Hi, I want to upgrade my mail box a fresh copy of toaster on a Mandrake 9.2 box with "openssl-0.9.7b-4.1.92mdk" and "stunnel-4.04-4mdk" My client are "Thunderbird(0.3) and TheBat 2.02" I write the steps what i did. May be It helps someone
I follow the toaster(v0.6). I create my Imap certificate (http://lists.debian.org/debian-user/2003/debian-user-200306/msg00043.html) After the installation I want to check the my services POP3/SMTP/IMAP/IMAPs is working POP3S is not working. I didn't got any response from my e-mail server. When I look the pop3ds log I see the log given below ************ @40000000404270ad1e5bcc14 tcpserver: status: 0/40 @40000000404277243463859c tcpserver: status: 1/40 @400000004042772434652b7c tcpserver: pid 7293 from a.b.c.d @40000000404277243465b81c tcpserver: ok 7293 0:e.f.g.h:995 :a.b.c.d::10455 @4000000040427724347fcfcc 2004.03.01 01:34:50 LOG3[7293:16384]: -f: No such file or directory (2) @400000004042772434808b4c @40000000404277243480931c Syntax: @400000004042772434809aec stunnel [filename] | -help | -version | -sockets @40000000404277243480a6a4 filename - use specified config file instead of /etc/ssl/stunnel/stunnel.conf @40000000404277243480ba2c -help - get config file help @40000000404277243480c9cc -version - display version and defaults @40000000404277243480d584 -sockets - display default socket options @400000004042772434842cfc tcpserver: end 7293 status 256 @400000004042772434849674 tcpserver: status: 0/40 ************ I check the "/var/qmail/supervise/qmail-pop3ds/run" it looks good. man stunnel is not clear for me, but i understand that my stunnel dont like the command line parameters. I found the http://www.stunnel.org/examples/qmail-pop3d.html and change my /var/qmail/supervise/qmail-pop3ds/run to ********* #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec /usr/local/bin/tcpserver -l 0 -D -R -H -v \ -u"$VPOPMAILUID" -g"$VPOPMAILGID" 0 995 \ /usr/sbin/stunnel /var/qmail/supervise/pop3ds.stunnel 2>&1 ********* [EMAIL PROTECTED] root]# cat /var/qmail/supervise/pop3ds.stunnel cert = /var/qmail/control/servercert.pem exec = /var/qmail/bin/qmail-popup execargs = qmail-popup mymailserver.domain.name /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir foreground = yes Then I restart Qmail/vpopmailctl and test the pop3s. Now I can receive an error messages my client(s). When I check pop3ds log I see the following error ************************* @400000004042833d01e511bc tcpserver: status: 1/40 @400000004042833d01e6bb84 tcpserver: pid 7557 from a.b.c.d @400000004042833d01e74824 tcpserver: ok 7557 0:e.f.g.h:995 :a.b.c.d::10485 @400000004042833d0201f05c 2004.03.01 02:26:27 LOG5[7557:16384]: stunnel 4.04 on i586-mandrake-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7b 10 Apr 2003 @400000004042833d027a9afc 2004.03.01 02:26:27 LOG5[7557:16384]: stunnel connected from a.b.c.d:10485 @400000004042833d149543a4 2004.03.01 02:26:27 LOG3[7557:16384]: SSL_accept: 1408F455: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac @400000004042833d149d0fbc tcpserver: end 7557 status 0 @400000004042833d149d1f5c tcpserver: status: 0/40 ************************* Then I try to find whats the problem. I use the google for it and find an e-mail on [Postfix/TLS] list (http://www.aet.tu-cottbus.de/pipermail/postfix_tls/2002/000353.html) it says " It ends up that my IMAP server and postfix were using two different self-signed certs that had identical common names. As soon as I began to use the same cert for both servers, the mozilla/netscape problem went away. " Then, I backup imapd.pem and I copy the "/var/qmail/control/servercert.pem" as "/usr/lib/courier-imap/share/imapd.pem" and restart the qmail and vpopmail. I checked pop3ds but still didn't work and IMAPs did not work too. I receive the same error. Then I restore my original imapd.pem and copy as "/var/qmail/control/servercert.pem" and restart qmail. Bingo now it works all my services are well. I can use pop3,pop3s,imap and imaps. I hope this helps the others, best regards, Yalcin
