Hi, TLS on imap port 143 works. But if I try TLS on managesieve port 4190, I get no connection. Dec 12 21:16:10 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, secured Dec 12 21:16:20 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, TLS handshaking: Disconnected # gnutls-cli --starttls -p 4190 192.168.10.117 Resolving '192.168.10.117'... Connecting to '192.168.10.117:4190'... - Simple Client Mode: "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" "NOTIFY" "mailto" "SASL" "PLAIN LOGIN CRAM-MD5" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." STARTTLS NO "Begin TLS negotiation now." ^ There is a NO and not an OK... Possible something wrong with my config, but I cannot find something... # doveconf -n # 2.1.rc1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 6.0.3 auth_cache_size = 1 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login cram-md5 auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot/dovecot-debug.log default_client_limit = 2600 dict { expire = sqlite:/etc/dovecot/dovecot-dict-expire.conf.ext } disable_plaintext_auth = no hostname = mx4.constabel-it.de info_log_path = /var/log/dovecot/dovecot-info.log log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_location = mdbox:~/mdbox mail_plugins = quota notify mail_log expire acl mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Archive/2011 { auto = subscribe } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / type = private } passdb { args = scheme=PLAIN username_format=%u /etc/imap.userdb driver = passwd-file } plugin { expire = Trash expire2 = Trash/* expire3 = Spam expire_dict = proxy::expire quota = dict:User quota::file:/mailspool1/%d/%n/dovecot-quota quota_rule = *:storage=9000M:messages=1000000 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at localhost protocols = " imap lmtp sieve pop3" service auth { inet_listener { address = 192.168.10.117 port = 12345 } } service dict { unix_listener dict { group = vmail mode = 0666 } } service imap-login { inet_listener imap { address = 192.168.10.117 port = 143 } inet_listener imaps { address = 192.168.10.117 port = 993 ssl = yes } } service lmtp { inet_listener lmtp { address = 192.168.10.117 port = 24 } } service managesieve-login { inet_listener sieve { address = 192.168.10.117 port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { address = 192.168.10.117 port = 110 } inet_listener pop3s { address = 192.168.10.117 port = 995 ssl = yes } } ssl_ca = </etc/postfix/psw-ssl/ssl.ca-bundle ssl_cert = </etc/postfix/psw-ssl/ssl.crt ssl_key = </etc/postfix/psw-ssl/ssl.key userdb { args = username_format=%Lu /etc/imap.userdb driver = passwd-file } protocol lmtp { mail_plugins = quota notify mail_log expire acl sieve } protocol lda { mail_plugins = quota notify mail_log expire acl } protocol imap { imap_logout_format = bytes=%i/%o mail_plugins = quota notify mail_log expire acl imap_quota imap_acl } protocol sieve { mail_debug = yes managesieve_logout_format = bytes=%i/%o } protocol pop3 { mail_plugins = quota notify mail_log expire acl } regards, Mike
On 12/12/2011 9:30 PM, Mike Constabel wrote:> Hi, > > > TLS on imap port 143 works. > > But if I try TLS on managesieve port 4190, I get no connection. > > Dec 12 21:16:10 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, secured > Dec 12 21:16:20 managesieve-login: Info: Disconnected (no auth attempts in 5 secs): rip=192.168.10.117, lip=192.168.10.117, TLS handshaking: Disconnected[..]> NO "Begin TLS negotiation now."My bad. By the looks of things you are using the automatic Debian repository. Currently, these builds are a bit tainted by a couple of patches of mine, which apparently caused problems once more. As not to frustrate generic debugging any further, I have removed these patches from the normal v2.1 builds. I did fix this bug, but I'll start a separate builder for the patched packages that I need for a project of mine. If all goes well, new untainted packages should roll out within the hour. Regards, Stephan.