Dear SOGo developers,
I used ssldump to check the differences in the IMAP connection between
SOGo and RoundCube, and I found the error.
I copy here the log details as citation to keep the layout.
The SSL dump with roundcube:
> root@portal andre/mails/security# ssldump -i lo -d -k
> /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143
> New TCP connection #1: localhost(54208) <-> localhost(143)
> 0.0086 (0.0086) S>C
> ---
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> ---
>
> 0.0087 (0.) C>S
> ---
> QP0001 ID ("x-originating-ip" "185.220.101.30")
> ---
>
> etc...
But with SOGo:
> root@portal andre/mails/security# ssldump -i lo -d -k
> /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143
> ===
> New TCP connection #1: localhost(54340) <-> localhost(143)
> 0.0119 (0.0119) S>C
> ---
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> ---
>
> 0.0120 (0.0001) C>S
> ---
> A0001 LOGIN "andre" "**"
> ---
>
> 0.1155 (0.1034) S>C
> ---
> A0001 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT
> MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS
> LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN
> CONTEXT=SEARCH LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA]
> Logged in
> ---
>
> 0.1160 (0.0005) C>S
> ---
> 3 capability
> ---
>
> 0.1167 (0.0006) S>C
> ---
> * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT
> SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND
> URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED
> I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH
> LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA
> 3 OK Capability completed (0.000 + 0.000 secs).
> ---
>
> 0.1599 (0.0431) C>S
> ---
> 4 ID ("x-originating-ip" "185.220.101.30")
> ---
In this case SOGo is sending the Originating IP (Yay!), but *after* the
login process, where it should, send it before.
SOGo should send the originating IP *before*, at least to allow a
proper logging of the connection attempts.
I have found an old bug in the BTS, so I added all the details:
https://sogo.nu/bugs/view.php?id=2979
I hope these details have been useful to you, and thanks again to
develop SOGo.
Thanks,
André
--
André Rodier
HomeBox: https://github.com/progmaticltd/homebox
--
users@sogo.nu
https://inverse.ca/sogo/lists