| SYSTEM INFORMATION | |
|---|---|
| OS type and version | AlmaLinux 10 |
| Virtualmin version | 8.1.0 |
I’ve been struggling for a few days trying to get email set up (using dovecot) on my new server.
I fixed some issues using dovecot’s documentation, especially their page about testing. That helped me understand that I shouldn’t use exotic characters (in my case, {) in my user password, something that seems to be surprisingly under-documented online.
Using nc localhost 143 from a terminal logged into my server, I can connect to dovecot and issue commands without a problem. So I know the server is up and running. However, when I try to connect remotely using openssl s_client -connect [server]:993, I get through the initial SSL handshaking but inevitably fail to authenticate:
...
Start Time: 1782864052
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
* OK [CAPABILITY IMAP4rev1 LOGIN-REFERRALS ID ENABLE IDLE SASL-IR LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a login isohedral [password]
a NO [AUTHENTICATIONFAILED] Authentication failed.
My instinct is to blame an SSL certificate issue. But I’m fairly naive about SSL, so I don’t know if that could be it. Besides—if openssl is getting me as far as the Dovecot ready message, doesn’t that imply that all the SSL stuff succeeded? But if that’s the case, I can’t form a mental model of why things should work locally but not remotely.
Any ideas or suggestions would be welcome, thanks.
