[Dovecot] SSL with startssl.com certificates

Reindl Harald h.reindl at thelounge.net
Tue Sep 17 17:05:39 EEST 2013 


Am 17.09.2013 15:57, schrieb Dan Langille:
> On 2013-09-17 09:26, Reindl Harald wrote:
>> Am 17.09.2013 15:01, schrieb Dan Langille:
>> On 2013-09-17 08:43, Reindl Harald wrote:
>> Am 17.09.2013 14:39, schrieb Dan Langille:
>> On 2013-09-16 20:28, Noel Butler wrote:
>> Since we just ruled this one out, might I suggest you grab the source
>> and build it, install it all under /opt/dovecot  that way it wont
>> interfere with your ports installation and try that, the one you
>> successfully just tested uses dovecot 2.1 not 2.2, so maybe try source
>> of 2.1 and see if it works.
>>
>> I just tried 2.1.16.  The iPhone has no trouble on 143 but on 993, it's just like 2.2
>>
>> But, if it does work on port 143 with TLS I wouldnt worry too much about it
>>
>> tcpdump is showing me raw text going past, so I know I'm not getting TLS on either Dovecot 2.1 or 2.2
>>
>> It seems that TLS is not supported by my client.  Pity.
>>
>> iPhone is the worst mail client on this planet but for sure supports TLS
>>
>> Apple is here the same as Microsoft
>>
>> * remove the account completly
>> * add it again and it will detect that encryption is available
>>
>> Done. But tcpdump is still showing me plain text.
>>
>> and you surely have "ssl = yes" in your configuration?
>> "dovecot -n" does not show it here too while it is there
> 
> I do.
> 
>> "dovecot -n" does not show it here too while it is there
>>
>> *what* says "telnet your-server 143"
> 
> $ telnet imaps.unixathome.org 143
> Trying 199.233.228.197...
> Connected to imaps.unixathome.org.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.
> 
> 
>> if it is configured correctly you see "STARTTLS" in the capabilities
>> if you do not see it than the problem is a completlöy different one
>>
>> * OK [CAPABILITY IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN
>> SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
>> STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=LOGIN AUTH=PLAIN AUTH=SCRAM-SHA-1]

may i suggest that you try a different mail client?
pretty sure that this is one of the uncountable cases where Apple devices are failing

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130917/8f9fe705/attachment.bin>

More information about the dovecot mailing list