服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 鸽舍:没有authentication的尝试
Intereting Posts
安装程序的Web应用程序 如何在freebsd中恢复ntfs分区表 SAN,ISCSI和多path(MLAG?) WAMP可以连接到本地但不是127.0.0.1 无法从Windows XP虚拟机中ping我的Windows 7计算机 如何在Ubuntu上closuresApache2caching? 在具有dynamicIP的第二台服务器上运行应用程序。 使用Apache ProxyPass时,我需要两个SSL证书吗? SQL Server 2008:是否可以将差异备份存储在单独的文件中? 是否值得发送滥用邮件? MySQL的最佳做法与复制的MySQL数据库(授予存储) Tomcat故障转移高可用性(主动/被动) 如何通过HTTP实现安全authentication? Exchange 2007 – 从MY域发送垃圾邮件,但无效的随机用户 远程协助networking 端口1227为Web表单

鸽舍:没有authentication的尝试

我目前正在configurationpostfix和dovecot。 我目前正在努力与SSL + IMAPlogin。 我启用debugging日志logging,但无法弄清楚什么是错的。 这里是日志: 

Oct 8 19:16:08 dirty-harry dovecot: auth: Debug: auth client connected (pid=1776) Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [217.240.25.1] Oct 8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [217.240.25.1] Oct 8 19:16:13 dirty-harry dovecot: imap-login: Debug: SSL alert: close notify [217.240.25.1] Oct 8 19:16:13 dirty-harry dovecot: imap-login: Disconnected (no auth attempts in 5 secs): user=<>, rip=217.240.25.1, lip=xxx, TLS: Disconnected, session=<bUkMr10+aADZ8BkB>

SSL以某种方式似乎工作,当我调用comman: 

 openssl s_client -connect <mydomain>.net:993

我得到SSL协商成功。

这是我的dovecot -n dovecotconfiguration 

 auth_debug_passwords = yes auth_mechanisms = plain login disable_plaintext_auth = no mail_location = maildir:/var/mail/vhosts/%d/%n mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocols = imap lmtp service auth-worker { user = vmail } service auth { unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service imap-login { inet_listener imap { port = 0 } } service lmtp { unix_listener lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </<cert>.crt ssl_key = </<cert>.key userdb { args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n driver = static } verbose_ssl = yes

SQL的东西正在工作,并返回正确的数据。

编辑:按照评论中的请求我添加auth_debug = yes并尝试login: 

 user@databueck01:/$ telnet domain.net 993 Trying <ip>... Connected to domain.net. Escape character is '^]'. a10 login [email protected] password Connection closed by foreign host.

日志看起来像: 

 Oct 8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Oct 8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Oct 8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [217.240.25.1] Oct 8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [217.240.25.1] Oct 8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A [217.240.25.1] Oct 8 19:42:34 dirty-harry dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Oct 8 19:42:34 dirty-harry dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so Oct 8 19:42:34 dirty-harry dovecot: auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat Oct 8 19:42:34 dirty-harry dovecot: auth: Debug: auth client connected (pid=1941) Oct 8 19:42:46 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A [217.240.25.1] Oct 8 19:42:46 dirty-harry dovecot: imap-login: Disconnected (no auth attempts in 12 secs): user=<>, rip=217.240.25.1, lip=<ip>, TLS handshaking: SSL_accept() failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol, session=<y7v+DV4+cADZ8BkB>