Re: [Dovecot] compressed IMAP traffic

Mon, 28 Sep 2009 21:27:46 -0700 

Just playing some more and noticed using:
gnutls-cli (GnuTLS) 2.4.2

always says compression isn't supported, even when version 2.0.4 says it was.

gnutls-cli 2.4.2 from ubuntu 9.04 x64, Compression: DEFLATE, NULL

gnutls-cli 2.0.4 from ubuntu 8.04 x64, Compression: LZO, DEFLATE, NULL
I also noticed 2.4.2 would connect using aes-128, whereas 2.0.4 would connect using aes-256 


Quoting Patrick Domack <[email protected]>:


The command I used was:

gnutls-cli --protocols NORMAL:+COMP-DEFLATE --insecure -p 993

I have tried the --comp option, but it always fails for me (ubuntu 8.04)

gnutls-cli (GnuTLS) 2.0.4

Redhat is 5.3
Freebsd is 6.3


Quoting Leonardo Rodrigues <[email protected]>:


Timo Sirainen escreveu:


And DEFLATE gives the exact same error? LZO isn't supported by OpenSSL.



  yes ... error from DEFLATE and LZO are exactly the same on
gnutls-cli output and maillog on the CentOS 5.3 box.


Well, not the same server but looks like this one works too:

gnutls-cli --priority NORMAL:+COMP-DEFLATE -p 993 secure.emailsrvr.com

And just for fun I tried imap.gmail.com, that didn't support
compression.



  i had tried imap.gmail.com too :)

  interesting findings ..... from CentOS 5.3, i cant get any
compression method to work:

[r...@correio dovecot]# gnutls-cli --insecure -p 993 -p 993
secure.emailsrvr.com --comp LZO DEFLATE NULL [ ......]
- Version: TLS 1.0
- Key Exchange: DHE RSA
- Cipher: AES 256 CBC
- MAC: SHA
- Compression: NULL

  but from a Fedora 8 box:

[r...@correio ~]# gnutls-cli --insecure -p 993 -p 993
secure.emailsrvr.com --comp LZO DEFLATE NULL
[ ......]
- Version: TLS 1.0
- Key Exchange: DHE RSA
- Cipher: AES 256 CBC
- MAC: SHA
- Compression: DEFLATE


  and Fedora 8 OpenSSL is even older than CentOS 5.3 one:

CentOS 5.3:
[r...@correio dovecot]# rpm -qi openssl
Name        : openssl                      Relocations: (not relocatable)
Version     : 0.9.8e                            Vendor: CentOS
Release     : 12.el5                        Build Date: Fri 04 Sep 2009
09:33:56 AM BRT

Fedora 8:
[r...@correio ~]# rpm -qi openssl
Name        : openssl                      Relocations: (not relocatable)
Version     : 0.9.8b                            Vendor: Fedora Project
Release     : 17.fc8                        Build Date: Mon 15 Oct 2007
07:56:22 PM BRST

  probably there's some build option on CentOS that is disabling
compression. If 0.9.8b on Fedora8 built in October/2007 can do it, so
0.9.8e on CentOS 5.3 built on September/2009 should be able to do it
too ....... oh boy, i really hate those weirds compilation options from
Redhat  .... :\

--


        Atenciosamente / Sincerily,
        Leonardo Rodrigues
        Solutti Tecnologia
        http://www.solutti.com.br

        Minha armadilha de SPAM, NÃO mandem email
        [email protected]
        My SPAMTRAP, do not email it

Reply via email to