[Dovecot] compressed IMAP traffic

Patrick Domack patrickdk at patrickdk.com
Tue Sep 29 07:27:14 EEST 2009 

Just playing some more and noticed using:
gnutls-cli (GnuTLS) 2.4.2

always says compression isn't supported, even when version 2.0.4 says it was.

gnutls-cli 2.4.2 from ubuntu 9.04 x64, Compression: DEFLATE, NULL

gnutls-cli 2.0.4 from ubuntu 8.04 x64, Compression: LZO, DEFLATE, NULL

I also noticed 2.4.2 would connect using aes-128, whereas 2.0.4 would  
connect using aes-256


Quoting Patrick Domack <patrickdk at patrickdk.com>:

> The command I used was:
>
> gnutls-cli --protocols NORMAL:+COMP-DEFLATE --insecure -p 993
>
> I have tried the --comp option, but it always fails for me (ubuntu 8.04)
>
> gnutls-cli (GnuTLS) 2.0.4
>
> Redhat is 5.3
> Freebsd is 6.3
>
>
> Quoting Leonardo Rodrigues <leolistas at solutti.com.br>:
>
>> Timo Sirainen escreveu:
>>>
>>> And DEFLATE gives the exact same error? LZO isn't supported by OpenSSL.
>>>
>>>
>>   yes ... error from DEFLATE and LZO are exactly the same on
>> gnutls-cli output and maillog on the CentOS 5.3 box.
>>
>>> Well, not the same server but looks like this one works too:
>>>
>>> gnutls-cli --priority NORMAL:+COMP-DEFLATE -p 993 secure.emailsrvr.com
>>>
>>> And just for fun I tried imap.gmail.com, that didn't support
>>> compression.
>>>
>>
>>   i had tried imap.gmail.com too :)
>>
>>   interesting findings ..... from CentOS 5.3, i cant get any
>> compression method to work:
>>
>> [root at correio dovecot]# gnutls-cli --insecure -p 993 -p 993
>> secure.emailsrvr.com --comp LZO DEFLATE NULL [ ......]
>> - Version: TLS 1.0
>> - Key Exchange: DHE RSA
>> - Cipher: AES 256 CBC
>> - MAC: SHA
>> - Compression: NULL
>>
>>   but from a Fedora 8 box:
>>
>> [root at correio ~]# gnutls-cli --insecure -p 993 -p 993
>> secure.emailsrvr.com --comp LZO DEFLATE NULL
>> [ ......]
>> - Version: TLS 1.0
>> - Key Exchange: DHE RSA
>> - Cipher: AES 256 CBC
>> - MAC: SHA
>> - Compression: DEFLATE
>>
>>
>>   and Fedora 8 OpenSSL is even older than CentOS 5.3 one:
>>
>> CentOS 5.3:
>> [root at correio dovecot]# rpm -qi openssl
>> Name        : openssl                      Relocations: (not relocatable)
>> Version     : 0.9.8e                            Vendor: CentOS
>> Release     : 12.el5                        Build Date: Fri 04 Sep 2009
>> 09:33:56 AM BRT
>>
>> Fedora 8:
>> [root at correio ~]# rpm -qi openssl
>> Name        : openssl                      Relocations: (not relocatable)
>> Version     : 0.9.8b                            Vendor: Fedora Project
>> Release     : 17.fc8                        Build Date: Mon 15 Oct 2007
>> 07:56:22 PM BRST
>>
>>   probably there's some build option on CentOS that is disabling
>> compression. If 0.9.8b on Fedora8 built in October/2007 can do it, so
>> 0.9.8e on CentOS 5.3 built on September/2009 should be able to do it
>> too ....... oh boy, i really hate those weirds compilation options from
>> Redhat  .... :\
>>
>> -- 
>>
>>
>> 	Atenciosamente / Sincerily,
>> 	Leonardo Rodrigues
>> 	Solutti Tecnologia
>> 	http://www.solutti.com.br
>>
>> 	Minha armadilha de SPAM, NÃO mandem email
>> 	gertrudes at solutti.com.br
>> 	My SPAMTRAP, do not email it

More information about the dovecot mailing list