Hello people,
After a lot of wading through the dovecot documentation (which btw, is
excellent !, everything lies under "dovecot/doc/wiki"), I managed to
authenticate a couple of accounts.
For starters, I want dovecot to work as an imap/imaps box and nothing
else.
So , I went ahead and created a "passwd" file with two users.
One user being my name (spyros) and plaintext password and the other
user "postmaster" with encrypted password ("/etc/dovecot/passwd" shown) :
---
[email protected]:{PLAIN}plainpassword
[email protected]:{SSHA}SSHAPassword
---
Now, if I telnet to port 143 with both users, the system comes back with
the following :
---
[r...@webmail dovecot]# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS
AUTH=PLAIN] Dovecot ready
. login [email protected] password
. OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT
SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN
NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT
SEARCHRES WITHIN CONTEXT=SEARCH] Logged in
---
As I said, it allows login on port 143 for both users. So, the same for
"postmaster".
Now for port 993 :
---
[r...@webmail dovecot]# openssl s_client -connect webmail.domain.gr:993
[lots of SSL-related certificate information]
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
AUTH=PLAIN] Dovecot ready
. login [email protected] password
. OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT
SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN
NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT
SEARCHRES WITHIN CONTEXT=SEARCH] Logged in
---
Again, the same for user "postmaster". I don't paste.
So, everything is fine. However, I have an issue with the (?!) issued
certificate. If I check the dovecot logs I find nothing.
If on the other hand, I do the same check on the Horde application, It comes
back with the following :
---
* Trying protocol imap/notls, Port 143:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
* Trying protocol imap/ssl, Port 993:
ERROR - The server returned the following error message:
SECURITY PROBLEM: insecure server advertised AUTH=PLAIN[SERVERBUG]
Internal error occurred. Refer to server log for more
information. [2010-01-05 13:30:12]Certificate failure for localhost:
self signed certificate:
/C=GR/ST=Kerkyra/L=Kerkyra/O=Tourist Enterprizes/OU=IMAP
server/CN=webmail.domain.gr/[email protected]
* Trying protocol imap/ssl/novalidate-cert, Port 993:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
* Trying protocol imap/tls/novalidate-cert, Port 143:
SUCCESS - INBOX has 0 messages (0 new 0 recent)
---
Now, I know I am not supposed to ask you chaps about this, but direct
my questions to the horde mailing list.
However, I would like an opinion before I go ahead and bug them with
this.
Certificate was created with "dovecot/doc/mkcert.sh" and the relevant
certificate file (can't recall its name at the moment).
Any help would be appreciated. On the other hand, If I went too
far with this I apologize and I'll try to find another way to
resolve this.
Thank you people,
s.
