Dear SOGo developers, I used ssldump to check the differences in the IMAP connection between SOGo and RoundCube, and I found the error.
I copy here the log details as citation to keep the layout. The SSL dump with roundcube: > root@portal andre/mails/security# ssldump -i lo -d -k > /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143 > New TCP connection #1: localhost(54208) <-> localhost(143) > 0.0086 (0.0086) S>C > --------------------------------------------------------------- > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > --------------------------------------------------------------- > > 0.0087 (0.0000) C>S > --------------------------------------------------------------- > QP0001 ID ("x-originating-ip" "185.220.101.30") > --------------------------------------------------------------- > > etc... But with SOGo: > root@portal andre/mails/security# ssldump -i lo -d -k > /etc/letsencrypt/live/imap.homebox.space/privkey.pem port 143 > =========================================================== > New TCP connection #1: localhost(54340) <-> localhost(143) > 0.0119 (0.0119) S>C > --------------------------------------------------------------- > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > --------------------------------------------------------------- > > 0.0120 (0.0001) C>S > --------------------------------------------------------------- > A0001 LOGIN "andre" "**********" > --------------------------------------------------------------- > > 0.1155 (0.1034) S>C > --------------------------------------------------------------- > A0001 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT > MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS > LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN > CONTEXT=SEARCH LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA] > Logged in > --------------------------------------------------------------- > > 0.1160 (0.0005) C>S > --------------------------------------------------------------- > 3 capability > --------------------------------------------------------------- > > 0.1167 (0.0006) S>C > --------------------------------------------------------------- > * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT > SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND > URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED > I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH > LIST-STATUS BINARY MOVE SEARCH=FUZZY NOTIFY SPECIAL-USE QUOTA > 3 OK Capability completed (0.000 + 0.000 secs). > --------------------------------------------------------------- > > 0.1599 (0.0431) C>S > --------------------------------------------------------------- > 4 ID ("x-originating-ip" "185.220.101.30") > --------------------------------------------------------------- In this case SOGo is sending the Originating IP (Yay!), but *after* the login process, where it should, send it before. SOGo should send the originating IP *before*, at least to allow a proper logging of the connection attempts. I have found an old bug in the BTS, so I added all the details: https://sogo.nu/bugs/view.php?id=2979 I hope these details have been useful to you, and thanks again to develop SOGo. Thanks, André -- André Rodier HomeBox: https://github.com/progmaticltd/homebox -- users@sogo.nu https://inverse.ca/sogo/lists