On 10/13/16 9:07 AM, Aki Tuomi wrote:> >> On October 13, 2016 at 4:55 PM Jerry <jerry at seibercom.net> wrote: >> >> >> On Thu, 13 Oct 2016 08:36:23 -0500, Bryan Holloway stated: >> >>> I also extended the "Server Timeout" setting in OT2010 to 10 minutes, >>> which doesn't seem to help either. (!) >> >> Outlook 2010 is a very old version. Why not update to the 2016 version. >> I am running it without any problems. If you do update, remember to >> remove the old version completely first. >> >> -- >> Jerry > > I do wonder if the real culprit is some firewall that timeouts the idle connection. > > Aki >I considered that, but again everything worked fine until we moved them from 2.1 to 2.2. Their same firewall is in use. Is there a way to see the IMAP commands coming from the client? I've tried looking at PCAPs, but of course they're encrypted so I can't see the actual dialog going on between the server and client. I didn't see an obvious way to do this in the docs.
On Thu, 13 Oct 2016 09:53:19 -0500 Bryan Holloway <bryan at shout.net> wrote: [...]> Is there a way to see the IMAP commands coming from the client? I've > tried looking at PCAPs, but of course they're encrypted so I can't > see the actual dialog going on between the server and client. I > didn't see an obvious way to do this in the docs.If you have access to the SSL/TLS key (IOW, the private part of the cert) the server uses to secure IMAP connections you can dump the IMAP traffic using the `ssldump` utility (which builds on `tcpdump`).
On 10/13/16 10:23 AM, Konstantin Khomoutov wrote:> On Thu, 13 Oct 2016 09:53:19 -0500 > Bryan Holloway <bryan at shout.net> wrote: > > [...] >> Is there a way to see the IMAP commands coming from the client? I've >> tried looking at PCAPs, but of course they're encrypted so I can't >> see the actual dialog going on between the server and client. I >> didn't see an obvious way to do this in the docs. > > If you have access to the SSL/TLS key (IOW, the private part of the > cert) the server uses to secure IMAP connections you can dump the IMAP > traffic using the `ssldump` utility (which builds on `tcpdump`). >I do, but the client is using a DH key exchange so I only have the server-side private key. Tried that using Wireshark's decoder features and ran into this problem. I'm assuming I'd run into the same using ssldump, but I'll give it a shot! Stupid privacy. :)
Am 13.10.2016 um 16:53 schrieb Bryan Holloway:> On 10/13/16 9:07 AM, Aki Tuomi wrote: >> >>> On October 13, 2016 at 4:55 PM Jerry <jerry at seibercom.net> wrote: >>> >>> >>> On Thu, 13 Oct 2016 08:36:23 -0500, Bryan Holloway stated: >>> >>>> I also extended the "Server Timeout" setting in OT2010 to 10 minutes, >>>> which doesn't seem to help either. (!) >>> >>> Outlook 2010 is a very old version. Why not update to the 2016 version. >>> I am running it without any problems. If you do update, remember to >>> remove the old version completely first. >>> >>> -- >>> Jerry >> >> I do wonder if the real culprit is some firewall that timeouts the idle connection. >> >> Aki >> > > I considered that, but again everything worked fine until we moved them from 2.1 to 2.2. Their same firewall is in use. > > Is there a way to see the IMAP commands coming from the client? I've tried looking at PCAPs, but of course they're encrypted so I can't see the actual > dialog going on between the server and client. I didn't see an obvious way to do this in the docs. >There is a "rawlog" feature, which writes down the hole decrypted imap session in files. ... service imap { ... executable = imap postlogin ... } ... service postlogin { executable = script-login -d rawlog unix_listener postlogin { } } ... This should write *.in an *.out files to "$mail_location/dovecot.rawlog/" directory for each imap session. The directory should be writeable by the dovecot user. I tested this some years ago, so I'm not shure if the configuration is still valid. Regards Urban
On 10/13/16 10:42 AM, Urban Loesch wrote:> > > Am 13.10.2016 um 16:53 schrieb Bryan Holloway: >> On 10/13/16 9:07 AM, Aki Tuomi wrote: >>> >>>> On October 13, 2016 at 4:55 PM Jerry <jerry at seibercom.net> wrote: >>>> >>>> >>>> On Thu, 13 Oct 2016 08:36:23 -0500, Bryan Holloway stated: >>>> >>>>> I also extended the "Server Timeout" setting in OT2010 to 10 minutes, >>>>> which doesn't seem to help either. (!) >>>> >>>> Outlook 2010 is a very old version. Why not update to the 2016 version. >>>> I am running it without any problems. If you do update, remember to >>>> remove the old version completely first. >>>> >>>> -- >>>> Jerry >>> >>> I do wonder if the real culprit is some firewall that timeouts the >>> idle connection. >>> >>> Aki >>> >> >> I considered that, but again everything worked fine until we moved >> them from 2.1 to 2.2. Their same firewall is in use. >> >> Is there a way to see the IMAP commands coming from the client? I've >> tried looking at PCAPs, but of course they're encrypted so I can't see >> the actual >> dialog going on between the server and client. I didn't see an obvious >> way to do this in the docs. >> > > There is a "rawlog" feature, which writes down the hole decrypted imap > session in files. > > ... > service imap { > ... > executable = imap postlogin > ... > } > > ... > > service postlogin { > executable = script-login -d rawlog > unix_listener postlogin { > } > } > ... > > This should write *.in an *.out files to > "$mail_location/dovecot.rawlog/" directory for each imap session. > The directory should be writeable by the dovecot user. I tested this > some years ago, so I'm not shure if the configuration > is still valid. > > Regards > UrbanGreat! I will try this.