Problem with dovecot/imap & Samsung (Android) phone
I'm seeing messages like this in my mail server log:
Aug 16 00:05:49 <domain redacted> dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=<remote IP address redacted>, lip=<local IP address redacted>, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<session id redacted>
<remote IP address redacted> is one of my ISP's DHCP pool addresses. <local IP address redacted> is my Linode's IP address.
This is a Samsung Galaxy s20+ 5G phone using Samsung Email 126.96.36.199. dovecot is using TLSv1.2 with a Let's Encrypt cert. The postfix/dovecot configuration hasn't changed for a very long time (and they both use the same cert). The error corrects itself after a couple of retries. I'm pretty sure the key information is certificate unknown… But, since it fixes itself, it's like the cert has timed out and/or not being cached correctly.
Anyone else have any ideas here? I don't have any problems at all with the 3 iPhones that use this server. Does the Android version on this phone need an update (the phone belongs to my daughter…I doubt she's updated it and I have no idea what the Android version is)?
Thanks in advance…
I think I found it… When I originally tried to set up the Samsung phone to collect my daughter's email, I tried using the Gmail app on the phone. Big mistake…failed miserably…I got the imaps part of it to work but it didn't like the Let's Encrypt cert for smtps (note to others… this is the only app with which I've ever had a problem with the Let's Encrypt cert…Google must not like non-Google stuff).
I abandoned that and she got Samsung Email (which works great). Meanwhile, the Gmail app is still trying to collect her email using imaps (and failing).
Now all I have to do is figure out how to disable the Gmail app on her phone and all will be well.