William

Asked: 2020-09-15 01:18:08 +0800 CST2020-09-15 01:18:08 +0800 CST 2020-09-15 01:18:08 +0800 CST

Why cannot I retrieve emails from Cyrus-imap pop3 server?

When I click "Get Messages" in the Thunderbird client, I cannot retrieve any email from my Cyrus-imap pop3 server. I configured Thunderbird client to use pop3 port 995, Connection security: SSL/TLS. There is no error messages shown in Thunderbird . It appears Thurderbird has logged in the server but find the mailbox is empty. But, the mailbox is not empty actually because I can use openssl to retrieve emails from it. During the connection of Thunderbird, there are some logs in /var/log/maillog:

Sep 14 04:17:32 host1 pop3s[26537]: skiplist: checkpointed /var/lib/imap/tls_sessions.db (125 records, 23196 bytes) in 0 seconds
Sep 14 04:17:32 host1 pop3s[26537]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits new) no authentication
Sep 14 04:17:32 host1 pop3s[26537]: counts: retr=<0> top=<0> dele=<0>

Why does starttls occur in the log? I configured Thunderbird to use SSL/TLS not STARTTLS. What does the "counts: retr=<0> top=<0> dele=<0>" mean?

I think the problem is probably caused by the self-signed certificate Cyrus-imap uses. so I applied for a letsencrypt certificate for the domain and change /etc/imap.conf from

tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt

to:

tls_cert_file:        /etc/letsencrypt/live/example.com/fullchain.pem
tls_key_file:        /etc/letsencrypt/live/example.com/privkey.pem
tls_ca_file:        /etc/letsencrypt/live/example.com/chain.pem

,and set the permission of /etc/letsencrypt/live/example.com/, /etc/letsencrypt/archive/example.com/ and all files in the directories to 777. When I click "Get Messages" in Thunderbird again, the problem persists but the logs in /var/log/maillog change to:

Sep 14 04:36:25 host1 pop3s[30099]: skiplist: checkpointed /var/lib/imap/tls_sessions.db (126 records, 23388 bytes) in 0 seconds
Sep 14 04:36:25 host1 pop3s[30099]: TLS server engine: cannot load CA data
Sep 14 04:36:25 host1 pop3s[30099]: unable to get certificate from '/etc/letsencrypt/live/example.com/fullchain.pem'
Sep 14 04:36:25 host1 pop3s[30099]: TLS server engine: cannot load cert/key data
Sep 14 04:36:25 host1 pop3s[30099]: [pop3d] error initializing TLS
Sep 14 04:36:25 host1 pop3s[30099]: Fatal error: tls_init() failed
Sep 14 04:36:25 host1 pop3s[30099]: counts: retr=<0> top=<0> dele=<0>

So what on earth is the problem? Did Thunderbird successfully connect/login the server but did not find a message for some reason, or just could not connect to the server?

Why cannot I retrieve emails from Cyrus-imap pop3 server?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Why cannot I retrieve emails from Cyrus-imap pop3 server?

0 Answers