> On 2019年04月01日 08:30, Robert Kudyba wrote:
>> squirrelmail-1.4.23-0.fc29.20180816.noarch, on Fedora 29.with 
>> dovecot-2.3.3-1.fc29.x86_64
>> 
>> I posted on the Dovecot mailing list, 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__dovecot.org_pipermail_dovecot_2019-2DMarch_115335.html&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=OzX1PznRcjkg17ckyO8YW0LrIrQ30cU2T_9Vz-7sYeA&e=
>>  
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__dovecot.org_pipermail_dovecot_2019-2DMarch_115335.html&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=OzX1PznRcjkg17ckyO8YW0LrIrQ30cU2T_9Vz-7sYeA&e=>,
>>  and their admin suggested finding a setting in SquirrelMail.
>> 
>> I have wforce running correctly with Dovecot, see 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PowerDNS_weakforced&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=JHN4LqGbDbscmG8Wjxa-jc2ZZUXmfl-1NIWeCBNYfTQ&e=.
>>  However, the IP logged is always of the SquirrelMail server or localhost. 
>> Is there e plugin or setting that I can change to get weakforced to 
>> correctly show the end user IP?
> 
> Well, I've had code sitting around for a while that implements RFC2971
> (ID command), so I just committed it.  You can use it for this purpose
> by putting something like this into your config/config_local.php
> 
> $imap_id_command_args = array('remote-host' => '###REMOTE ADDRESS###');
> 
> If you don't care about Dovecot's response in SquirrelMail and want to
> save a few CPU cycles, add this too:
> 
> $do_not_parse_imap_id_command_response = TRUE;
> 
> The code will show up in our next daily snapshot for 1.4.23 or get a
> patch here:
> 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_squirrelmail_code_14813_&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=ETlU011LA1MyPDbshefZFbr0bKcA1NUSe4MdnxK0Btg&e=
>  
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_squirrelmail_code_14813_&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=ETlU011LA1MyPDbshefZFbr0bKcA1NUSe4MdnxK0Btg&e=>


Thanks Paul! I tried the new code. Squirrelamil is definitely slower with these 
options added. And still no source IP of end user but perhaps there logs may 
shed a light? Or what should  auth_policy_server_url be?

auth_policy_server_url = http://localhost:8084/
auth_policy_server_url = http://0.0.0.0:8084/
auth_policy_server_url = https://ourdomain.edu:8084/


Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Making 
new connection 1 of 1 (0 connections exist, 0 pending)
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
(ex.te.rnal.ip:8084): Connecting
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
(ex.te.rnal.ip:8084): Waiting for connect (fd=20) to finish for max 0 msecs
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: HTTPS 
connection created (1 parallel connections exist)
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
(ex.te.rnal.ip:8084): Client connection failed (fd=20)
Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: 
Connection failed (1 connections exist, 0 pending)
Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084: Failed to 
make connection (1 connections exist, 0 pending)
Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Failed to 
establish any connection within our peer pool: connect(ex.te.rnal.ip:8084) 
failed: Connection refused (1 connections exist, 0 pending)
Apr 08 10:05:04 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Failed to set up connection to 
ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu): connect(ex.te.rnal.ip:8084) 
failed: Connection refused (1 peers pending, 1 requests pending)
Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): 
Peer reused
Apr 08 10:05:04 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Setting up connection to ex.te.rnal.ip:8084 
(SSL=our.squirrelmail.edu) (1 requests pending)
Apr 08 10:05:04 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Started new connection to ex.te.rnal.ip:8084 
(SSL=our.squirrelmail.edu)
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
Connection close
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
Connection disconnect
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
(ex.te.rnal.ip:8084): Disconnected: connect() failed: Connection refused (fd=20)
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
Detached peer
Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: 
Connection destroy
Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Creating 
1 new connections to handle requests (already 0 usable, connecting to 0, 
closing 0)
Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): 
Starting backoff timer for 6400 msecs
Apr 08 10:05:05 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Timeout (now: 2019-04-08 10:05:05.524)
Apr 08 10:05:05 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Absolute timeout expired for request [Req8: 
POST https://our.squirrelmail.edu:8084/?command=allow] (Request queued 2.001 
secs ago, not yet sent, 0.000 in other ioloops)
Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST 
https://our.squirrelmail.edu:8084/?command=allow]: Error: 9008 Absolute request 
timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in other 
ioloops)
Apr 08 10:05:05 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Dropping request [Req8: POST 
https://our.squirrelmail.edu:8084/?command=allow]
Apr 08 10:05:05 auth: Error: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): 
Policy server HTTP error: Absolute request timeout expired (Request queued 
2.001 secs ago, not yet sent, 0.000 in other ioloops)
Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): 
Policy check action is continue
Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): 
Policy request https://our.squirrelmail.edu:8084/?command=report
Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): 
Policy server request JSON: 
{"device_id":"","login":"unclroot","protocol":"imap","pwhash":"68","remote":"127.0.0.1","success":true,"policy_reject":false,"tls":false}
Apr 08 10:05:05 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Set request timeout to 2019-04-08 
10:05:07.524 (now: 2019-04-08 10:05:05.524)
Apr 08 10:05:05 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): 
Peer reused
Apr 08 10:05:05 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Setting up connection to ex.te.rnal.ip:8084 
(SSL=our.squirrelmail.edu) (1 requests pending)
Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req9: POST 
https://our.squirrelmail.edu:8084/?command=report]: Submitted (requests left=2)
Apr 08 10:05:05 auth: Debug: client passdb out: OK      1       user=unclroot   
Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST 
https://our.squirrelmail.edu:8084/?command=allow]: Destroy (requests left=2)
Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST 
https://our.squirrelmail.edu:8084/?command=allow]: Free (requests left=1)
Apr 08 10:05:05 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Creating 
1 new connections to handle requests (already 0 usable, connecting to 0, 
closing 0)
Apr 08 10:05:05 auth: Debug: master in: REQUEST 4244766721      26041   1       
e507a5089bb2db443c1ced790656ad44        session_pid=26113       
request_auth_token
Apr 08 10:05:05 auth-worker(26000): Debug: 
passwd(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): lookup
Apr 08 10:05:05 auth: Debug: master userdb out: USER    4244766721      
unclroot        system_groups_user=unclroot     uid=5842        gid=150 
home=/u/dsm/unclroot    auth_token=102274c1f3f40d3527e2603688200cf0edbeea9f
Apr 08 10:05:05 imap-login: Info: Login: user=<unclroot>, method=PLAIN, 
rip=127.0.0.1, lip=127.0.0.1, mpid=26113, secured, session=<xCiNUgWG8Ip/AAAB>
Apr 08 10:05:05 imap(unclroot)<26113><xCiNUgWG8Ip/AAAB>: Info: Logged out 
in=203 out=1777 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 
body_count=0 body_bytes=0
Apr 08 10:05:07 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Timeout (now: 2019-04-08 10:05:07.525)
Apr 08 10:05:07 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Absolute timeout expired for request [Req9: 
POST https://our.squirrelmail.edu:8084/?command=report] (Request queued 2.001 
secs ago, not yet sent, 0.000 in other ioloops)
Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST 
https://our.squirrelmail.edu:8084/?command=report]: Error: 9008 Absolute 
request timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in 
other ioloops)
Apr 08 10:05:07 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Dropping request [Req9: POST 
https://our.squirrelmail.edu:8084/?command=report]
Apr 08 10:05:07 auth: Error: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): 
Policy server HTTP error: Absolute request timeout expired (Request queued 
2.001 secs ago, not yet sent, 0.000 in other ioloops)
Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST 
https://our.squirrelmail.edu:8084/?command=report]: Destroy (requests left=1)
Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST 
https://our.squirrelmail.edu:8084/?command=report]: Free (requests left=0)


Apr 08 10:05:11 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): 
Backoff timer expired
Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Making 
new connection 1 of 1 (0 connections exist, 0 pending)
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
(ex.te.rnal.ip:8084): Connecting
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
(ex.te.rnal.ip:8084): Waiting for connect (fd=19) to finish for max 0 msecs
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: HTTPS 
connection created (1 parallel connections exist)
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
(ex.te.rnal.ip:8084): Client connection failed (fd=19)
Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: 
Connection failed (1 connections exist, 0 pending)
Apr 08 10:05:11 auth: Debug: http-client: peer ex.te.rnal.ip:8084: Failed to 
make connection (1 connections exist, 0 pending)
Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Failed to 
establish any connection within our peer pool: connect(ex.te.rnal.ip:8084) 
failed: Connection refused (1 connections exist, 0 pending)
Apr 08 10:05:11 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Failed to set up connection to 
ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu): connect(ex.te.rnal.ip:8084) 
failed: Connection refused (1 peers pending, 0 requests pending)
Apr 08 10:05:11 auth: Debug: http-client[1]: queue 
https://our.squirrelmail.edu:8084: Failed to set up any connection; failing all 
queued requests
Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Unlinked 
queue https://our.squirrelmail.edu:8084 (0 queues linked)
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
Connection close
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
Connection disconnect
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
(ex.te.rnal.ip:8084): Disconnected: connect() failed: Connection refused (fd=19)
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
Detached peer
Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: 
Connection destroy


-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): 
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Reply via email to