Re: [courier-users] Need authProg help
On Friday 01 June 2007 04:01:01 Sam Varshavchik wrote: so I can't work out which virtual user to check for. Is this something else I am missing or a bug with the authdaemon API ? Try to log in by telnetting to the port and manually entering the login command -- check for a stupid mail client that strips off the domain port, or uses the domain part where sane software normally uses an explicitly defined hostname. No obscure config setting I might be missing ? Sorry, I should have provided this in the last email... Jun 1 03:05:26 us courieresmtpd: started,ip=[:::xx.xx.xx.xx] Jun 1 03:05:37 us courieresmtpd: EHLO mail.renta.net Jun 1 03:05:50 us courieresmtpd: MAIL FROM: [EMAIL PROTECTED] Jun 1 03:06:20 us courieresmtpd: RCPT TO: [EMAIL PROTECTED] Jun 1 03:06:21 us authdaemond: received userid lookup request: admin Jun 1 03:06:21 us authdaemond: authpipe: trying this module Jun 1 03:06:21 us authdaemond: closing pipe Jun 1 03:06:21 us authdaemond: forking new one Jun 1 03:06:21 us authdaemond: attempting to fork Jun 1 03:06:21 us authdaemond: executing /etc/courier/authProg Jun 1 03:06:21 us authdaemond: Pipe auth. started Pipe-program (pid 23729) Jun 1 03:06:21 us authdaemond: new pipe has in: 8, out: 7 Jun 1 03:06:21 us authdaemond: + read TMPIN Jun 1 03:06:21 us authdaemond: ++ echo 'PRE . courier admin' Again, a strace on the authdaemond parent process might be revealing. select(6, [3 5], NULL, NULL, {300, 0} ) = 1 (in [5], left {227, 456000}) accept(5, {sa_family=AF_FILE, [EMAIL PROTECTED], [2]) = 4 fcntl64(4, F_SETFL, O_RDONLY) = 0 select(5, [4], NULL, NULL, {10, 0}) = 1 (in [4], left {10, 0}) read(4, PRE . courier admin\n, 8192) = 20 write(2, DEBUG: received userid lookup re..., 45) = 45 write(2, DEBUG: authpipe: trying this mod..., 36) = 36 select(9, [8], NULL, NULL, {0, 0}) = 1 (in [8], left {0, 0}) write(2, DEBUG: child died or sent spurio..., 52) = 52 write(2, DEBUG: closing pipe\n, 20) = 20 close(8)= 0 close(7)= 0 write(2, DEBUG: trying to wait for child ..., 53) = 53 waitpid(5871, NULL, WNOHANG)= 5871 write(2, DEBUG: forking new one\n, 23) = 23 pipe([6, 7])= 0 pipe([8, 9])= 0 write(2, DEBUG: attempting to fork\n, 26) = 26 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e6a928) = 7237 write(2, DEBUG: Pipe auth. started Pipe-p..., 50) = 50 close(6)= 0 close(9)= 0 write(2, DEBUG: new pipe has in: 8, out: ..., 34) = 34 select(8, NULL, [7], NULL, {10, 0}) = 1 (out [7], left {10, 0}) write(7, PRE . courier admin\n, 20) = 20 time([1180682312]) = 1180682312 time([1180682312]) = 1180682312 select(9, [8], NULL, NULL, {30, 0}) = 1 (in [8], left {29, 867000}) --- SIGCHLD (Child exited) @ 0 (0) --- read(8, FAIL\n, 8191) = 5 write(2, DEBUG: authpipe: REJECT - try ne..., 42) = 42 select(5, NULL, [4], NULL, {30, 0}) = 1 (out [4], left {30, 0}) write(4, FAIL\n, 5) = 5 write(2, DEBUG: FAIL, all modules rejecte..., 34) = 34 close(4)= 0 select(6, [3 5], NULL, NULL, {300, 0} --markc - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need authProg help
Mark Constable writes: select(6, [3 5], NULL, NULL, {300, 0} ) = 1 (in [5], left {227, 456000}) accept(5, {sa_family=AF_FILE, [EMAIL PROTECTED], [2]) = 4 fcntl64(4, F_SETFL, O_RDONLY) = 0 select(5, [4], NULL, NULL, {10, 0}) = 1 (in [4], left {10, 0}) read(4, PRE . courier admin\n, 8192) = 20 That's the login ID authdaemond itself receives. I'm confident that this is the login ID the IMAP or the POP3 server receives from the client. Check your client configuration. pgpfzM9NujAB9.pgp Description: PGP signature - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need authProg help
On Friday 01 June 2007 10:59:20 Sam Varshavchik wrote: That's the login ID authdaemond itself receives. I'm confident that this is the login ID the IMAP or the POP3 server receives from the client. Check your client configuration. But the client was a telnet session where I manually supplied... Jun 1 03:05:26 us courieresmtpd: started,ip=[:::xx.xx.xx.xx] Jun 1 03:05:37 us courieresmtpd: EHLO mail.renta.net Jun 1 03:05:50 us courieresmtpd: MAIL FROM: [EMAIL PROTECTED] Jun 1 03:06:20 us courieresmtpd: RCPT TO: [EMAIL PROTECTED] and got this result... Jun 1 03:06:21 us authdaemond: received userid lookup request: admin Jun 1 03:06:21 us authdaemond: authpipe: trying this module Jun 1 03:06:21 us authdaemond: closing pipe Jun 1 03:06:21 us authdaemond: forking new one Jun 1 03:06:21 us authdaemond: attempting to fork Jun 1 03:06:21 us authdaemond: executing /etc/courier/authProg Jun 1 03:06:21 us authdaemond: Pipe auth. started Pipe-program (pid 23729) Jun 1 03:06:21 us authdaemond: new pipe has in: 8, out: 7 Jun 1 03:06:21 us authdaemond: + read TMPIN Jun 1 03:06:21 us authdaemond: ++ echo 'PRE . courier admin' IMAP and sending authenticated mail thru the server, where it requires an AUTH, works okay, the above is for misc incoming mail where it's just checking if the RCPT TO is a valid account or not. So I can't accept any incoming mail because the domain part is missing. --markc - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need authProg help
Mark Constable wrote: On Friday 01 June 2007 10:59:20 Sam Varshavchik wrote: That's the login ID authdaemond itself receives. I'm confident that this is the login ID the IMAP or the POP3 server receives from the client. Check your client configuration. But the client was a telnet session where I manually supplied... Jun 1 03:05:26 us courieresmtpd: started,ip=[:::xx.xx.xx.xx] Jun 1 03:05:37 us courieresmtpd: EHLO mail.renta.net Jun 1 03:05:50 us courieresmtpd: MAIL FROM: [EMAIL PROTECTED] Jun 1 03:06:20 us courieresmtpd: RCPT TO: [EMAIL PROTECTED] and got this result... Jun 1 03:06:21 us authdaemond: received userid lookup request: admin Have you .org in locals file? -- Aidas Kasparas IT administrator GM Consult Group, UAB - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-authlib + ldap
maximatt wrote: and... ¿how i tell witch certificates they must to use, or i use the ldapclient configuration (i must setup tls ldapclient) to use the certificates defined (in openldap client)? Keep your replies on the list please, that way others can benefit from the archives. You can set the certificate parameters in etc/authlib/authdaemonrc, look at the bottom of the file. Jay - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] courier-authlib + ldap
2007/6/1, Jay H. Lee [EMAIL PROTECTED]: maximatt wrote: hi... i chosse maildrop as my MDA, and i planning to have my users in a directory server, but i couldn't see in readme's, homepage, readme.ldap, authldaprc.cf, . if i can ecrypt conection between maildrop (via auht-lib) and directory server. ;) so ¿auth-lib supports ssl/tls conecctions to directory server? ¿:(? In etc/authlib/authldaprc, set LDAP_URI to ldaps://ldap.example.com if you want to do direct SSL, otherwise if you wish to do TLS, use ldap://ldap.example.com and set LDAP_TLS to 1 further down. thanks!!! :) and... ¿how i tell witch certificates they must to use, or i use the ldapclient configuration (i must setup tls ldapclient) to use the certificates defined (in openldap client)? thanks again!!! :) -- Salu2 ;) - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Need authProg help
Mark Constable writes: On Friday 01 June 2007 10:59:20 Sam Varshavchik wrote: That's the login ID authdaemond itself receives. I'm confident that this is the login ID the IMAP or the POP3 server receives from the client. Check your client configuration. But the client was a telnet session where I manually supplied... Jun 1 03:05:26 us courieresmtpd: started,ip=[:::xx.xx.xx.xx] Jun 1 03:05:37 us courieresmtpd: EHLO mail.renta.net Jun 1 03:05:50 us courieresmtpd: MAIL FROM: [EMAIL PROTECTED] Jun 1 03:06:20 us courieresmtpd: RCPT TO: [EMAIL PROTECTED] You have .org in locals. In your case, it should be in hosteddomains. pgpa4J3kDQt5y.pgp Description: PGP signature - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Error messages POP3/IMAP
Rocco Scappatura wrote: in pop3 log file I get theese errors: ERR: rename(./new/1179507568.V804I4c4004.mail4 That is the only message that looks somewhat strange. It probably happened while moving files from ./new to ./cur. The message itself is truncated, as the target name and error reason are missing. Does it happen often? About 50 per day vs 20 mail per day downloaded.. Hmm... I'm not sure if that can happen because a user logs in twice and performs the same operation concurrently. An error like no such file or directory may point in that direction. It seems the pop3 daemon does not lock maildirs. Yes. But when POP3 says ERR: TIMEOUT Who has closed the connection (the pop3d? And how I can tune this timeout?) And when POP3 says ERR: DISCONNECTED Who is disconnected and what's eally means 'disconnected' (the client pop3 has sent a quit command or the client has chrashed inaxpectatly?) I'd say timeout means the server did not read any command from the client in the last few minutes, disconnected that the read failed either after client/network crash or the client closing the socket without QUIT. Hope this helps -- - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Error messages POP3/IMAP
Alessandro Vesely wrote: Rocco Scappatura wrote: in pop3 log file I get theese errors: ERR: rename(./new/1179507568.V804I4c4004.mail4 That is the only message that looks somewhat strange. It probably happened while moving files from ./new to ./cur. The message itself is truncated, as the target name and error reason are missing. Does it happen often? About 50 per day vs 20 mail per day downloaded.. http://www.lerfjhax.com/articles/2007/05/21/ocfs2-racy-rename renames aren't pure atomic in some environments, according to this. They introduced a semaphore I guess, and it can result in a race condition in certain circumstance. I think on line 143 in courier-imap-4.1.3/maildir/maildirgetnew.c (thats what I have anyways) you could try removing it, or making it true to fix that error, but you can crash the server if its not in the circumstance of an actual race condition occurring, e.g. a rename failing because of permissions. Maybe could rewrite it as a small for loop to try a few times, and then drop it instead of an if break Hmm... I'm not sure if that can happen because a user logs in twice and performs the same operation concurrently. An error like no such file or directory may point in that direction. It seems the pop3 daemon does not lock maildirs. Yes. But when POP3 says ERR: TIMEOUT Who has closed the connection (the pop3d? And how I can tune this timeout?) And when POP3 says ERR: DISCONNECTED Who is disconnected and what's eally means 'disconnected' (the client pop3 has sent a quit command or the client has chrashed inaxpectatly?) I'd say timeout means the server did not read any command from the client in the last few minutes, disconnected that the read failed either after client/network crash or the client closing the socket without QUIT. Hope this helps -- - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Couriermlm problem - no subscription replies
On Fri, 01 Jun 2007 03:59:25 -0700 [EMAIL PROTECTED] wrote: 差出人: Sam Varshavchik [EMAIL PROTECTED] 宛先:: courier-users@lists.sourceforge.net 件名: Re: [courier-users] Couriermlm problem - no subscription replies 日付: Thu, 31 May 2007 20:37:11 -0400 Bernd Plagge writes: On Thu, 31 May 2007 07:42:46 -0700 [EMAIL PROTECTED] wrote: 差出人: Sam Varshavchik [EMAIL PROTECTED] 宛先:: courier-users@lists.sourceforge.net 件名: Re: [courier-users] Couriermlm problem - no subscription replies 日付: Wed, 30 May 2007 18:17:44 -0400 Bernd Plagge writes: Added .courier, .courier-default, .courier-owner to the list directory. Setup ldap entry for the list user. Otherwise I use maildrop for local delivery. Now, if I send a subscription request to [EMAIL PROTECTED] (domains are changed!) the mail is delivered by courierlocal. But: Neither do I get a confirmation mail nor does the address show with couriermlm lsub dir. What did you put in .courier-default? Hi Sam, this is the content of my .courier-default file: # delivery of control messages |/usr/bin/couriermlm ctlmsg /home/enaki/mail/list1 For test purposes I replaced the command with |/bin/echo .courier-default and could see the message in the log. So, I'm sure that the file gets processed. I also played with permission and when courier can't access the file a error line like: permission problem - can't open file shows. What else can I check? I recall that you've set up certain list options: moderation, etc… Let's take it one step a time. Reset the configuration to the default list config, and try subscribing. One easy way to get back to the default settings is to edit the options file in the list directory, and remove everything except ADDRESS and LISTPW settings. Hi Sam, I did this. uid and gid for Courier are vpopmail.vchkpw - for historical reasons. Directory structure is: /home/enaki/mail/list1- mailing list /home/enaki/mail/postmaster/Maildir - for users That is, the LDAP directory is specified as /home/enaki/mail and the default Maildir directory is ./Maildir. I created the list directory : drwx--S-- vpopmail.vchkpw list1 mail to [EMAIL PROTECTED] resulted in exec: No such file or directory, broken pipe Changing the ownership to root.vchkpw resulted in unable to read .courier file Changed ownership back to vpopmail.vchkpw and the permission of .courier* files to 755. Mail was delivered but no reply back. Log for the last attempt (mails to list1-subscribe and list1-help) are: Jun 2 10:46:43 tokyo courierd: started,id=00010432.4660CC03.09D9,from=[EMAIL PROTECTED],module=local,[EMAIL PROTECTED] bscribe!64020!64020!/home/enaki/mail/list1!!,addr=[EMAIL PROTECTED] Jun 2 10:46:43 tokyo courierd: Waiting. shutdown time=none, wakeup time=Sat Jun 2 10:49:59 2007, queuedelivering=2, inprogress=1 Jun 2 10:46:43 tokyo courierlocal: id=00010432.4660CC03.09D9,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],size=10 71,success: Message delivered. Jun 2 10:46:43 tokyo courierd: completed,id=00010432.4660CC03.09D9 Jun 2 10:46:43 tokyo courierd: Waiting. shutdown time=Sat Jun 2 10:51:43 2007, wakeup time=Sat Jun 2 10:49:59 2007, queuedelivering=1 , inprogress=0 Jun 2 10:47:11 tokyo courierd: started,id=00010414.4660CB9B.09C3,from=[EMAIL PROTECTED],module=local,[EMAIL PROTECTED] lp!64020!64020!/home/enaki/mail/list1!!,addr=[EMAIL PROTECTED] Jun 2 10:47:11 tokyo courierd: Waiting. shutdown time=none, wakeup time=none, queuedelivering=1, inprogress=1 Jun 2 10:47:11 tokyo courierlocal: id=00010414.4660CB9B.09C3,from=[EMAIL PROTECTED],addr=[EMAIL PROTECTED],size=1061,su ccess: Message delivered. Jun 2 10:47:11 tokyo courierd: completed,id=00010414.4660CB9B.09C3 J Any ideas? Best regards, Bernd -- プラゲ ベェアント - Bernd Plagge ファースト・チョイス・インターネット(有) First Choice Internet Ltd., Tokyo Tel. 03-4500-7799 Fax. 03-4400-3723 mail: [EMAIL PROTECTED] url: http://www.choicenet.ne.jp - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Couriermlm problem - no subscription replies
Bernd Plagge writes: On Fri, 01 Jun 2007 03:59:25 -0700 [EMAIL PROTECTED] wrote: One easy way to get back to the default settings is to edit the options file in the list directory, and remove everything except ADDRESS and LISTPW settings. Hi Sam, I did this. uid and gid for Courier are vpopmail.vchkpw - for historical reasons. Directory structure is: /home/enaki/mail/list1- mailing list /home/enaki/mail/postmaster/Maildir - for users That is, the LDAP directory is specified as /home/enaki/mail and the default Maildir directory is ./Maildir. I created the list directory : drwx--S-- vpopmail.vchkpw list1 mail to [EMAIL PROTECTED] resulted in exec: No such file or directory, broken pipe I do not believe that this is exactly the error message that you received. It's probably exec: No such file or directory on one line, and some other message, which includes the word broken pipe. You also did not explain what form this error too, whether it appeared on the command line, as an error message in your mail client, or in a bounce message. And there were probably other things either before or after this message that would shed some light on this situation. You just can't omit crucial facts like this, otherwise this is just one big goose chase. This is why instead of explaining what you saw, in your words, you should always post the raw data, cut and paste whatever you see either on the console, or in the bounce message, verbatim, without commentary. Else everyone will be chasing ghosts. You posted the log files, verbatim, that's exactly what you should be doing for every other bit of information. When I searched the source code, there were exactly six places where this error message appears, in Courier. Of the six, one place was when couriermlm generating a message to send, but being unable to run Courier's sendmail wrapper. So one possibility is that /usr/lib/courier/bin/sendmail is missing. The other situation where this error might come up involves courierfilters. I doubt that it would come up here, but courierfilters are involved in the process of vetting all messages that come through the system, including messages coming out of couriermlm, so you'll need to clarify if you have any courier filters instead. But, again, we need to see the complete context of the error message. Also, you said that putting |/bin/echo .courier-default into the .courier-default file showed that this .courier file was getting invoked. Prepent | echo .courier-default: $DEFAULT in there, to check that the environment is what couriermlm expects it to be. Changing the ownership to root.vchkpw resulted in unable to read .courier file Changed ownership back to vpopmail.vchkpw and the permission of .courier* files to 755. Well, look, the permissions of these files and directories is not a guessing game. There's really only one way to get this right, and you just can't turn it into a trial-by-error. If you do, that tells me you have not fully worked out how the permissions should be set up on your system, and that's something that you need to figure out as a first order of business. Whatever the account's uid and gid is given in LDAP must match the ownership of all files in the account's home directory, and the permissions on everything needs to be sane, and reasonable. If you have a login session open that uses whatever uid and gid is given in LDAP, and with the home directory set to what LDAP tells you the home directory is, would you be able to access, create, or modify everything in the home directory? If the answer is no, the way you set it is wrong, and it needs to be right. This is not a guessing game, there's only one right answer here. But, whatever permissions are, that should not, in theory, affect couriermlm's ability to run the sendmail command, /usr/lib/courier/bin/sendmail. couriermlm is not something special. It's an ordinary process that's started from your .courier file. And, to send a message, it invokes /usr/lib/courier/bin/sendmail, whose permissions should allow anything to execute it. pgpZf4z15V9xV.pgp Description: PGP signature - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Error messages POP3/IMAP
John wrote: Alessandro Vesely wrote: Rocco Scappatura wrote: in pop3 log file I get theese errors: ERR: rename(./new/1179507568.V804I4c4004.mail4 That is the only message that looks somewhat strange. It probably happened while moving files from ./new to ./cur. The message itself is truncated, as the target name and error reason are missing. Does it happen often? About 50 per day vs 20 mail per day downloaded.. Hmm... I'm not sure if that can happen because a user logs in twice and performs the same operation concurrently. An error like no such file or directory may point in that direction. It seems the pop3 daemon does not lock maildirs. http://www.lerfjhax.com/articles/2007/05/21/ocfs2-racy-rename renames aren't pure atomic in some environments, according to this. They introduced a semaphore I guess, and it can result in a race condition in certain circumstance. The atomicity of rename is not much useful in this case anyway, because the application doesn't know the filename beforehand and thus it has to first read it and then rename it. The gap between the two operations is stressed by doing each operation a bufferful of files at a time (which is necessary since mixing readdir and rename has undefined behavior.) -- - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users