[Dovecot] Disconnects with proxies / new facts
Michael Kress
kress at hal.saar.de
Fri Mar 2 16:06:51 EET 2007
Hello,
sorry to answer so late with the tcpdump output...
Timo Sirainen wrote:
> On Tue, 2006-12-12 at 19:41 +0100, Michael Kress wrote:
>
>> I think I excluded all other cases now, because I installed cyrus-imapd
>> and succeeded with a proxy between client and server. So there's
>> definitely an issue with dovecot and the Avira AntiVir proxy. How can I
>> succeed in getting dovecot working? May I help you with some debugging?
>>
>
> I don't see what Dovecot could do differently to break any proxies. It
> really looks like the proxy is just sending extra LF characters, and
> there's nothing Dovecot can do to not give error message in such case.
>
> Could you get some network traffic dumps from the computer running
> Dovecot and also from the computer running some other POP3 server?
>
> I'm guessing you're doing something differently with Cyrus if it doesn't
> have this problem (you said cyrus-imapd, but I guess you still tried
> cyrus-pop3d?)
>
>
ok, to repeat myself just to close up to the context ... I'm using
version 0.99.11, i.e. the binary version that came with centos 4.4,
Avira Antivir Mailguard version 7.00.00.54 as of 01/16/2007
Definition of the two sessions
Session #1:
successful session, Mailguard deactivated, telnet from windows
Session #2:
unsuccessful session (the reason for this thread), Mailguard activated,
telnet from windows
########################################################
Output from Session #1:
Windows:
+OK dovecot ready.
user testpop
+OK
pass xxxxxxxxxxxxx
+OK Logged in.
quit
+OK Logging out.
Linux:
22:37:03.169044 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: S 3889389846:3889389846(0) win 65535 <mss
1452,nop,nop,sackOK>
22:37:03.169068 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: S 2340224350:2340224350(0) ack
3889389847 win 5840 <mss 1460,nop,nop,sackOK>
22:37:03.177755 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 1 win 65535
22:37:03.177872 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 1:19(18) ack 1 win 5840
22:37:03.376136 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 19 win 65517
22:37:03.376156 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 19:21(2) ack 1 win 5840
22:37:03.577141 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 21 win 65515
22:37:04.947160 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 1:2(1) ack 21 win 65515
22:37:04.947177 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 2 win 5840
22:37:05.323688 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 2:3(1) ack 21 win 65515
22:37:05.323705 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 3 win 5840
22:37:05.647102 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 3:4(1) ack 21 win 65515
22:37:05.647113 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 4 win 5840
22:37:05.959030 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 4:5(1) ack 21 win 65515
22:37:05.959038 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 5 win 5840
22:37:06.756295 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 5:6(1) ack 21 win 65515
22:37:06.756315 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 6 win 5840
22:37:07.155537 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 6:7(1) ack 21 win 65515
22:37:07.155546 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 7 win 5840
22:37:07.397885 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 7:8(1) ack 21 win 65515
22:37:07.397905 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 8 win 5840
22:37:07.646730 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 8:9(1) ack 21 win 65515
22:37:07.646739 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 9 win 5840
22:37:07.949663 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 9:10(1) ack 21 win 65515
22:37:07.949671 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 10 win 5840
22:37:08.268349 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 10:11(1) ack 21 win 65515
22:37:08.268437 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 11 win 5840
22:37:08.511316 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 11:12(1) ack 21 win 65515
22:37:08.511388 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 12 win 5840
22:37:08.708569 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 12:13(1) ack 21 win 65515
22:37:08.708650 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 13 win 5840
22:37:09.363911 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 13:15(2) ack 21 win 65515
22:37:09.363931 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 15 win 5840
22:37:09.364041 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 21:26(5) ack 15 win 5840
22:37:09.485466 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 26 win 65510
22:37:09.937176 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 15:16(1) ack 26 win 65510
22:37:09.968566 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 16 win 5840
22:37:10.148668 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 16:17(1) ack 26 win 65510
22:37:10.148678 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 17 win 5840
22:37:10.436740 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 17:18(1) ack 26 win 65510
22:37:10.436760 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 18 win 5840
22:37:10.620928 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 18:19(1) ack 26 win 65510
22:37:10.621048 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 19 win 5840
22:37:10.935925 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 19:20(1) ack 26 win 65510
22:37:10.936010 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 20 win 5840
22:37:11.180025 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 20:21(1) ack 26 win 65510
22:37:11.180080 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 21 win 5840
22:37:11.382030 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 21:22(1) ack 26 win 65510
22:37:11.382102 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 22 win 5840
22:37:11.607633 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 22:23(1) ack 26 win 65510
22:37:11.607697 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 23 win 5840
22:37:11.813501 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 23:24(1) ack 26 win 65510
22:37:11.813576 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 24 win 5840
22:37:11.998511 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 24:25(1) ack 26 win 65510
22:37:11.998560 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 25 win 5840
22:37:12.156286 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 25:26(1) ack 26 win 65510
22:37:12.156334 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 26 win 5840
22:37:12.301453 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 26:27(1) ack 26 win 65510
22:37:12.301527 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 27 win 5840
22:37:12.586528 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 27:29(2) ack 26 win 65510
22:37:12.586588 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 29 win 5840
22:37:12.593534 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 26:40(14) ack 29 win 5840
22:37:12.789841 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 40 win 65496
22:37:12.789865 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 40:42(2) ack 29 win 5840
22:37:12.991146 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 42 win 65494
22:37:13.938930 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 29:30(1) ack 42 win 65494
22:37:13.978571 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 30 win 5840
22:37:14.184902 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 30:31(1) ack 42 win 65494
22:37:14.184909 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 31 win 5840
22:37:14.385776 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 31:32(1) ack 42 win 65494
22:37:14.385787 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 32 win 5840
22:37:14.574039 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 32:33(1) ack 42 win 65494
22:37:14.574047 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 33 win 5840
22:37:15.159813 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: P 33:35(2) ack 42 win 65494
22:37:15.159831 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 35 win 5840
22:37:15.159967 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: P 42:60(18) ack 35 win 5840
22:37:15.160405 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: F 60:60(0) ack 35 win 5840
22:37:15.169530 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: . ack 61 win 65476
22:37:15.171526 IP p54A572BD.dip.t-dialin.net.3296 >
mail.kress-edv.de.pop3: F 35:35(0) ack 61 win 65476
22:37:15.171536 IP mail.kress-edv.de.pop3 >
p54A572BD.dip.t-dialin.net.3296: . ack 36 win 5840
80 packets captured
80 packets received by filter
0 packets dropped by kernel
########################################################
Output from Session #2:
Windows: sometimes nothing on the (telnet) screen, just plain black
blank... more often the string "OK dovecot ready." can be seen but as
soon as I type a character, a carriage return is being sent afterwards.
Linux:
16:47:25.077236 IP p54A57136.dip.t-dialin.net.3452 >
mail.kress-edv.de.pop3: S 399467164:399467164(0) win 65535 <mss
1452,nop,nop,sackOK>
16:47:25.077264 IP mail.kress-edv.de.pop3 >
p54A57136.dip.t-dialin.net.3452: S 2416565075:2416565075(0) ack
399467165 win 5840 <mss 1460,nop,nop,sackOK>
16:47:25.111187 IP p54A57136.dip.t-dialin.net.3452 >
mail.kress-edv.de.pop3: . ack 1 win 65535
16:47:25.111304 IP mail.kress-edv.de.pop3 >
p54A57136.dip.t-dialin.net.3452: P 1:19(18) ack 1 win 5840
16:47:25.323308 IP p54A57136.dip.t-dialin.net.3452 >
mail.kress-edv.de.pop3: . ack 19 win 65517
16:47:25.323332 IP mail.kress-edv.de.pop3 >
p54A57136.dip.t-dialin.net.3452: P 19:21(2) ack 1 win 5840
16:47:25.527811 IP p54A57136.dip.t-dialin.net.3452 >
mail.kress-edv.de.pop3: . ack 21 win 65515
(here: just after "OK dovecot ready")
and if I close the connection:
16:53:15.862805 IP p54A57136.dip.t-dialin.net.3673 >
mail.kress-edv.de.pop3: R 1:1(0) ack 21 win 0
No further response to "user .... pass ..." except for the carriage returns.
There must be something in dovecot that makes mailguard misbehave or
vice versa. Can anyone see that from the traffic above? Or what else do
you need for input data?
More interesting: I've seen that the version that came with Fedora if
dovecot-1.0-1.1.rc15.fc6 works perfectly with that mailguard.
Q:
Is there any chance to patch the version that came with centos-4.4 with
the right "salt"? Centos' dovecot version is 0.99.11.
That could be of some interest as centos-4.4 (i.e. rhel4) will still
live for quite some time.
Regards,
Michael
--
Michael Kress, kress at hal.saar.de
http://www.michael-kress.de / http://kress.net
P E N G U I N S A R E C O O L
More information about the dovecot
mailing list