Bug #2703
POP3s port is closed
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-mail-server | |||
Target version: | v6.5 | |||
Security class: | Resolution: | |||
Affected version: | v6.5-final | NEEDINFO: | No |
Description
Nethserver with mail -> mailboxes -> pop3 checked
Connection from internal or external networks to pop3s (port 995) doesn't works
daemon is listening correctly on 995
openssl s_client -connect localhost:995 -quiet +OK Dovecot ready
But no 995 rule on iptables in INPUT iptable table I see only this ports: 110 993 143
Infact the port is not here too:
config getprop dovecot TCPPorts 110,143,4190,993
Associated revisions
dovecot DB default: open POP3s port. Refs #2703
Added bug2703.ns6_5 migration fragment. Refs #2703
Fixes port POP3s 995 by enabling it by default.
Removed execution bit. Refs #2703
History
#1 Updated by Alessio Fattorini over 7 years ago
Quick workaround add 995 port to db and modify firewall configuration:
config setprop dovecot TCPPorts 4190,993,995 signal-event firewall-adjust
#2 Updated by Filippo Carletti over 7 years ago
- Subject changed from IMAPS port is not open on firewall to POP3S port is not open on firewall
#3 Updated by Alessio Fattorini over 7 years ago
- Subject changed from POP3S port is not open on firewall to POP3s port is not open on firewall
- Description updated (diff)
#4 Updated by Davide Principi over 7 years ago
- Target version set to ~FUTURE
#5 Updated by Davide Principi over 7 years ago
- Subject changed from POP3s port is not open on firewall to POP3s port is closed
- Status changed from NEW to TRIAGED
- Target version changed from ~FUTURE to v6.5
- % Done changed from 0 to 20
- Affected version set to v6.5-final
#6 Updated by Davide Principi over 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#7 Updated by Davide Principi over 7 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case
After a fresh nethserver-mail-server
installation the 995 TCP port must be open:
# iptables -nvL | grep 995 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
Release note
For existing installations the DB dovecot/TCPPorts
prop must be upgraded manually. Type the following command:
# { config getprop dovecot TCPPorts | grep -q 995; } || config setprop dovecot TCPPorts `config getprop dovecot TCPPorts`,995
#8 Updated by Davide Principi over 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-mail-server-1.6.3-1.0git89102458.ns6.noarch
#9 Updated by Filippo Carletti over 7 years ago
- Status changed from ON_QA to TRIAGED
- % Done changed from 70 to 20
I'd add a migration fragment to automatically update the db.
#10 Updated by Davide Principi over 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
Ok, the migration fragment must be removed after v6.5 release.
#11 Updated by Filippo Carletti over 7 years ago
Davide Principi wrote:
Ok, the migration fragment must be removed after v6.5 release.
Mmh, why? If you update from 6.5 to 6.7?
#12 Updated by Davide Principi over 7 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Remove the "Release notes"
#13 Updated by Davide Principi over 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-mail-server-1.6.3-3.0git784e0724.ns6.noarch.rpm
#14 Updated by Davide Principi over 7 years ago
Filippo Carletti wrote:
Davide Principi wrote:
Ok, the migration fragment must be removed after v6.5 release.
Mmh, why? If you update from 6.5 to 6.7?
Right, I correct myself: it must be removed at the next major release (7.0), as it seems that upstream upgrades for minor releases are allowed:
http://lists.centos.org/pipermail/centos-announce/2013-December/020032.html
#15 Updated by Giacomo Sanchietti over 7 years ago
- Assignee set to Giacomo Sanchietti
#16 Updated by Giacomo Sanchietti over 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
Fresh install
[root@localhost ~]# netstat -lanp | grep 995 | grep dovecot tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 4242/dovecot tcp 0 0 :::995 :::* LISTEN 4242/dovecot [root@localhost ~]# config getprop dovecot TCPPorts 110,143,4190,993,995
Already installed machine
Before update:
[root@localhost packages]# config getprop dovecot TCPPorts 110,143,4190,993
After update:
[root@localhost packages]# config getprop dovecot TCPPorts 110,143,4190,993,995
#17 Updated by Giacomo Sanchietti over 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-mail-server-1.6.4-1.ns6.noarch.rpm