Discussion:
Had it stable, but broke after system refresh
Kevin Carpenter
2012-10-03 08:17:42 UTC
Permalink
Hi all -

New to the list so apologize if this is a common question, but Google
got me no-where.

Background: I've been running uw-imap for ages, probably pushing a
decade. Use to run it plaintext, but beat it under control with SSL/TLS
a year or so ago. Running on an Intel box under Gentoo Linux. Had some
really funky compatibility problems but eventually got it working.

Well, today a Gentoo update trashed my system. Its been ages since I've
done a clean build, so that was my evening (and now into morning)
project. All is well on the system: Postfix is running, as is
Apache... mail is flowing per Squirrelmail (which I use when out of town).

Alas, I can't get Thunderbird to read via imap after reinstalling
uw-imap on the server. I don't know if its relevant, but I upgraded
from 2007f to 2007f-r1 during the rebuild. [Edit: no its not, I just
downgraded to the same release I was running before and still have the
problem].

Whenever I try and read mail, I'm getting messages like:

xinetd[28676]: START: imaps pid=31857 from=10.184.155.208
imapd[31857]: imaps SSL service init from 10.184.155.208
imapd[31857]: Unexpected client disconnect, while reading line
user=??? host=UNKNOWN
xinetd[28676]: EXIT: imaps status=1 pid=31857 duration=0(sec)

I haven't changed the Thunderbird configuration, it remains setup to do
a SSL/TLS normal password connection. I've checked the obvious: I've
logged into the account via squirrelmail, all is well.

I've recompiled the entire system without error.

I'm basically stuck. Any suggestions?

Running a 3.3.8 kernel if that makes any difference. Xinetd is
obviously seeing the imap request and spawning the imapd process, but
the handshaking isn't happening. Guessing is has something to do with SSL.

Help please.

Kevin
Kevin Carpenter
2012-10-03 14:53:24 UTC
Permalink
OK - after a few hours sleep... I'm wondering if its uw-imap at all,
although I'm clueless what else it could be.

As I mentioned earlier, squirrelmail is working fine. It is using a
ssl/tls connection, which shows as an imaps connection spawned by
xinetd. That connection, however, is from 127.0.0.1. Thunderbird is
connection from 10.184.155.0/24 (depending on which family members
machine is trying). We also see imaps being started via xinetd for
those connection, but they timeout after 30 seconds.

This was occurring before I enabled any firewalling and yes, xinetd is
enabled for my 10. subnet (clearing, since imaps is spawning).

So... when I login from squirrelmail I see in /var/log/mail.log:

imapd[2911]: Login user=kevinc host=localhost.localdomain [127.0.0.1]
imapd[2911]: Logout user=kevinc host=localhost.localdomain [127.0.0.1]

and in /var/log/messages:

xinetd[2739]: START: imaps pid=2911 from=127.0.0.1
xinetd[2739]: EXIT: imaps status=0 pid=2911 duration=13(sec)

When I try, and fail, from Thunderbird I see in /var/log/mail.log:

imapd[2919]: Unexpected client disconnect, while reading line user=???
host=UNKNOWN

and in /var/log/messages:

xinetd[2739]: START: imaps pid=2919 from=10.184.155.208
xinetd[2739]: EXIT: imaps status=1 pid=2919 duration=30(sec)

Please share your thoughts... I'm at my wits end.

For instance: is there anyway to increase the logging level within
uw-imap to help determine whats going on?

Thanks in advance,

Kevin
On Wed, Oct 3, 2012 at 11:50 AM, Kevin Carpenter
Basically, its looking like its connecting but not hand shaking right.
If you tcpdump and it only does the three way hand shake and then it
waits "forever" (until timeout) then it is most likely a TCP window
scaling issue. Check your MTUs also and set it to 500 just in case.
The weirdest of this behavir has happened to me among two servers on
the same switch where everything was working except sqlplus between
them.
Jim Lawson
2012-10-03 15:13:52 UTC
Permalink
Some options for more troubleshooting:

Activate, and look at Thunderbird IMAP logs to see if you can determine
the problem.
http://email.about.com/od/mozillathunderbirdtips/qt/et_mail_log.htm

If that doesn't shed any light: From another machine, use openssl
s_client to connect to the imaps port, and attempt to login manually
over IMAP. (openssl can also do STARTTLS with -starttls imap)

Typically I will log in with:

* OK [CAPABILITY IMAP4rev1 blah blah blah ...]
a LOGIN username1 password1
a OK [CABAPILITY IMAP4rev1 blah blah blah ...] User username1 logged in.
b SELECT INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen] Flags permitted.
* 9111 EXISTS
* 0 RECENT
* OK [UNSEEN 1348] First unseen.
b OK [READ-WRITE] Select completed.

Hopefully one of these will give you some ideas as to what is wrong...

Jim
Post by Kevin Carpenter
OK - after a few hours sleep... I'm wondering if its uw-imap at all,
although I'm clueless what else it could be.
As I mentioned earlier, squirrelmail is working fine. It is using a
ssl/tls connection, which shows as an imaps connection spawned by
xinetd. That connection, however, is from 127.0.0.1. Thunderbird is
connection from 10.184.155.0/24 (depending on which family members
machine is trying). We also see imaps being started via xinetd for
those connection, but they timeout after 30 seconds.
This was occurring before I enabled any firewalling and yes, xinetd is
enabled for my 10. subnet (clearing, since imaps is spawning).
imapd[2911]: Login user=kevinc host=localhost.localdomain [127.0.0.1]
imapd[2911]: Logout user=kevinc host=localhost.localdomain [127.0.0.1]
xinetd[2739]: START: imaps pid=2911 from=127.0.0.1
xinetd[2739]: EXIT: imaps status=0 pid=2911 duration=13(sec)
imapd[2919]: Unexpected client disconnect, while reading line
user=??? host=UNKNOWN
xinetd[2739]: START: imaps pid=2919 from=10.184.155.208
xinetd[2739]: EXIT: imaps status=1 pid=2919 duration=30(sec)
Please share your thoughts... I'm at my wits end.
For instance: is there anyway to increase the logging level within
uw-imap to help determine whats going on?
Thanks in advance,
Kevin
On Wed, Oct 3, 2012 at 11:50 AM, Kevin Carpenter
Basically, its looking like its connecting but not hand shaking right.
If you tcpdump and it only does the three way hand shake and then it
waits "forever" (until timeout) then it is most likely a TCP window
scaling issue. Check your MTUs also and set it to 500 just in case.
The weirdest of this behavir has happened to me among two servers on
the same switch where everything was working except sqlplus between
them.
_______________________________________________
Imap-uw mailing list
http://mailman2.u.washington.edu/mailman/listinfo/imap-uw
Kevin Carpenter
2012-10-03 15:50:55 UTC
Permalink
Made a pass at the Thunderbird logs but didn't see them appear. Moved
on to using s_client from another linux box:

* OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS
AUTH=PLAIN AUTH=LOGIN] [10.184.155.2] IMAP4rev1 2007f.404 at Wed, 3 Oct
2012 10:41:28 -0500 (CDT)
a login kevinc xxxyyyddd
a OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ IDLE UIDPLUS NAMESPACE
CHILDREN MAILBOX-REFERRALS BINARY UNSELECT ESEARCH WITHIN SCAN SORT
THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND] User kevinc
authenticated
b select inbox
* 3332 EXISTS
* 6 RECENT
* OK [UIDVALIDITY 1276859170] UID validity status
* OK [UIDNEXT 339244] Predicted next UID
* FLAGS ($Forwarded $MDNSent Junk NonJunk $Label1 $Label2 $Label3
$Label4 $Label5 \Answered \Flagged \Deleted \Draft \Seen)
* OK [PERMANENTFLAGS ($Forwarded $MDNSent Junk NonJunk $Label1 $Label2
$Label3 $Label4 $Label5 \* \Answered \Flagged \Deleted \Draft \Seen)]
Permanent flags
* OK [UNSEEN 2498] first unseen message in /var/spool/mail/kevinc
b OK [READ-WRITE] SELECT completed


And what is cool is that /var/log/mail.log shows: imapd[3337]: Login
user=kevinc host=[10.184.155.135], not "unknown"

Alas, Thunderbird is not getting that far, but this at least clears up
that its not related to being local.

Going to make another pass on Thunderbird logs.

Thanks...

Kevin
Post by Jim Lawson
Activate, and look at Thunderbird IMAP logs to see if you can determine
the problem.
http://email.about.com/od/mozillathunderbirdtips/qt/et_mail_log.htm
If that doesn't shed any light: From another machine, use openssl
s_client to connect to the imaps port, and attempt to login manually
over IMAP. (openssl can also do STARTTLS with -starttls imap)
* OK [CAPABILITY IMAP4rev1 blah blah blah ...]
a LOGIN username1 password1
a OK [CABAPILITY IMAP4rev1 blah blah blah ...] User username1 logged in.
b SELECT INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen] Flags permitted.
* 9111 EXISTS
* 0 RECENT
* OK [UNSEEN 1348] First unseen.
b OK [READ-WRITE] Select completed.
Hopefully one of these will give you some ideas as to what is wrong...
Jim
Post by Kevin Carpenter
OK - after a few hours sleep... I'm wondering if its uw-imap at all,
although I'm clueless what else it could be.
As I mentioned earlier, squirrelmail is working fine. It is using a
ssl/tls connection, which shows as an imaps connection spawned by
xinetd. That connection, however, is from 127.0.0.1. Thunderbird is
connection from 10.184.155.0/24 (depending on which family members
machine is trying). We also see imaps being started via xinetd for
those connection, but they timeout after 30 seconds.
This was occurring before I enabled any firewalling and yes, xinetd is
enabled for my 10. subnet (clearing, since imaps is spawning).
imapd[2911]: Login user=kevinc host=localhost.localdomain [127.0.0.1]
imapd[2911]: Logout user=kevinc host=localhost.localdomain [127.0.0.1]
xinetd[2739]: START: imaps pid=2911 from=127.0.0.1
xinetd[2739]: EXIT: imaps status=0 pid=2911 duration=13(sec)
imapd[2919]: Unexpected client disconnect, while reading line
user=??? host=UNKNOWN
xinetd[2739]: START: imaps pid=2919 from=10.184.155.208
xinetd[2739]: EXIT: imaps status=1 pid=2919 duration=30(sec)
Please share your thoughts... I'm at my wits end.
For instance: is there anyway to increase the logging level within
uw-imap to help determine whats going on?
Thanks in advance,
Kevin
On Wed, Oct 3, 2012 at 11:50 AM, Kevin Carpenter
Basically, its looking like its connecting but not hand shaking right.
If you tcpdump and it only does the three way hand shake and then it
waits "forever" (until timeout) then it is most likely a TCP window
scaling issue. Check your MTUs also and set it to 500 just in case.
The weirdest of this behavir has happened to me among two servers on
the same switch where everything was working except sqlplus between
them.
_______________________________________________
Imap-uw mailing list
http://mailman2.u.washington.edu/mailman/listinfo/imap-uw
_______________________________________________
Imap-uw mailing list
http://mailman2.u.washington.edu/mailman/listinfo/imap-uw
Volker Schwicking
2012-10-03 15:14:24 UTC
Permalink
Hi Keving,
Post by Kevin Carpenter
EXIT: imaps status=0 pid=2911 duration=13(sec)
imapd[2919]: Unexpected client disconnect, while reading line
user=??? host=UNKNOWN
xinetd[2739]: START: imaps pid=2919 from=10.184.155.208
xinetd[2739]: EXIT: imaps status=1 pid=2919 duration=30(sec)
Please share your thoughts... I'm at my wits end.
For instance: is there anyway to increase the logging level
within uw-imap to help determine whats going on?
I dont know about the debug-settings, but here are just a couple of
"outside ideas":

a) You could try debugging the ssl-part of your setup with openssl's
s_client.

Something like:

$ openssl s_client -connect <host>:<port> -showcerts

and make sure, that is working properly from the outside. Maybe it has
something to do with the certs domain since squirrelmail works using
localhost?

b) Have you tried logging it without ssl?

c) Have you tried logging in using telnet? Maybe some error is printed
that does not make it to your thunderbird?

d) Did you change the ssl-certificate? You could try removing the
"old" cert in thunderbird and retry login.

Hope it helps!

By the way: as you may have noticed, this list is kind of low profile
regarding mail-traffic :-)
Kevin Carpenter
2012-10-03 16:14:28 UTC
Permalink
Woo woo... apparently it was the certificates - a side effect of a clean
build on the server I suppose.

Now Thunderbird is downloading my entire history again, but its at least
working. Oh, not sure, but given that I didn't see anything immediately
after purging the old certificates, I suspect a restart of Thunderbird
MIGHT have been key. All I know is that after running the openssl
sclient test, I noticed activity.

Anyhow, working on mine, still dying on wifes machine, so just purged
the certificates there too.

Thanks BUNCHES all! I NEVER NEVER would have come up with that.

Kevin
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Keving,
Post by Kevin Carpenter
EXIT: imaps status=0 pid=2911 duration=13(sec)
imapd[2919]: Unexpected client disconnect, while reading line
user=??? host=UNKNOWN
xinetd[2739]: START: imaps pid=2919 from=10.184.155.208
xinetd[2739]: EXIT: imaps status=1 pid=2919 duration=30(sec)
Please share your thoughts... I'm at my wits end.
For instance: is there anyway to increase the logging level
within uw-imap to help determine whats going on?
I dont know about the debug-settings, but here are just a couple of
a) You could try debugging the ssl-part of your setup with openssl's
s_client.
$ openssl s_client -connect <host>:<port> -showcerts
and make sure, that is working properly from the outside. Maybe it has
something to do with the certs domain since squirrelmail works using
localhost?
b) Have you tried logging it without ssl?
c) Have you tried logging in using telnet? Maybe some error is printed
that does not make it to your thunderbird?
d) Did you change the ssl-certificate? You could try removing the
"old" cert in thunderbird and retry login.
Hope it helps!
By the way: as you may have noticed, this list is kind of low profile
regarding mail-traffic :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQEcBAEBAgAGBQJQbFZQAAoJEGO2Yw0IrY3v7ggIAM1i5UzAl6PVpskiHk2Bxud7
2ydUm/RXFEVMKF1C5e3kiaLutq7tfxXnF5Exjgt69LH8j9Pb1WR613mVqR1mwayo
OV10yOOOYdgTKE5442Qc5jKiwoniR+F/ORijc/2wkPC25mXt2WPSrH/WQmu5S+mV
qh408KPWtrUm+rspBi4K19QHKibA1YtTahZPKn773GpgCrNtxWixC+KkhC3mrPvM
iPwJ3TKCk9sLhXzwTaDMzEVjl2UY5cPYNg4y/coJ5zegOaWQU0f8YDORsSh0gE58
thdIGIRedEtZgDi9kjFpyuIX8XU5tb3z6ratb9UTgFnKlngeJbHgSJr77jC/LWc=
=owsc
-----END PGP SIGNATURE-----
Loading...