Hi All I have two servers, one running apache and squirrelmail in a jail. Squirrelmail on this server is trying to contact dovecot running imaps on port 993 on another server and failing. When I try from another physical machine it works but I would prefer to run this service from within a jail. Can anyone please let me know how to make this work?
Peter Fraser wrote:> Hi All > > I have two servers, one running apache and squirrelmail in a jail. > Squirrelmail on this server is trying to contact dovecot running imaps > on port 993 on another server and failing. When I try from another > physical machine it works but I would prefer to run this service from > within a jail. > > Can anyone please let me know how to make this work? > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >Have you tried to first do a simple (from within the jail): telnet host 993 Do you get connected? If not, do you have any firewall rules either on the host maintaining the jail or the host you are connecting to? If not, can you do a tcpdump to see what specificly is happening to those packets via (on the host again): tcpdump -i <interface> host <ip of jail> and port 993 Do you see packets both leaving your machine and coming back? If not, can you repeat the process above on the host machine maintaining the jail, but not within the jail itself. Are the results the same? The above is a start and should provide enough information as to whether the problem is specific to the jail or the physical host. ~Paul This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
--On Monday, December 28, 2009 3:43 PM -0500 Peter Fraser <petros.fraser@gmail.com> wrote:> Hi All > > I have two servers, one running apache and squirrelmail in a jail. > Squirrelmail on this server is trying to contact dovecot running imaps > on port 993 on another server and failing. When I try from another > physical machine it works but I would prefer to run this service from > within a jail. > > Can anyone please let me know how to make this work?Sounds like you have some sort of basic networking problem, a Jail in and of itself won't be blocked. I'd first check to see if you can get a connection from within the jail host server to the IMAPS port on the other machine. Use telnet or opennssl's s_client to see if you can get a connection open. I assume the dovecot server and jail have separate IPs? If so then try the same thing from within the jail. If both of those work then I'd check your PHP setup and make sure that you have the appropriate PHP modules installed, and that they support SSL.
Yes I can connect over telnet. If I even do openssl s_client -connect <server_ip>:993 I can also connect and list my mail. The machine is running FreeBSD 8 by the way. On Mon, Dec 28, 2009 at 9:53 AM, Paul Procacci <pprocacci@datapipe.com> wrote:> Peter Fraser wrote: >> >> Hi All >> >> I have two servers, one running apache and squirrelmail in a jail. >> Squirrelmail on this server is trying to contact dovecot running imaps >> on port 993 on another server and failing. When I try from another >> physical machine it works but I would prefer to run this service from >> within a jail. >> >> Can anyone please let me know how to make this work? >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> > Have you tried to first do a simple (from within the jail): > > telnet host 993 > > Do you get connected? ?If not, do you have any firewall rules either on > the host maintaining the jail or the host you are connecting to? ?If > not, can you do a tcpdump to see what specificly is happening to those > packets via (on the host again): > > tcpdump -i <interface> host <ip of jail> and port 993 > > Do you see packets both leaving your machine and coming back? ?If not, > can you repeat the process above on the host machine maintaining the > jail, but not within the jail itself. ?Are the results the same? > > The above is a start and should provide enough information as to whether > the problem is specific to the jail or the physical host. > > ~Paul > > This message may contain confidential or privileged information. ?If you are > not the intended recipient, please advise us immediately and delete this > message. ?See http://www.datapipe.com/emaildisclaimer.aspx for further > information on confidentiality and the risks of non-secure electronic > communication. If you cannot access these links, please notify us by reply > message and we will send the contents to you. >