Hi,
I've been trying to build a password forwarding proxy to Gmail without
success... The SSL connection to Dovecot is happening no problem (as far as
I can tell), but for some reason the conversation between Dovecot and Gmail
is getting timed out.
I know this is supposed to be simple... :-( But could somebody please
give me some help by pointing what I'm not doing right?
No matter how much I've been researching about this, I can't find the
solution.
Thanks a lot,
Alex
# 2.2.5: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-308.8.2.el5xen x86_64 CentOS release 5.8 (Final)
auth_cache_negative_ttl = 10 mins
auth_cache_size = 1 k
auth_cache_ttl = 10 mins
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = cram-md5 digest-md5 apop login plain
auth_username_chars
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
auth_username_translation %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
auth_verbose = yes
base_dir = /var/run/dovecot/
listen = 162.106.yyy.zzz
login_greeting = Dovecot Ready
login_log_format_elements = %u %r %m %c
mail_debug = yes
mail_max_userip_connections = 100
passdb {
args = proxy=y nopassword=y user=remotemail destuser=remotemail at
gmail.comhostpop.gmail.com port=995 proxy_timeout=15 starttls=y
driver = static
}
protocols = pop3
service pop3-login {
client_limit = 200
inet_listener pop3 {
address = dserver
port = 110
}
process_limit = 1
process_min_avail = 1
service_count = 0
vsz_limit = 256 M
}
ssl = required
ssl_ca = </etc/pki/tls/certs/ca-bundle.crt
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_cipher_list
EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:HIGH:!aNULL:!eNULL:!EXP:!MD5:!LOW:!SSLv2
ssl_client_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_client_key = </etc/pki/dovecot/private/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
args = static uid=10000 gid=10000 home=/dev/null
driver = static
}
verbose_ssl = yes
version_ignore = yes
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x10, ret=1:
before/accept initialization [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: before/accept initialization [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 read client hello A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write server hello A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write certificate A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write key exchange A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write server done A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 flush data [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: auth: Debug: Loading modules from
directory: /usr/lib64/dovecot/auth
Oct 7 09:32:51 dserver dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_mysql.so
Oct 7 09:32:51 dserver dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_pgsql.so
Oct 7 09:32:51 dserver dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so
Oct 7 09:32:51 dserver dovecot: auth: Debug: Read auth token secret from
/var/run/dovecot//auth-token-secret.dat
Oct 7 09:32:51 dserver dovecot: auth: Debug: auth client connected
(pid=25878)
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 read client key exchange A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 read finished A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write change cipher spec A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write finished A [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 flush data [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x20, ret=1:
SSL negotiation finished successfully [162.106.xxx.yyy]
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x2002,
ret=1: SSL negotiation finished successfully [162.106.xxx.yyy]
Oct 7 09:33:13 dserver dovecot: auth: Debug: client in: AUTH 2
PLAIN service=pop3 secured session=oePRXijoMQCiat/X
lip=162.106.yyy.zzz rip=162.106.xxx.yyy lport=995 rport=502
25 resp=AHNtYXJ0YnVzZWRtAHMwbWV0aGluZw== (previous base64 data may
contain sensitive data)
Oct 7 09:33:13 dserver dovecot: auth: Debug:
static(remotemail,162.106.xxx.yyy,<oePRXijoMQCiat/X>): lookup
Oct 7 09:33:13 dserver dovecot: auth: Debug:
static(remotemail,162.106.xxx.yyy,<oePRXijoMQCiat/X>): Allowing any
password
Oct 7 09:33:13 dserver dovecot: auth: Debug: client passdb out: OK
2 user=remotemail proxy nopassword=y destuserremotemail at
gmail.com host=pop.gmail.com port=995 proxy
_timeout=15 starttls=y hostip=74.125.142.108 pass=123456789
Oct 7 09:33:13 dserver dovecot: pop3-login: Debug: Ignoring unknown passdb
extra field: nopassword
Oct 7 09:33:28 dserver dovecot: pop3-login: Error: proxy(remotemail):
Login for pop.gmail.com:995 timed out in state=0 (after 15 secs,
local=162.106.yyy.zzz:59282)
Oct 7 09:33:34 dserver dovecot: pop3-login: Aborted login (internal
failure, 1 successful auths): remotemail, 162.106.xxx.yyy, PLAIN, TLS
Oct 7 09:33:34 dserver dovecot: pop3-login: Debug: SSL alert: close notify
[162.106.xxx.yyy]