Is IMAP IDLE incompatible with preauthtunnel = ssh ?

Marc MERLIN marc at merlins.org
Sat Sep 21 04:43:58 UTC 2013 

On Fri, Sep 20, 2013 at 03:00:55PM +0400, Eygene Ryabinkin wrote:
> Marc, good day.
> 
> Tue, Sep 17, 2013 at 08:28:08AM -0700, Marc MERLIN wrote:
> > When I connect to my courier server over imap/ssl, IDLE works:
> >  DEBUG[imap]:   14:16.40 Account sync merlins.org _get_untagged_response(CAPABILITY) => ['IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION']
> 
> And it is even advertized from the IMAP server -- that's good.
 
Yes, and it works fine without ssh.

> > But if I use 
> > preauthtunnel = ssh -x -q imap '/usr/bin/imapd ./Maildir'
> > it works fine, except for IDLE:
> > 
> >  Establishing connection to tunnel:ssh -x -q imap '/usr/bin/imapd ./Maildir'
> > INFO: LOGIN, user=merlin, ip=[127.0.0.1], port=[0], protocol=IMAP
> > Folder INBOX [acc: merlins.org]:
> >  Syncing INBOX: IMAP -> Maildir
> > Account sync merlins.org:
> >  *** Finished account 'merlins.org' in 0:03
> >  Next refresh in 30.0 minutes
> > Thread-4:
> >  WARNING: IMAP IDLE not supported on server 'ssh -x -q imap '/usr/bin/imapd ./Maildir' '.Sleep until next refresh cycle.
> 
> This message is given when IMAP server isn't advertising IDLE support
> in response to the CAPABILITY, so I wonder what IMAP debug gives you
> on that response in the SSH-based mode?

Indeed, that's bad:
 DEBUG[imap]:   37:39.71 Account sync merlins.org _get_untagged_response(CAPABILITY) => ['IMAP4rev1']
 DEBUG[imap]:   37:39.71 Account sync merlins.org _untagged_response(OK, ?, CAPABILITY) => ['IMAP4rev1']


> I fear that your Courier is configured to avoid IDLE stuff when
> working over SSH and invoking imapd by hand.  Usually, it is
> IMAP_CAPABILITY configuration setting for Courier IMAP that governs
> the support for IDLE, see
>   http://www.courier-mta.org/imapd.html

Yep, I read that, but didn't find 2 sets of configurations, daemon vs command line.
Specifically, I have:
magic:/etc/cron.d# grep IDLE /etc/courier/imapd
# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
##NAME: IMAP_IDLE_TIMEOUT:0
# the server polls for changes to the folder, in IDLE mode (in seconds).
IMAP_IDLE_TIMEOUT=20
##NAME: IMAP_ENHANCEDIDLE:0
# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple
# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included
IMAP_ENHANCEDIDLE=0

When it runs as a daemon, it runs as:
/usr/sbin/courierlogger -pid=/var/run/courier/imapd.pid -start -name=imapd /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 143 /usr/lib/courier/courier/imaplogin /usr/bin/imapd Maildir

I'm wondering if imapd/courier has a way to find out it's run from
imaplogin vs the command line.

That sure is weird and unexpected :-/

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/                         | PGP 1024R/763BE901

More information about the OfflineIMAP-project mailing list