FreeBSD supports Mandatory Access Controls (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html). Are they enabled in your setup on 10.0.0.1 server? 2009.12.26 21:48 Peter Fraser rašė: > OK so let's say that 10.0.0.1 is serverA, the portal and 10.0.0.2 is > serverB, the imap server. > > When I go to serverA and do telnet 10.0.0.2 993, I get a connection > > virtmail# telnet 10.0.0.2 995 > Trying 10.0.0.2... > Connected to mail.mydomain.com. > Escape character is '^]'. > > I can also log in over ssl when I use openssl s_client -connect > 10.0.0.2:993 and I get a session > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > AUTH=PLAIN AUTH=LOGIN] Dovecot Ready. > > FreeBSD runs on both servers. > > Below is my squirrelmail config > > General > ------- > 1. Domain : mydomain.com > 2. Invert Time : false > 3. Sendmail or SMTP : SMTP > > IMAP Settings > -------------- > 4. IMAP Server : 10.0.0.2 > 5. IMAP Port : 993 > 6. Authentication type : login > 7. Secure IMAP (TLS) : true > 8. Server software : dovecot > 9. Delimiter : detect > > B. Update SMTP Settings : localhost:25 > H. Hide IMAP Server Settings > > R Return to Main Menu > C Turn color on > S Save data > Q Quit > > Command >> > > > On Sat, Dec 26, 2009 at 7:36 AM, Tomas Kuliavas > <tokul@xxxxxxxxxxxxxxxxxxxxx> wrote: >> >> OK. Primary server runs FreeBSD. Which OS is used on secondary server? >> >> Could you confirm that you can connect from secondary server to IMAPS >> service (tcp 993 port) on primary server with telnet over ssl? You >> already >> said something about it, but I want to be sure that you've tested >> connection >> from secondary to primary and not some local connection. You should be >> able >> to see IMAP greeting. If connection is dropped, then it is not >> successful. >> >> Could you show current SquirrelMail IMAP configuration one more time? >> When >> you hide your private information, could you use 10.0.0.1 for primary >> server >> IP and 10.0.0.2 for secondary server. It will cause less confusion. >> "tls://server_ip_address" can confuse things, because you have two >> servers. >> >> >> Peter Fraser-3 wrote: >>> >>> Sorry to take so long to reply. Just working on a few projects at >>> once. Yes the openssl extension is enabled on serverB. The address is >>> an IPV4 one. I have PHP-5.2.10 installed on serverB which installed >>> mod_php for apache. >>> >>> >>> On Wed, Dec 23, 2009 at 11:27 AM, Tomas Kuliavas >>> <tokul@xxxxxxxxxxxxxxxxxxxxx> wrote: >>>> >>>> >>>> Peter Fraser-3 wrote: >>>>> >>>>> I changed the TLS setting to true. When I tried again, I got this >>>>> error: >>>>> >>>>> Error connecting to IMAP server: tls://server_ip_address >>>>> >>>>> On serverB, I'm running FreeBSSD 7.0 I tried turning off the pf >>>>> firewall but no go. I also have auth_debug turned on for serverB in >>>>> dovecot, but this isn't logging anything to the log files. >>>>> >>>> >>>> You can connect from second server to primary imaps server with telnet >>>> over >>>> ssl, but can't with httpd. It is not firewall issue. >>>> >>>> Is 'server_ip_address' IPv4 or IPv6 address? >>>> >>>> Is PHP openssl extension enabled on second server? If you have PHP 4 >>>> there, >>>> make sure that extension is not compiled as shared module. >>>> >>>> -- >>>> Tomas >>> >> >> -- >> View this message in context: >> http://old.nabble.com/Squirrelmail-Error-tp26894786p26926897.html >> Sent from the squirrelmail-users mailing list archive at Nabble.com. >> >> >> ------------------------------------------------------------------------------ >> This SF.Net email is sponsored by the Verizon Developer Community >> Take advantage of Verizon's best-in-class app development support >> A streamlined, 14 day to market process makes app distribution fast and >> easy >> Join now and get one step closer to millions of Verizon customers >> http://p.sf.net/sfu/verizon-dev2dev >> ----- >> squirrelmail-users mailing list >> Posting guidelines: http://squirrelmail.org/postingguidelines >> List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx >> List archives: http://news.gmane.org/gmane.mail.squirrelmail.user >> List info (subscribe/unsubscribe/change options): >> https://lists.sourceforge.net/lists/listinfo/squirrelmail-users >> > > > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
