You know that imapc != imap proxy. imapc is a thin client, which is a "mail storage provider" like maildir. imap proxy is when you proxy the connection somewhere. this is done with proxy_ settings in passdb. You need to specify ssl_client_ca_dir = /etc/ssl/certs to get cert verification working with imapc. it's required. Aki> On 27/10/2020 10:54 David Tildesley <davotnz at yahoo.co.nz> wrote: > > > I have solved the port problem by specifying it in the passdb section as userdb_imapc_port=993 > > But: > This is in the error log when I make a connection from the client: > > Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting > Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs > > > On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote: > > > > xxxx at imapproxy01:/etc/dovecot/conf.d$ dovecot -n > # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.5.7.2 () > # OS: Linux 5.4.0-1031-azure x86_64 Ubuntu 20.04.1 LTS > # Hostname: imapproxy01.trf04sdec2hu1b4wur4lazeo3f.px.internal.cloudapp.net > auth_verbose = yes > disable_plaintext_auth = no > imapc_host = imap.gmail.com > imapc_password = # hidden, use -P to show it > imapc_port = 993 > imapc_ssl = imaps > imapc_ssl_verify = no > imapc_user = xxxxxx at gmail.com > mail_home = /home/vmail/%u > mail_location = imapc:~/imapc > mail_privileged_group = mail > namespace inbox { > inbox = yes > location > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix > } > passdb { > args = host=imap.gmail.com port=993 ssl=imaps > default_fields = userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=xxxx at gmail.com userdb_imapc_password=#hidden_use-P_to_show# userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 > driver = imap > } > plugin { > sieve = file:~/sieve;active=~/.dovecot.sieve > } > protocols = " imap" > ssl_cert = </etc/dovecot/private/dovecot.pem > ssl_client_ca_dir = /etc/ssl/certs > ssl_dh = # hidden, use -P to show it > ssl_key = # hidden, use -P to show it > userdb { > driver = prefetch > } > > On Tuesday, 27 October 2020, 09:16:51 pm NZDT, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > > On 27/10/2020 10:08 David Tildesley <davotnz at yahoo.co.nz> wrote: > > > > > > Hi, > > > > Dovecot v2.3.7.2 on Ubuntu 18.04LTS > > > > I have configured for imap proxy to imap.gmail.com > > > > However whilst the imapc_host setting is working, imapc_port is not - it ignores the value I set and dovecot always tries to connect to gmail on port 143 (as per error log output). > > > > I have the imapc settings in the 10-mail.conf which gets loaded by dovecoat.conf > > > > Looks like a bug. > > > > Any assistance would appreciated. > > > > Regards, > > David. > > > Can you provide output of `doveconf -n`? > > Aki >
Hi Aki,
Thanks. I didn't know that about imapc - but by the way, I finally got it
working.
The reason why I am inserting Dovecot between my (single) client and our
Exchange server (eventually - I am still testing against imap.gmail.com)? is to
that I can manipulate the email with Sieve due to limitations of my client
(Genesys).
Give the above scenario, should I use imapc or proxy ?
Thanks for your help.
Regards,
David.
On Tuesday, 27 October 2020, 10:17:37 pm NZDT, Aki Tuomi <aki.tuomi at
open-xchange.com> wrote:
You know that imapc != imap proxy.
imapc is a thin client, which is a "mail storage provider" like
maildir.
imap proxy is when you proxy the connection somewhere. this is done with proxy_
settings in passdb.
You need to specify
ssl_client_ca_dir = /etc/ssl/certs
to get cert verification working with imapc. it's required.
Aki
> On 27/10/2020 10:54 David Tildesley <davotnz at yahoo.co.nz> wrote:
>
>
> I have solved the port problem by specifying it in the passdb section as
userdb_imapc_port=993
>
> But:
> This is in the error log when I make a connection from the client:
>
> Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot
verify certificate without ssl_ca_dir or ssl_ca_file setting
> Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command
startup failed, throttling for 2 secs
>
>
> On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz
at yahoo.co.nz> wrote:
>
>
>
> xxxx at imapproxy01:/etc/dovecot/conf.d$ dovecot -n
> # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.7.2 ()
> # OS: Linux 5.4.0-1031-azure x86_64 Ubuntu 20.04.1 LTS
> # Hostname: imapproxy01.trf04sdec2hu1b4wur4lazeo3f.px.internal.cloudapp.net
> auth_verbose = yes
> disable_plaintext_auth = no
> imapc_host = imap.gmail.com
> imapc_password = # hidden, use -P to show it
> imapc_port = 993
> imapc_ssl = imaps
> imapc_ssl_verify = no
> imapc_user = xxxxxx at gmail.com
> mail_home = /home/vmail/%u
> mail_location = imapc:~/imapc
> mail_privileged_group = mail
> namespace inbox {
> inbox = yes
> location > mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix > }
> passdb {
> args = host=imap.gmail.com port=993 ssl=imaps
> default_fields = userdb_namespace=gmail userdb_namespace/gmail/list=yes
userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=.
userdb_namespace/gmail/prefix=INBOX.gmail.
userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com
userdb_imapc_user=xxxx at gmail.com userdb_imapc_password=#hidden_use-P_to_show#
userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs
userdb_imapc_port=993
> driver = imap
> }
> plugin {
> sieve = file:~/sieve;active=~/.dovecot.sieve
> }
> protocols = " imap"
> ssl_cert = </etc/dovecot/private/dovecot.pem
> ssl_client_ca_dir = /etc/ssl/certs
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> userdb {
> driver = prefetch
> }
>
> On Tuesday, 27 October 2020, 09:16:51 pm NZDT, Aki Tuomi <aki.tuomi at
open-xchange.com> wrote:
>
>
>
> > On 27/10/2020 10:08 David Tildesley <davotnz at yahoo.co.nz>
wrote:
> >
> >
> > Hi,
> >
> > Dovecot v2.3.7.2 on Ubuntu 18.04LTS
> >
> > I have configured for imap proxy to imap.gmail.com
> >
> > However whilst the imapc_host setting is working, imapc_port is not -
it ignores the value I set and dovecot always tries to connect to gmail on port
143 (as per error log output).
> >
> > I have the imapc settings in the 10-mail.conf which gets loaded by
dovecoat.conf
> >
> > Looks like a bug.
> >
> > Any assistance would appreciated.
> >
> > Regards,
> > David.
>
>
> Can you provide output of `doveconf -n`?
>
> Aki
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20201027/a8257a86/attachment-0001.html>
imap proxy is a "dumb proxy", it will just pass everything to google & back after you've authenticated. imapc allows you to use imap sieve to some extent. I'm not sure what kind of Sieve manipulations you have in mind. Aki> On 27/10/2020 11:42 David Tildesley <davotnz at yahoo.co.nz> wrote: > > > Hi Aki, > > Thanks. I didn't know that about imapc - but by the way, I finally got it working. > > The reason why I am inserting Dovecot between my (single) client and our Exchange server (eventually - I am still testing against imap.gmail.com) is to that I can manipulate the email with Sieve due to limitations of my client (Genesys). > > Give the above scenario, should I use imapc or proxy ? > > Thanks for your help. > > Regards, > David. > > > On Tuesday, 27 October 2020, 10:17:37 pm NZDT, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > You know that imapc != imap proxy. > > imapc is a thin client, which is a "mail storage provider" like maildir. > > imap proxy is when you proxy the connection somewhere. this is done with proxy_ settings in passdb. > > You need to specify > > ssl_client_ca_dir = /etc/ssl/certs > > to get cert verification working with imapc. it's required. > > Aki > > > > On 27/10/2020 10:54 David Tildesley <davotnz at yahoo.co.nz> wrote: > > > > > > I have solved the port problem by specifying it in the passdb section as userdb_imapc_port=993 > > > > But: > > This is in the error log when I make a connection from the client: > > > > Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting > > Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs > > > > > > On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote: > > > > > > > > xxxx at imapproxy01:/etc/dovecot/conf.d$ dovecot -n > > # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf > > # Pigeonhole version 0.5.7.2 () > > # OS: Linux 5.4.0-1031-azure x86_64 Ubuntu 20.04.1 LTS > > # Hostname: imapproxy01.trf04sdec2hu1b4wur4lazeo3f.px.internal.cloudapp.net > > auth_verbose = yes > > disable_plaintext_auth = no > > imapc_host = imap.gmail.com > > imapc_password = # hidden, use -P to show it > > imapc_port = 993 > > imapc_ssl = imaps > > imapc_ssl_verify = no > > imapc_user = xxxxxx at gmail.com > > mail_home = /home/vmail/%u > > mail_location = imapc:~/imapc > > mail_privileged_group = mail > > namespace inbox { > > inbox = yes > > location > > mailbox Drafts { > > special_use = \Drafts > > } > > mailbox Junk { > > special_use = \Junk > > } > > mailbox Sent { > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > special_use = \Sent > > } > > mailbox Trash { > > special_use = \Trash > > } > > prefix > > } > > passdb { > > args = host=imap.gmail.com port=993 ssl=imaps > > default_fields = userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=xxxx at gmail.com userdb_imapc_password=#hidden_use-P_to_show# userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 > > driver = imap > > } > > plugin { > > sieve = file:~/sieve;active=~/.dovecot.sieve > > } > > protocols = " imap" > > ssl_cert = </etc/dovecot/private/dovecot.pem > > ssl_client_ca_dir = /etc/ssl/certs > > ssl_dh = # hidden, use -P to show it > > ssl_key = # hidden, use -P to show it > > userdb { > > driver = prefetch > > } > > > > On Tuesday, 27 October 2020, 09:16:51 pm NZDT, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > > > > > > On 27/10/2020 10:08 David Tildesley <davotnz at yahoo.co.nz> wrote: > > > > > > > > > Hi, > > > > > > Dovecot v2.3.7.2 on Ubuntu 18.04LTS > > > > > > I have configured for imap proxy to imap.gmail.com > > > > > > However whilst the imapc_host setting is working, imapc_port is not - it ignores the value I set and dovecot always tries to connect to gmail on port 143 (as per error log output). > > > > > > I have the imapc settings in the 10-mail.conf which gets loaded by dovecoat.conf > > > > > > Looks like a bug. > > > > > > Any assistance would appreciated. > > > > > > Regards, > > > David. > > > > > > Can you provide output of `doveconf -n`? > > > > Aki > >