GroupWise server abends when retrieving mail via IMAP4

RESOLVED INVALID

Status

MailNews Core
Networking: IMAP
--
critical
RESOLVED INVALID
15 years ago
9 years ago

People

(Reporter: Paul Lieberman, Assigned: Bienvenu)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

15 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.3) Gecko/20030312
Build Identifier: 1.3

My server is GroupWise 6.0.2 running on NetWare 5.1 SP5. I was testing Mozill
1.3 mail on a RedHat 8 laptop. At first everything was fine. But twice the
client could no longer read new messages and would just hang. I then used my
remote access to the server and saw that it had abended. (ABEND is Novell speak
for crash.) Since the server is otherwise stable I'm assuming cause and effect
here. Plus the abend log (available upon request) implicates the IMAP4 process. 

Reproducible: Sometimes

Steps to Reproduce:
1. Read mail
2. Retrieve new mail
3. Read more mail

Actual Results:  
Stoped working

Expected Results:  
Kept working

I haven't test the Windows or Mac version of 1.3 Mail to see if I could
reproduce this. I will try and do so.
(Assignee)

Comment 1

15 years ago
server crashing is not an indication of a mozilla bug. It's an indication of a
server bug. The server should never crash no matter what is thrown at it, and I
believe we generate valid IMAP that doesn't crash any other server that I know
of. I would say this bug is invalid; however, here's how to generate a client
side protocol log so we might have a clue which imap command is crashing the server:

http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html#imap

Hello,

I just wanted to tell you that at my place of employment we use GroupWise and
the mail admin keeps telling me that my userid is causing the server to fail. He
first told me this after I upgraded to version 1.3 alpha. He just sent me
another message today which is why I searched Bugzilla for this bug.

While no other server may be crashed by Mozilla, Mozilla itself didn't crash
this server until 1.3. Using the same logic as before, no other client crashes
this server. I would try to give you logs but since now I know that my client is
causing this I can't continue to access the server with Mozilla since it is a
production system and the crashes affect thousands of users.

Hopefully somebody else can provide this documentation though, I'm just chiming
in to let you all know that this isn't isolated.
(Assignee)

Comment 3

15 years ago
does anyone have the junk mail controls enabled for their GW accounts? That
causes custom keywords to get set and that's something that some imap servers
have trouble with (though we only set custom keywords if the server advertises
the capability)

Comment 4

15 years ago
My work uses Groupwise and won't let me use Mozilla mail (Windows XP running
Mozilla v1.3b 2003021008) any more - takes down the server as described below. 
They enabled Junkmail tagging on the server a couple of weeks back and the
problem has occured since, don't know if that's significant.
(Assignee)

Comment 5

15 years ago
what does this mean? "They enabled Junkmail tagging on the server" Did they
enable user-defined keywords in imap?

Comment 6

15 years ago
this is all our IT told me:
 *  Identification of spam mail. Any message that fails a series of tests
including being sent from know sources of spam will be delivered to the end user
with the expression "{spam?}" at the beginning of the Subject line.

I'm afraid that's all I know, don't know anything about the server side of
email.  I could ask them, but don't hold your breath for an answer...
(Assignee)

Comment 7

15 years ago
ok, thx, that sounds unrelated.

Comment 8

15 years ago
I had this problem also with GroupWise 6.0.2 and 6.0.3.  I was using Mozilla 
1.3 with junk mail controls on using WinXP, SP1.  I also tried Mozilla 1.3.1 
with the same results.  I could reproduce the problem in my lab by simply 
sending myself junk mail.  I could not, however, reproduce the problem with 
Windows 2000, SP3. =/

I called Novell and worked with a very good tech for a couple of days.  It 
looks like the latest beta of the GroupWise 6 Internet Agent (fgwia64a.exe) 
resolves this issue. (This should be the code that will become GroupWise 6.0.4).

FYI I did disable junk mail filtering a few weeks ago and the IT guys haven't
said anything to me so this might be the issue.

Comment 10

14 years ago
This is a known Denial of Service vulnerability in the GroupWise Internet Agent
(GWIA):
  http://support.novell.com/cgi-bin/search/searchtid.cgi?/10083433.htm

It's known as Novell Support TID: 10083433 (possibly the TID opened by Comment #8?)

It appears to be directly related to having Junk Mail filtering turned on. I've
turned off Junk mail filtering in Mozilla 1.5a, and the issue stops occuring,
turning it back on crashes our GroupWise 6sp3 GWIA, though none of our other
IMAP servers (Cyrus and Courier) encounter any issues...

There still does not yet appear to be a production-quality patch available for
GroupWise, nor does Novell seem to consider this a DoS vulnerability
(http://search.novell.com/NSearch/SearchServlet?&query=+%28%2FFlag_Security_Alert%3DTrue%29&index=Support&bbindex=BestBets&numhits=20&lang=&template=ResultListTerseTemplate.html&theme=support&encoding=UTF8&sortbydate=true)
but none-the-less, it is a DoS vulnerability in GroupWise...
(Assignee)

Comment 11

14 years ago
"This is fixed in GroupWise 6 GWIA code dated 4-17-2003 and should be included
in GroupWise 6 support pack 4." Is Support pack 4 not out yet?

Anyway, the client isn't doing anything wrong - I'm marking this invalid.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → INVALID

Comment 12

14 years ago
GroupWise support pack 4 is not out yet. The beta hot-fix "fgwia64a.exe" no
longer appears to be avaiable, so it appears the only place to snatch the newer
GWIA is possibly from Novell's non production quality BETA release of SP4.
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.