Old 9th January 2013, 11:24
teves teves is offline
Senior Member
Join Date: Oct 2006
Posts: 150
Thanks: 27
Thanked 15 Times in 10 Posts
Default Minor Bug in service monitor?


I think I discovered a small bug in the service monitor, but you might also call it a configuration error, so I have to ask:

For the mail server I only want to allow encrypted connections (STARTTLS). So at first I put the line
ssl = required
into my dovecot.conf.
But this configuration did only work for the IMAP connection seemingly, not for POP3.

So I have disabled the unencoded pop3 protocol by changing the line
protocols = imap imaps pop3 pop3s
protocols = imap imaps pop3s

Now the connections are secure, but the service monitor tells me that the pop3 service is not available. I am sure it works, for I have created a mailbox to test it.

I see that all this happens because I use a workaround, but on the other hand the service is working and ISPConfig tells me it's not. Bug? :-)

Reply With Quote
Sponsored Links
Old 9th January 2013, 11:57
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

ISPconfig checks if a pop3 and imap service is listening on the default port on localhost. If you disabled pop3 or imap in dovecot.conf, then ther is no such service at localhost and the monitor is showing it as offline.

Reconfigure dovecot.conf and set it back to

protocols = imap imaps pop3 pop3s

If you want to disallow connections to pop3 or imap, then close the ports in the firewall.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
teves (9th January 2013)
Old 9th January 2013, 12:14
teves teves is offline
Senior Member
Join Date: Oct 2006
Posts: 150
Thanks: 27
Thanked 15 Times in 10 Posts

Hi Till,

thanks for your reply, but I am not sure if this is a good solution, I'm afraid. I do think so because of the following line from the dovecot wiki:

Clients using STARTTLS work by connecting to the regular unencrypted port and immediately issue a STARTTLS command, after which the session is encrypted. After SSL handshake there is no difference between SSL port initiated connections and STARTTLS initiated connections.

(for the complete paragraph about SSL/TLS see http://wiki2.dovecot.org/SSL)

In other words: if I blocked the ports with the firewall, the STARTTLS concept would be useless.
At least this is how I understand it. Or am I wrong?

Regards, Tom
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 16:08
Need help with ISPConfig Mail and Squirrelmail m.xander Installation/Configuration 109 3rd February 2012 01:15
Update bind in Debian issue jortega General 1 20th November 2011 23:10
Sites stopped working Toucan Installation/Configuration 21 4th January 2010 00:27
dns server error Hellbound General 7 2nd August 2007 10:18

All times are GMT +2. The time now is 07:53.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.