IMAP communication between a mail server and our Unity Connection 7.x server has stopped working. The end user stated:
"The problem we observed from our server, and which is reproducible with the openssl tool, is that the Unity Connection server doesn't respond to a login request performed over STARTTLS. Doing a simple IMAP STARTTLS test results in a hung login attempt and eventual timeout:
The timestamp on this message corresponded with a failed test attempt. I've tried restarting the IMAP server service. No changes were made on the Unity Connection side between the time that this was working and the time is stopped working.
OK, let me back pedal a bit. I probably didn't do a great job of framing the scenario properly. The initial connection to the Unity Connection server is an IMAP connection (from a Zimbra server) on port 143. The Unity Connection server offers TLS for the connection. The client (Zimbra server) attempts TLS and the TLS handshake fails. In the past, TLS didn't fail. Now, TLS fails. There's a setting in the e-mail client that allows them to use SSL instead and if they use that, everything works fine. For some reason, they would prefer to use the IMAP connection with TLS. I don't know why but that's what they want to do.
This is the last thing that shows up in the IMAP log on Unity Connection for a failed connection attempt:
10/04/2010 09:29:26.035 |26497,ClientSocket-39 10.0.24.181:-17988,,CuImapSvr,11,BIO_read(m_SSL_bio) returned zero. SSL server startup failed.: [0x00000000; S_OK]| 10/04/2010 09:29:26.035 |26497,ClientSocket-39 10.0.24.181:-17988,,CuImapSvr,10,Session Run failed for client ClientSocket-39 10.0.24.181:-17988 : [0x80046B03; Uis_E_SSL_HANDSHAKE; SSL handshake error during IMAP session.]|
"The problem we observed from Zimbra ZCS, and which is reproducible with the openssl tool, is that the Unity server does not respond to a login request performed over STARTTLS. Doing a simple IMAP STARTTLS test results in a hung login attempt and eventual timeout:
So the way I interpret this (and I could be totally wrong) is that the client makes a IMAP connection over port 143 and either requests TLS or tries TLS if it is offered. At that point, the login fails.
The user tried a test and responded with this:
"Just did one a couple minutes ago- did SSL on 993 first w/success, then did the unencrypted one on 143 which threw the 'Generic Test Failure'"
I'm not able to access my old voice mail messages all of a sudden. The recording says something like 'the message is currently not available'. This has never happened before in all the years I have been using this system. I have t...
If you have 2 ISR routers, one acting as Failover, do we need to have both the same number of SRST licenses on the 2 routers?
No. You will only need the SRST licenses on the primary router. Because this feature...