My Oracle Support Banner

Anytime The Client Closes The Connection Without Attempting To Log In There Is No TLS Entry In Logs (Doc ID 2603221.1)

Last updated on OCTOBER 24, 2019

Applies to:

Oracle Communications Messaging Server - Version 8.1.0 and later
Information in this document applies to any platform.

Symptoms

Any time the client closes the connection without attempting to log in, there is no indication in the logs of what TLS version was used.

For example:

This is what is seen in the transaction log:

<co ts="2019-10-14T18:17:42.426+00:00" sn="mmp" pi="34967" si="22" ac="C" tr="TCP|<IP>|993|<IP>|30243" us="" sd="0:00:04" br="0" bs="0"/>

And only this in the imapproxy log:

[14/Oct/2019:18:17:38 +0000] <mmp>1 ImapProxyAService.cfg[34967]: General Information: (id 22) session start, client IP <IP>:30243, server IP <IP>:993
[14/Oct/2019:18:17:38 +0000] <mmp> ImapProxyAService.cfg[34967]: General Information: (id 22) session virtual domain <domain>.com
[14/Oct/2019:18:17:42 +0000] <mmp> ImapProxyAService.cfg[34967]: General Information: (id 22) got LOGOUT cmd, closing

There is no info about TLS that we can see, even if the client does not try to log in.

If we set imapproxy.plaintextmincipher 0 and then do:

sslconnect -M 1.3 localhost 993

* OK [CAPABILITY IMAP4 IMAP4rev1 ACL RIGHTS=tekx QUOTA LITERAL+ NAMESPACE UIDPLUS CHILDREN BINARY UNSELECT SORT CATENATE URLAUTH LANGUAGE ESEARCH ESORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES CONDSTORE ENABLE QRESYNC CONTEXT=SEARCH CONTEXT=SORT WITHIN SASL-IR SEARCHRES METADATA ID X-SUN-SORT ANNOTATE-EXPERIMENT-1 X-SUN-IMAP XUM1 IDLE XREFRESH AUTH=PLAIN STARTTLS] Messaging Multiplexor (Oracle Communications Messaging Server 8.1.0.1.20190704 64bit (built Jul  4 2019))


Notice the capability banner still includes "STARTTLS", but instead of "LOGINDISABLED", it now says "AUTH=PLAIN".

We are able to login:

1 login <user> <my-password>

And the resulting transaction log shows:

<li ts="2019-10-14T18:36:15.725+00:00" sn="mmp" pi="4598" si="3" us="<user>@domain.com" uo="<user>" tr="TCP|<IP>|993|<IP>|54131" at="plaintext" cs="TLS_AES_128_GCM_SHA256/1.3" ph="<host>" pt="TCP|<IP>|49976|<IP>|993" nt="OK"/>

<co ts="2019-10-14T18:36:18.124+00:00" sn="mmp" pi="4598" si="3" ac="C" tr="TCP|<IP>|993|<IP>|54131" us="<user>@domain.com" sd="0:00:50" br="10" bs="39"/>


We would expect that the logs would indicate what form of TLS was being used during that connection.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.