Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
courier-imap ssl connection problem
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Mon Mar 07, 2005 4:20 pm    Post subject: courier-imap ssl connection problem Reply with quote

hi all!

after a recent emerge courier imap was updated and only ssl logins are now allowed (i think this is called imaps). squirrelmail, oulook and thinderbird could not connect to the imap server. this problem is fixed now by enabling ssl logins both in the configs of squirrelmail, outlook and thunderbird and the imap server. but now thunderbird and oulook require a certificate?!?!
how to i get this to import it in these programms???

after reading this article (https://forums.gentoo.org/viewtopic-t-56633-highlight-imap+certificate.html) i tried to restart the authdaemond i get the message:
area52 init.d # ./authdaemond restart
* Starting authdaemond.plain...
/usr/bin/env: /usr/lib/courier-imap/authlib/authdaemond.plain: No such file or directory [ !! ]

now, i do not know what to do!!!!

thx for help in advance

greets
snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Mon Mar 07, 2005 7:37 pm    Post subject: Reply with quote

if you are running courier-imap-4* read this: https://forums.gentoo.org/viewtopic-p-2060682.html#2060682
_________________
Gentoo users' map
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Mon Mar 07, 2005 8:32 pm    Post subject: Reply with quote

thx, this helped me with one of my problems!!! but the other does still remain that the imapd only accepts ssl connections and i need a certificate to enable thunderbird and outlook access to my imap folders.

any ideas how to grant normal connections through port 143 again???

thx
snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Mon Mar 07, 2005 9:05 pm    Post subject: Reply with quote

imapd is started and listen on 143?
post your out put of `grep -vE '^#|^$' /etc/courier-imap/imapd`
_________________
Gentoo users' map
Back to top
View user's profile Send private message
growse
Apprentice
Apprentice


Joined: 24 Jan 2003
Posts: 154
Location: Sunny UK

PostPosted: Mon Mar 07, 2005 9:41 pm    Post subject: Reply with quote

There are two different daemons afaik. /etc/init.d/courier-imapd and /etc/init.d/courier-imapd-ssl. Try starting the first one.
_________________
Getting there....
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Mon Mar 07, 2005 10:34 pm    Post subject: Reply with quote

langthang wrote:
imapd is started and listen on 143?
post your out put of `grep -vE '^#|^$' /etc/courier-imap/imapd`


here it is:

ADDRESS=127.0.0.1
PORT=143
AUTHSERVICE143=imap
AUTHSERVICE993=imaps
MAXDAEMONS=40
MAXPERIP=4
PIDFILE=/var/run/imapd.pid
TCPDOPTS="-nodnslookup -noidentlookup"
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
IMAP_KEYWORDS=1
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
IMAP_PROXY=0
IMAP_PROXY_FOREIGN=0
IMAP_IDLE_TIMEOUT=60
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"
IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"
IMAP_DISABLETHREADSORT=0
IMAP_CHECK_ALL_FOLDERS=0
IMAP_OBSOLETE_CLIENT=0
IMAP_UMASK=022
IMAP_ULIMITD=65536
IMAP_USELOCKS=1
IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index
IMAP_ENHANCEDIDLE=0
IMAP_TRASHFOLDERNAME=Trash
IMAP_EMPTYTRASH=Trash:7
IMAP_MOVE_EXPUNGE_TO_TRASH=0
SENDMAIL=/usr/sbin/sendmail
HEADERFROM=X-IMAP-Sender
IMAPDSTART=NO
MAILDIRPATH=Maildir
MAILDIR=.maildir
MAILDIRPATH=.maildir
PRERUN=


hope this helps....

snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Mon Mar 07, 2005 10:53 pm    Post subject: Reply with quote

Code:
ADDRESS=127.0.0.1

with above, you are only be able to connect to 143 through localhost interface. try "ADDRESS=0"
as for create a self sign cert to use with courier read /usr/share/doc/courier-imap-4.0.2/courier-imap-gentoo.readme.gz "### Courier-IMAP' ssl certificate setup" section.
_________________
Gentoo users' map
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Tue Mar 08, 2005 6:27 am    Post subject: Reply with quote

but with the ADDRESS=0 option i also get this message:

Mar 8 07:21:14 area52 xinetd[28270]: START: imap2 pid=25577 from=127.0.0.1
Mar 8 07:21:14 area52 xinetd[25577]: USERID: imap2 UNIX : apache
Mar 8 07:21:14 area52 imapd[25577]: port 143 service init from 127.0.0.1
Mar 8 07:21:14 area52 imapd[25577]: Connection reset by peer, while flushing line user=??? host=UNKNOWN
Mar 8 07:21:14 area52 xinetd[28270]: EXIT: imap2 pid=25577 duration=0(sec)


could the problem be starting the imapd through the xinetd???

greets
snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Tue Mar 08, 2005 6:41 pm    Post subject: Reply with quote

I don't hve any experience with ruuning courier-imap through xinetd so I don't have any iadea. Why don't you run your courier-imap normally (ie /etc/init.d/<service> start), get it working then tweak it?
_________________
Gentoo users' map
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Thu Mar 10, 2005 8:45 am    Post subject: Reply with quote

langthang wrote:
I don't hve any experience with ruuning courier-imap through xinetd so I don't have any iadea. Why don't you run your courier-imap normally (ie /etc/init.d/<service> start), get it working then tweak it?



ok, ill try to get it working without xinetd...
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Thu Mar 10, 2005 1:45 pm    Post subject: Reply with quote

now i encountered another problem! i dont know if this is in relation to my former problem but i paste the error message. in squirrelmail i cannot send/formward mails/messages now. i get this message:

Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

Warning: fsockopen(): php_stream_sock_ssl_activate_with_method: SSL handshake/connection failed in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

Warning: fsockopen(): failed to activate SSL mode 2 in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

here is the squirrelmail config file:

$domain = 'example.com';
$imapServerAddress = 'localhost';
$imapPort = 993;
$useSendmail = false;
$smtpServerAddress = 'localhost';
$smtpPort = 25;
$sendmail_path = '/usr/sbin/sendmail';
$pop_before_smtp = false;
$imap_server_type = 'courier';
$invert_time = false;
$optional_delimiter = 'detect';

and the smtp settings displayed by conf.pl script:
SMTP Settings
-------------
4. SMTP Server : localhost
5. SMTP Port : 25
6. POP before SMTP : false
7. SMTP Authentication : login
8. Secure SMTP (TLS) : true

also the smtp authentication NONE results in no success :(

where's the problem???? could this be the imap update?? i dont think so... should i remerge squirrelmail with Use="SSL"???

hope someone can help me

thx
snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Thu Mar 10, 2005 4:57 pm    Post subject: Reply with quote

this is confused (could be my english)
Quote:
after a recent emerge courier imap was updated and only ssl logins are now allowed (i think this is called imaps). squirrelmail, oulook and thinderbird could not connect to the imap server. this problem is fixed now by enabling ssl logins both in the configs of squirrelmail, outlook and thunderbird and the imap server.

in the first post, you said you have problem connect to the regular imap (143). did you get that fix yet?
Quote:
here is the squirrelmail config file:

$domain = 'example.com';
$imapServerAddress = 'localhost';
$imapPort = 993;

now you say that you are having problem with imap-ssl (via port 993).

Please describe your setup. do you want to allow imap or imap-ssl connection only, or both? do you want squirrelmail connect to imap or imap-ssl? do you want TLS (secure authentication)?
_________________
Gentoo users' map
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Thu Mar 10, 2005 6:51 pm    Post subject: Reply with quote

sorry, but this could be my english too ;)

i found the problem: i have 2 imap daemons installed :( courier-imap and uw-imap (started through xinetd).

here's the emerge log:

1085257797: *** emerge imapd
1085315657: *** emerge imapd
1085317740: *** emerge imapd
1085323600: *** emerge imapd
1085325529: >>> emerge (5 of 5) net-mail/courier-imap-3.0.2 to /
1085325529: === (5 of 5) Cleaning (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)
1085325532: === (5 of 5) Compiling/Merging (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)
1085326181: === (5 of 5) Updating world file (net-mail/courier-imap-3.0.2)
1085326181: === (5 of 5) Post-Build Cleaning (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)
1085326182: >>> AUTOCLEAN: net-mail/courier-imap
1085326182: ::: completed emerge (5 of 5) net-mail/courier-imap-3.0.2 to /
1085338756: *** emerge unmerge courier-imap
1085338761: === Unmerging... (net-mail/courier-imap-3.0.2)
1085338767: >>> unmerge success: net-mail/courier-imap-3.0.2
1085338783: *** emerge uwimap
1085338813: *** emerge uw-imap
1085338813: >>> emerge (1 of 1) net-mail/uw-imap-2002e-r1 to /
1085338813: === (1 of 1) Cleaning (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)
1085338813: === (1 of 1) Compiling/Merging (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)
1085338919: === (1 of 1) Updating world file (net-mail/uw-imap-2002e-r1)
1085338919: === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)
1085338919: >>> AUTOCLEAN: net-mail/uw-imap
1085338919: ::: completed emerge (1 of 1) net-mail/uw-imap-2002e-r1 to /
1085339224: *** emerge imaplogin
1085340288: *** emerge unmerge courier-imapd
1097598156: >>> emerge (6 of 9) net-mail/uw-imap-2002e-r4 to /
1097598156: === (6 of 9) Cleaning (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)
1097598156: === (6 of 9) Compiling/Merging (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)
1097598227: === (6 of 9) Post-Build Cleaning (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)
1097598228: >>> AUTOCLEAN: net-mail/uw-imap
1097598233: === Unmerging... (net-mail/uw-imap-2002e-r1)
1097598236: >>> unmerge success: net-mail/uw-imap-2002e-r1
1097598236: ::: completed emerge (6 of 9) net-mail/uw-imap-2002e-r4 to /
1101458236: >>> emerge (1 of 4) net-mail/uw-imap-2004a to /
1101458236: === (1 of 4) Cleaning (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)
1101458237: === (1 of 4) Compiling/Merging (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)
1101458404: === (1 of 4) Post-Build Cleaning (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)
1101458405: >>> AUTOCLEAN: net-mail/uw-imap
1101458410: === Unmerging... (net-mail/uw-imap-2002e-r4)
1101458414: >>> unmerge success: net-mail/uw-imap-2002e-r4
1101458414: ::: completed emerge (1 of 4) net-mail/uw-imap-2004a to /
1107330603: >>> emerge (1 of 1) net-mail/uw-imap-2004c to /
1107330603: === (1 of 1) Cleaning (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)
1107330605: === (1 of 1) Compiling/Merging (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)
1107330708: === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)
1107330709: >>> AUTOCLEAN: net-mail/uw-imap
1107330714: === Unmerging... (net-mail/uw-imap-2004a)
1107330721: >>> unmerge success: net-mail/uw-imap-2004a
1107330722: ::: completed emerge (1 of 1) net-mail/uw-imap-2004c to /
1109860817: >>> emerge (1 of 8) net-mail/uw-imap-2004c-r1 to /
1109860817: === (1 of 8) Cleaning (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)
1109860819: === (1 of 8) Compiling/Merging (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)
1109860926: === (1 of 8) Post-Build Cleaning (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)
1109860927: >>> AUTOCLEAN: net-mail/uw-imap
1109860933: === Unmerging... (net-mail/uw-imap-2004c)
1109860939: >>> unmerge success: net-mail/uw-imap-2004c
1109860940: ::: completed emerge (1 of 8) net-mail/uw-imap-2004c-r1 to /
1109922538: >>> emerge (1 of 1) net-mail/uw-imap-2004c-r3 to /
1109922538: === (1 of 1) Cleaning (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)
1109922539: === (1 of 1) Compiling/Merging (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)
1109922643: === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)
1109922644: >>> AUTOCLEAN: net-mail/uw-imap
1109922649: === Unmerging... (net-mail/uw-imap-2004c-r1)
1109922653: >>> unmerge success: net-mail/uw-imap-2004c-r1
1109922653: ::: completed emerge (1 of 1) net-mail/uw-imap-2004c-r3 to /
1110129701: *** emerge courier-imapd-ssl
1110129710: *** emerge courier-imap-ssl
1110216127: *** emerge courier-imap
1110216512: >>> emerge (2 of 2) net-mail/courier-imap-4.0.1 to /
1110216512: === (2 of 2) Cleaning (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)
1110216514: === (2 of 2) Compiling/Merging (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)
1110217311: === (2 of 2) Updating world file (net-mail/courier-imap-4.0.1)
1110217311: === (2 of 2) Post-Build Cleaning (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)
1110217312: >>> AUTOCLEAN: net-mail/courier-imap
1110217312: ::: completed emerge (2 of 2) net-mail/courier-imap-4.0.1 to /


the thing i want to do is to allow outlook, thunderbird and squirelmail to connect through normal imap, not imaps. but a recent update - now i think form uw-imap only allows secure connections and this is the problem...
now im very confused and do not know what to do?!?!?!
should i delete the courier-imapd??? cause everything runs fine before this recent update (and i now think that it was the emerge of courier-imap-4.0.1. that confuses my config)

thx again
snIPer
Back to top
View user's profile Send private message
langthang
Retired Dev
Retired Dev


Joined: 27 Nov 2003
Posts: 620

PostPosted: Thu Mar 10, 2005 7:04 pm    Post subject: Reply with quote

you can have both imap app installed but you can only be able to run one imap at a time (at least with the default imap listen on 143). So you need dicide with imap app you want, and work on it. good luck.
_________________
Gentoo users' map
Back to top
View user's profile Send private message
snIP3r
l33t
l33t


Joined: 21 May 2004
Posts: 853
Location: germany

PostPosted: Thu Mar 10, 2005 7:30 pm    Post subject: Reply with quote

langthang wrote:
you can have both imap app installed but you can only be able to run one imap at a time (at least with the default imap listen on 143). So you need dicide with imap app you want, and work on it. good luck.


thx for helping so fast!!!

i got it working now. i reemerged uw-imap with the use flag "clearpasswd" and it works just like before the update. going to delete the courier-imapd....


thx for helping me!

greets
snIPer
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum