Re: [qmailtoaster] Re: SSL
New clean minimal install, I am unable to recreate the problem It just works, ? That’s a good thing , right : ) Any hoo, I have also setup client to only use SSL for Imap port 993, and smtp port 465 Outlook 2010 screen shot attached. Now to get on and add, fail2ban then after that I will try the replication. Dave M -Original Message- From: Dave M Sent: Saturday, May 03, 2014 12:49 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: SSL I edited /var/qmail/supervise/smtp/run Maybe it had nothing to do with dovecot at all, But after the edit I also did a reboot maybe I was misunderstanding, and the reboot actually fixed the problem I will try to recreat error, when I get back into work on Monday Dave M On 5/2/2014 2:36 PM, Eric Shubert wrote: I'm missing something. Dovecot doesn't use run files, it uses an init.d script. I don't see how softlimit pertains to dovecot (nor its use of mysql). Raising which softlimit fixes this? Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
I edited /var/qmail/supervise/smtp/run Maybe it had nothing to do with dovecot at all, But after the edit I also did a reboot maybe I was misunderstanding, and the reboot actually fixed the problem I will try to recreat error, when I get back into work on Monday Dave M On 5/2/2014 2:36 PM, Eric Shubert wrote: I'm missing something. Dovecot doesn't use run files, it uses an init.d script. I don't see how softlimit pertains to dovecot (nor its use of mysql). Raising which softlimit fixes this? Thanks. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL
On 05/01/2014 08:09 AM, Dave M wrote: tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Dovecot should not be configured to use mysql. It uses vpopmail instead, which does the mysql accessing. FWIW, I have no instances of mysql in my dovecot.log. What's your dovecot configuration? # doveconf -n -- -Eric 'shubes' - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
Gentlemen: I may be able to offer a reason for the mysql reference: - the softlimit program is applied to the smtp instance -- which includes the child processes of spamdyke, vpopmail, etc. - the same will be true for the other SSL-enabled processes. I have found that I almost universally have to adjust the softlimit variables when I enable SSL. (and FWIW, I use 128 MB -- same as Hassan recommended :)) Dan McAllister On 5/2/2014 1:39 PM, Dave M wrote: Hi Eric, I thoght that was weird to Out put of dovecot -n : # 2.2.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.11.2.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 first_valid_gid = 89 first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_plugins = quota namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin { quota = maildir:ignore=Trash quota_rule = ?:storage=0 } protocols = imap pop3 ssl_cert = /etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_dh_parameters_length = 2048 ssl_key = /etc/ssl/private/dovecot.pem userdb { args = cache_key=%u quota_template=quota_rule=*:backend=%q driver = vpopmail } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_fast_size_lookups = yes pop3_lock_session = yes } Dave M -Original Message- From: Eric Shubert Sent: Friday, May 02, 2014 11:02 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: SSL On 05/01/2014 08:09 AM, Dave M wrote: tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Dovecot should not be configured to use mysql. It uses vpopmail instead, which does the mysql accessing. FWIW, I have no instances of mysql in my dovecot.log. What's your dovecot configuration? # doveconf -n -- IT4SOHO, LLC 33 - 4th Street N, Suite 211 St. Petersburg, FL 33701-3806 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-647-7646 Local 727-490-4394 Fax We have support plans for QMail! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
Thanks Dan, raising softlimit works Dave M -Original Message- From: Dan McAllister Sent: Friday, May 02, 2014 11:54 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: SSL Gentlemen: I may be able to offer a reason for the mysql reference: - the softlimit program is applied to the smtp instance -- which includes the child processes of spamdyke, vpopmail, etc. - the same will be true for the other SSL-enabled processes. I have found that I almost universally have to adjust the softlimit variables when I enable SSL. (and FWIW, I use 128 MB -- same as Hassan recommended :)) Dan McAllister On 5/2/2014 1:39 PM, Dave M wrote: Hi Eric, I thoght that was weird to Out put of dovecot -n : # 2.2.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.11.2.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 first_valid_gid = 89 first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_plugins = quota namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin { quota = maildir:ignore=Trash quota_rule = ?:storage=0 } protocols = imap pop3 ssl_cert = /etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_dh_parameters_length = 2048 ssl_key = /etc/ssl/private/dovecot.pem userdb { args = cache_key=%u quota_template=quota_rule=*:backend=%q driver = vpopmail } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_fast_size_lookups = yes pop3_lock_session = yes } Dave M -Original Message- From: Eric Shubert Sent: Friday, May 02, 2014 11:02 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: SSL On 05/01/2014 08:09 AM, Dave M wrote: tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Dovecot should not be configured to use mysql. It uses vpopmail instead, which does the mysql accessing. FWIW, I have no instances of mysql in my dovecot.log. What's your dovecot configuration? # doveconf -n -- IT4SOHO, LLC 33 - 4th Street N, Suite 211 St. Petersburg, FL 33701-3806 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-647-7646 Local 727-490-4394 Fax We have support plans for QMail! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
ditto to Hassan -Original Message- From: Dave M Sent: Friday, May 02, 2014 1:59 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: SSL Thanks Dan, raising softlimit works Dave M -Original Message- From: Dan McAllister Sent: Friday, May 02, 2014 11:54 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: SSL Gentlemen: I may be able to offer a reason for the mysql reference: - the softlimit program is applied to the smtp instance -- which includes the child processes of spamdyke, vpopmail, etc. - the same will be true for the other SSL-enabled processes. I have found that I almost universally have to adjust the softlimit variables when I enable SSL. (and FWIW, I use 128 MB -- same as Hassan recommended :)) Dan McAllister On 5/2/2014 1:39 PM, Dave M wrote: Hi Eric, I thoght that was weird to Out put of dovecot -n : # 2.2.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.11.2.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 first_valid_gid = 89 first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_plugins = quota namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin { quota = maildir:ignore=Trash quota_rule = ?:storage=0 } protocols = imap pop3 ssl_cert = /etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_dh_parameters_length = 2048 ssl_key = /etc/ssl/private/dovecot.pem userdb { args = cache_key=%u quota_template=quota_rule=*:backend=%q driver = vpopmail } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_fast_size_lookups = yes pop3_lock_session = yes } Dave M -Original Message- From: Eric Shubert Sent: Friday, May 02, 2014 11:02 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: SSL On 05/01/2014 08:09 AM, Dave M wrote: tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Dovecot should not be configured to use mysql. It uses vpopmail instead, which does the mysql accessing. FWIW, I have no instances of mysql in my dovecot.log. What's your dovecot configuration? # doveconf -n -- IT4SOHO, LLC 33 - 4th Street N, Suite 211 St. Petersburg, FL 33701-3806 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-647-7646 Local 727-490-4394 Fax We have support plans for QMail! - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL
I'm missing something. Dovecot doesn't use run files, it uses an init.d script. I don't see how softlimit pertains to dovecot (nor its use of mysql). Raising which softlimit fixes this? Thanks. -- -Eric 'shubes' On 05/02/2014 12:59 PM, Dave M wrote: Thanks Dan, raising softlimit works Dave M -Original Message- From: Dan McAllister Sent: Friday, May 02, 2014 11:54 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: SSL Gentlemen: I may be able to offer a reason for the mysql reference: - the softlimit program is applied to the smtp instance -- which includes the child processes of spamdyke, vpopmail, etc. - the same will be true for the other SSL-enabled processes. I have found that I almost universally have to adjust the softlimit variables when I enable SSL. (and FWIW, I use 128 MB -- same as Hassan recommended :)) Dan McAllister On 5/2/2014 1:39 PM, Dave M wrote: Hi Eric, I thoght that was weird to Out put of dovecot -n : # 2.2.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.11.2.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 first_valid_gid = 89 first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_plugins = quota namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin { quota = maildir:ignore=Trash quota_rule = ?:storage=0 } protocols = imap pop3 ssl_cert = /etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_dh_parameters_length = 2048 ssl_key = /etc/ssl/private/dovecot.pem userdb { args = cache_key=%u quota_template=quota_rule=*:backend=%q driver = vpopmail } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_fast_size_lookups = yes pop3_lock_session = yes } Dave M -Original Message- From: Eric Shubert Sent: Friday, May 02, 2014 11:02 AM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: SSL On 05/01/2014 08:09 AM, Dave M wrote: tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Dovecot should not be configured to use mysql. It uses vpopmail instead, which does the mysql accessing. FWIW, I have no instances of mysql in my dovecot.log. What's your dovecot configuration? # doveconf -n - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
Modified dovecot config in toaster.conf restarted dovecot and get : doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/toaster.conf:12: 'imaps' protocol is no longer necessary, remove it doveconf: Warning: Obsolete setting in /etc/dovecot/toaster.conf:12: 'pop3s' protocol is no longer necessary, remove it So I removed the entries for imaps and pop3s again Just testing to use only imaps and pop3s I will read further and reply back shortly Dave M -Original Message- From: Eric Shubert Sent: Wednesday, April 30, 2014 10:56 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: SSL On 04/30/2014 01:50 PM, Dave M wrote: On New Centos 6 build, Can we setup imaps and pop3s , it fails on new client install ( Outlook and Thunderbird ) Squirrel mail works fine Dave M Sure. I didn't omit these intentionally, although they should be deprecated. http://wiki2.dovecot.org/SSL The preferred client configuration would be to use STARTTLS, which TBird has had for a long time, and I think Outlook introduced it in O'07. To enable the SSL(-only) ports, you'll need protocols = imap imaps pop3 pop3s in the /etc/dovecot/toaster.conf file. I expect the corresponding protocol { } sections in the toaster.conf file should be replicated for the SSL sister protocols as well, but I'm not positive about this. Please give it a shot, report back, and we'll release a new version with these ports enabled. Thanks. -- -Eric 'shubes' - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL
My observations: Success, Somewhat . Followed instructions in the Link from eric, http://wiki2.dovecot.org/SSL created certs etc etc., disabled plaintext auth Setting up outlook 2007 with new account, it tries to auto detect server settings At same time I am logged into server , and run tail -f /var/log/dovect.log ( just to see progress) tail -f /var/log/dovecot.log May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: vmysql: sql error[3]: Table 'vpopmail.users' doesn't exist May 01 08:54:49 auth-worker: Error: Attempting to rebuild connection to SQL server May 01 08:54:49 auth-worker: Error: vmysql: connection rebuild failed: Table 'vpopmail.users' doesn't exist **Missing Table concerned me ** Is there a mysql problem here? Mean while, Outlook fails initial connect with encrypted connection, so it moves on, I accept cert, etc, outlook finishes setup. ( IP address`s and host name changed to protect the innocent : ) ) May 01 08:54:51 pop3-login: Info: Disconnected (tried to use disallowed plaintext auth): user=admin, method=DIGEST-MD5, rip=1.2.3.4, lip=5.5.5.5, session=9xq/2Ff4GwBC9Ol1 May 01 08:54:55 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2258, session=8yC/2Ff4HQBC9Ol1 May 01 08:54:55 imap(ad...@sample.com): Info: Disconnected: Logged out in=11 out=408 May 01 08:54:55 pop3-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2259, session=lhPe2Ff4HwBC9Ol1 May 01 08:54:55 pop3(ad...@sample.com): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/4, size=9372 May 01 08:55:00 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2269, session=sRh02Vf4JABC9Ol1 May 01 08:55:00 imap(ad...@sample.com): Info: Disconnected: Disconnected in IDLE in=11 out=372 Checked outlook, and changed advanced settings from port 143 to 993, and port 25 to 587 May 01 08:55:50 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2309, TLS, session=m8Jh3Ff4LgBC9Ol1 May 01 08:55:50 imap(ad...@sample.com): Info: Disconnected: Disconnected in IDLE in=11 out=372 May 01 08:55:57 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2326, TLS, session=P0bP3Ff4NABC9Ol1 May 01 08:55:57 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2327, TLS, session=AGnP3Ff4NQBC9Ol1 May 01 08:55:57 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2329, TLS, session=zZLU3Ff4NgBC9Ol1 May 01 08:55:57 imap-login: Info: Login: user=ad...@sample.com, method=DIGEST-MD5, rip=1.2.3.4, lip=5.6.7.8, mpid=2331, TLS, session=OWXY3Ff4NwBC9Ol1 ** Outlook is working** This is a live server - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL
On 04/30/2014 01:50 PM, Dave M wrote: On New Centos 6 build, Can we setup imaps and pop3s , it fails on new client install ( Outlook and Thunderbird ) Squirrel mail works fine Dave M Sure. I didn't omit these intentionally, although they should be deprecated. http://wiki2.dovecot.org/SSL The preferred client configuration would be to use STARTTLS, which TBird has had for a long time, and I think Outlook introduced it in O'07. To enable the SSL(-only) ports, you'll need protocols = imap imaps pop3 pop3s in the /etc/dovecot/toaster.conf file. I expect the corresponding protocol { } sections in the toaster.conf file should be replicated for the SSL sister protocols as well, but I'm not positive about this. Please give it a shot, report back, and we'll release a new version with these ports enabled. Thanks. -- -Eric 'shubes' - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL Certs and multiple domains
On 03/19/2014 08:12 AM, Eric Shubert wrote: On 03/19/2014 02:52 AM, Postmaster wrote: On 18/03/2014 19:54, Eric Shubert wrote: On 03/18/2014 11:32 AM, Postmaster wrote: Hello all, I browsed all past e-mail in the list, but was not able to see how this is done. I need to have several certificates (servercert.pem) for every different domain name, say mail.domain1.com and mail.domain2.com. Is there any way to set it up? I know there was a qmail patch https://bugs.gentoo.org/show_bug.cgi?id=94257, but it is very outdated now. Regards Alex - I don't understand how this patch would be implemented. What basis would be used to set the $TCPLOCALHOST or $TCPLOCALIP variables? My understanding is that it allows usage of different certificates depending on the environmental variables ($TCPLOCALHOST or $TCPLOCALIP). Yes, but how are these environment variables going to be set? They could be set by tcpserver (tcp.smtp file), but that's just by IP address. In any case, the variable(s) would need to be set before qmail-smtpd is invoked. I don't know how that could happen. However, any other ideas how the self-signed certs can be used with multiple domains are appreciated. Using multiple certificates with SSL connections is inherently impossible. This is because SSL connections are made before any data is transmitted indicating which domain is being requested. As a result, any given IP/port combination can use only one cert with an SSL connection. That being said, you could use a different port or IP address for each certificate. But why? The domain name for the server doesn't need to be the same as the domain for the email messages. Simply have the users use the hostname associated with the cert as their imap/pop3/smtp server name. Is there a problem with that? I should add this bit: http://en.wikipedia.org/wiki/Server_Name_Indication I'm not sure to what extent if any that SNI has been implemented in situations other than http, such as imap and smtp. Dovecot appears to have it (http://wiki2.dovecot.org/SSL/SNIClientSupport), but I'm almost certain that qmail-smtpd does not. -- -Eric 'shubes' - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL Certs and multiple domains
On 18/03/2014 19:54, Eric Shubert wrote: On 03/18/2014 11:32 AM, Postmaster wrote: Hello all, I browsed all past e-mail in the list, but was not able to see how this is done. I need to have several certificates (servercert.pem) for every different domain name, say mail.domain1.com and mail.domain2.com. Is there any way to set it up? I know there was a qmail patch https://bugs.gentoo.org/show_bug.cgi?id=94257, but it is very outdated now. Regards Alex - I don't understand how this patch would be implemented. What basis would be used to set the $TCPLOCALHOST or $TCPLOCALIP variables? My understanding is that it allows usage of different certificates depending on the environmental variables ($TCPLOCALHOST or $TCPLOCALIP). However, any other ideas how the self-signed certs can be used with multiple domains are appreciated.
[qmailtoaster] Re: SSL Certs and multiple domains
On 03/18/2014 11:32 AM, Postmaster wrote: Hello all, I browsed all past e-mail in the list, but was not able to see how this is done. I need to have several certificates (servercert.pem) for every different domain name, say mail.domain1.com and mail.domain2.com. Is there any way to set it up? I know there was a qmail patch https://bugs.gentoo.org/show_bug.cgi?id=94257, but it is very outdated now. Regards Alex - I don't understand how this patch would be implemented. What basis would be used to set the $TCPLOCALHOST or $TCPLOCALIP variables? -- -Eric 'shubes' - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL Certificates
On 05/19/2011 01:38 PM, apow...@st-tel.net wrote: Is it possible to have a certificate for pop3.domain.com and one for smtp.domain.com? Thanks Yes. That usually isn't necessary though. Do you think SSL is somehow related to your qq soft rejects? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL Certificates
No I don't thin it is related. I am just working on several projects. Most of our clients point to pop3.st-tel.net for incoming and smtp.st-tel.net for outbound. We don't have a trusted certificate setup. how would we set up the certificate on one server for both? thanks -- Aaron Powell IT Manager ST Communications Office: 785-460-7300 Fax: 785-460-7301 Quoting Eric Shubert e...@shubes.net: On 05/19/2011 01:38 PM, apow...@st-tel.net wrote: Is it possible to have a certificate for pop3.domain.com and one for smtp.domain.com? Thanks Yes. That usually isn't necessary though. Do you think SSL is somehow related to your qq soft rejects? -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 04EJytnBX) is spam: Spam: http://spam.st-tel.net/canit/b.php?i=04EJytnBXm=543047f8ed2bt=20110519c=s Not spam: http://spam.st-tel.net/canit/b.php?i=04EJytnBXm=543047f8ed2bt=20110519c=n Forget vote: http://spam.st-tel.net/canit/b.php?i=04EJytnBXm=543047f8ed2bt=20110519c=f -- END-ANTISPAM-VOTING-LINKS - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: SSL Certificates
On 05/19/2011 03:40 PM, apow...@st-tel.net wrote: No I don't thin it is related. I am just working on several projects. Most of our clients point to pop3.st-tel.net for incoming and smtp.st-tel.net for outbound. We don't have a trusted certificate setup. how would we set up the certificate on one server for both? thanks I'm not sure what qmail-pop3d uses for ssl cert. I think I'd use dovecot for pop3, and give it a separate cert in the configuration. Let qmail-smtpd (and/or spamdyke) use servercert.pem. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: SSL Certificates
On 05/19/2011 07:53 PM, Eric Shubert wrote: On 05/19/2011 03:40 PM, apow...@st-tel.net wrote: No I don't thin it is related. I am just working on several projects. Most of our clients point to pop3.st-tel.net for incoming and smtp.st-tel.net for outbound. We don't have a trusted certificate setup. how would we set up the certificate on one server for both? thanks I'm not sure what qmail-pop3d uses for ssl cert. I think I'd use dovecot for pop3, and give it a separate cert in the configuration. Let qmail-smtpd (and/or spamdyke) use servercert.pem. It should be using the /var/qmail/control/servercert.pem file IIRC (qmail-pop3d). All the -ssl services should be using this file by default. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
I was able to generate a certificate and get Thunderbird to recognize it. All is swell. A good reference I found in my travels. http://www.madboa.com/geek/openssl/ On 01/13/2011 08:17 PM, Jake Vickers wrote: On 01/13/2011 09:32 PM, Cecil Yother, Jr. wrote: Sorry about the premature send. Well no luck sorting out the issue. It doesn't appear to be Thunderbird only. The Sea Monkey e mail client does the same thing. I know the IMAP is working correctly because I can login via Squirelmail. Here is the error message I'm getting. hopefully someone can shed some light. I have tried the Mozilla/Firefox/Thunderbird suggestions to reduce the number of connection to no avail. Any ideas? /Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections./ Do you still need a SSL how-to written for courier? Look in your courier/imap logs to see if anything else is going on there. Also try ps aux | grep imap and netstat -tap | grep imap to see the current connections. Once we're sure the backend is okay, we can look at the front end. I use Thunderbird with QMT IMAP (SSL/TLS) without any issues. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com
[qmailtoaster] Re: ssl certificate
That looks like a handy reference. Would you care to put a link to it on the wiki page? -- -Eric 'shubes' On 01/15/2011 12:58 PM, Cecil Yother, Jr. wrote: I was able to generate a certificate and get Thunderbird to recognize it. All is swell. A good reference I found in my travels. http://www.madboa.com/geek/openssl/ On 01/13/2011 08:17 PM, Jake Vickers wrote: On 01/13/2011 09:32 PM, Cecil Yother, Jr. wrote: Sorry about the premature send. Well no luck sorting out the issue. It doesn't appear to be Thunderbird only. The Sea Monkey e mail client does the same thing. I know the IMAP is working correctly because I can login via Squirelmail. Here is the error message I'm getting. hopefully someone can shed some light. I have tried the Mozilla/Firefox/Thunderbird suggestions to reduce the number of connection to no avail. Any ideas? /Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections./ Do you still need a SSL how-to written for courier? Look in your courier/imap logs to see if anything else is going on there. Also try ps aux | grep imap and netstat -tap | grep imap to see the current connections. Once we're sure the backend is okay, we can look at the front end. I use Thunderbird with QMT IMAP (SSL/TLS) without any issues. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 |http://yother.com Check out the new Volvo classified resourcehttp://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
Never done it before, but I'll give it a shot. On 01/15/2011 12:17 PM, Eric Shubert wrote: That looks like a handy reference. Would you care to put a link to it on the wiki page? -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
added. On 01/15/2011 12:53 PM, Cecil Yother, Jr. wrote: Never done it before, but I'll give it a shot. On 01/15/2011 12:17 PM, Eric Shubert wrote: That looks like a handy reference. Would you care to put a link to it on the wiki page? -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] re: ssl certificate
I have searched but cannot find an answer. I have an account that is giving me this error (Error code: sec_error_reused_issuer_and_serial) I have deleted the certificates in my e mail client Thunderbird to no avail. I would like to create new certificates on my toaster, but cannot find instructions on how to do so. I am only using a self signed certificate. TIA -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: ssl certificate
On 01/13/2011 05:34 PM, Cecil Yother, Jr. wrote: I have searched but cannot find an answer. I have an account that is giving me this error (Error code: sec_error_reused_issuer_and_serial) I have deleted the certificates in my e mail client Thunderbird to no avail. I would like to create new certificates on my toaster, but cannot find instructions on how to do so. I am only using a self signed certificate. TIA Doesn't the wiki cover creating a cert? If not, let me know. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] re: ssl certificate
I couldn't find it. On 01/13/2011 04:56 PM, Jake Vickers wrote: On 01/13/2011 05:34 PM, Cecil Yother, Jr. wrote: I have searched but cannot find an answer. I have an account that is giving me this error (Error code: sec_error_reused_issuer_and_serial) I have deleted the certificates in my e mail client Thunderbird to no avail. I would like to create new certificates on my toaster, but cannot find instructions on how to do so. I am only using a self signed certificate. TIA Doesn't the wiki cover creating a cert? If not, let me know. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: ssl certificate
http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' On 01/13/2011 06:05 PM, Cecil Yother, Jr. wrote: I couldn't find it. On 01/13/2011 04:56 PM, Jake Vickers wrote: On 01/13/2011 05:34 PM, Cecil Yother, Jr. wrote: I have searched but cannot find an answer. I have an account that is giving me this error (Error code: sec_error_reused_issuer_and_serial) I have deleted the certificates in my e mail client Thunderbird to no avail. I would like to create new certificates on my toaster, but cannot find instructions on how to do so. I am only using a self signed certificate. TIA Doesn't the wiki cover creating a cert? If not, let me know. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
That didn't pan out too well make: *** No rule to make target `stunnel.pem'. Stop. On 01/13/2011 05:31 PM, Eric Shubert wrote: http://wiki.qmailtoaster.com/index.php/Certificate -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
It turns out to be an issue with Thunderbird. I haven't solved it yet, but I am sure it's not the cert or the server. I can login with webmail no problem On 01/13/2011 05:31 PM, Eric Shubert wrote: http://wiki.qmailtoaster.com/index.php/Certificate -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: ssl certificate
On 01/13/2011 06:50 PM, Cecil Yother, Jr. wrote: That didn't pan out too well make: *** No rule to make target `stunnel.pem'. Stop. On 01/13/2011 05:31 PM, Eric Shubert wrote: http://wiki.qmailtoaster.com/index.php/Certificate I don't know where the quick-n-dirty instructions came from. I don't have a /usr/share/sll/certs directory on my QMT host. They might work using the /etc/pki/tls/certs directory, where I have used make to create certs and cert requests. For QMT though, I've used the instructions above the QnD ones. Apparently that page could use some work. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
Well no luck sorting out the issue. Here is the error message I'm getting. hopefully someone can shed some light. On 01/13/2011 06:08 PM, Eric Shubert wrote: On 01/13/2011 06:50 PM, Cecil Yother, Jr. wrote: That didn't pan out too well make: *** No rule to make target `stunnel.pem'. Stop. On 01/13/2011 05:31 PM, Eric Shubert wrote: http://wiki.qmailtoaster.com/index.php/Certificate I don't know where the quick-n-dirty instructions came from. I don't have a /usr/share/sll/certs directory on my QMT host. They might work using the /etc/pki/tls/certs directory, where I have used make to create certs and cert requests. For QMT though, I've used the instructions above the QnD ones. Apparently that page could use some work. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: ssl certificate
Sorry about the premature send. Well no luck sorting out the issue. It doesn't appear to be Thunderbird only. The Sea Monkey e mail client does the same thing. I know the IMAP is working correctly because I can login via Squirelmail. Here is the error message I'm getting. hopefully someone can shed some light. I have tried the Mozilla/Firefox/Thunderbird suggestions to reduce the number of connection to no avail. Any ideas? /Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections./ On 01/13/2011 06:08 PM, Eric Shubert wrote: On 01/13/2011 06:50 PM, Cecil Yother, Jr. wrote: That didn't pan out too well make: *** No rule to make target `stunnel.pem'. Stop. On 01/13/2011 05:31 PM, Eric Shubert wrote: http://wiki.qmailtoaster.com/index.php/Certificate I don't know where the quick-n-dirty instructions came from. I don't have a /usr/share/sll/certs directory on my QMT host. They might work using the /etc/pki/tls/certs directory, where I have used make to create certs and cert requests. For QMT though, I've used the instructions above the QnD ones. Apparently that page could use some work. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com
Re: [qmailtoaster] Re: ssl certificate
On 01/13/2011 09:32 PM, Cecil Yother, Jr. wrote: Sorry about the premature send. Well no luck sorting out the issue. It doesn't appear to be Thunderbird only. The Sea Monkey e mail client does the same thing. I know the IMAP is working correctly because I can login via Squirelmail. Here is the error message I'm getting. hopefully someone can shed some light. I have tried the Mozilla/Firefox/Thunderbird suggestions to reduce the number of connection to no avail. Any ideas? /Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections./ Do you still need a SSL how-to written for courier? Look in your courier/imap logs to see if anything else is going on there. Also try ps aux | grep imap and netstat -tap | grep imap to see the current connections. Once we're sure the backend is okay, we can look at the front end. I use Thunderbird with QMT IMAP (SSL/TLS) without any issues.
Re: [qmailtoaster] Re: ssl certificate
Oh, I know it works, but for some reason it stopped working for this one account. I think the certificate expired, but it doesn't make sense why it works via squirrelmail. That's IMAP and I am using a secure connection. # ps aux |grep imap /root 6003 0.0 0.0 4096 680 pts/2S+ 20:26 0:00 grep imap vpopmail 15540 0.0 0.0 3136 848 ?S16:30 0:00 /usr/bin/imapd Maildir root 21090 0.0 0.0 1616 240 ?SJan06 0:00 supervise imap4-ssl root 21094 0.0 0.0 1616 240 ?SJan06 0:00 supervise imap4 root 21110 0.0 0.0 1788 364 ?SJan06 0:00 /usr/bin/tcpserver -v -R -H -l area510.net 0 993 /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/bin/imapd Maildir qmaill 2 0.0 0.0 1764 356 ?SJan06 0:00 /usr/bin/multilog t s100 n100 /var/log/qmail/imap4-ssl qmaill 21114 0.0 0.0 1632 232 ?SJan06 0:00 /usr/bin/multilog t s100 n100 /var/log/qmail/imap4 root 21115 0.0 0.0 1788 368 ?SJan06 0:00 /usr/bin/tcpserver -v -R -H -l area510.net 0 143 /usr/sbin/imaplogin /usr/bin/imapd Maildir / # netstat -tap | grep imap /tcp0 0 *:imaps *:* LISTEN 21110/tcpserver tcp0 0 *:imap *:* LISTEN 21115/tcpserver tcp0 0 anastasia.area510.net:imap 166-205-139-033.mobil:14375 ESTABLISHED 15540/imapd /CJ On 01/13/2011 08:17 PM, Jake Vickers wrote: On 01/13/2011 09:32 PM, Cecil Yother, Jr. wrote: Sorry about the premature send. Well no luck sorting out the issue. It doesn't appear to be Thunderbird only. The Sea Monkey e mail client does the same thing. I know the IMAP is working correctly because I can login via Squirelmail. Here is the error message I'm getting. hopefully someone can shed some light. I have tried the Mozilla/Firefox/Thunderbird suggestions to reduce the number of connection to no avail. Any ideas? /Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections./ Do you still need a SSL how-to written for courier? Look in your courier/imap logs to see if anything else is going on there. Also try ps aux | grep imap and netstat -tap | grep imap to see the current connections. Once we're sure the backend is okay, we can look at the front end. I use Thunderbird with QMT IMAP (SSL/TLS) without any issues. -- Cecil Yother, Jr. cj cj's 2318 Clement Ave Alameda, CA 94501 tel 510.865.2787 | http://yother.com Check out the new Volvo classified resource http://www.volvoclassified.com
Re: [qmailtoaster] Re: ssl port 993 and aliases
Shai wrote: I've setup my IMAP account in Thunderbird to use SSL port 993 .. I'm not sure if it really works or not and don't know how to check ... the connection is made and I can send and receive mail but I don't know if it is being done secure. I am using SSL but not sure if it is secure. Also, when I'm using SSL, I can't seem to be able to use the quota plug in for TB. Any ideas? Me too. The quota does not seem to work here. About the aliases... I went into the V. Domain and made available 10 aliases and 10 forwards. While I can now to into qmailadmin and add forwards.. I can't seem to find where I can added aliases. I think there are the same. P.V.Anthony - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]