[SOGo] BTS activities for Sunday, April 14 2019

2019-04-14 Thread SOGo reporter 
Title: BTS activities for Sunday, April 14 2019





  
BTS Activities

  Home page: http://www.sogo.nu/bugs
  Project: SOGo
  For the period covering: Sunday, April 14 2019

  
  
idlast updatestatus (resolution)categorysummary
	
	
	  
	
2979
	2019-04-14 07:01:39
	updated (open)
	Backend Mail
	IMAP ID x-originating-ip does not work
	
	  
	
4723
	2019-04-14 09:30:58
	updated (open)
	sogo-tool
	sogo-tool users unknown - backup not working
	
	  
	
  
  


-- users@sogo.nuhttps://inverse.ca/sogo/lists

[SOGo] SOGo is sending the x-originating-ip after the login instead of before

2019-04-14 Thread an...@rodier.me 
Dear SOGo developers,

I used ssldump to check the differences in the IMAP connection between
SOGo and RoundCube, and I found the error.

I copy here the log details as citation to keep the layout.

The SSL dump with roundcube:

> root@portal andre/mails/security# ssldump -i lo -d -k 
> /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143
> New TCP connection #1: localhost(54208) <-> localhost(143)
> 0.0086 (0.0086)  S>C
> ---
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
> STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> ---
> 
> 0.0087 (0.)  C>S
> ---
> QP0001 ID ("x-originating-ip" "185.220.101.30")
> ---
> 
> etc...

But with SOGo:

> root@portal andre/mails/security# ssldump -i lo -d -k 
> /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143
> ===
> New TCP connection #1: localhost(54340) <-> localhost(143)
> 0.0119 (0.0119)  S>C
> ---
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
> STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> ---
> 
> 0.0120 (0.0001)  C>S
> ---
> A0001 LOGIN "andre" "**"
> ---
> 
> 0.1155 (0.1034)  S>C
> ---
> A0001 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT 
> MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS 
> LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN 
> CONTEXT=SEARCH LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA] 
> Logged in
> ---
> 
> 0.1160 (0.0005)  C>S
> ---
> 3 capability
> ---
> 
> 0.1167 (0.0006)  S>C
> ---
> * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT 
> SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND 
> URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED 
> I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH 
> LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA
> 3 OK Capability completed (0.000 + 0.000 secs).
> ---
> 
> 0.1599 (0.0431)  C>S
> ---
> 4 ID ("x-originating-ip" "185.220.101.30")
> ---

In this case SOGo is sending the Originating IP (Yay!), but *after* the
login process, where it should, send it before.

SOGo should send the originating IP *before*, at least to allow a
proper logging of the connection attempts.

I have found an old bug in the BTS, so I added all the details:

https://sogo.nu/bugs/view.php?id=2979

I hope these details have been useful to you, and thanks again to
develop SOGo.

Thanks,
André

-- 
André Rodier
HomeBox: https://github.com/progmaticltd/homebox
-- 
users@sogo.nu
https://inverse.ca/sogo/lists