Hello Sam,
one short question. I did an dist-upgrade on my Debian system und now I
have got courier-imap-ssl version 4.17.1+0.76.1-3
During the installation I got some hints for Courier
The Courier MTA packaging has been extensively rewritten and
major changes had been done to the default setup of Courier MTA.
The default user and group for Courier MTA has been changed to
courier:courier. The package tries hard to make all files belong
to correct user:group and the permissions on those files are
correct, but if you have a non-default setup, you will have to
make sure that:
+ All file owners and file in /etc/courier and /var/lib/courier
are correctly set.
+ MAILUSER and MAILGROUP settings in /etc/courier/esmtpd is set to
correct user and group, both has to be set to `courier'.
I ve changed the file owners to courier.courier.
/etc/courier/esmtpd doesnt exist because the mailuser and group are
defined in a mysql-db.
There seems to be another difference. I always restarted the mailsystem
with a script:
/root/scripts/mailserver_restart.sh
#!/bin/bash
/etc/init.d/postfix restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/saslauthd restart
But now I dont get an ok-result for courier-imap and courier-imap-ssl
[ ok ] Restarting postfix (via systemctl): postfix.service.
[....] Restarting Courier IMAP server: imapd.
[ ok ] Restarting Courier authentication services: authdaemond.
[....] Restarting Courier IMAP server (TLS): imapd-ssl.
[ ok ] Restarting saslauthd (via systemctl): saslauthd.service.
root@txbweb ~ # /etc/init.d/courier-imap-ssl start
[....] Starting Courier IMAP server (TLS): imapd-ssl.
root@txbweb ~ # /etc/init.d/courier-imap-ssl status
[FAIL] imapd-ssl is not running ... failed!
There is no error message in syslog or messages, but I can see the
running files in /run/courier/
root@txbweb ~ # ls -al /run/courier/
total 8
drwxrwxr-x 3 root courier 140 Aug 1 12:48 .
drwxr-xr-x 24 root root 740 Aug 1 11:40 ..
drwxr-xr-x 2 courier courier 80 Aug 1 12:46 authdaemon
-rw-r--r-- 1 root root 5 Aug 1 12:46 imapd.pid
-rw------- 1 root root 0 Aug 1 12:46 imapd.pid.lock
-rw-r--r-- 1 root root 5 Aug 1 12:48 imapd-ssl.pid
-rw------- 1 root root 0 Aug 1 12:10 imapd-ssl.pid.lock
The mailsystem works normal. So I dont need to extra start
courier-imap-ssl or courier-imap anymore?
Am 31.07.2016 um 19:18 schrieb Sam Varshavchik:
tba...@txbweb.de writes:
For testing I ve set the two variable TLS_CERTFILE and TLS_DHPARAMS to
non existing files (last char deleted), but I dont get any error
messages when restarting imap-ssl.
TLS_CERTFILE=/etc/courier/imapd_startcom_20160719.cr
TLS_DHPARAMS=/etc/courier/dhparams.pe
And when I set the variable smtpd_tls_cert_file in main.cf of Postfix to
a non existing cert file (last char deleted),
smtpd_tls_cert_file = /etc/ssl/certs/mail.txbweb.de.20160719.cr
This means that courier doesnt read my certificate even when it is set
correctly? Is
courier doesn't read the certificate until an actual SSL connection
gets established.
"cat /etc/ssl/private/mail.txbweb.de.key
/etc/ssl/certs/mail.txbweb.de.20160719.crt
/etc/ssl/certs/startcom.sca.server2.crt >
/etc/courier/imapd_startcom_20160719.crt"
still the correct method to create the cert file for courier-imap-ssl?
Looks ok to me. I can never remember whether the intermediate cert
must come first, or last. If this worked before, then it should work now.
------------------------------------------------------------------------------
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
------------------------------------------------------------------------------
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
