* Markus Fritz <markus.fr...@opsys.de>: > Am 05.05.2012 21:06, schrieb Markus Fritz: > >Hello, > > > >I have this problem: > >May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth > >attempts): rip=84.150.52.31, lip=78.46.216.126 > > > >Connecting via Thunderbird to STARTTLS won't work, but with a website > >from the same server it works for tls://opsys.de. > >So why is the port closed for external ip's? > >IPTABLES entry for imap is this: > >fail2ban-dovecot-pop3imap tcp -- anywhere anywhere > > multiport dports pop3,pop3s,imap2,imaps > > > >Key files are correct TLS is working from localhost. > > > >System is Debian squeeze > > Thunderbird says 'tls not available due temporary reason' now.
Assuming your server cert is located in /etc/ssl/certs/ca-certificates.crt try this on your server: openssl s_client -starttls imap -CAfile /etc/ssl/certs/ca-certificates.crt -connect localhost:143 Use "2 logout" to get out of the session. If it works, try the same from your client host. Does it work both times? p@rick -- state of mind () http://www.state-of-mind.de Franziskanerstraße 15 Telefon +49 89 3090 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München Partnerschaftsregister PR 563
