Welcome! Log In Create A New Profile

Advanced

NGINX IMAP proxy and outlook ios/android app

October 09, 2017 09:45AM
Looks like since mid of Sept we can not use nginx as an imap(s) proxy for mobile outlook apps (both IOS and Android ).
SSL handshake is just dropping like


2017/10/09 15:32:01 [debug] 30391#0: *184 accept: 52.166.246.73 fd:44
2017/10/09 15:32:01 [info] 30391#0: *184 client 52.166.246.73 connected to 0.0.0.0:993
2017/10/09 15:32:01 [debug] 30391#0: *184 SSL_do_handshake: -1
2017/10/09 15:32:01 [debug] 30391#0: *184 SSL_get_error: 2
2017/10/09 15:32:01 [debug] 30391#0: *184 epoll add event: fd:44 op:1 ev:80000001
2017/10/09 15:32:01 [debug] 30391#0: *184 event timer add: 44: 60000:1507555981777
2017/10/09 15:32:31 [debug] 30391#0: *184 SSL handshake handler: 0
2017/10/09 15:32:31 [debug] 30391#0: *184 SSL_do_handshake: 0
2017/10/09 15:32:31 [debug] 30391#0: *184 SSL_get_error: 5
2017/10/09 15:32:31 [info] 30391#0: *184 peer closed connection in SSL handshake while SSL handshaking, client: 52.166.246.73, server: 0.0.0.0:993
2017/10/09 15:32:31 [debug] 30391#0: *184 close mail connection: 44
2017/10/09 15:32:31 [debug] 30391#0: *184 SSL_shutdown: 1
2017/10/09 15:32:31 [debug] 30391#0: *184 event timer del: 44: 1507555981777
2017/10/09 15:32:31 [debug] 30391#0: *184 reusable connection: 0
2017/10/09 15:32:31 [debug] 30391#0: *184 free: 00000000024C12A0
2017/10/09 15:32:31 [debug] 30391#0: *184 free: 00000000024C1190, unused: 8

Wonder how can I figure out what happened, MS support is not any helpful in this case.
tcpdump does not show much also...


openssl s_client -connect mail.server.com:993

show no errors too...

CONNECTED(00000003)
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA
verify return:1
depth=0 CN = *.server.com
verify return:1
---
Certificate chain
0 s:/CN=*.server.com
i:/C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA
1 s:/C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
---


---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 2048 bits
---
SSL handshake has read 4717 bytes and written 417 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES128-GCM-SHA256
....
Subject Author Posted

NGINX IMAP proxy and outlook ios/android app

bobykus October 09, 2017 09:45AM

Re: NGINX IMAP proxy and outlook ios/android app

Anton Yuzhaninov October 09, 2017 10:54PM

Re: NGINX IMAP proxy and outlook ios/android app

bobykus October 10, 2017 02:31AM

Re: NGINX IMAP proxy and outlook ios/android app

bobykus October 10, 2017 02:32AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 107
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready