Hi Timo, thanks for getting back to me.
Timo Sirainen <tss@iki.fi> writes:
On to, 2010-06-03 at 12:51 -0400, Joel James Adamson wrote:
However, I can't connect to the managesieve daemon. I've tried the Emacs client[1], and it just hangs.
Cyrus version of managesieve was implemented differently than spec, and since it was pretty much the only implementation, many clients just made it work the Cyrus way. Cyrus was somewhat recently fixed, but there are still clients that work the old way. Maybe emacs is one of them.
Yes, I believe that's the case, but my real point was that this problem isn't client-specific.
"IMPLEMENTATION" "dovecot" "SIEVE" "comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date" "SASL" "PLAIN" "STARTTLS" "NOTIFY" "mailto" "VERSION" "1.0" OK "Dovecot ready." *** Starting TLS handshake C-c C-c
You didn't give STARTTLS command. http://tools.ietf.org/html/draft-martin-managesieve-12
Thanks: now that I did that, I get that the hostname doesn't match the one in the certificate, since I was using "localhost" in the gnutls-cli command, and the certificate has the FQDN.
Now that I use my FQDN, I get this:
Resolving 'host.name.in.question.edu'... Connecting to '::1:2000'... Cannot connect to host.name.in.question.edu:2000: Connection refused
I thought this might be the problem:
joel@hostname: ~ > nmap localhost
Starting Nmap 5.21 ( http://nmap.org ) at 2010-06-04 15:16 EDT Nmap scan report for localhost (127.0.0.1) Host is up (0.00075s latency). rDNS record for 127.0.0.1: hostname Not shown: 990 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 443/tcp open https 631/tcp open ipp 993/tcp open imaps =>2000/tcp open cisco-sccp<= 3306/tcp open mysql 5900/tcp open vnc 6000/tcp open X11
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
But when I use a different port, enabled in dovecot.conf and opened from the firewall, I still get connection refused from gnutls-cli. This could be from our campus firewall.
Just how safe is it to create a certificate that says "localhost?" I could just use Squirrelmail's Avelsieve to manipulate my Sieve scripts.
Joel
-- Joel J. Adamson Servedio Lab University of North Carolina at Chapel Hill
FSF Member #8164 http://www.unc.edu/~adamsonj