Re: [opensuse] Help with Certs for Cyrus IMAP and TLS

---

• From: "John Andersen" <jsamyth@xxxxxxxxx>
• Date: Tue, 20 May 2008 20:07:52 -0700

---

On Tue, May 20, 2008 at 7:00 PM, Jim Flanagan <linuxjim@xxxxxxxxxx> wrote:

Greetings all,

I am having problems with my certs. I made certs for TLS and put them in
/etc/postfix/ssl. I believe I made them correctly, all are owned root-root.
They are named, smtpd.crt, smtpd.key, cacert.pem, (also cakey.pem and
smptd.csr are there too). On sending a test message with Thunderbird I get
an error in /var/log/mail.info stating "cannot load RSA certificate and key
data". Thunderbird returns a message saying "unable to connect to SMTP
server at xx.xx.xx.xx via STARTTLS since it dosen't offer STARTTLS in EHLO
response.

Since you obfuscated the IP (xx.xx.xx.xx) I can only assume that it
was NOT 127.0.0.1 (localhost) which suggests you are connecting
to some IP that would make sense to obfuscate.

Which suggests that you are connecting to your external interface
from thunderbird, or thunderbird is not on this same machine?


Check your /etc/sysconfig/postfix file for the line (near bottom)
that says:
POSTFIX_ADD_MYNETWORKS_STYLE="subnet"
(if that says host instead of subnet then only connections
from/to 127.0.0.x will be allowed.

Also, you should have a postfix configuration line that reads
smtp_sasl_mechanism_filter = !DIGEST-MD5, !external, static:all
because the mechanisms "Not"ed out really don't work and are
not necessary.



--
----------JSA---------
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

---

• Follow-Ups:
  • Re: [opensuse] Help with Certs for Cyrus IMAP and TLS
    • From: Jim Flanagan

• References:
  • [opensuse] Help with Certs for Cyrus IMAP and TLS
    • From: Jim Flanagan

• Prev by Date: [opensuse] Re: Suse 10.3 install - oh dear (rant only)
• Next by Date: Re: [opensuse] suse 11.x sources
• Previous by thread: [opensuse] Help with Certs for Cyrus IMAP and TLS
• Next by thread: Re: [opensuse] Help with Certs for Cyrus IMAP and TLS
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Email clients in Ubuntu ...  It does not appears to be client specific since the same symptom appears in Thunderbird as in Evolution. ... Ubuntu 9.04 ... "dropping SMTP packets"? ... It sounds like they are all connecting to the ... (Ubuntu) replying to a message in debian-user ... preceeding message, or a thread identifier ... to the list maintenance program to allow ... connecting the new message into the correct ... Thunderbird is not available when I am away ... (Debian-User) Re: [opensuse] Help with Certs for Cyrus IMAP and TLS ... The certs have a permission issue, all are root-root with read by group ... Thunderbird never accesses these certs nor does it require any passphrases. ... The directory structure you are using is slightly different than the one ... all readable by root only. ... (SuSE)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)