On 2013-09-17 10:05, Reindl Harald wrote:
Am 17.09.2013 15:57, schrieb Dan Langille:
On 2013-09-17 09:26, Reindl Harald wrote:
Am 17.09.2013 15:01, schrieb Dan Langille:
On 2013-09-17 08:43, Reindl Harald wrote:
Am 17.09.2013 14:39, schrieb Dan Langille:
On 2013-09-16 20:28, Noel Butler wrote:
Since we just ruled this one out, might I suggest you grab the source
and build it, install it all under /opt/dovecot that way it wont
interfere with your ports installation and try that, the one you
successfully just tested uses dovecot 2.1 not 2.2, so maybe try source
of 2.1 and see if it works.
I just tried 2.1.16. The iPhone has no trouble on 143 but on 993, it's
just like 2.2
But, if it does work on port 143 with TLS I wouldnt worry too much
about it
tcpdump is showing me raw text going past, so I know I'm not getting
TLS on either Dovecot 2.1 or 2.2
It seems that TLS is not supported by my client. Pity.
iPhone is the worst mail client on this planet but for sure supports
TLS
Apple is here the same as Microsoft
* remove the account completly
* add it again and it will detect that encryption is available
Done. But tcpdump is still showing me plain text.
and you surely have "ssl = yes" in your configuration?
"dovecot -n" does not show it here too while it is there
I do.
"dovecot -n" does not show it here too while it is there
*what* says "telnet your-server 143"
$ telnet imaps.unixathome.org 143
Trying 199.233.228.197...
Connected to imaps.unixathome.org.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN] Dovecot ready.
if it is configured correctly you see "STARTTLS" in the capabilities
if you do not see it than the problem is a completlöy different one
* OK [CAPABILITY IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN
SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=LOGIN AUTH=PLAIN
AUTH=SCRAM-SHA-1]
may i suggest that you try a different mail client?
pretty sure that this is one of the uncountable cases where Apple
devices are failing
At present, I am using dovecot-1.2.17 on another server with a
certificate from StartCom:
$ openssl s_client -connect nyi.unixathome.org:993 -quiet
depth=0
/description=khACEsbS0LZ8es5F/C=US/CN=nyi.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/description=khACEsbS0LZ8es5F/C=US/CN=nyi.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=27:certificate not trusted
verify return:1
depth=0
/description=khACEsbS0LZ8es5F/C=US/CN=nyi.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=21:unable to verify the first certificate
verify return:1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
AUTH=PLAIN] Dovecot ready.
The server which fails me is running 2.1.16 (was 2.2 before this
morning)
$ openssl s_client -connect imaps.unixathome.org:993 -quiet
depth=0
/description=P4s7A2l6clvQRRJ4/C=US/CN=imaps.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/description=P4s7A2l6clvQRRJ4/C=US/CN=imaps.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=27:certificate not trusted
verify return:1
depth=0
/description=P4s7A2l6clvQRRJ4/C=US/CN=imaps.unixathome.org/emailAddress=postmas...@unixathome.org
verify error:num=21:unable to verify the first certificate
verify return:1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
Somewhere, somehow, there is something vastly different and not working.
--
Dan Langille - http://langille.org/
