Здраствуйте, недавно поднял сервер в связке Exim + courier-imap + authlib. Все вроде какбы работает нормально, почта отправляется и доставляется, но при авторизации через мэйл клиент (The Bat, Outlook Express другие не пробовал) время авторизации длиться в течении 120 (бывает чуть меньше или чуть больше но разбег не более 2-3 секунд) секунд после этого захожу в лог maillog и вижу такие строчки:Apr 28 08:28:28 main pop3d: LOGIN, user=test@test.ru, ip=[192.168.3.40], port=[64042]
Apr 28 08:30:30 main pop3d: LOGOUT, user=test@test.ru, ip=[192.168.3.40], port=[64042], top=0, retr=353123, rcvd=204, sent=380225, time=122параметр time равняется такому же значению что и время автоизации.
Бьюсь уже с этим долго и не могу понять в чём дело, в конфигах ничего отвечающего за это значение не нашёл, но конфиги копированы с другого сервера один в один, на котором всё замечательно работает без каких либо глюков. Может кто то встречался такой траблой и знает как её можно решить, очень прошу помочь.
Заранее спасибо.
PS. Если потребуется какой либо конфиг, могу скинуть.
Давай конфиг.
Буду думать.
>Давай конфиг.
>Буду думать.Воть конфиг самого Exim'a:
# $Cambridge: exim/exim-src/src/configure.default,v 1.3 2005/05/10 14:48:07 ph10 Exp $
######################################################################
# MAIN CONFIGURATION SETTINGS #
####################################################################### Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name. In many cases this does
# the right thing and you need not set anything explicitly.
#sendmail_submit_enable = NO
primary_hostname =mail.test.ru
# The next three settings create two lists of domains and one list of hosts.
# These lists are referred to later in this configuration using the syntax
# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
# are all colon-separated lists:domainlist local_domains = ${lookup mysql{SELECT domain from domains where domain='${domain}' and (type='LOCAL' or type='VIRTUAL')}}
domainlist relay_to_domains =${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}}
hostlist relay_from_hosts = localhost# Most straightforward access control requirements can be obtained by
# appropriate settings of the above options. In more complicated situations, you
# may need to modify the Access Control List (ACL) which appears later in this
# file.# The first setting specifies your local domains, for example:
#
# domainlist local_domains = my.first.domain : my.second.domain
#
# You can use "@" to mean "the name of the local host", as in the default
# setting above. This is the name that is specified by primary_hostname,
# as specified above (or defaulted). If you do not want to do any local
# deliveries, remove the "@" from the setting above. If you want to accept mail
# addressed to your host's literal IP address, for example, mail addressed to
# "user@[192.168.23.44]", you can add "@[]" as an item in the local domains
# list. You also need to uncomment "allow_domain_literals" below. This is not
# recommended for today's Internet.# The second setting specifies domains for which your host is an incoming relay.
# If you are not doing any relaying, you should leave the list empty. However,
# if your host is an MX backup or gateway of some kind for some domains, you
# must set relay_to_domains to match those domains. For example:
#
# domainlist relay_to_domains = *.myco.com : my.friend.org
#
# This will allow any host to relay through your host to those domains.
# See the section of the manual entitled "Control of relaying" for more
# information.# The third setting specifies hosts that can use your host as an outgoing relay
# to any other host on the Internet. Such a setting commonly refers to a
# complete local network as well as the localhost. For example:
#
# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
#
# The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
# have to include 127.0.0.1 if you want to allow processes on your host to send
# SMTP mail by using the loopback address. A number of MUAs use this method of
# sending mail.# All three of these lists may contain many different kinds of item, including
# wildcarded names, regular expressions, and file lookups. See the reference
# manual for details. The lists above are used in the access control lists for
# checking incoming messages. The names of these ACLs are defined here:acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data# You should not change those settings until you understand how ACLs work.
# If you are running a version of Exim that was compiled with the content-
# scanning extension, you can cause incoming messages to be automatically
# scanned for viruses. You have to modify the configuration in two places to
# set this up. The first of them is here, where you define the interface to
# your scanner. This example is typical for ClamAV; see the manual for details
# of what to set for other virus scanners. The second modification is in the
# acl_check_data access control list (see below).#av_scanner = clamd:/var/run/clamav/clamd
# For spam scanning, there is a similar option that defines the interface to
# SpamAssassin. You do not need to set this if you are using the default, which
# is shown in this commented example. As for virus scanning, you must also
# modify the acl_check_data access control list to enable spam scanning.
#spamd_address = 127.0.0.1 783
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.example" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the recipient_unqualified_hosts option if you want to permit
# unqualified addresses from remote sources. If this option is not set, the
# primary_hostname value is used for qualification.# qualify_domain =
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.# qualify_recipient =
# The following line must be uncommented if you want Exim to recognize
# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
# (an IP address) instead of a named domain. The RFCs still require this form,
# but it makes little sense to permit mail to be sent to specific hosts by
# their IP address in the modern Internet. This ancient format has been used
# by those seeking to abuse hosts by using them for unwanted relaying. If you
# really do want to support domain literals, uncomment the following line, and
# see also the "domain_literal" router below.allow_domain_literals = false
# No deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so causes a panic error to be logged, and
# the delivery to be deferred. This is a paranoic safety catch. There is an
# even stronger safety catch in the form of the FIXED_NEVER_USERS setting
# in the configuration for building Exim. The list of users that it specifies
# is built into the binary, and cannot be changed. The option below just adds
# additional users to the list. The default for FIXED_NEVER_USERS is "root",
# but just to be absolutely sure, the default here is also "root".# Note that the default setting means you cannot deliver mail addressed to root
# as if it were a normal user. This isn't usually a problem, as most sites have
# an alias for root that redirects such mail to a human administrator.exim_user = mailnull
exim_group = mail
never_users = root:daemon:bin# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.host_lookup = *
# The settings below, which are actually the same as the defaults in the
# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
# calls. You can limit the hosts to which these calls are made, and/or change
# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
# are disabled. RFC 1413 calls are cheap and can provide useful information
# for tracing problem messages, but some hosts and firewalls have problems
# with them. This can result in a timeout instead of an immediate refused
# connection, leading to delays on starting up an SMTP session.rfc1413_hosts = *
rfc1413_query_timeout = 0s
# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# sender_unqualified_hosts =
# recipient_unqualified_hosts =
#
# to control sender and recipient addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).
# If you want Exim to support the "percent hack" for certain domains,
# uncomment the following line and provide a list of domains. The "percent
# hack" is the feature by which mail addressed to x%y@z (where z is one of
# the domains listed) is locally rerouted to x@y and sent on. If z is not one
# of the "percent hack" domains, x%y is treated as an ordinary local part. This
# hack is rarely needed nowadays; you should not enable it unless you are sure
# that you really need it.
#
# percent_hack_domains =
#
# As well as setting this option you will also need to remove the test
# for local parts containing % in the ACL definition below.
# When Exim can neither deliver a message nor return it to sender, it "freezes"
# the delivery error message (aka "bounce message"). There are also other
# circumstances in which messages get frozen. They will stay on the queue for
# ever unless one of the following options is set.# This option unfreezes frozen bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.ignore_bounce_errors_after = 3d
# This option cancels (removes) frozen messages that are older than a week.
timeout_frozen_after = 3d
freeze_tell = postmaster
auto_thaw = 1h
message_size_limit = 30M
smtp_accept_max=50
smtp_accept_max_per_connection = 50
smtp_connect_backlog= 50
smtp_accept_max_per_host = 25
split_spool_directory = true
remote_max_parallel = 15
hide mysql_servers = localhost/mail/mail/*test*######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################begin acl
# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.acl_check_rcpt:
accept hosts = :
deny local_parts =^.*[@%!/|] : ^\\.
accept local_parts = postmaster
domains = +local_domains
require verify = sender
deny message = host is listed in $dnslist_domain
dnslists = 111.111.111.111
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_data:
# warn message = X-Spam-Score: $spam_score ($spam_bar)
# hosts = !+relay_from_hosts
# spam = nobody:true
# warn message = X-Spam-Report: $spam_report
# hosts = !+relay_from_hosts
# spam = nobody:true
# warn message = Subject: ***SPAM*** $h_Subject:
# hosts = !+relay_from_hosts
# spam = nobody
# deny message = This message scored $spam_score spam points.
# spam = nobody:true
# hosts = !+relay_from_hosts
# condition = ${if >{$spam_score_int}{120}{1}{0}}# deny message = Go Away! Eat Your Spam Self!
# condition = ${if match{$message_body} \
# {105[-_]*51[-_]*86|778[-_]*98[-_]*94} \
# {yes}{no}}
accept
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases WHERE local_part='${local_part}' AND domain='${domain}'}}
userforward:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM userforward WHERE local_part='${local_part}' AND domain='${domain}'}}
mysqluser:
driver = accept
condition = ${if eq{}{${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}}
transport = mysql_delivery######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
####################################################################### A transport is used only when referenced from a router that successfully
# handles an address.begin transports
# This transport is used for delivering messages over SMTP connections.remote_smtp:
driver = smtp
mysql_delivery:
driver = appendfile
check_string = ""
create_directory
delivery_date_add
directory = ${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}'}}
directory_mode = 777
envelope_to_add
group = mail
maildir_format
maildir_tag = ,S=$message_size
message_prefix = ""
message_suffix = ""
mode = 0777
quota = ${lookup mysql{SELECT quota FROM users WHERE id='${local_part}' AND mbox_host='${domain}'}{${value}M}}
quota_size_regex = S=(\d+)$
quota_warn_threshold = 75%
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.# Address or Domain Error Retries
# ----------------- ----- -------* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
####################################################################### There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
####################################################################### There are no authenticator specifications in this default configuration file.
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT id FROM users WHERE id = '${quote_mysql:${local_part:$2}}' AND mbox_host = '${quote_mysql:${domain:$2}}' AND passwd = '${quote_mysql:$3}' AND active = 'Y'}{yes}{no}}
server_prompts = :
server_set_id = $2
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT id FROM users WHERE id = '${quote_mysql:${local_part:$1}}' AND mbox_host = '${quote_mysql:${domain:$1}}' AND passwd = '${quote_mysql:$2}' AND active = 'Y'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $1
#auth_cram_md5:
# driver = cram_md5
# public_name = CRAM-MD5
# server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id = '${quote_mysql:${local_part:$1}}' AND mbox_host = '${quote_mysql:${domain:$1}}' AND active = 'Y'}{$value}fail}
#server_set_id = $1######################################################################
# CONFIGURATION FOR local_scan() #
####################################################################### If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.# begin local_scan
Конфиг imapd:##NAME: ADDRESS:0
#
# Address to listen on, can be set to a single IP address.
#
# ADDRESS=127.0.0.1ADDRESS=0
##NAME: PORT:1
#
# Port numbers that connections are accepted on. The default is 143,
# the standard IMAP port.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possible to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The previous ADDRESS setting is a default for ports that do not have
# a specified IP address.PORT=143
##NAME: AUTHSERVICE:0
#
# It's possible to authenticate using a different 'service' parameter
# depending on the connection's port. This only works with authentication
# modules that use the 'service' parameter, such as PAM. Example:
#
# AUTHSERVICE143=imap
# AUTHSERVICE993=imaps##NAME: MAXDAEMONS:0
#
# Maximum number of IMAP servers started
#MAXDAEMONS=40
##NAME: MAXPERIP:0
#
# Maximum number of connections to accept from the same IP addressMAXPERIP=4
##NAME: PIDFILE:0
#
# File where couriertcpd will save its process ID
#PIDFILE=/var/run/imapd.pid
##NAME: TCPDOPTS:0
#
# Miscellaneous couriertcpd options that shouldn't be changed.
#TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options.
#LOGGEROPTS="-name=imapd"
##NAME: DEFDOMAIN:0
#
# Optional default domain. If the username does not contain the
# first character of DEFDOMAIN, then it is appended to the username.
# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended
# only if the username does not contain any character from DOMAINSEP.
# You can set different default domains based on the the interface IP
# address using the -access and -accesslocal options of couriertcpd(1).#DEFDOMAIN="@example.com"
##NAME: IMAP_CAPABILITY:1
#
# IMAP_CAPABILITY specifies what most of the response should be to the
# CAPABILITY command.
#
# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or
# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows:
#
# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
#IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
##NAME: KEYWORDS_CAPABILITY:0
#
# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to
# disable custom keywords.IMAP_KEYWORDS=1
##NAME: ACL_CAPABILITY:0
#
# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to
# disable ACL capabilities announce.IMAP_ACL=1
##NAME: SMAP1_CAPABILITY:0
#
# EXPERIMENTAL
#
# To enable the experimental "Simple Mail Access Protocol" extensions,
# uncomment the following setting.
#
# SMAP_CAPABILITY=SMAP1##NAME: IMAP_CAPABILITY_ORIG:2
#
# For use by webadminIMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
##NAME: IMAP_PROXY:0
#
# Enable proxying. See README.proxyIMAP_PROXY=0
##NAME: PROXY_HOSTNAME:0
#
# Override value from gethostname() when checking if a proxy connection is
# required.
#
# PROXY_HOSTNAME=##NAME: IMAP_PROXY_FOREIGN:0
#
# Proxying to non-Courier servers. Re-sends the CAPABILITY command after
# logging in to the remote server. May not work with all IMAP clients.IMAP_PROXY_FOREIGN=0
##NAME: IMAP_IDLE_TIMEOUT:0
#
# This setting controls how often
# the server polls for changes to the folder, in IDLE mode (in seconds).IMAP_IDLE_TIMEOUT=60
##NAME: IMAP_CAPABILITY_TLS:0
#
# The following setting will advertise SASL PLAIN authentication after
# STARTTLS is established. If you want to allow SASL PLAIN authentication
# with or without TLS then just comment this out, and add AUTH=PLAIN to
# IMAP_CAPABILITYIMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"
##NAME: IMAP_TLS_ORIG:0
#
# For use by webadminIMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"
##NAME: IMAP_DISABLETHREADSORT:0
#
# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands -
# server side sorting and threading.
#
# Those capabilities will still be advertised, but the server will reject
# them. Set this option if you want to disable all the extra load from
# server-side threading and sorting. Not advertising those capabilities
# will simply result in the clients reading the entire folder, and sorting
# it on the client side. That will still put some load on the server.
# advertising these capabilities, but rejecting the commands, will stop this
# silliness.
#IMAP_DISABLETHREADSORT=0
##NAME: IMAP_CHECK_ALL_FOLDERS:0
#
# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new
# mail in every folder. Not all IMAP clients use the IMAP's new mail
# indicator, but some do. Normally new mail is checked only in INBOX,
# because it is a comparatively time consuming operation, and it would be
# a complete waste of time unless mail filters are used to deliver
# mail directly to folders.
#
# When IMAP clients are used which support new mail indication, and when
# mail filters are used to sort incoming mail into folders, setting
# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new
# mail in folders. Note that this will result in slightly more load on the
# server.
#IMAP_CHECK_ALL_FOLDERS=0
##NAME: IMAP_OBSOLETE_CLIENT:0
#
# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean
# what \\HasNoChildren really means.IMAP_OBSOLETE_CLIENT=0
##NAME: IMAP_UMASK:0
#
# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is
# simply passed to the "umask" command. The default value is 022.
#
# This feature is mostly useful for shared folders, where the file permissions
# of the messages may be important.IMAP_UMASK=022
##NAME: IMAP_ULIMITD:0
#
# IMAP_ULIMITD sets the maximum size of the data segment of the server
# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d"
# command (or ulimit -v). The argument to ulimi sets the upper limit on the
# size of the data segment of the server process, in kilobytes. The default
# value of 65536 sets a very generous limit of 64 megabytes, which should
# be more than plenty for anyone.
#
# This feature is used as an additional safety check that should stop
# any potential denial-of-service attacks that exploit any kind of
# a memory leak to exhaust all the available memory on the server.
# It is theoretically possible that obscenely huge folders will also
# result in the server running out of memory when doing server-side
# sorting (by my calculations you have to have at least 100,000 messages
# in a single folder, for that to happen).IMAP_ULIMITD=65536
##NAME: IMAP_USELOCKS:0
#
# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent
# multiple access to the same folder. This incurs slight additional
# overhead. Concurrent multiple access will still work without this setting,
# however occasionally a minor race condition may result in an IMAP client
# downloading the same message twice, or a keyword update will fail.
#
# IMAP_USELOCKS=1 is strongly recommended when shared folders are used.IMAP_USELOCKS=1
##NAME: IMAP_SHAREDINDEXFILE:0
#
# The index of all accessible folders. Do not change this setting unless
# you know what you're doing. See README.sharedfolders for additional
# information.IMAP_SHAREDINDEXFILE=/usr/local/etc/courier-imap/shared/index
##NAME: IMAP_ENHANCEDIDLE:0
#
# If Courier was compiled with the File Alteration Monitor, setting
# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple
# clients may open the same folder concurrently, and receive updates to
# folder contents in realtime. See the imapd(8) man page for additional
# information.
#
# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included
# in the IMAP_CAPABILITY list.
#IMAP_ENHANCEDIDLE=0
##NAME: IMAP_TRASHFOLDERNAME:0
#
# The name of the magic trash Folder. For MSOE compatibility,
# you can set IMAP_TRASHFOLDERNAME="Deleted Items".
#
# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASHIMAP_TRASHFOLDERNAME=Trash
##NAME: IMAP_EMPTYTRASH:0
#
# The following setting is optional, and causes messages from the given
# folder to be automatically deleted after the given number of days.
# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default
# setting, below, purges 7 day old messages from the Trash folder.
# Another useful setting would be:
#
# IMAP_EMPTYTRASH=Trash:7,Sent:30
#
# This would also delete messages from the Sent folder (presumably copies
# of sent mail) after 30 days. This is a global setting that is applied to
# every mail account, and is probably useful in a controlled, corporate
# environment.
#
# Important: the purging is controlled by CTIME, not MTIME (the file time
# as shown by ls). It is perfectly ordinary to see stuff in Trash that's
# a year old. That's the file modification time, MTIME, that's displayed.
# This is generally when the message was originally delivered to this
# mailbox. Purging is controlled by a different timestamp, CTIME, which is
# changed when the file is moved to the Trash folder (and at other times too).
#
# You might want to disable this setting in certain situations - it results
# in a stat() of every file in each folder, at login and logout.
#IMAP_EMPTYTRASH=Trash:7
##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0
#
# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This
# effectively allows an undo of message deletion by fishing the deleted
# mail from trash. Trash can be manually expunged as usually, and mail
# will get automatically expunged from Trash according to IMAP_EMPTYTRASH.
#
# NOTE: shared folders are still expunged as usual. Shared folders are
# not affected.
#IMAP_MOVE_EXPUNGE_TO_TRASH=0
##NAME: OUTBOX:0
#
# The next set of options deal with the "Outbox" enhancement.
# Uncomment the following setting to create a special folder, named
# INBOX.Outbox
#
# OUTBOX=.Outbox##NAME: SENDMAIL:0
#
# If OUTBOX is defined, mail can be sent via the IMAP connection by copying
# a message to the INBOX.Outbox folder. For all practical matters,
# INBOX.Outbox looks and behaves just like any other IMAP folder. If this
# folder doesn't exist it must be created by the IMAP mail client, just
# like any other IMAP folder. The kicker: any message copied or moved to
# this folder is will be E-mailed by the Courier-IMAP server, by running
# the SENDMAIL program. Therefore, messages copied or moved to this
# folder must be well-formed RFC-2822 messages, with the recipient list
# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on
# SENDMAIL to read the recipient list from these headers (and delete the Bcc:
# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the
# message piped on standard input. $SENDER will be the return address
# of the message, which is set by the authentication module.
#
# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing.
#SENDMAIL=/usr/sbin/sendmail
##NAME: HEADERFROM:0
#
# For administrative and oversight purposes, the return address, $SENDER
# will also be saved in the X-IMAP-Sender mail header. This header gets
# added to the sent E-mail (but it doesn't get saved in the copy of the
# message that's saved in the folder)
#
# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive
# the magic OUTBOX treatment. Therefore advance LARTing is in order for
# _all_ of your lusers, until every one of them is aware of this. Otherwise if
# OUTBOX is left at its default setting - a folder name that might be used
# accidentally - some people may be in for a rude surprise. You can redefine
# the name of the magic folder by changing OUTBOX, above. You should do that
# and pick a less-obvious name. Perhaps brand it with your organizational
# name ( OUTBOX=.WidgetsAndSonsOutbox )HEADERFROM=X-IMAP-Sender
##NAME: OUTBOX_MULTIPLE_SEND:0
#
# Remove the following comment to allow a COPY of more than one message to
# the Outbox, at a time.
#
# OUTBOX_MULTIPLE_SEND=1##NAME: IMAPDSTART:0
#
# IMAPDSTART is not used directly. Rather, this is a convenient flag to
# be read by your system startup script in /etc/rc.d, like this:
#
# . /usr/local/etc/courier-imap/imapd
#
# case x$IMAPDSTART in
# x[yY]*)
# /usr/local/libexec/courier-imap/imapd.rc start
# ;;
# esac
#
# The default setting is going to be NO, so you'll have to manually flip
# it to yes.IMAPDSTART=NO
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
Конфиг pop3d:##VERSION: $Id: pop3d.dist.in,v 1.16 2005/07/05 12:42:51 mrsam Exp $
##NAME: PIDFILE:0
#PIDFILE=/var/run/pop3d.pid
##NAME: MAXDAEMONS:0
#
# Maximum number of POP3 servers started
#MAXDAEMONS=40
##NAME: MAXPERIP:4
#
# Maximum number of connections to accept from the same IP addressMAXPERIP=4
##NAME: POP3AUTH:1
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
#
# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH
# to something like this:
#
# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"POP3AUTH=""
##NAME: POP3AUTH_ORIG:1
#
# For use by webadmin#POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"
##NAME: POP3AUTH_TLS:1
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"POP3AUTH_TLS=""
##NAME: POP3AUTH_TLS_ORIG:0
#
# For use by webadminPOP3AUTH_TLS_ORIG="LOGIN PLAIN"
##NAME: POP3_PROXY:0
#
# Enable proxying. See README.proxyPOP3_PROXY=0
##NAME: PROXY_HOSTNAME:0
#
# Override value from gethostname() when checking if a proxy connection is
# required.# PROXY_HOSTNAME=
##NAME: PORT:1
#
# Port to listen on for connections. The default is port 110.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The ADDRESS setting is a default for ports that do not have a specified
# IP address.PORT=110
##NAME: ADDRESS:0
#
# IP address to listen on. 0 means all IP addresses.ADDRESS=0
##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options. The following defaults should be fine.
#TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options.
#LOGGEROPTS="-name=pop3d"
##NAME: DEFDOMAIN:0
#
# Optional default domain. If the username does not contain the
# first character of DEFDOMAIN, then it is appended to the username.
# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended
# only if the username does not contain any character from DOMAINSEP.
# You can set different default domains based on the the interface IP
# address using the -access and -accesslocal options of couriertcpd(1).#DEFDOMAIN="@example.com"
##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts. Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
# . /usr/local/etc/courier-imap/pop3d
# case x$POP3DSTART in
# x[yY]*)
# /usr/local/libexec/courier-imap/pop3d.rc start
# ;;
# esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.POP3DSTART=NO
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
>Конфиг authmysqlrc:##VERSION: $Id: authmysqlrc,v 1.18 2004/11/14 02:58:16 mrsam Exp $
##NAME: LOCATION:0
#
# The server name, userid, and password used to log in.MYSQL_SERVER localhost
MYSQL_USERNAME mail
MYSQL_PASSWORD *test*##NAME: MYSQL_SOCKET:0
#
# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the
# filesystem pipe used for the connection
#
# MYSQL_SOCKET /var/mysql/mysql.sock##NAME: MYSQL_PORT:0
#
# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to
# connect to.MYSQL_PORT 3306
##NAME: MYSQL_OPT:0
#
# Leave MYSQL_OPT as 0, unless you know what you're doing.MYSQL_OPT 0
##NAME: MYSQL_DATABASE:0
#
# The name of the MySQL database we will open:MYSQL_DATABASE mail
##NAME: MYSQL_USER_TABLE:0
#
# The name of the table containing your user data. See README.authmysqlrc
# for the required fields in this table.MYSQL_USER_TABLE users
##NAME: MYSQL_CRYPT_PWFIELD:0
#
# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both
# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext
# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.#MYSQL_CRYPT_PWFIELD passwd
##NAME: MYSQL_CLEAR_PWFIELD:0
#
#
MYSQL_CLEAR_PWFIELD passwd##NAME: MYSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
#DEFAULT_DOMAIN example.com##NAME: MYSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# MYSQL_UID_FIELD - contains the numerical userid of the account
#
MYSQL_UID_FIELD uid##NAME: MYSQL_GID_FIELD:0
#
# Numerical groupid of the accountMYSQL_GID_FIELD gid
##NAME: MYSQL_LOGIN_FIELD:0
#
# The login id, default is id. Basically the query is:
#
# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid'
#MYSQL_LOGIN_FIELD email
##NAME: MYSQL_HOME_FIELD:0
#MYSQL_HOME_FIELD home
##NAME: MYSQL_NAME_FIELD:0
#
# The user's name (optional)MYSQL_NAME_FIELD email
##NAME: MYSQL_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD).
#
# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this
# out.
#
MYSQL_MAILDIR_FIELD home##NAME: MYSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# MYSQL_DEFAULTDELIVERY defaultdelivery##NAME: MYSQL_QUOTA_FIELD:0
#
# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota. See README.maildirquota for more information
#
MYSQL_QUOTA_FIELD quota##NAME: MYSQL_AUXOPTIONS:0
#
# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs. These names are additional attributes that define various per-account
# "options", as given in INSTALL's description of the "Account OPTIONS"
# setting.
#
# MYSQL_AUXOPTIONS_FIELD auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.
##NAME: MYSQL_WHERE_CLAUSE:0
#
# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# MYSQL_WHERE_CLAUSE server='mailhost.example.com'##NAME: MYSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# The username field should include the domain (see example below).
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
# $(local_part), $(domain), $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s. Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location. In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# CONCAT('{MD5}', popbox.password_hash), \
# popbox.clearpw, \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '', \
# domain.quota, \
# '', \
# CONCAT("disableimap=",disableimap,",disablepop3=", \
# disablepop3,",disablewebmail=",disablewebmail, \
# ",sharedgroup=",sharedgroup) \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name
##NAME: MYSQL_ENUMERATE_CLAUSE:1
#
# {EXPERIMENTAL}
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders. The query
# should return the following fields: name, uid, gid, homedir, maildir, options
#
# Example:
# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '', \
# CONCAT('sharedgroup=', sharedgroup) \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name##NAME: MYSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing password.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# MYSQL_CHPASS_CLAUSE UPDATE popbox \
# SET clearpw='$(newpass)', \
# password_hash='$(newpass_crypt)' \
# WHERE local_part='$(local_part)' \
# AND domain_name='$(domain)'
#
>>Конфиг authdaemonrc:##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authuserdb authvchkpw authpam authldap authmysql authpgsql#authmodulelist="authuserdb authvchkpw authpam authldap authmysql authpgsql"
authmodulelist="authmysql"
##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# aloneauthmodulelistorig="authuserdb authvchkpw authpam authldap authmysql authpgsql"
#authmodulelistorig="authmysql"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...daemons=5
##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!authdaemonvar=/var/run/authdaemond
##NAME: subsystem:0
#
# The syslog facility uses subsystem to determine which log messages
# are recorded in which log files.
#
# The currently defined subsystems are:
#
# o auth
# o authpriv
# o console
# o cron
# o daemon
# o ftp
# o kern
# o lpr
# o mail
# o news
# o security
# o user
# o uucp
# o local0
# o local1
# o local2
# o local3
# o local4
# o local5
# o local6
# o local7
#
# Note: Not all of the above facility names are implemented on
# every system. Check your system's syslog documentation for
# information on which facility names are allowed, and which log
# files record the corresponding messages for each facility.subsystem=mail
##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0 - turn off debugging
# DEBUG_LOGIN=1 - turn on debugging
# DEBUG_LOGIN=2 - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.DEBUG_LOGIN=2
##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
# DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.DEFAULTOPTIONS="wbnodsn=1"
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#LOGGEROPTS=""
##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem
Интересно.
1. Попробуй запустить курьера и pop3d с ключами, включающими отладку.
2. Авторизуйся с сервисами телнетом.Пример сеанса с IMAP:
http://www.opennet.me/docs/RUS/exit_setup/dovecot.html
http://www.google.com/search?q=site:opennet.ru+telnet+imapПростой пример для POP3:
http://lithium.opennet.ru/kuban.ru/net.htmlНапиши, что у тебя происходит на стороне сервера и в телнете.
#auth_cram_md5:
# driver = cram_md5
# public_name = CRAM-MD5
# server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id =
'${quote_mysql:${local_part:$1}}' AND mbox_host = '${quote_mysql:${domain:$1}}'
AND active = 'Y'}{$value}fail}
Заремь две последние строки.
>[оверквотинг удален]
># public_name = CRAM-MD5
># server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id
>=
>'${quote_mysql:${local_part:$1}}' AND mbox_host = '${quote_mysql:${domain:$1}}'
>AND active = 'Y'}{$value}fail}
>
>
>
>
> Заремь две последние строки.НА самом деле эти строки заремлены, просто здесь перенеслось
А может, сначала стандартная проверка - как ДНС работает?
для проверки зайти телнетом с юзерской машины на почтовый сервак - если тоже логин долгий, то настроить ДНС.