Re: SMTP+SSL =error (log files)

[Emmanuel Gilmont <e....@ibelgique.com>]

You got it :-)

I made 3 attempts (see smtpserver.log for details):
1) kmail + ssl + auth + verification
2) kmail + ssl
3) openssl (see openssl.debug for details)

Thanks for all.

Have a nice day,
Emmanuel

----------------------

> Emmanuel,
>
> Than you for helping out with this.  :-)  I'm relieved to hear that TLS is
> working for all of the protocols except for SMTP, and that it is working
> for SMTP manually.
>
> Please go into apps/james/SAR-INF/environment.xml, and change the entry for
> smtpserver from INFO to DEBUG.  That ought to be line 50.  Then we will
> want to see the portion of the log showing when kmail tries to use SMTP
> with TLS.
>
> A useful paper: http://www.sial.org/talks/smtpauth-starttls/talk.html
>
> 	--- Noel
>
> -----Original Message-----
> From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
> Sent: Wednesday, January 22, 2003 7:25
> To: James Users List
> Subject: Re: SMTP+SSL =error
>
> > Emmanuel,
> >
> > Are you saying that SSL (TLS) works for RemoteManager and POP3, but not
> > SMTP?
>
> Yes. That's right.
>
> > Are you getting ssl:<port> indicators emitted at startup for
> > RemoteManager, POP3 and SMTP?
>
> Yes, all seems ok. And when I try to connect to the SMTP deamon with
> openssl (openssl s_client -connect localhost:25), it works very well. Maybe
> it's kmail which can't handle it ?
>
> > Technically, SMTP is a bit different from the others.  I don't believe
> > STARTTLS is currently implemented.  Some clients may have issue with that
> > lack.
> >
> > Can you please provide information on how you prepared the TLS
>
> environment?
>
> OK, tell me what I should provide to you...
>
> > Also, please turn on DEBUG for SMTP, and provide a log of an attempted
>
> SMTP
>
> > SSL session?
>
> Maybe I'm blind... but how do you turn on the DEBUG mode ? (I'll search...
>
> :-)
>
> Thanks,
> Emmanuel
>
> > 	--- Noel
> >
> > -----Original Message-----
> > From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
> > Sent: Tuesday, January 21, 2003 10:28
> > To: james-user@jakarta.apache.org
> > Subject: SMTP+SSL =error
> >
> >
> > Hi all,
> >
> > After reading the archive, I decide to post this message.
> >
> > I succefully configured my James server but got an error.
> >
> > Config:
> > - remote manager uses ssl (port 4555)
> > - pop use ssl (port 995)
> > - smtp use auth, verification and ssl (port 25)
> > - nothing more
> >
> > If I disable the ssl for the smtp, it works very well. But when
> > activated, my mail client (kmail) got a message like this: "mail server
> > doens't answer..."
> >
> > Anybody with an idea ?
> >
> > Thanks,
> > Emmanuel

RE: SMTP+SSL =error (log files)

["Noel J. Bergman" <no...@devtech.com>]

Emmanuel,

>From what is present in the log files, my guess is that kmail is starting
with a plain socket, and expecting to be able to switch to TLS using
STARTTLS.  That is why the connection is immediately rejected.  Is it
possible to force kmail to start with TLS?

STARTTLS support is being worked on for James v3.

	--- Noel

-----Original Message-----
From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
Sent: Thursday, January 23, 2003 3:57
To: James Users List
Subject: Re: SMTP+SSL =error (log files)


You got it :-)

I made 3 attempts (see smtpserver.log for details):
1) kmail + ssl + auth + verification
2) kmail + ssl
3) openssl (see openssl.debug for details)

Thanks for all.

Have a nice day,
Emmanuel

----------------------

> Emmanuel,
>
> Than you for helping out with this.  :-)  I'm relieved to hear that TLS is
> working for all of the protocols except for SMTP, and that it is working
> for SMTP manually.
>
> Please go into apps/james/SAR-INF/environment.xml, and change the entry
for
> smtpserver from INFO to DEBUG.  That ought to be line 50.  Then we will
> want to see the portion of the log showing when kmail tries to use SMTP
> with TLS.
>
> A useful paper: http://www.sial.org/talks/smtpauth-starttls/talk.html
>
> 	--- Noel
>
> -----Original Message-----
> From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
> Sent: Wednesday, January 22, 2003 7:25
> To: James Users List
> Subject: Re: SMTP+SSL =error
>
> > Emmanuel,
> >
> > Are you saying that SSL (TLS) works for RemoteManager and POP3, but not
> > SMTP?
>
> Yes. That's right.
>
> > Are you getting ssl:<port> indicators emitted at startup for
> > RemoteManager, POP3 and SMTP?
>
> Yes, all seems ok. And when I try to connect to the SMTP deamon with
> openssl (openssl s_client -connect localhost:25), it works very well.
Maybe
> it's kmail which can't handle it ?
>
> > Technically, SMTP is a bit different from the others.  I don't believe
> > STARTTLS is currently implemented.  Some clients may have issue with
that
> > lack.
> >
> > Can you please provide information on how you prepared the TLS
>
> environment?
>
> OK, tell me what I should provide to you...
>
> > Also, please turn on DEBUG for SMTP, and provide a log of an attempted
>
> SMTP
>
> > SSL session?
>
> Maybe I'm blind... but how do you turn on the DEBUG mode ? (I'll search...
>
> :-)
>
> Thanks,
> Emmanuel
>
> > 	--- Noel
> >
> > -----Original Message-----
> > From: Emmanuel Gilmont [mailto:e.gilmont@ibelgique.com]
> > Sent: Tuesday, January 21, 2003 10:28
> > To: james-user@jakarta.apache.org
> > Subject: SMTP+SSL =error
> >
> >
> > Hi all,
> >
> > After reading the archive, I decide to post this message.
> >
> > I succefully configured my James server but got an error.
> >
> > Config:
> > - remote manager uses ssl (port 4555)
> > - pop use ssl (port 995)
> > - smtp use auth, verification and ssl (port 25)
> > - nothing more
> >
> > If I disable the ssl for the smtp, it works very well. But when
> > activated, my mail client (kmail) got a message like this: "mail server
> > doens't answer..."
> >
> > Anybody with an idea ?
> >
> > Thanks,
> > Emmanuel


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>