[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2898
  • Last Modified:

courier-imap: Connection timeout and clients unable to move e-mails between imap folders

No matter what remote/local client I use for IMAP it is really slow and courier-imap seems to be killing the connection before anyone can move e-mails into their imap folders.   SMTP works fine so I don't think it is qmail.  Any idea on how to trace/debug this?  I can't find a detailed log file anywhere for courier-imap.   And maillog, messages, and secure do not seem to be giving any details about what is going on.  According to maillog everything is working properly.  

The version of courier-imap I am using comes with Plesk 8.x so it is a modified version (I'm assuming).

Thanks!
0
mrgswift
Asked:
mrgswift
  • 6
  • 2
1 Solution
 
mchkorgCommented:
Did you check your Maildir directory structure ? permissions ? how did you create these structures (I guess not from e-mail client as it doesn't work ?)
Please give some more details
0
 
mrgswiftAuthor Commented:
Path: /var/qmail/mailnames
Command: ls -la returns: (domain names asterisked out for privacy)
drwxr-xr-x 18 root    qmail   4096 Oct 10 18:32 .
drwxr-xr-x 11 root    qmail    122 Oct  7 15:30 ..
drwx------  3 popuser popuser   43 Sep  4  2007 ************.com
drwx------  2 popuser popuser   27 Sep  5  2007 ************.com
drwx------  3 popuser popuser   37 Sep  5  2007 ************.com
drwx------  4 popuser popuser   51 Sep  9  2007 ********.net
drwx------  2 popuser popuser   27 Sep  5  2007 *************.com
drwx------  6 popuser popuser   75 Oct  3  2007 ************.net
drwx------  9 popuser popuser  117 Sep  5  2007 **********.net
drwx------  2 popuser popuser   27 Sep  5  2007 *************.com
drwx------  2 popuser popuser   40 Oct 10 18:26 .spamassassin
drwx------  2 popuser popuser   27 Jul 31 01:17 ****************.com
drwx------  2 popuser popuser   27 Sep 24  2007 **************.com
drwx------ 28 popuser popuser 4096 Sep 27 14:04 ************.org
drwx------  2 popuser popuser   27 Jun 24 13:26 *************.cc
drwx------ 19 popuser popuser 4096 Sep  5  2007 **************.org

When you go into one of the domain directory structures it looks like this: (ls -la)
total 12
drwx------ 19 popuser popuser 4096 Sep  5  2007 .
drwxr-xr-x 16 root    qmail   4096 Oct 10 18:35 ..
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 *********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ***
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 hospitality
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 info
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ***********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ***********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 *********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 *******
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 **
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 *********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 *******
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ********
-rw-------  1 popuser popuser   56 Sep  5  2007 .qmail-default
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ****
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ******
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 **********
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 ****

When you change directory into one of users it looks like this:
drwxr-xr-x  5 popuser popuser   72 Oct  8 14:22 .
drwx------ 19 popuser popuser 4096 Sep  5  2007 ..
drwxr-xr-x  2 popuser popuser    6 Sep  5  2007 @attachments
drwxr-xr-x  6 popuser popuser  103 Oct  8 14:22 Maildir
-rw-r--r--  1 popuser popuser   41 Oct 10 18:20 .qmail
drwx------  2 popuser popuser   57 Aug  1 13:45 .spamassassin

And inside Maildir is I believe the standard Maildir structure:
drwxr-xr-x 6 popuser popuser  103 Oct  8 14:22 .
drwxr-xr-x 5 popuser popuser   72 Oct  8 14:22 ..
drwxr-xr-x 2 popuser popuser    6 Sep  5  2007 courierimapkeywords
-rw-r--r-- 1 popuser popuser   76 Aug 31  2007 courierimapuiddb
drwxr-xr-x 2 popuser popuser   75 Sep  5  2007 cur
-rw-r--r-- 1 popuser popuser   31 Oct  8 14:22 maildirsize
drwxr-xr-x 2 popuser popuser 4096 Sep  5  2007 new
drwxr-xr-x 2 popuser popuser    6 Oct  8 14:22 tmp

E-mail inside cur and new looks like this:

-rw-r--r-- 1 popuser popuser 1499 Aug 31  2007 1172113602.22111.*********.net
-rw-r--r-- 1 popuser popuser 2369 Aug 31  2007 1178813180.M530839P77227806967357.*********.net
-rw-r--r-- 1 popuser popuser 2320 Aug 31  2007 1182438845.M402453P114671331862603.*********.net


In all honesty I'm no expert on how the imap folders are structured or even kept track of in a Maildir structure.   I see how the e-mails are stored but not the actual imap folders or where to look for the imap folder store/permissions and settings.

0
 
mrgswiftAuthor Commented:
I will be gone until Monday.  So I will respond to any inquiries and responses late Monday or on Tuesday.  Thanks so much for your help! :-)
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
mrgswiftAuthor Commented:
New Info:  Ok so I did a strace -p <pid> on the specific couriertls login process for my imap session and got this:

Process 27734 attached - interrupt to quit
select(1, [0], [], NULL, NULL)          = 1 (in [0])
read(0, "\26\3\1\0\206", 5)             = 5
read(0, "\20\0\0\202\0\200\37{:\v5o\316\333+\244\345\341\373\np"..., 134) = 134
read(0, "\24\3\1\0\1", 5)               = 5
read(0, "\1", 1)                        = 1
read(0, "\26\3\1\0000", 5)              = 5
read(0, "\201u7\3060\1g\244\247\300f\337n&\371}<\257n\362\31\372"..., 48) = 48
write(0, "\24\3\1\0\1\1\26\3\1\0000\365\rD\226\1\354I\30AV\343\345"..., 59) = 59
fcntl(3, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0
lseek(3, 0, SEEK_SET)                   = 0
read(3, "\0\0\10\0\0\0\0\0\324\346\7\0\0\0\0\0M\377\7\0\0\0\0\0"..., 32) = 32
lseek(3, 517665, SEEK_SET)              = 517665
write(3, "\0\0\0\0\0\0\0\0\263\0\0\0\0\0\0\0\300}\366H\0\0\0\0 \0"..., 187) = 187
lseek(3, 0, SEEK_SET)                   = 0
write(3, "\0\0\10\0\0\0\0\0!\346\7\0\0\0\0\0M\377\7\0\0\0\0\0\0\0"..., 32) = 32
fcntl(3, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
socketpair(PF_FILE, SOCK_STREAM, 0, [4, 5]) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2ba9192c9160) = 27745
close(5)                                = 0
fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK)  = 0
fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK)  = 0
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [4])
read(4, "* OK [CAPABILITY IMAP4rev1 UIDPL"..., 8192) = 244
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
write(0, "\27\3\1\1\20\337\234\262>\260\2648\361\35)\227\316\270"..., 277) = 277
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [0])
read(0, "\27\3\1\0000", 5)              = 5
read(0, "\0018\201\272\246\7\347\200\366m\237\3423v\341\340\362"..., 48) = 48
select(5, [4], [4], NULL, NULL)         = 1 (out [4])
write(4, "1 capability\r\n", 14)        = 14
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [4])
read(4, "* CAPABILITY IMAP4rev1 UIDPLUS C"..., 8192) = 160
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
write(0, "\27\3\1\0\300\302a\326\245e\7\355]\305+U\300\20\274v\374"..., 197) = 197
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [0])
read(0, "\27\3\1\0000", 5)              = 5
read(0, "\276\36NkG\334?(Q\20\32/r\267\216\310\315\214\353\n\363"..., 48) = 48
select(5, [4], [4], NULL, NULL)         = 1 (out [4])
write(4, "2 authenticate plain\r\n", 22) = 22
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [4])
read(4, "+ \r\n", 8192)                 = 4
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
write(0, "\27\3\1\0 FUAn8(|\213\257\207\23\276\262PP\203~i\301<%"..., 37) = 37
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)
select(5, [0 4], [], NULL, NULL)        = 1 (in [0])
read(0, "\27\3\1\0P", 5)                = 5
read(0, "\350O3\232\233\354\26\344\357]\255\305\327\302\320\\Y!"..., 80) = 80
select(5, [4], [4], NULL, NULL)         = 1 (out [4])
write(4, "AG1ndWlsbG90QGxpZmVncm91cHMubmV0"..., 50) = 50
read(0, 0x628930, 5)                    = -1 EAGAIN (Resource temporarily unavailable)

I noticed the "-1 EAGAIN (Resource temporarily unavailable)"  and was wondering if any of you knew what this meant.  I am assuming for the time being that this is related to my problem.

Thanks!
0
 
mrgswiftAuthor Commented:
It is definitely getting hung up during the login stage.  After using strace to do a few tests I figured out that It takes a long time to authenticate imap logins.  What would cause this?  
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
This question is getting old fast.... did you find a solution?

It appears from your above posting that you're using courier-tls (that is, the courier-imap package, and you're connecting on port 993 -- which means SSL or TLS.

So, as a first test, let's remove the SSL layer -- test logins on port 143 (regular IMAP). If you're not comfortable doing this over the Internet (understandable), then test using a squirrelmail, or on a LAN connection.

If you connect "normally" (e.g.: quickly) on port 143, then the problem is most likely that you're missing (or not pointing correctly to) your certificate file.

You can create a locally-signed certificate (see openssl), but if you do your users will receive warning messages from their e-mail client saying that the certificate cannot be verified. If you're hosting only your own domain, that may not be a problem, but if you're hosting other people's domain(s), then you'll want a real certificate (which is NOT free).

This should get you started... if you need more assistance, just reply on here!

I hope this helps... someone!

Dan
IT4SOHO
0
 
mrgswiftAuthor Commented:
it appears to have something to do with the authentication module that comes with plesk.  The login delay happens regardless if I use ssl or not.  I'm not quite sure at the moment on how to fix this besides somehow reinstalling this module (which might not even work).
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
OK.... well you've helped by adding the information that the IMAP server is just as slow over SSL and standard connections. And you've confirmed that SMTP connections are working well, so it doesn't appear to be a networking problem.

The next place I would look is at permissions. To do this, you'll want to determine the UID (and GID) of the imapd service, then look at the config files & e-mail folders to make sure that the process has the permissions to:
 a) read its own config files
 b) read/call the auth process (or files)
 c) access the messages for the logged-in user

Let me know what you get...

Thanks

Dan
0
 
mrgswiftAuthor Commented:
Somehow the problem was fixed automatically during an update for Plesk.  I suppose it may have just been a bug on their side.  I am disappointed that I may never know what was wrong, Parallels support probably isn't going to tell me exactly what was wrong.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 6
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now