From: william@thinktankworkspaces.com
To: 9front@9front.org
Subject: Re: [9front] Mail server setup
Date: Sat, 06 Aug 2022 12:47:33 -0700 [thread overview]
Message-ID: <5DB133F4076ADA8FFA563E41DA7707C1@thinktankworkspaces.com> (raw)
In-Reply-To: <D3F8F731B032246150FB8525840619D1@chrisfroeschl.de>
chmod 600 for the key sorry
Quoth chris@chrisfroeschl.de:
> Greetings all,
>
> I recently started to setup my first 9front hosting system. At the
> moment I'm having great issues with preparing my mail setup (like I
> expected).
>
> My server is already up and running auth/cpu/fs server
> (185.183.157.17) which I can rcpu into without issues.
>
> I'm not yet able to change my DNS entries, and as a result of that
> bound to testing most of the features via IP. (If that turns out to be
> the issue perhaps, I will be glad to risk it. I think smtp won't
> be testable like that? Correct me if I'm wrong)
>
> I followed the mail server configuration and maintenance from the FQA
> ( https://fqa.9front.org/fqa6.html#7.7 ) stopping at 7.7.6 (for now) .
>
> IMAP should work soley work with a proper tcp993, tls cert and of
> course my user (chris) (having a proper Inferno/POP secret (?) and
> groups):
>
> cpu% ls -l /sys/lib/tls/
> --rw-rw-r-- M 192 sys sys 412 Oct 5 2019 /sys/lib/tls/README
> d-rwxrwxr-x M 192 sys sys 0 Apr 3 17:52 /sys/lib/tls/acmed
> --rw-rw-r-- M 192 chris sys 1025 Aug 6 12:20 /sys/lib/tls/cert
> --rw------- M 192 chris sys 2399 Aug 5 15:24 /sys/lib/tls/key
> cpu% ls -l /mail/box/
> d-rwxr-xr-x M 192 chris chris 0 Aug 5 20:21 /mail/box/chris
> d-rwxrwxr-x M 192 glenda glenda 0 Aug 3 15:29 /mail/box/glenda
> cpu% cat /adm/users
> -1:adm:adm:glenda,chris
> 0:none:adm:
> 1:tor:tor:
> 2:glenda:glenda:
> 3:chris:chris:
> 10000:sys::glenda,chris
> 10001:map:map:
> 10002:doc::
> 10003:upas:upas:glenda,chris
> 10004:font::
> cpu% cat /bin/service/tcp993
> #!/bin/rc
> exec tlssrv -D -c /sys/lib/tls/cert -l imap4d \
> -r `{cat $3/remote} /bin/upas/imap4d -v -p \
> >>[2]/sys/log/imap4d
> cpu%
>
> My tcp993 differs a bit, because the FQA version seemed faulty.
> (imap4d in /bin/upas instead of /bin/ip and no second -r option,
> aswell as some additional debug flags. I will fix that in the
> FQA if it turns out to be wrong)
>
> My TLS key is of course already in factotum and appended to it on
> every boot in my cpurc like so:
>
> cat /sys/lib/tls/key >> /mnt/factotum/ctl
>
> Error response on client:
>
> ; upas/fs -f /imaps/185.183.157.17/chris
>
> !Adding key: proto=cram server=185.183.157.17 user=chris
> password:
> !
> upas/fs: imap: unexpected line: y2hyaxmgndq4ntu2mze4zthhmznlmtjhmjhiymu4nmu3mwqxmdu= bad no command: bad syntax
> ;
>
> I also tried connecting via thunderbird on a linux machine. But no
> success.
>
> Log output server (either client):
>
> cpu% cat /sys/log/imap4d
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports tlsServer2
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports recv ClientHello
> version: 0303
> random: 6f8a42cf7918652cb3ba482fe512329c5474a9553f2938a01a25dd974e7a0b5d
> sid: <0> [ ]
> ciphers: [ cca9 cc14 c02b c023 cca8 cc13 c02f c027 c013 c014 ccaa cc15 9e 67 33 39 16 9c 3c 3d 2f 35 a ]
> compressors: <1> [ 00 ]
> extensions: <63> [ 00 00 00 13 00 11 00 00 0e 31 38 35 2e 31 38 33 2e 31 35 37 2e 31 37 00 0a 00 08 00 06 00 1d 00 17 00 18 00 0b 00 02 01 00 00 0d 00 12 00 10 06 03 05 03 04 03 02 03 06 01 05 01 04 01 02 01 ]
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports ClientHello version 303
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports cipher cca8, compressor 0
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports send ServerHello
> version: 0303
> random: 41cb6711fd2199bceaedc53ddfede41e735dc52d1216c712ae833fa53d08eff8
> sid: <0> [ ]
> cipher: cca8
> compressor: 00
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports send Certificate
> <717> [ 30 82 02 c9 30 82 01 b1 a0 03 02 01 02 02 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 28 31 0b 30 09 06 03 55 04 06 13 02 44 45 31 19 30 17 06 03 55 04 03 13 10 63 68 72 69 73 66 72 6f 65 73 63 68 6c 2e 64 65 30 1e 17 0d 32 32 30 38 30 36 31 30 32 30 30 38 5a 17 0d 32 35 30 38 30 38 31 30 32 30 30 38 5a 30 28 31 0b 30 09 06 03 55 04 06 13 02 44 45 31 19 30 17 06 03 55 04 03 13 10 63 68 72 69 73 66 72 6f 65 73 63 68 6c 2e 64 65 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ad bb 68 ee d4 e8 52 98 96 28 e8 a7 c5 a5 ca d0 16 a3 1f 33 58 3c 49 b0 40 c1 a2 54 59 2a e1 b4 3d 86 12 84 1d 3b 99 7c 95 32 16 c2 e7 ca 29 d7 1f 74 e4 1c 84 2a 36 89 bf 3d 6f e8 4d 8a 07 f9 40 3f 42 98 08 69 23 74 35 5e 90 65 05 b6 8e 3e c6 62 ee e1 6d 53 4e 17 df 25 15 1f 14 0f 28 dd 4d 73 67 27 be 08 31 bd c8 a7 82 09 fa ca 72 52 ce 68 d7 51 b2 8f da af 3d 12 9c c3 a9 43 4b 1d 24 8d 21 9
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports send HServerKeyExchange
> curve: 001d
> dh_Ys: nil
> sigalg: 0401
> dh_parameters: <36> [ 03 00 1d 20 4f 79 b7 cc 4a 44 20 ad 0f 6a 05 6e 6f ad d3 a4 8c cd ed 2b 34 0a 84 9b b9 a1 9a 5a 50 22 9a 7e ]
> dh_signature: <256> [ 00 d3 93 06 ef f1 df 7a a8 c0 ef 52 86 29 85 d6 71 cd 2d f8 a3 65 b4 9a 79 e5 b5 0f bc 2b 20 4e a3 59 6f bf db 1f bd ae a0 84 79 ae 01 c5 66 1e ef ef f9 04 52 75 07 42 6f b7 d9 ea 0e 6c 6f 44 be 94 f1 ba b3 49 e8 c8 fc 2d 4a 1c be 18 3f 63 80 c8 68 4c 0e b5 84 f5 8c 51 6f 4f c7 47 30 3f 11 01 70 cd ac 5c 1b 5e c0 62 ca 54 c4 0e 21 70 30 21 f1 fc 1e de c8 66 32 e0 ab a4 85 6f f4 2a e9 e2 c1 9a 85 d8 7a 86 ad 61 1f e8 9b 5c 69 f1 28 5a c1 a5 ce b2 5b 05 5b d9 64 16 01 97 30 6e 98 88 2a 24 89 d4 70 a1 fe 5c a4 a0 48 b3 ee 39 3c 91 7d e2 02 36 50 ce 47 50 de 11 a3 42 62 16 b3 e4 97 59 f4 45 90 2f 3f 52 6d 5a 65 63 e9 04 a2 f3 78 1c aa 68 c5 3c 3a e3 44 2e 39 d8 23 eb b7 72 24 61 69 71 19 c9 f2 32 8e 98 ff 9a aa 56 4a 95 94 1e 58 19 f0
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports send ServerHelloDone
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports recv HClientKeyExchange
> key: <32> [ c3 16 8d e7 da 62 03 4e 57 4e 28 63 0d a3 5f 5b e7 a5 46 8b 89 51 ae 71 6a 20 ea 24 8e c9 2c a7 ]
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports tls secrets
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports recv HFinished
> 708eba2ee0ab671051ab3a11
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports send HFinished
> 0ad8ef477b13c840feb6a93b
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports tls finished
>
> chrisfroeschl Aug 6 13:10:28 82.207.245.22!17211 tls reports open
>
> cpu%
>
> I know that I could just 9fs my mail, but I would like to get IMAP
> working anyways. Feel free to ask if further information is required.
>
> chris
>
next prev parent reply other threads:[~2022-08-06 19:50 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-06 13:17 chris
2022-08-06 19:46 ` william
2022-08-06 19:47 ` william [this message]
2022-08-08 10:26 ` chris
2022-08-09 8:21 ` william
2022-08-09 18:09 ` chris
2022-08-11 12:37 ` chris
2022-08-11 14:29 ` Stanley Lieber
2022-08-11 21:17 ` chris
2022-08-12 6:23 ` william
2022-08-12 13:47 ` Stanley Lieber
2022-08-12 6:33 ` sirjofri
2022-08-12 7:10 ` sirjofri
2022-08-12 15:27 ` chris
2022-08-12 18:49 ` sirjofri
2022-08-12 20:53 ` chris
2022-08-12 22:25 ` ori
2022-08-13 9:56 ` Steve Simon
2022-08-07 0:56 ` sl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5DB133F4076ADA8FFA563E41DA7707C1@thinktankworkspaces.com \
--to=william@thinktankworkspaces.com \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).