I have a self-hosted paperless-ngx instance to scrape dedicated email inbox for documents via proton-bridge. This setup was working great until one minor paperless release which broke IMAP connection, and resulted into:

  1. wormi4ok/proton-bridge-docker project. It allows me to run proton-bridge in a docker container and access it within docker network (proton-bridge listens only on 127.0.0.1 by design).
  2. notes on troubleshooting IMAP protocol (see below)

Typical IMAP connection using telnet contains the following steps:

telnet 127.0.0.1 143
A1 LOGIN <email_address> <password> # A1 is just a unique identifier
A2 LIST "" "*" # List folders
A3 EXAMINE INBOX # List inbox stats
A4 FETCH 1 BODY[] # Print content of the first email
A5 LOGOUT

If the server uses TLS, instead of telnet use openssl:

openssl s_client -connect 127.0.0.1:1143 -starttls imap
A1 LOGIN ... # goes the same as with telnet

Fetch a certificate presented by the server and save it as a file:

openssl s_client -showcerts \
  -connect 127.0.0.1:1143 \
  -starttls imap </dev/null 2>/dev/null |
   openssl x509 -outform PEM > cert.pem

Generate a self-signed certificate with a custom common name (CN)

openssl req -new -newkey rsa:4096 \
 -days 3650 -nodes -x509 \
 -subj "/C=DE/ST=Berlin/L=Rus/O=wormi4ok/CN=protonmail-bridge" \
 -keyout ./server.key -out ./server.crt