Hello people,
After a lot of wading through the dovecot documentation (which btw, is excellent !, everything lies under "dovecot/doc/wiki"), I managed to authenticate a couple of accounts.
For starters, I want dovecot to work as an imap/imaps box and nothing else.
So , I went ahead and created a "passwd" file with two users. One user being my name (spyros) and plaintext password and the other user "postmaster" with encrypted password ("/etc/dovecot/passwd" shown) :
spyros@webmail.domain.gr:{PLAIN}plainpassword postmaster@webmail.domain.gr:{SSHA}SSHAPassword
Now, if I telnet to port 143 with both users, the system comes back with the following :
[root@webmail dovecot]# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready . login spyros@webmail.domain.gr password . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH] Logged in
As I said, it allows login on port 143 for both users. So, the same for "postmaster".
Now for port 993 :
[root@webmail dovecot]# openssl s_client -connect webmail.domain.gr:993 [lots of SSL-related certificate information]
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready . login spyros@webmail.domain.gr password . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH] Logged in
Again, the same for user "postmaster". I don't paste.
So, everything is fine. However, I have an issue with the (?!) issued certificate. If I check the dovecot logs I find nothing.
If on the other hand, I do the same check on the Horde application, It comes back with the following :
* Trying protocol imap/notls, Port 143:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
* Trying protocol imap/ssl, Port 993:
ERROR - The server returned the following error message:
SECURITY PROBLEM: insecure server advertised AUTH=PLAIN[SERVERBUG] Internal error occurred. Refer to server log for more
information. [2010-01-05 13:30:12]Certificate failure for localhost: self signed certificate:
/C=GR/ST=Kerkyra/L=Kerkyra/O=Tourist Enterprizes/OU=IMAP
server/CN=webmail.domain.gr/emailAddress=postmaster@webmail.domain.gr
* Trying protocol imap/ssl/novalidate-cert, Port 993:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
* Trying protocol imap/tls/novalidate-cert, Port 143:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
Now, I know I am not supposed to ask you chaps about this, but direct my questions to the horde mailing list. However, I would like an opinion before I go ahead and bug them with this.
Certificate was created with "dovecot/doc/mkcert.sh" and the relevant certificate file (can't recall its name at the moment).
Any help would be appreciated. On the other hand, If I went too far with this I apologize and I'll try to find another way to resolve this.
Thank you people,
s.