Re: What to upgrade to?

2011-04-25 Thread Axel Rau 

On 25.04.2011, at 09:27, my...@mware.ca wrote:

 I'm thinking about upgrading mine to 9, but I'm also realizing I'm looking at 
 a multi-hour if not multi-day import window...
 My pg dumps are ~20GB at this point. Probably smaller than some others', but 
 still a challenge.
 
 Thoughts?
pg_upgrade. I never did it, so I don't know how much faster it is.
The standard tool is Slony. Setup a 2nd cluster, init replication and keep it 
running. Then upgrade the 2nd cluster to 9.0 with pg_upgrade, while replication 
still running. At least you can have as many restarts of the complete process 
as necessary w/o disturbing your production system...
Did anybody try Slony with aox?

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Any comments? (Re: Use the DNS cache as a backup, in case DNS lookup (temporarily)) fails.

2011-05-07 Thread Axel Rau 

Am 07.05.2011 um 14:42 schrieb Stephen R. van den Berg:

 Axel Rau wrote:
 FreeBSD 8.0 includes unbound 1.3.3 and 8.2 includes 1.4.5.
 
 libunbound is not the same as unbound, they are related though, so it is
 very likely that libunbound is present, if unbound is.
I see.
It's in FreeBSD ports and the manpage mentions both unbound and libunbound.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Any objections against adding simple list management?

2011-05-14 Thread Axel Rau 
Am 12.05.2011 um 13:19 schrieb Arnt Gulbrandsen:

 lower(addresses.localpart)||'@'||lower(addresses.domain) must be unique when 
 joined against aliases. I've not the faintest idea how to express that in 
 SQL, though.
 
 Then we need a cleanup script to purge inconsistent aliases from the db 
 (disabling constraint / delete / re-enable constraint).
 
 I don't think we can write that. It's easy to detect, not so easy to fix.
 
 Maybe an alternative is to write a trigger to make sure no new badness is 
 added.

The attached sql 


trigger.sql
Description: Binary data
 contains a trigger for inserting/updating addresses:
1.1 Make (localpart,domain) unique if name is NULL
1.2 Does not allow an address which distinguishes only in case of another 
address, which is referenced by aliases.address
and another trigger for inserting/updating aliases:
2.1 Make sure aliases.address has no counterpart in addresses, which 
distinguishes only in case.

Tests:
1.1
insert into addresses(localpart,domain) values('localpart','chaos1.de');
ERROR:  ?Duplicate ddress localp...@chaos1.de

1.2 aox utility does not return, but sql works:
development=# select ADL.id,ADL.localpart || '@' || ADL.domain AS ADR, ADD.id, 
ADD.localpart || '@' || ADD.domain AS DST FROM aliases AL JOIN addresses ADL ON 
ADL.id = AL.address JOIN addresses ADD ON ADD.id = AL.mailbox;
 id |adr| id | dst 
+---++-
 82 | localpa...@do.main|  1 | axel@chaos1.de
 72 | localpa...@do.main|  1 | axel@chaos1.de
 70 | localp...@do.main |  1 | axel@chaos1.de

evelopment=# insert into addresses(localpart,domain) 
values('LOcalPart','Do.Main');
ERROR:  ?Address localp...@do.main conflicts with alias

2.1
development=# select * from addresses where localpart = 'Hermann.xyz';
 id |  name  |   localpart|   domain
+++-
 12 || Hermann.xyz | domain.DE
 15 | Hermann xyz| Hermann.xyz | domain.DE
 59 | Hermann xyz| Hermann.xyz | domain1.DE

aox add alias 'hermann@domain.de' '/users/axel@chaos1.de/INBOX' ;
aox: Couldn't create alias: PostgreSQL Server: ?Alias conflicts with existing 
address

Hope this fits in your picture,
Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Selecting alternate IMAP box fails

2011-08-11 Thread Axel Rau 

Am 09.08.2011 um 17:58 schrieb Arnt Gulbrandsen:

 It has to be in pl/pgsql. I have a set of test cases, I have an old c++ 
 implemenentation (correct, but unusable), but what's needed is pl/pgsql code. 
 Something that can be called in ORDER BY.
You mean returning a set of records, whose column names appear in the ORDER BY?
Please send me the stuff, I give it a try.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: ti_outlook_hack is not a btree?

2011-09-02 Thread Axel Rau 

Am 02.09.2011 um 07:35 schrieb Jim Rowan:

 index ti_outlook_hack is not a btree (query: copy thread_indexes (message, 
 th...)
What shows the PostgreSQL debug log?

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: web mail for masses - scaling archiveopteryx - active development?

2012-11-14 Thread Axel Rau 
Sorry, Arnt, that should go to the list:

Am 14.11.2012 um 15:51 schrieb Arnt Gulbrandsen:

 On 11/14/2012 03:32 PM, Martin Rode wrote:
 The point is, you can do incremental backups easily if you store
 attachments in files. If you store them inside the database a full dump
 gets huge and can take a lot of time.
My bodyparts  table is only 1/3 of the header_fields table.
So storing attachments outside the db would not help much.
 
 Yes. An artifact of pg_dump (and dumpall). IMO PITR backups are a better 
 solution than moving parts of the db where pg_dump cannot see them. But there 
 are drawbacks to PITR too, and I see your point.
 
 (Abhijit showed me a newly submitted patch for pg_dump which goes some way 
 towards resolving this.)
 
 You can shrink the backups by deleting attachments (conditionally,
 blah), or by not backing up the entire db.
 Why would you not want to backup the entire db?
 
 Beats me. I've seen several people do it. Shocking.
I have streaming replication to an offsite server set up.
I'm considering recycling backups more often.
Keeping 2 daily and 2 weekly backups comes into mind.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: issues with git head

2013-08-29 Thread Axel Rau 

Am 29.08.2013 um 03:34 schrieb Mark Felder f...@feld.me:

 git head is still broken on FreeBSD. Connections just hang/stall forever
 without any obvious cause. My testing has been on FreeBSD 9.x
 specifically, but I'll throw together a 10 jail shortly to test.
I have git HEAD in production since 3 weeks on FreeBSD 9.1.
I'm getting about 1-2 crashes per week and had one hanging session so far.
This version recovers from a crash (spawning a new process) but not from the 
hung situation.
 
 For the record, 3.1.3 somewhat works on 9.x... it takes a while before
 it stalls, but still eventually does. This behavior never existed on
 FreeBSD 8.x and earlier which is where I used to run aox.
Hmm, I saw stalls on 8.2 too…

 If you can
 find the time to debug and come up with any hints regarding what it
 could be especially if it's not a problem in the aox codebase it would
 be greatly appreciated.
 
 I'll also prop up an 8.4 jail and test in there so I can perhaps rule
 out kernel or user land as I'm running a 10 kernel these days.
Did you manage to run aox in secure mode while in a jail?

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: aox views are too flexible to be usable — I think

2013-08-29 Thread Axel Rau 

Am 29.08.2013 um 21:44 schrieb Arnt Gulbrandsen a...@gulbrandsen.priv.no:

 
 While we are talking about NSA, are you considering implementing
 Diffie–Hellman key exchange?
 
 I would happily add that. Right now the server uses the openssl default,
 more or less:
 
SSL_CTX_set_cipher_list( ctx, HIGH:MEDIUM:!LOW:!EXPORT );
 
 Do you know how to set a suitable cipher list to prefer cipher suites
 with PFS? Google found http://stackoverflow.com/questions/17308690, but
 the SSLCIpherSuite lists on that page look a little too complex for my
 taste. Comments?
In my nginx.conf, I have
ssl_ciphers HIGH:!aNULL:!MD5;
which produces PFS.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

[Diverted: post from non-subscriber] Flushing queue with 5.x.y error / status failed

2013-10-10 Thread Axel Rau 
Sometimes shit happens and sox queue is filling up with mails with status 
'failed'.
aox flush queue does not help in this case.
You have to do something like:
---
select * from delivery_recipients where status != '';
update delivery_recipients set last_attempt = NULL, action = 2 where action = 1;
select * from delivery_recipients where status != '';
# restart aox
---
It would be nice to have an option (-f) to force flushing of all queued mail, 
like the help suggests:
Instructs the running server to try to deliver all spooled mail to the smart 
host.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Stability of aox 3.2.0 is good

2014-05-01 Thread Axel Rau 

Am 29.04.2014 um 14:17 schrieb Arnt Gulbrandsen a...@gulbrandsen.priv.no:

 On Tuesday, April 29, 2014 2:14:23 PM CEST, Axel Rau wrote:
 I guess, you have not configured TLS  as mandatory.
 
 I have my own aox configured to make that problem show up more often, but 
 still haven't seen it on a day when I had time to look closely.
 
 (At least I think we're talking about the same problem.)
I use something like
—-
echo quit | openssl s_client -CAfile /some/path/ca_cert.pem \
-starttls smtp -connect some.host:587 21 | grep -q ‘250 DSN'
if [ $? -ne 0 ]
then
  echo '' | mail -s aox locked up with SSL problem - restarting root
  $aox restart
fi
—-
This restarts the server once a day.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Stability of aox 3.2.0 is good

2014-05-06 Thread Axel Rau 

Am 05.05.2014 um 22:11 schrieb ja...@mansionfamily.plus.com:

 On 05/05/2014 13:24, Arnt Gulbrandsen wrote:
 First thing I found was that the Jamfile assumes a new gcc; I only had one 
 that barfed with  -Wno-unused-result.  I installed 4.9 and forced the build 
 to use it.
 
 I've committed a change so the the release will not use -Werror. 
 I don't think that will help:
 
 cc1: error: unrecognized command line option -Wno-unused-result“
 
I’m using CLANG on a vanilla 9.2-RELEASE-p5:
setenv CLANG 1 ; jam
Compiles w/o warnings.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: scaling aox

2014-05-29 Thread Axel Rau 

Am 29.05.2014 um 18:39 schrieb Mark Felder f...@feld.me:

 Has anyone experimented with scaling aox with multiple load balanced aox 
 frontend nodes and a master-master PostgreSQL-XC backend? Would love to hear 
 the results; this would be a really nice setup if it worked as expected.
Multi-Master-Backend won’t work with aox, says Arnt. Has to do with the 
complexity of the IMAP protocol.

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: Possible Authentication Issue/Interop Problems

2014-10-03 Thread Axel Rau 
I have problems with DIGEST-MD5 since I remember, but never tracked it down 
like you did.
We accept only SSL connections and so used plaintext password as workaround.

Am 03.10.2014 um 12:33 schrieb NSS Ltd nss...@networksystemssolutions.co.uk:

. . .

 Oct  3 10:08:51 messaging Archiveopteryx: 7591/6/8/4/1 resp
 9e5ee49ef8d07b875d7fff80274b8c73 has length 34 (not 32) in
 DIGEST-MD5 response
 
 Which indicated the parsing of the MD5 auth response did not like the
 quoting of the response element - the quotes add 2 characters giving 34
 instead of expected 32.
 
 As I had the source code to MailKit, I was able to alter the relevant
 section to remove the quotations, firstly from just the response element
 but that still failed.  I then altered it so quoting was removed from
 qop, response and algorithm and then I could authenticate.  (The
 benefits of open source!)
 
 However, this looks like an interoperability issue on the Archiveopteryx
 side.
 
 As I've been working on this other project and not had much time
 recently, it looks like I need to come back round to aox and look at
 that auth code as it should permit some additional quotation by the
 looks of things.
 
 Any thoughts/comments ?

Axel
---
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Re: [HEADS UP] Thunderbird 38.1: Authentication failed

2015-07-21 Thread Axel Rau 

Am 21.07.2015 um 10:57 schrieb Axel Rau axel@chaos1.de:

 Hi all,
 
 Users can’t authenticate to archiveopteryx after upgrade to thunderbird 38.1.
 This happens on Windows, Mac OS X and Linux.
Seems to be a TLS problem. I could authenticate with cram-md5 *without* TLS on 
a Mac.
Needing more investigation. . .

Axel
---
PGP-Key:29E99DD6  ☀ +49 160 9945 7889  ☀ computing @ chaos claudius

Re: [RESOLVED][HEADS UP] Thunderbird 38.1: Authentication failed

2015-07-21 Thread Axel Rau 

Am 21.07.2015 um 11:53 schrieb Axel Rau axel@chaos1.de:

 Needing more investigation. . .
s_client returned:
Verify return code: 34 (unhandled critical extension)
Which was misleading.
The real problem was a server cert, of which end of life has passed.

Sorry, Axel
---
PGP-Key:29E99DD6  ☀ +49 160 9945 7889  ☀ computing @ chaos claudius

Lots "of die( Invariant ) called" in 20151201

2015-12-21 Thread Axel Rau 
I got about 50
die( Invariant ) called
after upgrading to
3.2.99.20151201
in about 24 hours
About 5 of them stopped the server.

Axel
---
PGP-Key:29E99DD6  ☀ +49 160 9945 7889  ☀ computing @ chaos claudius

Re: imap syntax error bad return option status

2016-06-13 Thread Axel Rau 

> Am 12.06.2016 um 23:25 schrieb NSS Ltd :
> 
> Admittedly, the website has some things which make it look very dated,
> such as references to old version as if they were current and the fact
> the last release is from a few years ago.  Although the GIT repository
> is mentioned and checking it shows recent activity, so anyone looking
> will see activity.  Perhaps a new release (and a few page cleanups) will
> show it's still active ?
> 
> Are there any major IMAP features missing?  If there are some, perhaps a
> list to see what can be added would make sense?  I'd be disappointed to
> give up on AOX and would rather see some updates and perhaps an
> announcement to HN to try and get some new interest.

AOX was incompatible with digital signatures from the beginning, which was
a result of MIME structure normalization, Arnt had implemented.

Keeping PGP sigs intact, became more and more important to us, so we
implemented a patch last summer to correctly resolve sigs of single MIME
parts or complete messages.
People, testing this version from github, found out, that list servers
broke the sig while putting the received message in another multipart level.
Arnt asked us to fix that and we came back with another patch, which gives
AOX the ability to keep sigs intact regardless of complexity of MIME
structure.
The implementation keeps the whole original message in raw form, if it
contains a multipart/signed part. This was the solution, we ended up,
after trying several variants, which missed the project goal.

Arnt did not honor the pull request until now, which may have to do with
architectural concerns.

Axel
-—
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

memorylocked limit on FreeBSD

2016-02-12 Thread Axel Rau 
Hi Mark,

After getting „Internal error in allocate“, I changed the login group of aox to 
daemon, which gives aox 128M instead of 64k of memorylocked limit.
Do you care to adjust the login group, in case your port creates user aox?

Axel
---
PGP-Key:29E99DD6  ☀ +49 160 9945 7889  ☀ computing @ chaos claudius

Re: memorylocked limit on FreeBSD

2016-02-12 Thread Axel Rau 

> Am 12.02.2016 um 19:16 schrieb Mark Felder :
> 
> I am curious how you managed to trigger this.
> Are you starting aox via
> the rc script?
> The FreeBSD rc script automatically sets the login class
> to "daemon":
I started aox as root under gdb, with security off.
The memory problem did not happen.
Then I turned on security and started it, as usual with your rc script
and immediately it stopped with the memory problem.
I changed the login class and had no problem since then.
I did not dig into /etc/rc.subr and I have no idea how to get limits of a 
running process.
If /etc/rc.subr does what it should, there is no need to change anything at 
your part.

I will report any further memory problems to the list.

Axel
---
PGP-Key:29E99DD6  ☀ +49 160 9945 7889  ☀ computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP using GPGMail

Sometimes answer to STARTLES is capability

2016-04-23 Thread Axel Rau 
MX host (exim 4.86) in ront of IMAP server (imap.lrau.net) produces (very long) 
log entries like this:
- - -
2016-04-22 14:40:58 H=mail-vk0-x239.google.com [2607:f8b0:400c:c05::239] 
X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no 
F= 
temporarily rejected RCPT : response to „STARTTLS“ from 
imap.lrau.net [91.216.35.80] was: 250-imap.lrau.net\n250-BURL IMAP 
IMAP://imap.lrau.net\n250-ENHANCEDSTATUSCODES\n250-BINARYMIME\n250-PIPELINING\n250-8BITMIME\n250-CHUNKING\n250-SMTPUTF8\n250-STARTTLS\n250
 DSN
- - -
Is this a timing problem?
Anybody else seeing this?

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: archiveoperyx-devel on FreeBSD

2016-05-14 Thread Axel Rau 
Mark,

could you please provide an option of your ports
to allow archiveopteryx / archiveoptery-devel to be
installed w/o
Postgresql-server, Postgresql-contrib, Perl
for situations where DB backend is on a different host and
aox runs in a service jail.

If I recall correctly, aox does not even use pqlib, so
Postgresql-client could be optional too with above option.

option name like
NO_SITE_INSTALL_TOOLS
comes into mind.

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: build failure with modern clang

2017-02-15 Thread Axel Rau 

> Am 10.01.2017 um 07:51 schrieb Abhijit Menon-Sen :
> 
> At 2017-01-09 12:36:23 -0600, f...@feld.me wrote:
>> 
>> C++ build/clang/server/tlsthread.o 
>> server/tlsthread.cpp:100:19: error: implicit conversion from 'long' to
>> 'int' changes value from 2168458239 to -2126509057
>> [-Werror,-Wconstant-conversion]
>>  | SSL_OP_NO_SSLv2
>>  ^
>> 1 error generated.
> 
> That's a bug. SSL_CTX_set_options() is documented to take a long, so
> I’ve changed 'options' from int to long.


Any chance to see this patch on github?

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: build failure with modern clang

2017-01-10 Thread Axel Rau 
Could those bugs be related, which happen several per a day with long running 
IMAP clients?

?Error while connecting to IMAP server and reading root folder, because: EOF 
occurred in violation of protocol (_ssl.c:645)
?Error while connecting to IMAP server and reading root folder, because: EOF 
occurred in violation of protocol (_ssl.c:645)
?Error while connecting to IMAP server and reading root folder, because: EOF 
occurred in violation of protocol (_ssl.c:645)

Axel
> Am 10.01.2017 um 07:51 schrieb Abhijit Menon-Sen :
> 
> At 2017-01-09 12:36:23 -0600, f...@feld.me wrote:
>> 
>> C++ build/clang/server/tlsthread.o 
>> server/tlsthread.cpp:100:19: error: implicit conversion from 'long' to
>> 'int' changes value from 2168458239 to -2126509057
>> [-Werror,-Wconstant-conversion]
>>  | SSL_OP_NO_SSLv2
>>  ^
>> 1 error generated.
> 
> That's a bug. SSL_CTX_set_options() is documented to take a long, so
> I've changed 'options' from int to long.
> 
> Thanks for the report.
> 
> -- ams
> 

---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Status of PGP signature for archaeopteryx

2017-03-06 Thread Axel Rau 

> Am 13.06.2016 um 14:49 schrieb Arnt Gulbrandsen <a...@gulbrandsen.priv.no>:
> 
> Axel Rau writes:
>> Arnt did not honor the pull request until now, which may have to do with
>> architectural concerns.
> 
> Axel's second pull request seems intuitively too complex for the problem... I 
> believe that a solution should not be more complex than the problem, and that 
> PR makes me feel uncomfortable.
> 
> I shall an implementation of my own to solve the same problem, and then merge 
> one of the two. Even if it violates my intuition of proper complexity and 
> simplicity.
> 
> I'm afraid I've been rather slow about this PR. Sorry.


As nothing happened with my PR during 8 months now, I have applied all patches 
from aox HEAD to my fork and will do so in the future.
Anybody, who uses PGP sigs can download the source here:
https://github.com/mc3/aox/archive/master.zip 
<https://github.com/mc3/aox/>
For FreeBSD users, there is a port available:

https://github.com/mc3/fbsd_local_ports/tree/master/mail/archiveopteryx-devel 
<https://github.com/mc3/fbsd_local_ports/tree/master/mail/archiveopteryx-devel>
This patch level is in production for 3 weeks now (the PGP sig code for 9 
months),

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: Frequently crashing/hanging on FreeBSD 11

2017-08-17 Thread Axel Rau 

> Am 16.07.2017 um 10:12 schrieb Axel Rau <axel@chaos1.de>:
> 
> 
>> Am 15.07.2017 um 22:38 schrieb Axel Rau <axel@chaos1.de 
>> <mailto:axel@chaos1.de>>:
>> 
>>  ?Error while connecting to IMAP server and reading root folder, 
>> because: [Errno 61] Connection refused
> The script tries 3 times to connect to the server and do its tests.
> In error case, it usually fails 3 times.
> Sometimes it succeeds with the 2nd or 3rd trial. 


‚Connection refused‘ means: The main thread has crashed:

aox Log (jail):
2017-08-15T18:57:36.350701+00:00 imap4 Archiveopteryx: 93063/2/2136 
Authenticated as michael.tuc...@chaos1.de <mailto:michael.tuc...@chaos1.de> 
using IMAP login
2017-08-15T18:58:17.409085+00:00 imap4 Archiveopteryx: 38467 archiveopteryx: 
Server startup complete

Log on host:
2017-08-15T18:57:46.253185+00:00 bh4 kernel: pid 93064 (archiveopteryx), uid 
666: exited on signal 11
 
I ask myself, if there shouln’d be a signal handler in aox to at a minimum 
report the pc.

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: Frequently crashing/hanging on FreeBSD 11

2017-07-16 Thread Axel Rau 

> Am 15.07.2017 um 22:38 schrieb Axel Rau <axel@chaos1.de>:
> 
>   ?Error while connecting to IMAP server and reading root folder, 
> because: [Errno 61] Connection refused
The script tries 3 times to connect to the server and do its tests.
In error case, it usually fails 3 times.
Sometimes it succeeds with the 2nd or 3rd trial. 

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: Frequently crashing/hanging on FreeBSD 11

2017-08-22 Thread Axel Rau 

> Am 13.07.2017 um 11:32 schrieb Axel Rau <axel@chaos1.de>:
> 
> Hungs show all threads in select (TlsThread).
> We failed to get a backtrace via lldb on crash.
> 
> This happens with both release 3.2.0 and recent PGP sig patch from github.
> 
> The server is running in a FreeBSD jail in secure mode.

It seems that this FreeBSD security patch made the problem(s) happen less often 
(:

--- sys/kern/sys_socket.c.orig
+++ sys/kern/sys_socket.c
@@ -675,6 +675,7 @@
 {
struct kaiocb *job;
 
+   CURVNET_SET(so->so_vnet);
SOCKBUF_LOCK(sb);
while (!TAILQ_EMPTY(>sb_aiojobq) && soaio_ready(so, sb)) {
job = TAILQ_FIRST(>sb_aiojobq);
@@ -698,6 +699,7 @@
ACCEPT_LOCK();
SOCK_LOCK(so);
sorele(so);
+   CURVNET_RESTORE();
 }
 
 void

vnet implements the network separation of jails.

Setting server-processes to 3 helped further to reduce the problem.

Axel

PS: 
=
FreeBSD-EN-17:07.vnet   Errata Notice
  The FreeBSD Project

Topic:  VNET kernel panic with asynchronous I/O

Category:   core
Module: kernel
Announced:  2017-08-10
Credits:Kristof Provost
Affects:FreeBSD 11.0 and later.
Corrected:  2017-07-28 18:09:41 UTC (stable/11, 11.1-STABLE)
2017-08-10 06:59:07 UTC (releng/11.1, 11.1-RELEASE-p1)
2017-08-10 06:59:26 UTC (releng/11.0, 11.0-RELEASE-p12)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I.   Background

POSIX asynchronous I/O permits applications to request asynchronous
completion of I/O requests.  VNET permits systems to be configured
with multiple instances of the in-kernel network stack.

II.  Problem Description

The implementation of POSIX asynchronous I/O for sockets completes I/O
requests in a pool of dedicated worker threads.  The VNET feature requires
threads to explicitly select an active instance of the network stack before
performing network operations.  The function used to complete asynchronous
I/O requests was not setting a network stack instance before completing I/O
requests.

III. Impact

Using POSIX asynchronous I/O with sockets in a VNET-enabled kernel will
panic.

IV.  Workaround

No workaround is available, but systems that do not enable VNET via a
custom kernel are not affected.
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Current GitHub version breaks subscriptions of Apple Mail

2018-05-05 Thread Axel Rau 
After upgrading to recent version 3.2.99.20180207 of FreeBSD port 
archiveopteryx-devel, which is based on

https://github.com/aox/aox/commit/8a59400320d94eaceb47045613eda75dbfe4b1eb
the following happened:

1. schema was upgraded from 97 to 98 (which added column ‚flag‘ to mailboxes)
2. aox and server produced tons of
aox: Note: Expected type string for column „flag“, but received null
3. To stop the messages, I inserted a " " in the new column.
4. On both macos and ios Apple mail applications, all subscribed folders had 
disappeared.
Attempt to subscribe them again failed. No problems on Thunderbird.
5. After downgrading of schema and bringing up previous version 
(archiveopteryx-devel-3.2.99.20170718,
based on a6e31e13d2) brought the folders back

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: Current GitHub version breaks subscriptions of Apple Mail

2018-07-04 Thread Axel Rau 

> Am 05.05.2018 um 14:05 schrieb Axel Rau :
> 
> 2. aox and server produced tons of
>   aox: Note: Expected type string for column „flag“, but received null
This patch seems to stop the error messages for mailboxes without flag:

diff --git a/server/mailbox.cpp b/server/mailbox.cpp
index 7809d34e..b7fca9d6 100644
--- a/server/mailbox.cpp
+++ b/server/mailbox.cpp
@@ -141,7 +141,10 @@ void MailboxReader::execute() {
 r->getBigint( "nextmodseq" ),
 q->transaction() );
 
-m->setFlag( r->getEString( "flag" ) );
+if ( !r->isNull( "flag" ) )
+m->setFlag( r->getEString( "flag" ) );
+else
+m->setFlag( "" );
 }
 
 if ( !q->done() || done )

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

COI - Chat Over IMAP

2019-04-06 Thread Axel Rau 
Hi,

anybody looked at this

https://github.com/coi-dev/coi-specs/blob/master/coi-client-spec.md#status--discussion
?
COI is IMAP based and a Dovecot based implementation is being developped.
There are more IMAP user than WhatsApp + Facebook-Messenger users world wide. 
(-;
Promotion here:
https://www.coi-dev.org/

Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius

Re: Release?

2019-08-06 Thread Axel Rau 


> Am 05.08.2019 um 22:54 schrieb Arnt Gulbrandsen :
> 
> On Monday 5 August 2019 21:34:35 CEST, Gerd Flaig wrote:
>> Hi,
>> 
>> are there any plans to make a release including the fixed Postgres
>> version check?
> 
> No plans, but more for lack of interst than lack of will.
> 
>> The NixOS definition is based on 3.2.0 which appears to be the most
>> recent release. I could probably override it to build from more recent
>> git version, but thought I'd ask first.
> 
> Abhijit and I will discuss and release. I think we'll roll back (or disable) 
> a couple of commits, then make a 3.2.1.
Hopefully you will share that discussion with the list. (-;

Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP

exim 4.95: Remote host closed connection in response to end of data

2022-01-04 Thread Axel Rau 
Hi all,

since I upgraded to exim 4.95, I’m getting above error on internal handover 
from MX relay to IMAP server.
Transport is LMTP over SMTP

Example log entry:
 1n4mZW-000G75-9a == some@address  R=archiveopteryx_user 
T=archiveopteryx_delivery defer (-18) H=some:ip [some:ip] DT=0s: Remote host 
closed connection in response to end of data

Transport is
- - -
# Delivers mail via LMTP to Archiveopteryx at $OWN_PRODUCTIVE_IMAP_SERVER:2026
archiveopteryx_delivery:
  driver = smtp
  protocol = lmtp
  hosts = {{ lr_exim_imap_server }}
  port = 2026
  hosts_avoid_tls = {{ lr_exim_imap_server }}
- - -

IMAP server is archiveopteryx
https://archiveopteryx.org/

OS is FreeBSD 12.2 p7

Any fix/workaround welcome.
Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP

Re: exim 4.95: Remote host closed connection in response to end of data

2022-01-04 Thread Axel Rau 


> Am 04.01.2022 um 17:52 schrieb Axel Rau :
> 
> Any fix/workaround welcome.
Disabling pipelining on the transport stops the issue.

Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP

Re: Thunderbird 91 - The mail server for account x@y.z responded: Expected literal, but saw UTF8

2021-12-08 Thread Axel Rau 
Hi Myke,

> Am 08.12.2021 um 16:42 schrieb my...@mware.ca :
> 
>>> In Activity Manager, when saving a Draft or message to Sent folder, or 
>>> moving from a local folder to IMAP:
>>> 
>>> "The current operation on 'Drafts' did not succeed. The mail server for 
>>> account x@y.z  responded: Expected literal, but saw UTF8“
>>> 
I'm not sure about your use case.

I just saved a draft to the drafts folder on the server.
My drafts are encrypted, using OpenPGP.
I’m using TB 91.4.0.

Also moving something to the sent messages folder on the server works without 
error message.
Testing with a different MUA shows: the mails are really on the Server.


Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP