On Sun, 2023-11-19 at 18:28 -0500, Steve Litt wrote:
>
> doveconf -d shows that I have no such config key as ssl_protocols, my
> ssl_min_protocol is TLSv1.2, and the default ssl_cipher_list is the
> following huge string:
>
> ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!R
On Sun, 2023-11-19 at 15:33 -0500, Steve Litt wrote:
>
> Thanks Bernardo,
>
> I use Void Linux, not Debian. Is there a command that tells me the
> defaults?
>
The one I typed :)
The doveconf command has a few flags that control what settings are
displayed, and "-d" tells it to show the default
On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
>
> I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64 bit
> x86_64 Void Linux computer using runit for its init system. I populate
> Dovecot's Maildir via fetchmail and procmail.
>
You probably don't have to do anything. SSLv2 and
On Sun, 2023-10-08 at 11:27 -0400, Dave McGuire wrote:
>We have an existing user with a lot of mail that we need to move from
> one domain to another. Our mail system is database-backed so changing
> the account is trivial, but can I just move the directory from
> the structure above from
On Sun, 2021-08-01 at 21:53 +0300, Mart Pirita wrote:
>
> As Docvecot does not support INC_PATH= and ignores --includedir= option,
You can try CPPFLAGS="-I" in the future. I don't know how a
normal person would ever figure it out, but that's the "correct" way to
include headers from a non-defaul
On Thu, 2021-07-29 at 14:33 +0300, Mart Pirita wrote:
> Hi,
>
>
> This is very bad news.
>
> I don't think that disto is old, if I can compile almost every
> software with it.
>
> So at the moment I have two choices, newer upgrade Dovecot or
> rollback the buffer_t changes and use latest versio
On 12/12/20 10:07 AM, Michael wrote:
>
> in the file
> /lib/systemd/system/dovecot.service
>
> the line
> PIDFile=/var/run/dovecot/master.pid
>
> to
> PIDFile=/run/dovecot/master.pid
>
Not that it matters for systemd, but in general, both /var/run and /run
should be replaced by @runstatedir
On 4/10/19 6:39 AM, Dmitry Donskih via dovecot wrote:
> `chmod -R 655 /etc/foobar/ssl' drops x attribute from `ssl' itself.
> Use `chmod -R 755' or `chmod +x' or similar.
>
Your private keys should be... private. Use 750 instead.
On 05/02/2016 03:19 AM, Steffen Kaiser wrote:
> On Mon, 2 May 2016, Tom Sommer wrote:
>> On 2016-04-29 16:25, Matteo Gaito Test Account wrote:
>
>
> In fact, I would like to have:
>
> + full user backup
> + full user removal
> + restore of backup'ed user
>
> incl. all data, Dovecot creates / ma
On 03/04/2015 06:12 PM, Jochen Bern wrote:
> On 03/04/2015 09:45 PM, Dave McGuire wrote:
>> On 03/04/2015 03:37 PM, Oliver Welter wrote:
>>> Am 04.03.2015 um 21:03 schrieb Dave McGuire:
>>>> Am 04.03.2015 um 20:12 schrieb Michael Orlitzky:
>>>>> Plea
On 03/03/2015 11:03 PM, Earl Killian wrote:
> On 2015/3/2 10:03, Reindl Harald wrote:
>>
>> that is all nice
>>
>> but the main benefit of RBL's is always ignored:
>>
>> * centralized
>> * no log parsing at all
>> * honeypot data are "delivered" to any host
>> * it's cheap
>> * it's easy to maintai
On 07/11/2014 03:59 AM, Arkadiusz Miśkiewicz wrote:
>
> Does dovecot support any form of macros? I would like to share configuration
> file between several servers. Configs are different only in tiny aspects.
>
As a last resort, you can use `make` to accomplish this.
dovecot-server.conf.sh
On 05/17/2014 11:57 AM, Boris wrote:
>
>> no - < reads a file and without you are supposed to directly
>> paste your certificate in the configuration instead point
>> to a file
> I see. In all other places I know dovecot references files simply with "/" so
> I
> still wonder what is so different
On 10/30/2013 09:01 AM, Benny Pedersen wrote:
> Michael Orlitzky skrev den 2013-10-28 20:49:
>
>> php_admin_value open_basedir /var/www/$domain/$host/
>> php_admin_value upload_tmp_dir /var/www/$domain/$host/tmp
>> php_admin_value session.save_path /v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/28/2013 04:10 PM, Reindl Harald wrote:
>>
>> php_admin_value open_basedir /var/www/$domain/$host/
>> php_admin_value upload_tmp_dir /var/www/$domain/$host/tmp
>> php_admin_value session.save_path /var/www/$domain/$host/tmp
>> php_admin_value
On 10/28/2013 03:14 PM, Douglas Mortensen wrote:
> If a customer has vulnerable PHP code on a website, some of these
> will allow a remote file upload. I have seen cases where they upload
> a PHP script that is a sort of web-based console/shell to the server
> (file-system, etc.). It provides sever
On 10/28/2013 12:02 PM, Douglas Mortensen wrote:
> Hi,
>
> We have clients with various security & compliance requirements.
> Although not required, it would be ideal to have messages encrypted
> at rest.
You can rule out a lot of the crazier options by answering the questions,
(a) What attack s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/13/2013 02:41 PM, Branko Majic wrote:
>
> Slightly off-topic from my side, but wanted to mention it since
> I've worked with POSIX ACLs a bit.
>
> Personally, I've had very bad experiences with POSIX ACLs. They can
> act in quite an unintuitive
On 09/24/2012 10:59 PM, Michael Orlitzky wrote:
>
> We've done this on the same hardware. You can pick up these servers for
> cheap; just buy an extra one. Take the new machine, throw two big disks
> in it, and install Gentoo.
I seem to have gone insane, I thought this was o
On 09/24/2012 01:42 PM, Spyros Tsiolis wrote:
> Hello all,
>
> I have a DL360 G4 1U server that does a wonderfull job with dovecot horde,
> Xmail and OpenLDAP for a company and serving about 40 acouunts.
>
> The machine is wonderful. I am very happy with it.
> However, I am running out of disk sp
On 06/11/12 07:23, Krzysztof Trybowski wrote:
> Hello all,
> it is strange, but Dovecot 2.x still didn't make it into Debian (not
> even backports). It exists in testing, but that's still a long wait.
> OTOH there are official packages built every day (referenced from the
> download page). This puz
On 06/03/12 13:26, Reindl Harald wrote:
>
> and now tell us how you "connect" YOUR sent message over SMTP
> to any seen fleeg of another user?
>
Dovecot could write directly to their mailbox. Otherwise, it could do
whatever the sieve vacation plugin does.
>> The worst possible thing that can h
On 06/03/12 12:06, Robert Schetterer wrote:
> Am 03.06.2012 16:24, schrieb Michael Orlitzky:
>>
>> I for one think the plugin is a good idea.
>
> what the hell , should the plugin do and how ?
> there is smtp dsn, nothing more makes sense
>
> looking to the thread
On 06/03/12 04:43, Ed W wrote:
>
> Look, I can argue against the idea easily, personally my objection is
> mail loops, but the point is that the customer demands it, and at
> present that prevents me bidding for certain types of business...
> Basically the customer just wants to repro what the
Lutz Schildt posted this to the Gentoo bugzilla recently:
http://bugs.gentoo.org/show_bug.cgi?id=415571
There's a backtrace and conf files attached. I was able to find this
possibly-related post from a while ago:
http://dovecot.org/list/dovecot/2010-September/052963.html
On 04/13/12 02:35, Robert Schetterer wrote:
>
> you can do it with exchange,
> no wonder outlook isnt a internet mail client in first line
> its the client of exchange, so people should use real internet mail
> clients ( TB etc ), if m$ would more be compatible, the need of exchange
> may more les
On 04/13/12 02:22, Birta Levente wrote:
>>
>> Outlook (2003, 2007) does do this if you set up different mail accounts,
>> but we shouldn't have to do that.
>
> Control Panel / E-mail (Mail in win7) / Profiles ...
>
> I hope this help you
This is more work than setting up multiple accounts =
Nothing to do with Dovecot, but I figured this is the best place to ask.
Do any of the newer versions of Outlook have proper identities support
like Thunderbird, mutt, Roundcube, i.e. every other mail client on Earth?
We have customers who set up ten different mailboxes for one person
because oth
On 01/17/12 14:48, Don Buchholz wrote:
>>
> Doh! Thanks, Michael. I wasn't looking at the original error message
> closely enough. I scanned too quickly and saw "service(imap)" and not
> "service(imap-login)". Now the failure when there are only ~200 (total)
> dovecot processes makes sense (
On 01/17/12 14:02, Don Buchholz wrote:
>>
> But, Michael's right, documentation can be wrong. So, I dumped the
> entire configuration. Here are the values found on the running system.
> Both imap and pop3 services have "process_limit = 1024".
>
You probably just posted this while my last message
On 01/17/12 13:15, Don Buchholz wrote:
>>
> What makes me think 1024 is the default?
> The documentation:
> -->
> http://wiki2.dovecot.org/Services?highlight=%28process_limit%29#imap.2C_pop3.2C_managesieve
>
That's only for those three services (imap, pop3, managesieve), not for
imap-login unf
On 01/17/12 09:58, Michael Orlitzky wrote:
>
> Using -a shows you all settings, as they're running in your
> installation. That's the defaults, except where they're overwritten by
> your config.
>
> I was asking for the defaults regardless of what's in my
On 01/17/12 09:31, Duane Hill wrote:
> On Tuesday, January 17, 2012 at 14:23:47 UTC, mich...@orlitzky.com
> confabulated:
>
>> First of all, feature request:
>
>> doveconf -d
>> show the default value of all settings
>
> You mean like doveconf(1) ?
>
> OPTIONS
>-a Show all se
First of all, feature request:
doveconf -d
show the default value of all settings
On 01/16/12 17:41, Don Buchholz wrote:
>
> The 'doveconf -n' output is attached. I have not set any
> "process_limit" values, and I don't think I'm getting anywhere close to
> the 1024 default, so I'm prett
On 01/05/12 11:14, Charles Marcus wrote:
>
> Ummm... yes, he does... from tfa:
>
> "Salts Will Not Help You
>
> It’s important to note that salts are useless for preventing dictionary
> attacks or brute force attacks. You can use huge salts or many salts or
> hand-harvested, shade-grown, organic
On 01/05/12 10:28, Michael Orlitzky wrote:
>>
>> Nope, you are wrong - as I have patiently explained before. They do not
>> *need* to write their password down.
>>
>
> They have them written down on their phones. If someone gets a hold of
> the phone, he can jus
On 01/04/12 21:06, Patrick Domack wrote:
>
> But still, the results are all the same, if they get the hash, it can be
> broken, given time. Using more cpu expensive methods make it take longer
> (like adding salt, more complex hash). But the end result is they will
> have it if they want it.
>
U
On 01/05/12 06:26, Charles Marcus wrote:
>
>> To prevent rainbow table attacks, salt your passwords. You can make them
>> a little bit more difficult in plenty of ways, but salt is the
>> /solution/.
>
> Go read that link (you obviously didn't yet, because he claims that
> salting passwords is ne
On 01/03/2012 08:25 PM, Charles Marcus wrote:
What I'm worried about is the worst case scenario of someone getting
ahold of the entire user database of *stored* passwords, where they can
then take their time and brute force them at their leisure, on *their*
*own* systems, without having to hamme
On 09/09/11 09:34, Tobias Hachmer wrote:
> On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote:
>> Am 09.09.2011 15:14, schrieb Tobias Hachmer:
>>> What is the best way to copy the existing mailboxes from the older
>>> machine running dovecot v1.2.15 to the new naked machine?
>>
>> i used i
On 07/11/11 15:57, Matthew Macdonald-Wallace wrote:
>
> LOL. I'm not a fan of Centos but it's what we've got to play with here -
> We'll be running Debian (or possibly even Gentoo if I have my way...) on
> the next load of servers and custom kernels aren't an issue.
Just don't tell anyone:
htt
On 07/10/2011 07:59 PM, Glenn English wrote:
>
> On Jul 10, 2011, at 5:52 PM, Michael Orlitzky wrote:
>
>> You can do things on the server to mitigate damage from people who
>> check the "leave messages on server for eternity" box, but
>> generally, this is
On 07/10/2011 07:45 PM, Glenn English wrote:
> I'm running Dovecot IMAP and POP3 on Debian. But it look's like it's
> keeping mail in the user's inbox on the server until it's deleted by
> the user. I thought POP servers deleted email as soon as it was
> downloaded, but apparently not, according to
On 04/30/2011 03:11 PM, /dev/rob0 wrote:
> On Fri, Apr 29, 2011 at 08:10:45PM +0300, Timo Sirainen wrote:
>> The mirroring setup is finished. There's a master server now
>> handling dovecot.org and a mirror server handling www/hg/wiki.
>> Would be nice to get another reliable fast mirror server i
There was some interest in Trojita (an IMAP client) on this list at one
point. It looks like it's been seeing steady development again:
http://jkt.flaska.net/blog/Trojita_v0_2_9__a_Qt_IMAP_e_mail_client.html
On 01/06/2011 06:54 AM, Christian Felsing wrote:
> Am 04.01.2011 07:38, schrieb to...@tuxteam.de:
>> The idea upthread (Jan-Frode) to keep a public key server-side and
>> encrypt messages on arrival seems to me the way to go.
>
> I would support that idea. Private key should be encrypted with user
On 10/04/2010 02:19 PM, Rick Romero wrote:
> Hi All,
>
> I've been experimenting with deliver on my personal domain, and so far
> everything has been peachy except for Mail.app. Mail.app (on multiple
> devices) is showing what looks to be GMT times, rather than the date
> header. Initially
On 08/26/2010 09:38 PM, Timo Sirainen wrote:
On 27.8.2010, at 2.24, Michael Orlitzky wrote:
Have a utility that updates all (or a subset) of them.
That won't be necessary. Once the hash changes, the new files
are created with new hash function and it doesn't matter if the
old hash
On 08/26/2010 09:00 PM, Timo Sirainen wrote:
On 27.8.2010, at 1.52, Michael Orlitzky wrote:
On 08/26/2010 04:41 PM, Mike Abbott wrote:
1. What hash algorithm to use?
2. Should I add support for trusting hash uniqueness
Use two hash functions and concatenate the hashes. While both
hash
On 08/26/2010 04:41 PM, Mike Abbott wrote:
1. What hash algorithm to use?
2. Should I add support for trusting hash uniqueness
Use two hash functions and concatenate the hashes. While both hash
systems may eventually be hacked it is unlikely that hacking them
will result in a targeted alias
On 08/15/2010 12:58 PM, Marc Perkel wrote:
Suppose I have users with a default password like "change-my-password"
and I want to detect users who haven't changed their password and alert
(nag) them about changing it. How would I do that?
Write a script that checks your user/password database fo
On 08/11/2010 03:30 AM, Richard Gliebe wrote:
On 8/10/10 6:01 PM Michael Orlitzky wrote:
You can still download the certificate (from, say, your website) and
install it on each workstation. Just right click the cert file, and I
think the option is either "Install" or "Import.&qu
On 08/10/2010 06:43 AM, Richard Gliebe wrote:
On 8/10/10 12:29 PM Ladislav Pašek wrote:
If your clients are in the Active Directory you could put your server
certificate to domain policy.
Lada
Hi,
the clients are not in a AD, only in a smb workgroup.
You can still download the certificate
On 06/17/2010 12:31 PM, Chris Hobbs wrote:
I've mostly got our dovecot+postfix+SOGo+openldap open source
groupware replacement working the way I want it to; we're replacing
GroupWise in our organization and I'm thrilled to be doing it. I'm
supporting about 1,000 active staff users (and another 6,
On 05/21/10 18:00, Bryan Vyhmeister wrote:
On Fri, May 21, 2010 at 4:10 PM, Jerry wrote:
If you can access the Microsoft SQL Server from the machine hosting
Dovecot, there should be no problem at all. I have used Microsoft's SQL
sever for for several projects and it is an extremely fast and ro
On 03/18/10 01:39, Andreas Schulze wrote:
Am 17.03.2010 17:45 schrieb Ivica Glavocic:
Can i use Managesieve patch for Dovecot v1.2.10
on new Dovecot version v1.2.11
at least: it compiles ;-)
I will try these days
http://dovecot.markmail.org/thread/dcwt26hciua55cz4
Bob Eastbrook wrote:
On Fri, Jan 1, 2010 at 3:07 PM, Thomas Løcke wrote:
Hi Bob,
Just to make sure I understand you: Some app is sending emails to
ord...@example.com at the rate of 1000 per second, and another app is
fetching email from ord...@example.com to process them?
Hello,
Actually,
Nathan M wrote:
On Thu, Aug 27, 2009 at 12:03 AM, Michael Orlitzky wrote:
Nathan M wrote:
Traditionally this server has only accepted plaintext authentications;
however, we want to change that and enable TLS/SSL. The challenge is
the server has hundreds of IP addresses it binds to to listen
Nathan M wrote:
Traditionally this server has only accepted plaintext authentications;
however, we want to change that and enable TLS/SSL. The challenge is
the server has hundreds of IP addresses it binds to to listen on ports
110/143.
It may be 3am, but I'm pretty sure that this is the part o
Timo Sirainen wrote:
I'm trying to figure out how exactly v2.0 should be parsing
configuration files. The most annoying part is if it should always just
"use whatever comes first in config" or try some kind of a "use most
specific rule". The "most specific" kind of makes more sense initially,
but
Joan wrote:
yes, Mercurial repository has a working status.
Anybody to help on teh following ? :
-> how managesieve works between the "sieve script per virtual user" and
the main script in the storage directory.
ManageSieve shouldn't be used to modify global scripts, only personal ones.
With
Carlos Williams wrote:
On Fri, Jun 26, 2009 at 5:46 PM, Michael Orlitzky wrote:
A typical "TLS" session will work as follows:
1 The client connects to the IMAP service on port 143, unencrypted.
2 The server announces that it speaks TLS.
3 The client says "Ok, let's talk
Timo Sirainen wrote:
On Fri, 2009-06-26 at 23:39 +0400, Proskurin Kirill wrote:
SSL just binds to special port(like 993 in IMAP by default).
No, SSL is a protocol, just like TLS. It doesn't bind to any ports.
http://wiki.dovecot.org/SSL
To illustrate, both SSL and TLS as implemented in Dove
Timo Sirainen wrote:
No idea.
But actually there's also another possibility that doesn't involve using
plugins. You could just not use Maildir++ layout by setting e.g.:
mail_location = maildir:~/Maildir:LAYOUT=fs
On Thu, 2009-02-26 at 22:26 +0100, Marko Weber | Salondigital.de wrote:
Hi Timo,
Eduardo M KALINOWSKI wrote:
Charles Marcus wrote:
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it..
I wonder what they want by cracking a POP3 server. Read the user's
mails
65 matches
Mail list logo
