The problem appears to be that I require all users to use SSL; i.e. g_ssl_require_login = *
This setting forces all matching IP addresses to use SSL for any action that requires a user login. eg: POP, IMAP and SMTP authentication but not plain SMTP. So this is ideal if you want all users to use SSL but still want email to come in from non SSL SMTP servers.
If I unset g_ssl_require_login, the CalDAV authentication verification test passes. If I set g_ssl_require_login to the wildcard "*"; i.e. require all users from all IP addresses to use SSL, the CalDAV authentication verification test fails. The test also fails if I set g_ssl_require instead.
I tried g_ssl_try_not = 127.0.0.1 (i.e. localhost) but that had no effect and CalDAV authentication verification still fails when g_ssl_require_login is set to the wildcard.
This appears to be 100% reproducible on my test setup with a fresh Surgemail installation and default configuration settings, and on my live server and mirror with my configuration.
It seems that CalDAV authentication does not support SSL and requires an unencrypted connection.
Definition of Fascism: Everything in the State, nothing outside
the State, nothing against the State. --Benito Mussolini, 1927
On Jan 12, 2013, at 3:28 PM, John Wilkes wrote:
My firewall is a standalone system, separate from the surgemail server.
I also run a surgemail mirror, if that matters.
I don't think it's network related; I get the same error running locally on the server.
I can telnet to 127.0.0.1:143 and imap responds:
divHIDDEN@ail:~> telnet 127.0.0.1 143
Connected to 127.0.0.1.
Escape character is '^]'.
On Jan 12, 2013, at 2:48 AM, Surgemail Support (Marijn) wrote: