# Thunderbird and courier-imapd-ssl problem

## Shopro

I'm having some problems with the compination of Thunderbird and courier-imapd-ssl.

The problem is that i cannot connect with thunderbird to my imap server using ssl. It brings me to certificate but the reports failed connectiong to the server. I tryed using the server with mutt (same machine as thunderbird) and was able to connect to it. But the problem remains with thunderbird. I only see this in my server log files when connecting with thunderbird and nothing else. I have also tryed to reemerge thunderbird, but it didnt help.

```

Mar 10 20:15:23 wn-net imapd-ssl: Connection, ip=[80.186.70.***]

Mar 10 20:15:24 wn-net imapd-ssl: Disconnected, ip=[80.186.70.***], time=1, starttls=1

```

----------

## newtonian

To start with the basics here's a list of the settings from my working thunderbird setup.

```

Server Type: IMAP Mail Server

Port 993 Default 993

use secure connection (SSL)  checked

use secure authentication UNchecked

```

Hope this helps.

Cheers,

----------

## Shopro

Okey, i forgot to mention that i can get thunderbird to recieve mails using pop3 but it fails when sending them smtp.

----------

## newtonian

Ahhh-

You have a problem sending mail not getting it?

 *Quote:*   

> 
> 
> it fails when sending them smtp
> 
> 

 

In that case what are you using to send mail?

sendmail?

qmail?

postfix?

----------

## Shopro

The server is running qmail + courier-imap and vpopmail.

----------

## Shopro

Unfortunatly i wasnt at my best last night and that for i gave "half" answer only. Sorry for that.

I just noticed that there is also problems sending, not recieving messages, with atleast evolution and mutt, so this must be on the servers side. Even though i don't get any error files which would have helpped alot.

I'll happily post any of my conf files if needed, just don't know which ones.

Oh and sending messages works fine when using port 25 instead of 993. So without ssl it works. Is there a way to debug courier-imapd-ssl?

I'm also running horde/horde-imp on that server and it's using ssl and it's working as it should. So i don't know whats the problem.

----------

## krinn

```

cat /etc/courier/authlib/authdaemonrc | grep DEBUG

##NAME: DEBUG_LOGIN:0

# DEBUG_LOGIN=0   - turn off debugging

# DEBUG_LOGIN=1   - turn on debugging

# DEBUG_LOGIN=2   - turn on debugging + log passwords too

# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.

DEBUG_LOGIN=0

```

----------

## newtonian

 *Quote:*   

> 
> 
> sending messages works fine when using port 25 instead of 993.
> 
> 

 

Port 993 is for secure IMAP. IMAP and POP3 are not for sending mail.  That is what SMTP (port 25) does.

 *Quote:*   

> 
> 
> IMAP (Internet Message Access Protocol)  Is a standard protocol for accessing e-mail from your local server. IMAP is a client/server protocol in which e-mail is received and held for you by your Internet server. You can view just the heading and the sender of the mail and then decide whether to download the mail. You can also create and manipulate folders or mailboxes on the server, delete messages etc. A less sophisticated mail protocol is POP3
> 
> 

 

25 is the correct port for sending secure and non-secure mail with the standard gentoo qmail

vpopmail setup.

Just make sure you set "TLS if available" in the Outgoing Server(SMTP) settings in Thunderbird.

username should be something like 

```
myname@mydomain.com
```

----------

## newtonian

From the gentoo qmail howto:

 *Quote:*   

> 
> 
> When you setup your mail client to send mail, make sure you select options like 'Server requires authentication'. In my case, I set the user as 'vapier@wh0rd.org' and my password as 'vappw'. The last detail is to make sure you tell your mail client to use SSL/TLS for SMTP communication. qmail will not let you authenticate if the session is not encrypted. 
> 
> 

 

http://www.gentoo.org/doc/en/qmail-howto.xml

Hope this helps...

----------

## Shopro

Ofcourse it uses port 25, stupid of me.  :Smile: 

But that didn't resolve my problem, i can send emails using port 25 with smtp, but only without ssl/tls, if i set thunderbird to use TLS if available, it doesn't use it, also use TLS and use SSL doesn't work. As before, no log files show nothing about this. Even after enabling DEBUG_LOGIN (which i didn't have in the file so i had to manually type it there) in authdaemonrc.

----------

## newtonian

Check out the following links and let me know what you decide to do.

http://www.mail-archive.com/vchkpw@inter7.com/msg20201.html (this lnk is kind of slow, but worth the wait)

https://forums.gentoo.org/viewtopic.php?t=262841&.

Cheers,

----------

## Gregs

It seems as I have the same Problem with courier-imap-ssl and Thunderbird..  Looks very strange to me.

I've followed the instructions of the Gentoo howto and almost everything seems fine... almoste everything!

Thunderbird wont log me in when I try to connect to imap over ssl. It works with other email clients like KMail or The Bat, so this semms very strange to me...

From the mail log when I try to connect with Thunderbird:

```
Oct 26 13:29:05 [authdaemond] modules="authvchkpw", daemons=5

Oct 26 13:29:05 [authdaemond] Installing libauthvchkpw

Oct 26 13:29:05 [authdaemond] Installation complete: authvchkpw

Oct 26 13:30:04 [imapd-ssl] Connection, ip=[::ffff:x.x.x.x]

Oct 26 13:30:07 [imapd-ssl] LOGIN FAILED, method=PLAIN, ip=[::ffff:x.x.x.x]

Oct 26 13:30:13 [imapd-ssl] LOGIN FAILED, user=bla@blabla.ch, ip=[::ffff:x.x.x.x]

Oct 26 13:30:21 [imapd-ssl] LOGIN FAILED, method=PLAIN, ip=[::ffff:x.x.x.x]

Oct 26 13:30:27 [imapd-ssl] LOGIN FAILED, user=bla@blabla.ch, ip=[::ffff:x.x.x.x]

Oct 26 13:30:33 [imapd-ssl] Disconnected, ip=[::ffff:x.x.x.x], time=29, starttls=1

Oct 26 13:31:01 [imapd-ssl] Connection, ip=[::ffff:x.x.x.x]

```

When I login over squirremail:

```
Oct 26 13:40:50 [imapd-ssl] Connection, ip=[::ffff:127.0.0.1]

Oct 26 13:40:50 [imapd-ssl] LOGIN, user=bla@blabla.ch, ip=[::ffff:127.0.0.1], protocol=IMAP

Oct 26 13:40:50 [imapd-ssl] LOGOUT, user=bla@blabla.ch, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0, starttls=1

```

It seems to be a problem with thunderbird... I've checked the "Use SSL" Box, UNchecked the Use Secure Authetication Box (If I check this I get an error like "The server doesn't support secure authentication".

I've tried many things but nothing works.. The log says the method used was plain, I think that's the reason i can't login, but i don't know any possibility to change this in Thunderbird. 

Any Help plz?

----------

## gpwil1

i was having this exact same issue - and there are a number of posts relating to it... i was able to get email being sent through thunderbird only if SSL was disabled. I eventually fixed it though, i had to recreate the certificated for postfix and courier. now most of the forums dont show you how to do this correctly... i did this in the following way:

http://gentoo-wiki.com/HOWTO_Small_Email_Server_with_Postfix_with_POP3_(TLS)

follow the above link (copy and paste into webbrowser - brackets kill the link) and scroll down the the SSL section. 

do everything it says, although when you come to find the "newkey.pem" you will notice it is not in the directory find it in:

/etc/ssl/misc/demoCA/private/cakey.pem

also notice in the next section where you are modifying the main.cf file in the postfix directory you will need to change a line as follows:

smtpd_use_tls = yes

#smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/newkey.pem       <-     smtpd_tls_key_file = /etc/postfix/cakey.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

hope this helps, i am only a j00b at linux, but it works so meh.

----------

