On Tue, 2013-09-17 at 08:39 -0400, Dan Langille wrote:
Since we just ruled this one out, might I suggest you grab the source and build it, install it all under /opt/dovecot that way it wont interfere with your ports installation and try that, the one you successfully just tested uses dovecot 2.1 not 2.2, so maybe try source of 2.1 and see if it works.
I just tried 2.1.16. The iPhone has no trouble on 143 but on 993, it's just like 2.2
But, if it does work on port 143 with TLS I wouldnt worry too much about it
tcpdump is showing me raw text going past, so I know I'm not getting TLS on either Dovecot 2.1 or 2.2
Hrmm, do you still have that profile of when you used my test a/c? if so TLS definitely worked, so just try changing the user/pass/server... or see whats different between the two profiles.
It seems that TLS is not supported by my client. Pity.
Yes, TLS is supported on your iphone, and works imap-login: Info: Login: user=xxx@xxxxxxxx, method=PLAIN, rip=xxxxxxx, TLS
I thank you for your help though. We have a workaround, which is good enough for my particular situation: self-signed certificates. However, that solution is not ideal for most people. It is for that reason that I'm willing to keep hacking at this if others have further ideas / suggestions.
Do you have another PC based mail client you can test with? one that you have never used to the mail server before and wont have ever accepted a cert from that server, be it startssl's, or self signed, so something completely clean, and try connect and see if cert fails?