Re: Certificate cache on iOS with sending mail

[Alef Veld]

Sent from my iPhone

> On 14 Aug 2017, at 13:03, Alef Veld  wrote:
> 
> Hey Mike.
> The iPhone and MacBook started working, but the two remaining iMacs still 
> have problems. It's really weird. But if the first 2 are working it MUST be 
> something local right?
> 
> I removed the servers and re-added but no go. Maybe I'll need to remove the 
> plist files. I'm just desperate as I have clients that are working.
> 
> Sent from my iPhone
> 
>> On 14 Aug 2017, at 07:48, Mike Bobkiewicz  wrote:
>> 
>> Hi Alef,
>> 
>> most of the times the problem is with Apple´s Mail apps: best bet is to 
>> delete the smtp servers on both Mac and iOS and add them again. I´ve spend 
>> quite some time figuring out what might be wrong with serveral mail servers 
>> but sometimes the Mail apps just kill their prefs.
>> 
>> If you´re still searching the certs on the Mac side: They´re stored in the 
>> key chain.
>> 
>> Hope that helps,
>> 
>> Mike
>> 
>> 
>>> Am 11.08.2017 um 01:15 schrieb Alef Veld:
>>> And iPhone just sits there for a long time, "sending". Sometimes it goes 
>>> through sometimes it doesn't.
>>> 
>>> It's super weird but it has to do with SSL_accept and not reading the 
>>> message fully.
>>> 
>>> I might restore my old certs see if that solves it. I'll try some other 
>>> clients and ip addresses as well, outlook or something.
>>> 
>>> Sent from my iPhone
>>> 
 On 11 Aug 2017, at 00:08, Alef Veld  wrote:
 
 I deleted the certificate already, but I think it only uses that for 
 imap/dovecot. I don't think it actually stores one for smtps (or am I not 
 talking sense here).
 
 Sent from my iPhone
 
> On 10 Aug 2017, at 23:25, Joseph Tam  wrote:
> 
> 
>> On Thu, 10 Aug 2017, Larry Rosenman wrote:
>> 
>> Which mail client on iOS?
> Sorry, maybe not iOS, but definitely MacOSX Mail app.
> 
> Joseph Tam 
>> 
>> -- 
>> Mit freundlichen Grüßen
>> 
>> Mike Bobkiewicz
>> Heinatz GmbH
>> 
>> Gutenbergring 9
>> 22848 Norderstedt
>> 
>> 0049 40 527 20 30
>> 0049 40 527 86 49
>> 
>> e-mail: netadmin@heinatz.hamburg
>> www.heinatz.hamburg
>> 
>> Heinatz GmbH
>> Firmensitz: Gutenbergring 9, 22848 Norderstedt
>> Registergericht: Amtsgericht Kiel, HRB 4787 NO
>> Geschäftsführer: Frank Heinatz
>> 
>> 

Re: Certificate cache on iOS with sending mail

[Alef Veld]

And iPhone just sits there for a long time, "sending". Sometimes it goes 
through sometimes it doesn't.

It's super weird but it has to do with SSL_accept and not reading the message 
fully. 

I might restore my old certs see if that solves it. I'll try some other clients 
and ip addresses as well, outlook or something.

Sent from my iPhone

> On 11 Aug 2017, at 00:08, Alef Veld  wrote:
> 
> I deleted the certificate already, but I think it only uses that for 
> imap/dovecot. I don't think it actually stores one for smtps (or am I not 
> talking sense here).
> 
> Sent from my iPhone
> 
>> On 10 Aug 2017, at 23:25, Joseph Tam  wrote:
>> 
>> 
>>> On Thu, 10 Aug 2017, Larry Rosenman wrote:
>>> 
>>> Which mail client on iOS?
>> 
>> Sorry, maybe not iOS, but definitely MacOSX Mail app.
>> 
>> Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Alef Veld]

I deleted the certificate already, but I think it only uses that for 
imap/dovecot. I don't think it actually stores one for smtps (or am I not 
talking sense here).

Sent from my iPhone

> On 10 Aug 2017, at 23:25, Joseph Tam  wrote:
> 
> 
>> On Thu, 10 Aug 2017, Larry Rosenman wrote:
>> 
>> Which mail client on iOS?
> 
> Sorry, maybe not iOS, but definitely MacOSX Mail app.
> 
> Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Alef Veld]

macOS mail for sure, latest OS.
I know it's not a dovecot issue, but I can't be sure as this all started after 
I changed my dovecot cert. Does smtps using saslauthd through dovecot not have 
anything to do with it? (But tls in main.cf uses different certs.

Anyway the bizarre thing is that my MacBook still happily sends and receives 
mail. I noticed an additional error today though, SSL_accept error. This seems 
to coincide with the -1 error, it only reads a few bytes. 

Something went wrong and I don't know how to fix it. I deleted the accounts, 
but it doesn't even verify it anymore. Dovecot works fine, but no more sending 
mail. All because I changed the dovecot cert seemingly.

So yes I think it's a local issue, and something is stuck in limbo. but no clue 
on how to fix it. The iPhone mysteriously started working again this afternoon. 

Sent from my iPhone

> On 10 Aug 2017, at 23:25, Joseph Tam  wrote:
> 
> 
>> On Thu, 10 Aug 2017, Larry Rosenman wrote:
>> 
>> Which mail client on iOS?
> 
> Sorry, maybe not iOS, but definitely MacOSX Mail app.
> 
> Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Joseph Tam]

On Thu, 10 Aug 2017, Larry Rosenman wrote:


Which mail client on iOS?


Sorry, maybe not iOS, but definitely MacOSX Mail app.

Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Larry Rosenman]

Which mail client on iOS? 

-- 
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: larry...@gmail.com
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106
 

On 8/10/17, 3:58 PM, "dovecot on behalf of Joseph Tam" 
 wrote:

Alef Veld writes:

>> I'm wondering if there is any cache for a certificate or something, my
>> maillog shows up something like 10 bytes read, -1.  So it returns an
>> error.  I deleted the accounts and created them again, still no go. 
>> 
>> Anyone had anything similar before?

On top of the usual mail set up problems (and it appears to be some
SSL/STARTLS port number mismatch), setting up a iPhone/MacOSX mail client
can be an exercise in frustration as cause and effect may not be
synchronous.

What can happen is that after setting up parameters, if they don't work
(owing to misconfiguration or transient network problem), your mail client
will start varying the mail parameters (port #, TLS/SSL parameters,
with/without domain, etc.) in hopes of finding something that works.
Sort of auto-discovery/auto-correction.

All of a sudden, without apparent cause, it will bump into the right
settings (which may co-incide with your original settings) and it will
start working.  Uber confusing.

I believe if you disable the "Automatically manage connection" feature, it
will make your settings fixed.  This may not be the cause of your original
problem, but at least you won't be trying to troubleshoot a moving target.

Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Joseph Tam]

Alef Veld writes:


I'm wondering if there is any cache for a certificate or something, my
maillog shows up something like 10 bytes read, -1.  So it returns an
error.  I deleted the accounts and created them again, still no go. 


Anyone had anything similar before?


On top of the usual mail set up problems (and it appears to be some
SSL/STARTLS port number mismatch), setting up a iPhone/MacOSX mail client
can be an exercise in frustration as cause and effect may not be
synchronous.

What can happen is that after setting up parameters, if they don't work
(owing to misconfiguration or transient network problem), your mail client
will start varying the mail parameters (port #, TLS/SSL parameters,
with/without domain, etc.) in hopes of finding something that works.
Sort of auto-discovery/auto-correction.

All of a sudden, without apparent cause, it will bump into the right
settings (which may co-incide with your original settings) and it will
start working.  Uber confusing.

I believe if you disable the "Automatically manage connection" feature, it
will make your settings fixed.  This may not be the cause of your original
problem, but at least you won't be trying to troubleshoot a moving target.

Joseph Tam 

Re: Certificate cache on iOS with sending mail

[Ralph Seichter]

On 10.08.2017 14:57, Alef Veld wrote:

> I generated a new certificate for dovecot, and ever since I have this
> weird problem that my iPhone can still receive mail but cannot send
> using that mailserver. Same for my iMac.

Mail is not sent through Dovecot, but through an MTA. Based on your
earlier messages I assume that's Postfix, and you should ask on the
Postfix mailing list. See http://www.postfix.org/DEBUG_README.html if
you want to receive an answer, folks on that ML tend to reply RTFM
otherwise.

> I'm wondering if there is any cache for a certificate or something

Apple Mail uses certificates from the macOS keychain. If you accept a
certificate, it will be stored there.

-Ralph

Re: Certificate cache on iOS with sending mail

[Alef Veld]

And it's weird because it takes a long time to send and sometimes it does get 
sent. 

Sent from my iPhone

> On 10 Aug 2017, at 13:57, Alef Veld  wrote:
> 
> So I generated a new certificate for dovecot, and ever since I have this 
> weird problem that my iPhone can still receive mail but cannot send using 
> that mailserver. Same for my iMac.
> 
> My laptop works fine still and can do both.
> Local issue you would say right.
> 
> I'm wondering if there is any cache for a certificate or something, my 
> maillog shows up something like 10 bytes read, -1. So it returns an error. I 
> deleted the accounts and created them again, still no go.
> 
> Anyone had anything similar before?
> 
> Sent from my iPhone

Certificate cache on iOS with sending mail

[Alef Veld]

So I generated a new certificate for dovecot, and ever since I have this weird 
problem that my iPhone can still receive mail but cannot send using that 
mailserver. Same for my iMac.

My laptop works fine still and can do both.
Local issue you would say right.

I'm wondering if there is any cache for a certificate or something, my maillog 
shows up something like 10 bytes read, -1. So it returns an error. I deleted 
the accounts and created them again, still no go.

Anyone had anything similar before?

Sent from my iPhone