subject:"\[Dovecot\] Config problem\: want SSL \+ local roundcube"

[Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Rich


Hi,

Have used dovecot for many years, happy that it worked well without me 
needing to do anything much! But since the upgrade from v1 to v2.1.7-7 
I've come across some config probs.


I want IMAP and to force TLS for all internet connections. However, I 
run RoundCube on the same server (over https) and this needs access too, 
but this doesn't need to be TLS because it's local anyway.


The auto-config update script made some changes, it added the following 
to force SSL.


service imap-login {
  inet_listener imap {
port = 0
  }
}

ssl = required


But this seems to forbid the local roundcube service from logging in.

Can anyone help me with my config? I had a stab, adding the following, 
but it didn't work. Was a complete guess anyway!


remote 127.0.0.1 {
ssl = no
service imap-login {
  inet_listener imap {
port = 143
  }
}
}


Here's my full config:

# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 7.2 ext3
auth_default_realm = artfulrobot.com
log_timestamp = %Y-%m-%d %H:%M:%S 
mail_location = maildir:/home/virtual/%d/%n
mail_privileged_group = mail
passdb {
  args = username_format=%n /etc/exim4/virtual_domains/%d/passwords
  driver = passwd-file
}
protocols = imap
service auth {
  unix_listener auth-client {
group = Debian-exim
mode = 0660
  }
  user = root
}
service imap-login {
  inet_listener imap {
port = 0
  }
}
ssl = required
ssl_cert = /etc/ssl/certs/mail.artfulrobot.com-with-chain.crt
ssl_key = /etc/ssl/private/mail.artfulrobot.com.key
userdb {
  args = uid=1001 gid=1001
  driver = static
}
userdb {
  driver = passwd
}


Thanks,

Rich

Re: [Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Reindl Harald



Am 05.11.2013 16:54, schrieb Rich:
 Have used dovecot for many years, happy that it worked well without me 
 needing to do anything much! But since the
 upgrade from v1 to v2.1.7-7 I've come across some config probs.
 
 I want IMAP and to force TLS for all internet connections. However, I run 
 RoundCube on the same server (over https)
 and this needs access too, but this doesn't need to be TLS because it's local 
 anyway

does it hurt? no!
does it hurt make the config more complex than needed? yes!

so leave roundcube use TLS on 127.0.0.1 and you are done
you are not the first one seeking a solution for this non existing problem



signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Rich


On 05/11/13 15:56, Reindl Harald wrote:

does it hurt? no!


My SSL certificate is of course invalid for 127.0.0.1 and I could not 
get RC to connect on port 993 for some reason (although that's probably 
for a RC mailing list, granted).

Re: [Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Benjamin Podszun


On Tuesday, November 5, 2013 5:35:15 PM CEST, Rich wrote:

On 05/11/13 15:56, Reindl Harald wrote:

does it hurt? no!


My SSL certificate is of course invalid for 127.0.0.1 and I 
could not get RC to connect on port 993 for some reason 
(although that's probably for a RC mailing list, granted).




I guess the question is mostly Why isn't RC connecting to your 
certificate's CN like everyone else? Why 127.0.0.1, not example.com?

Re: [Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Reindl Harald



Am 05.11.2013 17:35, schrieb Rich:
 On 05/11/13 15:56, Reindl Harald wrote:
 does it hurt? no!
 
 My SSL certificate is of course invalid for 127.0.0.1

have you tried that it matters or do you only guess?

http://trac.roundcube.net/ticket/1485771

 and I could not get RC to connect on port 993 for some reason


http://trac.roundcube.net/wiki/Howto_Config


'default_host'

By default the login screen provides a text box where you need to enter the 
IMAP host which you want to connect to.
This box can be hidden by setting one fixed IMAP host address:

$rcmail_config['default_host'] = 'localhost';

To use SSL/TLS connection, enter the hostname with prefix ssl:// or tls://

And if you want a drop-down list like it's explained in the comments you need 
something like this:

$rcmail_config['default_host'] = array('mail.example.com', 
'webmail.example.com', 'ssl://mail.example.com:993');




signature.asc
Description: OpenPGP digital signature

Re: [Dovecot] Config problem: want SSL + local roundcube

2013-11-05 Thread Rich

Ok, thanks for your time, let's end this thread. Seems it's probably 
more a RC thing than a Dovecot thing. Still can't get it to work (yes 
I'd already RTFM'ed and tried all the various RC config options) but 
happy to ask over at RC instead.


Thanks.

Rich

[Dovecot] Config problem: want SSL + local roundcube

Re: [Dovecot] Config problem: want SSL + local roundcube

Re: [Dovecot] Config problem: want SSL + local roundcube

Re: [Dovecot] Config problem: want SSL + local roundcube

Re: [Dovecot] Config problem: want SSL + local roundcube

Re: [Dovecot] Config problem: want SSL + local roundcube

6 matches

Site Navigation

Mail list logo

Footer information