Re: [RCU] Managesieve plugin not working with dovecot 1.2 anymore?

2014-02-15 Thread Claudio Kuenzler 
omg... facepalm.
Thanks :D
Working now  - of course.
On Feb 14, 2014 9:21 PM, Benny Pedersen m...@junc.eu wrote:

 On 2014-02-14 18:03, Claudio Kuenzler wrote:

  It seems that the managesieve plugin doesn't work anymore with an
 older Dovecot version (1.2). Even when I set managesieve_port to
 2200, the plugin doesn't load.


 try 2000 :=)
 ___
 Roundcube Users mailing list
 users@lists.roundcube.net
 http://lists.roundcube.net/mailman/listinfo/users

___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] Secure certain directories?

2014-02-15 Thread Grant 
 Should I disallow access to certain roundcube directories in nginx?
 I'm especially concerned about arbitrary PHP execution in the user
 upload directory.

 Yes, you should. Have a look at the .htaccess file which holds some
 rewrite rules for Apache webserver:

 # security rules:
 # - deny access to files not containing a dot or starting with a dot
 #   in all locations except installer directory
 RewriteRule ^(?!installer)(\.?[^\.]+)$ - [F]
 # - deny access to some locations
 RewriteRule 
 ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))
 - [F]
 # - deny access to some documentation files
 RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml)$
 - [F]

 If you manage to translate these into ngnix rules, we'd much
 appreciate if you could post your findings in order to have it added
 to the configuration guide here:
 http://trac.roundcube.net/wiki/Howto_Config/Webservers

The following doesn't seem to cause any problems.  Which files would
be good to compare access with/without this config?

location ~ 
^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))
{
deny all;
}
location ~ /?(README\.md|composer\.json-dist|composer\.json|package\.xml)$ {
deny all;
}

The following does 403 normal access.  Any idea what could be wrong
there?  I'm not good with regex.

location ~ ^(?!installer)(\.?[^\.]+)$ {
deny all;
}

 Future versions of Roundcube will ship with a dedicated 'public_html'
 directly which will be the target directory for webserver access and
 all other directories which are supposed to be protected from public
 access, will be outside of the document root.

Is there a version targetted for this change?

- Grant
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] upload size limit

2014-02-15 Thread Grant 
 I've set main.cf in postfix, php.ini, and nginx.conf to an 8M file
 upload limit but Roundcube still states a 2M limit.  Is there
 somewhere else I need to specify this?

 let me guess: you have raised upload_max_filesize but don't care
 about post_max_size which is still 2M and since file uploads are
 POST data that counts - RTFM :-)

I had changed that but something righted itself because Roundcube is
reporting 8MB now.

- Grant
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] upload size limit

2014-02-15 Thread Grant 
 I've set main.cf in postfix, php.ini, and nginx.conf to an 8M file
 upload limit but Roundcube still states a 2M limit.  Is there
 somewhere else I need to specify this?

 - Grant


 Hello,

 nginx uses fpm, so you have to set the upload limit in /etc/php5/fpm/php.ini
 (Debian system...others may have a different location)

It's /etc/php/fpm-php5.5/php.ini on Gentoo.

- Grant
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] upload size limit

2014-02-15 Thread Benny Pedersen 

On 2014-02-15 20:21, Grant wrote:


It's /etc/php/fpm-php5.5/php.ini on Gentoo.


why unlimit it on global settings in php.ini ?, roundcube comes with 
.htaccess files that make it possible to just setup the roundcube 
webmail for more post data on that host, default in php.ini should be 
small on global web, but can be more unlimted in roundcube since mta 
still have a limit

___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] upload size limit

2014-02-15 Thread Martin Mazur 

Am 2014-02-15 20:29, schrieb Benny Pedersen:

On 2014-02-15 20:21, Grant wrote:


It's /etc/php/fpm-php5.5/php.ini on Gentoo.


why unlimit it on global settings in php.ini ?, roundcube comes with
.htaccess files that make it possible to just setup the roundcube
webmail for more post data on that host, default in php.ini should be
small on global web, but can be more unlimted in roundcube since mta
still have a limit


The I am designed for efficiency webserver nginx is in use, so 
htaccess is not used.



--
Martin Mazur

m...@martin-mazur.net
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users

Re: [RCU] upload size limit

2014-02-15 Thread Benny Pedersen 

On 2014-02-15 21:01, Martin Mazur wrote:


The I am designed for efficiency webserver nginx is in use, so
htaccess is not used.


fair, but all i say is that this limit should only be lifted on 
roundcube not lifted global on all sites this server servs


if it only runs roundcube web, then it can be done global in php.ini

how is pr site done in nagios ?
___
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users