Apple Support Communities > Servers and Enterprise Software > Mac OS X Server v10.4 and earlier > Discussions
This discussion is archived
1770 Views 9 Replies Latest reply: Jul 3, 2007 9:34 AM by Mike Matthews
Currently Being ModeratedJun 30, 2007 5:59 PM (in response to Joel Mcintosh1)Unfortunately I am having a different experience. Have a mail user using a pop account with an iPhone. Every time he leaves his WiFi network and goes to the ATT EDGE network, his mail account locks up the next time his iPhone checks mail. His account then shows up in the mail connections pane of Server Admin. When he returns to his WiFi network it will sometimes unlock his mail account.
Running 10.4.8 server. Was anything significant changed in mail services in 10.4.9 or 10.4.10?
Anyone else seeing this problem or have suggestions for fixing?
postconf -n below
server2:~ wcg_ron$ postconf -n
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
disablevrfycommand = yes
enableserveroptions = yes
html_directory = no
inet_interfaces = all
localrecipientmaps = proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
messagesizelimit = 10485760
mydomain = wagnercreativegroup.com
mydomain_fallback = localhost
myhostname = smtp.wagnercreativegroup.com
mynetworks = 127.0.0.1/32,188.8.131.52/32,184.108.40.206,220.127.116.11
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
ownerrequestspecial = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdclientrestrictions = permitsaslauthenticated permit_mynetworks rejectrblclient zen.spamhaus.org rejectrblclient combined.njabl.org rejectrblclient bl.spamcop.net permit
smtpddatarestrictions = permit_mynetworks, rejectunauthpipelining, permit
smtpdhelorequired = yes
smtpdhelorestrictions = permitsaslauthenticated, permit_mynetworks, checkheloaccess hash:/etc/postfix/helo_access, rejectnon_fqdnhostname, rejectinvalidhostname, permit
smtpdpw_server_securityoptions = plain,login,cram-md5
smtpdrecipientrestrictions = rejectinvalidhostname, rejectnon_fqdnsender, rejectnon_fqdnrecipient, permitsaslauthenticated, permit_mynetworks, rejectunauthdestination, rejectunlistedrecipient, rejectrblclient zen.spamhaus.org, permit
smtpdsasl_authenable = yes
smtpdsenderrestrictions = permitsaslauthenticated, permitmynetworks,reject_non_fqdnsender, permit
smtpdtlsCAfile = /etc/certificates/server2.wagnercreativegroup.com.chcrt
smtpdtls_certfile = /etc/certificates/server2.wagnercreativegroup.com.crt
smtpdtls_keyfile = /etc/certificates/server2.wagnercreativegroup.com.key
smtpduse_pwserver = yes
smtpdusetls = yes
unknownlocal_recipient_rejectcode = 550
virtualaliasdomains = hash:/etc/postfix/virtual_domains
virtualaliasmaps = hash:/etc/postfix/virtual,hash:/var/mailman/data/virtual-mailman
virtualmailboxdomains = hash:/etc/postfix/virtualdomainsdummy
virtual_transport = lmtp:unix:/var/imap/socket/lmtpMac OS X (10.4.8)
Currently Being ModeratedJul 1, 2007 12:32 AM (in response to Ronald Wagner)Ronald,
this is actually not an iPhone issue, nor a Mac OS X Server issue.
Any phone/network which is capable of so called seamless handover between wireless networks will exhibit this behaviour.
What happens is that you connect with an IP number to your server and log in. Next, the network connection (and IP number) is switched without logging out of the mail account. Your server gets a new request from a different IP number for the same account and refuses it because you are still logged in under the previous IP number.
The account will only unlock when the user knowingly logs out or after the default timeout setting. You can set "poptimeout" in imapd.conf, but I wouldn't make it too short.
When the user knows he will be changing network (leaving his office network etc.), he should log out of his mail account first. I am not sure you can "close" the mail application on the iPhone as we poor Europeans haven't had the pleasure of being able to by an iPhone yet, but I am sure Joel will test this for us.
I have been using several devices capable of seamlessly switching between UMTS, EDGE, GPRS and Wi-Fi for several years now and all of them exhibit this behaviour.
AlexMac OS X (10.4.10)
Currently Being ModeratedJul 1, 2007 9:25 AM (in response to pterobyte)Hi Alex,
Thanks for the reply. The poptimeout defaults to 10 minutes. The man pages says that the minimum value is 10, the default, so I don't know if lowering the value in the config file will have an affect.
The problems with the iPhone seem to be that the connection isn't closed after getting mail, and when switching networks, it appears to trigger getting mail immediately instead of waiting for the usual period set by the user. Is it normal for mail clients not to close the connection after getting mail, or is this a case of the connection not being closed cleanly? I do see the logins in the logs on the server, but logouts are not shown so I don't know what is happening there.
How do you deal with the locked up accounts with your devices? Do they eventually time out and unlock?
Why does this not happen with other mail servers/services such as Yahoo?
Currently Being ModeratedJul 1, 2007 10:03 AM (in response to Ronald Wagner)
The poptimeout defaults to 10
minutes. The man pages says that the minimum value is
10, the default, so I don't know if lowering the
value in the config file will have an affect.
Not sure. Would have to check.
Is it normal for mail clients
not to close the connection after getting mail, or is
this a case of the connection not being closed
Different clients handle things differently. Most clients won't close the connection immediately.
How do you deal with the locked up accounts with your
devices? Do they eventually time out and unlock?
After the timeout period they unlock.
Why does this not happen with other mail
servers/services such as Yahoo?
Some services take the approach of kicking you out of an existing connection if you log-in from a different place. Mostly web based providers do so.Mac OS X (10.4.10)
Currently Being ModeratedJul 1, 2007 6:44 PM (in response to pterobyte)
When the user knows he will be changing network (leaving his office
network etc.), he should log out of his mail account first. I am not
sure you can "close" the mail application on the iPhone as we poor
Europeans haven't had the pleasure of being able to by an iPhone
yet, but I am sure Joel will test this for us.
I have been using several devices capable of seamlessly switching
between UMTS, EDGE, GPRS and Wi-Fi for several years now and all of
them exhibit this behaviour.
Hey guys ... I did a little testing this evening. Alex is correct about the users staying logged in until they knowingly log out or after the default timeout.
However, I did some experimentation, and I couldn't replicate the "lockout" problem.
I don't use POP accounts, so I could only test my IMAP account. With my IMAP accounts, my server has no trouble dealing with having me authenticated from both places at the same time. I was able to authenticate to my mail server when using my laptop over my Wi-Fi connection while I checking mail using my iPhone over the EDGE network.
I could see myself authenticated from both IPs showing in Mail --> Connections.
Just a shot in the dark ... is it possible the issue is limited to POP accounts?XServe G5, Mac OS X (10.4.8)
Currently Being ModeratedJul 3, 2007 9:34 AM (in response to maxscience)
the interesting news would be how to provide Push
IMAP to iPhone from OS X Server... Maybe it'll come
in Leopard server.
Actually, I'm wondering too if this feature works out of the box. See this afp548.com article:
"idle support is already present in the Cyrus imap server, so you should have it on OS X Server's IMAP server. Note that there is an idled deamon that might make it easier to support a large number of idle clients, but at this time I see no reason to go out of your way to compile it."
mmMac OS X (10.4.10)