Re: [SM-USERS] Squirrelmail mixing up user profiles

2016-12-18 Thread Alan in Toronto 
On Sat, December 17, 2016 5:15 am, Andrea wrote:
> Hi all.
>
> I have a SquirrelMail version 1.4.23 [SVN] running on Debian 7.11 with PHP
> 5.4.45-0+deb7u6 / Apache 2.2.22 .
> This is the relevant section of config.php

> About a few moths ago I was notified that one user was having an issue where
> his outgoing emails displayed another user¹s details (From:, Reply-To:). The
> two users log in from the same computer with the same OS account but their
> mailboxes belong to different domains.
> The same behaviour also happens on another computer.

> Has anyone experienced this issue before? How can I fix it without having to
> delete and recreate the profiles?


IIRC, user accounts can get mixed up if user1 neglects to logout before user2 
logs
in on the same computer in the same browser. If they used different browsers 
then it
wouldn't be a problem, and if user1 logged out it wouldn't happen.




--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
-
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): 
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Re: [SM-USERS] [SOLVED sort of] was Re: svn 14501 - TLS

2016-12-18 Thread Paul Lesniewski 


On 2016年12月16日 22:52, igor_123 wrote:
> Dear Paul,
> 
> sorry to bring this [Solved] topic to surface again. After installing Fedora
> 25 (from scratch) I have the same problem ("unknown ca"). I have been using
> squirrelmail for many years with "localhost" as imap server name. This does
> not work anymore. Looking in the internet, I found this thread which is the
> most informative among all I found before. However, in my case the David's
> recipe - to replace "localhost" by a fully qualified host name does not
> work...
> 
> The package versions are:
> 
> postfix-3.1.3-2.fc25.x86_64
> dovecot-2.2.26.0-1.fc25.x86_64
> php-7.0.14-1.fc25.x86_64
> squirrelmail-1.4.22-17.fc24.noarch
> 
> The squirrelmail imap-related config page is:
> 
> IMAP Settings
> --
> 4.  IMAP Server: uranus.sai.msu.ru
> 5.  IMAP Port  : 993
> 6.  Authentication type: login
> 7.  Secure IMAP (TLS)  : true
> 8.  Server software: dovecot
> 9.  Delimiter  : detect
> 
> B.  Update SMTP Settings   : localhost:25

Port 25?

> the configtest page of squirrelmail returns
> 
> Checking IMAP service
> 
> ERROR: Error connecting to IMAP server "uranus.sai.msu.ru:993".Server
> error: (0) 
> 
> The relevant maillog lines are:
> 
> Dec 16 17:23:01 uranus postfix/smtpd[7867]: connect from localhost[::1]
> Dec 16 17:23:01 uranus postfix/smtpd[7867]: lost connection after CONNECT
> from localhost[::1]
> Dec 16 17:23:01 uranus postfix/smtpd[7867]: disconnect from localhost[::1]
> commands=0/0
> Dec 16 17:23:01 uranus dovecot: imap-login: Disconnected (no auth attempts
> in 0 secs): 
> user=<>, rip=93.180.26.5, lip=93.180.26.5, TLS handshaking: SSL_accept()
> failed: 
> error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL
> alert number 48,
> session=<8mavTsdDQtldtBoF>
> 
> The relevant config lines:
> 
> postfix main.cf
> 
> smtpd_tls_security_level = may
> smtpd_use_tls = yes
> smtpd_tls_auth_only = yes
> smtpd_tls_key_file = /etc/postfix/smtpd.key
> smtpd_tls_cert_file = /etc/postfix/smtpd.cert
> smtpd_tls_CAfile = /etc/postfix/smtpd.cert
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s

If you're asking about TLS to IMAP, SMTP settings are not relevant.

> dovecot 10-ssl.conf:
> 
> ssl_cert =  ssl_key =  ssl_ca =  
> Printing out the contents of smtpd.cert confirms that CN=uranus.sai.msu.ru

But is the CA available (to SM) and known?

> To be able to check php ssl connection from command line, I added the line
> to php.ini:
> 
> openssl.cafile= /etc/postfix/smtpd.cert
> 
> After that, issuing the command (which is run from squirrelmail)
> 
> echo
> 'fsockopen("tls://uranus.sai.msu.ru",993,$errno,$errmsg,15);'|php
> -a
> 
> returns "Interactive shell" which is ok and means that PHP
> correctly identifies CA. Thunderbird also works flawlessy. It is only
> squirrelmail which is having the problem.

Thunderbird is presumably connecting from outside the host.

> Adding these lines to squirrelmail's config_local.php
> 
> $imap_stream_options = array(
>  'ssl' => array(
>  'cafile' => '/etc/postfix/smtpd.cert',

That does not look like a CA cert path to me.

>  'verify_peer' => false,
>  'verify_depth' => 1,
>  ),
> );
> 
> does not change anything.

Did you verify if those are being used in the code?  The solution might
be as simple as using a 1.4.23-SVN snapshot from our downloads page.
I'd try that before anything else.

> I understand that if squirrelmail and imap server are on the same host, I
> can safely use plain authentification. Still, I am wondering why the
> apparently correct setup with TLS does not work. Any advice?


-- 
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
-
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): 
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Re: [SM-USERS] Squirrelmail mixing up user profiles

2016-12-18 Thread Paul Lesniewski 


On 2016年12月18日 05:31, Alan in Toronto wrote:
> On Sat, December 17, 2016 5:15 am, Andrea wrote:
>> Hi all.
>>
>> I have a SquirrelMail version 1.4.23 [SVN] running on Debian 7.11 with PHP
>> 5.4.45-0+deb7u6 / Apache 2.2.22 .
>> This is the relevant section of config.php
> 
>> About a few moths ago I was notified that one user was having an issue where
>> his outgoing emails displayed another user¹s details (From:, Reply-To:). The
>> two users log in from the same computer with the same OS account but their
>> mailboxes belong to different domains.
>> The same behaviour also happens on another computer.
> 
>> Has anyone experienced this issue before? How can I fix it without having to
>> delete and recreate the profiles?
> 
> 
> IIRC, user accounts can get mixed up if user1 neglects to logout before user2 
> logs
> in on the same computer in the same browser. If they used different browsers 
> then it
> wouldn't be a problem, and if user1 logged out it wouldn't happen.

This is well documented in the mailing list archives.  Remember to
search before you post.  Also note that the Login Check plugin was
created to help mitigate this problem.

-- 
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
-
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): 
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users