Hi there,

After some more research, please ignore point 2 - the restore did not go well, with the restore software truncating great chunks of emails down to 0 bytes, and then doing the same to the back up.  The only current back up.  But that isn't anything you can (or should) help with, and I can't really blame roundcube for reporting what was there, however much I would like it to be wrong.  Although losing 40GB of email does give one a sense of freedom....

Could I have a new link for iredadmin pro though please - I renewed in May - I think you email me at johns at acwealthmanagement dot co dot uk, so if you could validate against that please.

Many thanks

John

Thank you,

I think some of it was permissions on the restored folders, which I have sorted temporarily by being far too permissive.

There is one other dovecot related issue I am fighting with - in the dovecot.log I am getting

auth-worker: Error: mysql: Query failed, retrying: Unknown column 'mailbox.enablelda' in 'where clause'
May 25 16:20:25 auth-worker: Error: sql(user@domain.com): User query failed: Unknown column 'mailbox.enablelda' in 'where clause'

I can't access run/dovecot/auth-worker , which is the only copy of auth-worker I can find on the system, it tells me it is locked, even as su, and when dovecot is not running, so I can't fix the script error (or rather fiddle around in the vain hope of fixing a perceived problem

Can you help with that too please?

As regards TLS - I have always had TLS enabled, with a plain password - Thunderbird STARTTLS port 143

Well, aren't I silly?

All now (mostly) working - I have had to do a fairly thorough wash of the mailstore to get rid of the corrupt emails but it's all working now using Thunderbird or webmail as a client.

One problem I am still having - outlook 2003 can't connect.  I haven't fiddled with /etc/dovecot/dovecot.conf, but presume I need to somewhere.

Based on the original outlook installations we had no security ticks in the 'advanced' tab in account settings in outlook and everything worked.

Outlook now reports that 'Your IMAP server wishes to alert you to the following: Plaintext authentication not allowed without SSL/TLS, but your client did it anyway.  If anyone was listening, the password was exposed.'

Adding the security tick and using port 143 (which should be STARTTLS I think?) gives an immediate warning 'Unable to connect to the server'

Allowing the port to change to 993 (which is what it wants to do when I tick the 'secure' box in the first place) delivers the same message, but takes a little time to do it.

Changing to 465 with the tick (which I think is SSL?) gives the same message after a short delay.

So I figure an answer is coming back from the server on port 143 but outlook 2003 & dovecot aren't agreeing the encryption, whereas on other ports there isn't an answer.

Can you tell me what alterations I need to add to dovecot.conf to get it working please?  On dovecot 1. it would be the IMAPS protocol I think, but dovecot 2. seems to have deprecated this, and I can't find much in the wiki which helps.

We are 100% IMAP.

Many thanks

John

I am really sorry to be an idiot about this....

I really don't want to go insecure - some of the connections are remote, and whilst I suppose I can force use of a vpn it isn't ideal - it's how to make Outlook work securely that I am struggling with.  I have tried every configuration combination that I can think of for the client - thunderbird is working fine, but outlook (and apparently blackberry internet services) is failing to connect.

I appreciate email client related stuff isn't really your problem Zhang, so thank you for reading, and I wonder, has anyone else had this problem, and found a solution - or even just to know that anyone else is using outlook 2003 and having it work securely properly would be a start, as then at least I know it isn't just a Microsoft foible...

Dovecot is definitely running - I have tail -f running on /var/log/dovecot.log in another window permanently at the moment to try and get some insight, but it isn't helping much.

This is what the log says when Outlook has a 'tick' in 'This server requires an encrypted connection'

May 29 09:28:33 imap-login: Info: Disconnected (no auth attempts): rip=[ip removed], lip=[mailserver ip on local net]
May 29 09:28:33 imap-login: Info: Disconnected (no auth attempts): rip=[ip removed], lip=[mailserver ip on local net]

This is what the log says when it doesn't

May 29 09:38:03 imap-login: Info: Disconnected (tried to use disabled plaintext auth): rip=[ip removed], lip=[mailserver ip on local net]

but that isn't a surprise.