| View previous topic :: View next topic |
| Author |
Message |
AiSpirit
n00b
Joined: 31 Jul 2007
Posts: 11
Location: Rennes
|
 Posted: Mon Aug 13, 2007 9:41 am Post subject: courier-imap : POP & IMAP differences for SSL |
 |
|
With courier-imap, I have a slight difference betwenn POP3 and IMAP :
both have a similar K-ssl files :
KSSLSTART=YES
KSTARTTLS=YES
K_TLS_REQUIRED=0
However, when I check the access methods, I have a difference which is not good IMOH .
I put here the two listings form the horde IMP test configuration
| Code: | * Trying protocol imap/notls, Port 143:
SUCCESS - INBOX has 7 messages (2 new 0 recent)
* Trying protocol imap/ssl, Port 993:
SUCCESS - INBOX has 7 messages (2 new 0 recent)
* Trying protocol imap/ssl/novalidate-cert, Port 993:
SUCCESS - INBOX has 7 messages (2 new 0 recent)
* Trying protocol imap/tls/novalidate-cert, Port 143:
SUCCESS - INBOX has 7 messages (2 new 0 recent)
|
For POP :
| Code: |
* Trying protocol pop3/notls, Port 110:
ERROR - The server returned the following error message:
TLS required to log in.TLS required to log in.TLS required to log in.Too many login failures
* Trying protocol pop3/ssl, Port 995:
SUCCESS - INBOX has 6 messages (6 new 6 recent)
* Trying protocol pop3/ssl/novalidate-cert, Port 995:
SUCCESS - INBOX has 6 messages (6 new 6 recent)
* Trying protocol pop3/tls/novalidate-cert, Port 110:
SUCCESS - INBOX has 6 messages (6 new 6 recent)
|
So, I dont know weither it is a bug or not as for pop3d, the notls access is desactivated as STARTTLS is on.
The only thing I can do to prevent notls access it to shutdown courier-imapd and to only have courier-imapd-ssl runing for imap server ... |
|
| Back to top |
|
 |
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Mon Aug 13, 2007 9:45 pm Post subject: |
|
|
Could it be that you have some mails deleted in your IMAP inbox? Could you try to remove them permanently and then rerun the test?
// SteveB |
|
| Back to top |
|
|
AiSpirit
n00b
Joined: 31 Jul 2007
Posts: 11
Location: Rennes
|
| Posted: Tue Aug 14, 2007 7:21 am Post subject: |
|
|
After a few tries yesterday, I'm having better results but still not perfect:
For IMAP, with the configfuration
| Code: | TLS_REQUIRED = 1, I have
- notls blocked
- SSL ok |
The error which prevented me to do this before was that TLS_REQUIRED = 1 
SSL and TLS communicate using a certificate named imapd.pem (the default name but I used one
named imap-mail.pem) so a | Code: | | ln -s imap-mail.pem imapd.pem |
.
However, for the POP configuration,
with TLS_REQUIRED=1, SSL failed with TLS REQUIRED messages in horde.
So I did,
| Code: |
TLS_REQUIRED = 1
start both daemons (pop3d and pop3d-ssl)
notls blocked
SSL ... blocked
TLS_REQUIRED = 0
restart pop3d-ssl
SSL = ok
notls blocked |
It is not perfect but working so I will look at it later ...
I do not think that this is due to mails as I stopped the daemons / modify / restart so they should not be affected (  ) but I will check this to |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
