[Dovecot] Windows 8 issues (using Live/Outlook)
Hi!
I am trying to make Windows 8 using Live 2012 and Outlook 2010 login in Dovecot POP3s. However, I receive this message in log:
Feb 28 07:32:05 ipanema dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.0.0.10, lip=10.0.0.1, TLS handshaking: Disconnected, session=<joP78nTz9ACsFQAF>
Note that user is sent as blank and this is the only log line. I used debug mode too:
Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Warning: SSL failed: where=0x2002: SSLv3 read client certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Feb 28 09:07:07 ipanema dovecot: auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat Feb 28 09:07:07 ipanema dovecot: auth: Debug: auth client connected (pid=8138) Feb 28 09:07:07 ipanema dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.0.0.10, lip=10.0.0.1, TLS handshaking: Disconnected, session=<QDraRnbzMwCsFQAF>
Analysing the traffic with tshark, I can see:
0.007163 10.0.0.10 -> 10.0.0.1 TLSv1.2 331 Certificate, Server Hello Done
I am using Dovecot 2.2.9 and I think it is TLS compatible. External (non-MS) clients, as Mozilla Thunderbird and Sylpheed, are working fine.
Can someone point me a light?
# 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 ext4
Thanks in advanced.
Regards,
Eriberto
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 28 Feb 2014, Eriberto wrote:
Feb 28 07:32:05 ipanema dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.0.0.10, lip=10.0.0.1, TLS handshaking: Disconnected, session=<joP78nTz9ACsFQAF>
Note that user is sent as blank and this is the only log line. I used debug mode too:
Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [10.0.0.10] Feb 28 09:07:07 ipanema dovecot: pop3-login: Warning: SSL failed: where=0x2002: SSLv3 read client certificate A [10.0.0.10]
I am using Dovecot 2.2.9 and I think it is TLS compatible. External (non-MS) clients, as Mozilla Thunderbird and Sylpheed, are working fine.
Can someone point me a light?
Does Windows trust your CA?
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUxV+THD1/YhP6VMHAQJO0QgAtZphMeoIULp77Jr8//sJBQkaVxHhX27B /+1nf1qyQLXdB80sFyMFAHvVTuNGuW9FMyQ9LsbG07v5BJsUr3Phhp/Nhu+vYABw Yd2fuz/Uha9frWLf+I01riWcHgBOEpdsm2zMacXVkb4I6mo9E2Vhv1c5AW4UcIIN CCjKgPsCaayTtPGzGZ6CU+37ID8bfXAJTsB/MS2+dhHHQ8rlTTrC0s7UnNKltYm5 u9wUdkGGujQDQXHqcMoEY8uJWDjxze2YWRGL0veoC3G30Jr5sDdSfbV2ekRSt/+P ZePKCaC/aDjHptnPT6IjaxuedegRsh4vX0HZbF0XEFXXGP6QWYZriA== =Cs+O -----END PGP SIGNATURE-----
participants (2)
-
Eriberto
-
Steffen Kaiser