Wednesday, October 24, 2007

Courier SSL problems after update

I posted this message as a comment to the HOWTO I used to configure my mail server:
http://www.howtoforge.com/fedora_virtual_postfix_mysql_quota_courier

I've been running a mail server built using this HOWTO for a while now. I recently updated the entire server with a "yum update". Email clients could no longer connect to the server via POP3 or IMAP if SSL was enabled. I was getting errors like this in the error log:

Oct 23 13:19:32 mailhost pop3d-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Oct 24 10:36:13 mailhost imapd-ssl: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

I was able to fix this by editing the following files:

/usr/lib/courier-imap/etc/imapd-ssl
/usr/lib/courier-imap/etc/pop3d-ssl

I changed the TLS_PROTOCOL setting from SSL3 to SSL23 in both of these files:

TLS_PROTOCOL=SSL23

Then, I restarted courier-authlib and courier-imap and things were working again:

service courier-authlib restart
service courier-imap restart

The following commands were helpful in testing things out:

openssl s_client -connect mailhost:993 -state -debug
openssl s_client -connect mailhost:995 -state -debug
openssl s_client -ssl2 -connect mailhost:993 -state -debug
openssl s_client -ssl3 -connect mailhost:993 -state -debug
openssl s_client -ssl2 -connect mailhost:995 -state -debug
openssl s_client -ssl3 -connect mailhost:995 -state -debug

I hope this helps someone else, as I spent way too much time trying to solve it.

6 comments:

Eliaz Beth said...

Courier services are very useful services which helps to transport items or products of various sorts that might be required to be delivered urgently, safely or discreetly. The items that need to be couriered may be something valuable like- bank drafts, legal business documents, mail order items, films and tapes, artwork or fragile items like computer monitors. In fact there are special medical courier companies that transport medical supplies, blood samples, organs and so on. la courier

Alice Parker said...

I really enjoyed reading this post about parcel services, thank you for sharing. I rarely come across the article equally interesting and informative! I generally prefer WPS to send parcel to Germany and would recommend it to all.

sheela rajesh said...


Really nice blog and impressive information you gave us.Thank you and i will expect more in future.
JAVA Training in Chennai
Java training institute in chennai
Selenium Training in Chennai
Hadoop Training in Chennai
Python Training in Chennai
Software testing training in chennai
JAVA Training in Chennai
Java Training in Velachery

Chris Hemsworth said...

The article is so informative. This is more helpful for our
software testing class
selenium training in chennai
software testing course in chennai with placement
magento training course in chennai
Thanks for sharing.

zuan said...

Thanks for sharing an informative blog keep rocking bring more details.I like the helpful info you provide in your articles. I’ll bookmark your weblog and check again here regularly. I am quite sure I will learn much new stuff right here! Good luck for the next!
mobile application development training online
web designing course with placement in chennai
web designing training institute in chennai
web design and development training
mobile app development course
mobile application development course
learn mobile application development
mobile app development training

Huongkv said...

Mua vé tại Aivivu, tham khảo

vé máy bay đi Mỹ Vietnam Airline

vé máy bay từ mỹ đi việt nam

vé máy bay từ Toronto về việt nam

giá vé máy bay từ nhật về việt nam

vé máy bay từ hàn quốc sang việt nam

Vé máy bay từ Đài Loan về VN

 

Labels

Labels