Hello,
I use perdition to make a mail-proxy for outside mails customers.
This work very well with most of software mails customers.
I set up this in order to make acces for smartphone and over
tablets.
Recently, users reported me difficulties connecting with the e-mail
software of Apple "MAIL".
J have made some test and i don't understand what it could be ?
The Os server : Centos 6.5
The version of perdition is perdition-1.19rc5-3.7.x86_64
Installation from repos :
http://download.opensuse.org/repositories/home:/horms:/perdition/CentOS_CentOS-6/
The perdition configuration :
/etc/sysconfig/perdition :
RUN_PERDITION=yes
POP3=no
POP3S=no
IMAP4=no
IMAP4S=yes
/etc/perdition/perdition.imap4s.conf
bind_address 193.48.191.9 # adresse d'écoute du service
connection_logging # On logue toutes les communications
imap_capability IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR # On annonce la capacité imap aux clients
protocol IMAP4S # protocole utilisé
outgoing_port 993 ## Numero du port utilisé
outgoing_server 0.0.0.0 # serveur de renvoie par défaut. On attribue un serveur par utilisateur.
ssl_cert_file /etc/pki/tls/certs/ares.biotoul.fr.pem # chemin vers le certificat
ssl_key_file /etc/pki/tls/private/ares.biotoul.fr.key # chemin vers la clé du certificat
ssl_no_cert_verify # On ne vérifie pas la cryptographie inclus dans le certificat du backend
ssl_no_cn_verify # On ne vérifie pas le nom inclus dans le CN du certificat du backend
I use popmap for users in order to permit access :
/etc/perdition/popmap :
carles@biotoul.fr
Here are logs from client apple 10.9.2 (the last) with MAIL :
INITIATING CONNECTION Mar 13 11:39:11.381
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x0 --
thread:0x61000047a240
CONNECTED Mar 13 11:39:11.442 [kCFStreamSocketSecurityLevelTLSv1_0]
-- host:tourmalet.ibcg.biotoul.fr -- port:993 --
socket:0x6000002d9ec0 -- thread:0x61000047a240
READ Mar 13 11:39:11.443 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x61000047a240
* OK [CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR]
perdition ready on tourmalet.ibcg.biotoul.fr 0002abbf
WROTE Mar 13 11:39:11.445 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60000067c700
1.54 ID ("name" "Mac OS X Mail" "version" "7.2 (1874)" "os" "Mac OS
X" "os-version" "10.9.2 (13C64)" "vendor" "Apple Inc.")
READ Mar 13 11:39:14.447 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60800066f8c0
1.54 BAD Unrecognised command, mate
WROTE Mar 13 11:39:14.452 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60800066f8c0
2.54 AUTHENTICATE PLAIN (*** 32 bytes hidden ***)
READ Mar 13 11:39:17.455 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60800066f8c0
2.54 BAD Mate, try AUTHENTICATE <mechanism>
WROTE Mar 13 11:39:17.459 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60800066f8c0
3.54 AUTHENTICATE PLAIN ************************
READ Mar 13 11:39:20.462 [kCFStreamSocketSecurityLevelTLSv1_0] --
host:tourmalet.ibcg.biotoul.fr -- port:993 -- socket:0x6000002d9ec0
-- thread:0x60800066f8c0
3.54 BAD Mate, try AUTHENTICATE <mechanism>
And here are logs from server perdition
:
Starting perdition version=1.19-rc5 protocol=IMAP4S
Mar 13 11:47:08 tourmalet perdition.imaps[2622]: add_domain="",
authenticate_in=off, authenticate_timeout=1800,
bind_address="192.168.12.2", client_server_sp
ecification=off, config_file="/etc/perdition/perdition.imap4s.conf",
connection_limit=0, connection_logging=on, connect_relog=300,
debug=on, domain_delimiter
="@", explicit_domain="", group="nobody", imap_capability="IMAP4
IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR", inetd_mode=off,
listen_port="imaps", log_facility
="mail", log_passwd="never", login_disabled=off, lower_case="",
managesieve_capability=""IMPLEMENTATION" "perdition" "SIEVE"
"comparator-i;octet comparator-
i;ascii-casemap fileinto reject envelope encoded-character vacation
subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables
body enotify environment mailbox date" "SASL" "PLAIN" "NOTIFY"
"mailto" "VERSION" "1.19-rc5"",
map_library="/usr/lib64/libperditiondb_gdbm.so.0", map_libr
ary_opt="", no_bind_banner=off, no_daemon=off, no_lookup=off,
tcp_keepalive=off, nodename="tourmalet.ibcg.biotoul.fr",
ok_line="You are so in", outgoing_port
="993", outgoing_server="0.0.0.0",
pid_file="/var/run/perdition.imaps/perdition.imaps.pid",
pop_capability="UIDL.USER", protocol="IMAP4S", server_resp_line=o
ff, strip_domain="", timeout=1800, username="nobody",
username_from_database=off, query_key="", quiet=off (mask=0x00000028
00000000)
Mar 13 11:47:08 tourmalet perdition.imaps[2622]: ssl_mode="",
ssl_ca_file="", ssl_ca_path="/etc/perdition/perdition.ca/",
ssl_ca_accept_self_signed="off", ss
l_cert_file="/etc/pki/tls/certs/tourmalet.ibcg.biotoul.fr.pem",
ssl_cert_accept_expired="off", ssl_cert_not_yet_valid="off",
ssl_cert_self_signed="off", ssl_
cert_verify_depth=9,
ssl_key_file="/etc/pki/tls/private/tourmalet.ibcg.biotoul.fr.key",
ssl_listen_ciphers="", ssl_outgoing_ciphers="",
ssl_no_cert_verify="o
n", ssl_no_client_cert_verify="off", ssl_no_cn_verify="on"
ssl_passphrase_fd=0, ssl_passphrase_file="", (ssl_mask=0x00000000)
Mar 13 11:47:08 tourmalet perdition.imaps[2625]:
vanessa_socket_daemon_setid: uid=99 euid=99 gid=99 egid=99
Mar 13 11:47:24 tourmalet perdition.imaps[2627]: Connect:
192.168.8.10:49753->192.168.12.2:993
Mar 13 11:47:24 tourmalet perdition.imaps[2627]: SSL connection
using AES128-SHA
Mar 13 11:47:24 tourmalet perdition.imaps[2627]: SELF: "* OK
[CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR]
perdition ready on tourmalet.ibcg.
biotoul.fr 0002ab61\r\n"
Mar 13 11:47:24 tourmalet perdition.imaps[2627]: CLIENT: "1.20 ID
(\"name\" \"Mac OS X Mail\" \"version\" \"7.2 (1874)\" \"os\" \"Mac
OS X\" \"os-version\" \
"10.9.2 (13C64)\" \"vendor\" \"Apple Inc.\")\r\n"
Mar 13 11:47:27 tourmalet perdition.imaps[2627]: SELF: "1.20 BAD
Unrecognised command, mate\r\n"
Mar 13 11:47:27 tourmalet perdition.imaps[2627]: CLIENT: "2"
Mar 13 11:47:27 tourmalet perdition.imaps[2627]: CLIENT: ".20
AUTHENTICATE PLAIN YmlndWV0AGJpZ3VldABCYXkzMyFFczEw\r\n"
Mar 13 11:47:30 tourmalet perdition.imaps[2627]: SELF: "2.20 BAD
Mate, try AUTHENTICATE <mechanism>\r\n"
Mar 13 11:47:30 tourmalet perdition.imaps[2627]: CLIENT: "3"
Mar 13 11:47:30 tourmalet perdition.imaps[2627]: CLIENT: ".20
AUTHENTICATE PLAIN AGJpZ3VldABCYXkzMyFFczEw\r\n"
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: SELF: "3.20 BAD
Mate, try AUTHENTICATE <mechanism>\r\n"
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: CLIENT: ""
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: token_read:
token_fill_buffer
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: read_line:
token_read
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: imap4_in_get_auth:
read_imap4_line 1
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: main:
protocol->in_get_auth
Mar 13 11:47:33 tourmalet perdition.imaps[2627]: Fatal Error reading
authentication information from client
192.168.8.10:49753->192.168.12.2:993: Exiting chi
ld
Mar 13 11:47:36 tourmalet perdition.imaps[2628]: Connect:
192.168.8.10:49754->192.168.12.2:993
Mar 13 11:47:36 tourmalet perdition.imaps[2628]: SSL connection
using AES128-SHA
Mar 13 11:47:36 tourmalet perdition.imaps[2628]: SELF: "* OK
[CAPABILITY IMAP4 IMAP4REV1 LITERAL+ ID AUTH=PLAIN SASL-IR]
perdition ready on tourmalet.ibcg.
biotoul.fr 0002ab61\r\n"
Mar 13 11:47:36 tourmalet perdition.imaps[2628]: CLIENT: "1.21 ID
(\"name\" \"Mac OS X Mail\" \"version\" \"7.2 (1874)\" \"os\" \"Mac
OS X\" \"os-version\" \
"10.9.2 (13C64)\" \"vendor\" \"Apple Inc.\")\r\n"
Mar 13 11:47:39 tourmalet perdition.imaps[2628]: SELF: "1.21 BAD
Unrecognised command, mate\r\n"
Mar 13 11:47:39 tourmalet perdition.imaps[2628]: CLIENT: "2"
Mar 13 11:47:39 tourmalet perdition.imaps[2628]: CLIENT: ".21
AUTHENTICATE PLAIN YmlndWV0AGJpZ3VldABCYXkzMyFFczEw\r\n"
Mar 13 11:47:42 tourmalet perdition.imaps[2628]: SELF: "2.21 BAD
Mate, try AUTHENTICATE <mechanism>\r\n"
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: CLIENT: ""
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: token_read:
token_fill_buffer
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: read_line:
token_read
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: imap4_in_get_auth:
read_imap4_line 1
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: main:
protocol->in_get_auth
Mar 13 11:47:45 tourmalet perdition.imaps[2628]: Fatal Error reading
authentication information from client
192.168.8.10:49754->192.168.12.2:993: Exiting chi
ld
I have made some tests with ssl_mode but no more access.
Is any one can have an idea ?
Thank you
--
Christophe Carles
CNRS - LMGM
Service Informatique
Bât. IBCG
118, route de Narbonne
31062 Toulouse Cedex9
sinfo@ibcg.biotoul.fr
Tél : 05.61.33.59.60
Fax : 05.61.33.58.86