Imap: Difference between revisions

From finninday
Jump to navigation Jump to search
Line 77: Line 77:
</pre>
</pre>
The fact that it is self-signed never was a problem before... but maybe things have changed.  Maybe imapd isn't presenting the right cert...
The fact that it is self-signed never was a problem before... but maybe things have changed.  Maybe imapd isn't presenting the right cert...
===Thunderbird imap logging===
I turned on Thunderbird's logging of imap transactions like this:
<pre>
export NSPR_LOG_MODULES=imap:5
export NSPR_LOG_FILE=/tmp/filename
thunderbird
</pre>
This is what appears in the log when I try to connect via imap SSL port 993:
<pre>
2131264[9699eb0]: afa69b0:weasel.finninday.net:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN
-1264583792[ab44f10]: ImapThreadMainLoop entering [this=afa69b0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL: entering
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL:imap://rday@weasel.finninday.net:993/select%3E%5EINBOX:  = currentUrl
-1264583792[ab44f10]: ReadNextLine [stream=b15e250 nb=49 needmore=0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: * BYE imaplogin expected exactly two arguments.
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:SendData: 1 capability
-1264583792[ab44f10]: ReadNextLine [stream=b15e250 nb=4294967295 needmore=0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: clearing IMAP_CONNECTION_IS_OPEN - rv = 80470002
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:TellThreadToDie: close socket connection
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: (null)
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL: aborting queued urls
-1264583792[ab44f10]: ImapThreadMainLoop leaving [this=afa69b0]
</pre>
Not particularly helpful.
For the same transaction, I see nothing in mail.log.

Revision as of 20:25, 15 May 2008

Platform: Hardy Heron amd64

https://help.ubuntu.com/community/Squirrelmail

http://flurdy.com/docs/postfix/

Packages

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name                                       Version                             Description
+++-==========================================-===================================-============================================

ii  courier-authdaemon                         0.60.1-1ubuntu2                     Courier authentication daemon
ii  courier-authlib                            0.60.1-1ubuntu2                     Courier authentication library
ii  courier-authlib-userdb                     0.60.1-1ubuntu2                     userdb support for the Courier authentication
ii  courier-base                               0.58.0.20080127-1ubuntu1            Courier mail server - base system
ii  courier-imap                               4.3.0.20081027-1ubuntu1             Courier mail server - IMAP server
ii  courier-imap-ssl                           4.3.0.20081027-1ubuntu1             Courier mail server - IMAP over SSL
ii  courier-ssl                                0.58.0.20080127-1ubuntu1            Courier mail server - SSL/TLS Support


Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name                       Version                    Description
+++-==========================-==========================-====================================================================
ii  squirrelmail               2:1.4.13-2ubuntu1          Webmail for nuts
un  squirrelmail-decode        <none>                     (no description available)
un  squirrelmail-locales       <none>                     (no description available)

Test output

root@weasel:/etc/default# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
a login myuserid mypassword
a OK LOGIN Ok.
q logout
* BYE Courier-IMAP server shutting down
q OK LOGOUT completed
Connection closed by foreign host.


Testing imap over ssl seems a little more difficult: 

[root@snapper downloads]# telnet finninday.net 993
Trying 24.21.185.50...
Connected to finninday.net.
Escape character is '^]'.

I'm not sure how to construct a transaction by hand, but when I quit, I got this in the log: 

May 15 10:43:46 weasel imapd-ssl: Unexpected SSL connection shutdown.
May 15 10:44:50 weasel imapd-ssl: couriertls: accept: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

So I'm getting past the firewall and talking to the imapd-ssl process.

This might be helpful information: 

rday@weasel:~$ couriertls -host=finninday.net -port=993
couriertls: connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

That's odd because I can verify the cert like this: 

root@weasel:/etc/courier# openssl verify imapd.pem
imapd.pem: /C=US/ST=Oregon/L=Portland/O=finninday.net/CN=weasel.finninday.net/emailAddress=rday@finninday.net
error 18 at 0 depth lookup:self signed certificate
OK

The fact that it is self-signed never was a problem before... but maybe things have changed. Maybe imapd isn't presenting the right cert...

Thunderbird imap logging

I turned on Thunderbird's logging of imap transactions like this: 

export NSPR_LOG_MODULES=imap:5
export NSPR_LOG_FILE=/tmp/filename
thunderbird

This is what appears in the log when I try to connect via imap SSL port 993: 

2131264[9699eb0]: afa69b0:weasel.finninday.net:NA:SetupWithUrl: clearing IMAP_CONNECTION_IS_OPEN
-1264583792[ab44f10]: ImapThreadMainLoop entering [this=afa69b0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL: entering
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL:imap://rday@weasel.finninday.net:993/select%3E%5EINBOX:  = currentUrl
-1264583792[ab44f10]: ReadNextLine [stream=b15e250 nb=49 needmore=0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: * BYE imaplogin expected exactly two arguments.
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:SendData: 1 capability
-1264583792[ab44f10]: ReadNextLine [stream=b15e250 nb=4294967295 needmore=0]
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: clearing IMAP_CONNECTION_IS_OPEN - rv = 80470002
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:TellThreadToDie: close socket connection
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:CreateNewLineFromSocket: (null)
-1264583792[ab44f10]: afa69b0:weasel.finninday.net:NA:ProcessCurrentURL: aborting queued urls
-1264583792[ab44f10]: ImapThreadMainLoop leaving [this=afa69b0]

Not particularly helpful. For the same transaction, I see nothing in mail.log.

Retrieved from "https://finninday.net/wiki/index.php?title=Imap&oldid=2474"