Hello, the error is still present: May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth attempts): rip=82.113.119.140, lip=78.46.216.126 Whenever I start a session with openssl to STARTTTL (Server: mail.opsys.de) the handshake is successfull. Also I am able to login to my account via 1 login. In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on port 143 isn't working properly. The cert is Class 1 and signed by StartCom Ltd.. Dovecot.conf (for viewable reasons of this mail pasted): http://pastie.org/private/bmrymyuo16ohzxdahf0nq And here openssl output: http://pastie.org/private/3rpgll2s7hblev9ozpcq8w Note the 'Verify return code: 21 (unable to verify the first certificate)' in the output... Thanks for helping, I am working on this problem since 3 days. Kind regards Markus Fritz
I'm just learning about this, but I was able to get it working recently. Also I haven't read your earlier posts. Did you receive intermediate certificates from StartCom? When I got my certificate, I had to concatenate together the contents of the domain_name.crt file and the gd_bundle.crt file. That concatenated file is the one I specify for ssl_cert_file. It has 4 certificates in it. I ask because when I run the openssl command, my certificate chain has 4 sections where yours only has one. Does your ssl.cert have the intermediate certificates in it? On 2012-05-08 14:17, Markus Fritz wrote:> Hello, > > the error is still present: > May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=82.113.119.140, lip=78.46.216.126 > > Whenever I start a session with openssl to STARTTTL (Server: > mail.opsys.de) the handshake is successfull. Also I am able to login > to my account via 1 login. > In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on > port 143 isn't working properly. > The cert is Class 1 and signed by StartCom Ltd.. > Dovecot.conf (for viewable reasons of this mail pasted): > http://pastie.org/private/bmrymyuo16ohzxdahf0nq > And here openssl output: > http://pastie.org/private/3rpgll2s7hblev9ozpcq8w > Note the 'Verify return code: 21 (unable to verify the first > certificate)' in the output... > > Thanks for helping, I am working on this problem since 3 days. > > Kind regards > > Markus Fritz
On 2012-05-08 14:17, Markus Fritz wrote:> Hello, > > the error is still present: > May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=82.113.119.140, lip=78.46.216.126 > > Whenever I start a session with openssl to STARTTTL (Server: > mail.opsys.de) the handshake is successfull. Also I am able to login > to my account via 1 login. > In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on > port 143 isn't working properly. > The cert is Class 1 and signed by StartCom Ltd.. > Dovecot.conf (for viewable reasons of this mail pasted): > http://pastie.org/private/bmrymyuo16ohzxdahf0nq > And here openssl output: > http://pastie.org/private/3rpgll2s7hblev9ozpcq8w > Note the 'Verify return code: 21 (unable to verify the first > certificate)' in the output... > > Thanks for helping, I am working on this problem since 3 days. > > Kind regards > > Markus FritzHow about this: Note: If you receive an error that looks like: 454 TLS not available due to temporary reason', Port: 25, Secure(SSL): Yes, Server Error: 455, Error Number: 0x800CCC7F or anything similar, it is because your Norton AntiVirus Email Scanning or other Anti-Virus software is scanning your outgoing email. Shut off the 'Scan outgoing Email' option and it should work. It came from here: https://cs.stanford.edu/computing-guide/email/client-settings