LMTPS into 20141115
Robert Schetterer
rs at sys4.de
Mon Nov 17 15:05:15 UTC 2014
Am 17.11.2014 um 14:30 schrieb Stanislas SABATIER:
> I build the 20141115 nigthly release and succeeded to enforce TLS over LMTP between Postfix and Dovecot.
> But, I see the following error in maillog after each incoming message :
>
> Nov 17 14:12:20 lmtp(291): Info: Connect from xx.xx.xx.xx
> Nov 17 14:12:20 lmtp(xxxx at yyyyy.zzz): Info: bdlxGjT0aVQjAQAAd7W7Aw: msgid=<B8D97FA0-E0AC-412F-A182-52B6ADF29ADC at xxxx.zz>: saved mail to INBOX
> Nov 17 14:12:20 lmtp(291): Info: Disconnect from xx.xx.xx.xx: Successful quit
> Nov 17 14:12:20 lmtp(291): Error: kevent(EV_DELETE, 12) failed: Bad file descriptor
works here too, dont have any errors for small testings
but looks like i need to reread all lmtp tls stuff now *g
2014-11-17T15:58:19.516398+01:00 mail dovecot: lmtp(19281): Connect from
127.0.0.1
2014-11-17T15:58:19.516798+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x10, ret=1: before/accept initialization
2014-11-17T15:58:19.516808+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: before/accept initialization
2014-11-17T15:58:19.516817+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2002, ret=-1: unknown state
2014-11-17T15:58:19.517092+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2002, ret=-1: unknown state
2014-11-17T15:58:19.517119+01:00 mail dovecot: lmtp(19281): Debug:
SSL_get_servername() failed
2014-11-17T15:58:19.517134+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 read client hello A
2014-11-17T15:58:19.517147+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write server hello A
2014-11-17T15:58:19.517251+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write certificate A
2014-11-17T15:58:19.522535+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write key exchange A
2014-11-17T15:58:19.522553+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write server done A
2014-11-17T15:58:19.522562+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 flush data
2014-11-17T15:58:19.522579+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2002, ret=-1: SSLv3 read client certificate A
2014-11-17T15:58:19.525910+01:00 mail dovecot: message repeated 2 times:
[ lmtp(19281): Debug: SSL: where=0x2002, ret=-1: SSLv3 read client
certificate A]
2014-11-17T15:58:19.527497+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 read client key exchange A
2014-11-17T15:58:19.527572+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 read finished A
2014-11-17T15:58:19.527596+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write change cipher spec A
2014-11-17T15:58:19.527614+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 write finished A
2014-11-17T15:58:19.527625+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2001, ret=1: SSLv3 flush data
2014-11-17T15:58:19.527631+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x20, ret=1: SSL negotiation finished successfully
2014-11-17T15:58:19.527648+01:00 mail dovecot: lmtp(19281): Debug: SSL:
where=0x2002, ret=1: SSL negotiation finished successfully
>
>
> Le 17 nov. 2014 à 12:18, Stanislas SABATIER <s.sabatier at pobox.com> a écrit :
>
>> Thanks. I'll install latest release on my sandbox to test LMTPS with Postfix. As soon as I tested, I'll report in this forum.
>>
>> Regards,
>> Stan.
>> Le 17 nov. 2014 à 11:46, Timo Sirainen <tss at iki.fi> a écrit :
>>
>>> It was implemented AFTER 2.2.15 release. Requires a recent hg version / recent nightly snapshot. See http://hg.dovecot.org/dovecot-2.2 or http://dovecot.org/nightly/
>>>
>>> On 17 Nov 2014, at 02:38, Stanislas SABATIER <s.sabatier at pobox.com> wrote:
>>>
>>>> It did not work with 2.2.13 nor with 2.2.15
>>>>
>>>> Le 17 nov. 2014 à 11:34, Timo Sirainen <tss at iki.fi> a écrit :
>>>>
>>>>> On 17 Nov 2014, at 02:27, Reindl Harald <h.reindl at thelounge.net> wrote:
>>>>>
>>>>>> Am 17.11.2014 um 11:24 schrieb Stanislas SABATIER:
>>>>>>> I setup a service in master.conf like this :
>>>>>>>
>>>>>>> dovecotsandbox unix - - n - 10 lmtp
>>>>>>> -o lmtp_send_xforward_command=yes
>>>>>>> -o lmtp_tls_security_level=encrypt
>>>>>>>
>>>>>>> Then I tried to add starttls option :
>>>>>>> -o lmtp_tls_note_starttls_offer=yes
>>>>>>>
>>>>>>> But Postfix still can't deliver the email. Postfix log :
>>>>>>> (…) status=deferred (TLS is required, but was not offered by host xx.xx.xx.xx[xx.xx.xx.xx])
>>>>>>
>>>>>> that you should have included in your first post
>>>>>> as somebody else said: seems not to be supported now
>>>>>>
>>>>>> just setup a SSH tunnel and let postfix deliver to 127.0.0.1:port
>>>>>
>>>>> I thought the problem was with the new LMTP STARTTLS command that was added after v2.2.15 release. But if not, try the latest hg version and see if it works.
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list