Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
courier-imap-ssl not accepting Connections from Thunderbird
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
thagenesis
n00b
n00b


Joined: 18 May 2003
Posts: 36
Location: Germany

PostPosted: Fri Jul 17, 2015 4:09 pm    Post subject: courier-imap-ssl not accepting Connections from Thunderbird Reply with quote

Hi!
I hope this is the right Forum, if not - sorry I didn't find another where this might fit
I've got courier-imap-ssl running for ages but since Thunderbird on my Windows Notebook did an autoupdate to v 38.1.0 I'm unable to access my Mails. Access from my Android phone or my Ubuntu Desktop in the office (running an older Thunderbird version) works fine and the logs don't help at all. I just get:
Quote:

Jul 17 01:49:46 maninthemiddle imapd-ssl[4308]: couriertls: accept: Connection timed out


and the Thunderbird popup in Windows also says something like "Connection timed out"
this very Thunderbird installation also works fine for other accounts (gmail, my work account and several others) so I think this is a courier problem
I'm lost because I have no Idea where to look because of the nature of SSL tcpdump/wireshark are of no help too .
any input appreciated
thanks!
_________________
Adopt an unanswered post today
Back to top
View user's profile Send private message
Duncan Mac Leod
Apprentice
Apprentice


Joined: 02 May 2004
Posts: 251
Location: Germany

PostPosted: Fri Jul 17, 2015 7:38 pm    Post subject: Reply with quote

Look here: https://forums.gentoo.org/viewtopic-t-994896-highlight-.html

HTH,
Duncan
Back to top
View user's profile Send private message
thagenesis
n00b
n00b


Joined: 18 May 2003
Posts: 36
Location: Germany

PostPosted: Sat Jul 18, 2015 6:03 am    Post subject: Reply with quote

Duncan Mac Leod wrote:
Look here: https://forums.gentoo.org/viewtopic-t-994896-highlight-.html
Duncan

thanks for the hint but this parameter wasn't set in my imapd-ssl config. I even ran mkdhparams, set the option in the config and restarted /etc/init.d/courier-imapd-ssl but unfortunately it still doesn't work in the new Thunderbird :/ while every other IMAP Client connects fine. I'm using a self-signed certificate I created with the mkimapdcert Shellscript and I have the slight suspicion Mozilla does a more aggressive checking in the light of the recent SSL vulnerabilities. my openssl is on the most recent version though:
Code:

# equery list openssl
 * Searching for openssl ...
[IP-] [  ] dev-libs/openssl-1.0.1p:0

and this is the /etc/courier-imap/imapd.cnf file I used to create the certificate (should be pretty standard)
Quote:

RANDFILE = /usr/share/imapd.rand

[ req ]
default_bits = 4096
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no
default_md = sha1

[ req_dn ]
C=US
ST=NY
L=New York
O=Courier Mail Server
OU=Automatically-generated IMAP SSL key
CN=localhost
emailAddress=postmaster@example.com
[ cert_type ]
nsCertType = server

Additionally here's my current /etc/courier-imap/imapd-ssl

Quote:

# egrep -v '^ *[#]' /etc/courier-imap/imapd-ssl

SSLPORT=143,993


SSLADDRESS=0


MAXDAEMONS=200
MAXPERIP=90

SSLPIDFILE=/var/run/imapd-ssl.pid


SSLLOGGEROPTS="-name=imapd-ssl"


IMAPDSSLSTART=NO


IMAPDSTARTTLS=YES


IMAP_TLS_REQUIRED=1



COURIERTLS=/usr/sbin/couriertls


TLS_PROTOCOL=TLS1


TLS_STARTTLS_PROTOCOL=TLS1
TLS_DHPARAMS=/usr/share/dhparams.pem




TLS_CERTFILE=/etc/courier-imap/imapd.pem


TLS_VERIFYPEER=NONE


TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache
TLS_CACHESIZE=524288

MAILDIRPATH=Maildir

MAILDIR=.maildir
MAILDIRPATH=.maildir



TIA
_________________
Adopt an unanswered post today
Back to top
View user's profile Send private message
thagenesis
n00b
n00b


Joined: 18 May 2003
Posts: 36
Location: Germany

PostPosted: Sun Jul 19, 2015 9:14 am    Post subject: Reply with quote

And another hint this problem isn't specific to my Windows notebook. A friend of mine also has an account on my Server. He was able to access his Mails and finally made the Thunderbird Upgrade -> also broken now
_________________
Adopt an unanswered post today
Back to top
View user's profile Send private message
thagenesis
n00b
n00b


Joined: 18 May 2003
Posts: 36
Location: Germany

PostPosted: Thu Jul 23, 2015 4:53 pm    Post subject: Reply with quote

In case somebody stumbles upon this post in the future: I'm pretty sure now this is a Thunderbird issue and I opened a bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1185344
_________________
Adopt an unanswered post today
Back to top
View user's profile Send private message
figueroa
Guru
Guru


Joined: 14 Aug 2005
Posts: 408
Location: GA-USA

PostPosted: Sat Jul 25, 2015 3:59 am    Post subject: Reply with quote

Thank you, thagenesis. I had the same problem immediately after upgrading thunderbird-bin in Gentoo Linux to 31-8-1 and my wife had the same problem on her Linux Mint desktop. Problem was solved in both cases by downgrading Thunderbird to 31.7.1.

My home courier-imap server is 4.15-r1 and that is where I'm experiencing the problem. But, I agree with you, the problem is Thunderbird, and failure is subtle and silent.
_________________
Andy Figueroa
andy@andyfigueroa.net Working with Unix since 1983.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum