auth between postfix and dovecot?

2022-04-22 Thread alice 

hello experts,

I have installed postfix and dovecot in the same machine.

Their configure looks as:

service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
 mode = 0600
 user = postfix
 group = postfix
   }

unix_listener /var/spool/postfix/private/auth {
   mode = 0666
   user = postfix
   group = postfix
 }

 auth_mechanisms = plain login

 !include auth-passwdfile.conf.ext



my question is:

when postfix talks to dovecot, does it require user's username/password 
for authentication? or this communication just goes without authentication?


I asked this, b/c my webmail send mail from localhost has been going 
without authentication to postifx. so i am not sure if postfix talks to 
dovecot without requiring auth too.



Thanks
alice

Weird status... " noselect"... why ?

2022-04-22 Thread Stephane Magnier 


a list "" * gives me this

* LIST (\HasChildren \UnMarked) "/" INBOX/2022-PERSONNEL/FOO2
* LIST (\HasNoChildren \UnMarked) "/" INBOX/2022-PERSONNEL/FOO2/test
* LIST (\Noselect \HasChildren) "/" INBOX/2022-PERSONNEL/FOO2/test
* LIST(\Noselect \HasNoChildren) "/" INBOX/2022-PERSONNEL/FOO2/test/Location

As you can see there is " noselect " and with Thunderbird this is in 
grey.. Due to a bad manipulation. I wanted to create a subfolder and I 
wrote  "FOO2/test" when FOO2 didn't exist yet


Now " test" is grey and I cannot place anything inside..

I didn't see this at first sight and I've placed important emails in it, 
that it didin't synch... and which  which seems to be lost :-(


a Repair didn't work out


How can I " revalidate " this folder ? without removing it ? ( hoping to 
get something in it )


Thanks

Re: replication fails with "Error: sync: Unknown user in remote" but user shows up in doveadm user "*"

2022-04-22 Thread Arnaud Abélard 

Hello Christian,

I actually found why I had the problem. While I thought the ldap filters 
were the same, there was a sligth difference (damn crazy long filters!)


Sorry about the noise.

Arnaud

On 22/04/2022 10:08, Christian Mack wrote:

Hello

Am 21.04.22 um 18:00 schrieb Arnaud Abélard:

Hello,

I've been trying to replicate a production server (debian buster,
dovecot 2.3.4.1). But I nothing is actually being replicated and for
each attempted user the message "Error: sync: Unknown user in remote" is
being logged.

The ldap settings are actually the same on both server (source and
destnation) and the "unknown user" is actually showing up in doveadm
user "*" on the destination server.

I had already replicated 2 servers and used the same settings. Am I
missing something obvious here?



Can you da a doveadm user for that specific user?
Are her/his attributes OK?


Kind regards,
Christian Mack



--
Arnaud Abélard
Responsable pôle Système et Stockage
Service Infrastructures
DSIN Université de Nantes
-



smime.p7s
Description: S/MIME Cryptographic Signature

Re: how to setup IMAPs with letsencrypt

2022-04-22 Thread Shawn Heisey 

On 4/22/22 02:20, Jean-Daniel Dupas wrote:
While it's true for SMTP, my experience is that IMAP clients prefer 
imaps in 993 instead of STARTTLS.


I have a server with only port 993 opened, and almost never had any 
issue with client configuration.


I have noticed the opposite.  Every time I have configured a new mail 
client (which is most often but not always Thunderbird), it defaults to 
143 with STARTTLS.  Port 993 is available too, but my mail clients have 
never used it unless I explicitly configure it.


My dovecot is configured with "disable_plaintext_auth = yes" so only 
source IPs that are local to the machine (so the traffic never goes out 
on any network) are allowed to login without TLS. My webmail uses 
localhost so it is configured to use port 143 without encryption.


I know a lot of people are going to clamor that such traffic should be 
encrypted because it could be sniffed ... but if somebody has enough 
access such that they could sniff my backend services, the security 
battle is already lost, and they would be able to get any in-flight 
passwords even if the connection is encrypted.


Thanks,
Shawn

Re: how to setup IMAPs with letsencrypt

2022-04-22 Thread Jean-Daniel Dupas 


> Le 22 avr. 2022 à 01:50, Jeremy Ardley  a écrit :
> 
> 
> 
> On 22/4/22 7:44 am, al...@coakmail.com  wrote:
>>> On 22/4/22 7:25 am, al...@coakmail.com  wrote:
>>> 
>> Thanks. I will give a try.
>> after enabling SSL, can I disable port 143 entirely?
>> 
> Probably a bad idea. Many clients use STARTTTLS on port 143 rather than TLS 
> on port 993
> 

While it's true for SMTP, my experience is that IMAP clients prefer imaps in 
993 instead of STARTTLS. 

I have a server with only port 993 opened, and almost never had any issue with 
client configuration.

Re: replication fails with "Error: sync: Unknown user in remote" but user shows up in doveadm user "*"

2022-04-22 Thread Christian Mack 
Hello

Am 21.04.22 um 18:00 schrieb Arnaud Abélard:
> Hello,
> 
> I've been trying to replicate a production server (debian buster,
> dovecot 2.3.4.1). But I nothing is actually being replicated and for
> each attempted user the message "Error: sync: Unknown user in remote" is
> being logged.
> 
> The ldap settings are actually the same on both server (source and
> destnation) and the "unknown user" is actually showing up in doveadm
> user "*" on the destination server.
> 
> I had already replicated 2 servers and used the same settings. Am I
> missing something obvious here?
> 

Can you da a doveadm user for that specific user?
Are her/his attributes OK?


Kind regards,
Christian Mack

-- 
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung IT-Dienste Forschung und Lehre
78457 Konstanz
+49 7531 88-4416



smime.p7s
Description: S/MIME Cryptographic Signature