Redhat 9 and Qmail - POP Connection restrictions

Just moved my POP accounts onto a Red Hat 9 server running Qmail.

For some reason, the server will not accept more than 4 concurrent POP3 connections from my workstation.
I can't find any rejection of the 5th connection in any logs I've looked it.

Before I start to rip into this, is anyone aware of restrictions of this kind, by default.

I would guess the 5th connection could be stopped by :

1. A firewall
2. The POP listener failing with the 5th due to load or some other issue
3. Perhaps some sort of overall machine restriction to prevent a DoS attack?
4. Some other issue with my workstattion, but it worked before when the POP accounts were hosted elsewhere.

Any ideas?
G.

Deleted by ee_ai_construct, 0 points refunded. - 11/5/2004 9:34:58 AM PST
countytechnologiesAsked:
Who is Participating?
 
ee_ai_constructConnect With a Mentor Commented:
Question answered by asker or dialog valuable.
Closed, 500 points refunded.
ee_ai_construct (replacement part #xm34)
Community Support Admin
0
 
DonboyCommented:
>> not accept more than 4 concurrent POP3 connections

What makes you believe this?  What evidence do you have?
0
 
countytechnologiesAuthor Commented:
Good point.  Well, the Qmail log shows 4 connections made, but not the fifth.  I am not sure if there some additional program between Qmail and the outside world on the Linux box (e.g. a firewall) that monitors simulaneous connections from the same outside IP.

There are of course other elements involved on the client side.  

The email client is Eudora, running on Windows XP
Connects via internal network to a W2K Pro box running Wingate, with a POP3 proxy.
The Wingate proxy log shows the 5 connections being tried with the Qmail server (so I guess its not Eudora).
I am unable to determine if the 5 connections are leaving the W2K box, but certainly Qmail only sees 4.

I have not tried connecting the Eudora XP box directly to the internet yet to take Wingate and W2K out of the equation.
Also, both the XP and W2K box run ZoneAlarms, but there is no log of connection blocking.

Also, just realised I installed XP SP2 on the Eudora machine (firewall turned off of course) so dont know if any issues there.

I'll try a direct connection tommorrow, then perhaps installed Eudora on the W2K box and see if that works.

Clearly there are many elements at play here.  Process of elimination I guess, but if you have any further thoughts, please shout.

Thanks
Gary
0
 
countytechnologiesAuthor Commented:
Tried various test and have elimited the Windows boxes.   No matter how hard I tried, the 5th POP connection always failed.

I then tried :
- SSHed onto the Linux box
- Fired up 5 xterms
- Ran telnet mymailserver.com 110   (obviously may real server name was used)
- First 4 connections were fine and resulting in "+OK Hello there." from the POP server
- The 5th connection always fails with message "Connection closed by foreign host."

So taking out Windows and the email client, the 5th raw connection on port 110 (POP) is immedaitely being terminated, even when directly connected from the box.

Coming back to my original question, it would appear that some process in the Linux box is consistantly failing the 5th connection (Qmail, firewall, whatever).

Any further ideas would be welcome.

Thanks
Gary
0
 
countytechnologiesAuthor Commented:
OK, I seems to have talked myself into a resolution.

If anyone is interested, it turned out to be a configuration issue with the /usr/lib/courier-imap/libexec/couriertcpd process which seems to handle the incoming POP communication.

I noted in a ps list the following:
/usr/lib/courier-imap/libexec/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/sbin/courierlogger
-stderrloggername=pop3d
-maxprocs=40
-maxperip=4
-pid=/var/run/pop3d.pid
-nodnslookup
-noidentlookup 110 /usr/lib/courier-imap/sbin/pop3login /usr/li

The config file was /usr/lib/courier-imap/etc/pop3d and there is a setting called MAXPERIP value which was set to 4 (that magic number).
Resetting this to a larger value and restarting that process now allows the extra connections.

Yippee.
Gary

PS: Not sure how to close this item.
0
All Courses

From novice to tech pro — start learning today.