#1  
Old 9th January 2013, 10:24
teves teves is offline
Senior Member
 
Join Date: Oct 2006
Posts: 149
Thanks: 27
Thanked 13 Times in 10 Posts
Default Minor Bug in service monitor?

Hello,

I think I discovered a small bug in the service monitor, but you might also call it a configuration error, so I have to ask:

For the mail server I only want to allow encrypted connections (STARTTLS). So at first I put the line
ssl = required
into my dovecot.conf.
But this configuration did only work for the IMAP connection seemingly, not for POP3.

So I have disabled the unencoded pop3 protocol by changing the line
protocols = imap imaps pop3 pop3s
to
protocols = imap imaps pop3s

Now the connections are secure, but the service monitor tells me that the pop3 service is not available. I am sure it works, for I have created a mailbox to test it.

I see that all this happens because I use a workaround, but on the other hand the service is working and ISPConfig tells me it's not. Bug? :-)

Regards,
Tom
Reply With Quote
Sponsored Links
  #2  
Old 9th January 2013, 10:57
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,344
Thanks: 810
Thanked 5,173 Times in 4,055 Posts
Default

ISPconfig checks if a pop3 and imap service is listening on the default port on localhost. If you disabled pop3 or imap in dovecot.conf, then ther is no such service at localhost and the monitor is showing it as offline.

Reconfigure dovecot.conf and set it back to

protocols = imap imaps pop3 pop3s

If you want to disallow connections to pop3 or imap, then close the ports in the firewall.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
teves (9th January 2013)
  #3  
Old 9th January 2013, 11:14
teves teves is offline
Senior Member
 
Join Date: Oct 2006
Posts: 149
Thanks: 27
Thanked 13 Times in 10 Posts
 
Default

Hi Till,

thanks for your reply, but I am not sure if this is a good solution, I'm afraid. I do think so because of the following line from the dovecot wiki:

Clients using STARTTLS work by connecting to the regular unencrypted port and immediately issue a STARTTLS command, after which the session is encrypted. After SSL handshake there is no difference between SSL port initiated connections and STARTTLS initiated connections.

(for the complete paragraph about SSL/TLS see http://wiki2.dovecot.org/SSL)

In other words: if I blocked the ports with the firewall, the STARTTLS concept would be useless.
At least this is how I understand it. Or am I wrong?

Regards, Tom
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 15:08
Need help with ISPConfig Mail and Squirrelmail m.xander Installation/Configuration 109 3rd February 2012 00:15
Update bind in Debian issue jortega General 1 20th November 2011 22:10
Sites stopped working Toucan Installation/Configuration 21 3rd January 2010 23:27
dns server error Hellbound General 7 2nd August 2007 09:18


All times are GMT +2. The time now is 06:00.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.