Jailed Service contact IMAPS

Wed Dec 30 00:26:37 UTC 2009

Being able to run those commands (telnet/openssl) via the jail implies
there is nothing wrong with the jail itself, but instead the
squirrelmail config.  Aside from double checking the squirrelmail config
which I would highly suggest, can you provide a packet capture of an
active squirrelmail session in which the squirrelmail application fails
to do what you intend it to do?  All that's necessary really is to
capture the initial SYN and the response to that SYN, provided the
machine your connected to provides one.  If you see the handshake
occuring then the problem is most likely elsewhere which may be
determined by increasing verbosity in the respective log files.

~Paul

Peter Fraser wrote:
> Yes I can connect over telnet. If I even do openssl s_client -connect
> <server_ip>:993 I can also connect and list my mail. The machine is
> running FreeBSD 8 by the way.
>
> On Mon, Dec 28, 2009 at 9:53 AM, Paul Procacci <pprocacci at datapipe.com> wrote:
>
>> Peter Fraser wrote:
>>
>>> Hi All
>>>
>>> I have two servers, one running apache and squirrelmail in a jail.
>>> Squirrelmail on this server is trying to contact dovecot running imaps
>>> on port 993 on another server and failing. When I try from another
>>> physical machine it works but I would prefer to run this service from
>>> within a jail.
>>>
>>> Can anyone please let me know how to make this work?
>>> _______________________________________________
>>> freebsd-stable at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>>>
>>>
>> Have you tried to first do a simple (from within the jail):
>>
>> telnet host 993
>>
>> Do you get connected?  If not, do you have any firewall rules either on
>> the host maintaining the jail or the host you are connecting to?  If
>> not, can you do a tcpdump to see what specificly is happening to those
>> packets via (on the host again):
>>
>> tcpdump -i <interface> host <ip of jail> and port 993
>>
>> Do you see packets both leaving your machine and coming back?  If not,
>> can you repeat the process above on the host machine maintaining the
>> jail, but not within the jail itself.  Are the results the same?
>>
>> The above is a start and should provide enough information as to whether
>> the problem is specific to the jail or the physical host.
>>
>> ~Paul
>>
>> This message may contain confidential or privileged information.  If you are
>> not the intended recipient, please advise us immediately and delete this
>> message.  See http://www.datapipe.com/emaildisclaimer.aspx for further
>> information on confidentiality and the risks of non-secure electronic
>> communication. If you cannot access these links, please notify us by reply
>> message and we will send the contents to you.
>>
>>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>

This message may contain confidential or privileged information.  If you are not the intended recipient, please advise us immediately and delete this message.  See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.