actually do
support STLS for SMTP on port 25, but if you change to another port for
SMTP (e.g. the SUBMISSION port, 587) it fails to negotiate STLS.
Fortunately, Eudora 5.1 does an outstanding job of implementing TLS. I've
been pushing my customers toward Eudora ever since 5.1 came out. It works
great, doesn't explode, and doesn't seem to have virus vulnerability issues.
>----- Original Message -----
>From: "Daniel Senie" <dts at senie dot com>
>To: "Fernando Casas" <casasfernando at hotmail dot com>; "Subscribers of Qpopper"
><qpopper at lists.pensive dot org>
>Sent: Thursday, January 10, 2002 4:03 PM
>Subject: Re: TLS/SSL
>
>
>At 01:50 PM 1/10/02, Fernando Casas wrote:
> >Hi, i´m new to the list. I´m from argentina so please excuse my bad
>english.
> >I´m having trouble with TLS/SSL with the fabubous QPOPPER. Everything
but
> >that it´s going smoothly and let me tell you QPOPPER RULEEESS. ;)
> >Ok, i´ll proceed with the problem description.
> >My compile options were:
> >
> >./configure --enable-server-mode --enable-standalone --enable-shy
--enable-
>b
> >ulletins --disable-old-spool-loc --enable-home-dir-mail=Mailbox
--with-open
>s
> >sl
> >
> >And my config file its tuned like this:
> >
> >set server-mode
> >set reverse-lookup
> >set fast-update
> >set statistics = true
> >set tls-support = stls
> >set tls-server-cert-file = /etc/mail/certs/cert.pem
>
>You are missing a config line telling qpopper where to find your private
>key. May not be the only problem, but it certainly is one problem.
>
>
> >I´m using Outlook Express 5.5 (also tried with OUTLOOK 2K). When i try
to
> >connect to the POP3 server, without SSL, everything gows smoothly. But
when
> >i configure OU to use SSL on port 110, i get this msg:
>
>Well, if you're going to use OE, you have to set up a second instance of
>qpopper, on port 995, with set tls-support=alternate-port. You see, the
>folks at Microsoft haven't figured out this STARTTLS thing. Hopefully they
>will get around to fixing their product at some point. Until then, you have
>to run two separate configs of qpopper.
>
>
> >A secure connection to the server could not be established. Account:
> >'192.168.0.70', Server: '192.168.0.70', Protocol: POP3, Port: 110,
> >Secure(SSL): Yes, Error Number: 0x800CCC1A
> >
> >And QPOPPER write this to the logs:
> >
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR Unknown command: "\200a^A^C^A".
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR POP EOF or I/O Error
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27688]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR Unknown command: "\200b^A\200^A".
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR POP EOF or I/O Error
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27689]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR Unknown command: "^V^C".
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR POP EOF or I/O Error
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27690]: I/O error flushing
> >output to client at 192.168.0.71 [192.168.0.71]: Operation not permitted
> >(1)
> >Jan 10 15:36:24 mcafee /usr/local/sbin/popper[27691]: (null) at
>192.168.0.71
> >(192.168.0.71): -ERR POP EOF or I/O Error
> >
> >Also i tried to set TLS-SUPPORT to ALTERNARTE-PORT, in that case SSL
WORKS
> >GREAT, but normal why DON´T. The logs tells that a TLS HANDSHAKE FAILED
in
> >that case.
> >
> >In both cases i´m using ONLY port 110. Because i can´t find the way
to tell
> >QPOPPER to bind SSL to port 995 and normal POP3 to port 110.
>
>So you were looking for the right things. If you're running from inetd or
>xinetd, you'd have to tell that software that you'd like it to respond on
>port 995 as well as 110.
>
> >Any ideas? Articles to read? Anything?
> >Thanks in advance.
> >Fernando.
> >
> >**************************
> > Fernando Casas
> >
> > LAN-WAN-Internet-Seguridad
> > Soporte GNU/Linux
> >
> >celular: 156-162861
> >email: fernando at secdata.com dot ar
> >http://www.secdata.com.ar
> >**************************
>
>-----------------------------------------------------------------
>Daniel Senie dts at senie dot com
>Amaranth Networks Inc. http://www.amaranth.com
-----------------------------------------------------------------
Daniel Senie dts at senie dot com
Amaranth Networks Inc. http://www.amaranth.com
From: "Michael Riedel" <mrie at fto dot de>
Date: Thu, 10 Jan 2002 22:16:20 +0100
Subject: Re: qpopper 4.0.3 undefined reference auth_user
On 10 Jan 2002 at 10:01, Randall Gellens wrote:
> Does it work if you do a 'make realclean' and then re-run
> ./configure, leaving off both '--enable-poppassd' and
> '--enable-specialauth'?
>
Yes, but actually I need the poppassd. Qpopper runs fine since several
months.
--
Bye
|\/|ichael Riedel
Subject: ERROR in POP.log
Date: Thu, 10 Jan 2002 13:28:11 -0800
From: "Habib Abassi" <habassi at telephonyatwork dot com>
Hi,
I Got this error in POP.log .
aaa at host dot com: -ERR Could not lockf /usr/spool/mail/aaa
Whats this means?
Thanks.
Date: Thu, 10 Jan 2002 12:01:54 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: error in log
On Thu, Jan 10, 2002 at 11:20:26AM +0100, Denny-Schierz wrote:
> i have some errors in my log file, and i don't know what to do
>
> in.qpopper[4807]: Config file nesting exceeds 100; will not process config file /etc/qpopper.conf [pop_config.c:1283]
>
> what does it mean?
This is an IAQ (Infrequently Asked Question) but has a known answer. ;-)
It means you're including your config file within your config file,
recursively. You need to find the line which is doing that and change
it.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Thu, 10 Jan 2002 11:59:46 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: TLS/SSL
On Thu, Jan 10, 2002 at 02:53:49PM -0500, Daniel Senie wrote:
> At 02:29 PM 1/10/02, you wrote:
> >Mmmm, the private KEY is in the CERTIFICATE. And i didn´t have any problems
> >with that.
>
> No, it doesn't work that way. You must have the following TWO lines in your
> config:
>
> set tls-server-cert-file=<cert file>
> set tls-private-key-file=<private key file>
>
> >Can anybody tell me how to tell QPOPPER to bind to port 995. I´m running it
> >in STAND ALONE mode. So NO INETD or XINETD available. But if INETD is the
> >ONLY solution well, i´ll recompile and use it that WAY.
>
> Someone else should be able to answer this. I personally run qpopper from
> xinetd for a variety of reasons.
I'll recommend the same - in fact we installed xinetd to our main
machine specifically for qpopper, because it gives the ability to
rate-limit based on load. Qpopper does have the ability to hammer the
hell out of your disk system if you get many sudden POP connections for
users with large mailspools.
If you start refusing all POP connections when your CPU load hits 100
(or some number appropriate for the stability of your OS) your machine
will stay up; if you don't have *some* limit, it's possible for it to
be pushed until it becomes completely unresponsive, or possibly until
it crashes if you're running something less bulletproof than a stable
release of a BSD-type UNIX.
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava dot net
WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
Date: Thu, 10 Jan 2002 23:23:44 +0100
From: Jesus Cea Avion <jcea at argo dot es>
Subject: Timeout in QPOPPER with client shutdown
Currently Qpopper has a timeout between commands, but there is no
timeout when the server is sending a message to the client.
If I'm receiving a long email and suddently my inet connection is
closed, two things can occur:
a) The next datagram from the server will be answer by the network using
an ICMP "host unreachable" or similar. Current Qpopper correctly detects
this fact and closes the connection.
b) The next datagram from the server will simply banish. TCP retransmits
and the following datagrams also banish. A black hole...
In this situation QPOPPER hasn't any timeout, so the server will be
blocked forever.
I think QPOPPER should use timeout when sending data to the client, in
order to recognice "b" scenary. So qpopper would have the opportunity to
cleanup the mess.
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea at argo.es http://www.argo dot es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
Subject: Re: TLS/SSL
From: Kenneth Porter <shiva at well dot com>
Date: 10 Jan 2002 14:37:35 -0800
On Thu, 2002-01-10 at 10:50, Fernando Casas wrote:
> In both cases i´m using ONLY port 110. Because i can´t find the way t
o tell
> QPOPPER to bind SSL to port 995 and normal POP3 to port 110.
This is documented in the PDF file under command line options. You
specify the IP address and port to bind to on the command line like
"aa.bb.cc.dd:port". I think you can use 0.0.0.0:995 to listen to port
995 on all interfaces.
Since you want to bind to two different ports, you need to run two
copies of the server. Presumably you'll use a different config file for
each (also a command line parameter) to control whether SSL is used.
Last updated on 10 Jan 2002 by Pensive Mailing List Admin