Current time: 12-25-2024, 11:45 AM Hello There, Guest! (LoginRegister)


Post Reply 
imap traffic - strange things
Author Message
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #1
imap traffic - strange things
Hi

while studying ticket #898 I came across this behaviour on my system.

The traffic counter greps the lines with 'imaplogin' ffrom the mail.log but there's not such line in my log (I have courierpop3login but no imaplogin).

Ok, let's see what's running:
Code:
/usr/sbin/courierlogger -pid=/var/run/courier/imapd-ssl.pid -start -name=imapd-ssl /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 993 /usr/

/usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/imaplogin /usr/bin/imapd Mail

/usr/sbin/courierlogger -pid=/var/run/courier/pop3d-ssl.pid -start -name=pop3d-ssl /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 995 /usr/

/usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 995 /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/courierpop3login /usr/lib/cou

/usr/sbin/courierlogger -pid=/var/run/courier/authdaemon/pid -start /usr/lib/courier/courier-authlib/authdaemond

/usr/lib/courier/courier-authlib/authdaemond (6 times)

/usr/sbin/courierlogger -pid=/var/run/courier/imapd.pid -start /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 143 /usr/lib/courier/courier/

/usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 143 /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir

/usr/sbin/couriertcpd -pid=/var/run/courier/pop3d.pid -stderrlogger=/usr/sbin/courierlogger -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup -address=0 110 /usr/lib/courier/c

/usr/sbin/courierlogger courierpop3login

and the same on a newly set up machine...

in the log I have theese two possibilities:

Code:
Nov 27 11:08:08 laudox courierpop3login: Connection, ip=[::ffff:123.45.67.89]
Nov 27 11:08:11 laudox courierpop3login: LOGIN: ip=[::ffff:123.45.67.89], command=QUIT
Nov 27 11:08:11 laudox courierpop3login: LOGOUT, ip=[::ffff:123.45.67.89]
Nov 27 11:08:11 laudox courierpop3login: Disconnected, ip=[::ffff:123.45.67.89]

Nov 27 11:08:16 laudox couriertcpd: Connection, ip=[::ffff:123.45.67.89]
Nov 27 11:08:32 laudox couriertcpd: LOGIN: ip=[::ffff:123.45.67.89], command=EXIT
Nov 27 11:08:45 laudox couriertcpd: LOGIN: ip=[::ffff:123.45.67.89], command=LOGIN
Nov 27 11:08:48 laudox couriertcpd: LOGIN: ip=[::ffff:123.45.67.89], command=LOGIN

well the IMAP commands are not the right - it's a telnet on 143 :-)

What do others with courier have in their logs?

Greets Joximu
11-27-2007 08:12 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
imap traffic - strange things - joximu - 11-27-2007 08:12 PM
RE: imap traffic - strange things - joximu - 11-27-2007, 11:50 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 12:02 AM
RE: imap traffic - strange things - joximu - 11-28-2007, 12:21 AM
RE: imap traffic - strange things - joximu - 11-28-2007, 08:39 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 08:46 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 10:20 PM
RE: imap traffic - strange things - joximu - 11-28-2007, 10:23 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 10:27 PM
RE: imap traffic - strange things - joximu - 11-28-2007, 10:33 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 10:37 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 10:50 PM
RE: imap traffic - strange things - joximu - 11-28-2007, 10:58 PM
RE: imap traffic - strange things - BeNe - 11-28-2007, 11:10 PM
RE: imap traffic - strange things - joximu - 11-28-2007, 11:17 PM
RE: imap traffic - strange things - BeNe - 11-29-2007, 12:14 AM

Forum Jump:


User(s) browsing this thread: 4 Guest(s)