SV: Outlook vs Thunderbird (re disabling SSL)
>>Actually, there is a regedit "trick" for Win7 but that is beyond the ability >>of our customers to apply, and that doesn't help the older Apple device users. You could build a .reg file with the trick inside, and then distribute it to your users. However it wont solve the Apple problem. smime.p7s Description: S/MIME Cryptographic Signature
Re: Outlook vs Thunderbird (re disabling SSL)
On 8/7/20 2:04 am, Alexander Dalloz wrote: FWIW I meant if the client is Windows7/old-Outlook then changing either 993/SSL or 143/STARTTLS to 143/NONE could help pick up the mail. We had to do this for a 100 or so clients a few months ago after upgrading to Ubuntu 20.04. Curious, what's the rationale behind that move? Is it because that old beast of Outlook does not have the capabilities modern TLS/STARTTLS implementations require regarding TLS minimal version and ciphers? It involved Windows7 customers and older Apple device users. Recent versions of Thunderbird on Win7 still worked fine but even Outlook 2016 on Win7 could no longer pick up mail with SSL enabled. It happened after a Ubuntu server update to Dovecot and Openssl about 3 or 4 months ago. But plaintext auth for mail access, seriously? Tell me about it! We spent YEARS getting these same folks to change to secure settings (some of them have been with us for 20+ years) so it was heartbreaking to contact each one of them and talk them through disabling SSL. I spent a week trying every cypher combination I could find via Google for Dovecot but with the phone going off the hook from complaints by customers not being able to pick up their mail. We had to respond with some solution so, after a week, disabling SSL was very reluctantly the only option left. We lost ~40 customers to outlook.com because of this. Actually, there is a regedit "trick" for Win7 but that is beyond the ability of our customers to apply, and that doesn't help the older Apple device users. FWIW.
Re: SV: SV: Outlook vs Thunderbird
On Tue, Jul 07, 2020 at 07:00:23PM +0200, Sebastian Nielsen wrote: > Sorry about that, its just outlook that does that by default. Consider migrating to a MUA that, unlike Outlook, understands mailing lists. For example, Mutt (which definitely sucks less than Outlook): http://www.mutt.org/doc/manual/#using-lists > I don't know what you mean with "top posting"? Read this: https://www.netmeister.org/news/learn2quote2.html#ss2.3 That FAQ was written for Usenet, but also applies to email. -- A: When it messes up the order in which people normally read text. Q: When is top-posting a bad thing? () ASCII ribbon campaign. Please avoid HTML emails & proprietary /\ file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.
Re: SV: SV: Outlook vs Thunderbird
On 2020.07.07. 20:00, Sebastian Nielsen wrote: I don't know what you mean with "top posting"? It means, your answer is above text you are replying to. -- KSB
SV: SV: Outlook vs Thunderbird
Sorry about that, its just outlook that does that by default. But manually deleted your adress now in reply. I don't know what you mean with "top posting"? What I mean is that if you have another security on the connection (be it physical security - the connection doesn't go over public means, or VPN - connection level encryption) then you don't need another encryption on top of that. Of course you must judge other risks in the physical enviroment - if a hacker connects his laptop to a guest wifi or reception RJ45 port and ARP spoofs - whats gonna happen? So you must of course segment and separate those networks from your internal LAN (so a hacker is now gonna need a access badge to even get a foot into the internal LAN), and also activate static ARP in your switches so even if a hacker ARP spoofs (from an infected client inside internal LAN), nothing gonna come out of the pipe. -Ursprungligt meddelande- Från: dovecot-boun...@dovecot.org För Alexander Dalloz Skickat: den 7 juli 2020 18:30 Till: dovecot@dovecot.org Ämne: Re: SV: Outlook vs Thunderbird Am 07.07.2020 um 18:11 schrieb Sebastian Nielsen: > Plaintext access is no problem if the connection is secured via other means - > for example internal network or VPN. > If the IMAP server cannot be accessed from the outside, and the traffic don't > travel over wifi or public networks, no danger. First of all, please keep answers on the mailing list only. Obviously I am subscribe and I don't need to get your reply twice, by list distribution and in addition to my personal address. And top-posting is another thing you should avoid. To your answer: I disagree and see that you have a false understanding of security. You want service protocol encryption (here for IMAP or POP3) from end to end. Nothing which breaks up encryption in between. That's valid for any size of environment. You may judge the risk is tolerable in case you run you own small setup where you are the only user. But I replied to Mark's note where he wrote about ~100 clients. So he either running an IMAP service for clients - where it is inresponsible to not teach them about security and instead lower the protection to none - or administering a company network for which end to end service encryption is a must too. Alexander smime.p7s Description: S/MIME Cryptographic Signature
Re: Dovecot Maildirs multi language
> On 7. Jul 2020, at 19.46, Sami Ketola wrote: > > Hi, > > yes, you can override these settings by returning variables from userdb. > > for example can define: > > namespace INBOX { > inbox = yes > location = > separator = / > mailbox Spam { >auto = suscribe >special_use = \Junk >hidden = yes > } > mailbox Roskaposti { >auto = subscribe >special_use = \Junk >hidden = yes > } > } > > and then from userdb return: > > mailbox/inbox/mailbox/Spam/hidden=no > or > mailbox/inbox/mailbox/Roskaposti/hidden=no sorry. I meant namespace/inbox/mailbox/Spam/hidden=no or namespace/inbox/mailbox/Roskaposti/hidden=no Sami > > if to show the language specific Spam folder. > > Sami > >> On 7. Jul 2020, at 9.38, Luca Müller wrote: >> >> Hello, >> >> I'm hosting a few customers on a dovecot Server. Most users speak german and >> have german as their main language. I configured the IMAP Foldernames in a >> Dovecot configuration file like this: >> >> # >> root@srv04:~# cat /etc/dovecot/conf.d/105-mailboxes.conf >> imap_capability = +XLIST >> >> namespace inbox { >> inbox = yes >> location = >> separator = / >> >> >> mailbox "Entwürfe" { >>auto = subscribe >>special_use = \Drafts >>auto=subscribe >> } >> >>mailbox Junk-E-Mail { >>special_use = \Junk >>auto=subscribe >>} >>mailbox "Gelöschte Elemente" { >>special_use = \Trash >>auto=subscribe >>} >>mailbox "Gesendete Elemente" { >>special_use = \Sent >>auto=subscribe >>} >>mailbox Archive { >>special_use = \Archive >>auto=subscribe >>} >> >> } >> # >> Dovecot Version: 2.3.10 (0da0eff44) >> # >> Is it possible to change this configuration for specific users or to provide >> multi language support somehow? >> >> Thanks in advance. >> Best regards, >> Luca >
Re: Dovecot Maildirs multi language
Hi, yes, you can override these settings by returning variables from userdb. for example can define: namespace INBOX { inbox = yes location = separator = / mailbox Spam { auto = suscribe special_use = \Junk hidden = yes } mailbox Roskaposti { auto = subscribe special_use = \Junk hidden = yes } } and then from userdb return: mailbox/inbox/mailbox/Spam/hidden=no or mailbox/inbox/mailbox/Roskaposti/hidden=no if to show the language specific Spam folder. Sami > On 7. Jul 2020, at 9.38, Luca Müller wrote: > > Hello, > > I'm hosting a few customers on a dovecot Server. Most users speak german and > have german as their main language. I configured the IMAP Foldernames in a > Dovecot configuration file like this: > > # > root@srv04:~# cat /etc/dovecot/conf.d/105-mailboxes.conf > imap_capability = +XLIST > > namespace inbox { > inbox = yes > location = > separator = / > > > mailbox "Entwürfe" { > auto = subscribe > special_use = \Drafts > auto=subscribe > } > > mailbox Junk-E-Mail { > special_use = \Junk > auto=subscribe > } > mailbox "Gelöschte Elemente" { > special_use = \Trash > auto=subscribe > } > mailbox "Gesendete Elemente" { > special_use = \Sent > auto=subscribe > } > mailbox Archive { > special_use = \Archive > auto=subscribe > } > > } > # > Dovecot Version: 2.3.10 (0da0eff44) > # > Is it possible to change this configuration for specific users or to provide > multi language support somehow? > > Thanks in advance. > Best regards, > Luca
Re: Outlook vs Thunderbird
On 07 Jul 2020, at 10:11, Sebastian Nielsen wrote: > If the IMAP server cannot be accessed from the outside, and the traffic don't > travel over wifi or public networks, no danger. No, not no danger, but certainly less danger. The most obvious dangers even in a closed environment is if someone can monitor the network, they gather all the passwords. Of course, more common albeit harder is for a bad actor to gain access inside your network. It is simple enough to use encrypted connections and good password policies<1> everywhere that there is really no reason to not do so. And supporting EOLed software, especially when it's little more than an attempt to save a little money, is a foolish reason to not use security IMO. As soon as you start thinking that your network is inviolate, you find yourself in a Sony situation where everything on your network has been taken by someone else. Just because someone gets in is no reason to give them the keys to everything you have. <1> actual good policies, not the idiotic ones most corporations use, of course.
Re: Dovecot Maildirs multi language
On 07 Jul 2020, at 00:38, Luca Müller wrote: > Is it possible to change this configuration for specific users or to provide > multi language support somehow? What happens if you use the default English labels? On my clients, the MUA localizes labels to the preferred language. I Have tested with Spanish and German in the past, and it seemed to work. Of course, that depends onto MUA you are using, but it's worth a try. -- I have NOT lost my mind! I've got a backup around here somewhere.
Re: SV: Outlook vs Thunderbird
Am 07.07.2020 um 18:11 schrieb Sebastian Nielsen: Plaintext access is no problem if the connection is secured via other means - for example internal network or VPN. If the IMAP server cannot be accessed from the outside, and the traffic don't travel over wifi or public networks, no danger. First of all, please keep answers on the mailing list only. Obviously I am subscribe and I don't need to get your reply twice, by list distribution and in addition to my personal address. And top-posting is another thing you should avoid. To your answer: I disagree and see that you have a false understanding of security. You want service protocol encryption (here for IMAP or POP3) from end to end. Nothing which breaks up encryption in between. That's valid for any size of environment. You may judge the risk is tolerable in case you run you own small setup where you are the only user. But I replied to Mark's note where he wrote about ~100 clients. So he either running an IMAP service for clients - where it is inresponsible to not teach them about security and instead lower the protection to none - or administering a company network for which end to end service encryption is a must too. Alexander
SV: Outlook vs Thunderbird
Plaintext access is no problem if the connection is secured via other means - for example internal network or VPN. If the IMAP server cannot be accessed from the outside, and the traffic don't travel over wifi or public networks, no danger. -Ursprungligt meddelande- Från: dovecot-boun...@dovecot.org För Alexander Dalloz Skickat: den 7 juli 2020 18:05 Till: dovecot@dovecot.org Ämne: Re: Outlook vs Thunderbird Am 07.07.2020 um 08:07 schrieb Mark Constable: > > FWIW I meant if the client is Windows7/old-Outlook then changing > either 993/SSL or 143/STARTTLS to 143/NONE could help pick up the > mail. We had to do this for a 100 or so clients a few months ago after > upgrading to Ubuntu 20.04. Curious, what's the rationale behind that move? Is it because that old beast of Outlook does not have the capabilities modern TLS/STARTTLS implementations require regarding TLS minimal version and ciphers? But plaintext auth for mail access, seriously? Alexander smime.p7s Description: S/MIME Cryptographic Signature
Re: Outlook vs Thunderbird
Am 07.07.2020 um 08:07 schrieb Mark Constable: FWIW I meant if the client is Windows7/old-Outlook then changing either 993/SSL or 143/STARTTLS to 143/NONE could help pick up the mail. We had to do this for a 100 or so clients a few months ago after upgrading to Ubuntu 20.04. Curious, what's the rationale behind that move? Is it because that old beast of Outlook does not have the capabilities modern TLS/STARTTLS implementations require regarding TLS minimal version and ciphers? But plaintext auth for mail access, seriously? Alexander
Re: Outlook vs Thunderbird
On Mon, 6 Jul 2020 23:49:08 -0600, @lbutlr stated: >On 06 Jul 2020, at 15:48, The Doctor wrote: >> Got a client that usually uses Outlook I think 2010. This person >> tends to move their e-mails to certain folers. On Thunderbird, the >> move shows. Not on Outlook. >> >> Any explanation? > >Since the move works fine in Thunderbrd (and I assume any other client >will see the same), the problem is with Outlook 2010. Perhaps a gentle >reminder that it is currently 2020? > >I moved the last holdout client off 2010 about 2 or 3 yers ago after >having many many problems with it that could not be easily fixed >because the software was no longer supported and I pointed out they >were sending more money paying me to try to fix it than it would cost >them to pay for Office 365 (small business, obviously). +1 -- Jerry pgpOeu27PTyxZ.pgp Description: OpenPGP digital signature
Re: Dovecot Maildirs multi language
+1 Original Message On 7 Jul 2020, 08:38, Luca Müller < lucamueller...@gmail.com> wrote: Hello, I'm hosting a few customers on a dovecot Server. Most users speak german and have german as their main language. I configured the IMAP Foldernames in a Dovecot configuration file like this: # root@srv04:~# cat /etc/dovecot/conf.d/105-mailboxes.conf imap_capability = +XLIST namespace inbox { inbox = yes location = separator = / mailbox "Entwürfe" { auto = subscribe special_use = \Drafts auto=subscribe } mailbox Junk-E-Mail { special_use = \Junk auto=subscribe } mailbox "Gelöschte Elemente" { special_use = \Trash auto=subscribe } mailbox "Gesendete Elemente" { special_use = \Sent auto=subscribe } mailbox Archive { special_use = \Archive auto=subscribe } } # Dovecot Version: 2.3.10 (0da0eff44) # Is it possible to change this configuration for specific users or to provide multi language support somehow? Thanks in advance. Best regards, Luca