courier imap

SSL

POP(110) STARTTLS も対応

確認

openssl s_client -crlf -connect mail.domain.com:110 -starttls pop3

linux - Secure telnet for POP3 and others - Super User

証明書更新時は pop3d プロセスも再起動する

sudo /usr/local/etc/rc.d/courier-imap-pop3d restart

確認
openssl s_client -crlf -connect mail.domain.com:110 -starttls pop3 \
 | openssl x509 -noout -enddate

SSL,STARTTLSによるメール通信経路の暗号化| SecurityGateway

debug

Unexpected SSL connection shutdown

TLS_PROTOCOL

https://talk.plesk.com/threads/apple-mail-cant-connect-with-ssl-since-upgrade.335290/

TLS_PROTOCOL=SSL23

IMAP4で受信できるか?を確認します。そこで結構重要なことが判明しました。なんとiPhoneのメールアプリのIMAP4の受信でSSLを有効にしているのですが、TLSは使えません。メールサーバのIMAP4側でSSLv3を有効にしてみると受信できるようになります。
...
2018年6月にiOS11.4でTLS接続を確認しました

iPhoneのメールアプリでIMAP接続はTLS不可能(iOS11で可能確認) | 田舎人i-simTripのモバイル旅行

dhparam

I understand that after updating to the latest iOS version, 8.4, you are unable to receive new email because of an SSL connection error. This could be happening because iOS 8.4 has increased security requirements for SSL.

To resolve the situation, the mail server administrator will need to increase the group size for Diffie-Hellman key exchange. Apple recommends a group size of 2048; this information can be found in the article attached below.

Use modern cryptographic practices when setting up SSL and TLS services on your server - Apple Support

The default minimum size allowed for DH ephemeral keys in iOS 8.4 was increased to 768 bits as well to combat an issue known as Logjam. This information can be located in the next attached article below.

after updating my iphone to ios version 8… - Apple Community

OpenSSL: Display DH Parameters - Super User

sudo openssl dhparam -inform PEM -in /usr/local/share/courier-imap/dhparams.pem -check -text
DH Parameters: (2048 bit)
...

Too many IMAP server processes

I have seen the exact same symptoms and think I've finally found the
cause of the problem. Once in a while netatalk creates an .AppleDouble
file in my maildir. Courier tries to use this as mailfolder but as it
does not have the proper structure the imapd process seems to hang
forever and at the same time looses it's parent process.

So for now deleting the .AppleDouble folder and killing all imapd
processes with a parent process of 1 which was created by the user with
the problem, seems to solve the problem.

https://www.mail-archive.com/courier-users@lists.sourceforge.net/msg35012.html

imap debug file

Courier Mail Server / Re: [Courier-imap] Debug/Log deleting-command on imap/pop

vi /usr/local/etc/etc/courier-imap/imapd

IMAPDEBUGFILE="imaplog.dat"

/usr/local/etc/rc.d/courier-imap-imapd restart
/usr/local/etc/rc.d/courier-imap-imapd-ssl restart

touch ~/Maildir/imaplog.dat

https://atmarkit.itmedia.co.jp/fnetwork/rensai/netpro09/imap4-fetch.html