On 12/12/2016 10:42 AM, Aki Tuomi wrote:
On 12.12.2016 16:21, Mart Pirita wrote:
Edit: When using win8, then logs started appear in dovecot.rawlog. But
as win10 gives error in ssl level, before user authentication, then no
debug logs will be written into user dovecot.rawlog folder.
So how to debug this ssl issue?
Aki Tuomi wrote:
https://wiki2.dovecot.org/Debugging/Rawlog
can you try this to get rawlogs to find out what happens?
Aki
I'm bit confused, how this rawlog works. I did:
doveadm user -u kaka
userdb: kaka
user : kaka
system_groups_user: kaka
uid : 566
gid : 566
home : /home/kaka
ls -al /home/kaka
total 16
drwx------ 4 kaka kaka 4096 Dec 12 15:36 .
drwxr-xr-x 12 root root 4096 Dec 12 12:41 ..
drwx------ 2 kaka kaka 4096 Dec 12 12:41 dovecot.rawlog
drwx------ 2 kaka kaka 4096 Dec 12 12:41 Maildir
Added into dovecot.conf:
protocol imap {
rawlog_dir = /tmp/rawlog/%u
}
service imap {
executable = imap postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
But /tmp/rawlog/kaka/ and /home/kaka/dovecot.rawlog/ are empty. What did
I miss?
The whole conf:
listen = *
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_group_events = no
mail_log_fields = uid box msgid size from subject vsize
}
login_log_format_elements = %u %r %m %c
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
executable = imap postlogin
}
service pop3 {
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service auth {
unix_listener auth-userdb {
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
disable_plaintext_auth = no
auth_cache_size = 1024
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
auth_failure_delay = 60 secs
auth_mechanisms = plain login
passdb {
driver = pam
args = cache_key=%u%r%s *
}
userdb {
driver = passwd
}
mail_location = maildir:~/Maildir
mail_plugin_dir = /usr/lib/dovecot
mail_plugins = $mail_plugins mail_log notify
maildir_very_dirty_syncs = yes
protocol imap {
mail_max_userip_connections = 90
imap_logout_format = bytes=%i/%o
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
rawlog_dir = /tmp/rawlog/%u
}
protocol pop3 {
pop3_logout_format = bytes=%i/%o, del=%d/%m, size=%s
mail_max_userip_connections = 9
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
ssl_parameters_regenerate = 0
ssl_protocols = !SSLv2 !SSLv3
plugin {
}
plugin {
}
plugin {
}
plugin {
}
plugin {
}
plugin {
}
plugin {
}
This sounds like issue with SSL itself. Is your certificate
self-signed or issued by some trusted CA?
Aki
I don't mean to but in but my dovecot-2.2.27 running on CentOS 6/CentOS
7 with Outlook 2007/2013 is working just fine.
Also, Outlook doesn't allow storage of a certificate like Thunderbird
but it does allow you to accept it (every time one opens Outlook) and open.
