Package Details: courier-mta 1.0.14-1

Git Clone URL: https://aur.archlinux.org/courier-mta.git (read-only, click to copy)
Package Base: courier-mta
Description: IMAP(s)/POP3(s) and SMTP Server with ML-manager, webmail and webconfig
Upstream URL: http://courier-mta.org
Licenses: GPL2
Conflicts: courier-imap, courier-maildrop, imap-server, smtp-forwarder, smtp-server, ucspi-tcp
Provides: courier-imap, courier-maildrop, imap-server, pop3-server, smtp-forwarder, smtp-server
Submitter: Svenstaro
Maintainer: vario
Last Packager: vario
Votes: 11
Popularity: 0.000000
First Submitted: 2012-10-13 09:56
Last Updated: 2020-06-20 05:21

Required by (94)

Sources (14)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 Next › Last »

vario commented on 2018-10-08 10:59

As a temporary workaround I have put up the development version which I have been running with no problems. It generates a "placeholder" message when the client fails to negotiate a fetch of Unicode email, and will get around various email clients failing to handle the error. I can also recommend either that latest Evolution, or emClient for Unicode email handling!

andrej commented on 2018-10-08 04:16

It would be great to have a temporary workaround. The UTF-8 bug is (only) annoying in Thunderbird, but it probably causes other clients (e.g. R2Mail2) to silently fail and ignore new messages.

vario commented on 2018-10-01 16:37

There is an issue with UTF-8 messages not being displayed by various email readers. I'm currently running a development version which has a workaround and will happily put it up here if anyone else thinks it a good idea.

vario commented on 2018-09-21 16:35

Enjoy Courier 1.0 - but don't forget to check your maildir names.

vario commented on 2018-08-03 06:56

For the new Courier package version, I have changed the service files to directly reference "/run" rather than the "/var/run" symlink. This has stopped the PIDFILE problems (I think because the "/var" pathname element is not used) and courier is also reconfigured to use /run for PID files. I have also removed the ExecStartPre lines from the service files, as the "/run/courier" folder is created on installation.

andrej commented on 2018-02-10 09:19

Thanks for maintaining this package.

At the moment there’s an urgent problem: courier-imapd will not start due to this systemd bug: https://github.com/systemd/systemd/issues/8085

courier-imapd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/courier/imapd.pid

I’m not sure what the best solution would be, so I’m just dropping a note here, to make troubleshooting easier for others. The only workaround seems to be to start the Courier stuff manually until systemd gets fixed. This affects also authdaemond. courier-courierfilter works fine though.

vario commented on 2017-12-13 12:40

@andrej - I have modified the PKGBUILD to avoid overwriting config files not managed by sysconftool. Sorry for your trouble, I had misunderstood pacman upgrades and because I have not changed my aliases and smtpaccess files didn't notice the overwrite.

vario commented on 2017-12-13 06:59

@andrej - sorry you're having problems. I am running a live installation of this package without problems. Upgrades work fine. I have tried to be careful with my changes to the PKGBUILD and .install file so will explain my reasons.

I have made use of sysconfigtool as recommended by the standard Courier install process (see http://www.courier-mta.org/install.html#installconfigure) as this removes the need to manually compare .pacnew and .pacsave files.

There are many files that get modified as part of a normal Courier installation - not just those few listed in the old PKGBUILD "backup" option of the package as I took over it which are taken care of by sysconfigtool anyway now. The "_backup trick" you mention is no longer used - I removed that from the .install in favour of a complete copy of /etc/courier on package removal.

I will look at the aliases/system file and others you mention. I may have misunderstood pacman's handling of files on upgrade.

You use a symlink instead of an imapd-ssl file - that is not a standard install method so you may well get problems.

I will try and understand your issues - is something like this http://courier-mail-server.10983.n7.nabble.com/SMTP-Auth-via-SSL-TLS-required-td9870.html what you are looking for?

andrej commented on 2017-12-13 01:14

Phew. I finally tracked this down to a nasty bug (yet another one) in the installation / PKGBUILD configuration.

An update copies imapd-ssl to imapd-ssl.bak and overwrites it with the defaults. (That shouldn't be happening; that's what the .dist files are for.) In my setup, imapd-ssl is a symlink to imapd. I only allow STARTTLS and nothing else, so it makes sense to have only one set of variables and avoid confusion.

Replacing imapd-ssl in effect overwrote the TLS-related variables (which are bundled in my imapd file) with defaults from the new imapd-ssl. Consequently, courier-imapd couldn't access its certificate file and failed.

How I debugged this: Surprisingly, one can't diagnose this with openssl s_client. Yet telnet helps:

$ telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2017 Double Precision, Inc.  See COPYING for distribution information.
help
help NO Error in IMAP command received by server.
STARTTLS
STARTTLS OK Begin SSL/TLS negotiation now.
STARTTLS NO STARTTLS failed: couriertls: /usr/share/imapd.pem: error:02001002:system library:fopen:No such file or directory
* NO Error in IMAP command received by server.

Here^^^ I basically sent it a STARTTLS command manually and was expecting only the negotiation message. But the answer says it loud and clear: /usr/share/imapd.pem was indeed missing. That was the incorrect value from the overwritten imapd-ssl file.

Restoring the imapd-ssl -> imapdsymlink restored law and order.

andrej commented on 2017-12-13 00:08

EDIT: The problem below is not a library compatibility issue. (See above.)

Just a warning: IMAP currently doesn't work at all. I can see similar symptoms as described in this comment, but this time it's not the same problem. The symptoms persist

  • with both OpenSSL and GnuTLS (--with-gnutls), although GnuTLS doesn't show the error.
  • even after a downgrade from 0.78.2-1 to 0.78.1-1.

Basically the IMAP server is closing incoming connections immediately. There doesn't seem to be a misnamed binary this time. Nothing interesting appears in the logs, just a connection and a disconnection.

It looks like some shared libraries became incompatible with Courier-IMAP.

$ openssl s_client -starttls imap -connect [::1]:143
CONNECTED(00000003)
140648751691328:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:252:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 534 bytes and written 202 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1513116697
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
$

Surprisingly, ESMTP (with TLS) works perfectly fine, so this is an IMAP-specific problem.