mailing list archives

meli community discussions

⚠️ if something does not work as intended when interracting with the mailing lists,
reach out Github mirror Gitea repo @epilys:matrix.org

[Imap-protocol] issue with the iPhone IMAP client

E-mail headers
From: Bill Janssen <janssen@parc.com>
To: imap-protocol@u.washington.edu
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 08Jul16.163302pdt."58698"@synergy1.parc.xerox.com permalink / raw / eml / mbox 
I'm testing the iPhone IMAP mail client against my UpLib IMAP server,
and it seems to be unhappy, for reasons I don't understand.

My server is running on port 8143, and here's the server-side record
of the conversation:

S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP Server (V4r1) ready.\r\n
C: 1 STARTTLS\r\n

[handshake takes place]

S: 1 OK STARTTLS completed\r\n
C: 2 LOGOUT\r\n

On the iPhone, I see "Cannot Get Mail / the connection to the server failed"

Thunderbird and Apple Mail are happy with this server.

Any ideas?

Bill
Reply
E-mail headers
From: tss@iki.fi
To: imap-protocol@localhost
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 99F27FFC-0305-43FC-A736-42C71A51FFAD@iki.fi permalink / raw / eml / mbox 
On Jul 17, 2008, at 2:32 AM, Bill Janssen wrote:

> I'm testing the iPhone IMAP mail client against my UpLib IMAP server,
> and it seems to be unhappy, for reasons I don't understand.
>
> My server is running on port 8143, and here's the server-side record
> of the conversation:

Is this correct?

> S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP  
> Server (V4r1) ready.\r\n
> C: 1 STARTTLS\r\n
>
> [handshake takes place]
>
> S: 1 OK STARTTLS completed\r\n

OK reply should be sent before the handshake, not after.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 201 bytes
Desc: This is a digitally signed message part
URL: <http://mailman13.u.washington.edu/pipermail/imap-protocol/attachments/20080717/253c6ea3/attachment.sig>
Reply
E-mail headers
From: janssen@parc.com
To: imap-protocol@localhost
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 08Jul17.093304pdt."58698"@synergy1.parc.xerox.com permalink / raw / eml / mbox 
> My server is running on port 8143, and here's the server-side record
> of the conversation:
> 
> S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP Server (V4r1) ready.\r\n
> C: 1 STARTTLS\r\n
> S: 1 OK STARTTLS completed\r\n
> 
> [handshake takes place]
> 
> C: 2 LOGOUT\r\n
> 
> On the iPhone, I see "Cannot Get Mail / the connection to the server failed"

I've tried a few things: using the standard port, removing the
LOGINDISABLED, and sending all my capabilites up-front, instead of
waiting till after the STARTTLS, but nothing seems to help.

My guess is that the phone is objecting to the self-signed certificate
that I use to "secure" the server.  I installed the cert on the phone
as a "profile" (you convert it to DER, then mail it to yourself as an
attachment, then tap on the attachment), but that doesn't help.  I'll
try a properly signed cert from some big root authority next.

Any other ideas?

Bill
Reply
E-mail headers
From: joel@panacea.null.org
To: imap-protocol@localhost
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 5802.1216341354@succubus.panacea.null.org permalink / raw / eml / mbox 
> I'm testing the iPhone IMAP mail client against my UpLib IMAP server,
> and it seems to be unhappy, for reasons I don't understand.
> 
> My server is running on port 8143, and here's the server-side record
> of the conversation:
> 
> S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP Server (V4r1
> ) ready.\r\n
> C: 1 STARTTLS\r\n
> 
> [handshake takes place]
> 
> S: 1 OK STARTTLS completed\r\n
> C: 2 LOGOUT\r\n
> 
> On the iPhone, I see "Cannot Get Mail / the connection to the server failed"

This is sounding similar to a problem one of my users had with Apple Mail
recently, and the really strange thing is that other Apple Mail users
don't have the problem.

She couldn't connect with STARTTLS even though her client was prompting
her to confirm acceptance of my self-signed certificate.

Eventually I gave up and let her use IMAPS. I think the Apple STARTTLS
handling is buggy. Perhaps try IMAPS?

Cheers,

	- Joel
Reply
E-mail headers
From: janssen@parc.com
To: imap-protocol@localhost
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 08Jul16.175432pdt."58698"@synergy1.parc.xerox.com permalink / raw / eml / mbox 
> Is this correct?
> 
> > S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP  
> > Server (V4r1) ready.\r\n
> > C: 1 STARTTLS\r\n
> >
> > [handshake takes place]
> >
> > S: 1 OK STARTTLS completed\r\n
> 
> OK reply should be sent before the handshake, not after.

Sorry, no, that was a cut-and-paste error.  The OK reply is actually
sent before the handshake.

Thanks!

Bill
Reply
E-mail headers
From: janssen@parc.com
To: imap-protocol@localhost
Date: Fri, 08 Jun 2018 12:34:42 -0000
Message-ID: 08Jul17.185317pdt."58698"@synergy1.parc.xerox.com permalink / raw / eml / mbox 
> > My server is running on port 8143, and here's the server-side record
> > of the conversation:
> > 
> > S: * OK [CAPABILITY IMAP4rev1 LOGINDISABLED STARTTLS] UpLib IMAP Server (V4r1) ready.\r\n
> > C: 1 STARTTLS\r\n
> > S: 1 OK STARTTLS completed\r\n
> > 
> > [handshake takes place]
> > 
> > C: 2 LOGOUT\r\n
> > 
> > On the iPhone, I see "Cannot Get Mail / the connection to the server failed"
> 
> I've tried a few things: using the standard port, removing the
> LOGINDISABLED, and sending all my capabilites up-front, instead of
> waiting till after the STARTTLS, but nothing seems to help.
> 
> My guess is that the phone is objecting to the self-signed certificate
> that I use to "secure" the server.  I installed the cert on the phone
> as a "profile" (you convert it to DER, then mail it to yourself as an
> attachment, then tap on the attachment), but that doesn't help.  I'll
> try a properly signed cert from some big root authority next.
> 
> Any other ideas?

I installed my self-signed server certificate as a root cert on my
iPhone, and now things are working.  It just objected to the
certificate.

By the way, to do this:

1.  Get the DER version of the cert.
2.  Put it on a Web server with the MIME type "application/x-x509-ca-cert".
3.  Browse the iPhone browser to it.
4.  Tap on it to install it.

Bill
Reply