On Wed, 12 Aug 2015, Richard wrote:
I don't think that wireshark adds much to this. Unless you had a proxy in the middle, the "connection refused" responses already indicated that your connections were getting to the/a server, it's just refusing the connections.
Connections by name, especially short forms, are suspect unless you can be very certain of how they are being resolved (i.e., what IPnumber you end up trying to connect to). There is no reason that using root to connect to port 993 would work when a normal user doesn't. An IMAP server either accepts the initial connection from a machine or not - it doesn't know or care what type of user is originating the connection.
You may want to look into what you were able to connect to via:
openssl s_client -connect maui:993
I'd start by looking up what "maui" resolves to.
I just looked up maui.jaa.org.uk. It (currently) resolves to 213.152.52.233, not the 148.197 you seemed to be using above. I realize you may have some form of dynamic dns going here, but thought I'd mention it.
Could you try (as root) two slightly different version of my earlier netstat commands:
netstat -pnlA inet | egrep ':993|:143'
netstat -pnlA inet6 | egrep ':993|:143'
the addition of "A inet/inet6" will show whether it is listening via ipv4 (inet) or ipv6 (inet6) on the imap port
Hi Richard
I have been working at trying to get cyrus to listen on 148.197.29.5 interface instead of the localhost - I have failed
Whenever I add things to /etc/cyrus.conf such as imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1
[root@maui:~]$ service cyrus-imapd restart
[root@maui:~]$ ps -ef|grep cyr cyrus 22187 1 0 13:26 ? 00:00:00 idled cyrus 28044 1 0 13:54 ? 00:00:00 /usr/lib/cyrus-imapd/cyrus-master -d cyrus 28048 1 0 13:54 ? 00:00:00 idled cyrus 28050 28044 0 13:54 ? 00:00:00 imapd cyrus 28051 28044 0 13:54 ? 00:00:00 pop3d cyrus 28052 28044 0 13:54 ? 00:00:00 pop3d -s cyrus 28053 28044 0 13:54 ? 00:00:00 lmtpd -a cyrus 28054 28044 0 13:54 ? 00:00:00 imapd cyrus 28055 28044 0 13:54 ? 00:00:00 pop3d cyrus 28058 28044 0 13:54 ? 00:00:00 imapd cyrus 28059 28044 0 13:54 ? 00:00:00 imapd cyrus 28060 28044 0 13:54 ? 00:00:00 imapd cyrus 28061 28044 1 13:54 ? 00:00:00 pop3d root 28063 11348 0 13:54 pts/2 00:00:00 grep cyr
Then no "imapd -s" appears
I have tried all sorts of combinations in cyrus.conf but all fail to LISTEN on 148.197.29.5
I have tried taking maui out of /etc/hosts
My IP addresses are a bit odd - but I have been using 148.197.29.0/24 for so long, ... They have never escaped as far as I know! client machine ja@paxos ~ 1$ host 148.197.29.5 5.29.197.148.in-addr.arpa domain name pointer maui.jaa.org.uk. ja@paxos ~ 2$ host maui maui.jaa.org.uk has address 148.197.29.5
server machine [root@maui:/etc/pki/cyrus-imapd]$ host maui maui.jaa.org.uk has address 148.197.29.5 ----------------------------------------------------------------------- With these lines in cyrus.conf imap cmd="imapd" listen="imap" prefork=5 # imaps cmd="imapd -s" listen="imaps" prefork=1 imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1 pop3 cmd="pop3d" listen="pop3" prefork=3 pop3s cmd="pop3d -s" listen="pop3s" prefork=1 sieve cmd="timsieved" listen="sieve" prefork=0
your two netstat lines show [root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep ':993|:143' udp 0 0 0.0.0.0:143 0.0.0.0:* 1465/portreserve udp 0 0 0.0.0.0:993 0.0.0.0:* 1465/portreserve
[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet6 | egrep ':993|:143' tcp 0 0 :::143 :::* LISTEN 29460/cyrus-master
-------------------------------------------------------------------------- With imap cmd="imapd" listen="imap" prefork=5 imaps cmd="imapd -s" listen="imaps" prefork=1 # imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1 pop3 cmd="pop3d" listen="pop3" prefork=3 pop3s cmd="pop3d -s" listen="pop3s" prefork=1 sieve cmd="timsieved" listen="sieve" prefork=0
[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep ':993|:143' udp 0 0 0.0.0.0:143 0.0.0.0:* 1465/portreserve udp 0 0 0.0.0.0:993 0.0.0.0:* 1465/portreserve [root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet6 | egrep ':993|:143' tcp 0 0 :::993 :::* LISTEN 30596/cyrus-master tcp 0 0 :::143 :::* LISTEN 30596/cyrus-master
Why will cyrus not listen on 148.197.29.5 ?
John