Am 17.11.2014 um 14:30 schrieb Stanislas SABATIER: > I build the 20141115 nigthly release and succeeded to enforce TLS over LMTP > between Postfix and Dovecot. > But, I see the following error in maillog after each incoming message : > > Nov 17 14:12:20 lmtp(291): Info: Connect from xx.xx.xx.xx > Nov 17 14:12:20 lmtp(x...@yyyyy.zzz): Info: bdlxGjT0aVQjAQAAd7W7Aw: > msgid=<b8d97fa0-e0ac-412f-a182-52b6adf29...@xxxx.zz>: saved mail to INBOX > Nov 17 14:12:20 lmtp(291): Info: Disconnect from xx.xx.xx.xx: Successful quit > Nov 17 14:12:20 lmtp(291): Error: kevent(EV_DELETE, 12) failed: Bad file > descriptor
works here too, dont have any errors for small testings but looks like i need to reread all lmtp tls stuff now *g 2014-11-17T15:58:19.516398+01:00 mail dovecot: lmtp(19281): Connect from 127.0.0.1 2014-11-17T15:58:19.516798+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x10, ret=1: before/accept initialization 2014-11-17T15:58:19.516808+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: before/accept initialization 2014-11-17T15:58:19.516817+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2002, ret=-1: unknown state 2014-11-17T15:58:19.517092+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2002, ret=-1: unknown state 2014-11-17T15:58:19.517119+01:00 mail dovecot: lmtp(19281): Debug: SSL_get_servername() failed 2014-11-17T15:58:19.517134+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A 2014-11-17T15:58:19.517147+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A 2014-11-17T15:58:19.517251+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A 2014-11-17T15:58:19.522535+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A 2014-11-17T15:58:19.522553+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A 2014-11-17T15:58:19.522562+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 flush data 2014-11-17T15:58:19.522579+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A 2014-11-17T15:58:19.525910+01:00 mail dovecot: message repeated 2 times: [ lmtp(19281): Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A] 2014-11-17T15:58:19.527497+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A 2014-11-17T15:58:19.527572+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A 2014-11-17T15:58:19.527596+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A 2014-11-17T15:58:19.527614+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A 2014-11-17T15:58:19.527625+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2001, ret=1: SSLv3 flush data 2014-11-17T15:58:19.527631+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully 2014-11-17T15:58:19.527648+01:00 mail dovecot: lmtp(19281): Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully > > > Le 17 nov. 2014 à 12:18, Stanislas SABATIER <s.sabat...@pobox.com> a écrit : > >> Thanks. I'll install latest release on my sandbox to test LMTPS with >> Postfix. As soon as I tested, I'll report in this forum. >> >> Regards, >> Stan. >> Le 17 nov. 2014 à 11:46, Timo Sirainen <t...@iki.fi> a écrit : >> >>> It was implemented AFTER 2.2.15 release. Requires a recent hg version / >>> recent nightly snapshot. See http://hg.dovecot.org/dovecot-2.2 or >>> http://dovecot.org/nightly/ >>> >>> On 17 Nov 2014, at 02:38, Stanislas SABATIER <s.sabat...@pobox.com> wrote: >>> >>>> It did not work with 2.2.13 nor with 2.2.15 >>>> >>>> Le 17 nov. 2014 à 11:34, Timo Sirainen <t...@iki.fi> a écrit : >>>> >>>>> On 17 Nov 2014, at 02:27, Reindl Harald <h.rei...@thelounge.net> wrote: >>>>> >>>>>> Am 17.11.2014 um 11:24 schrieb Stanislas SABATIER: >>>>>>> I setup a service in master.conf like this : >>>>>>> >>>>>>> dovecotsandbox unix - - n - 10 lmtp >>>>>>> -o lmtp_send_xforward_command=yes >>>>>>> -o lmtp_tls_security_level=encrypt >>>>>>> >>>>>>> Then I tried to add starttls option : >>>>>>> -o lmtp_tls_note_starttls_offer=yes >>>>>>> >>>>>>> But Postfix still can't deliver the email. Postfix log : >>>>>>> (…) status=deferred (TLS is required, but was not offered by host >>>>>>> xx.xx.xx.xx[xx.xx.xx.xx]) >>>>>> >>>>>> that you should have included in your first post >>>>>> as somebody else said: seems not to be supported now >>>>>> >>>>>> just setup a SSH tunnel and let postfix deliver to 127.0.0.1:port >>>>> >>>>> I thought the problem was with the new LMTP STARTTLS command that was >>>>> added after v2.2.15 release. But if not, try the latest hg version and >>>>> see if it works. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
