Re: Multiple certificate option
On 2019-09-07 12:25, remo--- via dovecot wrote:
What is the best way to adopt multiple certs?
Thanks.
/etc/dovecot/conf.d/10-ssl.conf
Primary SSL certificate:
# SSL/TLS support: yes, no, required.
#ssl = yes
ssl = required
("yes" or "required" - I use required)
# Minimum SSL protocol version to use. Potentially recognized values are
SSLv3,
# TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used.
ssl_min_protocol = TLSv1
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened
before
# dropping root privileges, so keep the key file unreadable by anyone
but
# root. Included doc/mkcert.sh can be used to easily generate
self-signed
# certificate, just make sure to update the domains in
dovecot-openssl.cnf
ssl_cert =
Re: Server administration
1. Add/remove e-mail address 2. Change user e-mail address password 3. Add user e-mail address into mail alias 4. Forward e-mail 5. List all users e-mails I agree with Mark. We can't answer them anyway because we don't know what backend you are using. Typically all of the above would be done in an SQL database with queries which you have written into various config files like /etc/postfix/main.conf and /etc/dovecot/conf.d/auth-sql.conf.ext (and likely others!)
Re: Server administration
You have to let users forward their email because this is functionality they expect. The trick is to spam scan all email first, otherwise as Alexander has said, you end up on RBL's. Its actually a lot harder than this. Most default installations I've seen don't take into account Return-Path notifications (i.e. passing these notifications upstream to the origin), What is a "default installation"? I have a good working knowledge of all the software I have deployed in my and my clients mail servers and I have spent a considerable amount of time over the years furthering my understanding and perfecting my configs. If, by "default installation", you mean take a piece of software off the shelf and follow a quick and dirty howto guide without any understanding of what the options mean, then of course under these situations people are going to run into issues.
Re: Server administration
On 2019-09-02 06:24, Alexander Dalloz via dovecot wrote: Am 01.09.2019 um 14:41 schrieb Aleksandr Mette via dovecot: 4. Forward e-mail Don't do that nor let your users auto-forward their mail received on your MX. Else you will end up faster than you think on blacklists as very likely your server will forward SPAM and gets classified as a SPAM source. You have to let users forward their email because this is functionality they expect. The trick is to spam scan all email first, otherwise as Alexander has said, you end up on RBL's.
User / Pass SQL queries
Hi all, Is there any reason Dovecot shows the 'user' variable (ie: u...@domain.tld) being obtained in the password query and not the (more logical) user query? Thanks, Michael
Dovecot and Oauth
Hi all, I am considering expanding a mail server to support Oauth with Google. I have read through the following: https://wiki.dovecot.org/PasswordDatabase/oauth2 however, it doesn't work and appears to me to be missing important information, the least of which is API authorisation. Searching with Google, I can't find any more information beyond what amounts to C&P'ing of the above link. Has anyone successfully deployed Oauth with Google and could they please send me their config files? Thanks, Michael
