Sub OnHELO(oClient) progress?

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-08-13 16:38

katip wrote:
2024-08-13 16:36
RvdH wrote:
2024-08-11 20:44
katip wrote:
2024-08-11 17:41
@RvdH
5.7.0-B2643.11-OpenSSL-3.0.14-Experimental.7z
Just noticed it consumes high CPU.
Although Sunday (usage is min.) it hits upon start to 20% and stays there between 15-25%, not less.
Reverted back to non-Experimental 5.7.0-B2643.11-OpenSSL-3.0.14 and all is fine again (0-2%).
JFYI..
If it hits immediately on (re)start it is very unlikely it has anything to do with the change within the Experimental build.
We can ignore this, it came out that something irrelevant was the culprit. In fact, both non/experimental builds run fine.
Just to avoid misinformation...
Thanks.
Glad to hear...you got me worrying :lol:
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-08-15 14:41

I updated the Experimental releases once again with this commit, little to no change other then (in my opinion) improved password masking when AUTH PLAIN is used

Log will contain Base64 encoded string holding the actual values and format passed (incl authzid param if used) by the client which could be useful for troubleshooting... except obviously the password :wink:, eg:
Meaning in the log it will show like:

NULL delimited (Encoded)

Code: Select all

without authzid -> AHVzZXJuYW1lQGRvbWFpbi5jb20AKioq
with authzid -> dXNlcm5hbWVAZG9tYWluLmNvbQB1c2VybmFtZUBkb21haW4uY29tACoqKg==
TAB delimited (Encoded)

Code: Select all

without authzid -> CXVzZXJuYW1lQGRvbWFpbi5jb20JKioq
with authzid -> dXNlcm5hbWVAZG9tYWluLmNvbQl1c2VybmFtZUBkb21haW4uY29tCSoqKg==
From Base64

Which, when decoded, read like:

NULL delimited (Decoded)

Code: Select all

without authzid -> \0username@domain.com\0***
with authzid -> username@domain.com\0username@domain.com\0*** 
TAB delimited (Decoded)

Code: Select all

without authzid -> \tusername@domain.com\t***
with authzid -> username@domain.com\tusername@domain.com\t***
Unescape string, To Base64

Includes password masking when:
AUTH PLAIN is disabled and client send credentials anyway, this should not happen under normal circumstances
Or client (re)send credentials when not expected/accepted, eg: without first issuing AUTH PLAIN command

5.7.0 build contains the above for IMAP/SASL AUTHENTICATION PLAIN as well
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-08-15 22:44

Some Regression Test outputs

TestSMTPServerAuthPlain() [actual base64 input AE5vblNlY3JldFVzZXJAdGVzdC5jb20AU2VjcmV0UGFzc3dvcmQ=]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:30:43.711"	"Creating session 2914"
"TCPIP"	4116	"2024-08-15 22:30:43.711"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:30:43.712"	"TCP connection started for session 2913"
"SMTPD"	4116	2913	"2024-08-15 22:30:43.713"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	4320	2913	"2024-08-15 22:30:43.715"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	4320	2913	"2024-08-15 22:30:43.715"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"SMTPD"	4116	2913	"2024-08-15 22:30:43.725"	"127.0.0.1"	"RECEIVED: AUTH PLAIN"
"SMTPD"	4116	2913	"2024-08-15 22:30:43.725"	"127.0.0.1"	"SENT: 334 Log on"
"SMTPD"	4320	2913	"2024-08-15 22:30:43.726"	"127.0.0.1"	"RECEIVED: XDBOb25TZWNyZXRVc2VyQHRlc3QuY29tXDAqKio="
"SMTPD"	4320	2913	"2024-08-15 22:30:43.727"	"127.0.0.1"	"SENT: 535 Authentication failed. Restarting authentication process."
"SMTPD"	4320	2913	"2024-08-15 22:30:43.728"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	4320	2913	"2024-08-15 22:30:43.728"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	6888	"2024-08-15 22:30:43.728"	"Ending session 2913"
TestSMTPServerAuthPlainRFC4616() [actual base64 input Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbQBOb25TZWNyZXRVc2VyQHRlc3QuY29tAFNlY3JldFBhc3N3b3Jk]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:31:06.412"	"Creating session 2915"
"TCPIP"	4116	"2024-08-15 22:31:06.412"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:31:06.413"	"TCP connection started for session 2914"
"SMTPD"	4116	2914	"2024-08-15 22:31:06.413"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	6888	2914	"2024-08-15 22:31:06.415"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	6888	2914	"2024-08-15 22:31:06.415"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"SMTPD"	6888	2914	"2024-08-15 22:31:06.425"	"127.0.0.1"	"RECEIVED: AUTH PLAIN"
"SMTPD"	6888	2914	"2024-08-15 22:31:06.425"	"127.0.0.1"	"SENT: 334 Log on"
"SMTPD"	4116	2914	"2024-08-15 22:31:06.426"	"127.0.0.1"	"RECEIVED: Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwTm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwKioq"
"SMTPD"	4116	2914	"2024-08-15 22:31:06.427"	"127.0.0.1"	"SENT: 535 Authentication failed. Restarting authentication process."
"SMTPD"	4320	2914	"2024-08-15 22:31:06.428"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	4320	2914	"2024-08-15 22:31:06.428"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	4116	"2024-08-15 22:31:06.428"	"Ending session 2914"
TestSMTPServerAuthPlainSingleLine() [actual base64 input AE5vblNlY3JldFVzZXJAdGVzdC5jb20AU2VjcmV0UGFzc3dvcmQ=]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:31:34.369"	"Creating session 2916"
"TCPIP"	4116	"2024-08-15 22:31:34.369"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:31:34.370"	"TCP connection started for session 2915"
"SMTPD"	4116	2915	"2024-08-15 22:31:34.371"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	6888	2915	"2024-08-15 22:31:34.373"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	6888	2915	"2024-08-15 22:31:34.373"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"SMTPD"	4484	2915	"2024-08-15 22:31:34.384"	"127.0.0.1"	"RECEIVED: AUTH PLAIN XDBOb25TZWNyZXRVc2VyQHRlc3QuY29tXDAqKio="
"SMTPD"	4484	2915	"2024-08-15 22:31:34.385"	"127.0.0.1"	"SENT: 535 Authentication failed. Restarting authentication process."
"SMTPD"	4320	2915	"2024-08-15 22:31:34.386"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	4320	2915	"2024-08-15 22:31:34.386"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	6888	"2024-08-15 22:31:34.386"	"Ending session 2915"
TestSMTPServerAuthPlainSingleLineRFC4616() [actual base64 input Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbQBOb25TZWNyZXRVc2VyQHRlc3QuY29tAFNlY3JldFBhc3N3b3Jk]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:31:57.973"	"Creating session 2917"
"TCPIP"	4116	"2024-08-15 22:31:57.973"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:31:57.974"	"TCP connection started for session 2916"
"SMTPD"	4116	2916	"2024-08-15 22:31:57.975"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	6888	2916	"2024-08-15 22:31:57.976"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	6888	2916	"2024-08-15 22:31:57.977"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"SMTPD"	4320	2916	"2024-08-15 22:31:57.986"	"127.0.0.1"	"RECEIVED: AUTH PLAIN Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwTm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwKioq"
"SMTPD"	4320	2916	"2024-08-15 22:31:57.987"	"127.0.0.1"	"SENT: 535 Authentication failed. Restarting authentication process."
"SMTPD"	4116	2916	"2024-08-15 22:31:57.988"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	4116	2916	"2024-08-15 22:31:57.988"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	6888	"2024-08-15 22:31:57.989"	"Ending session 2916"
TestSMTPServerAuthPlainInvalidCommand() [actual base64 input Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbQBOb25TZWNyZXRVc2VyQHRlc3QuY29tAFNlY3JldFBhc3N3b3Jk]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:32:25.758"	"Creating session 2918"
"TCPIP"	4116	"2024-08-15 22:32:25.758"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:32:25.760"	"TCP connection started for session 2917"
"SMTPD"	4116	2917	"2024-08-15 22:32:25.760"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	6888	2917	"2024-08-15 22:32:25.762"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	6888	2917	"2024-08-15 22:32:25.763"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN[nl]250 HELP"
"SMTPD"	4320	2917	"2024-08-15 22:32:25.764"	"127.0.0.1"	"RECEIVED: Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwTm9uU2VjcmV0VXNlckB0ZXN0LmNvbVwwKioq"
"SMTPD"	4320	2917	"2024-08-15 22:32:25.773"	"127.0.0.1"	"SENT: 503 Bad sequence of commands"
"SMTPD"	6888	2917	"2024-08-15 22:32:25.775"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	6888	2917	"2024-08-15 22:32:25.775"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	4116	"2024-08-15 22:32:25.775"	"Ending session 2917"
TestSMTPServerAuthPlainDisabledTabDelimitedInvalidCommand() [actual base64 input Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbQlOb25TZWNyZXRVc2VyQHRlc3QuY29tCVNlY3JldFBhc3N3b3Jk]

Code: Select all

"DEBUG"	4116	"2024-08-15 22:32:53.468"	"Creating session 2919"
"TCPIP"	4116	"2024-08-15 22:32:53.469"	"TCP - 127.0.0.1 connected to 127.0.0.1:25."
"DEBUG"	4116	"2024-08-15 22:32:53.470"	"TCP connection started for session 2918"
"SMTPD"	4116	2918	"2024-08-15 22:32:53.470"	"127.0.0.1"	"SENT: 220 HOWDYHO ESMTP"
"SMTPD"	6888	2918	"2024-08-15 22:32:53.472"	"127.0.0.1"	"RECEIVED: EHLO test.com"
"SMTPD"	6888	2918	"2024-08-15 22:32:53.473"	"127.0.0.1"	"SENT: 250-examplify.com[nl]250-SIZE 20971520[nl]250-AUTH LOGIN[nl]250 HELP"
"SMTPD"	6888	2918	"2024-08-15 22:32:53.473"	"127.0.0.1"	"RECEIVED: AUTH PLAIN"
"SMTPD"	6888	2918	"2024-08-15 22:32:53.484"	"127.0.0.1"	"SENT: 504 Authentication mechanism not supported."
"SMTPD"	4484	2918	"2024-08-15 22:32:53.485"	"127.0.0.1"	"RECEIVED: Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbVx0Tm9uU2VjcmV0VXNlckB0ZXN0LmNvbVx0Kioq"
"SMTPD"	4484	2918	"2024-08-15 22:32:53.485"	"127.0.0.1"	"SENT: 503 Bad sequence of commands"
"SMTPD"	4320	2918	"2024-08-15 22:32:53.486"	"127.0.0.1"	"RECEIVED: QUIT"
"SMTPD"	4320	2918	"2024-08-15 22:32:53.487"	"127.0.0.1"	"SENT: 221 goodbye"
"DEBUG"	4116	"2024-08-15 22:32:53.487"	"Ending session 2918"
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-09-21 07:37

Hi RvdH,

What happened to the openssl 3.0.x versions of the hmailserver releases on https://d-fault.nl/files/hMailServer-Builds?

Like 5.6.9-B2641.68-OpenSSL-3.0.14.7z.

What I see right now related to this is:
  • 5.6.9-B2641.68.7z
  • 5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-09-21 10:04

I also am using a webmail server called roundcube. It has a plugin named dovecot_ident to send the http header x-originating-ip as the original ip address that connected to the web server, when connecting to the imap and smtp server.

Is it possible to add this feature to the imap and smtp server in hmailserver?

I'd expect it to work like this:

1. Modify in the hmailserver administrator or hmail.ini file to allow a list of ip addresses and ip address/subnet
2. When one of them is trying to connect, check the x-originating-ip value and use it for logging, autoban, etc, instead of the connecting ip address

The dovecot imap server has this feature. I'd also like it if we could run hmailserver behind a proxy server like haproxy.

Apache has this feature through a module called remoteip. You then set these values:

Code: Select all

RemoteIPHeader X-Forwarded-For
# replace IP with the remote server you trust
RemoteIPInternalProxy 192.168.0.1/32 192.168.1.0/24
And all the logs as well as any ip address restriction or allowing features will then check the http header specified, instead of the connecting ip address if it is coming from the proxy server ip address specified.

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-09-21 10:07

carlatpg99 wrote:
2024-09-21 07:37
Hi RvdH,

What happened to the openssl 3.0.x versions of the hmailserver releases on https://d-fault.nl/files/hMailServer-Builds?

Like 5.6.9-B2641.68-OpenSSL-3.0.14.7z.

What I see right now related to this is:
  • 5.6.9-B2641.68.7z
  • 5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z
5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z ?
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-09-24 06:31

RvdH wrote:
2024-09-21 10:07
carlatpg99 wrote:
2024-09-21 07:37
Hi RvdH,

What happened to the openssl 3.0.x versions of the hmailserver releases on https://d-fault.nl/files/hMailServer-Builds?

Like 5.6.9-B2641.68-OpenSSL-3.0.14.7z.

What I see right now related to this is:
  • 5.6.9-B2641.68.7z
  • 5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z
5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z ?
The file 5.6.9-B2641.72-OpenSSL-3.0.15-Experimental.7z is for build 72, where did build 68 with openssl 3.0.15?

I expect a file named: 5.6.9-B2641.68-OpenSSL-3.0.15.7z

gotspatel
Senior user
Senior user
Posts: 421
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2024-09-24 06:38

carlatpg99 wrote:
2024-09-21 07:37

I expect a file named
you DON'T EXPECT a FILE NAME, the File Names are sequential builds and you will always get the latest build at the location.

:D

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-09-25 10:38

I only saw 68 was the latest release. Nothing after that. I don't know what changes were in 69-72 builds as there wasn't a post about it.

gotspatel
Senior user
Senior user
Posts: 421
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2024-09-25 10:43

carlatpg99 wrote:
2024-09-25 10:38
I only saw 68 was the latest release. Nothing after that. I don't know what changes were in 69-72 builds as there wasn't a post about it.
changes you can lookup in here

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-09-25 11:27

gotspatel wrote:
2024-09-25 10:43
carlatpg99 wrote:
2024-09-25 10:38
I only saw 68 was the latest release. Nothing after that. I don't know what changes were in 69-72 builds as there wasn't a post about it.
changes you can lookup in here
thank you.

carlatpg99
New user
New user
Posts: 28
Joined: 2022-08-16 20:53

Re: Sub OnHELO(oClient) progress?

Post by carlatpg99 » 2024-10-05 03:36

Hi RvdH,

can you add this feature to hMailServer that DoveCot IMAP server has, that this roundcube plugin works with?

https://packagist.org/packages/takeruko ... _client_ip

It would also be nice if it also worked with the hMailServer SMTP server, if the SMTP Protocol supports such a feature.

The way it works is that when the IMAP server is connected to, roundcube for IMAP sends the ident command that indicates the originating ip address. And on hMailServer, it would have a setting that if it's from a specific ip address, it uses the ip address from the ident command instead for the logs as well as the ban feature.

And if their ip addresses is one of the ip addresses that is banned, it disconnects them.

And scripts could make use of it using the variable oClient.IPAddress.

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-10-17 18:35

Got 2 new experimental builds (5.6.9-B2641.74/5.7.0-B2643.17) out that might interest IOS (18.x) users, full credits for these go out to Rado

New in these: Rado says the first fix fixes, eg: eliminates crashing of hmailserver against IOS (18.x) clients, the second fix isn't something most would have noticed in normal usage, hence even myself only stumbled against that issue by accident explained in issue 459

https://d-fault.nl/files/hMailServer-Builds

Please report results, especially on the IOS issue :!:
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

vidiot
New user
New user
Posts: 19
Joined: 2015-03-16 21:18

Re: Sub OnHELO(oClient) progress?

Post by vidiot » 2024-10-17 19:37

Many thanks @RvdH and Rado! I have installed 5.6.9 B2641.74 and am looking for crash dumps and errors.

infohmail
New user
New user
Posts: 19
Joined: 2015-03-11 14:47

Re: Sub OnHELO(oClient) progress?

Post by infohmail » 2024-10-18 10:49

Great news! I'll try it right away. Thank you @RvdH and Rado

vidiot
New user
New user
Posts: 19
Joined: 2015-03-16 21:18

Re: Sub OnHELO(oClient) progress?

Post by vidiot » 2024-10-18 14:30

All seems fine with this build! Thanks to everyone involved!

infohmail
New user
New user
Posts: 19
Joined: 2015-03-11 14:47

Re: Sub OnHELO(oClient) progress?

Post by infohmail » 2024-10-18 15:17

No issue at the moment! Finger cross. THANK YOU! Do you have a "buy me a coffee?" :D

User avatar
katip
Senior user
Senior user
Posts: 1209
Joined: 2006-12-22 07:58
Location: Istanbul

Re: Sub OnHELO(oClient) progress?

Post by katip » 2024-10-18 15:45

RvdH wrote:
2024-10-17 18:35
Please report results, especially on the IOS issue :!:
It's been 8 hours with 2641.74 on 2 sites. Not a single IMAP error logged till now (should be many hundreds). Looks like success, thank you!
Katip
--
HMS 5.7, MariaDB 10.4.10, SA 4.0.0, ClamAV 0.103.8

gotspatel
Senior user
Senior user
Posts: 421
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2024-10-19 12:39

RvdH wrote:
2024-10-17 18:35

Please report results, especially on the IOS issue :!:
Been running since 24 Hours now, no complaints and no IMAP Errors :D

Thanks RADO for the find
Thanks @RvdH a lot for validation and Build

Regards

hunterius
New user
New user
Posts: 3
Joined: 2012-03-22 12:51

Re: Sub OnHELO(oClient) progress?

Post by hunterius » 2024-10-19 20:32

I've discovered that I have valid user account here for more than 12 years :shock:
Since I have at my disposition some ( small) dev capacity , we don't want to let hmailserver die, and I am willing to help, with what is in my powers ( of course).
It would be really helpful if there would be regularly updated list of required fixes or requested features with voting ability.
I don't have "big picture" here, and I don't want to focus only on what is important for me, as that it is already fixed.
As we fixed regular crashes for IOS users , what left for as the biggest pain in the ass is server certificate management, but I can live with that. Also server admin app is somehow "old school" ....but hey ...again , it is working.

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-10-19 21:20

I am a bit surprised i got no complaints as i today found out 5.6.9-B2641.74 was (accidentally) build against OpenSSL 1.1.1w and not OpenSSL 3.0.15 as it should as i changed that last week to try to assist hunterius (aka Rado) to build 5.6.9.

Which can only mean everyone still has the old OpenSSL libs in bin directory as well, right? I guess i should have had error/issues/complaints reported here otherwise...
Anyway, just updated/refreshed the download for 5.6.9-B2641.74 now correctly build against OpenSSL 3.0.15, please re- download/apply
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-10-19 21:38

hunterius wrote:
2024-10-19 20:32
It would be really helpful if there would be regularly updated list of required fixes or requested features with voting ability.
viewforum.php?f=2 (although not updated lately)
hunterius wrote:
2024-10-19 20:32
what left for as the biggest pain in the ass is server certificate management, but I can live with that.
Certificate management troublesome? How so? I created a single win-acme (LetsEncrypt) task/certificate years ago and havent had to look at it since (it is updated automatically)

Or do you mean independent (client) certificates for every single domain hosted within hmailserver?
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
katip
Senior user
Senior user
Posts: 1209
Joined: 2006-12-22 07:58
Location: Istanbul

Re: Sub OnHELO(oClient) progress?

Post by katip » 2024-10-20 06:29

RvdH wrote:
2024-10-19 21:20
Anyway, just updated/refreshed the download for 5.6.9-B2641.74 now correctly build against OpenSSL 3.0.15, please re- download/apply
ok, done.
i understand that 5.7.0-B2643.17 is/was with correct OpenSSL, right?
Katip
--
HMS 5.7, MariaDB 10.4.10, SA 4.0.0, ClamAV 0.103.8

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-10-20 08:29

katip wrote:
2024-10-20 06:29
RvdH wrote:
2024-10-19 21:20
Anyway, just updated/refreshed the download for 5.6.9-B2641.74 now correctly build against OpenSSL 3.0.15, please re- download/apply
ok, done.
i understand that 5.7.0-B2643.17 is/was with correct OpenSSL, right?
✅
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

Stray_Bullet
New user
New user
Posts: 8
Joined: 2006-01-05 21:49

Re: Sub OnHELO(oClient) progress?

Post by Stray_Bullet » 2024-11-01 20:08

So I have been using this "5.7.0-B2643.17-OpenSSL-3.0.15-Experimental". Everything has been great. Check my log today and see this error.

Code: Select all

"ERROR"	80164	"2024-11-01 12:34:01.400"	"Severity: 3 (Medium), Code: HM5015, Source: PropertySet::GetProperty_(), Description: The property ImapMasterUser could not be found."
Couldn't find anything about this error. Any insight? Thanks & thank you for everything you guys do around here.

palinka
Senior user
Senior user
Posts: 4754
Joined: 2017-09-12 17:57

Re: Sub OnHELO(oClient) progress?

Post by palinka » 2024-11-02 07:55

Stray_Bullet wrote:
2024-11-01 20:08
So I have been using this "5.7.0-B2643.17-OpenSSL-3.0.15-Experimental". Everything has been great. Check my log today and see this error.

Code: Select all

"ERROR"	80164	"2024-11-01 12:34:01.400"	"Severity: 3 (Medium), Code: HM5015, Source: PropertySet::GetProperty_(), Description: The property ImapMasterUser could not be found."
Couldn't find anything about this error. Any insight? Thanks & thank you for everything you guys do around here.
Settings > protocols > IMAP > advanced tab > you have SASL checked? Uncheck it or enter IMAP master user.

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-11-02 15:24

Stray_Bullet wrote:
2024-11-01 20:08
So I have been using this "5.7.0-B2643.17-OpenSSL-3.0.15-Experimental". Everything has been great. Check my log today and see this error.

Code: Select all

"ERROR"	80164	"2024-11-01 12:34:01.400"	"Severity: 3 (Medium), Code: HM5015, Source: PropertySet::GetProperty_(), Description: The property ImapMasterUser could not be found."
Couldn't find anything about this error. Any insight? Thanks & thank you for everything you guys do around here.
In what context you get that error?
The normal IMAP response would be "BAD No master user defined." if it left empty, never seen that specific error, but by the looks of it the 'ImapMasterUser' value is missing in the 'Settings' database table, what (upgrade) path did you follow? 5.6 to 5.7/ Or straight to 5.7?
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

Stray_Bullet
New user
New user
Posts: 8
Joined: 2006-01-05 21:49

Re: Sub OnHELO(oClient) progress?

Post by Stray_Bullet » 2024-11-03 09:35

palinka wrote:
2024-11-02 07:55
Settings > protocols > IMAP > advanced tab > you have SASL checked? Uncheck it or enter IMAP master user.
SASL is not checked & IMAP master user is empty. (What is an IMAP master user?)
RvdH wrote:
2024-11-02 15:24
In what context you get that error?
The normal IMAP response would be "BAD No master user defined." if it left empty, never seen that specific error, but by the looks of it the 'ImapMasterUser' value is missing in the 'Settings' database table, what (upgrade) path did you follow? 5.6 to 5.7/ Or straight to 5.7?
I'm not sure how the error came about, I upgraded 5.6 to 5.7. Following palinka's instructions, SASL is not checked & IMAP master user is blank. After looking there, I got this error again.

Code: Select all

"ERROR"	21416	"2024-11-03 02:28:12.589"	"Severity: 3 (Medium), Code: HM5015, Source: PropertySet::GetProperty_(), Description: The property ImapMasterUser could not be found."
That setting does appear to be missing in the database table. I created it with this.

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) values ('ImapMasterUser', '', 0);
Last edited by Stray_Bullet on 2024-11-03 09:49, edited 2 times in total.

User avatar
RvdH
Senior user
Senior user
Posts: 3561
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2024-11-03 09:40

Database type?
Please check if you have these settings in database (this is for mysql/mariadb), in hm_settings (should be somewhere around the bottom)

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) values ('ImapMasterUser', '', 0);
insert into hm_settings (settingname, settingstring, settinginteger) values ('EnableImapSASLPlain', '', 0);
insert into hm_settings (settingname, settingstring, settinginteger) values ('EnableImapSASLInitialResponse', '', 0);
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

Stray_Bullet
New user
New user
Posts: 8
Joined: 2006-01-05 21:49

Re: Sub OnHELO(oClient) progress?

Post by Stray_Bullet » 2024-11-03 09:47

RvdH wrote:
2024-11-03 09:40
Database type?
Please check if you have these settings in database (this is for mysql/mariadb), in hm_settings (should be somewhere around the bottom)

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) values ('ImapMasterUser', '', 0);
insert into hm_settings (settingname, settingstring, settinginteger) values ('EnableImapSASLPlain', '', 0);
insert into hm_settings (settingname, settingstring, settinginteger) values ('EnableImapSASLInitialResponse', '', 0);
My database is mySQL. Weird I have the other two, just didn't have ImapMasterUser in the database. Thank you so much!

User avatar
Conzi
Normal user
Normal user
Posts: 153
Joined: 2006-02-24 14:44
Location: Varese, Italy

Re: Sub OnHELO(oClient) progress?

Post by Conzi » 2024-11-21 18:42

RvdH wrote:
2024-10-17 18:35

Please report results, especially on the IOS issue :!:

no more errors since two weeks
great work!

ralfik
New user
New user
Posts: 12
Joined: 2007-12-16 02:41

Re: Sub OnHELO(oClient) progress?

Post by ralfik » 2024-12-06 13:34

Just a suggestion for a minor improvement, somehow I've been missing the option to save a note on the user card for a long time. :idea:

Post Reply