# courier-imap ssl connection problem

## snIP3r

hi all!

after a recent emerge courier imap was updated and only ssl logins are now allowed (i think this is called imaps).  squirrelmail, oulook and thinderbird could not connect to the imap server. this problem is fixed now by enabling ssl logins both in the configs of squirrelmail, outlook and thunderbird and the imap server. but now thunderbird and oulook require a certificate?!?!

how to i get this to import it in these programms???

after reading this article (https://forums.gentoo.org/viewtopic-t-56633-highlight-imap+certificate.html) i tried to restart the authdaemond i get the message:

area52 init.d # ./authdaemond restart

 * Starting authdaemond.plain...

/usr/bin/env: /usr/lib/courier-imap/authlib/authdaemond.plain: No such file or directory [ !! ]

now, i do not know what to do!!!!

thx for help in advance

greets

snIPer

----------

## langthang

if you are running courier-imap-4* read this: https://forums.gentoo.org/viewtopic-p-2060682.html#2060682

----------

## snIP3r

thx, this helped me with one of my problems!!! but the other does still remain that the imapd only accepts ssl connections and i need a certificate to enable thunderbird and outlook access to my imap folders.

any ideas how to grant normal connections through port 143 again???

thx

snIPer

----------

## langthang

imapd is started and listen on 143?

post your out put of `grep -vE '^#|^$' /etc/courier-imap/imapd`

----------

## growse

There are two different daemons afaik. /etc/init.d/courier-imapd and /etc/init.d/courier-imapd-ssl. Try starting the first one.

----------

## snIP3r

 *langthang wrote:*   

> imapd is started and listen on 143?
> 
> post your out put of `grep -vE '^#|^$' /etc/courier-imap/imapd`

 

here it is:

ADDRESS=127.0.0.1

PORT=143

  AUTHSERVICE143=imap

  AUTHSERVICE993=imaps

MAXDAEMONS=40

MAXPERIP=4

PIDFILE=/var/run/imapd.pid

TCPDOPTS="-nodnslookup -noidentlookup"

IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"

IMAP_KEYWORDS=1

IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"

IMAP_PROXY=0

IMAP_PROXY_FOREIGN=0

IMAP_IDLE_TIMEOUT=60

IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"

IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"

IMAP_DISABLETHREADSORT=0

IMAP_CHECK_ALL_FOLDERS=0

IMAP_OBSOLETE_CLIENT=0

IMAP_UMASK=022

IMAP_ULIMITD=65536

IMAP_USELOCKS=1

IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index

IMAP_ENHANCEDIDLE=0

IMAP_TRASHFOLDERNAME=Trash

IMAP_EMPTYTRASH=Trash:7

IMAP_MOVE_EXPUNGE_TO_TRASH=0

SENDMAIL=/usr/sbin/sendmail

HEADERFROM=X-IMAP-Sender

IMAPDSTART=NO

MAILDIRPATH=Maildir

MAILDIR=.maildir

MAILDIRPATH=.maildir

PRERUN=

hope this helps....

snIPer

----------

## langthang

```
ADDRESS=127.0.0.1
```

with above, you are only be able to connect to 143 through localhost interface. try "ADDRESS=0"

as for create a self sign cert to use with courier read /usr/share/doc/courier-imap-4.0.2/courier-imap-gentoo.readme.gz "### Courier-IMAP' ssl certificate setup" section.

----------

## snIP3r

but with the ADDRESS=0 option i also get this message:

Mar  8 07:21:14 area52 xinetd[28270]: START: imap2 pid=25577 from=127.0.0.1

Mar  8 07:21:14 area52 xinetd[25577]: USERID: imap2 UNIX : apache

Mar  8 07:21:14 area52 imapd[25577]: port 143 service init from 127.0.0.1

Mar  8 07:21:14 area52 imapd[25577]: Connection reset by peer, while flushing line user=??? host=UNKNOWN

Mar  8 07:21:14 area52 xinetd[28270]: EXIT: imap2 pid=25577 duration=0(sec)

could the problem be starting the imapd through the xinetd??? 

greets

snIPer

----------

## langthang

I don't hve any experience with ruuning courier-imap through xinetd so I don't have any iadea. Why don't you run your courier-imap normally (ie /etc/init.d/<service> start), get it working then tweak it?

----------

## snIP3r

 *langthang wrote:*   

> I don't hve any experience with ruuning courier-imap through xinetd so I don't have any iadea. Why don't you run your courier-imap normally (ie /etc/init.d/<service> start), get it working then tweak it?

 

ok, ill try to get it working without xinetd...

----------

## snIP3r

now i encountered another problem! i dont know if this is in relation to my former problem but i paste the error message. in squirrelmail i cannot send/formward mails/messages now. i get this message:

Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

Warning: fsockopen(): php_stream_sock_ssl_activate_with_method: SSL handshake/connection failed in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

Warning: fsockopen(): failed to activate SSL mode 2 in /var/www/localhost/htdocs/squirrelmail/class/deliver/Deliver_SMTP.class.php on line 57

here is the squirrelmail config file:

$domain                 = 'example.com';

$imapServerAddress      = 'localhost';

$imapPort               = 993;

$useSendmail            = false;

$smtpServerAddress      = 'localhost';

$smtpPort               = 25;

$sendmail_path          = '/usr/sbin/sendmail';

$pop_before_smtp        = false;

$imap_server_type       = 'courier';

$invert_time            = false;

$optional_delimiter     = 'detect';

and the smtp settings displayed by conf.pl script:

SMTP Settings

-------------

4.   SMTP Server           : localhost

5.   SMTP Port             : 25

6.   POP before SMTP       : false

7.   SMTP Authentication   : login

8.   Secure SMTP (TLS)     : true

also the smtp authentication NONE results in no success  :Sad: 

where's the problem???? could this be the imap update?? i dont think so... should i remerge squirrelmail with Use="SSL"???

hope someone can help me

thx

snIPer

----------

## langthang

this is confused (could be my english)

 *Quote:*   

> after a recent emerge courier imap was updated and only ssl logins are now allowed (i think this is called imaps). squirrelmail, oulook and thinderbird could not connect to the imap server. this problem is fixed now by enabling ssl logins both in the configs of squirrelmail, outlook and thunderbird and the imap server.

 

in the first post, you said you have problem connect to the regular imap (143). did you get that fix yet?

 *Quote:*   

> here is the squirrelmail config file:
> 
> $domain = 'example.com';
> 
> $imapServerAddress = 'localhost';
> ...

 

now you say that you are having problem with imap-ssl (via port 993).

Please describe your setup. do you want to allow imap or imap-ssl connection only, or both? do you want squirrelmail connect to imap or imap-ssl? do you want TLS (secure authentication)?

----------

## snIP3r

sorry, but this could be my english too  :Wink: 

i found the problem: i have 2 imap daemons installed  :Sad:  courier-imap and uw-imap (started through xinetd).

here's the emerge log:

1085257797:  *** emerge  imapd

1085315657:  *** emerge  imapd

1085317740:  *** emerge  imapd

1085323600:  *** emerge  imapd

1085325529:  >>> emerge (5 of 5) net-mail/courier-imap-3.0.2 to /

1085325529:  === (5 of 5) Cleaning (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)

1085325532:  === (5 of 5) Compiling/Merging (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)

1085326181:  === (5 of 5) Updating world file (net-mail/courier-imap-3.0.2)

1085326181:  === (5 of 5) Post-Build Cleaning (net-mail/courier-imap-3.0.2::/usr/portage/net-mail/courier-imap/courier-imap-3.0.2.ebuild)

1085326182:  >>> AUTOCLEAN: net-mail/courier-imap

1085326182:  ::: completed emerge (5 of 5) net-mail/courier-imap-3.0.2 to /

1085338756:  *** emerge  unmerge courier-imap

1085338761: === Unmerging... (net-mail/courier-imap-3.0.2)

1085338767:  >>> unmerge success: net-mail/courier-imap-3.0.2

1085338783:  *** emerge  uwimap

1085338813:  *** emerge  uw-imap

1085338813:  >>> emerge (1 of 1) net-mail/uw-imap-2002e-r1 to /

1085338813:  === (1 of 1) Cleaning (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)

1085338813:  === (1 of 1) Compiling/Merging (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)

1085338919:  === (1 of 1) Updating world file (net-mail/uw-imap-2002e-r1)

1085338919:  === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2002e-r1::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r1.ebuild)

1085338919:  >>> AUTOCLEAN: net-mail/uw-imap

1085338919:  ::: completed emerge (1 of 1) net-mail/uw-imap-2002e-r1 to /

1085339224:  *** emerge  imaplogin

1085340288:  *** emerge  unmerge courier-imapd

1097598156:  >>> emerge (6 of 9) net-mail/uw-imap-2002e-r4 to /

1097598156:  === (6 of 9) Cleaning (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)

1097598156:  === (6 of 9) Compiling/Merging (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)

1097598227:  === (6 of 9) Post-Build Cleaning (net-mail/uw-imap-2002e-r4::/usr/portage/net-mail/uw-imap/uw-imap-2002e-r4.ebuild)

1097598228:  >>> AUTOCLEAN: net-mail/uw-imap

1097598233: === Unmerging... (net-mail/uw-imap-2002e-r1)

1097598236:  >>> unmerge success: net-mail/uw-imap-2002e-r1

1097598236:  ::: completed emerge (6 of 9) net-mail/uw-imap-2002e-r4 to /

1101458236:  >>> emerge (1 of 4) net-mail/uw-imap-2004a to /

1101458236:  === (1 of 4) Cleaning (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)

1101458237:  === (1 of 4) Compiling/Merging (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)

1101458404:  === (1 of 4) Post-Build Cleaning (net-mail/uw-imap-2004a::/usr/portage/net-mail/uw-imap/uw-imap-2004a.ebuild)

1101458405:  >>> AUTOCLEAN: net-mail/uw-imap

1101458410: === Unmerging... (net-mail/uw-imap-2002e-r4)

1101458414:  >>> unmerge success: net-mail/uw-imap-2002e-r4

1101458414:  ::: completed emerge (1 of 4) net-mail/uw-imap-2004a to /

1107330603:  >>> emerge (1 of 1) net-mail/uw-imap-2004c to /

1107330603:  === (1 of 1) Cleaning (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)

1107330605:  === (1 of 1) Compiling/Merging (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)

1107330708:  === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2004c::/usr/portage/net-mail/uw-imap/uw-imap-2004c.ebuild)

1107330709:  >>> AUTOCLEAN: net-mail/uw-imap

1107330714: === Unmerging... (net-mail/uw-imap-2004a)

1107330721:  >>> unmerge success: net-mail/uw-imap-2004a

1107330722:  ::: completed emerge (1 of 1) net-mail/uw-imap-2004c to /

1109860817:  >>> emerge (1 of  :Cool:  net-mail/uw-imap-2004c-r1 to /

1109860817:  === (1 of  :Cool:  Cleaning (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)

1109860819:  === (1 of  :Cool:  Compiling/Merging (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)

1109860926:  === (1 of  :Cool:  Post-Build Cleaning (net-mail/uw-imap-2004c-r1::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r1.ebuild)

1109860927:  >>> AUTOCLEAN: net-mail/uw-imap

1109860933: === Unmerging... (net-mail/uw-imap-2004c)

1109860939:  >>> unmerge success: net-mail/uw-imap-2004c

1109860940:  ::: completed emerge (1 of  :Cool:  net-mail/uw-imap-2004c-r1 to /

1109922538:  >>> emerge (1 of 1) net-mail/uw-imap-2004c-r3 to /

1109922538:  === (1 of 1) Cleaning (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)

1109922539:  === (1 of 1) Compiling/Merging (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)

1109922643:  === (1 of 1) Post-Build Cleaning (net-mail/uw-imap-2004c-r3::/usr/portage/net-mail/uw-imap/uw-imap-2004c-r3.ebuild)

1109922644:  >>> AUTOCLEAN: net-mail/uw-imap

1109922649: === Unmerging... (net-mail/uw-imap-2004c-r1)

1109922653:  >>> unmerge success: net-mail/uw-imap-2004c-r1

1109922653:  ::: completed emerge (1 of 1) net-mail/uw-imap-2004c-r3 to /

1110129701:  *** emerge  courier-imapd-ssl

1110129710:  *** emerge  courier-imap-ssl

1110216127:  *** emerge  courier-imap

1110216512:  >>> emerge (2 of 2) net-mail/courier-imap-4.0.1 to /

1110216512:  === (2 of 2) Cleaning (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)

1110216514:  === (2 of 2) Compiling/Merging (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)

1110217311:  === (2 of 2) Updating world file (net-mail/courier-imap-4.0.1)

1110217311:  === (2 of 2) Post-Build Cleaning (net-mail/courier-imap-4.0.1::/usr/portage/net-mail/courier-imap/courier-imap-4.0.1.ebuild)

1110217312:  >>> AUTOCLEAN: net-mail/courier-imap

1110217312:  ::: completed emerge (2 of 2) net-mail/courier-imap-4.0.1 to /

the thing i want to do is to allow outlook, thunderbird and squirelmail to connect through normal imap, not imaps. but a recent update - now i think form uw-imap only allows secure connections and this is the problem... 

now im very confused and do not know what to do?!?!?!

should i delete the courier-imapd??? cause everything runs fine before this recent update (and i now think that it was the emerge of courier-imap-4.0.1. that confuses my config)

thx again

snIPer

----------

## langthang

you can have both imap app installed but you can only be able to run one imap at a time (at least with the default imap listen on 143). So you need dicide with imap app you want, and work on it. good luck.

----------

## snIP3r

 *langthang wrote:*   

> you can have both imap app installed but you can only be able to run one imap at a time (at least with the default imap listen on 143). So you need dicide with imap app you want, and work on it. good luck.

 

thx for helping so fast!!!

i got it working now. i reemerged uw-imap with the use flag "clearpasswd" and it works just like before the update. going to delete the courier-imapd....

thx for helping me!

greets

snIPer

----------

