-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I submitted a bug report containing the following: Any suggestions are welcome. Bugs: ____________________________________ Once you enable tls/ssl using openssl every time a client negotiatites a connection this is written to the log. This can quickly consume resources. This should be lowered in the log level or set as a option. This creates _a lot_ of I/O as well. "popper[83103]: (v4.0.5) TLSv1/SSLv3 handshake with client at 67.3.171.145 (67.3.171.145); new session-id; cipher: DES-CBC3-SHA (DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1), 168 bits" Is A LOT of I/O for every mail check for every user, log files get huge very quickly. And this is with -R,, had the reverse lookup been on this line would have been much longer. ____________________________________ Logging: Big mess... What I want to do is: Specify a log file and each time a user actually retrieves mail have it do a statistics line for that. If the user does not retrieve mail ( ie nothing is transferred ) no logging unless I have specified log-login. This should be 1 line in a log that if tls/ssl was used also indicate cipher and bits. After using many combinations, no options seem to exist to do this. I would settle for options that worked correctly. IE. -s -T xxxx should produce 1 line in a separate log for each query. This is not possible currently, see below. _______________ Tracefile: This command does not do what it says. If you -do not- specify debugging, so no debugging, and then use -t xxxx then you get tons of debug related log entries. If you use tracefile = xxx you get different results but still way more logging then what you see in the system log without this option.. - -t and tracefile do not produce the same results when debug is disabled, just FYI According to your manual "If used without --enable-debugging, redirects all log messages to the specified file." This it clearly does not do. It also logs more stuff increasing I/O and making a log file that's 4 times bigger at a minimum. _________________ No log_level option. _________________ "TLS shutdown Error" when using tls/ssl with Outlook. This is also logged at a high level generating lots of log entries and again consuming resources. This needs to be reduced in log_level. _________________ Currently using the tracefile in config and doing -s produces 8 log entries for a pop check. For a TLS/SSL pop check it produces 12 !. I could get this lower by using command line options rather then config file options but still could not reduce it to below 6 lines.. This is without setting debug or enabling debug. The "set" log entries only occur if these options are set using the config file. These log entries disappear when you use command line options. For a single non tls/ssl pop check Jul 27 10:45:54.111 2003 [51184] Set server-mode Jul 27 10:45:54.111 2003 Jul 27 10:45:54.112 2003 [51184] Set shy to true Jul 27 10:45:54.112 2003 Jul 27 10:45:54.112 2003 [51184] Set reverse-lookup to false Jul 27 10:45:54.112 2003 Jul 27 10:45:55.600 2003 [51184] Stats: rzuch2 4 13601 62 1109404 ool-4357fdd7.dyn.optonline.net 67.87.253.215 Jul 27 10:45:55.600 2003 For a single tls/ssl pop check: Jul 27 16:51:00.684 2003 [88376] Set server-mode Jul 27 16:51:00.684 2003 Jul 27 16:51:00.684 2003 [88376] Set shy to true Jul 27 16:51:00.684 2003 Jul 27 16:51:00.684 2003 [51184] Set reverse-lookup to false Jul 27 16:51:00.684 2003 Jul 27 16:51:00.684 2003 [88376] (v4.0.5) TLSv1/SSLv3 handshake with client at 67.3.171.145 (67.3.171.145); new session-id; cipher: DES-CBC3-SH xxxxxxxxxxxx Jul 27 16:51:00.684 2003 Jul 27 16:51:02.794 2003 [88376] Stats: cs 0 0 0 0 67.3.171.145 67.3.171.145 Jul 27 16:51:02.794 2003 Jul 27 16:51:02.794 2003 [88376] TLS shutdown Error Jul 27 16:51:02.794 2003 _________________ Setting a option like servermode in the config file writes a log entry each time popper is called when using tracefile. This is true of the shy options and others as well. "Jul 26 20:27:20.665 2003 [73310] Set reverse-lookup to false" "Jul 26 20:27:20.665 2003 [73310] Set shy to true" "Jul 26 20:27:20.665 2003 [73310] Set server-mode to true" _________________ Tracefile generates lots of blank lines with just a date/time. __________________________________________________ What is needed is a logfile command combined with a loglevel. Also a good review of how tls/ssl is logged and in fact how every option combo is logged. -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPyRuv1LPNdKnnyLPEQK9oACgyb5rZSJZAAZ47OM7XJOBqiXL1PcAoJe7 22Zm/TKA942HEgwoSiAo8C4L =5xJ7 -----END PGP SIGNATURE-----
PGPexch.rtf.pgp
Description: Binary data
