[Dovecot] STARTTLS problem

Hi

I have a problem with STARTTLS, with imaps all ok. I have tried to connect to server with different clients (thunderbird, the bat, mulberry) and had same result. Thunderbird log for example:

0[284708]: 25c0e08:192.168.4.200:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN 1920[25c77c8]: ImapThreadMainLoop entering [this=25c0e08] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:ProcessCurrentURL: entering 1920[25c77c8]: 25c0e08:192.168.4.200:NA:ProcessCurrentURL:imap://test%40my%2Elocal@192.168.4.200:143/select%3E/INBOX: = currentUrl 1920[25c77c8]: ReadNextLine [stream=25c8020 nb=210 needmore=0] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: * OK [CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS LIST-EXTENDED I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

1920[25c77c8]: 25c0e08:192.168.4.200:NA:SendData: 1 capability

1920[25c77c8]: ReadNextLine [stream=25c8020 nb=190 needmore=0] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS LIST-EXTENDED I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN

1920[25c77c8]: ReadNextLine [stream=25c8020 nb=28 needmore=0] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: 1 OK Capability completed.

1920[25c77c8]: 25c0e08:192.168.4.200:NA:SendData: 2 STARTTLS

1920[25c77c8]: ReadNextLine [stream=25c8020 nb=33 needmore=0] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: 2 OK Begin TLS negotiation now.

1920[25c77c8]: 25c0e08:192.168.4.200:NA:SendData: 3 capability

my comment - at this place the process is waiting

1920[25c77c8]: ReadNextLine [stream=25c8020 nb=0 needmore=1] 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: clearing IMAP_CONNECTION_IS_OPEN - rv = 804b0014 1920[25c77c8]: 25c0e08:192.168.4.200:NA:TellThreadToDie: close socket connection 1920[25c77c8]: 25c0e08:192.168.4.200:NA:CreateNewLineFromSocket: (null) 1920[25c77c8]: 25c0e08:192.168.4.200:NA:ProcessCurrentURL: aborting queued urls 1920[25c77c8]: ImapThreadMainLoop leaving [this=25c0e08]

At same time dovecot log:

Jul 29 18:33:08 freebsd dovecot: auth(default): new auth connection: pid=3339 Jul 29 18:33:34 freebsd dovecot: imap-login: Disconnected (no auth attempts): rip=192.168.4.100, lip=192.168.4.200, TLS handshaking: Disconnected

What does it mean, i don't know, because if I try to connect with gnutls-cli it works perfectly.

freebsd# dovecot -n # 1.1.16: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.2-RELEASE i386 ufs syslog_facility: local0 protocols: imap imaps pop3 pop3s ssl_key_file: /etc/ssl/keys/dovecot.pem disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_uid: 4738 mail_gid: 4738 mail_location: maildir:/var/mail/vmail/%d/%n mail_debug: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): acl mail_plugins(imap): acl mail_plugins(pop3): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: public/ location: maildir:/var/mail/vmail/%d/public:INDEX=/var/mail/vmail/%d/%n/public/index:CONTROL=/var/mail/vmail/%d/%n/public/control list: yes subscriptions: yes auth default: mechanisms: plain login username_format: %Lu verbose: yes debug: yes passdb: driver: passwd-file args: /usr/local/etc/passwd.dovecot userdb: driver: passwd-file args: /usr/local/etc/passwd.dovecot socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 plugin: acl: vfile

any ideas ?

Regards, Sergey