Edward Buck wrote:
Edward Buck wrote:
This is regarding the recent update courier-imap-4.2.0.
Not sure if something has changed in functionality or perhaps there was
an incompatible configuration change but the update broke my imaps
setup. I admit that my SSL libraries might be the problem since there
was recently a security update for SSL.
I updated SSL using freebsd-update (binary updates) which before today
has been pretty reliable. Afterwards, my old courier-imap still worked
fine (perhaps because it was still using the old libraries?). Then last
night, I updated courier and imaps stopped working (I don't run anything
on the standard imap port).
The error is:
Oct 5 09:40:00 kafka imapd-ssl: couriertls: connect: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number
Here's an update on this issue. I forgot to mention earlier than the
system is FreeBSD 6.2 p8.
The problem seems to be specific to imapd-ssl running on port 993. I
didn't spend a lot of time troubleshooting different clients. Previous
to the update, I used Thunderbird with SSL/port 993 without problems.
Strangely, Korn (KDE mail notifier) seemed to work okay on port 993. It
could be a client thing but I suspect they just default to different SSL
versions.
TLS works just fine on port 143, which is the configuration I've been
meaning to switch to for some time. The update forced the issue and
thus, this problem is not really one anymore. But for those who are
still using imaps on port 993, the update (either the courier-imap
update or the SSL update) may cause some problems.
I ran into this yesterday. Changing TLS_PROTOCOL=SSL3 to =SSL23 in
/usr/local/etc/courier-imap/imapd-ssl (and pop3d-ssl) fixed it.
In my case it was client-specific: Pine, and Nagios' check_imap plugin,
would generate that exact error... but Thunderbird 2.0 would be fine.
I didn't test any other clients.
Some Googling showed that this was a change in Courier, not FreeBSD
specific -- but it might be worth a note in /usr/ports/UPDATING?
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
