[Dovecot] IMAP STARTTLS Problem
Patrick Ben Koetter
p at state-of-mind.de
Sat May 5 23:44:46 EEST 2012
* Markus Fritz <markus.fritz at opsys.de>:
> Am 05.05.2012 21:06, schrieb Markus Fritz:
> >Hello,
> >
> >I have this problem:
> >May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth
> >attempts): rip=84.150.52.31, lip=78.46.216.126
> >
> >Connecting via Thunderbird to STARTTLS won't work, but with a website
> >from the same server it works for tls://opsys.de.
> >So why is the port closed for external ip's?
> >IPTABLES entry for imap is this:
> >fail2ban-dovecot-pop3imap tcp -- anywhere anywhere
> > multiport dports pop3,pop3s,imap2,imaps
> >
> >Key files are correct TLS is working from localhost.
> >
> >System is Debian squeeze
>
> Thunderbird says 'tls not available due temporary reason' now.
Assuming your server cert is located in /etc/ssl/certs/ca-certificates.crt try
this on your server:
openssl s_client -starttls imap -CAfile /etc/ssl/certs/ca-certificates.crt -connect localhost:143
Use "2 logout" to get out of the session.
If it works, try the same from your client host.
Does it work both times?
p at rick
--
state of mind ()
http://www.state-of-mind.de
Franziskanerstraße 15 Telefon +49 89 3090 4664
81669 München Telefax +49 89 3090 4666
Amtsgericht München Partnerschaftsregister PR 563
More information about the dovecot
mailing list