Re: Cannot connect to Dovecot IMAP or POP
2. openssl s_client -connect mail.privustech.com:xxx a. xxx=25, 110, 143 all return error:140770FC
You need to add the "-starttls protocol" parameter, otherwise "openssl s_client" thinks your using SSL, not STARTTLS i.e.
openssl s_client -starttls pop3 -connect mail.privustech.com:110
openssl s_client -starttls imap -connect mail.privustech.com:143But even if you do that, you get the same error because it can't start the TLS session:
$ nc mail.privustech.com 143
* OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS LOGINDISABLED AUTH=CRAM-MD5] privustech.com IMAP4rev1 2007e.404 at Wed, 4 May 2016 22:26:36 -0400 (EDT)
x STARTTLS
x NO Server certificate not installedSo there you go, dovecot can't get at your server certificate. You can start the search of your problem from there. The configuration
verbose_ssl = yeswill help to log the problem.
ssl_dh_parameters_length = 2048
Probably not related to your problem, but this will cause wildly variable dovecot initialization times, as temp key generation of this length can result in a lot of candidate primailty testing.
Joseph Tam jtam.home@gmail.com
ssl_dh_parameters_length = 2048Probably not related to your problem, but this will cause wildly variable dovecot initialization times, as temp key generation of this length can result in a lot of candidate primailty testing.
The key generation is done once and stored to disk. Then reused until eternity.
Aki Tuomi
participants (2)
-
aki.tuomi@dovecot.fi
-
Joseph Tam