On Thu, Jul 06, 2006 at 02:48:08AM +0000, Benji Booble wrote: > I have a problem with some of the Outlook 2003 users that access the > POP3d-ssl. I only have 2 users using it, everyone else used imapd-ssl > without issue. > > We use CACert.org certificates (www.cacert.org) which appear self signed.
A CACert.org certificate will be signed by the CACert.org root. It will not be self-signed. (However it may be rejected in the same way as a self-signed certificate, until you import the CACert.org root into your client) > Mail log error: > pop3d-ssl: couriertls: accept: error:1408F10B:SSL > routines:SSL3_GET_RECORD:wrong version number This is usually either a protocol mismatch (e.g. client has been configured to try non-SSL POP3 on port 995), or as it says, the version number may be wrong (e.g. client is trying to do SSL2, server is SSL3 or TLS1). What happens if you do: # openssl s_client -connect x.x.x.x:995 Does it connect, and allow you to type in POP3 commands (USER xxxx PASS xxxx) ? What happens if you do: # telnet x.x.x.x 995 Does it just connect? > Windows error (roughly): > Timeout with mail server ... contact ISP > > Then this message goes away (and reoccurs every so often). Ah. If this is an intermittent problem, then this is almost certainly a bug in Outlook, sometimes sending bad messages when it connects. If you want to prove it for sure you'd have to capture the traffic: # tcpdump -i eth0 -n -s1500 X tcp port 995 but you'd have to decode the SSL exchange by hand (RFC 2246), to prove that the client is sending bad messages. Once you've proved this, of course, you're not going to get Microsoft to fix their code, so you need to change your users to a different mail client. > Also, as an aside, I have a imap user that wants to sync outlook folders > when they connect to the imap server. So if they create a new folder or > move mail, when they connect it will auto-matically sync up on the server. > Is this possible and if so, with how? Choose an IMAP client which has the capability of disconnected operation. It is the client's job to sync to the server. Regards, Brian. Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Courier-imap mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
