[Dovecot] configuring squirrelmail with tls for both imap & smtp on FC3 with dovecot & postfix

ankush grover grover1711 at gmail.com
Mon Dec 12 11:11:30 EET 2005 

hey friends,

I am trying to secure my mail server.I have enabled TLS support in
postfix(version postfix-2.1.5), now I am trying to configure
squirrelmail(version 1.4.4-1 rpm) for tls/ssl support.In config.php i have
choosen use_imap_tls=true and use_smpt_tls=true.

Moreover If I send any mail from squirrelmail there are no entries for ssl
or tls in maillogs whereas If I send the mail through evolution I can see
tls/ssl entries in maillogs.

starting TLS engine
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: setting up TLS connection from
[192.168.1.68]
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:before/accept
initialization
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:error in SSLv2/v3
read client hello A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:error in SSLv2/v3
read client hello B
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 read client
hello A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 write server
hello A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 write
certificate A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 write server
done A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 flush data
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:error in SSLv3 read
client certificate A
Dec 12 12:30:08 cluster1 last message repeated 2 times
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 read client
key exchange A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:error in SSLv3 read
certificate verify A
Dec 12 12:30:08 cluster1 last message repeated 3 times
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 read finished
A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 write change
cipher spec A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 write
finished A
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: SSL_accept:SSLv3 flush data
Dec 12 12:30:08 cluster1 postfix/smtpd[7965]: TLS connection established
from [192.168.1.68]: SSLv3 with cipher RC4-MD5 (128/128 bits)

But when I did the config.test for squirrelmail I got the below error

Checking IMAP service....
    IMAP server ready (* OK dovecot ready.)
    Capabilities: * CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND
UNSELECT IDLE CHILDREN LISTEXT LIST-SUBSCRIBED NAMESPACE AUTH=PLAIN
    *ERROR:* You have enabled TLS encryption in the config, but the server
does not report STARTTLS capability. TLS is probably not supported.

Lines of ssl in /etc/dovecot.conf
protocols = imaps pop3s
imaps_listen = *
pop3s_listen = *
ssl_disable = no
ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
 ssl_key_file = /usr/share/ssl/private/dovecot.pem
ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
disable_plaintext_auth = yes

If i do telnet localhost 993 or 995 I don't see any "Ok Dovecot Ready"
message.But If I enable pop3 and imap in dovecot.conf and then I telnet
localhost 110 or 143 I can see "Ok Dovecot Ready" message.

How do I make squirrelmail to use tls/ssl for both imap & smtp.

Thanks & Regards

Ankush Grover
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20051212/b7f93bbf/attachment-0001.htm

More information about the dovecot mailing list