> On 2019年04月01日 08:30, Robert Kudyba wrote: >> squirrelmail-1.4.23-0.fc29.20180816.noarch, on Fedora 29.with >> dovecot-2.3.3-1.fc29.x86_64 >> >> I posted on the Dovecot mailing list, >> https://urldefense.proofpoint.com/v2/url?u=https-3A__dovecot.org_pipermail_dovecot_2019-2DMarch_115335.html&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=OzX1PznRcjkg17ckyO8YW0LrIrQ30cU2T_9Vz-7sYeA&e= >> >> <https://urldefense.proofpoint.com/v2/url?u=https-3A__dovecot.org_pipermail_dovecot_2019-2DMarch_115335.html&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=OzX1PznRcjkg17ckyO8YW0LrIrQ30cU2T_9Vz-7sYeA&e=>, >> and their admin suggested finding a setting in SquirrelMail. >> >> I have wforce running correctly with Dovecot, see >> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PowerDNS_weakforced&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=JHN4LqGbDbscmG8Wjxa-jc2ZZUXmfl-1NIWeCBNYfTQ&e=. >> However, the IP logged is always of the SquirrelMail server or localhost. >> Is there e plugin or setting that I can change to get weakforced to >> correctly show the end user IP? > > Well, I've had code sitting around for a while that implements RFC2971 > (ID command), so I just committed it. You can use it for this purpose > by putting something like this into your config/config_local.php > > $imap_id_command_args = array('remote-host' => '###REMOTE ADDRESS###'); > > If you don't care about Dovecot's response in SquirrelMail and want to > save a few CPU cycles, add this too: > > $do_not_parse_imap_id_command_response = TRUE; > > The code will show up in our next daily snapshot for 1.4.23 or get a > patch here: > > https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_squirrelmail_code_14813_&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=ETlU011LA1MyPDbshefZFbr0bKcA1NUSe4MdnxK0Btg&e= > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_squirrelmail_code_14813_&d=DwIDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=Bv9dq-idzM46f6V7QOlrUYrahxWhTUpJl-j6iq-4Zi0&s=ETlU011LA1MyPDbshefZFbr0bKcA1NUSe4MdnxK0Btg&e=>
Thanks Paul! I tried the new code. Squirrelamil is definitely slower with these options added. And still no source IP of end user but perhaps there logs may shed a light? Or what should auth_policy_server_url be? auth_policy_server_url = http://localhost:8084/ auth_policy_server_url = http://0.0.0.0:8084/ auth_policy_server_url = https://ourdomain.edu:8084/ Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Making new connection 1 of 1 (0 connections exist, 0 pending) Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: (ex.te.rnal.ip:8084): Connecting Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: (ex.te.rnal.ip:8084): Waiting for connect (fd=20) to finish for max 0 msecs Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: HTTPS connection created (1 parallel connections exist) Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: (ex.te.rnal.ip:8084): Client connection failed (fd=20) Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Connection failed (1 connections exist, 0 pending) Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084: Failed to make connection (1 connections exist, 0 pending) Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Failed to establish any connection within our peer pool: connect(ex.te.rnal.ip:8084) failed: Connection refused (1 connections exist, 0 pending) Apr 08 10:05:04 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Failed to set up connection to ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu): connect(ex.te.rnal.ip:8084) failed: Connection refused (1 peers pending, 1 requests pending) Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): Peer reused Apr 08 10:05:04 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Setting up connection to ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu) (1 requests pending) Apr 08 10:05:04 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Started new connection to ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu) Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: Connection close Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: Connection disconnect Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: (ex.te.rnal.ip:8084): Disconnected: connect() failed: Connection refused (fd=20) Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: Detached peer Apr 08 10:05:04 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [6]: Connection destroy Apr 08 10:05:04 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Creating 1 new connections to handle requests (already 0 usable, connecting to 0, closing 0) Apr 08 10:05:04 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): Starting backoff timer for 6400 msecs Apr 08 10:05:05 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Timeout (now: 2019-04-08 10:05:05.524) Apr 08 10:05:05 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Absolute timeout expired for request [Req8: POST https://our.squirrelmail.edu:8084/?command=allow] (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST https://our.squirrelmail.edu:8084/?command=allow]: Error: 9008 Absolute request timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:05 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Dropping request [Req8: POST https://our.squirrelmail.edu:8084/?command=allow] Apr 08 10:05:05 auth: Error: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): Policy server HTTP error: Absolute request timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): Policy check action is continue Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): Policy request https://our.squirrelmail.edu:8084/?command=report Apr 08 10:05:05 auth: Debug: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): Policy server request JSON: {"device_id":"","login":"unclroot","protocol":"imap","pwhash":"68","remote":"127.0.0.1","success":true,"policy_reject":false,"tls":false} Apr 08 10:05:05 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Set request timeout to 2019-04-08 10:05:07.524 (now: 2019-04-08 10:05:05.524) Apr 08 10:05:05 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): Peer reused Apr 08 10:05:05 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Setting up connection to ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu) (1 requests pending) Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req9: POST https://our.squirrelmail.edu:8084/?command=report]: Submitted (requests left=2) Apr 08 10:05:05 auth: Debug: client passdb out: OK 1 user=unclroot Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST https://our.squirrelmail.edu:8084/?command=allow]: Destroy (requests left=2) Apr 08 10:05:05 auth: Debug: http-client[1]: request [Req8: POST https://our.squirrelmail.edu:8084/?command=allow]: Free (requests left=1) Apr 08 10:05:05 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Creating 1 new connections to handle requests (already 0 usable, connecting to 0, closing 0) Apr 08 10:05:05 auth: Debug: master in: REQUEST 4244766721 26041 1 e507a5089bb2db443c1ced790656ad44 session_pid=26113 request_auth_token Apr 08 10:05:05 auth-worker(26000): Debug: passwd(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): lookup Apr 08 10:05:05 auth: Debug: master userdb out: USER 4244766721 unclroot system_groups_user=unclroot uid=5842 gid=150 home=/u/dsm/unclroot auth_token=102274c1f3f40d3527e2603688200cf0edbeea9f Apr 08 10:05:05 imap-login: Info: Login: user=<unclroot>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=26113, secured, session=<xCiNUgWG8Ip/AAAB> Apr 08 10:05:05 imap(unclroot)<26113><xCiNUgWG8Ip/AAAB>: Info: Logged out in=203 out=1777 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Apr 08 10:05:07 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Timeout (now: 2019-04-08 10:05:07.525) Apr 08 10:05:07 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Absolute timeout expired for request [Req9: POST https://our.squirrelmail.edu:8084/?command=report] (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST https://our.squirrelmail.edu:8084/?command=report]: Error: 9008 Absolute request timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:07 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Dropping request [Req9: POST https://our.squirrelmail.edu:8084/?command=report] Apr 08 10:05:07 auth: Error: policy(unclroot,127.0.0.1,<xCiNUgWG8Ip/AAAB>): Policy server HTTP error: Absolute request timeout expired (Request queued 2.001 secs ago, not yet sent, 0.000 in other ioloops) Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST https://our.squirrelmail.edu:8084/?command=report]: Destroy (requests left=1) Apr 08 10:05:07 auth: Debug: http-client[1]: request [Req9: POST https://our.squirrelmail.edu:8084/?command=report]: Free (requests left=0) Apr 08 10:05:11 auth: Debug: http-client: peer ex.te.rnal.ip:8084 (shared): Backoff timer expired Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Making new connection 1 of 1 (0 connections exist, 0 pending) Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: (ex.te.rnal.ip:8084): Connecting Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: (ex.te.rnal.ip:8084): Waiting for connect (fd=19) to finish for max 0 msecs Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: HTTPS connection created (1 parallel connections exist) Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: (ex.te.rnal.ip:8084): Client connection failed (fd=19) Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Connection failed (1 connections exist, 0 pending) Apr 08 10:05:11 auth: Debug: http-client: peer ex.te.rnal.ip:8084: Failed to make connection (1 connections exist, 0 pending) Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Failed to establish any connection within our peer pool: connect(ex.te.rnal.ip:8084) failed: Connection refused (1 connections exist, 0 pending) Apr 08 10:05:11 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Failed to set up connection to ex.te.rnal.ip:8084 (SSL=our.squirrelmail.edu): connect(ex.te.rnal.ip:8084) failed: Connection refused (1 peers pending, 0 requests pending) Apr 08 10:05:11 auth: Debug: http-client[1]: queue https://our.squirrelmail.edu:8084: Failed to set up any connection; failing all queued requests Apr 08 10:05:11 auth: Debug: http-client[1]: peer ex.te.rnal.ip:8084: Unlinked queue https://our.squirrelmail.edu:8084 (0 queues linked) Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: Connection close Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: Connection disconnect Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: (ex.te.rnal.ip:8084): Disconnected: connect() failed: Connection refused (fd=19) Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: Detached peer Apr 08 10:05:11 auth: Debug: http-client[1]: conn ex.te.rnal.ip:8084 [7]: Connection destroy ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@lists.sourceforge.net List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
