[mew-int 2909] Problems connecting to imap with TLS
Harri Kiiskinen
harri.kiiskinen at example.com
Mon Aug 30 15:45:06 JST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello!
My Univ. just began to require TLS from all outside connections to its
imap- and smtp server, and at that point, I could not use mew any more
to connect to their servers. No connection made, nothing happens. Below
some configuration and debug info that I hope might help.
All the best,
Harri K.
Here's the relevant part of the configuration for the account:
- ---------------------------------------
(imap-server "imap.utu.fi")
(imap-ssl t)
(imap-port 143)
(imap-ssl-port 143)
(imap-user "xxxxxxxxxx")
(ssl-verify-level 0)
- --------------------------------------
Here's the contents of the config file given to mewstunnel:
- ---------------------------
client=yes
pid=
verify=0
foreground=yes
debug=debug
syslog=no
CApath=/etc/ssl/certs
[10826]
accept=127.0.0.1:10826
connect=imap.utu.fi:143
protocol=imap
sslVersion=TLSv1
- ---------------------------
And here's the contents of *Mew debug* for one try:
- ------------------------------------------------
<SSL/TLS: >
2010.08.30 09:31:11 LOG7[1013:3074865360]: RAND_status claims sufficient
entropy for the PRNG
2010.08.30 09:31:11 LOG7[1013:3074865360]: PRNG seeded successfully
2010.08.30 09:31:11 LOG7[1013:3074865360]: Verify directory set to
/etc/ssl/certs
2010.08.30 09:31:11 LOG7[1013:3074865360]: Added /etc/ssl/certs
revocation lookup directory
2010.08.30 09:31:11 LOG7[1013:3074865360]: SSL context initialized for
service 10826
2010.08.30 09:31:11 LOG5[1013:3074865360]: stunnel 4.29 on
i486-pc-linux-gnu with OpenSSL 0.9.8o 01 Jun 2010
2010.08.30 09:31:11 LOG5[1013:3074865360]: Threading:PTHREAD SSL:ENGINE
Sockets:POLL,IPv6 Auth:LIBWRAP
2010.08.30 09:31:11 LOG6[1013:3074865360]: file ulimit = 1024 (can be
changed with 'ulimit -n')
2010.08.30 09:31:11 LOG6[1013:3074865360]: poll() used - no FD_SETSIZE
limit for file descriptors
2010.08.30 09:31:11 LOG5[1013:3074865360]: 500 clients allowed
2010.08.30 09:31:11 LOG7[1013:3074865360]: FD 8 in non-blocking mode
2010.08.30 09:31:11 LOG7[1013:3074865360]: FD 11 in non-blocking mode
2010.08.30 09:31:11 LOG7[1013:3074865360]: FD 12 in non-blocking mode
2010.08.30 09:31:11 LOG7[1013:3074865360]: SO_REUSEADDR option set on
accept socket
2010.08.30 09:31:11 LOG7[1013:3074865360]: 10826 bound to 127.0.0.1:10826
2010.08.30 09:31:11 LOG7[1013:3074865360]: No pid file being created
<SSL/TLS: >
2010.08.30 09:31:11 LOG7[1013:3074865360]: 10826 accepted FD=13 from
127.0.0.1:35061
2010.08.30 09:31:11 LOG7[1013:3078433648]: 10826 started
2010.08.30 09:31:11 LOG7[1013:3078433648]: FD 13 in non-blocking mode
2010.08.30 09:31:11 LOG7[1013:3078433648]: Waiting for a libwrap process
2010.08.30 09:31:11 LOG7[1013:3078433648]: Acquired libwrap process #0
2010.08.30 09:31:11 LOG7[1013:3078433648]: Releasing libwrap process #0
2010.08.30 09:31:11 LOG7[1013:3078433648]: Released libwrap process #0
2010.08.30 09:31:11 LOG7[1013:3078433648]: 10826 permitted by libwrap
from 127.0.0.1:35061
2010.08.30 09:31:11 LOG5[1013:3078433648]: 10826 accepted connection
from 127.0.0.1:35061
2010.08.30 09:31:11 LOG7[1013:3078433648]: FD 14 in non-blocking mode
2010.08.30 09:31:11 LOG6[1013:3078433648]: connect_blocking: connecting
130.232.202.133:143
2010.08.30 09:31:11 LOG7[1013:3078433648]: connect_blocking: s_poll_wait
130.232.202.133:143: waiting 10 seconds
<SSL/TLS: >
2010.08.30 09:31:11 LOG5[1013:3078433648]: connect_blocking: connected
130.232.202.133:143
2010.08.30 09:31:11 LOG5[1013:3078433648]: 10826 connected remote server
from 192.168.11.3:41954
2010.08.30 09:31:11 LOG7[1013:3078433648]: Remote FD=14 initialized
2010.08.30 09:31:11 LOG5[1013:3078433648]: Negotiations for imap (client
side) started
<SSL/TLS: >
2010.08.30 09:31:11 LOG3[1013:3078433648]: Input line too long
2010.08.30 09:31:11 LOG5[1013:3078433648]: Connection reset: 0 bytes
sent to SSL, 0 bytes sent to socket
2010.08.30 09:31:11 LOG7[1013:3078433648]: 10826 finished (0 left)
- -----------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkx7U28ACgkQ96/ytBLubNm1qwCgn2HVBQSGzs5doJR3e5HtXA1E
R2UAnjhWqwIWBFsfqYzLQJlte3+IMOzP
=Jx+b
-----END PGP SIGNATURE-----
More information about the Mew-int
mailing list