Still having problems changing servers
Michael Knoerzer
This is continued from my last message.
As I mentioned earlier (12/7) , I have to enter my user ID and password
three times when using PC Pine:1st time for incoming Cyrus imap mail server;
second time for smtp server; third time for the server on which my mail
folders other than the inbox are stored, "bratwurst.cc.columbia.edu".
I've tested and configured five other email clients (Eudora, T-Bird,
Netscape 7.2, Outlook and Mulberry) for users I support and only PC Pine
requires this extra step. Pine with the identical configuration (pinerc
file) requires a password only twice, for the imap and smtp servers.
Below is the debug text for a complete attempt to send a message. The third
server (bratwurst.cc.columbia.edu) is mentioned in line 28.
Any suggestion on how to prevent this would be greatly appreciated (I could
live with this little inconvenience, but my PC Pine users want it fixed, if
possible.)
Opened SMTP server "send-vif.cc.columbia.edu"
IMAP DEBUG 17:13:37 12/13: RSET
IMAP DEBUG 17:13:37 12/13: 250 2.0.0 Reset state
IMAP DEBUG 17:13:37 12/13: MAIL FROM:<mc...@columbia.edu>
IMAP DEBUG 17:13:37 12/13: 250 2.1.0 <mc...@columbia.edu>... Sender ok
IMAP DEBUG 17:13:37 12/13: RCPT TO:<michael...@hotmail.com>
IMAP DEBUG 17:13:37 12/13: 250 2.1.5 <michael...@hotmail.com>...
Recipient ok
IMAP DEBUG 17:13:37 12/13: DATA
IMAP DEBUG 17:13:37 12/13: 354 Enter mail, end with "." on a line by itself
-- pine_rfc822_output
-- pine_encode_body: 0
-- pine_rfc822_output_body: 0
-- pine_rfc822_output_body: segment 123 bytes
-- gf_pipe:
done.
IMAP DEBUG 17:13:37 12/13: .
IMAP DEBUG 17:13:37 12/13: 250 2.0.0 jBDMDag7018786 Message accepted for
delivery
IMAP DEBUG 17:13:37 12/13: QUIT
IMAP DEBUG 17:13:37 12/13: 221 2.0.0 jalapeno.cc.columbia.edu closing
connection
Writing Fcc
Writing Fcc
same_stream: {mail.columbia.edu/user=mck22/ssl}Sent ==
{mail.columbia.edu:993/imap/ssl/user="mck22"}inbox
same_stream: yes
pine_mail_append_full: appending to "{mail.columbia.edu/user=mck22/ssl}Sent"
IMAP DEBUG 17:13:37 12/13: 00000017 APPEND Sent {453}
IMAP DEBUG 17:13:37 12/13: 00000017 NO [REFERRAL
imap://;AUTH=*@bratwurst.cc.columbia.edu/Sent]
Remote mailbox.
IMAP 17:13:37 12/13 mm_notify warning:
{mail.columbia.edu:993/imap/ssl/user="mck22"}inbox
(inboxstream) : [REFERRAL imap://;AUTH=*@bratwurst.cc.columbia.edu/Sent]
Remote mailbox.
IMAP 17:13:37 12/13 mm_log babble: Trying IP address [128.59.33.134]
=== optionally_enter called ===
=== optionally_enter called ===
done.
=== send returning ===
---- MAIN_MENU_SCREEN ----
******** new mail returning -1 ********
Message sent and copied to "{mail.columbia.edu/user=mck22/ssl}Sent".
Turning off new messages while reviewing
Mark Crispin
> As I mentioned earlier (12/7) , I have to enter my user ID and password
> three times when using PC Pine:1st time for incoming Cyrus imap mail server;
> second time for smtp server; third time for the server on which my mail
> folders other than the inbox are stored, "bratwurst.cc.columbia.edu".
You evidently have a default fcc set to write to a mailbox called "Sent"
on mail.columbia.edu. That mailbox does not exist on mail.columbia.edu,
but it does exist on bratwurst.cc.columbia.edu and the mail.columbia.edu
knows that fact. Hence, the mail.columbia.edu server tells PC Pine to
deliver the fcc to "Sent" on bratwurst.cc.columbia.edu, which PC Pine
dutifully does.
> I've tested and configured five other email clients (Eudora, T-Bird,
> Netscape 7.2, Outlook and Mulberry) for users I support and only PC Pine
> requires this extra step.
Do you have these other clients configured to write that fcc?
> Pine with the identical configuration (pinerc
> file) requires a password only twice, for the imap and smtp servers.
What machine is UNIX Pine running on? Is there a trust web between that
machine and bratwurst.cc.columbia.edu?
> Any suggestion on how to prevent this would be greatly appreciated (I could
> live with this little inconvenience, but my PC Pine users want it fixed, if
> possible.)
The debug test shows that PC Pine is doing exactly what it's supposed to
do. It was told to use three different servers and it did so.
The "fix" is some combination of configuration change and possibly setting
up a trust web (e.g., saving the passwords on the PC for users with
private PCs).
If you don't have this problem in the other clients, then there is
something in your configuration and/or trust web with those clients that
you did not duplicate properly in PC Pine. What needs to be done is to
figure out what that "something" is.
The first step is to determine the answer to this question. Is it correct
that:
. outgoing mail is handled by send-vif.cc.columbia.edu
. incoming mail (INBOX) is handled by mail.columbia.edu
. the fcc mailbox (Sent) is handled by bratwurst.cc.columbia.edu
If this is all correct, that's three separate logins, and the only way to
avoid the user doing it is to have some form of trust web.
If this is not correct, then you need to identify what is incorrect about
it, noting that mail.columbia.edu tells Pine that
bratwurst.cc.columbia.edu is the correct place for the fcc mailbox so if
that's wrong mail.columbia.edu needs to be changed.
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
Michael Knoerzer
much.
Mike K.
Michael Knoerzer
The year may be new, but I am still trying to get around the problem I
was having in December (12/19). To briefly recap what is happening:
at the university where I work, the centeral IT office has installed a new
imap email system based on Cyrus. Both the new and old imap and
our smtp servers use SSL authentication. On the both the new and old
imap systems, only the In mailbox is on the mail server. All other
mailboxes are located on backend servers.
When using the old imap system, PC Pine asks for a password two times:
once when logging in on the imap system; once when sending the
first message of the session through the smtp system. On the new Cyrus
system, the password is required a third time, when writing copies to
the Sent mailbox or Drafts mailbox or when I try to move a message
from the In box to another folder. I am under orders to try to fix this
so PC Pine works as it did before.
People in my office use a variety of email clients besides PC Pine,
including Thunderbird, Netscape 7.2, Eudora 6.2 and Outlook 2003.
The server name and fcc locations are entered in the config files
the same way. Only PC Pine needs the password entered a third time.
According to our central IT postmaster:
"This has something to do with imap referrals. Pine connects to
mail.columbia.edu, which tells it the backend name, and Pine connects
there. That's fine and if the backend changes Pine will be told the
current name. "
He adds:
"I see a note in Cyrus documentation about Pine versions before 4.44
not handling referrals properly."
I am using PC Pine 4.64. If the referral problem has not been fixed in
PC Pine 4.64, please let me know. Then all I need to do is to forward that
information to my boss. If PC Pine 4.64 is compatible with Cyrus and
the problem is with the way the I set up the PC Pine configuration, I need
to figure out how to make the correction.
Thanks to any and all who have read this far.
Mike Knoerzer.
"Mark Crispin" <M...@CAC.Washington.EDU> wrote in message
news:Pine.WNT.4.65.0...@Tomobiki-Cho.CAC.Washington.EDU...
Mark Crispin
prompted for the password three times is that you are connecting to three
different servers.
The reason for the third server is that the mail.columbia.edu is passing a
referral to Pine, and Pine is following the referral to that third server.
Not all clients follow referrals. If, in spite of this, the referring
server offers access anyway, then you would see the behavior that you
report of "this other client does not make you enter the password twice."
If, on the other hand, the server does not offer access anyway, you would
get an error message in that client.
Your central IT postmaster is telling you the same thing.
I think (but I am not sure) that your central IT *is* providing access
anyway even if the client ignores the referral. If this is the behavior
that you want, perhaps you should ask your central IT to stop issuing
referrals, on the grounds that the referrals are causing an extra password
query.
Michael Knoerzer
It was clear, but previously we were also connecting to 3 servers, but the
password was only required twice. Now, while connecting with any client
other than PC Pine the password is only required twice. Since this seems to
be what is to be expected, the people in my office who prefer Pine but have
a problem with this particular behavior will either accept it or change to
another client.
Sorry to have tried your patience.
MK
"Mark Crispin" <M...@CAC.Washington.EDU> wrote in message
news:Pine.WNT.4.65.06...@Shimo-Tomobiki.panda.com...
Mark Crispin
> It was clear, but previously we were also connecting to 3 servers, but the
> password was only required twice.
I'm sorry, but this doesn't make any sense. Either the first clause
("previously we were also connecting to three servers") or the second
clause ("the password was only required twice") is mistaken.
I believe that you are mistaken as to the first clause. Your previous
IMAP server probably did *NOT* generate referrals. It is only now that
you have Cyrus that you are dealing with referrals.
> Now, while connecting with any client
> other than PC Pine the password is only required twice.
I think that you did not understand what I meant about referrals.
If a client disregards referrals, it will never connect to the third
server. Instead, it depends upon the original server doing the work of
accessing the data on the third server (this doesn't always happen).
That is what these other clients are (not) doing.
Since Pine obeys referrals, that is why Pine connects to the third server.
If any of those clients are fixed to obey referrals in a subsequent
version, they also will have the same "problem".
That is why I suggested that you should talk with your central IT
department about possibly disabling referrals. If they decline, they may
be considering making referrals mandatory. If so, then Pine will be the
only client that works at all.
Hence, you really need to talk with your central IT department, understand
what their policies are, and negotiate possible changes to their policy
based upon your user complaints. Once you have a coherant policy that
applies both to your department and your central IT department, it will be
possible to proceed in a useful way.
It could also be that your central IT department has alternative
technology to passwords, such as Kerberos, which you should use instead.
They would know. I don't.
> Since this seems to
> be what is to be expected, the people in my office who prefer Pine but have
> a problem with this particular behavior will either accept it or change to
> another client.
It IS possible to build Pine so that the passwords are stored on the
client in a pine.pwd file, and thus once Pine is told about the passwords
it will remember them forever. PC Pine is built this way by default; UNIX
Pine is not. Perhaps this will assist your users. I'll be happy to tell
you what to do if that's what you want (note though that in general it's
considered to be a bad idea to have passwords lying around on a multi-user
system).
I strongly recommend against "just tolerate it" or "just use another
client". You described a problem that will happen with any client that
obeys referrals. This problem isn't going to go away if you ignore it.
I agree that it is probably unacceptable to be harassed with multiple
password requests. Something needs to change. It's just that Pine's
probably the wrong place to make the change.
-- Mark --
http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.