Ricardo Machini Barbosa
2013-Jun-19 17:54 UTC
[Dovecot] Dovecot proxy to Microsoft Exchange 2013
Hello, I am trying to do a proxy with dovecot to IMAP backend server that are using Microsoft Exchange 2013. I already did this with Microsoft Exchange 2007 and Microsoft Exchange 2010 and it works perfectly! But with Microsoft Exchange 2013 I can not perform LOGIN. The error log message is: /imap-login: Error: proxy(user at domain.com.br): Login for exchange2013.domain.com.br:143 timed out in state=4 (after 30 secs, local=x.x.x.x:59640)/ My troubleshoot was: - tcpdump on dovecot server side: I can see the commands sent/received by Microsoft Exchange. But no the "OK LOGIN" response. /* OK The Microsoft Exchange IMAP4 service in xxxx is ready.// //C CAPABILITY// //L LOGIN "user at domain.com.br" "123456"// //* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN STARTTLS UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+// //C OK CAPABILITY completed./ - tcpdump with telnet login on dovecot server side: Works fine. /* OK The Microsoft Exchange IMAP4 service in xxxx is ready.// //a login "user at domain.com.br" "123456"// //a OK LOGIN completed.// //a logout// //* BYE Microsoft Exchange Server 2013 IMAP4 server signing off.// //a OK LOGOUT completed./ - Log verbose on Microsoft Exchange 2013. Look like that Microsoft Exchange did not receive the login command. Someone already tried do this with Microsoft Exchange 2013 ? See bellow some information about my dovecot configuration: /# 2.2.2: dovecot.conf// //# OS: Linux 2.6.32-358.2.1.el6.centos.plus.x86_64 x86_64 CentOS release 6.4 (Final)// // //base_dir = /var/run/dovecot/// //disable_plaintext_auth = no// //listen = x.x.x.x// //mbox_write_locks = fcntl// //passdb {// // args = /etc/dovecot/dovecot-ldap.conf.ext// // driver = ldap// //}// // //protocols = imap pop3// //service imap-login {// // inet_listener imap {// // port = 143// // }// // inet_listener imaps {// // port = 993// // ssl = yes// // }// // process_min_avail = 4// // service_count = 0// // vsz_limit = 512 M// //}// //service pop3-login {// // inet_listener pop3 {// // port = 110// // }// // inet_listener pop3s {// // port = 995// // ssl = yes// // }// // process_min_avail = 4// // service_count = 0// // vsz_limit = 512 M// //}// //ssl_cert = </etc/dovecot/certificate/chained.crt// //ssl_key = </etc/dovecot/certificate/cert.key// //userdb {// // driver = prefetch// //}// // ///etc/dovecot/dovecot-ldap.conf.ext// //hosts = x.x.x.x// //dn = cn=admin,o=email// //dnpass = xxxxxxx// //ldap_version = 3// //base = o=email// //scope=subtree// //pass_filter = mail=%u// //pass_attrs = uid=user,=password=,=proxy=y,mailHost=host,=nopassword=y/ Thanks, Ricardo Machini
On 19.6.2013, at 20.54, Ricardo Machini Barbosa <ricardomachini at gmail.com> wrote:> I am trying to do a proxy with dovecot to IMAP backend server that are using Microsoft Exchange 2013. > I already did this with Microsoft Exchange 2007 and Microsoft Exchange 2010 and it works perfectly! But with Microsoft Exchange 2013 I can not perform LOGIN. > > The error log message is: > /imap-login: Error: proxy(user at domain.com.br): Login for exchange2013.domain.com.br:143 timed out in state=4 (after 30 secs, local=x.x.x.x:59640)/ > > My troubleshoot was: > > - tcpdump on dovecot server side: > I can see the commands sent/received by Microsoft Exchange. But no the "OK LOGIN" response. > > /* OK The Microsoft Exchange IMAP4 service in xxxx is ready.// > //C CAPABILITY// > //L LOGIN "user at domain.com.br" "123456"// > //* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN STARTTLS UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+// > //C OK CAPABILITY completed./Looks like Exchange 2013 IMAP has broken command pipelining :( See if it gets fixed by http://hg.dovecot.org/dovecot-2.2/rev/6e8bbc150fa9 and the attached patch on top of that? If it works, I'll commit that patch too. -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 2387 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20130624/99b636b8/attachment.obj> -------------- next part --------------