Hello all. My email server is postfix + courier imap + courier imap ssl + amavis + clamav + spamassassin. I am fine when i am using IMAP ( port 143 ) to receive my emails. I also can receive emails with IMAP-SSL ( port 993 ). However, I receive error that is Unexpected SSL connection shutdown when i am using IMAP-SSL to receive emails: Mar 14 12:56:32 server1 imapd-ssl: Connection, ip=[::ffff:219.79.136.253] Mar 14 12:56:32 server1 imapd-ssl: LOGIN, user=noahlau, ip=[::ffff:219.79.136.253], protocol=IMAP Mar 14 12:56:33 server1 imapd-ssl: Unexpected SSL connection shutdown. Mar 14 12:56:33 server1 imapd-ssl: DISCONNECTED, user=noahlau, ip=[::ffff:219.79.136.253], headers=0, body=0, time=1, starttls=1 Mar 14 12:56:33 server1 imapd-ssl: Connection, ip=[::ffff:219.79.136.253] Mar 14 12:56:33 server1 imapd-ssl: LOGIN, user=noahlau, ip=[::ffff:219.79.136.253], protocol=IMAP Mar 14 12:56:33 server1 imapd-ssl: Unexpected SSL connection shutdown. Mar 14 12:56:33 server1 imapd-ssl: DISCONNECTED, user=noahlau, ip=[::ffff:219.79.136.253], headers=0, body=2180, time=0, starttls=1 Any Idea ??? thank you so much !!!! Regards noahlau
yes,i also get this error from other clients too. dont know what is the reason. i use Outlook Express 2000 in the client Computer
ok, i think it is outlook express issue, because i got no error after i switch to use Thunderbird email client application.
Can you run Code: telnet localhost 25 and then issue Code: ehlo localhost ? What's the output? Which distribution do you use?
thank you for your reply i am using Debian 3.1, ehlo localhost 250-server1.faithfulnet.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME 1.the config in /etc/courier/imapd-ssl: SSLPORT=993 SSLADDRESS=0 SSLPIDFILE=/var/run/courier/imapd-ssl.pid IMAPDSSLSTART=YES IMAPDSTARTTLS=YES IMAP_TLS_REQUIRED=0 COURIERTLS=/usr/bin/couriertls TLS_PROTOCOL=SSL3 TLS_STARTTLS_PROTOCOL=TLS1 TLS_CERTFILE=/etc/courier/imapd.pem TLS_VERIFYPEER=NONE TLS_CACHEFILE=/var/lib/courier/couriersslcache TLS_CACHESIZE=524288 MAILDIRPATH=Maildir 2. main.cf biff = no append_dot_mydomain = no myhostname = server1.faithfulnet.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = faithfulnet.com, server1.faithfulnet.com, localhost.faithfulnet. com, localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = /usr/bin/maildrop mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,rejec t_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom home_mailbox = Maildir/ content_filter = amavis:[127.0.0.1]:10024
Solution for IMAP unexpected shutdown This solution may help someone out there with a similar server setup: I have an isp config installation on my debian sarge machine, running with courier-ssl and postfix, following instructions from: http://www.howtoforge.com/perfect_setup_debian_sarge_p4 I also had imapd-ssl: Unexpected SSL connection shutdown messages appearing in /var/log/mail.log The problem I found was with smtpd.pem file in /etc/postfix/ssl If you check the file with this command. Code: openssl x509 -noout -text -in smtpd.pem It will report an error about expecting a TRUSTED certificate. The solution is to create a .pem file from your .key and .crt files: Code: cat smtpd.key smtpd.key > smtpd.pem openssl gendh >> smtpd.pem Then check the file with: Code: openssl x509 -noout -text -in smtpd.pem This will replace the .pem file that was generated in the perfect setup, and create one that is properly formed and worked on my setup. Hopefully it helps yours. Thanks to this ssl cheat sheet, by David Mcnugget: http://macnugget.org/projects/sslcheatsheet/ I've also posted on this issue when installing a RapidSSL cert. http://www.howtoforge.com/forums/showthread.php?p=71572#post71572 Have fun!
Same problem here as noahlau but I can't apply the solution airstrip posted because I don't have a smtpd.pem file and neither does noahlau. Any more info?
I had to get into this way back in '09 to install some 'real' ssl certificates. I've forgotten what I was doing then, and maybe my filenames are different to the perfect setup because of my custom work. But the problem with the shutdown was the .pem file, so check it. I suggest you do have a .pem file somewhere, perhaps it is here: smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem Locate the .pem file and try what I suggested above to check it. and I note that I made an error in my post above. To create the .pem file you should use this to combine the .key and .crt: I'm not an expert, just persistent, and so that's as far as I can help you. Good luck.
isn't it easyer to just get a free certificate from http://cert.startcom.org/ or www.cacert.org ? however you can allways generate a self signed certificate this will generate a single file containing your cerificate and private key in a single file cert.pem in your home dir Code: openssl req -new -x509 -days 1000 -nodes -out ~/cert.pem -keyout ~/cert.pem or separate cert and key Code: openssl req -new -x509 -days 1000 -nodes -out ~/cert.pem -keyout ~/key.pem
