[EMAIL PROTECTED] wrote:
> Hi Jose,
>
> [snip]
>> [ this message looks a bit odd... imapproxy does establish a
>> connection, but it does not actually log in at this time]
>>
>
> ...hum, before I used the imapproxy version under sarge with uw-imap without
> any problems.
>
Versions 1.2.5 / 1.2.6. include *major* changes, w.r.t. IPv6 support and
TLS/SSL support. Something might have gone awry there.
However, you are the first user to report this particular problem, and I
am not suffering from it either
(I use imapproxy myself in a bunch of servers)
>>> Oct 13 18:15:55 server in.imapproxyd[30472]: main(): Failed to load CA
>>>
>> [ broken certificate chain ??? -- it shouldn't happen with self-signed
>> certs, but ... ]
>>
>
> ...I do not have any certificate because I don't want to use TLS on localhost
> but nevertheless imapproxy tries a connect via TLS and I don't know why.
>
Apparently, uw-imapd *advertises* STARTTLS (which it shouldn't, from
what you say)
Evidently, if you haven't supplied any cert, the TLS nego can never succeed.
>> This switch does not have the effect you seem to think: Setting it to
>> "yes" forces using TLS, but it does not prevent imapproxy from trying to
>> secure the connection if at all possible when disabled.
>>
>
> ...OK, is there an other possibility to disable TLS? I don't think it's
> neccesary because it's local and only for a webmail interface.
>
I'll contact the upstream author with that and get back to you.
>> Not that it is really intrinsic to your problem, but why do you
>> advertise TLS over localhost? That is quite redundant.
>>
>
> ...I don't do it, it is just imapproxy which tries it, I think.
>
Let's see what Dave McMurtrie (upstream) says about this.
If necessary, I will code a patch and send it for testing.
>> Of the many installations I know of, essentially all connect to either
>> courier or dovecot, over standard IMAP (port 143). Most of them connect
>> to localhost, too -- those which don't are only reachable within a
>> secured LAN.
>>
>
> ...uw-imapd connects also via standard port 143 and I run it since 6 years on
> several debian releases.
>
Ok
>> Is there any particular reason for you to use UW-IMAP instead of other
>> implementation? (just curious)
>>
>
> ...just laziness, it works "out-of-the-box", just apt-get install it, that's
> all. No different users to manage, it uses pam, just a passwordfile fpr
> cram-md5 an no config neccesary.
>
Obvious.
>> Sure. If it really is a bug, let's stomp on it :-)
>>
>
> ...hope the bug is not "pebkac" - problem exists between keyboard and chair
> ;-)
>
Don't think so.... You don't seem to be the typpical PEBKAC :-)
I'll get back to you soon.
J.L.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
