[Freedombox-discuss] Can't log into internal imap/dovecot server from roundcube, also domains and BIND.

A. F. Cano afc54 at comcast.net
Thu Mar 4 01:33:04 GMT 2021

Hello everyone,

I have setup an imap server on an internal machine.  I can access it with

mutt -f imaps://<machine-name>.<internal>.<domain>.org/<mailbox>

(the internal domain is obviously not valid outside and a leftover from the
days I had only one machine and an email address in such a sub-domain that
no longer exists)

I can also access the mailbox with

mutt -f imaps://<machine-name>/<mailbox>

after I say to continue once after a get a certificate warning that the
certificate is for the full domain name.

I have hundreds of mailboxes accessible by the dovecot server.  In mutt I
have to specify one.

In the Name Services of the FreedomBox, I have:

Dynamic Domain Name	<sub-domain>.freedombox.rocks
Local Network Domain	<FreedomBox-name>.local

The former works great, the latter works fine for accessing the FreedomBox
with Cockpit.  I suspect the problem I'm having with RoundCuge is related
to the domain names.  When I launch the RoundCube client, the User Name and
password fields come pre-loaded with the FreedomBox admin user and password.
I don't think this is right.  Shouldn't this be the user name and password
of the mail server? In my case, the login name and password of the machine
where the imap server is.  This is what mutt asks for before I can connect.
Since the FreedomBox doesn't know about the internal domain name I enter
my login name, my password and imaps://192.168.200.x (the IP address of the
computer that has the imap server).  When I click "LOGIN" is says "loading"
and then "Connection to storage server failed."  As there is no configuration
that can be done to RoundCube, I'm not sure what to do next.

The internal network is all based on /etc/hosts.  I'm trying to figure out how
to transition that to a more modern system but I would like to have the static
names and addresses assigned from a single place.  The obvious place is the
FreedomBox BIND page, but there is only one configurable field: Forwarders.

I have an APU1D4 as the FreedomBox, with 2 internal interfaces, which I've set
up as "shared", and they work fine in static/etc/hosts mode. but I would like
to start testing BIND on one (the non-critical/non-production one).  I'm not
sure what I would need to do, or even if it is possible to configure BIND to
give static addresses to 2 different sub-nets separately.  There certainly
appears to be no configuration options in the FreedomBox pages.

Before I installed and enabled the BIND app, the DHCP requests were leaking to
the cable modem and the internal network machines were being assigned IPs that
were not those in /etc/hosts.  This was confusing until I realized that it was
the expected behavior (forwading the requests out).  Now that BIND is enabled,
this doesn't happen any more, but what do I need to do to configure BIND?

It would be nice if the FreedomBox were aware of the internal domain so that
(for instance) I wouldn't have to enter a numerical address in RoundCube.  The
impression I get is that all the domains that are configurable in FreedomBox
are or are supposed to be visible from outside except for the Local Network
Domain.  Should I rename all the internal machines as <machine-name>.local?
Ideally I would have one /etc/hosts file on the FreedomBox that would have all
the information dns and dhcp would need.

Any hints as to what the problem might be with RoundCube failing to connect?

This is what's in /var/log/mail.info on the imap server

Mar  3 20:00:19 <internal host name> dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=192.168.200.<freedombox IP>, lip=192.168.200.<imap server IP>, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<f9fHfau8sNrAqMgb>

The user=<> seems not right.  Any hints?



More information about the Freedombox-discuss mailing list