Re: [Dovecot] Thunderbird STARTTLS error
On 2012-05-09 22:48, Markus Fritz wrote: Thanks! That might help, yes I got the sub.class1.server.ca.pem file. How I include this to my ssl.crt file now? Just append the intermediate CA certificate in the same file AFTER your own certificate. As in: # cat sub.class1.server.ca.pem ssl.crt As a result you should have a file ssl.crt which consists of the following: -BEGIN CERTIFICATE- [several lines of your own certificate] -END CERTIFICATE- -BEGIN CERTIFICATE- [several lines of the intermediary certificate] -END CERTIFICATE- ...and nothing else. -- Janne Snabb / EPIPE Communications sn...@epipe.com - http://epipe.com/
Re: [Dovecot] Thunderbird STARTTLS error
On 2012-05-10 03:29, Markus Fritz wrote: The key still has (when I do openssl x509 -in ssl.crt -noout -text) X509v3 Basic Constraints: CA:FALSE I believe this only means that you can not use the certificate as a CA certificate and issue sub-certificates of that certificate. IMHO this is not an issue, it is how it should be. The problem is somewhere else. -- Janne Snabb / EPIPE Communications sn...@epipe.com - http://epipe.com/
Re: [Dovecot] Sieve script does not run in dovecot 2.0 on squeeze
On 05/03/2012 04:54 AM, Victor OƱate wrote: In dovecot.conf I have mail_location = maildir:~/Maildir plugin { quota = dirsize sieve=~/currently-active-script.sieve sieve_dir=~/sieve sieve_storage=~/sieve } protocols = imap sieve protocol sieve { managesieve_logout_format = bytes ( in=%i : out=%o ) } service managesieve-login { user = dovecot inet_listener sieve { port = 4190 } process_limit = 2000 } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } After you have fixed your Postfix configuration (see below), you probably need to add: protocol lda { mail_plugins = $mail_plugins sieve } In postfix I have home_mailbox = Maildir/ You need to configure Postfix to use local delivery agent (LDA) which supports sieve, such as Dovecot's LDA with sieve plugin. Have a look at: http://wiki.dovecot.org/LDA/Postfix the problem is that the script does not run and so the mail is delivered the initial recipient. I use LDAP to delivery the mail. any idea. Thank you. Hope this helps. -- Janne Snabb / EPIPE Communications sn...@epipe.com - http://epipe.com/
Re: [Dovecot] setacl fails - does not find dovecot-acl file
On Fri, 4 Nov 2011, Timo Sirainen wrote: On Fri, 2011-11-04 at 21:29 +0100, Michael Stilkerich wrote: Nov 4 16:29:03 keira dovecot: imap(isa): Error: fcntl(unlock) locking failed for file /home/dovecot/isa/dovecot.index.log: No such file or directory Nov 4 16:29:03 keira dovecot: imap(isa): Error: fstat() failed with file /home/dovecot/isa/dovecot.index.log: No such file or directory These simply shouldn't happen. I'd say it's a kernel bug. You're running a default Ubuntu kernel? I wonder if other Ubuntu users have this problem. I am seeing this same problem on Ubuntu 11.10 and 12.04 with stock kernels. The problem is clearly AppArmor related. The imap process seems to be using the usr.sbin.dovecot profile which prevents access to these files. There is a separate profile usr.lib.dovecot.imap but it seems that it does not get applied to the imap process for some odd reason. This is especially strange beacuse both profiles are enabled in complain and not in enforce mode, thus they should not enforce any of the rules. I am simultaneously getting messages similar to the following in my audit log: type=AVC msg=audit(1335712674.515:655016): apparmor=ALLOWED operation=getattr parent=10922 profile=/usr/sbin/dovecot//null-107//null-10b//null-118 name=/home/foobar/Maildir/.foobar/dovecot.index.log pid=10937 comm=imap requested_mask=r denied_mask=r fsuid=1000 ouid=1000 After disabling the usr.sbin.dovecot profile everything seems fine. Other dovecot related AppArmor profiles do not seem to cause problems. This looks like an issue in AppArmor to me... -- Janne Snabb / EPIPE Communications sn...@epipe.com - http://epipe.com/