# Getting Dovecot up and running -- ssl issue?



## osx-addict (Mar 5, 2009)

Hi all.. 

I installed dovecot last night (version 1.1.11) from the ports source.  I've got it running in my jail without problems and can access it from the home network.  However, when I tell my phone to talk to it via imaps (port 993) which I was doing before I moved to FreeBSD, I get the following errors in the dovecot log:


```
dovecot: Mar 05 07:07:45 Info: auth(default): new auth connection: pid=8805
dovecot: Mar 05 07:07:46 Info: imap-login: Disconnected (no auth attempts): rip=166.190.104.22, lip=10.0.1.198, TLS
dovecot: Mar 05 07:08:03 Info: auth(default): new auth connection: pid=8806
dovecot: Mar 05 07:08:04 Info: imap-login: Disconnected (no auth attempts): rip=166.190.104.22, lip=10.0.1.198, TLS
dovecot: Mar 05 07:08:45 Info: auth(default): new auth connection: pid=8807
dovecot: Mar 05 07:08:47 Info: imap-login: Disconnected (no auth attempts): rip=166.190.108.133, lip=10.0.1.198, TLS
```

This works fine from home but just not remotely.. No attemps to login or anything.. Any ideas?

Perhaps I should be asking over on the Dovecot list?


```
protocols = imaps #managesieve
listen = *
verbose_ssl = yes
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot 
ssl_cert_file = /etc/ssl/certs/imaps.mydomain.com.cert
ssl_key_file = /etc/ssl/private/imaps.mydomain.com.key
ssl_key_password = InsertMyPasswordHere
mail_location = mbox:/var/empty:INBOX=/var/mail/%u:INDEX=MEMORY
mail_privileged_group = mail
verbose_proctitle = yes
first_valid_uid = 1000
first_valid_gid = 1000
maildir_copy_with_hardlinks = yes
protocol imap {
  login_greeting_capability = yes
  imap_client_workarounds = delay-newmail netscape-eoh tb-extra-mailbox-sep
}

auth_username_format = %Lu

auth default {
  # Space separated list of wanted authentication mechanisms:
  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
  #   gss-spnego
  # NOTE: See also disable_plaintext_auth setting.
  mechanisms = plain login
  verbose= yes
  debug= yes
  debug_passwords= yes
  passdb passwd-file {
        args = /var/db/dovecot.users
  }
  passdb pam {
    args = session=yes dovecot
  }
  userdb passwd {
    # [blocking=yes] - By default the lookups are done in the main dovecot-auth
    # process. This setting causes the lookups to be done in auth worker
    # proceses. Useful with remote NSS lookups that may block.
    # NOTE: Be sure to use this setting with nss_ldap or users might get
    # logged in as each others!
    args = blocking=yes
  }
  user = root
  socket listen {
    master {
      # Master socket provides access to userdb information. It's typically
      # used to give Dovecot's local delivery agent access to userdb so it
      # can find mailbox locations.
      path = /var/run/dovecot/auth-master
      mode = 0600
      # Default user/group is the one who started dovecot-auth (root)
      #user =
      #group =
    }
    client {
      # The client socket is generally safe to export to everyone. Typical use
      # is to export it to your SMTP server so it can do SMTP AUTH lookups
      # using it.
      path = /var/run/dovecot/auth-client
      mode = 0660
    }
  }
}
```


----------



## DutchDaemon (Mar 5, 2009)

Do you have your phone set to connect to port 993, use SSL (not TLS), and use plaintext auhtentication?


----------



## osx-addict (Mar 5, 2009)

Yes.. I this case it's an iPhone (not the 3g model) and I don't think I can even set it up to use TLS if I recall.. I'll double-check.


----------



## osx-addict (Mar 5, 2009)

Ok... Problem solved... I had to great a new account on the iPhone to get it to use the new SSL certificate since the old one was under linux and I didn't move it over after installing freebsd.  Anyway, it's working fine now...


----------

