[Dovecot] STARTTLS problem
Lucas -LandM-
lucas at landm.net
Wed Feb 2 22:28:39 EET 2011
Hi,
We try to configure dovecot as usual (all our servers have
dovecot+vpopmail+qmail or postfix).
We set up dovecot with the next outcome:
- imap ok
- imaps ok
- imap STARTTLS NOT OK
Debug:
root at s13:/home/lucas# gnutls-cli --starttls -p 143 ip
Resolving 'ip'...
Connecting to 'ip'...
- Simple Client Mode:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready.
*** Starting TLS handshake
*** Non fatal error: Resource temporarily unavailable, try again.
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
Same result with thunderbird and openssl.
Log:
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x10,
ret=1: before/accept initialization [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: before/accept initialization [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv2/v3 read client hello A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 read client hello A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server hello A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write certificate A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server done A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 flush data [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.61.13.57]
Feb 2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.61.13.57]
Feb 2 20:27:34 s13 dovecot: imap-login: Warning: SSL failed:
where=0x2002: SSLv3 read client certificate A [83.61.13.57]
Feb 2 20:27:34 s13 dovecot: imap-login: Disconnected (no auth
attempts): rip=83.61.13.57, lip=109.200.5.221, TLS handshaking: Disconnected
My config:
# 2.0.9: /opt/dovecot/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-27-server x86_64 Ubuntu 8.04
auth_mechanisms = plain login cram-md5
default_login_user = vpopmail
disable_plaintext_auth = no
first_valid_gid = 89
first_valid_uid = 89
last_valid_gid = 89
last_valid_uid = 89
listen = ip
mail_debug = yes
mail_gid = 89
mail_uid = 89
passdb {
driver = vpopmail
}
plugin {
quota = maildir:User quota
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
setting_name = quota, trash
}
protocols = imap pop3
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service imap {
process_limit = 1024
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
process_limit = 1024
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = vpopmail
}
verbose_ssl = yes
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
}
protocol pop3 {
mail_max_userip_connections = 3
pop3_client_workarounds = outlook-no-nuls ,oe-ns-eoh
pop3_uidl_format = %08Xu%08Xv
}
Any clue?
Thank you in advanced,
Lucas
More information about the dovecot
mailing list