Article delegate-en/729 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A727@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: POP proxy and Outlook
10 Mar 2000 08:36:08 GMT ysato@etl.go.jp (Yutaka Sato)


On 03/10/00(02:38) you Horia Georgescu <pbyaabdyi-a3dey5mhvelr.ml@ml.delegate.org> wrote
in <_A727@delegate-en.ML_>
 |When it works (and it works!) now I can see the whole transfer back and   
 |forth. Pretty dangerous stuff!

Without DeleGate, anyone can peep TCP packets of others using snoop or
tcpdump or so.

 |But with this user, the process stops at the password. We've trided and   
 |changed the password and asked him to try again to connect but it didn't   
 |work. From what I see it, the string might not be terminated properly and   
 |delegate is waiting and waiting for the CR, or LF, in the end, until the   
 |timer is expiring and the connection is closed. He is claiming that his   
 |Outlook works just fine with some other provider, but I don't understand   
 |what is here different from somewhere else.
 |
 |If you allow me... Can you just send the password as is, when the timer   
 |is expiring, and if it is right is going to go through, if not, your are   
 |going to find out from the server's response. Or perhaps you already sent   
 |it, and the server didn't see the termination character and is not   
 |sending you back anything. In this case, before sending the password   
 |perhaps should it be padded with a CRLF, or something? (Just thinking...   
 |hope you don't mind)
...
 |     1  +OK MailBeamer v3.26 ready on gwnt.oasis-technology.com
 |     1  USER ssiu
 |     2  +OK send password now
 |03/09 12:21:19.57 [13089] 9+0: POP C-S: PASS ******^M
 |     2  PASS qwerty
 |03/09 12:21:32.88 [12050] 9+0: AcceptByMain: TIMEOUT(children=2,timeout=15)
 |03/09 12:21:54.71 [12581] 3+0: #### -tee-n-L [103] bytes / [3] lines
 |03/09 12:21:54.71 [12580] 3+0: #### -tee-n-L [26] bytes / [2] lines
 |## SSLway[13090](ipb187.miami15.fl.pub-ip.psi.net) done
 |proxy:/logs/delegate#

This log seems to show that PASSword was forwarded to the server but
the server closed the connection without returning any response code.
(AcceptByMain... message from pid=12050 has nothing to do with this
POP-DeleGate of pid=13089)

One possible scenario to explain the situation is that the client
(Outlook?) does not send CRLF at the end of PASS command, and the
server (MailBeamer) does not accept a command line without CRLF.
You can test the behavior of your POP server like follows:

  ## with CRLF
  % telnet gwnt.oasis-technology.com 110
  USER ssiu
  PASS qwerty

  ## only LF without CR
  % delegated -Fconnect gwnt.oasis-technology.com 110
  USER ssiu
  PASS qwerty

My POP server (Qpoper) accepts both of above, but your POP server
may not.  It it is the case, the enclosed patch will make DeleGate
cope with the problem.

Cheers,
Yutaka
--
Yutaka Sato <ysato@etl.go.jp> http://www.etl.go.jp/~ysato/   @ @ 
Computer Science Division, Electrotechnical Laboratory      ( - )
1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan            _<   >_


*** ../../delegate6.1.1/src/pop.c	Thu Jan  6 18:40:05 2000
--- pop.c	Fri Mar 10 17:24:13 2000
***************
*** 666,667 ****
--- 666,668 ----
  		goto EXIT;
+ 	sv1log("POP S-D: %s",resp);
  
***************
*** 682,683 ****
--- 683,685 ----
  			sprintf(req,"USER %s\r\n",user);
+ 			sv1log("POP D-S: %s",req);
  			if( fputs(req,ts) == EOF )
***************
*** 687,688 ****
--- 689,691 ----
  				goto EXIT;
+ 			sv1log("POP S-D: %s",resp);
  		}
***************
*** 716,717 ****
--- 719,730 ----
  
+ 		dp = strpbrk(req,"\r\n");
+ 		if( dp == NULL ){
+ 			syslog_ERROR("POP request without CRLF: %s\n",req);
+ 			goto EXIT;
+ 		}
+ 		if( strcmp(dp,"\n") == 0 ){
+ 			syslog_ERROR("WARNING: inserted CR before LF\n");
+ 			strcpy(dp,"\r\n");
+ 		}
+ 
  		sp = wordScan(req,com);
***************
*** 770,772 ****
--- 783,788 ----
  		if( fgets(resp,sizeof(resp),fs) == NULL )
+ 		{
+ 			syslog_ERROR("POP S-C EOF without response.\n");
  			goto EXIT;
+ 		}
  

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V