gmane.mail.popa3d.user

Suddenly, won't authenticate

I've been running popa3d on Red Hat EL for almost a year. One morning, I extract my emails from the server (running PostFix) and everything's fine. Then, later in the day, I get an error (T-bird says a password error) and can't get to anything. Nothing else has happened on that server, its running shared files via samba and that's all.

I can log onto the machine with the email IDs and passwords, so the operating system accepts these accounts as valid.

NMAP shows port 110 is open.

I can do 'telnet linux2600 110' and it responds +OK. USER command elicits +OK also, but PASS fails: it just says '-ERR' and dumps me back to the command line, says "connection closed by foreign host."

When I look in the log, I see the following (for this example I had just gone to the console and stopped and started popa3d just to be sure):

Jul 12 16:44:55 linux2600 popa3d: popa3d startup succeeded
Jul 12 16:47:44 linux2600 popa3d[3369]: Session from 192.168.10.100
Jul 12 16:47:44 linux2600 popa3d[3369]: Authentication passed for jrm
Jul 12 16:47:44 linux2600 popa3d[3369]: Failed or refused to load /var/spool/mail/jrm

This makes me think there's something corrupted in the mail files, but the fact that it won't accept a password (for my account or any other) makes me think its authentication.

I completely rebooted the server, no change in behavior.

These mailboxes ARE accepting mail, so PostFix can access the mailboxes.

Thanks in advance . . .

headers

Solar Designer | 13 Jul 16:11

Re: Suddenly, won't authenticate

James,

You managed to post your message as HTML only, making it unreadable in
web-based archives of this mailing list and forcing me to convert it to
text for the quotes in this response.  Please re-configure your
Thunderbird to send messages as plain text.

On Thu, Jul 13, 2006 at 08:43:04AM -0500, James R. Mirick wrote:
> Jul 12 16:47:44 linux2600 popa3d[3369]: Failed or refused to load
> /var/spool/mail/jrm

This suggests that authentication succeeds, but popa3d either fails or
refuses to process the mailbox.  The most common reason for this is the
compile-time mailbox size limit that popa3d has in order to prevent a
single huge mailbox from causing excessive load on the entire server.

Since most people don't bother to read documentation to become aware of
the limit and adjust it as necessary, I have raised the default all the
way up to 2 GB for popa3d 1.0+.   Older versions of popa3d had the
default at 100 MB and later at 200 MB.

--

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

headers

James R. Mirick | 13 Jul 16:54

Re: Suddenly, won't authenticate

(Sorry about the HTML, I assume this is now plain text?)

The mailbox size was only 150K, I reduced it to zero (just deleted the 
contents via the mail server's console) and it still fails. 

I'm using whatever version the Red Hat RPN is.

Solar Designer wrote:
> James,
>
> You managed to post your message as HTML only, making it unreadable in
> web-based archives of this mailing list and forcing me to convert it to
> text for the quotes in this response.  Please re-configure your
> Thunderbird to send messages as plain text.
>
> On Thu, Jul 13, 2006 at 08:43:04AM -0500, James R. Mirick wrote:
>   
>> Jul 12 16:47:44 linux2600 popa3d[3369]: Failed or refused to load
>> /var/spool/mail/jrm
>>     
>
> This suggests that authentication succeeds, but popa3d either fails or
> refuses to process the mailbox.  The most common reason for this is the
> compile-time mailbox size limit that popa3d has in order to prevent a
> single huge mailbox from causing excessive load on the entire server.
>
> Since most people don't bother to read documentation to become aware of
> the limit and adjust it as necessary, I have raised the default all the
> way up to 2 GB for popa3d 1.0+.   Older versions of popa3d had the
> default at 100 MB and later at 200 MB.
>
>

headers

Solar Designer | 13 Jul 17:23

Re: Suddenly, won't authenticate

On Thu, Jul 13, 2006 at 09:54:45AM -0500, James R. Mirick wrote:
> (Sorry about the HTML, I assume this is now plain text?)

Yes, it is - thank you!

> The mailbox size was only 150K, I reduced it to zero (just deleted the 
> contents via the mail server's console) and it still fails. 

OK, let's proceed further.  Can you please post the output of -

	ls -ld /var/spool/mail{,/jrm}

to this mailing list such that we can see whether the permissions on the
directory and the file are correct?

Do you have other mailboxes on this server?  If so, are you able to
access them via popa3d?

--

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

headers

James R. Mirick | 13 Jul 18:17

Re: Suddenly, won't authenticate

[root <at> linux2600 ~]# ls -ld /var/spool/mail{,/jrm}
drwxrwxr-x  2 root mail 4096 Jul 13 09:41 /var/spool/mail
-rw-rw----  1 jrm  mail    1 Jul 13 09:41 /var/spool/mail/jrm

Regarding other mailboxes, yes there are others and -- interestingly -- 
ones that have never had mail will allow a login via telnet, ones that 
have had mail cause failures.

I created a new user -- testuser (not very original this morning) and 
presto there is the mailbox in /var/spool/mail.  I send mail to this box 
from outside, and it appears there, and I can telnet into the account 
and do a LIST.  I then created a T-bird account to get to it, and it can 
do so, download it, and it deletes the mail from the server and LIST 
shows nothing.

Therefore, I believe that the mailboxes that exist on the server are 
somehow damaged and I should just recreate them, or let Postfix do it 
when they get mail. This is a backup mail server for us, so nothing will 
be lost if I just delete the mail files.

Solar Designer wrote:
> On Thu, Jul 13, 2006 at 09:54:45AM -0500, James R. Mirick wrote:
>   
>> (Sorry about the HTML, I assume this is now plain text?)
>>     
>
> Yes, it is - thank you!
>
>   
>> The mailbox size was only 150K, I reduced it to zero (just deleted the 
>> contents via the mail server's console) and it still fails. 
>>     
>
> OK, let's proceed further.  Can you please post the output of -
>
> 	ls -ld /var/spool/mail{,/jrm}
>
> to this mailing list such that we can see whether the permissions on the
> directory and the file are correct?
>
> Do you have other mailboxes on this server?  If so, are you able to
> access them via popa3d?
>
>

headers

Solar Designer | 13 Jul 18:28

Re: Suddenly, won't authenticate

On Thu, Jul 13, 2006 at 11:17:39AM -0500, James R. Mirick wrote:
> [root <at> linux2600 ~]# ls -ld /var/spool/mail{,/jrm}
> drwxrwxr-x  2 root mail 4096 Jul 13 09:41 /var/spool/mail
> -rw-rw----  1 jrm  mail    1 Jul 13 09:41 /var/spool/mail/jrm

Thanks.  Please notice that the mailbox is not empty - its size is 1
byte, which is wrong.  Please empty it with the following command:

	> /var/spool/mail/jrm

(that is, redirect the "output" of "nothing" to it).  Then make sure
that its size is 0.

> Regarding other mailboxes, yes there are others and -- interestingly -- 
> ones that have never had mail will allow a login via telnet, ones that 
> have had mail cause failures.

It sounds like you have local deliveries setup incorrectly, resulting in
mailbox corruption.  Maybe your local deliveries and popa3d are not
configured to follow the same locking convention.  It may be
time-consuming to debug this problem via this mailing list.  If you
like, I can debug and fix the problem operating on your server over SSH,
provided that you compensate for my time.  Please contact me via private
e-mail if you're interested.

If this server does nothing more than e-mail, you might consider
re-installing it with Openwall GNU/*/Linux (Owl) - which has correctly
configured Postfix and popa3d available for use out of the box.

--

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

headers

James R. Mirick | 13 Jul 19:24

Re: Suddenly, won't authenticate

And presto, it works . . .  Thanks!

I reset the other mailboxes to zero and they are accessible now too.  
They have been collecting spam (they are only backups) so I  have been 
going in every week or so with gedit and "select all" and "delete" and 
then saving.  This will be easier and will obviously work better.

I'm not sure what happened just now with this, as I said its been in 
this mode for about 9 months and has worked fine as-is until yesterday.  
Oh well . . .

jim

Solar Designer wrote:
> On Thu, Jul 13, 2006 at 11:17:39AM -0500, James R. Mirick wrote:
>   
>> [root <at> linux2600 ~]# ls -ld /var/spool/mail{,/jrm}
>> drwxrwxr-x  2 root mail 4096 Jul 13 09:41 /var/spool/mail
>> -rw-rw----  1 jrm  mail    1 Jul 13 09:41 /var/spool/mail/jrm
>>     
>
> Thanks.  Please notice that the mailbox is not empty - its size is 1
> byte, which is wrong.  Please empty it with the following command:
>
> 	> /var/spool/mail/jrm
>
> (that is, redirect the "output" of "nothing" to it).  Then make sure
> that its size is 0.
>
>   
>> Regarding other mailboxes, yes there are others and -- interestingly -- 
>> ones that have never had mail will allow a login via telnet, ones that 
>> have had mail cause failures.
>>     
>
> It sounds like you have local deliveries setup incorrectly, resulting in
> mailbox corruption.  Maybe your local deliveries and popa3d are not
> configured to follow the same locking convention.  It may be
> time-consuming to debug this problem via this mailing list.  If you
> like, I can debug and fix the problem operating on your server over SSH,
> provided that you compensate for my time.  Please contact me via private
> e-mail if you're interested.
>
> If this server does nothing more than e-mail, you might consider
> re-installing it with Openwall GNU/*/Linux (Owl) - which has correctly
> configured Postfix and popa3d available for use out of the box.
>
>

headers

Uwe Dippel | 13 Jul 16:14

Re: Suddenly, won't authenticate

James R. Mirick wrote:

> Jul 12 16:44:55 linux2600 popa3d: popa3d startup succeeded
> Jul 12 16:47:44 linux2600 popa3d[3369]: Session from 192.168.10.100
> Jul 12 16:47:44 linux2600 popa3d[3369]: Authentication passed for jrm
> Jul 12 16:47:44 linux2600 popa3d[3369]: Failed or refused to load 
> /var/spool/mail/jrm
> 
> This makes me think there's something corrupted in the mail files, but 
> the fact that it won't accept a password (for my account or any other) 
> makes me think its authentication.

Just take a look; they are plaintext !!

$ less /var/spool/mail/jrm

shows the content. You can travel up and down easily.

If you wanted, you could

$ mv /var/spool/mail/jrm /var/spool/mail/jrm_save

Then

$ ls -l | mail -s "test and new mail" jrm

should create a new spooler file for jrm:

$ ls -l /var/spool/mail/jrm

should have been recreated. Try

$ less /var/spool/mail/jrm

again. If everything is fine, try once again with your client. If it 
works this time, the file is corrupted. Bad luck day. If it doesn't, it 
is authentication.

You can

$ mv /var/spool/mail/jrm_save /var/spool/mail/jrm

at any moment.

Beware, I haven't actually tried all of these in this sequence. But I 
have done all of these one day or another. The spooler directory is 
special, so you might have to do one or another as root; and / or chown 
a file here or there.

Good luck,

Uwe