Hi,
I have an fc18 system with postfix and dovecot-2.1.13 and have configured them to use sasl for SMTP Auth and Maildir with imaps.
The system is running now, so I'm trying to set up thunderbird to autodetect all settings during the initial account setup. However, it seems to want to use port 143 and STARTTLS, and not port 993, which is what I would expect. When I force it to use 993, I receive a certificate failure message:
Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: initializing the server-side TLS engine Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: open smtpd TLS cache btree:/var/lib/postfix/smtpd_tls_session_cache Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: tlsmgr_cache_run_event: start TLS smtpd session cache cleanup Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: connect from unknown[192.168.1.43] Mar 12 23:20:45 propnew dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.1.43, lip=66.111.222.101, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42, session=<BGBS5MXXhQDAqAEr> Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: lost connection after CONNECT from unknown[192.168.1.43]
These are self-signed certs created using dovecot's mkcert.sh script. Is this a problem with the cert or with the dovecot configuration?
Is it conventional to use port 143 for encrypted IMAP connections these days, and not just 993?
I'm finding that port 25 works with TLS and postfix now too, not just port 587, so I'm really confused.
I've included my doveconf output below. I'd appreciate it if someone could review it for me to be sure.
# 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.8.1-201.fc18.x86_64 x86_64 Fedora release 18 (Spherical Cow) ext4 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes default_client_limit = 2000 disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_debug = yes mail_location = maildir:/home/%u/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 20 service_count = 0 } ssl_cert =
Thanks, Alex