[Dovecot] Problem with IMAP on port 993
This is probably a misconfiguration of my MUA; however, I thought I would ask here first.
I am using IMAP with Dovecot. Claws-mail is my MUA. Now, when fetching mail via port 143, everything works fine:
Mar 29 10:33:00 imap-login: Info: Login: user=user@domain.net, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS
However, when I attempt to fetch mail via port 993, I get this message in the log:
Mar 29 10:28:35 imap-login: Info: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected
I think I have everything set up correctly.
# dovecot -n (portions obfuscated)
# 1.2.10: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.3-STABLE i386 ufs log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot.log protocols: pop3 pop3s imap imaps managesieve listen(default): * listen(imap): * listen(pop3): * listen(managesieve): localhost:2000 login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login login_greeting: Greetings From my-domain.net verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location(default): maildir:/var/mail/vhost/my-domain.net/user:INDEX=/var/mail/vhost/my-domain.net/user mail_location(imap): maildir:/var/mail/vhost/my-domain.net/user:INDEX=/var/mail/vhost/my-domain.net/user mail_location(pop3): maildir:/var/mail/vhost/my-domain.net/user:INDEX=/var/mail/vhost/my-domain.net/user mail_location(managesieve): maildir:/var/mail/vhost/my-domain.net/user mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_plugins(default): expire mail_plugins(imap): expire mail_plugins(pop3): expire mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): dict_db_config: /usr/local/etc/dovecot-db.conf managesieve_logout_format(default): bytes=%i/%o managesieve_logout_format(imap): bytes=%i/%o managesieve_logout_format(pop3): bytes=%i/%o managesieve_logout_format(managesieve): bytes ( in=%i : out=%o ) lda: postmaster_address: postmaster@my-domain.net mail_plugins: expire mail_plugins: sieve sieve: /usr/local/etc/dovecot/sieve/user.sieve sieve_global_path: /usr/local/etc/dovecot/sieve/user.sieve sendmail_path: /usr/sbin/sendmail auth default: mechanisms: cram-md5 digest-md5 plain login username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@+ username_format: %Lu passdb: driver: sql args: /usr/local/etc/dovecot-sql.conf userdb: driver: sql args: /usr/local/etc/dovecot-sql.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 438 master: path: /var/run/dovecot/auth-master mode: 438 plugin: expire: Trash 1 Spam 30 Sent 10 expire_dict: proxy::expire dict: expire: mysql:/usr/local/etc/dovecot-dict-expire.conf
-- Jerry Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
Have the courage to take your own thoughts seriously, for they will shape you.
Albert EinsteinOn Mon, Mar 29, 2010 at 10:48:00AM -0400, Jerry wrote:
I am using IMAP with Dovecot. Claws-mail is my MUA. Now, when fetching mail via port 143, everything works fine:
Mar 29 10:33:00 imap-login: Info: Login: user=user@domain.net, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS
However, when I attempt to fetch mail via port 993, I get this message in the log:
Mar 29 10:28:35 imap-login: Info: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected
Try connecting like this:
openssl s_client -connect 127.0.0.1:993If it connects OK, then try sending some IMAP commands:
a login user@domain.net yourpassword
a examine inbox
a logoutIf that's OK, then your MUA may have disconnected without sending anything. Perhaps it rejected your certificate? Or your MUA might be trying to connect using non-SSL IMAP on port 993? Maybe it only supports STARTTLS for SSL, in which case you'd use this on port 143.
HTH,
Brian.
Am 29.03.2010 16:48, schrieb Jerry:
This is probably a misconfiguration of my MUA; however, I thought I would ask here first.
I am using IMAP with Dovecot. Claws-mail is my MUA. Now, when fetching mail via port 143, everything works fine:
Mar 29 10:33:00 imap-login: Info: Login: user=user@domain.net, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS
However, when I attempt to fetch mail via port 993, I get this message in the log:
Mar 29 10:28:35 imap-login: Info: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected
I think I have everything set up correctly.
# dovecot -n (portions obfuscated)
# 1.2.10: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.3-STABLE i386 ufs log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot.log protocols: pop3 pop3s imap imaps managesieve listen(default): * listen(imap): * listen(pop3): * listen(managesieve): localhost:2000 login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login
I don't see any ssl-cert-file parameter in your config.
On Mon, 29 Mar 2010 20:32:45 +0200, Patrick Wallura patrick.wallura@medictronic.de articulated:
I don't see any ssl-cert-file parameter in your config.
I finally figured out what the problem was. It was a misconfiguration of the MUA.
In any case, I do have the files listed in my dovecot.conf:
ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem
I am not sure why "dovecot -n" does not show them. I also noticed another error. At the end of the output of "dovecot -n" is this notation:
client:
path: /var/run/dovecot/auth-client
mode: 438
master:
path: /var/run/dovecot/auth-master
mode: 438However, in my conf file, it is listed like this:(snippet)
master {
path = /var/run/dovecot/auth-master
mode = 0666
}
client {
path = /var/run/dovecot/auth-client
mode = 0666From the "/var/run/dovecot" directory:
drwxr-xr-x 3 root wheel 512B Mar 26 05:33 ./ drwxr-xr-x 16 root wheel 1.0K Mar 29 05:32 ../ srw-rw-rw- 1 root wheel 0B Mar 26 05:33 auth-client= srw-rw-rw- 1 root wheel 0B Mar 26 05:33 auth-master= srw------- 1 root wheel 0B Mar 26 05:33 auth-worker.1250= srwxrwxrwx 1 root wheel 0B Mar 26 05:33 dict-server= lrwx------ 1 root wheel 27B Mar 26 05:33 dovecot.conf@ -> /usr/local/etc/dovecot.conf drwxr-x--- 2 root dovecot 512B Mar 26 05:33 login/ -rw------- 1 root wheel 5B Mar 26 05:33 master.pid
I am not sure if something is wrong or not. In any case, everything is working correctly again.
-- Jerry Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
FORTUNE PROVIDES QUESTIONS FOR THE GREAT ANSWERS: #15
A: The Royal Canadian Mounted Police. Q: What was the greatest achievement in taxidermy?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 29 Mar 2010, Jerry wrote:
ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem
They're the defaults, most likely. dovecot -a displays all settings in effect.
I am not sure why "dovecot -n" does not show them. I also noticed another error. At the end of the output of "dovecot -n" is this notation:
Which error?
client: path: /var/run/dovecot/auth-client mode: 438
438 is the decimal form of the octal 0660
However, in my conf file, it is listed like this:(snippet)
client { path = /var/run/dovecot/auth-client mode = 0666
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS7GiZL+Vh58GPL/cAQJlrAf/RHTBD1KCBxkocYAGXEkLHz8o65JGD3WE yF/niDM7BwL7tluQHVCXakrNAYeHpvx72ENeaV2cFIy8AZ7DPUW3CCTIZZahIP/I K6kp2W+8NuPO01NZWxpVqz1z8XRtPKXf89+5EG4/qoyqU8gkv6w/WMVaZZGYQw7u Zy2wzfH1DzVOP/g9+3J1hWwVukUIve3P1blglnZb6265Sg8LjHtRzpj2WOcHUEuz Wb5hLnVHMVAmMJZO/1G6EpnbYxzbg6f1frUVD/BW+gxsZGq0SGZcmbufXkBtlqPa LAAUPx5DYcty8U30JG+bE0ZMZDe4UZNMdskJVygeaHNr7zZyvsbh/A== =TqOE -----END PGP SIGNATURE-----
On Tue, 30 Mar 2010 09:04:01 +0200 (CEST), Steffen Kaiser skdovecot@smail.inf.fh-brs.de articulated:
On Mon, 29 Mar 2010, Jerry wrote:
ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem
They're the defaults, most likely. dovecot -a displays all settings in effect.
I am not sure why "dovecot -n" does not show them. I also noticed another error. At the end of the output of "dovecot -n" is this notation:
Which error?
client: path: /var/run/dovecot/auth-client mode: 438
438 is the decimal form of the octal 0660
However, in my conf file, it is listed like this:(snippet)
client { path = /var/run/dovecot/auth-client mode = 0666
Now I see. I think a simple notation indicating that it was displaying the decimal form might have been useful. Since it is working correctly now, I assume that dovecot can accept either the decimal or octal forms.
Question: What would have happened if I had just entered: 660? Would dovecot have internally converted it to decimal: 102? That does not seem like a good idea.
Note: I believe, and that is subject to review, that decimal 438 = octal 666. Decimal 438 = octal 0660. (comments)
BTW, I was not aware of the '-a' flag. Besides '-a' & '-n' are there any others?
Thanks for your feedback.
-- Jerry Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
The trouble with being punctual is that people think you have nothing more important to do.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Mar 2010, Jerry wrote:
438 is the decimal form of the octal 0660
Now I see. I think a simple notation indicating that it was displaying the decimal form might have been useful. Since it is working
Well, it's C notation:
[1-9][0-9]* -> decimal 0[0-7]* -> octal 0x[0-9a-zA-Z]* -> hexadecimal
BTW, I was not aware of the '-a' flag. Besides '-a' & '-n' are there any others?
Yep, http://wiki.dovecot.org/CommandLine
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS7HBdr+Vh58GPL/cAQKhEQf/Rj0DX6Mrn5IZXFIp8WKPmvVQPnSwFlr/ 7e34bZiDYZa9FmJlCPdTFxUtS1d/CJ/r7rOZYBWTwK1jI/b0zvQ3N13ceC4pFzpq oo/7AtZM0/7KVrHFAtVm9X1kc5kz9QiEbB77aaAvOIPjaKvLSgPgHbJJr9mKm7qV w8CjX45JK1SgYzqVB3SvAdiEWNX4zu64s1O4LgebdhC11lpO3lcfJnoz9xEX+PXL wjVmmWyBxD4AoSLTe3sQzyaFHxOuOWBo+yHcR3OYhkN6m4MrwOkGF2/mJ2lqwx+U jk/t3ZFQnCjappz3xmKXj0AQ5hN28wisDsi6HNX/LziydasEqMpYhg== =Y8iW -----END PGP SIGNATURE-----
participants (4)
-
Brian Candler
-
Jerry
-
Patrick Wallura
-
Steffen Kaiser