服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 无法连接imap_open,但openssl s_client的作品
Intereting Posts
通过脚本更改root密码失败,但报告成功 在Solaris上,我怎么知道哪些进程正在做特定设备上的磁盘I / O? 蓝牙客人的Windows与VirtualBox 为什么在这个Slackware机器上有一个/etc/init.d/mysql文件? 它怎么能到那里? select默认路由的出接口 使用SSH隧道连接到NAT后面的AWS RDS 有些东西正在重设我的opendkim文件(KeyTable和SigningTable) 从JKS密钥库中提取证书和私钥以在Apache2 httpd中使用它 在Windows XP / Vista上密码外部硬盘驱动器 Grub2报告没有在服务器上find的物理卷pv0不可启动 GPO – 设置桌面背景但允许用户更改 证书颁发机构根证书到期和更新 HP服务pipe理器Web客户端中URL的格式? 在Windows 2008 R2服务器中,哪些angular色需要更多内存? 我可以将一部分区域委托给另一台服务器吗?

无法连接imap_open,但openssl s_client的作品

所以经过两天的尝试,我发现似乎适用的所有解决scheme,我仍然在挠头。 必须有我缺less的东西。

我正尝试在SuiteCRM中使用php imap_open( imap_open()连接到postfix / dovecot邮件服务器(它只使用imap,pop3不是一个选项)。

我可以从命令行openssl s_client -connect mail.mydomain.com:143 -starttls imapopenssl s_client -connect mail.mydomain.com:993 。 我可以发出命令,列出收件箱和注销。 如果我尝试使用php imap_open我得到各种错误取决于传递的参数。

问:为什么不能用imap_open进行连接?

这似乎是一个PHP的问题。 我已经检查邮件服务器上的phpinfo,它有支持ssl的imap。 邮件服务器在ubuntu 14.04 LEMPconfiguration上运行。 PHP版本5.5.9-1ubuntu4.9。 ssl证书是通配证书。 

 imap IMAP c-Client Version 2007f SSL Support enabled Kerberos Support enabled openssl OpenSSL support enabled OpenSSL Library Version OpenSSL 1.0.1f 6 Jan 2014 OpenSSL Header Version OpenSSL 1.0.1f 6 Jan 2014

这里是后缀和dovecotconfiguration:

postconf -n

 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix inet_protocols = ipv4 mailbox_size_limit = 0 mydestination = localhost myhostname = mail.livechat4sales.com mynetworks = 127.0.0.0/8 myorigin = $myhostname readme_directory = no recipient_delimiter = + smtp_tls_mandatory_protocols = !SSLv2,!SSLv3 smtp_tls_note_starttls_offer = yes smtp_tls_protocols = !SSLv2,!SSLv3 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/nginx/ssl/geotrust.stapling.crt smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/nginx/ssl/mydomain.wild.crt smtpd_tls_ciphers = high smtpd_tls_key_file = /etc/nginx/ssl/mydomain.wild.key smtpd_tls_loglevel = 4 smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtpd_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache virtual_alias_maps = hash:/etc/postfix/virtual virtual_gid_maps = static:5000 virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_domains = mydomain.com virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_minimum_uid = 100 virtual_uid_maps = static:5000

dovecot的: 

 auth_mechanisms = plain login auth_verbose = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k session=<%{session}> mail_location = maildir:~mail/vhosts/%d/%n/ namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = scheme=SHA512-CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } protocols = " imap lmtp pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = </etc/nginx/ssl/mydomain.wild.crt ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 ssl_client_ca_dir = /etc/nginx/ssl/ ssl_client_ca_file = geotrust.stapling.crt ssl_key = </etc/nginx/ssl/mydomain.wild.key ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { args = username_format=%u /etc/dovecot/users default_fields = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n driver = passwd-file }

来自testingimap_open的结果: 

 {mail.mydomain.com:993/service=imap/ssl/tls/validate-cert/secure}INBOX: invalid remote specification {mail.mydomain.com:993/service=imap/ssl/tls/validate-cert}INBOX: invalid remote specification {mail.mydomain.com:993/service=imap/ssl/validate-cert/secure}INBOX: [CLOSED] IMAP connection broken (server response) {mail.mydomain.com:993/service=imap/ssl/novalidate-cert/secure}INBOX: [CLOSED] IMAP connection broken (server response)

这是返回数据的唯一调用,但是我认为密码是以纯文本forms传递的。 143只开放testing; 993是首选。 

  {mail.mydomain.com:143/service=imap/tls}INBOX