[SM-USERS] squirrelmail-users@lists.sourceforge.net
Hi all, I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on CentOS 5.5 when the users wants to login, all user gets the error message "Your session has expired, but will be resumed after logging in again". No one is able to login. Yesterday everything works perfect. no changes where made!! httpd restart/Server reboot doesn't fix this problem. Whats going on? many thanks Richard -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] squirrelmail-users@lists.sourceforge.net
Please read this and review how to choose a better subject http://squirrelmail.org/postingguidelines > I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on > CentOS 5.5 > > when the users wants to login, all user gets the error message "Your > session has expired, but will be resumed after logging in again". > > No one is able to login. > > Yesterday everything works perfect. > no changes where made!! Impossible. > httpd restart/Server reboot doesn't fix this problem. > > Whats going on? You tell us. Check your logs, read the posting guidelines. Currently my crystal ball is in the shop. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
On 8/5/10 11:10 AM Paul Lesniewski wrote: > Please read this and review how to choose a better subject > > http://squirrelmail.org/postingguidelines sorry, was a copy/paste mistake. >> I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on >> CentOS 5.5 >> >> when the users wants to login, all user gets the error message "Your >> session has expired, but will be resumed after logging in again". >> >> No one is able to login. >> >> Yesterday everything works perfect. >> no changes where made!! > > Impossible. for me: possible ;-( > >> httpd restart/Server reboot doesn't fix this problem. >> >> Whats going on? > > You tell us. Check your logs, read the posting guidelines. Currently > my crystal ball is in the shop. ;-) I've already checked my logs (httpd/dovecot/messages/maillog/daemon.log) No errors ore something similar. I have also removed one Useraccount (from CentOS, SM pref-file, IMAP-mailbox) and recreated it. Error still exists, and for all other users. Date and time is in sync with the ntp servers. No rootkit installed ;-) Filesystems are also OK. Is there maybe are session lockfile (for the connection duration or something else) in SM available, which I should remove? as I explaned: none of our users (above 150!!!) can login to SM. everyone becomes the same error: SquirrelMail version 1.4.8-5.el5.centos.10 By the SquirrelMail Project Team ERROR Your session has expired, but will be resumed after logging in again. Go to the login page Thanks Richard -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] squirrelmail-users@lists.sourceforge.net
On Thu, August 5, 2010 04:04, Richard Gliebe wrote: > Hi all, > > I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on > CentOS 5.5 > > when the users wants to login, all user gets the error message "Your > session has expired, but will be resumed after logging in again". > > No one is able to login. > > Yesterday everything works perfect. > no changes where made!! > > httpd restart/Server reboot doesn't fix this problem. > > Whats going on? > > many thanks > Richard > The only time that I have seen this problem with SquirrelMail was when our webmail service was under a brute force password attack and the /var/lib/ partition filled up with php session identifiers. Check your file system free space with df. -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
> as I explaned: none of our users (above 150!!!) can login to SM. > everyone becomes the same error: amateur pokes out head and says. try to login user via telnet. if that is successful then have you got selinux stuff ? try turning that off. if works probably something in imap config is wonky. mick -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
[SM-USERS] squirrel mail and apache modsecurity2
Hello, I try to make squirrelmail 1.4.21 and modsecurity2 work together. I am triggering a false positive while trying to send a mail. ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/apache2/conf.d/mod_security2.conf"] [line "59"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "sepik.ehess.fr"] [uri "/mailnew/src/compose.php"] [unique_id "TFpfJ38AAAIAAHIKYZ0K"] Googling around this i find similar with Horde: http://comments.gmane.org/gmane.comp.apache.mod-security.user/6171 Does anyone have find any good solution ? -- The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] squirrelmail-users@lists.sourceforge.net
On Thu, Aug 5, 2010 at 6:47 AM, James B. Byrne wrote: > > On Thu, August 5, 2010 04:04, Richard Gliebe wrote: >> Hi all, >> >> I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on >> CentOS 5.5 >> >> when the users wants to login, all user gets the error message "Your >> session has expired, but will be resumed after logging in again". >> >> No one is able to login. >> >> Yesterday everything works perfect. >> no changes where made!! >> >> httpd restart/Server reboot doesn't fix this problem. >> >> Whats going on? >> >> many thanks >> Richard >> > > The only time that I have seen this problem with SquirrelMail was > when our webmail service was under a brute force password attack and > the /var/lib/ partition filled up with php session identifiers. > Check your file system free space with df. Note that the Lockout plugin could probably have prevented that situation. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
>>> I get this morning a great problem with SM 1.4.8-5.el5.centos.10 on >>> CentOS 5.5 >>> >>> when the users wants to login, all user gets the error message "Your >>> session has expired, but will be resumed after logging in again". >>> >>> No one is able to login. >>> >>> Yesterday everything works perfect. >>> no changes where made!! >> >> Impossible. > > for me: possible ;-( *Something* had to change in order for the behavior to change. It's your job to tell us what that is. >>> httpd restart/Server reboot doesn't fix this problem. >>> >>> Whats going on? >> >> You tell us. Check your logs, read the posting guidelines. Currently >> my crystal ball is in the shop. > > ;-) > > I've already checked my logs (httpd/dovecot/messages/maillog/daemon.log) > No errors ore something similar. > > I have also removed one Useraccount (from CentOS, SM pref-file, > IMAP-mailbox) and recreated it. > > Error still exists, and for all other users. > > Date and time is in sync with the ntp servers. > No rootkit installed ;-) > Filesystems are also OK. > > Is there maybe are session lockfile (for the connection duration or > something else) in SM available, which I should remove? You could start by deleting all PHP session files, or at least all those that contain SquirrelMail data. Also clear all cookies in your browser (although you might not want to do that if you want to mimic your users who probably won't be able to figure out how to do that). You could also do things like show your PHP session timeout value and try increasing it. Also show your plugins and try running with NO plugins activated to see if that helps. > as I explaned: none of our users (above 150!!!) can login to SM. > everyone becomes the same error: > > SquirrelMail version 1.4.8-5.el5.centos.10 > By the SquirrelMail Project Team > ERROR > Your session has expired, but will be resumed after logging in again. > Go to the login page -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] squirrelmail-users@lists.sourceforge.net
On Thu, 5 Aug 2010, Paul Lesniewski wrote: >> The only time that I have seen this problem with SquirrelMail was >> when our webmail service was under a brute force password attack and >> the /var/lib/ partition filled up with php session identifiers. >> Check your file system free space with df. > > Note that the Lockout plugin could probably have prevented that situation. > That plugin is life saver, everyone should be using it, IMHO. -- Res "What does Windows have that Linux doesn't?" - One hell of a lot of bugs! -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
On 8/5/10 9:51 PM Paul Lesniewski wrote: >> The only time that I have seen this problem with SquirrelMail was >> when our webmail service was under a brute force password attack and >> the /var/lib/ partition filled up with php session identifiers. >> Check your file system free space with df. > > Note that the Lockout plugin could probably have prevented that situation. strange: this morning, SM works, as i should. Lockout plugin will be installed as soon as possible. FYI: filesystems (special: /var/lib) are OK and was always OK (monitoring by nagios) SELinux is and was disabled. No bruteforce attack or something similar yesterday. login via telnet also failed. onesmore: no changes where done in SM. PHP sessions where maybe deleted by rebooting the hole server. many thanks Richard -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
On Thu, Aug 5, 2010 at 9:46 PM, Richard Gliebe wrote: > On 8/5/10 9:51 PM Paul Lesniewski wrote: >>> The only time that I have seen this problem with SquirrelMail was >>> when our webmail service was under a brute force password attack and >>> the /var/lib/ partition filled up with php session identifiers. >>> Check your file system free space with df. >> >> Note that the Lockout plugin could probably have prevented that situation. > > strange: this morning, SM works, as i should. > > Lockout plugin will be installed as soon as possible. > > FYI: > filesystems (special: /var/lib) are OK and was always OK (monitoring by > nagios) > SELinux is and was disabled. > No bruteforce attack or something similar yesterday. > login via telnet also failed. Then it's not a SquirrelMail problem. Check your IMAP server log to see why the login was rejected. If it doesn't tell you anything, your logging verbosity is too low. Further questions should be directed to the community that supports your IMAP server. > onesmore: no changes where done in SM. > PHP sessions where maybe deleted by rebooting the hole server. Unless you have a special system set up, rebooting will not purge PHP session files. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Re: [SM-USERS] Your session has expired - can't login
On 8/6/10 6:55 AM Paul Lesniewski wrote: > Then it's not a SquirrelMail problem. Check your IMAP server log to > see why the login was rejected. If it doesn't tell you anything, your > logging verbosity is too low. Further questions should be directed to > the community that supports your IMAP server. hhmmm. Client connects to our IMAP Server (dovecot) with Thunderbird/Outlook/Entourage worked without any problems. Yesterday I've checks the dovecot.log. No Client connect errors. To prevent telephone terror, I've installed yesterday quick'n dirty 'open-webmail'. No connect problems with this app. > >> onesmore: no changes where done in SM. >> PHP sessions where maybe deleted by rebooting the hole server. > > Unless you have a special system set up, rebooting will not purge PHP > session files. After rebooting the server, a 'ps' and 'lsof' doesn't showed my any php zombi processes and any php sessions files associated with SM. I also took a look into /var/lib and /usr/share where SM keeps its Files. Everything looked fine. anyway, I'll upgrade our SM installation to the newest release, and looking forward to see what happens. If SM failes onesmore, there is open-webmail (standby) available on our system ;-) Richard -- This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev - squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
