Binc IMAP via xinetd

Takaitra · 2004-05-24 18:09:33

First of all, I'd like to mention I'm a new convert. I installed AL for the first time last weekend on my server and I love it. I was formerly running RH9 on the server and as there's just no comparison. Some packages, such as the kernel, are even more up to date than on my Gentoo box and it's perfect for a server environment, installing only what you need. So thank you for an awesome distro and now my problem:

My box is both a mail server and a web server. I've got postfix running fairly well now and need to get an IMAP server installed to access its mail. I noticed squirrelmail installed bincimap as a dependency so I decided to use Binc IMAP. After reading as much documentation as I could and configuring everything, however, xinetd / binc is still out to lunch:

$ telnet archserver 143
Trying 192.168.0.15...
telnet: Unable to connect to remote host: Connection refused

here's xinetd.d:

$ ls
bincimap bincimaps servers services swat

bincimap:

$ cat bincimap
# $Id: xinetd-bincimap.in,v 1.1.1.1 2003/08/18 18:06:05 andreaha Exp $
# default: on
# description: Binc IMAP
service imap
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
group = root
instances = UNLIMITED
server = /usr/bin/bincimap-up
server_args = --conf=/etc/bincimap/bincimap.conf --logtype=syslog -- /bin/checkpassword /usr/bin/bincimapd
log_type = SYSLOG daemon info
}

bincimap.conf:

$ cat /etc/bincimap/bincimap.conf
/* -*- mode:java -*- */
// Global configuration file for Binc IMAP. Some settings in this file
// can be overrun with command line arguments.
//----------------------------------------------------------------------------
Authentication {
allow plain auth in non ssl = "yes", /* allow login or
authenticate
when not in
SSL/TLS mode */
auth penalty = 4, /* on auth failure,
* server sleeps so
* many seconds
* before allowing
* client to
* authenticate
* again.
*/
disable starttls = "no"
}
//----------------------------------------------------------------------------
Security {
jail path = "/usr/bin",
jail user = "nobody",
jail group = "nobody"
}
//----------------------------------------------------------------------------
Log {
type = "syslog", /* supports
* multilog or
* syslog or
* stderr (for testing).
*/
environment ip variable = "TCPREMOTEIP"
}
//----------------------------------------------------------------------------
Mailbox {
depot = "Maildir++", /* Use Maildir++ style
* depot. */
type = "Maildir", /* only Maildir
* support */
path = "Maildir", /* default path */
auto create inbox = "yes", /* create INBOX in
* given format if
* it doesn't
* exist.
*/
auto subscribe mailboxes = "INBOX", /* list mailboxes
* in one string,
* seperated by
* commas
*/
umask = "077" /* use this umask
* when creating
* mailboxes, or
* when copying and
* appending
* messages.
*/
}
//----------------------------------------------------------------------------
Session {
idle timeout = 1860, /* idle timeout in
seconds */
auth timeout = 60, /* timeout before
auth in
seconds */
transfer timeout = 1200, /* timeout per
transferred com
unit (I/O) */
transfer buffer size = 1024 /* number of bytes
to buffer before
passing on to
client. */
}
//----------------------------------------------------------------------------
SSL {
pem file = "/etc/bincimap/bincimap.pem", /* private key and
certificate
chain PEM file
name */
ca file = "", /* file to use as
certificate
authority */
ca path = "", /* path to search
for more certificate
authorities */
cipher list = "!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP",
verify peer = "no"
}
//----------------------------------------------------------------------------
/* $Id: bincimap.conf.in,v 1.2 2003/08/23 12:53:25 andreaha Exp $ */

/etc/services:

$ cat /etc/services |grep imap
imap2 143/tcp # Interim Mail Access Proto v2
imap2 143/udp
bincimap 143/tcp
bincimap 143/udp
imap3 220/tcp # Interactive Mail Access
imap3 220/udp # Protocol v3
bincimaps 993/tcp
bincimaps 993/udp

log:

May 23 16:59:40 archserver xinetd[1823]: xinetd Version 2.3.13 started with no options compiled in.
May 23 16:59:40 archserver xinetd[1823]: Started working: 0 available services

I think maybe the problem is xinetd not recognizing bincimap as a service? Apache and proftpd are working great so I don't think it's a problem with blocked ports. I'm also starting portmap before starting xinetd. Any ideas on how to get this working will be greatly appreciated.

Takaitra · 2004-05-25 15:22:23

I guess I'll give courier IMAP a try.

kpiche · 2004-05-25 20:19:12

Apache and proftpd don't usually use xinetd to provide their services. /etc/services is a name to port number mapping and doesn't control what services are running and shouldn't normally be modified. Not that that helps.

However I tried it and my /var/log/errors file contains:

May 25 16:25:10 kpiche xinetd[822]: Port not specified and can't find service: imap with getservbyname
May 25 16:25:10 kpiche xinetd[822]: Port not specified and can't find service: imaps with getservbyname

In this case you do need to modify /etc/services. Xinetd is looking for a service called "imap" because the /etc/xinetd.d/bincimap contains "service imap". Since this is not in /etc/services it fails. Modify /etc/services to add an alias "imap" to port 143:

imap2           143/tcp         imap            # Interim Mail Access Proto v2
imap2           143/udp         imap

Or you can modify the bincimap file to say "service imap2".

This should be raised as a bug report stating that the imap service is not defined in /etc/services.

Takaitra · 2004-05-27 03:31:28

Thank you very much for your reply kpiche. I run apache and proftpd standalone, I chose the xinetd route for IMAP because it won't be used as heavily. This certainly put me on the right track, I get a problem connecting

bincimap-up: error while loading shared libraries: libssl.so.0.9.6: cannot open shared object file: No such file or directory
Connection closed by foreign host.

but I can probably figure this out. I removed the bincimap entries from my services file and added the imap alias. I guess I was a little confused as to how service names were defined in xinetd.

Yes this should definitely be filed as a bug report. I'll do it first thing tomorrow.

kpiche · 2004-05-28 02:36:17

Ah. The current version of OpenSSL is 0.9.7d. So bincimap was missed in the big OpenSSL upgrade a month or so ago. You can recompile bincimap using abs or file a bug report (or add it to your other bug rep) stating that it needs to be recompiled against the latest OpenSSL.

# ldd /usr/bin/bincimap-up
        libssl.so.0.9.6 => not found
        libcrypto.so.0.9.6 => not found
        libdl.so.2 => /lib/libdl.so.2 (0x40020000)
        libstdc++.so.5 => /usr/lib/libstdc++.so.5 (0x40023000)
        libm.so.6 => /lib/libm.so.6 (0x400dd000)
        libgcc_s.so.1 => /usr/lib/libgcc_s.so.1 (0x400ff000)
        libc.so.6 => /lib/libc.so.6 (0x40108000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

Takaitra · 2004-05-28 16:34:06

Here is the bug report I filed but tt looks like you already found it.

Thank you for your help again kpiche. Since it works without recompiling and includes POP3 support, I'm using courier-imap for now.

Arch Linux

#1 2004-05-24 18:09:33

Binc IMAP via xinetd

#2 2004-05-25 15:22:23

Re: Binc IMAP via xinetd

#3 2004-05-25 20:19:12

Re: Binc IMAP via xinetd

#4 2004-05-27 03:31:28

Re: Binc IMAP via xinetd

#5 2004-05-28 02:36:17

Re: Binc IMAP via xinetd

#6 2004-05-28 16:34:06

Re: Binc IMAP via xinetd

Board footer