Hi,
TLS on imap port 143 works.
But if I try TLS on managesieve port 4190, I get no connection.
Dec 12 21:16:10 managesieve-login: Info: Disconnected (no auth attempts in 5
secs): rip=192.168.10.117, lip=192.168.10.117, secured
Dec 12 21:16:20 managesieve-login: Info: Disconnected (no auth attempts in 5
secs): rip=192.168.10.117, lip=192.168.10.117, TLS handshaking: Disconnected
# gnutls-cli --starttls -p 4190 192.168.10.117
Resolving '192.168.10.117'...
Connecting to '192.168.10.117:4190'...
- Simple Client Mode:
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation
subaddress comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify environment mailbox date ihave"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."
STARTTLS
NO "Begin TLS negotiation now."
^ There is a NO and not an OK...
Possible something wrong with my config, but I cannot find
something...
# doveconf -n
# 2.1.rc1: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 6.0.3
auth_cache_size = 1 M
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login cram-md5
auth_verbose = yes
auth_verbose_passwords = plain
debug_log_path = /var/log/dovecot/dovecot-debug.log
default_client_limit = 2600
dict {
expire = sqlite:/etc/dovecot/dovecot-dict-expire.conf.ext
}
disable_plaintext_auth = no
hostname = mx4.constabel-it.de
info_log_path = /var/log/dovecot/dovecot-info.log
log_path = /var/log/dovecot/dovecot.log
mail_debug = yes
mail_location = mdbox:~/mdbox
mail_plugins = quota notify mail_log expire acl
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Archive/2011 {
auto = subscribe
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = scheme=PLAIN username_format=%u /etc/imap.userdb
driver = passwd-file
}
plugin {
expire = Trash
expire2 = Trash/*
expire3 = Spam
expire_dict = proxy::expire
quota = dict:User quota::file:/mailspool1/%d/%n/dovecot-quota
quota_rule = *:storage=9000M:messages=1000000
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
postmaster_address = postmaster at localhost
protocols = " imap lmtp sieve pop3"
service auth {
inet_listener {
address = 192.168.10.117
port = 12345
}
}
service dict {
unix_listener dict {
group = vmail
mode = 0666
}
}
service imap-login {
inet_listener imap {
address = 192.168.10.117
port = 143
}
inet_listener imaps {
address = 192.168.10.117
port = 993
ssl = yes
}
}
service lmtp {
inet_listener lmtp {
address = 192.168.10.117
port = 24
}
}
service managesieve-login {
inet_listener sieve {
address = 192.168.10.117
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
address = 192.168.10.117
port = 110
}
inet_listener pop3s {
address = 192.168.10.117
port = 995
ssl = yes
}
}
ssl_ca = </etc/postfix/psw-ssl/ssl.ca-bundle
ssl_cert = </etc/postfix/psw-ssl/ssl.crt
ssl_key = </etc/postfix/psw-ssl/ssl.key
userdb {
args = username_format=%Lu /etc/imap.userdb
driver = passwd-file
}
protocol lmtp {
mail_plugins = quota notify mail_log expire acl sieve
}
protocol lda {
mail_plugins = quota notify mail_log expire acl
}
protocol imap {
imap_logout_format = bytes=%i/%o
mail_plugins = quota notify mail_log expire acl imap_quota imap_acl
}
protocol sieve {
mail_debug = yes
managesieve_logout_format = bytes=%i/%o
}
protocol pop3 {
mail_plugins = quota notify mail_log expire acl
}
regards,
Mike
On 12/12/2011 9:30 PM, Mike Constabel wrote:> Hi, > > > TLS on imap port 143 works. > > But if I try TLS on managesieve port 4190, I get no connection. > > Dec 12 21:16:10 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, secured > Dec 12 21:16:20 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, TLS handshaking: Disconnected[..]> NO "Begin TLS negotiation now."My bad. By the looks of things you are using the automatic Debian repository. Currently, these builds are a bit tainted by a couple of patches of mine, which apparently caused problems once more. As not to frustrate generic debugging any further, I have removed these patches from the normal v2.1 builds. I did fix this bug, but I'll start a separate builder for the patched packages that I need for a project of mine. If all goes well, new untainted packages should roll out within the hour. Regards, Stephan.