Issue Courier IMAP/POP3 unavailable remotely.

[davorg]

Server operating system version

CentOS Linux release 7.9.2009

Plesk version and microupdate number

Plesk Obsidian 18.0.44 Update 2

I've set up GMail to poll POP3 on my server for email. A few days ago, I noticed this had stopped working. Further investigation shows that the ports running the Courier IMAP and POP3 services aren't being exposed to the internet.

The services are all running:

# systemctl status courier-pop3s.service
● courier-pop3s.service - Courier POP3 server with SSL/TLS support
   Loaded: loaded (/usr/lib/systemd/system/courier-pop3s.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-06-27 11:10:43 BST; 37min ago
  Process: 14830 ExecStop=/usr/sbin/courierlogger -pid=${SSLPIDFILE} -stop (code=exited, status=0/SUCCESS)
  Process: 14834 ExecStart=/bin/sh -c set -a; . /etc/courier-imap/pop3d; . /etc/courier-imap/pop3d-ssl; /usr/bin/env POP3_TLS=1 POP3_STARTTLS=NO POP3_TLS_REQUIRED=0 /usr/sbin/courierlogger $SSLLOGGEROPTS -pid=${SSLPIDFILE} -start -ret-child-exitcode -name=courier-pop3s ${tcpd_bin} -address=${SSLADDRESS} -maxprocs=${MAXDAEMONS} -maxperip=${MAXPERIP} $TCPDOPTS ${SSLPORT} ${COURIERTLS} -server -tcpd ${pop3dlogin_bin} ${pop3d_bin} ${MAILDIRPATH} (code=exited, status=0/SUCCESS)
 Main PID: 14837 (courierlogger)
    Tasks: 2
   Memory: 268.0K
   CGroup: /system.slice/courier-pop3s.service
           ├─14837 /usr/sbin/courierlogger -name=pop3d-ssl -pid=/run/pop3d-ssl.pid -start -ret-child-exitcode -n...
           └─14838 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 995 /u...

Jun 27 11:10:43 willow.mag-sol.com systemd[1]: Starting Courier POP3 server with SSL/TLS support...
Jun 27 11:10:43 willow.mag-sol.com systemd[1]: Started Courier POP3 server with SSL/TLS support.

They're listening on the right ports:

# lsof -i -P -n | grep -E ':(110|995)'
couriertc 14801                 root    3u  IPv6 4183489549      0t0  TCP *:110 (LISTEN)
couriertc 14838                 root    3u  IPv6 4183486770      0t0  TCP *:995 (LISTEN)

And, as far as I can see, the Firewall seems be letting connections through:

 

[davorg]

Hmm... was unable to edit my post to add the final section.

But running nc from another machine doesn't see them.

$ nc -z mag-sol.com 1-1024
Connection to mag-sol.com (82.165.135.123) 22 port [tcp/ssh] succeeded!
Connection to mag-sol.com (82.165.135.123) 80 port [tcp/http] succeeded!
Connection to mag-sol.com (82.165.135.123) 443 port [tcp/https] succeeded!

The problem started on 11 June and my server auto-updated to Plesk Obsidian 18.0.44 Update 2 the day before. So that could be the problem.

Has anyone else seen this? Any suggestions to fix it?

 

[mow]

Have a look with tcpdump to see whether the packets reach the server at all.

 

[davorg]

So it looks like the problem is here:

# lsof -i -P -n | grep -E ':(110|995)'
couriertc 14801                 root    3u  IPv6 4183489549      0t0  TCP *:110 (LISTEN)
couriertc 14838                 root    3u  IPv6 4183486770      0t0  TCP *:995 (LISTEN)

The services are both only running on IPv6. How do I fix that?

 

[mow]

Could you get the full parameters of couriertcpd?
Also, netstat -putln|grep courier or lsof -i -P -n | grep courier, which ever you prefer.
But I think you'll need to look trough /etc/courier/ or wherever courier has its config (I use dovecot so I don't know).

 

[davorg]

Could you get the full parameters of couriertcpd?

ps -ef | grep couriertcp
root 14800 1 0 Jun27 ? 00:00:00 /usr/sbin/courierlogger -name=pop3d -pid=/run/pop3d.pid -start -ret-child-exitcode -name=courier-pop3d /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 110 /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
root 14801 14800 0 Jun27 ? 00:00:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 110 /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
root 14837 1 0 Jun27 ? 00:00:00 /usr/sbin/courierlogger -name=pop3d-ssl -pid=/run/pop3d-ssl.pid -start -ret-child-exitcode -name=courier-pop3s /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 995 /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
root 14838 14837 0 Jun27 ? 00:00:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 995 /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
root 14874 1 0 Jun27 ? 00:00:00 /usr/sbin/courierlogger -name=imapd -pid=/run/imapd.pid -start -ret-child-exitcode -name=courier-imapd /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 143 /usr/sbin/imaplogin /usr/bin/imapd Maildir
root 14875 14874 0 Jun27 ? 00:00:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 143 /usr/sbin/imaplogin /usr/bin/imapd Maildir
root 14912 1 0 Jun27 ? 00:00:00 /usr/sbin/courierlogger -name=imapd-ssl -pid=/run/imapd-ssl.pid -start -ret-child-exitcode -name=courier-imaps /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/bin/imapd Maildir
root 14913 14912 0 Jun27 ? 00:00:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/bin/imapd Maildir

Also, netstat -putln|grep courier or lsof -i -P -n | grep courier, which ever you prefer.

# lsof -i -P -n | grep courier
couriertc 14801                 root    3u  IPv6 4183489549      0t0  TCP *:110 (LISTEN)
couriertc 14838                 root    3u  IPv6 4183486770      0t0  TCP *:995 (LISTEN)
couriertc 14875                 root    3u  IPv6 4183489751      0t0  TCP *:143 (LISTEN)
couriertc 14913                 root    3u  IPv6 4183490577      0t0  TCP *:993 (LISTEN)

But I think you'll need to look trough /etc/courier/ or wherever courier has its config (I use dovecot so I don't know).

Will do. But this is all a completely standard Plesk installation. I've not fiddled with stuff at all.

Thanks for taking an interest.

Dave...