1 Topic by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Topic: TLS error

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version (check /etc/iredmail-release):
0.9.2
- Linux/BSD distribution name and version:
ubuntu 14.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
LDAP
- Web server (Apache or Nginx):
Apache
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
dovecot.log:

Apr 22 10:02:42 pop3-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<J3H19BQx1wAKZGQE>
Apr 22 10:02:45 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<6ecd9RQxEQAKZGQE>
Apr 22 10:02:52 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<VUqP9RQxHQAKZGQE>
Apr 22 10:03:11 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<XIas9hQxPgAKZGQE>
Apr 22 10:03:11 pop3-login: Info: Login: user=<test@mydomain.com>, method=PLAIN, rip=1.1.1.4, lip=1.1.1.6, mpid=2740, TLS, session=<t5qx9hQxCgAKZGQE>
Apr 22 10:03:11 pop3(test@mydomain.com): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/4935, size=74644933
Apr 22 10:03:13 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<P8zX9hQxQwAKZGQE>
Apr 22 10:05:39 pop3-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=1.1.1.4, lip=1.1.1.6, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<E4aA/xQxCAAKZGQE>

====

keep getting the no auth attempt errors and the tls handshaking errors. i have checked my ssl cert and it is a valid cert, so why am i getting these errors?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: TLS error

*) Did you follow our tutorial to setup SSL cert?
*) Please double check Dovecot config file, make sure you're using the correct SSL cert/key files.

3 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: TLS error

ZhangHuangbin wrote:

*) Did you follow our tutorial to setup SSL cert?
*) Please double check Dovecot config file, make sure you're using the correct SSL cert/key files.

I have followed the tutorial for SSL and have double checked that I am using the correct SSL cert/key files. Logs are still showing the TLS handshake error.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: TLS error

What's your mail client application? Does it have correct smtp settings? it must use port 587 with TLS support, not SSL.

5 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: TLS error

ZhangHuangbin wrote:

What's your mail client application? Does it have correct smtp settings? it must use port 587 with TLS support, not SSL.

mail application is apple mail ssl boxes are checked as apple supports tls in its SSL settings, and smtp is using 587, pop3 on 995 and, imap on 993

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: TLS error

Could you please try Thunderbird also?

I use Apple Mail.app too, but no issue at all.

7 Reply by jon.hoffart

  • jon.hoffart
  • Member
  • Offline
  • Registered: 2014-02-18
  • Posts: 51

Re: TLS error

ZhangHuangbin wrote:

Could you please try Thunderbird also?

I use Apple Mail.app too, but no issue at all.


I dont beleive the mail client is the issue as all users can send and receive mail. I am using haproxy between the client and the mail server. Could haproxy cause the tls handshaking error I am seeing in the dovecot log?

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: TLS error

Testing with another mail client application is used to make sure it's not a Mac Mail.app issue...