Re: [Dovecot] Ongoing performance issues with 2.0.x
On Fri, Nov 5, 2010 at 6:23 AM, Ralf Hildebrandt wrote: > * zhong ming wu : >> On Fri, Nov 5, 2010 at 5:58 AM, Ralf Hildebrandt >> wrote: >> > I uploaded a preliminary screenshot with comments: >> > http://www.arschkrebs.de/bugs/dovecot.png >> > >> >> Unclear from your graphs what is for 2.0 and what is for 1.2 > > Left of "switching back to 1.2.x" is 2.0 > Right of "switching back to 1.2.x" is 1.2.x i thought "switching back to 1.2.x" is title of that graph. Since you know your server better I assume that you expect data with 2.0 after 18:00 to be high like before. >From someone who does not know your server usage pattern, that graph isn't useful without much more notes
Re: [Dovecot] Ongoing performance issues with 2.0.x
On Fri, Nov 5, 2010 at 5:58 AM, Ralf Hildebrandt wrote: > I uploaded a preliminary screenshot with comments: > http://www.arschkrebs.de/bugs/dovecot.png > Unclear from your graphs what is for 2.0 and what is for 1.2 Plotting the same variable for 2.0 and 1.2 data on the same graph will be more convincing.
Re: [Dovecot] using palm pre client with imap server
On Wed, Sep 8, 2010 at 10:06 PM, Jim Lawson wrote: > I have a Palm Pre (Sprint, WebOS 1.4.5) and it seems to work just fine > against Dovecot (Debian's 1.2.13 build, or a custom 1.2.13 build under > RHEL) using TLS. > > Jim > My dovecot is using plain text password scheme over TLS . Is yours the same? FWIW I tried to use an android phone against IMAP and on that client "secure connection" turns out to be something other than TLS/SSL. Only if I uncheck that android phone can connect to dovecot although it does use TLS even though "secure connection" is unchecked. Thanks
Re: [Dovecot] using palm pre client with imap server
2010/9/9 Grégory Oestreicher : > > Yup, got one and it is working fine. Have you added you CA certificate into > the phone > trusted list if it a homemade one ? I recall having to do that, and it seems > that the > error was the same. > > server cert is signed by godaddy. not sure what CA's palm pre using. i'll look into that.
[Dovecot] using palm pre client with imap server
Hello Anyone here tried to use palm pre built-in email client with imap server (TLS)? Mine does not work; only one line in the log. imap-login: Disconnected (no auth attempts): rip=xxx.xxx.19.21, lip=xxx.yyy.zzz.aaa dovecot -n # 1.2.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.9-42.ELsmp i686 Red Hat Enterprise Linux ES release 4 (Nahant Update 8) ext3 base_dir: /var/run/dovecot syslog_facility: local0 protocols: imap listen: xxx.yyy.zzz.aaa ssl_ca_file: /etc/pki/ca.crt.crl ssl_cert_file: /etc/pki/private/ssl.crt.key.pem ssl_key_file: /etc/pki/private/ssl.crt.key.pem ssl_parameters_regenerate: 29 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login mail_location: maildir:/home/vmail/%d/%n/Mail auth default: user: squab username_chars: abcdefghijklmnopqrstuvwxyz01234567890.-_@ username_format: %Lu passdb: driver: sql args: /etc/dovecot/sql.conf userdb: driver: sql args: /etc/dovecot/sql.conf
Re: [Dovecot] userdb prefetch not compatible with ssl_require_client_cert
On Wed, May 26, 2010 at 1:44 PM, Timo Sirainen wrote: > On Sun, 2010-03-21 at 16:34 -0400, zhong ming wu wrote: > >> I looked into docs but couldn't see any where that says of this >> incompatibility. >> Anywhere this is confirmed in the doc? > > Why wouldn't it be?.. I had tested it at the time not to work. I keep the userdb and password information in postgresql database and it's possible to retrieve all information with just one SQL query. For some reason, it works if i didn't require clien_cert but fails otherwise. My current set-up does 2 look-ups.
[Dovecot] userdb prefetch not compatible with ssl_require_client_cert
Dear List I looked into docs but couldn't see any where that says of this incompatibility. Anywhere this is confirmed in the doc? Thanks mr.wu
[Dovecot] bug or feature?
Dear List If ssl_username_from_cert = yes then setting of auth_username_chars is not respected. (It may be that anything goes in that case) Also how can I include space (0x20) in auth_username_chars if I don't use ssl_username_from_cert = yes Thanks mr.wu
[Dovecot] client cert handling not working properly on centos 4.8
Dear List I've successfully installed/configured dovecot 1.2.10 with "require client cert" on centos 5.4 and ubuntu server 9.10 I also need to install on centos 4.8 and after the following the exact same procedure I can only get it working if I commented out ssl_require_client_cert =yes and ssl_username_from_cert = yes from the working config file. This is even after compiling dovecot with openssl 0.9.8l on centos 4.8 If I copy the same "client_ca.crt" from centos 4.8 to centos 5.4 then centos 5.4 does not problem in verifying client cert. That file contain CRL as well as certificate which signs the pkcs12 file installed on the client. The following log entries do not appear on centos 5.4 -- Feb 27 21:17:33 localhost dovecot: pop3-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=New York/L=Astoria/O=SnakeOil Inc./OU=Email Administration/cn=...@example.com Feb 27 21:17:33 localhost dovecot: pop3-login: Valid certificate: /C=US/ST=NY/L=TEST/O=Internet Widgits Pty Ltd --- $ dovecot -n # OS: Linux 2.6.9-89.0.20.EL i686 CentOS release 4.8 (Final) ext3 base_dir: /var/run/dovecot/ protocols: pop3 listen: 192.168.0.110 ssl_ca_file: /etc/pki/certs/dovecot/client_ca.crt ssl_cert_file: /etc/pki/certs/vrane.com/pop.crt ssl_key_file: /etc/pki/private/vrane.com/pop.key ssl_parameters_regenerate: 29 ssl_verify_client_cert: yes verbose_ssl: yes login_dir: /var/run/dovecot//login login_executable: /usr/libexec/dovecot/pop3-login mail_location: maildir:/home/vmail/%d/%n mail_executable: /usr/libexec/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/pop3 auth default: user: squab debug: yes ssl_require_client_cert: yes ssl_username_from_cert: yes passdb: driver: passwd-file args: /etc/dovecot/shadow/%d userdb: driver: static args: uid=2000 gid=2000 home=/home/vmail/%d/%n socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix
[Dovecot] exporting client socket to postfix
Dear List, I have a few questions regarding dovecot sasl authentication that are somewhat related to each other. I have a working dovecot config with -- ssl_verify_client_cert = yes .. . ssl_require_client_cert = yes ssl_username_from_cert = yes --- (With this set up I need not set a correct user name in my mail client so long as I have it correctly in cert.) It turns out that I cannot export client socket to postfix to do smtp authentication unless I comment out ssl_require_client_cert=yes Does it mean that postfix is not passing to dovecot any information about certificate? Is passing certificate information not part of sasl framework? If so I won't be able to use it with a different sasl implementation. Also if I comment out ssl_require_client_cert=yes, then I can no longer use username from cert to log in to retrieve my pop mail. I prefer to get username this way otherwise my thunderbird mailbox reads u...@domain.org@domain.org; I could have more than one domain in my dovecot servers. Thanks mr.wu
[Dovecot] tls not working on ubuntu
Hello List, I'm new to dovecot. I have sucessfully configured dovecot with just virtual users on a centos linux box to my satisfaction; I can connect with TLS with disable_plaintext_auth = yes. This dovecot is also version > 1. Can't post exact version right now but it's what comes with Centos 5.4. On a Ubuntu 9.10 box here, I cannot connect with TLS (port 110) but I can connect with plain SSL (port 995). The config files between centos and ubuntu boxes are the same except for minor details. The following is the log entry Feb 17 21:38:18 ubuntu dovecot: pop3-login: Disconnected (no auth attempts): rip=192.168.0.101, lip=192.168.0.108 The output below is from a binary compiled from source. I have also tested with 1.1.11 (that I get from apt-get install) with the same config file. I have tested ubuntu with both Thunderbird 3 and thunderbird 2. I have also searched google as well as dovecot website. Thanks mr.wu # 1.2.10: /usr/local/etc/dovecot.conf # OS: Linux 2.6.31-14-server x86_64 Ubuntu 9.10 ext4 base_dir: /var/run/dovecot/ protocols: pop3 pop3s listen: 192.168.0.108 ssl_cert_file: /usr/local/etc/pop.crt ssl_key_file: /usr/local/etc/pop.key ssl_parameters_regenerate: 29 disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot//login login_executable: /usr/local/libexec/dovecot/pop3-login mail_location: maildir:/var/vmail/%d/%n mail_executable: /usr/local/libexec/dovecot/pop3 mail_plugin_dir: /usr/local/lib/dovecot/pop3 auth default: user: authdove debug: yes passdb: driver: passwd-file args: /usr/local/etc/%d/passwd userdb: driver: static args: uid=2000 gid=2000 home=/var/vmail/%d/%n