A Perl based tool to parse DMARC reports from an IMAP mailbox or from the filesystem, and insert the information into a database. Derived from Techsneeze's dmarcts-report-parser
GNU General Public License v3.0
33
stars
9
forks
source link
[Bug]: Config option to ignore IMAP TLS errors does not work. #37
Describe the bug$tlsverify = 0 option in config does not work. I have an Exchange 2019 server which uses a self signed certificate. Although i disabled tls verify in config, the script errors out on invalid tls certificate.
To Reproduce
Steps to reproduce the behavior:
Connect on port 143 with StartTLS to IMAP server with self signed certificate while having disabled verify in config:
Expected behavior
Should ignore TLS certificate validation if option set in config
Software Version
[] Exchange Server 2019
Server (please complete the following information):
Server OS Debian Bookworm
Perl Version 5.036000
MariaDB 10.11.8
Additional context
Debug log confirms:
dmarc_report-parser | --- DEBUG ---
dmarc_report-parser | use tls without verify servercert.
dmarc_report-parser | -------------
But it still errors out on invalid certificate
dmarc_report-parser | Started at Mon Jun 10 08:56:23 2024
dmarc_report-parser | Using Mail::IMAPClient version 3.43 on perl 5.036000
dmarc_report-parser | Connecting with IO::Socket::IP PeerAddr xx.xx.xx.xx PeerPort 143 Proto tcp Timeout 600 Debug 1 SSL_verify_mode 0
dmarc_report-parser | Connected to xx.xx.xx.xx
dmarc_report-parser | Read: * OK The Microsoft Exchange IMAP4 service is ready.
dmarc_report-parser | Sending: 1 STARTTLS
dmarc_report-parser | Sent 12 bytes
dmarc_report-parser | Read: 1 OK Begin TLS negotiation now.
dmarc_report-parser | ERROR: Unable to start TLS: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed at /usr/share/perl5/Mail/IMAPClient.pm line 462.
dmarc_report-parser | Mail::IMAPClient::starttls(Mail::IMAPClient=HASH(0x561b71e7a868)) called at /usr/share/perl5/Mail/IMAPClient.pm line 420
dmarc_report-parser | Mail::IMAPClient::Socket(Mail::IMAPClient=HASH(0x561b71e7a868), IO::Socket::IP=GLOB(0x561b71e81e88)) called at /usr/share/perl5/Mail/IMAPClient.pm line 369
dmarc_report-parser | Mail::IMAPClient::connect(Mail::IMAPClient=HASH(0x561b71e7a868)) called at /usr/share/perl5/Mail/IMAPClient.pm line 315
dmarc_report-parser | Mail::IMAPClient::new("Mail::IMAPClient", "server", "xx.xx.xx.xx", "port", 143, "ssl", 0, "starttls", ...) called at ./report-parser.pl line 403
dmarc_report-parser | Open Report Parser: IMAP Failure: Unable to start TLS: SSL connect attempt failed error:0A000086:SSL routines::certificate verify failed
Describe the bug
$tlsverify = 0option in config does not work. I have an Exchange 2019 server which uses a self signed certificate. Although i disabled tls verify in config, the script errors out on invalid tls certificate.To Reproduce Steps to reproduce the behavior: Connect on port 143 with StartTLS to IMAP server with self signed certificate while having disabled verify in config:
Expected behavior Should ignore TLS certificate validation if option set in config
Software Version [] Exchange Server 2019
Server (please complete the following information):
Additional context Debug log confirms:
But it still errors out on invalid certificate