Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#5694 closed Bug/Something is broken (duplicate)

IMap seems to be down on Kerr

Reported by: https://id.mayfirst.org/occupychi Owned by: https://id.mayfirst.org/dkg
Priority: Medium Component: Tech
Keywords: kerr.mayfirst.org webmail x.509 Cc:
Sensitive: no

Description

I'm guessing (maybe) this has something to do with the reboot we did yesterday. I wasn't infront of a computer until today and when I went to check my e-mail today my mail client was unable to authenticate. I checked it out using telnet and here are the results I got...

kerr.mayfirst.org:993 (what I was using successfully yesterday) -- connection closed by foreign host (as soon as it connects)

kerr.mayfirst.org:143 -- connects fine, but I get invalid username / password

I also tried (just to see if it'd work)

mail.mayfirst.org on 143 and 993 -- invalid username / password

Please look in to this and get back to me. On a related noted is there webmail set up somewhere that we can use? I set up webmail on a subdomain but it's not SSL which makes me nervous and eventually we may want to use our own and set up SSL on that but in the mean time I was wondering if there is a webmail url we can use.

I tried https://webmail.mayfirst.org but kerr is not in the server list (maybe it's just 'cause it's too new)?

Change History (7)

comment:1 Changed 6 years ago by https://id.mayfirst.org/ross

  • Keywords kerr.mayfirst.org webmail added
  • Owner set to https://id.mayfirst.org/dkg
  • Status changed from new to assigned

I'm assigning this to dkg who should be able to assist with these problems.

comment:2 Changed 6 years ago by https://id.mayfirst.org/occupychi

Hi, I just wanted to add this here. The error I'm getting: http://i.imgur.com/ADXNO.png

-Ruben

comment:3 Changed 6 years ago by https://id.mayfirst.org/dkg

trying to switch into STARTTLS mode from kerr by hand shows an error being reported from the server:

0 dkg@pip:~$ echo 'STARTTLS' | nc kerr.mayfirst.org imap
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS LOGINDISABLED] Courier-IMAP ready. Copyright 1998-2010 Double Precision, Inc.  See COPYING for distribution information.
STARTTLS OK Begin SSL/TLS negotiation now.
STARTTLS NO STARTTLS failed: couriertls: /etc/ssl/private/kerr.mayfirst.org.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
* NO Error in IMAP command received by server.
0 dkg@pip:~$ 

I wouldn't be surprised if this error is also being logged in kerr's /var/log/mail.log

comment:4 Changed 6 years ago by https://id.mayfirst.org/dkg

  • Keywords x.509 added

According to mosh-x509, /etc/ssl/private/kerr.mayfirst.org.pem is supposed to contain:

the key file, the EE certificate, and any required intermediary certificates (in that order)

but it only contains the secret key. how was this set up? why are the certificates missing from this file?

comment:5 Changed 6 years ago by https://id.mayfirst.org/dkg

  • Resolution set to duplicate
  • Status changed from assigned to closed

The other relevant files listed in mosh-x509 haven't been set up either on kerr, afaict. It looks like #5646 has not actually been completed. I suspect this followup should happen on that ticket.

comment:6 Changed 6 years ago by https://id.mayfirst.org/jamie

I followed up on #5646 - can you test IMAP? I still haven't closed #5646 - so I'm not sure this problem will be resolved.

jamie

Last edited 6 years ago by https://id.mayfirst.org/jamie (previous) (diff)

comment:7 Changed 6 years ago by https://id.mayfirst.org/jamie

Ok - I resolved #5646. Please re-open if you are still having IMAP trouble.

jamie

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.