Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Config option to ignore IMAP TLS errors does not work. #37

Open
Foxi352 opened this issue Jun 10, 2024 · 0 comments
Open

[Bug]: Config option to ignore IMAP TLS errors does not work. #37

Foxi352 opened this issue Jun 10, 2024 · 0 comments
Assignees
@userjack6880
Labels
bug Something isn't working

Comments

@Foxi352
Copy link

Foxi352 commented Jun 10, 2024

Describe the bug
$tlsverify = 0 option in config does not work. I have an Exchange 2019 server which uses a self signed certificate. Although i disabled tls verify in config, the script errors out on invalid tls certificate.

To Reproduce
Steps to reproduce the behavior:
Connect on port 143 with StartTLS to IMAP server with self signed certificate while having disabled verify in config:

$imapport         = '143';
$imaptls          = '1';
$tlsverify        = '0';

Expected behavior
Should ignore TLS certificate validation if option set in config

Software Version
[] Exchange Server 2019

Server (please complete the following information):

  • Server OS Debian Bookworm
  • Perl Version 5.036000
  • MariaDB 10.11.8

Additional context
Debug log confirms:

dmarc_report-parser  | --- DEBUG ---
dmarc_report-parser  |   use tls without verify servercert.
dmarc_report-parser  | -------------

But it still errors out on invalid certificate

dmarc_report-parser  | Started at Mon Jun 10 08:56:23 2024
dmarc_report-parser  | Using Mail::IMAPClient version 3.43 on perl 5.036000
dmarc_report-parser  | Connecting with IO::Socket::IP PeerAddr xx.xx.xx.xx PeerPort 143 Proto tcp Timeout 600 Debug 1 SSL_verify_mode 0
dmarc_report-parser  | Connected to xx.xx.xx.xx
dmarc_report-parser  | Read:    * OK The Microsoft Exchange IMAP4 service is ready.
dmarc_report-parser  | Sending: 1 STARTTLS
dmarc_report-parser  | Sent 12 bytes
dmarc_report-parser  | Read:    1 OK Begin TLS negotiation now.
dmarc_report-parser  | ERROR: Unable to start TLS: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed at /usr/share/perl5/Mail/IMAPClient.pm line 462.
dmarc_report-parser  |  Mail::IMAPClient::starttls(Mail::IMAPClient=HASH(0x561b71e7a868)) called at /usr/share/perl5/Mail/IMAPClient.pm line 420
dmarc_report-parser  |  Mail::IMAPClient::Socket(Mail::IMAPClient=HASH(0x561b71e7a868), IO::Socket::IP=GLOB(0x561b71e81e88)) called at /usr/share/perl5/Mail/IMAPClient.pm line 369
dmarc_report-parser  |  Mail::IMAPClient::connect(Mail::IMAPClient=HASH(0x561b71e7a868)) called at /usr/share/perl5/Mail/IMAPClient.pm line 315
dmarc_report-parser  |  Mail::IMAPClient::new("Mail::IMAPClient", "server", "xx.xx.xx.xx", "port", 143, "ssl", 0, "starttls", ...) called at ./report-parser.pl line 403
dmarc_report-parser  | Open Report Parser: IMAP Failure: Unable to start TLS: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed
@Foxi352 Foxi352 added the bug Something isn't working label Jun 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@userjack6880 userjack6880

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Foxi352 @userjack6880