from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE
Hi,
I'm a but clueless, having issues with replication. `doveadm dsync -u hans`
works.
But using the following replication setup, I see coredumps.
Where to go next?
Interestingly not for all users. (For testing purposes I've only 2
users. One having about 20 messages: here even the replication
esden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
signature.asc
Description: PGP signature
Hi,
I'm using dovecot 2.3.4.1 (f79e8e7e4) (Debian Build) and doing
master/master replication.
Recently we added a huuge .Archive* folder structure to the items being
replicated. And now, suddenly we see new folders with a naming like
*-temp-1-temp-1-temp-2-* appearing.
This finally lead to
ards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key
tial part, if they mention it at all.
(I'm talking about the "core" documentation, not about Wikis, HowTows,
Blogs, …)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support
White, Daniel E. (GSFC-770.0)[NICS] (Mi 28 Apr 2021
19:28:41 CEST):
> Can Dovecot be installed with Postfix and without being behind a web server ?
Yes.
> I want a mail service that can only be accessed by POP3(s)/IMAP(s) and not by
> a web UI.
Dovecot is a pure POP3/IMAP server. No Web-UI is
because your address doesn't match the OP's address and
somehow the information you're presenting doesn't fit the OP's
information (Self signed certs vs LE certs)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de -
Hi,
> In our case this is an internally used Dovecot Mail server that's used for
…
> certificates worth the expense? Just curious on what everyone's opinion is
> of Digital Certs signed by certificate authorities that are only used inside
> the LAN. Thoughts?
Aki is right. On the long run it's
Heiko Schlittermann (Do 25 Feb 2021 12:17:55 CET):
>
> I'm not sure about the semantics of setpwent()/endpwent(), mayb the nss
> plugin (here sssd) should gracefully handle a missing endwent() if it
> sees a new setpwent(). But I think, it can't harm to call endpwent() on
> t
Aki Tuomi (Do 25 Feb 2021 12:21:43 CET):
> > > > --- a/src/auth/userdb-passwd.c
> > > > +++ b/src/auth/userdb-passwd.c
> > > > @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct
> > > > userdb_iterate_context *_ctx)
> > > > cur_userdb_iter_to = timeout_add(0,
> > > >
missing endwent() if it
sees a new setpwent(). But I think, it can't harm to call endpwent() on
the dovecot side.
I deployed a debian package with the above patch added onto my system,
and it seems to work.
So, should I file a bug report against dovecot?
Best regards from Dresden/Germany
Viel
Heiko Schlittermann (Do 25 Feb 2021 10:36:21 CET):
> > within a small timeframe returns a subset of the local users only (the
> say count();
I suppose the following would fix the issue:
(not tested yet)
diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c
index
Heiko Schlittermann (Do 25 Feb 2021 10:08:05 CET):
>
> doveadm user *
>
> returns the full user list only once. A 2nd invocation of the same command
> within a small timeframe returns a subset of the local users only (the
The following Perl script can reproduc
ssd (more specifically its nss module)
- [ ] misbehaviour of dovecot/auth processes?
Dovecot: 2.3.4.1 (f79e8e7e4)
Operating System: Debian GNU/Linux 10 (buster)
Sssd: 1.16.30
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN
Hi Aki,
thank you for answering.
Aki Tuomi (Mi 05 Feb 2020 07:59:55 CET):
> > does dovecot support tls-on-connect for AF INET based auth-client
> > sockets?
> > inet_listener auth-client {
> > name = exim
> > port = 4711
> > ssl = yes
> > }
>
Hi, I'm resending this message, still hoping for an answer.
Hello,
does dovecot support tls-on-connect for AF INET based auth-client
sockets?
Rationale behind my question:
Exim can use the Dovecot auth-client socket to delegate the
SMTP-AUTH authentication to Dovecot.
Currently Exim supports
Hello,
does dovecot support tls-on-connect for AF INET based auth-client
sockets?
Rationale behind my question:
Exim can use the Dovecot auth-client socket to delegate the
SMTP-AUTH authentication to Dovecot.
Currently Exim supports the AF UNIX only for this socket. Jeremy makes
progress in
Maciej Milaszewski IQ PL via dovecot (Fr 13 Sep 2019
12:10:39 CEST):
> openssl s_client -connect imap.mail.test.domain.com:993 -tls1_1
Use -servername for testing.
--
Heiko
signature.asc
Description: PGP signature
Hi Stephan,
Stephan Bosch via dovecot (Fr 22 Feb 2019 13:39:27 CET):
> > Gibt es - außer der Sprache und dem Preis - einen Unterschied zwischen
> > der ersten (und einzigen?) deutschen Auflage von 2014 und der englischen
> > Auflage von 2016?
>
> Hier wird leider nur Englisch gesprochen. Sie
Moin,
Es geht um das Dovecot-Buch. Ich nehme an, daß hier mindestens einer,
der sich auskennt, mitliest:
Gibt es - außer der Sprache und dem Preis - einen Unterschied zwischen
der ersten (und einzigen?) deutschen Auflage von 2014 und der englischen
Auflage von 2016?
--
Heiko
signature.asc
many?) userPassword fields per LDAP object. If we
are able to track the password hashes (which hash for which user), we
can have each user using his very own password to login as another user
(provided that other user has an additional userPassword field)
Best regards from D
Kadlecsik József (Mi 25 Okt 2017 14:42:11
CEST):
…
> The master users are allowed to impersonate anyone and at the same time
> cannot login as themselves. Those were the issues why we couldn't choose
> to use master users.
True.
--
Heiko
signature.asc
rds from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F6
Thomas Leuxner <t...@leuxner.net> (Mi 25 Okt 2017 13:11:52 CEST):
…
> * Heiko Schlittermann <h...@schlittermann.de> 2017.10.25 12:58:
> wouldn't this be a use case for acl_groups, where a user would belong to
> group "Sales" and this "role" would gain
t up this in a generic MUA, as some webmail client?
Thanks in advance,
best regards from Dresden/Germany
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg e
he root CA to your
ca-certificates, but let the intermediate cert in the certificate chain
sent by the server. (That's what the intermediate certs are good for,
isn't it?)
Heiko
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl
the root of the chain.
Heiko
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked
client
wont trust the root CA it received. The client should trust only its
copy of the root CA.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-
seems to be hardcoded in
/usr/lib/x86_64-linux-gnu/libgnutls.so.30 (Debian9, amd64)
$ strings /usr/lib/x86_64-linux-gnu/libgnutls.so.30 | grep '/etc/ssl'
/etc/ssl/certs/ca-certificates.crt
So, on my system gnutls-cli seems to use the same CA store
(/etc/ssl/certs) as openssl.
B
mydomain,dc=com?mail?sub?(&(objectClass=inetOrgPerson)(mail=$local_part@
> $domain))}{$value}fail}
>
> Thanks again for all the support. You pointed me in the right direction. :)
You're welcome.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heik
Hi,
Heiko Schlittermann <h...@schlittermann.de> (Mo 21 Nov 2016 11:50:13 CET):
> a) Routing stage
> You need to interact with the user database dovecot uses.
> Either you access the user database directory (flat file, LDAP,
> whatever) or you use the ${readsocket…} featu
do callout: neither router nor transport provided a host list
This can be 'fixed' if you use (not tested)
dovecot_lmtp:
driver = smtp
protocol = lmtp
host = localhost
port = 2525
and have the dovecot LMTP run on a local TCP port
Best regards from Dresden/Germany
Viele Grüße a
ansport, responsible for the delivery to dovecot?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg e
aintext IMAP. There I see the expected shudown handshake
FIN - FIN,ACK - ACK.
Dovecot version is 2.2.24 (a82c823)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlitte
/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key
Timo Sirainen (Mi 29 Jun 2016 00:00:11 CEST):
…
> >> b) UID=16 suddenly appeared on Cyrus side even though it wasn't there
> >> earlier. This isn't allowed by IMAP standard.
> It's still strange if Cyrus is doing that. It's generally a pretty well
> behaving IMAP server. What
Hi,
Timo Sirainen (Di 28 Jun 2016 23:30:38 CEST):
> >
> > On successive runs of the above command I get:
> >
> >dsync(heiko): Warning: Deleting mailbox 'Serververwaltung.Mailinglisten
> > Anforderung': UID=16 GUID= is missing locally
>
> This means that on Dovecot side there
Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7C
gards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376
em before every update.
I'm using the ppa http://ppa.launchpad.net/patrickdk/production/ubuntu
and until now it works fine.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko
duction systems so)
Thank you for your response, we're using your packages now in a
production ready environment I'll contact you in case of any issues.
(The environment uses a directors/backends setup.)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heik
/dovecot
/lib/systemd/system/dovecot.service
> While xi packages places its own init script there.
The xi packages I didn't check yet.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & un
Heiko Schlittermann <h...@schlittermann.de> (Mo 30 Mai 2016 21:18:09 CEST):
> Hi Aki,
>
> aki.tu...@dovecot.fi <aki.tu...@dovecot.fi> (Mo 30 Mai 2016 20:57:58 CEST):
> …
> > You can get packages from http://xi.dovecot.fi/debian/, if it helps. The
> > HTTP API
sden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF7
Hi Aki,
thank your for responding that fast.
aki.tu...@dovecot.fi (Mo 30 Mai 2016 17:49:53 CEST):
…
> Hi! This has been fixed in 2.2.24. There was a bug in user passing.
Ok, thus at least your answer saves me hours of debugging. We upgraded
old Ubuntu Boxes (14.04/LTS)
Hi,
I'm doing quota checks from a remote machine (the real setup is a bit
more complex, if necessary I can explain it in more detail, but I just
extracted the bits that are easily reproduceable)
# nc backend1 24245
VERSION doveadm-server 1 0
PLAIN
Hi,
Stephan Bosch <step...@rename-it.nl> (Mi 27 Apr 2016 11:32:23 CEST):
…
> Op 4/27/2016 om 11:11 AM schreef Heiko Schlittermann:
> > src/imap/cmd-notify.c: "MessageNew", "MessageExpunge", "FlagChange",
> > "AnnotationChange",
>
traces that indicate support for ANNOATION. But again, I
may be wrong, as I do often.
changeset: 237:219c13a7696d
bookmark:hs12
tag: tip
user:Heiko Schlittermann <h...@schlittermann.de>
date:Wed Apr 27 11:27:14 2016 +0200
summary: Check the Value before using
en?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome ---
://hg.dovecot.org/dovecot-metadata-plugin was 2013 .
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de -------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998
("value.shared" "27")
S: 2 OK Completed.
Is this a known bug that is fixed in later releases?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de -------- internet & unix support -
Heiko Schl
up'
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome -
message (I put you on BCC),
you'll receive it via the mailing list AND directly. Depending on the ML
configuration the messages are NOT identical.
(ML signature, replaced Reply-To, added header lines, …)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
the maildir directly. Doesn't help. Since I have a director/backend
setup.
Can't quota-status use the same interface doveadm quota uses?
Unfortunenatly I didn't find further documentation, except the source
itself.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
something here? Shouldn't the metadata be part of the backup?
(I'm using the latest 2.2.22 for sync purposes, as the stock dovecot
just crashed when used as 'doveadm backup …')
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de
ld be good. And using the RCPT TO response would not need any magic
mechanisms on the MTA side. We could use recipient verification via
callouts (as we do to check the existence of the recipient, w/o the need
to do some LDAP lookups).
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Hallo Andreas,
A. Schulze <s...@andreasschulze.de> (So 14 Feb 2016 12:47:19 CET):
>
> Am 13.02.2016 um 23:24 schrieb Heiko Schlittermann:
> >it seems that Squirrel mail uses Mailbox annotations for storing Expire
> >times on the Server. It's an Cyrus server curr
how it's supposed to work on Cyrus and how it can be
emulated/simulated with dovecot?
Thanks in advance,
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlitter
Steffen Kaiser <skdove...@smail.inf.fh-brs.de> (Fr 12 Feb 2016 09:59:40 CET):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Fri, 12 Feb 2016, Heiko Schlittermann wrote:
>
> >But, if I'd like to have another quota rule for a submailbox of that
> >user?
behaviour and fixed already, or do I need to do more
investigation?
(PS: Running the same command on one of the backends works w/o failure)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet &
Andrey Fesenko (Sa 13 Feb 2016 00:01:01 CET):
…
Thank you for your fast response…
doveadm user \*
works on the director, gives us 4711 users.
The LDAP limits are 'unlimited'.
> For dovecot with LDAP we make this
> After fix dovecot-ldap.conf
>
> user_filter =
>
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF764A and 972EAC9
quota_rule *:storage=1000:messages=50
Inventing additional LDAP attributs fooQuotaRule2, ... doesn't scale well.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
H
e to the RCPT TO.
But the proxy seems to ignore it…
Any suggestion?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +
uggestions?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome
Heiko Schlittermann <h...@schlittermann.de> (Fr 05 Feb 2016 17:13:12 CET):
> Hi,
>
> using dovecot 2.2.9. The LDAP server requests a client certificate from
> dovecot. This client certificate will not be used for authentication,
> but anyway, the server requests it
Heiko Schlittermann <h...@schlittermann.de> (Fr 22 Jan 2016 12:53:00 CET):
> Hello,
>
> as may parts of the dovecot configuration docs refer to sieve and it's
> specific versions, like
>
> NOTE: Pigeonhole versions before v0.3.1 do not support the lo
>
>
isn't telling me
anything here, because it's bound to the dovecot version number.
What do I miss here?
Thank you.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
H
kB. The complete amount of command line data is near 2 MB.
Conclusion: doveadm sync should be able to read a state *file*. IMHO
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Hei
to cur/ (not sure, if new/ would be fine to,
because new/ is the natural place after
tmp/. I'm not sure, what this does to the
message state the client sees.)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
Hi Timo
Heiko Schlittermann <h...@schlittermann.de> (Mi 14 Okt 2015 01:10:20 CEST):
…
> Ah, the information comes from the other director running. The other one
> is using an unpatched version of dovecot.
Your patch for backend-certificate verification works. Thank you for the
good a
; hostname we used to obtain the adress(es)?
>
> Does the attached patch work? Compiles, but untested.
I'm about to test it.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de -------- internet & unix
ally in the same trusted network with backends..
>
Ooo.
What if
director_mail_servers = backends.
and the DNS entry for backends. gets updated? Does the director
catch up the change automatically w/o restart?
Best regards from Dresden/Germany
Viele Grüße aus Dres
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked sin
n as we reach out
for "official" certs. And because it puts more details about the
infrastructure into the configuration than would be necessary.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & un
Timo Sirainen (Di 13 Okt 2015 21:42:41 CEST):
…
> > Oct 13 21:23:29 director1 dovecot: director: Error:
> > director(149.x.y.97:9090/out): connect() failed: Connection refused
> > Oct 13 21:23:29 director1 dovecot: director: Warning: net_connect_ip():
> > ip->family !=
ode this gets fixed more or less automatically. Note sure if
> that'll happen for v2.3 or not.
Thank you.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---- internet & unix support -
Heiko Schlitte
s, thinking about mixed schema in the URIs whould have been my next
question :)
Ok, I can test what happens if we set tls_options w/o using LDAP+TLS or
LDAPS at all.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de
syntax for the openssl.conf is welcome). Or is there any chance
that this is fixed already or will be fixed in the near future or even
better, that it's my fault?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet
Timo Sirainen (Di 13 Okt 2015 23:49:20 CEST):
…
>
> Proxying in general does check that hostname matches the SSL certificate,
> because both the hostname and IP address are sent to login process. So it
> should work in a way that host= and hostip= is sent. I thought
> my patch
Hi Timo,
Heiko Schlittermann <h...@schlittermann.de> (Di 13 Okt 2015 22:33:23 CEST):
> > Does the attached patch work? Compiles, but untested.
> I'm about to test it.
It seems to update the struct mail_host, but it looks as if the data
in mail_host do not propagate down to
Heiko Schlittermann <h...@schlittermann.de> (Mi 14 Okt 2015 00:10:50 CEST):
> Timo Sirainen <t...@iki.fi> (Di 13 Okt 2015 23:49:20 CEST):
> …
> >
> > Proxying in general does check that hostname matches the SSL certificate,
> > because both the hostname and
Heiko Schlittermann <h...@schlittermann.de> (Mi 14 Okt 2015 00:46:11 CEST):
…
>
> And if I add -D to the director service, I can see "Debug: request
> refreshed timeout to …",
> but never I see "Debug: request added". And from what I
> understand th
Hello,
I'm using a dovecot as proxy, connecting to one or more backends.
The backends use X.509 certificates.
The proxy's passdb returns
extra fields:
user=foo
proxy
host=backend1.
ssl=yes
nopassword=y
Thus the proxy connects to the backend but can't verify the backends
et.tls || strncmp(conn->set.uris, "ldaps:", 6) == 0))
return;
#ifdef OPENLDAP_TLS_OPTIONS
It would be great, if somebody can confirm this and if this or some
equivalent patch could make it upstream.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Terry Carmen te...@cnysupport.com (Mi 30 Nov 2011 21:36:46 CET):
useful in protecting Exchange (from this,
http://www.cvedetails.com/cve/CVE-2007-0221/ for example), or am I
barking up the wrong tree?
If Dovecot isn't helpful for this, can anybody point me to a better resource?
Some time
Jack Fredrikson jackfredrik...@yahoo.com (Mon Oct 24 21:00:54 2011):
Hi;
This is my 6th day installing my first Postfix/Dovecot installation. The
Postfix mailing list indicates I've got the MTA under control so now I'm
seeking your help with the MDA. I get these errors with legitimate email
Xin LI delp...@delphij.net (Wed Jun 8 22:04:51 2011):
(…)
A feature of Cyrus-IMAPd I really missed after migrated to Dovecot is
their optional duplicate suppression, which eliminates duplicate
message at deliver time, if their envelope sender, recipient and
message-id matches.
Not sure,
Hello Tom,
Tom Hendrikx t...@whyscream.net (Wed Jun 8 23:17:29 2011):
(…)
OTOH, if you need such feature, it shouln't be too challenging to write
a MDA replacement, that decides about duplicity and finally passes the
remaining messages to the Dovecot MDA.
This happens because the
Hello,
just my comment on you topic: if I'd design such setup, I'd expect, that
sooner or later some additional flexibility is needed, that there will
be same tasks you never thought about in advance. I'm not sure, if in
such case I'd rely on Postfix. Postfix might be fast, but it is by no
means
BTW, and I'm not sure, if you still need amavis, as direct scanning
(using clamav or some other scanner) will be faster. Same is for
Spamassassin, as long as you use it as filter and not just as some
evaluator.
--
Heiko
signature.asc
Description: Digital signature
.
Probably you're looking for things related to auth_master or master.
passdb passwd-file {
master = yes
args = /etc/vmail/master-users
}
Or search the Wiki for AuthDatabase.PasswdFile
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
a wildcard cert?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet unix support -
Heiko Schlittermann HS12-RIPE -
gnupg encrypted messages are welcome - key ID
Timo Sirainen t...@iki.fi (Mi 26 Mai 2010 18:53:56 CEST):
On Fri, 2010-04-30 at 23:49 +0200, Heiko Schlittermann wrote:
plugin {
escape_char = %
}
should change the escape character to %. But it doesnt. Bug or feature?
listescape_char, not escape_char.
Hm. Assuming
Phil Howard ttip...@gmail.com (Di 18 Mai 2010 16:04:14 CEST):
I'm looking for an IMAP testing tool, suitable to use with Dovecot IMAP. It
needs to support TLS, STARTTLS, and login/authentication. It needs to be
able run from command line, shell scripts, and even do so under cron jobs
(e.g. a
Heiko Schlittermann
--
SCHLITTERMANN.de internet unix support -
Heiko Schlittermann HS12-RIPE -
gnupg encrypted messages are welcome - key ID: 48D0359B ---
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92
Schlittermann
--
SCHLITTERMANN.de internet unix support -
Heiko Schlittermann HS12-RIPE -
gnupg encrypted messages are welcome - key ID: 48D0359B ---
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B
?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet unix support -
Heiko Schlittermann HS12-RIPE -
gnupg encrypted messages are welcome - key ID: 48D0359B
1 - 100 of 104 matches
Mail list logo