0

I've read a number of articles on setting up davmail, and followed https://www.digitalocean.com/community/tutorials/how-to-setup-davmail-on-centos-6#basic-configuration to enable it on my CentOS workstation.

So davmail-5.5.1-trunk has been installed with no issues, I changed its configuration file and configured SSL as per the article, launched davmail via systemd

So there's a number of questions I'd like to clarify:

  1. I only need a single mail client to connect via DavMail to Outlook. Am I right that I only need workstation configuration?
  2. If it is only workstation configuration, does it mean DavMail will only run as a GUI application? Can I not run it via service as a background process?
  3. The link above configures SSL certificates, but I guess this is because they focus on server-mode DavMail. I'm assuming that for workstation-mode I don't need any certificates, since everything goes locally?

Below is /etc/davmail.properties:

davmail.server=false
davmail.mode=OWA
davmail.url=https://outlook.office.com/owa

# Listener ports
davmail.caldavPort=1080
davmail.imapPort=1143
davmail.ldapPort=1389
davmail.popPort=1110
davmail.smtpPort=1025

# allow remote connection to DavMail
davmail.allowRemote=true
# bind server sockets to a specific address
davmail.bindAddress=
# client connection timeout in seconds - default 300, 0 to disable
davmail.clientSoTimeout=

# DavMail listeners SSL configuration
davmail.ssl.keystoreType=
davmail.ssl.keystoreFile=
davmail.ssl.keystorePass=
davmail.ssl.keyPass=

# Accept specified certificate even if invalid according to trust store
davmail.server.certificate.hash=
...

The rest is default settings.

Thanks.

Mark
  • 1,763
  • 5
  • 25
  • 45
  • Can you please include your `/etc/davmail.properties`. Make sure you redact any sensitive SSL passwords or key phrases – roaima Jul 09 '20 at 22:28
  • @roaima, I updated my question and also included /etc/davmail.properties – Mark Jul 11 '20 at 01:57
  • So you don't have any SSL settings? – roaima Jul 11 '20 at 08:03
  • @roaima, I removed SSL settings for now, even though https://www.digitalocean.com/community/tutorials/how-to-setup-davmail-on-centos-6#basic-configuration does enable SSL certificate etc. I've realized that the article configures `davmail` in server mode, but for my purposes I don't need it. That's why I posted those questions, I want to understand it better :) – Mark Jul 11 '20 at 13:12
  • I can post my working workstation configuration tomorrow if that would be useful – roaima Jul 11 '20 at 17:16
  • @roaima, sure! That would be very helpful. What mail client and OS are you using? – Mark Jul 11 '20 at 17:38
  • @roaima, would it be possible for you to post your davmail configuration? Thanks! – Mark Jul 15 '20 at 11:34
  • Mark - https://pastebin.com/18Y2kric mind the `XXXX` segment at the end of the file. Everything else should be real for Office365. IMAP @ 60143 with no SSL/TLS. SMTP @ 60025 likewise. – roaima Jul 15 '20 at 13:17

1 Answers1

1

It is unclear for me what your exact intention was. But it looks like you've setup the IMAP server with implicit TLS, as usually used on port 993. In this case it is expected that the client initiates the TLS handshake directly after the TCP connection succeeded. This means that the client is expected to send the first message (TLS ClientHello) and that's why the server is waiting (<WAITING NOTHING SHOWS UP>) when doing a simple TCP connection with telnet. It only responds with the expected welcome message after the TLS handshake which is done when using openssl instead of telnet.

With explicit TLS (as usually used on port 143) the server would instead respond immediately after the TCP connection succeeded but the connection would not be protected by TLS. This TLS protection would need to be initiated by an explicit STARTTLS command from the client first.

Steffen Ullrich
  • 2,500
  • 15
  • 16
  • thanks for feedback. But both telnet and opensssl commands are done against port 1143 – Mark Jul 10 '20 at 20:24
  • @Mark: Yes, but telnet does not speak TLS while openssl does. And the configuration you did requires TLS. That's why openssl works and telnet not. – Steffen Ullrich Jul 10 '20 at 21:42