Topic: IMAPS external mail, and firewall blocking somthing?

[Drifting]

Not good with iptables, and for some reason it seems that my firewall is blocking something? and I have no idea what it is saying?

I am currently unable to get IMAPS working on port 993, thunderbird just complains it cannot get settings for the email account? I have made sure that allow public and private are set.

I am trying to get remote IMAPS working,  Tried telnet to the remote server on 993 and got:- Escape character is '^]'.
So can only assume that is working? Suffering a little bit with wood for the trees at the moment, so any pointers welcome.

IPtables
2013-11-11 10:27:39.594055500 Nov 11 10:27:39 ow05 denylog: IN=eth1 OUT= MAC=00  SRC=*.*.59.27 DST=*.*.55.46 LEN=52 TOS=00 PREC=0x00 TTL=124 ID=21233 DF PROTO=TCP SPT=49851 DPT=143 SEQ=772303088 ACK=0 WINDOW=8192 SYN URGP=0
2013-11-11 10:27:39.596146500 Nov 11 10:27:39 ow05 denylog: IN=eth1 OUT= MAC=00 

Imap
2013-11-11 11:33:04.283742500 tcpsvd: info: pid 8437 from *.*.59.27
2013-11-11 11:33:04.283794500 tcpsvd: info: concurrency 8437 *.*.59.27 2/12
2013-11-11 11:33:04.283794500 tcpsvd: info: start 8437 0:*.*.55.46 ::*.*.59.27:50024 ./peers/0
2013-11-11 11:33:04.287735500 imapfront-auth[8437]: * OK imapfront ready.
2013-11-11 11:33:04.366172500 sslio[8437]: fatal: ssl alert from peer: certificate unknown
2013-11-11 11:33:04.366174500 tcpsvd: info: end 8437 exit 0
2013-11-11 11:33:04.366175500 tcpsvd: info: status 3/400
2013-11-11 11:33:04.366175500 sslio[8437]: info: bytes in: 537
2013-11-11 11:33:04.366176500 sslio[8437]: info: bytes ou: 1466
2013-11-11 11:33:06.080809500 tcpsvd: info: status 4/400
2013-11-11 11:33:06.080811500 tcpsvd: info: pid 8442 from *.*.59.27
2013-11-11 11:33:06.098864500 tcpsvd: info: concurrency 8442 *.*.59.27 2/12
2013-11-11 11:33:06.098865500 tcpsvd: info: start 8442 0:*.*.55.46 ::*.*.59.27:50026 ./peers/0
2013-11-11 11:33:06.098866500 imapfront-auth[8442]: * OK imapfront ready.
2013-11-11 11:33:06.189195500 sslio[8442]: fatal: ssl alert from peer: certificate unknown
2013-11-11 11:33:06.189412500 sslio[8442]: info: bytes in: 537
2013-11-11 11:33:06.189413500 sslio[8442]: info: bytes ou: 1466
2013-11-11 11:33:06.189414500 tcpsvd: info: end 8442 exit 0
2013-11-11 11:33:06.189414500 tcpsvd: info: status 3/400

Confused as I have installed the certificate within Thunderbird?

Only things I have done to this server is install owncloud, and also follow the suggestion for https from the same contrib / howto. And second :-
config setprop qpsmtpd RelayRequiresAuth disabled
As I was having a nightmare with Windows 7 & Outlook 2010 and certificates. All email within the building using IMAP is fine, just the external ones using IMAPS.

Totally at a loss, so any fault finding or suggestions most welcome.

Paul.

[mmccarn]

... thunderbird just complains it cannot get settings for the email account...

Thunderbird will only get the settings for the account automatically if some pre-configured, common hostnames resolve to the public IP of your sme server (eg 'mail.yourdomain.tld' or 'imap.yourdomain.tld'), or perhaps using a DNS SVC entry.

Configuring the server settings manually should alleviate this issue.

...Tried telnet to the remote server on 993...

When configuring your Thunderbird client, specify 'SSL' on port 993 (the default may now be TLS on port 143; I forget).

Also, checking 'use secure authentication' has never worked for me -- but logging in over SSL on port 993 should be secure (if you see what I mean).

[Stefano]

I would add that when configuring your Thunderbird client, use the manual configuration and don't rely on the automagically conf tool

[Drifting]

Thank you both for the reply.

Yes, I have it working well with Thunderbird, after accepting the certificate.

Paul