1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Community Community Profile Philippe Eveleigh

About Me

Basic Information

Whereabouts

City / Town
Ottawa
Country
Canada

Web Links

Web Site
http://www.cognoquest.com
Philippe Eveleigh
Philippe Eveleigh
  • Karma
  • Member since
  • Sunday, 05 October 2003 10:49
  • Last online
  • 18 hours 24 minutes ago
  • Profile views
  • 4513 views
Today
Philippe Eveleigh replied to the topic Re:Webconfig, remote desktop, port forwarding behind openvpn in the forums.
Nick is asking a good question, what VMware product is being used? the topology is sounding strange?
02:52 PM
Philippe Eveleigh replied to the topic Re: smtp.gmail.com Network is unreachabl in the forums.
Here is the approach that I would take:

Before we make a mess of your settings, do a backup of your original root certificate. Your above configuration points to: smtpd_tls_cert_file = /etc/postfix/cert.pem

The following cmd will provide the list of certs used by Google on the smtp port:
Code:

echo -n | openssl s_client -showcerts -connect smtp.gmail.com:465 >> equifax_cert.pem



Now you have to pick the cert you wish to use? (I would not put all of them)
Use your editor and remove every thing above and below:
Code:

-----BEGIN CERTIFICATE-----

....

-----END CERTIFICATE-----



Add the certificate to your postfix certificate file:
Code:


echo >> /etc/postfix/cert.pem
cat equifax_cert.pem >> /etc/postfix/cert.pem



Restart postfix service postfix restart
02:07 PM
Yesterday
Aaron Bylund and Peter are now connections 06:35 AM
1 week ago
Philippe Eveleigh replied to the topic Re:Cyrus in the forums.
Quick update on the above:

The sieve above instructions worked well for me

I also got SOGo to work with the sieve service, my mail data resides inside a firewall. I had configured the port forward correctly, my problem was the sieve socket was only accessible by the local machine. I changed the cyrus configuration for:

Code:

sieve cmd="timsieved" listen="sieve" prefork=0



Note: the above command also changes the port that sieve listens from 2000 to 4190, you can find the port list in /etc/services
Oct 15
Aaron Bylund and Chris Schwemin are now connections Oct 12
Aaron Bylund and Adrian Lottering are now connections Oct 11
2 weeks ago
Philippe Eveleigh created a new topic Issues accessing gmail account via imapsync in the forums.
I am attempting to retrieve email from a gmail account using imapsync, IMAP access is enabled in the gmail account but I think the problem is happening before the gmail IMAP service access, sounds like a network topology problem?

I run the following command:
Code:

imapsync --host1 localhost --port1 993 --ssl1 --host2 imap.gmail.com --port2 993 --ssl2 --user2 user@gmail.com --password2 passwd --justconnect



Result:
Code:


Transfer started at Thu Oct  9 11:00:36 2014
$RCSfile: imapsync,v $ $Revision: 1.542 $ $Date: 2013/05/06 08:30:35 $
Here is a [linux] system (Linux services110.cognoquest.com 2.6.32-431.23.3.v6.x86_64 #1 SMP Wed Jul 30 14:17:16 MDT 2014 x86_64)
With perl 5.10.1 Mail::IMAPClient  3.34
Command line used:
/usr/bin/imapsync --host1 localhost --port1 993 --ssl1 --host2 imap.gmail.com --port2 993 --ssl2 --user2 coco@gmail.com --password2 MASKED --justconnect
Temp directory is /tmp
PID file is /tmp/imapsync.pid
Modules version list:
Mail::IMAPClient     3.34
IO::Socket           1.31
IO::Socket::INET     1.31
IO::Socket::SSL      1.31
Digest::MD5          2.39
Digest::HMAC_MD5     1.01
Digest::HMAC_SHA1    1.01
Term::ReadKey        2.30
Authen::NTLM         1.09
File::Spec           3.3
Time::HiRes          1.9721
URI::Escape          3.29
Data::Uniqid         ?

Host1 software: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR COMPRESS=DEFLATE] services110.cognoquest.com Cyrus IMAP v2.3.16-Fedora-RPM-2.3.16-6.v6.4 server ready
Host1 capability: IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH
Can not open imap connection on [imap.gmail.com]: IO::Socket::SSL: connect: Network is unreachable



I have tried:
Code:

telnet imap.gmail.com 993



Result:
Code:


Trying 64.233.181.109...
Connected to imap.gmail.com.
Escape character is '^]'.




I have tried:
Code:

echo -n | openssl s_client -connect imap.gmail.com:993



Result:
Code:


[root@services110 ~]# 
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = imap.gmail.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEdjCCA16gAwIBAgIIfC3P8RoYJSAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwOTI0MTAwOTA1WhcNMTQxMjIzMDAwMDAw
WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOaW1h
cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRvkaC
vF2YSnuN118+3ZlwHLYDnQqS4KHAWzHtJH2sDqy8O7Amfp2Efd3W/14wyQxlLuRZ
Bowob1usj+6L2MtsYKLXgFxpXNWqrGk/UNjLH93xCdlMs1MEI46w9f01kALcVdY0
MvIeupyGDIYJbC5UwBkHuNV5zQY6aPjwEnmuf+ezSKUKA7coNVuVERZtwx0i0ub1
EcsvfuseZyTRrCJ2mx8/na77FSKtXETYAp3u/BDbfjwZe03nh/JkWG4PviU+/zLD
vsi5OgeAwHhenGRKeb6/3SY6CcmClZj/v5CcbQEwVuuXgAEXoklTKppiZBlvUFAp
raUbBSKhbfiyYm5TAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwGQYDVR0RBBIwEIIOaW1hcC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
A1UdDgQWBBQ9zCJu635+t+OF8/6RkBdc9YBjYDAMBgNVHRMBAf8EAjAAMB8GA1Ud
IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW
eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB
RzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBzrpEcNUi5kpJHNY0AHZ7mDRVXOlHE
71/gIgF2TBsXEudSBz7a7VPVCWwmm9/yhwAlweC63f91jBpvIg3QhbWN/6OpgUkt
6y+amExxO8WzXi3UR+L0tNUMzunUqefRVZeCrkjSdXH0hjJcOG6RzHpxuB5SX7MP
DeALWr5ku2Pv39BcgyQFIdlxTvkePjhxO9hZL0UZY0VUsuegPNsXfCYtsf6ZrA3l
dmcl8W45MebQJolL/cQHR3X9V0kWHL31Y5emtzZ1DbNIj4kQeylCymD7DjhW+1IL
t8bW4cVidzskX64ZpWHW/fMQBknNuONW6Lz9YsisQKl2DQUdQ/vsdyP6
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 3719 bytes and written 389 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: C39DBDBEB1BBF5C276304F76E31FF9E0348097B483937EC5073650C63785B1AA
    Session-ID-ctx:
    Master-Key: 0DA7484B1E3D52B929B34AD00F471016F76C69BAD30298912B0F7E77BDE66FF8AC39C2ED4BFE6D0DB56BB46871D5EF3
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - d0 6d dc d5 b3 3f 10 c3-de 7d 0c 31 6c e2 b0 78   .m...?...}.1l..x
    0010 - 78 77 3d f9 bb 45 dd 65-d9 dc a1 e8 c8 49 4c 89   xw=..E.e.....IL.
    0020 - 11 fa d8 ec b4 42 fa ad-fe 2f 54 1c 0a 4b e9 e6   .....B.../T..K..
    0030 - 1b f5 b3 8c 56 72 4d 19-0f d3 62 ec c7 6d f3 a6   ....VrM...b..m..
    0040 - ca ac de d7 c3 d8 a8 7d-83 d1 da ce 29 ad 3c 47   .......}....).<G
    0050 - 89 3f eb 9d 63 e8 d3 e6-07 96 81 48 f5 1b a1 56   .?..c......H...V
    0060 - b3 96 d8 29 6a 0a d8 56-2c e2 43 43 18 40 89 5a   ...)j..V,.CC.@.Z
    0070 - 46 f2 f8 56 21 4c 6a 6e-27 5a 26 90 7a b2 06 bf   F..V!Ljn'Z&.z...
    0080 - c7 32 05 44 2c 8e a8 cd-2a 11 0e 14 fc 9c ad 8b   .2.D,...*.......
    0090 - d2 c3 b5 e2 57 70 c2 95-54 ea ab 97 f4 42 c7 0d   ....Wp..T....B..
    00a0 - f7 a8 0a 98                                       ....

    Start Time: 1412865006
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
DONE



Maybe I am not a valid mail server/client to retrieve mail for gmail servers? I am at a lost on this one?
Oct 09
Philippe Eveleigh replied to the topic Re:error sending to idled: 3 in the forums.
Tried the above fix and apparently the above idled cmd="idled" entry to cyrus configuration fixes both log errors.
Oct 08
Philippe Eveleigh created a new topic error sending to idled: 3 in the forums.
Found an old post here: Cyrus that have the following cyrus configuration:

START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
idled cmd="idled"
}

I am interested in finding out what: idled cmd="idled" does ?

I am getting the following messages in my log:
Code:

Oct  7 10:18:31 services110 lmtp[16375]: error sending to idled: 3


and

Code:

Oct  7 10:16:17 services110 imap[16342]: error sending to idled: 3



Also found a discussion here: Re:"error sending to idled: 3" annoying messages... but I also have the lmtp error.
Oct 07

Wall

No wall post to show

My Forum Updates

Groups

No group joined by the user yet.