Regarding Dovecot: I hate to break it to you, but the radical syntax change unfortunately isn’t a one-off issue. The Dovecot developers seem to be introducing new, downward-incompatible syntax changes with almost every commit on the development branch - almost with a kind of sadistic consistency… At this point, swearing is practically built into the workflow.
> Am 16.03.2026 um 04:28 schrieb Viktor Dukhovni via Postfix-users > <[email protected]>: > > On Sun, Mar 15, 2026 at 04:55:46PM -0400, John Hill via Postfix-users wrote: > >> I am on 3.7.11 Debian 12, no problems that I am aware of. I considered doing >> a dist upgrade as I have in the past but dovecot scared me off. > > You'll want to create a new dovecot configuration and verify its > correctness in a test environment. Radically changed Configuration > syntax aside, once Dovecot is up and running I have no issues to report. > > FWIW, my configuraiton is below, it supports a mix of GSSAPI users with > the server keytab in /var/spool/keytabs/imap, and PLAIN users with a > dedicated dovecot-specific passwd file that is independent of > /etc/passwd (so no PAM, just explicit IMAP-only passwords, that are > randomly generated and conveyed to the users rather than user selected). > > -- > Viktor. 🇺🇦 Слава Україні! > > dovecot_config_version = 2.4.2 > dovecot_storage_version = 2.4.2 > auth_realms = ... > auth_mechanisms = gssapi plain > auth_gssapi_hostname = "$ALL" > auth_krb5_keytab = /var/spool/keytabs/imap > default_vsz_limit = 1024M > protocols = imap > service imap-login { > inet_listener imap { > port = 0 > } > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > ssl_server { > cert_file = /etc/letsencrypt/live/... > key_file = /etc/letsencrypt/live/... > dh_file = /etc/dovecot/dh.pem > } > ssl_cipher_list = DEFAULT:!kRSA:!SHA1 > ssl_min_protocol = TLSv1.2 > > userdb static { > # Needed for GSSAPI users > allow_all_users = yes > fields { > uid=504 > gid=504 > mail_driver=maildir > mail_path=/home/dovecot/%{user | username} > } > } > # Needed for GSSAPI users > passdb static { > passdb_mechanisms_filter = gssapi > fields { > password = dummy > } > } > # Needed for PLAIN users > passdb passwd-file { > passdb_mechanisms_filter = plain > driver = passwd-file > passwd_file_path = /etc/dovecot/passwd > default_password_scheme = SHA512-CRYPT > } > _______________________________________________ > Postfix-users mailing list -- [email protected] > To unsubscribe send an email to [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
