outlook fails pop3 ssl auth with courier and postfix -

-

first off, works fine kontacts, outlook being pain. fresh server new build following method https://wiki.gentoo.org/wiki/complete_virtual_mail_server when using outlook , running test get:

aug 10 09:47:19 emailer1 pop3d-ssl: couriertls: /etc/ssl/certs/48ef30f1.0: no such file or directory ^c emailer1 ~ # updatedb emailer1 ~ # locate 48ef30f1 /etc/ssl/certs/48ef30f1.0 emailer1 ~ # ls -l /etc/ssl/ total 44 drwxr-xr-x 2 root  root   4096 aug  8 07:46 apache2 drwxr-xr-x 2 vmail vmail 12288 aug  8 12:06 certs drwxr-xr-x 2 root  root   4096 aug  9 04:01 courier-imap drwxr-xr-x 2 root  root   4096 aug  8 12:05 misc -rw-r--r-- 1 root  root  10835 aug  8 12:03 openssl.cnf drwxr-xr-x 2 root  root   4096 aug 10 09:15 postfix drwx------ 2 root  root   4096 aug  8 12:05 private emailer1 ~ #    emailer1 ~ # postconf -n broken_sasl_auth_clients = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = path=/bin:/usr/bin:/usr/local/bin:/usr/x11r6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 home_mailbox = .maildir/ html_directory = no inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_tls_cafile = /etc/ssl/postfix/nyctelecomm.com.crt smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/ssl/postfix/nyctelecomm.com.crt smtpd_tls_key_file = /etc/ssl/postfix/nyctelecomm.com.key smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_maps = pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf virtual_uid_maps = static:5000

the permissions root before.

emailer1 ~ # cat /etc/courier-imap/pop3d-ssl ##version: $id: pop3d-ssl.dist.in,v 1.22 2008/07/12 20:17:25 mrsam exp $ # # pop3d-ssl created pop3d-ssl.dist sysconftool # # not alter lines begin ##, used when upgrading # configuration. # #  copyright 2000-2008 double precision, inc.  see copying #  distribution information. # #  configuration file sets various options courier-imap server #  when used handle ssl pop3 connections. # #  ssl , non-ssl connections handled dedicated instance of #  couriertcpd daemon.  if accepting both ssl , non-ssl pop3 #  connections, start 2 instances of couriertcpd, 1 on #  pop3 port 110, , 1 on pop3-ssl port 995. # #  download openssl http://www.openssl.org/ # ##name: sslport:0 # #  options in pop3d-ssl configuration file augment options in #  pop3d configuration file.  first pop3d configuration file read, #  pop3d-ssl configuration file, not have redefine #  anything. # #  however, things have redefined.  port number #  specified sslport, instead of port.  default port port 995. # #  multiple port numbers can separated commas.  when multiple port #  numbers used possibly select specific ip address #  given port "ip.port".  example, "127.0.0.1.900,192.168.0.1.900" #  accepts connections on port 900 on ip addresses 127.0.0.1 , 192.168.0.1 #  ssladdress setting default ports not have #  specified ip address.  sslport=995  ##name: ssladdress:0 # #  address listen on, can set single ip address. # # ssladdress=127.0.0.1  ssladdress=0  ##name: sslpidfile:0 #  sslpidfile=/var/run/pop3d-ssl.pid  ##name: sslloggeropts:0 # # courierlogger(1) options. #  sslloggeropts="-name=pop3d-ssl"  ##name: pop3dsslstart:0 # #  whether or not start pop3 on ssl on spop3 port:  pop3dsslstart=yes  ##name: pop3_starttls:0 # # whether or not implement pop3 stls extension:  pop3_starttls=yes  ##name: pop3_tls_required:1 # # set pop3_tls_required 1 if require starttls everyone. # (this option advertises logindisabled pop3 capability, until starttls # issued).  pop3_tls_required=0  ##name: couriertls:0 # # following variables configure pop3 on ssl.  if openssl or gnutls # available during configuration, couriertls helper gets compiled, , # upon installation dummy tls_certfile gets generated. # # warning: peer certificate verification has not yet been tested.  proceed # @ own risk.  basic ssl/tls functionality known # working. keep in mind play following variables.  couriertls=/usr/sbin/couriertls  ##name: tls_protocol:0 # # tls_protocol sets protocol version.  possible versions are: # # openssl: # # ssl2 - sslv2 # ssl3 - sslv3 # ssl23 - either sslv2 or sslv3 (also tls1, seems) # tls1 - tls1 # # note setting, openssl, modified tls_cipher_list # setting, below. # # gnutls: # # ssl3   - sslv3 # tls1   - tls 1.0 # tls1_1 - tls 1.1 # # when compiled against gnutls, multiple protocols can selected follows: # # tls_protocol="tls1_1:tls1:ssl3" # # default values: # # ssl23 (openssl), or "tls_1:tls1:ssl3" (gnutls)  ##name: tls_starttls_protocol:0 # # tls_starttls_protocol used instead of tls_protocol pop3 starttls # extension, opposed pop3 on ssl on port 995. # # takes same values openssl/gnutls tls_protocol  tls_starttls_protocol=tls1  ##name: tls_cipher_list:0 # # tls_cipher_list optionally sets list of ciphers used # openssl library.  in situations can leave tls_cipher_list # undefined # # openssl: # # tls_cipher_list="sslv3:tlsv1:!sslv2:high:!low:!medium:!exp:!null@strength" # # enable ssl2, remove obvious "!sslv2" part above list. # # # gnutls: # # tls_cipher_list="high:medium" # # actual list of available ciphers depend on options gnutls # compiled against. possible ciphers are: # # aes256, 3des, aes128, arc128, arc40, rc2, des, null # # also, following aliases: # # high -- ciphers use more 128 bit key size # medium -- ciphers use 128 bit key size # low -- ciphers use fewer 128 bit key size, null cipher #        not included # -- ciphers except null cipher   ##name: tls_min_dh_bits:0 # # tls_min_dh_bits=n # # gnutls only: # # set minimum number of acceptable bits dh key exchange. # # gnutls's compiled-in default 727 bits (as of gnutls 1.6.3). server # have been encountered offer 512 bit keys. may have set # tls_min_dh_bits=512 here, if necessary.  ##name: tls_kx_list:0 # # gnutls only: # # allowed key exchange protocols. default of "all" should sufficient. # list of supported key exchange protocols depends on options gnutls # compiled against, may include following: # # dhersa, dhedss, rsa, srp, srprsa, srpdss, psk, dhepsk, anondh, rsaexport  tls_kx_list=all  ##name: tls_compression:0 # # gnutls only: # # optional compression. "all" selects available compression methods. # # available compression methods: deflate, lzo, null  tls_compression=all  ##name: tls_certs:0 # # gnutls only: # # supported certificate types x509 , openpgp. # # openpgp has not been tested  tls_certs=x509  ##name: tls_timeout:0 # tls_timeout not implemented, , reserved future use. # supposed inactivity timeout, not yet implemented. #  ##name: tls_dhcertfile:0 # # tls_dhcertfile - pem file stores diffie-hellman -based certificate. # when openssl compiled use diffie-hellman ciphers instead of rsa # must generate dh pair used.  in situations # dh pair treated confidential, , file specified # tls_dhcertfile must not world-readable. # # tls_dhcertfile=  ##name: tls_certfile:0 # # tls_certfile - certificate use.  tls_certfile required ssl/tls # servers, , optional ssl/tls clients.  tls_certfile # treated confidential, , must not world-readable. set tls_certfile # instead of tls_dhcertfile if garden-variety certificate # # virtual hosts (servers only): # # due technical limitations in original ssl/tls protocol, dedicated # ip address required each virtual host certificate. if have # multiple certificates, install each certificate file # $tls_certfile.aaa.bbb.ccc.ddd, "aaa.bbb.ccc.ddd" ip address # certificate's domain name. so, if tls_certfile set # /etc/certificate.pem, you'll need install actual certificate # files /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 # , on, each ip address. # # gnutls (servers only): # # gnutls implements new tls extension eliminates need have # dedicated ip address each ssl/tls domain name. install each certificate # $tls_certfile.domain, if tls_certfile set /etc/certificate.pem, # you'll need install actual certificate files # /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com # , on. # # note tls extension requires corresponding support in # client. older ssl/tls clients may not support feature. # # experimental feature.  tls_certfile=/etc/ssl/postfix/nyctelecomm.com.pem  ##name: tls_trustcerts:0 # # tls_trustcerts=pathname - load trusted certificates pathname. # pathname can file or directory. if file, file should # contain list of trusted certificates, in pem format. if # directory, directory should contain trusted certificates, # in pem format, 1 per file , hashed using openssl's c_rehash # script. tls_trustcerts used ssl/tls clients (by specifying # -domain option) , ssl/tls servers (tls_verifypeer set # peer or requirepeer). #  tls_trustcerts=/etc/ssl/certs  ##name: tls_verifypeer:0 # # tls_verifypeer - how verify client certificates.  possible values of # setting are: # # none - not verify # # peer - verify client certificate, if one's presented # # requirepeer - require client certificate, fail if one's not presented # # tls_verifypeer=none  ##name: tls_external:0 # # enable ssl certificate-based authentication: # # 1) tls_trustcerts must set pathname holds certificate #    authority's ssl certificate # # 2) tls_verifypeer=peer or tls_verifypeer=requirepeer (the later settings #    requires ssl clients present certificate, , rejects #    ssl/tls connections without valid cert). # # 3) set tls_external, below, subject field holds login id. #    example: # #  tls_external=emailaddress # # above example retrieves login id "emailaddress" subject # field. certificate's emailaddress subject must match login # id in courier-authlib database.  ##name: tls_cache:0 # # tls/ssl session cache may improve response long-running # pop3 clients. tls_cachefile automatically created, tls_cachesize # bytes long, , used cache buffer. # # experimental feature , should disabled if causes # problems ssl clients.  disable ssl caching commenting out # following settings:  tls_cachefile=/var/lib/courier-imap/couriersslcache tls_cachesize=524288  ##name: maildirpath:0 # # maildirpath - directory name of maildir directory. # maildirpath=maildir  # hardwire value ${maildir} maildir=.maildir maildirpath=.maildir

the issue happened on both outlook , kontacts, wasn't digging deep enough. since os gentoo, re emerged ca-certificates , deleted of broken links (as specified emerge) , 100%


Comments

Post a Comment

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

-
this svg contains rect overflows svg element: <svg id='svg' width='10' height='10'> <rect x='-10' y='-10' width='30' height='30'/> </svg> chrome 28 , opera 12 return getboundingclientrect() svg element width , height of 10. firefox 23 reports width , height of 30. correct? jsfiddle the relevant spec cssom , delegates svg spec if svg element not "have associated css layout box". haven't found definition of "having associated css layout box", correct result seem hinge on definition, getbbox returns 30x30 rect in browsers. this firefox bug fixed now, fix in firefox nightlies , should make through firefox 33 released on 14 october 2014. see bug 530985 details.
Read more

gcc - Calling fftR4() in c from assembly -

-
i trying asm fft implementation www.embeddedsignals.com work. running make gives error: undefined reference fftr4(short*, short*, int) at top of asm have .syntax unified .thumb .global fftr4 .type fftr4, %function and there #define's associate c functions arguments registers followed macros fftr4 function uses. after that, fftr4 called .thumb_func fftr4: stmfd sp!, {r4-r11, lr} mov tmp0, #0 // bit reversed counter mov tmp1, #0 .word 0xf3a2fa92 //rbit r3,r2 //rbit r,n lsl r,#3 and c code follows: void fftr4(short *y, short *x, int n); short x[512]; short y[512]; int i; void loop() { (i=0;i<512;i++) x[i]=0; (i=0;i<512;i=i+8) { x[i+0]=16384; x[i+2]=16384; x[i+4]=-16384; x[i+6]=-16384;} fftr4(y, x, 256); serialusb.println(y[128]); serialusb.println(y[129]); serialusb.println(y[384]); serialusb.println(y[385]); // expected results: //y[128]is 8191; y[129] -8190 y[
Read more

Function that returns a formatted array in VBA -

-
i have function prints excel data text file in array format following: [ ['id', 'label', 'longitude', 'latitude', 'country', 'region', 'ttl_wt_flw_thru', 'sum-of-bol-wt', 'count of wdr_ref', 'ratio'], ['aeauh', 'abu dhabi, united arab emirates', 54.3666667, 24.4666667, 'ae', 'eame', 66, 30, 8432, 281.066666666667], ['aedxb', 'dubai, united arab emirates', 55.307485, 25.271139, 'ae', 'eame', 682, 3, 8369, 2789.66666666667] ] my code writing array is: function fillsourcearray() dim long, j long, s string dim lastrow double dim s1 string 'opens file filepath = filepath & "dataarray" & ".txt" open filepath output #1 'read source data dataarray = sheets("nodes").cells(1).currentregion.value 'determine lastrow lastrow = sheets("nodes").range
Read more