[Dovecot] ssl connections frozen, client times out

[Steve Mulligan]

Timo Sirainen wrote:
> On Tue, 2007-04-03 at 04:12 -0400, Steve Mulligan wrote:
>   
>> I'm using the latest Thunderbird & Dovecot.   I'm trying to setup either 
>> pop3s or imaps.  The plain versions of the protocols both work fine for 
>> me, even with the TLS option selected in Thunderbird.  But when I try to 
>> use the ssl versions, my client does not negotiate - it just time's out.
>>     
>
> Since it might just as well be a Thunderbird configuration problem, try
> with openssl directly:
>
> openssl s_client -connect localhost:995
>
> If it works, try remotely the same in case it's a firewall problem. If
> that works too, it's just a Thunderbird problem.
>   


Thanks Timo.  It connects fine on localhost, but when I try from a 
remote machine, I get :

/C:\OpenSSL\bin>openssl s_client -connect pop.loftsoftware.ca:110
Loading 'screen' into random state - done
CONNECTED(000000FC)
/
Then there is a very long wait, 1-2 minutes.

/5696:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake 
failure:.\ssl\s23_lib.c:188:
/
So I would say firewall problem BUT - it works fine when I switch the 
dovecot server and thunderbird client over to plain pop on the same port.

>   
>> protocol pop3 {
>>   ssl_disable = no
>>   verbose_ssl = yes
>>   #listen = *:123
>>   #ssl_listen = *:110
>>     
>
> I hope you've never actually tried to use this "ssl_listen = *:110"
> setting? pop3s is in port 995.
>
>   



Sadly yes, for now.  I'm the only one using the pop server and I don't 
have control over opening my own ports to the outside world so I have 
been trying to get it working on 110.  It should still work on 110 from 
a remote machine though, right? 


Thanks,
Steve.