dovecot - Nov 2011 - Question about imaps

Hi List!

Had a questions about imap vs. imaps.

I read the ssl article at http://wiki2.dovecot.org/SSL and from what I am
reading, imaps is no longer needed as imap with initiate SSL/TLS on its
own if STARTTLS is started and I have disable_plaintext_auth=yes and
ssl=required settings.

I do have SSL up and working, and can connect using imap (143) to my
server without issue, but was not able to connect using imaps (993) using
Kmail as my client.

I Was getting a client error stating that the authentication failed using
my password. However, there was nothing in the mail.err or mail.log file
even when I enable debugging.

If I specify imaps as my only protocol, then dovecot fails to even start
without any error loging at all.

As I stated, imap works just fine.

So, is imaps deprecated as mentioned in the article and imaps no longer
needed?

I am running Dovecot 2.0.13 on an Ubuntu 11.10 64bit server.
This server is simply an imap serer and not a MTA (No postfix or sendmail
installed.)

Thanks!
Joe

On Mon, November 21, 2011 8:44 am, jgiles at cybermesa.com
wrote:
> Hi List!
>
> Had a questions about imap vs. imaps.
>
> I read the ssl article at http://wiki2.dovecot.org/SSL and from what I am
> reading, imaps is no longer needed as imap with initiate SSL/TLS on its
> own if STARTTLS is started and I have disable_plaintext_auth=yes and
> ssl=required settings.
>
> I do have SSL up and working, and can connect using imap (143) to my
> server without issue, but was not able to connect using imaps (993) using
> Kmail as my client.
>
> I Was getting a client error stating that the authentication failed using
> my password. However, there was nothing in the mail.err or mail.log file
> even when I enable debugging.
>
> If I specify imaps as my only protocol, then dovecot fails to even start
> without any error loging at all.
>
> As I stated, imap works just fine.
>
> So, is imaps deprecated as mentioned in the article and imaps no longer
> needed?
>
> I am running Dovecot 2.0.13 on an Ubuntu 11.10 64bit server.
> This server is simply an imap serer and not a MTA (No postfix or sendmail
> installed.)
>
> Thanks!
> Joe
>
>
>
>

LOL, replying to my own e-mail...

I just discovered that the problem is most likely in my Kmail 2 client.

Tried to connect using the following:

openssl s_client -connect mymailserver.com:993

I was able to connect, log in, and get information about my mail folders.

Will try Thunderbird when I get home from work. Kmail 2 is still a WIP I
guess.

That said, I am still reading that imap with starttls is the way to go, so
might be a moot issue.

Thanks!
Joe

On Mon, 21 Nov 2011 09:40:02 -0700 (MST)
jgiles at cybermesa.com articulated:
> On Mon, November 21, 2011 8:44 am, jgiles at cybermesa.com wrote:
> > Hi List!
> >
> > Had a questions about imap vs. imaps.
> >
> > I read the ssl article at http://wiki2.dovecot.org/SSL and from
> > what I am reading, imaps is no longer needed as imap with initiate
> > SSL/TLS on its own if STARTTLS is started and I have
> > disable_plaintext_auth=yes and ssl=required settings.
> >
> > I do have SSL up and working, and can connect using imap (143) to my
> > server without issue, but was not able to connect using imaps (993)
> > using Kmail as my client.
> >
> > I Was getting a client error stating that the authentication failed
> > using my password. However, there was nothing in the mail.err or
> > mail.log file even when I enable debugging.
> >
> > If I specify imaps as my only protocol, then dovecot fails to even
> > start without any error loging at all.
> >
> > As I stated, imap works just fine.
> >
> > So, is imaps deprecated as mentioned in the article and imaps no
> > longer needed?
> >
> > I am running Dovecot 2.0.13 on an Ubuntu 11.10 64bit server.
> > This server is simply an imap serer and not a MTA (No postfix or
> > sendmail installed.)
> >
> > Thanks!
> > Joe
> 
> LOL, replying to my own e-mail...
> 
> I just discovered that the problem is most likely in my Kmail 2
> client.
> 
> Tried to connect using the following:
> 
> openssl s_client -connect mymailserver.com:993
> 
> I was able to connect, log in, and get information about my mail
> folders.
> 
> Will try Thunderbird when I get home from work. Kmail 2 is still a
> WIP I guess.
> 
> That said, I am still reading that imap with starttls is the way to
> go, so might be a moot issue.
> 
> Thanks!
> Joe
Try this: (substitute your actual host for "remote.host")

openssl s_client -connect remote.host:143 -starttls imap

See if you get a connection. If so, then the server offers STARTTLS.

-- 
Jerry ?
Dovecot.user at seibercom.net

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________

On Monday, November 21, 2011 01:20:55 PM Jerry wrote:
> On Mon, 21 Nov 2011 09:40:02 -0700 (MST)
> jgiles at cybermesa.com articulated:
> 
> > On Mon, November 21, 2011 8:44 am, jgiles at cybermesa.com wrote:
> > > Hi List!
> > >
> > > Had a questions about imap vs. imaps.
> > >
> > > I read the ssl article at http://wiki2.dovecot.org/SSL and from
> > > what I am reading, imaps is no longer needed as imap with
initiate
> > > SSL/TLS on its own if STARTTLS is started and I have
> > > disable_plaintext_auth=yes and ssl=required settings.
> > >
> > > I do have SSL up and working, and can connect using imap (143) to
my
> > > server without issue, but was not able to connect using imaps
(993)
> > > using Kmail as my client.
> > >
> > > I Was getting a client error stating that the authentication
failed
> > > using my password. However, there was nothing in the mail.err or
> > > mail.log file even when I enable debugging.
> > >
> > > If I specify imaps as my only protocol, then dovecot fails to
even
> > > start without any error loging at all.
> > >
> > > As I stated, imap works just fine.
> > >
> > > So, is imaps deprecated as mentioned in the article and imaps no
> > > longer needed?
> > >
> > > I am running Dovecot 2.0.13 on an Ubuntu 11.10 64bit server.
> > > This server is simply an imap serer and not a MTA (No postfix or
> > > sendmail installed.)
> > >
> > > Thanks!
> > > Joe
> > 
> > LOL, replying to my own e-mail...
> > 
> > I just discovered that the problem is most likely in my Kmail 2
> > client.
> > 
> > Tried to connect using the following:
> > 
> > openssl s_client -connect mymailserver.com:993
> > 
> > I was able to connect, log in, and get information about my mail
> > folders.
> > 
> > Will try Thunderbird when I get home from work. Kmail 2 is still a
> > WIP I guess.
> > 
> > That said, I am still reading that imap with starttls is the way to
> > go, so might be a moot issue.
> > 
> > Thanks!
> > Joe
> 
> Try this: (substitute your actual host for "remote.host")
> 
> openssl s_client -connect remote.host:143 -starttls imap
> 
> See if you get a connection. If so, then the server offers STARTTLS.
> 
> 
Hi, Jerry,

Thanks for the information.

Yes, I ran that command and got my cert and other information proving to me that
TLS is working. I was also able to log in and get mailbox information.

Thanks again!
Joe

Try to conect from shell

# telnet server 993



2011/11/21 Joe Giles <jgiles at cybermesa.com>:
> On Monday, November 21, 2011 01:20:55 PM Jerry wrote:
>> On Mon, 21 Nov 2011 09:40:02 -0700 (MST)
>> jgiles at cybermesa.com articulated:
>>
>> > On Mon, November 21, 2011 8:44 am, jgiles at cybermesa.com wrote:
>> > > Hi List!
>> > >
>> > > Had a questions about imap vs. imaps.
>> > >
>> > > I read the ssl article at http://wiki2.dovecot.org/SSL and
from
>> > > what I am reading, imaps is no longer needed as imap with
initiate
>> > > SSL/TLS on its own if STARTTLS is started and I have
>> > > disable_plaintext_auth=yes and ssl=required settings.
>> > >
>> > > I do have SSL up and working, and can connect using imap
(143) to my
>> > > server without issue, but was not able to connect using imaps
(993)
>> > > using Kmail as my client.
>> > >
>> > > I Was getting a client error stating that the authentication
failed
>> > > using my password. However, there was nothing in the mail.err
or
>> > > mail.log file even when I enable debugging.
>> > >
>> > > If I specify imaps as my only protocol, then dovecot fails to
even
>> > > start without any error loging at all.
>> > >
>> > > As I stated, imap works just fine.
>> > >
>> > > So, is imaps deprecated as mentioned in the article and imaps
no
>> > > longer needed?
>> > >
>> > > I am running Dovecot 2.0.13 on an Ubuntu 11.10 64bit server.
>> > > This server is simply an imap serer and not a MTA (No postfix
or
>> > > sendmail installed.)
>> > >
>> > > Thanks!
>> > > Joe
>> >
>> > LOL, replying to my own e-mail...
>> >
>> > I just discovered that the problem is most likely in my Kmail 2
>> > client.
>> >
>> > Tried to connect using the following:
>> >
>> > openssl s_client -connect mymailserver.com:993
>> >
>> > I was able to connect, log in, and get information about my mail
>> > folders.
>> >
>> > Will try Thunderbird when I get home from work. Kmail 2 is still a
>> > WIP I guess.
>> >
>> > That said, I am still reading that imap with starttls is the way
to
>> > go, so might be a moot issue.
>> >
>> > Thanks!
>> > Joe
>>
>> Try this: (substitute your actual host for "remote.host")
>>
>> openssl s_client -connect remote.host:143 -starttls imap
>>
>> See if you get a connection. If so, then the server offers STARTTLS.
>>
>>
>
> Hi, Jerry,
>
> Thanks for the information.
>
> Yes, I ran that command and got my cert and other information proving to me
that TLS is working. I was also able to log in and get mailbox information.
>
> Thanks again!
> Joe
>