Ssl – Is it necessary to have 143 port enabled to use the 993 port for an IMAP(SSL) connection

dovecotimapsslssl-certificate

I have an email server running with Dovecot, and while trying to manage my email with Thunderbird I'm getting a weird error:

If I enable the port 143, and 993, Thunderbird works fine (either using 143 or 993).

But when I disable 143 (To always force SSL), Thunderbird can not establish a connection.

I first tough that the SSL settings or certificate could be wrong, but I checked them by using the command openssl s_client -showcerts -connect imap.foo.com:993 -crlf and everything seems to be alright.

Is it then necessary to have 143 port enabled to use the 993 for an SSL IMAP connection? Is it for being capable of establishing the first contact?

Best Answer

No, That's maybe because your configuration is not setup correctly to handle all mail communications on IMAPS(993) port.

On the dovecot main configuration file /etc/dovecot/dovecot.conf find and check for protocols = value and make sure it contains imaps. My configuration setup there seems like this:

...  
#protocols = imap imaps pop3 lmtp
protocols = imaps lmtp
...

Also you should allow port 993 on /etc/dovecot/conf.d/10-master.conf file. here is sample configs which working fine on my mail server:

...
service imap-login {
  inet_listener imap {
    #port = 143 => put 0 to disable imap port
    port = 0
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
...
}
...

Then you should be able to block imap 143 port in firewall.

Related Topic