I'm running Courier 4.9.3-6.1.3 as distributed by OpenSuSE, with Courier-authlib 0.63.0-16.1.3. I have a whopping three users fetching mail: me, my wife, and my daughter. I use Gnus and my Nokia N900 phone to talk to IMAP. My wife uses Apple Mail and an iPhone; my daughter uses only Apple Mail. The daughter and I run unencrypted over a VPN; the other connections are via IMAP-SSL.
>From time to time, for no apparent reason, one of my wife's or my daughter's accounts stops accepting imap logins. The odd thing is that only one will go bad, and never mine. I've included a sample transcript below, with passwords and usernames obscured. The first proves that the IMAP server is working. The second shows what happens when I try to log into a hung account: after the login request, the IMAP server delays 15 seconds and then closes the connection. The third demonstrates that it's not a password problem; a bad password produces a clearcut response after five seconds. I've also included relevant syslog lines. So that's problem #1. It wouldn't be too horribly annoying, because I've set up a Nagios monitor to watch both accounts and let me know when they go bad. But problem #2 is I haven't figured out how to fix the problem except by rebooting the server. *THAT* is a major nuisance. You'd think that if I restarted courier-authdaemon courier, courier-ssl, and courier (in that order) all would be well. But no. So two questions: first, any idea what's going on? And second, can anybody think of another service I could restart that might be involved in authentication? ============================================================ Here's the transcript, run on the server to avoid extraneous interference: mallet:2:506> telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information. A login wife wifepw A OK LOGIN Ok. A logout * BYE Courier-IMAP server shutting down A OK LOGOUT completed Connection closed by foreign host. mallet:2:507> telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information. A login daughter daughterpw Connection closed by foreign host. mallet:2:508> telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information. A login daughter badpw A NO Login failed. ^] telnet> quit Connection closed. ============================================================ Here are syslog lines from just before and after the most recent failure (Nagios alerted me at 19:22). The 76.90.0.0 IP address is the obfuscated version of my current home IP, 166.137.0.0 is my wife's iPhone, and 192.168.6.* is my VPN. Note that the daughter's account didn't produce any log lines after the authdaemond line; a proper exchange should have generated an imapd LOGIN line next. Apr 2 19:19:27 mallet imapd-ssl: Connection, ip=[::ffff:76.90.0.0] Apr 2 19:19:27 mallet authdaemond: received auth request, service=imap, authtype=login Apr 2 19:19:27 mallet authdaemond: pam_service=imap, pam_username=wife Apr 2 19:19:27 mallet imapd-ssl: LOGIN, user=wife, ip=[::ffff:76.90.0.0], port=[61814], protocol=IMAP Apr 2 19:19:36 mallet imapd-ssl: LOGOUT, user=wife, ip=[::ffff:76.90.0.0], headers=0, body=0, rcvd=413, sent=10014, time=9, starttls=1 Apr 2 19:21:03 mallet imapd: Connection, ip=[::ffff:192.168.6.5] Apr 2 19:21:03 mallet authdaemond: received auth request, service=imap, authtype=login Apr 2 19:21:03 mallet authdaemond: pam_service=imap, pam_username=geoff Apr 2 19:21:03 mallet imapd: LOGIN, user=geoff, ip=[::ffff:192.168.6.5], port=[44640], protocol=IMAP Apr 2 19:21:04 mallet imapd: LOGOUT, user=geoff, ip=[::ffff:192.168.6.5], headers=0, body=0, rcvd=36, sent=341, time=1 Apr 2 19:21:34 mallet imapd-ssl: TIMEOUT, user=wife, ip=[::ffff:166.137.0.0] , headers=0, body=0, rcvd=403, sent=9986, time=1801, starttls=1 Apr 2 19:22:09 mallet imapd: Connection, ip=[::ffff:127.0.0.1] Apr 2 19:22:09 mallet authdaemond: received auth request, service=imap, authtype=login Apr 2 19:22:09 mallet authdaemond: pam_service=imap, pam_username=daughter Apr 2 19:24:12 mallet imapd: Connection, ip=[::ffff:127.0.0.1] Apr 2 19:24:12 mallet authdaemond: received auth request, service=imap, authtype=login Apr 2 19:24:12 mallet authdaemond: pam_service=imap, pam_username=wife Apr 2 19:24:12 mallet imapd: LOGIN, user=wife, ip=[::ffff:127.0.0.1], port=[57016], protocol=IMAP Apr 2 19:24:14 mallet imapd: LOGOUT, user=wife, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=9, sent=80, time=2 -- Geoff Kuenning ge...@cs.hmc.edu http://www.cs.hmc.edu/~geoff/ Perl is awk with skin cancer. -- Henry Spencer ------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html _______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap