On Oct 5, 2012, at 10:20 PM, Luigi Rosa <li...@luigirosa.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Nick Rosier said the following on 05/10/12 22:47: > >>> How do you enable this in Thunderbird? If by "enabling IPv6" you mean you >>> put in the IPv6 address in stead of the hostname, that's probably where >>> you're wrong. The certificate contains your hostname, not the IP-address >>> so the hostname verification check fails if you insert the IPv6 address >>> (i.e. hostname.tld != 2001:470:1f09:203:fdbf:508e:4a29:56c5so your >>> connection fails). > > Good point. But does not explain why it works if I put the IPv4 address of the > server (the local LAN IPv4, not the public IPv4). > >>> I've verified this by changing the hostname to IPv6 in Thunderbird and >>> got the same error as you do. You would get the same error if you >>> configure the IPv4 address in TB. > > The server I am referring to has 2 NICs one with a public IP and the other > with a local IP address (10.0.0.254) > > If I put 10.0.0.254 instead of the IPv6 address I can successfully connect > using TLS: > > Oct 6 07:13:44 mail dovecot: imap-login: Login: user=<lr...@hypertrek.info>, > method=CRAM-MD5, rip=10.0.0.155, lip=10.0.0.254, mpid=17812, TLS, > session=<LZhzDV3LMQAKE0Ob> And do you have a PTR record for 10.0.0.254? Sean