Re[2]: Possible hack via doveadm

Thank you Jeremy and Bernardo. Adding cert verification is something I'll have to delve into. Also possibly pushing the replication through the VPN. It's been a while since I last setup my replication pair - everything's been working smoothly so I've forgotten some of the key items.

Re: Possible hack via doveadm

On 14/5/23 23:29, Daniel Miller via dovecot wrote: I only allow explicit service traffic through. IMAPS, SMTPS, etc. If doveadm is communicating via the IMAP(S) ports then all I can do via firewall is block countries. Which of course I can but I'm asking about any additional hardening for

replicator service

I'm confused. Replicator service is bidirectional. Does it mean I should start it only on *one* end of a replication pair? Or on both, working simultaneously? -- MiCHA ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email

Re: acl replication

W dniu 14.05.2023 o 19:45, Aki Tuomi pisze: doveadm sync should sync all your local ACLs just fine. So... Why it does not? I forgot to write, try doveadm -D to find out what's happening. You are loading acl plugin globally right? On both ends? Yes, acl is on. Look here. Identical

Re: acl replication

> On 14/05/2023 20:38 EEST Przemysław Kwiatkowski via dovecot > wrote: > > > W dniu 14.05.2023 o 19:33, Aki Tuomi pisze: > > doveadm sync should sync all your local ACLs just fine. > > So... Why it does not? > > -- > > MiCHA > I forgot to write, try doveadm -D to find out what's

Re: acl replication

W dniu 14.05.2023 o 19:33, Aki Tuomi pisze: doveadm sync should sync all your local ACLs just fine. So... Why it does not? -- MiCHA ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org

Re: acl replication

> On 14/05/2023 20:14 EEST micha--- via dovecot wrote: > > > What is correct way to sync ACLs across two servers? > > Example: I want user1 to have access to user2 mailbox. I do this on server1: > doveadm acl set shared/user2 user=user1 admin create delete expunge insert > lookup read

acl replication

What is correct way to sync ACLs across two servers? Example: I want user1 to have access to user2 mailbox. I do this on server1: doveadm acl set shared/user2 user=user1 admin create delete expunge insert lookup read write write-deleted write-see Now user1 can see shared/user2 when logged to

Re: Possible hack via doveadm

On Sun, 14 May 2023, Daniel Miller via dovecot wrote: I only allow explicit service traffic through. IMAPS, SMTPS, etc. If doveadm is communicating via the IMAP(S) ports then all I can do via firewall is block countries. Which of course I can but I'm asking about any additional hardening for

Re: Possible hack via doveadm

I only allow explicit service traffic through. IMAPS, SMTPS, etc. If doveadm is communicating via the IMAP(S) ports then all I can do via firewall is block countries. Which of course I can but I'm asking about any additional hardening for Dovecot itself. -- Daniel On May 13, 2023 6:25:06 PM