Redhat 9 and Qmail - POP Connection restrictions

Posted on 2004-10-25
Last Modified: 2010-03-18
Just moved my POP accounts onto a Red Hat 9 server running Qmail.

For some reason, the server will not accept more than 4 concurrent POP3 connections from my workstation.
I can't find any rejection of the 5th connection in any logs I've looked it.

Before I start to rip into this, is anyone aware of restrictions of this kind, by default.

I would guess the 5th connection could be stopped by :

1. A firewall
2. The POP listener failing with the 5th due to load or some other issue
3. Perhaps some sort of overall machine restriction to prevent a DoS attack?
4. Some other issue with my workstattion, but it worked before when the POP accounts were hosted elsewhere.

Any ideas?

Deleted by ee_ai_construct, 0 points refunded. - 11/5/2004 9:34:58 AM PST
Question by:countytechnologies
    LVL 2

    Expert Comment

    >> not accept more than 4 concurrent POP3 connections

    What makes you believe this?  What evidence do you have?

    Author Comment

    Good point.  Well, the Qmail log shows 4 connections made, but not the fifth.  I am not sure if there some additional program between Qmail and the outside world on the Linux box (e.g. a firewall) that monitors simulaneous connections from the same outside IP.

    There are of course other elements involved on the client side.  

    The email client is Eudora, running on Windows XP
    Connects via internal network to a W2K Pro box running Wingate, with a POP3 proxy.
    The Wingate proxy log shows the 5 connections being tried with the Qmail server (so I guess its not Eudora).
    I am unable to determine if the 5 connections are leaving the W2K box, but certainly Qmail only sees 4.

    I have not tried connecting the Eudora XP box directly to the internet yet to take Wingate and W2K out of the equation.
    Also, both the XP and W2K box run ZoneAlarms, but there is no log of connection blocking.

    Also, just realised I installed XP SP2 on the Eudora machine (firewall turned off of course) so dont know if any issues there.

    I'll try a direct connection tommorrow, then perhaps installed Eudora on the W2K box and see if that works.

    Clearly there are many elements at play here.  Process of elimination I guess, but if you have any further thoughts, please shout.


    Author Comment

    Tried various test and have elimited the Windows boxes.   No matter how hard I tried, the 5th POP connection always failed.

    I then tried :
    - SSHed onto the Linux box
    - Fired up 5 xterms
    - Ran telnet 110   (obviously may real server name was used)
    - First 4 connections were fine and resulting in "+OK Hello there." from the POP server
    - The 5th connection always fails with message "Connection closed by foreign host."

    So taking out Windows and the email client, the 5th raw connection on port 110 (POP) is immedaitely being terminated, even when directly connected from the box.

    Coming back to my original question, it would appear that some process in the Linux box is consistantly failing the 5th connection (Qmail, firewall, whatever).

    Any further ideas would be welcome.


    Author Comment

    OK, I seems to have talked myself into a resolution.

    If anyone is interested, it turned out to be a configuration issue with the /usr/lib/courier-imap/libexec/couriertcpd process which seems to handle the incoming POP communication.

    I noted in a ps list the following:
    /usr/lib/courier-imap/libexec/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/sbin/courierlogger
    -noidentlookup 110 /usr/lib/courier-imap/sbin/pop3login /usr/li

    The config file was /usr/lib/courier-imap/etc/pop3d and there is a setting called MAXPERIP value which was set to 4 (that magic number).
    Resetting this to a larger value and restarting that process now allows the extra connections.


    PS: Not sure how to close this item.

    Accepted Solution

    Question answered by asker or dialog valuable.
    Closed, 500 points refunded.
    ee_ai_construct (replacement part #xm34)
    Community Support Admin

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
    Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
    In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now