Archive for September 12th, 2010

How to fix suddenly broken courier imap on qmail and vpopmail

Sunday, September 12th, 2010

One of the Linux servers I do manage was reported to have problems with it’s squirrel webmail.
After a quick investigation I’ve realized that none of the vpopmail existant Mailbox es were not able to login into the squirrelmail.
Therefore it appeared the problem is far more complex than I thought. First I thought the problem is probably rooted in the squirrel webmail configurations.
I’ve launched the squirrelmail perl configurator in my case the squirrelmail was installed via rpm on Cent OS server system and thus I invoked:

/usr/share/squirrelmail/config/conf.pl

After a brief review in perl configurator menus I’ve realized everything seemed to be configured just right, since I’ve noticed in the configuration that squirrelmail uses the IMAP protocol as a mean of authentication.
I’ve continued further and verified if I can normally login with my vpopmail existant email accounts via the IMAP mail fetch protocol.

It wasn’t a big shock to realize that the login via the IMAP server with each and every valid email and pass I tried failed.

This lead me to the idea that the problem is probably because of some of the recent system updates I’ve completed via the yum CentOS’s package manager.

I’ve red the logs in /var/log/rpmpkgs* and I’ve found out that just recently there was a package update for package courier-authlib-toaster-0.59.2-1.3.7 as well as courier-imap-toaster

By the way the rpmpkgs logs contain records for each of the packages that were updated on the CentOS / Fedora servers.

My first guess was that the whole issues are because of the IMAP configuration files or the authlib configuration files being overwritten with some default package configurations files, in that reason I’ve changed to directory /etc/courier/ and did observed all the files and compared them against a working configuration files from another CentOS server where the IMAP server works just fine.

Another thing I tried was to revert all the *.dist files with their original ones in my case the .dist files were:

[root@centos courier]# ls *.dist
imapd.dist imapd-ssl.dist pop3d.dist pop3d-ssl.dist[root@centos courier]#

In order to revert back the original conf files that the coueier and imap package updater has moved to a .dist files you need to execute a one liner script like:

[root@centos courier]# cd /etc/courier/
[root@centos courier]# for i in *.dist; do file=$(echo $i| sed -e "s#.dist##g"); echo cp -rpf $i $file; done

Then I tried restarting my daemontools managed services for authlib and imap through svscan

I issued commands:

[root@centos ~]# svc -d /var/qmail/supervise/authlib
[root@centos ~]# svc -t /var/qmail/supervise/authlib
[root@centos ~]# svc -u /var/qmail/supervise/authlib
[root@centos ~]# svc -d /var/qmail/supervise/imap4
[root@centos ~]# svc -t /var/qmail/supervise/imap4
[root@centos ~]# svc -u /var/qmail/supervise/imap4

Then I tried testing the IMAP with telnet once again:

[root@centos ~]# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
a login myemailuser@myemaildomain.com adsf
a NO Login failed.

Further I attempted to reinstall the courier-authlib-toaster and courier-imap-toaster rpm packages, but once again my attempt to login via valid email in IMAP returned me the error code a NO Login failed.

As I couldn’t login once again I started getting seriously pissed off, so I started reading many discussions and forums online before I came to a discussion that suggested to copy the library files for courier authlib from a working courier authlib install in order to deal with the issues.
I was lucky to have another CentOS qmail server where the IMAP and Courier Authlib were working just fine, so I just copied all the files from /usr/lib64/courier-authlib directory from the working server install to the non-working one.

Of course I’ve copied the 64 bit library because my installed CentOS Linux version on the servers is x86_64 bit, however if you have the same issue on a just a 32 bit CentOS install then you will have to copy working files from a destination /usr/lib/courier-authlib

I’ve also made a small archive containing my 64 bit courier authlib working files which can be obtained from here

Bear in mind that if you download my courier-authlib_working_libraries.tar.gz overwritting your libraries is very risky and might not work for you, however if you’ve tried everything and it doesn’t help I guess you can try this as well.
Before you overwrite any files untarring the archive in your /usr/lib64/courier-authlib directory you’ve better backup the original files just in case if something goes wrong after the libraries are overwitten.

Now as a last step you will also need to restart the courier and imap via daemontools again with the svc command just like I’ve shown you earlier in this post.