Bonjour à tous,
Dans un premier temps, j’ai déployé un serveur IMAP dovecot et un serveur SMTP Opensmtp.
J’ai testé l’IMAP et le SMTP avec le client léger claws mail qui a l’avantage de tracer les connexions IMAP/SMTP pour les emails.
Dovecot a comme base les users linux avec une ACL.
OpenSMTP authentifie les users par le socket LMTP.
Sogo, j’ai configuré la base postgresql pour m’authentifier, attention à bien mettre le même user que la base user linux.
Jusqu’ici, j’arrive à me loguer à la platforme Sogo mais n’arrive pas à me connecter au serveur IMAP.
J’arrive à faire une demande au serveur IMAP mais à priori aucune commande n’est envoyé d’après les logs donc la connection IMAP se ferme.
Je pense à un problème de proxy, configuration de sogo pour cela, reverse proxy avec apache2.
log sogo
<0x0x55b5bdb20780[NGImap4Client]> TLS started successfully.
: <0x0x55b5bdb20780[NGImap4Client]> ERROR(-[NGImap4Client _processUnknownCommandParserException:]): catched non-IMAP4 parsing exception UnexpectedEndOfStream: the parsed stream ended unexpectey
: [ERROR] <0x0x55b5bdb0e400[NGImap4ConnectionManager]> IMAP4 login failed:
host=localhost, user=electro, pwd=yes
url=imaps://electro@localhost/?tls=YES
base=(null)
base-class=(null))
= <0x0x55b5bdb20780[NGImap4Client]: login=electro(pwd) socket=<NGActiveSSLSocket[0x0x55b5bddcd440]: mode=rw address=(null)>>
:<0x55b5bddf0610[SOGoMailAccount]:0> renewing imap4 password
log dovecot
dovecot-info.log
imap-login: Info: Login: user=<electro>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=869, TLS, session=<09sQej+c1s9/AAAB>
imap(electro)<869><09sQej+c1s9/AAAB>: Info: Connection closed (No commands sent) in=0 out=373 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
imap-login: Info: Login: user=<electro>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=869, TLS: read(size=522) failed: Connection reset by peer, session=<c+YRej+c2M9/AAAB>
imap(electro)<869><c+YRej+c2M9/AAAB>: Info: Connection closed (No commands sent) in=0 out=373 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
dovecot-debug.log
auth: Debug: client in: AUTH 1 PLAIN service=imap secured=tls session=4PMUej+c3M9/AAAB lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=53212 ssl_cipher=TLS_AES_256_GCM_SHA384 ssl_cipher_bits=256 ssl_pfs=KxANY ssl_protocol=TLSv1.3 resp=AGpvZmZyZXk1NzUAMTExMjg5 (previous base64 data may contain sensitive data)
auth-worker(867): Debug: pam(electro,127.0.0.1,<4PMUej+c3M9/AAAB>): lookup service=dovecot
auth-worker(867): Debug: pam(electro,127.0.0.1,<4PMUej+c3M9/AAAB>): #1/1 style=1 msg=Password:
auth: Debug: auth client connected (pid=872)
auth: Debug: client passdb out: OK 1 user=electro
auth: Debug: master in: REQUEST 2655649795 871 1 c48927683b33e0b74afef06f65901062 session_pid=869 request_auth_token
auth-worker(867): Debug: passwd(electro,127.0.0.1,<4PMUej+c3M9/AAAB>): lookup
auth: Debug: master userdb out: USER 2655649795 electro system_groups_user=electro uid=1000 gid=1000 home=/home/electro auth_token=69afb1c0e939f41d000be9c6edabc9af087bc2d8
Je n’arrive pas à récupérer les mails et les dossiers par IMAP. Serais-ce à cause du proxy ?
Voici ma conf apache2
<VirtualHost *:80>
Servername webmail.mon_domain.com
RedirectMatch permanent ^/ https://webmail.mon_domain.com/SOGo
RedirectMatch permanent ^/SOGo https://webmail.mon_domain.com/SOGo
</VirtualHost>
<VirtualHost *:443>
Servername webmail.mon_domain.com
SSLEngine On
SSLCertificateFile /var/lib/dehydrated/certs/webmail.mon_domain.com/fullchain.pem
SSLCertificateKeyFile /var/lib/dehydrated/certs/webmail.mon_domain.com/privkey.pem
DocumentRoot /usr/lib/GNUstep/SOGo/WebServerResources/
ErrorLog /var/log/apache2/error.log
Customlog /var/log/apache2/access.log combined
ServerSignature Off
<IfModule mpm_itk_module>
AssignUserId sogo-a sogo-a
</IfModule>
Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2
<Directory /usr/lib/GNUstep/SOGo/>
Require all granted
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
SetHandler default-handler
</LocationMatch>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
<Proxy http://127.0.0.1:20000/SOGo>
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "webmail.mon_domain.com"
RequestHeader set "x-webobjects-server-url" "https://webmail.mon_domain.com"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e env=REMOTE_HOST
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Proxy>
## We use mod_rewrite to pass remote address to the SOGo proxy.
# The remote address will appear in SOGo's log files and in the X-Forward
# header of ewebmails.
RewriteEngine On
RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]
Redirect permanent /index.html https://webmail.mon_domain.com/SOGo
</virtualhost>
<virtualhost *:8800>
# this virtualhost is only for carddav on Mac (Mail and Iphone)
RewriteEngine Off
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPassInterpolateEnv On
ProxyPass /principals http://127.0.0.1:20000/SOGo/dav/ interpolate
ProxyPass /SOGo http://127.0.0.1:20000/SOGo interpolate
ProxyPass / http://127.0.0.1:20000/SOGo/dav/ interpolate
<Location />
Order allow,deny
Allow from all
</Location>
<Proxy http://127.0.0.1:20000>
RequestHeader set "x-webobjects-server-port" "8800"
RequestHeader set "x-webobjects-server-name" "webmail.mon_domain.com:8800"
RequestHeader set "x-webobjects-server-url" "https://webmail.mon_domain.com:8800"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" "127.0.0.1"
AddDefaultCharset UTF-8
</Proxy>
ErrorLog /var/log/apache2/error.log
Customlog /var/log/apache2/access.log combined
</virtualhost>
Merci par avance si vous avez déjà mis en place ce genre de solution.