0

Mail SSL auth issue with any IMAP client since Ajenti V 1.2.23.0

PONYFOX 9 ár síðan updated by Pierre Knudsen 9 ár síðan 4

Hello, few hours ago, i've updated my server and since this update, my mailboxes doesn't work with SSL protocol with any client in IMAP included roundcube who it installed in the server localhost. I've tried lots of things on the server and on my computer with thunderbird and when I change the connection security protocol with STARTTLS, the mailboxes works fine. I dunno realy if the problem comes from Ajenti but i'ts my only one configuration way, i don't edit the Ajenti generated config files in a normal running mode. So i'ts probably an Ajenti issue.

I've noting special on logs and the SMTP SSL auth wok's fine.

may i ask how u solved this ? Have the same problem and cant find a way to solve it.

Hi,
So, it wasn't realy an issue, it's a security fix. You have to change all your mail clients with the STARTTLS protocol.
You can see it here:
https://github.com/Eugeny/ajenti-v/pull/193

+1

Hi,

So i changed now the iMap settings to this. (Not sure if that was the only thing i needed to do)


---------------------------------------------
SSLPORT=993
SSLADDRESS=0
SSLPIDFILE=/var/run/courier/imapd-ssl.pid
SSLLOGGEROPTS="-name=imapd-ssl"
IMAPDSSLSTART=
IMAPDSTARTTLS=YES
IMAP_TLS_REQUIRED=1
TLS_PROTOCOL=TLS1
TLS_STARTTLS_PROTOCOL=TLS1
COURIERTLS=/usr/bin/couriertls
TLS_KX_LIST=ALL
TLS_COMPRESSION=ALL
TLS_CERTS=X509
TLS_CERTFILE=/etc/courier/mail.pem
TLS_TRUSTCERTS=/etc/ssl/certs
TLS_VERIFYPEER=NONE
TLS_CACHEFILE=/var/lib/courier/couriersslcache
TLS_CACHESIZE=524288
TLS_DHPARAMS=/etc/courier/dhparams.pem
MAILDIRPATH=Maildir

-----------------------------------------------------------------------


In the Nginx Config this "ssl_protocols TLSv1 TLSv1.1 TLSv1.2;" was already there.



But now Courier-imap want start anymore and i get the same error msg :/

What am i doing wrong ?

Is it maybe because im using a valid SSL Certificate for the webserver ?

Can't either get access (Login), if i use the email programm on my iPhone.