61077 – Failure to report lost packets dropping POP3 connections

Bug 61077 - Failure to report lost packets dropping POP3 connections

Summary: Failure to report lost packets dropping POP3 connections

Status:	REPORTED

Alias:	None

Product:	kio
Classification:	Frameworks and Libraries
Component:	pop3 (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-07-11 03:43 UTC by Casey Allen Shobe
Modified:	2007-12-27 23:12 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Casey Allen Shobe 2003-07-11 03:43:40 UTC

Version:            (using KDE KDE 3.1)
Installed from:    Compiled From Sources
Compiler:          gcc 3.3 
OS:          Linux

My POP3 server is cunipop on FreeBSD behind a SecureWorks iSensor packet filtering device.  When it thinks that there is an attachment with a Windows extension that could possibly be a virus (i.e. .{bat,exe,com,pif,doc,xls,pub,inf,reg,}, etc...), it drops the packet without letting it pass to the client (KMail).  The problem is compounded by the fact that the packet matching rules are not ideal and it triggers on certain headers containing anything with a .{com, exe, ...}.

The problem is that Kmail never recieves the packet, and in time, it just gives up, without reporting the error to the user (i.e. me), and thus I don't realize that I'm not getting any mail from that server for some amount of time (i.e. a few days).

I would quite like it to let me know via some form of notification (i.e. a popup of some form) when a mailserver failed to deliver the mail.

Comment 1 Stephan Kulow 2003-09-21 13:46:56 UTC

how can we know? when you just drop TCP packages, your connection is broken. 
This will need some ethereal log from you (taking your connection isn't encrypted)

Comment 2 Casey Allen Shobe 2003-09-21 14:13:20 UTC

I'm sorry, but as I was fired from SecureWorks a while ago, I no longer have 
access to a test environment.  However, I will ask if somebody there can send 
me an example dropped packet (though they probably won't because they're a very 
secretive bunch). 
 
I agree that the packet dropping approach is horrible for email (it causes 
several clients to hang, and the rest to give up on the POP3 connection at that 
point (so no new mail is delivered)), but the SecureWorks product is growing in 
popularity, and I fear that in time there will be more Kmail installations 
behind them.  It works well for things like Code Red, but is way too invasive 
for email virii (especially considering it just matches extension, not 
content). 
 
But basically, whenever a POP3 connection is broken, regardless of the cause, 
there should be some sort of user notification, regardless of what the cause of 
the error might have been. 
 
If the connection is encrypted, then anything will pass right through the 
filter, including virii, unless the SSL traffic randomly triggers one of the 
thousands of rules as a false positive (another problem with their approach at 
security) :P. 
 
You can find some (limited) information at http://www.secureworks.com.

Comment 3 Thomas McGuire 2007-12-12 23:38:39 UTC

Reassigning the bugs of the SMTP, IMAP and POP ioslaves to kdepim-bugs.

Comment 4 Thomas McGuire 2007-12-12 23:42:34 UTC

Undo autoconfirm.

Comment 5 Thomas McGuire 2007-12-27 23:12:00 UTC

Changing to wish.
I don't see an easy way to detect dropped packets (at least not on the POP3-Level). Dropped packages should simply not happen.