Eclectica Daybreak over Colburne Passage near Sidney, BC, Canada filler
shim shim shim shim
shim Home shim Software shim Avocations shim Services  
shim shim shim shim
Software
shim
shim
Documentation
 SSL Certificates
 OpenBSD RAID
 Self-Check Digits
 Bare Metal Reload
shim
Linux
 popbsmtpd
      Reference
      Installation
      Changelog
      FAQ
      Mailing Lists
      Download
shim
 Postfix
shim
 EnGarde
shim
iSeries
 CPYTOIFSF
 FTP Backup
shim
Windows
shim
shim

popbsmtpd-users

Interesting phenomenom with popbsmtpd/engarde

From: L.Taylor Banks (taylor_at_<censored>)
Date: 2002-12-13 01:17:00


Marcus,

I hate to send you e-mail without having found more information in a
mailing list somewhere first -- but would love your insight
nonetheless... (it's 415am my time, and I've given up searching :-)

I've configured and implemented popbsmtpd on a soon-to-be-production
mailserver. Strangely, when a user would pop his mail, popbsmtpd would
set the cutoff time to a time of "auth_duration" minutes -earlier- than
the current time. The end result of this is that authentication for
smtp transactions was immediately allowed, then immediately thereafter
disallowed.

I stopped and restarted popbsmtpd several times, testing new values,
and now it seems as though everything is working fine, but I'm still a
bit confused by the "current time/cutoff time" values, as they seem to
be backwards to me. I'm worried this will again cause me problems in
the future.

Current log entries produced by popbsmtpd with auth_duration set to 120:

popbsmtpd: Waiting for event; timeout in 3492 seconds
popbsmtpd: INPUT DATA: "Dec 13 02:03:19 puzi spop3[27632]: Login
user=taylor host=localhost [127.0.0.1] nmsgs=1/1"
popbsmtpd: Relaying ENABLED (extended) for user taylor at 24.xx.xx.121
popbsmtpd: Expiry tests: Current time 2002/12/13 02:03:19 (1039762999),
Cutoff time 2002/12/13 00:03:19 (1039755799)

^--- note that the cutoff time is EARLIER than the current time?!?

previous entries, with a negative auth_duration value (-120):

popbsmtpd: Waiting for event; timeout in 3600 seconds
popbsmtpd: INPUT DATA: "Dec 13 01:55:34 puzi spop3[27558]: Login
user=taylor host=localhost [127.0.0.1] nmsgs=1/1"
popbsmtpd: Relaying ENABLED (started) for user taylor at 24.xx.xx.121
popbsmtpd: Expiry tests: Current time 2002/12/13 01:55:34 (1039762534),
Cutoff time 2002/12/13 03:55:34 (1039769734)
popbsmtpd: Relaying DISABLED for 24.xx.xx.121

^--- with a negative duration, the cutoff time is later than the
current time, but relaying is immediately disabled (the opposite of
what i was first seeing happen).

am I crazy? or just misunderstanding the auth_duration value and its
usage?

thanks a ton for any clarity you can provide! (and thanks for a superb
solution to an otherwise troublesome secure default configuration :-)

--
L. Taylor Banks, CISSP
Chief Security Architect,
Director, Educational Services
Coral Reef Techknowledge
Office 954.359.3598 x109
Mobile 404.317.8649
Fax 877.383.5339
PGP-Key-ID: 0x822203B4
PGP-Key-Fingerprint: 8FDD 15B2 AA81 01D4 FCEF 554D 05A4 DFA1 8222 03B4

This archive was generated by hypermail 2.1.6 on 2005-11-05 00:15:05 PST


shim