Since my old config had this: protocols = imap imaps pop3 pop3s ssl_cert_file = /usr/share/ssl/certs/imapd.pem ssl_key_file = /usr/share/ssl/certs/imapd.pem then the convert script should have added ssl = yes Just trying to document all the little issues as I find them.
On 15.8.2010, at 22.06, Marc Perkel wrote:> protocols = imap imaps pop3 pop3s > > ssl_cert_file = /usr/share/ssl/certs/imapd.pem > ssl_key_file = /usr/share/ssl/certs/imapd.pem > > then the convert script should have added > > ssl = yesThat's the default. Or was it set to "no" in your conversion?
On Sun, 2010-08-15 at 14:06 -0700, Marc Perkel wrote:> Since my old config had this: > > protocols = imap imaps pop3 pop3s > > ssl_cert_file = /usr/share/ssl/certs/imapd.pem > ssl_key_file = /usr/share/ssl/certs/imapd.pem > > then the convert script should have added > > ssl = yes > > Just trying to document all the little issues as I find them. >which rc?
On 8/15/2010 3:34 PM, Noel Butler wrote:> On Sun, 2010-08-15 at 14:06 -0700, Marc Perkel wrote: > >> Since my old config had this: >> >> protocols = imap imaps pop3 pop3s >> >> ssl_cert_file = /usr/share/ssl/certs/imapd.pem >> ssl_key_file = /usr/share/ssl/certs/imapd.pem >> >> then the convert script should have added >> >> ssl = yes >> >> Just trying to document all the little issues as I find them. >> > > which rc? >rc6
On 8/15/2010 5:06 PM, Marc Perkel wrote:> Since my old config had this: > > protocols = imap imaps pop3 pop3s > > ssl_cert_file = /usr/share/ssl/certs/imapd.pem > ssl_key_file = /usr/share/ssl/certs/imapd.pem > > then the convert script should have added > > ssl = yes > > Just trying to document all the little issues as I find them. > >We use SSL and the convert script didn't add ssl=yes but, as Timo said, ssl=yes is the default. Anyway, without ssl=yes even existing, our SSL worked from the start. We did have a slight problem with the convert script though. As of 2.0, dovecot uses a different chrooted user for the login processes. In dovecot 1.2.x we were already doing the same thing in chrooting the login processes; we know our security :) (We keep telling people on here that defining the home directory for each user logging in is a security must, for chrooting that user, as well as implementing the uid and gid differences.) Our dovecot 1.2 config, in the end of "auth default" had user=dauth, which we used for the sockets in /var/run/dovecot, but this conflicted with the new 2.0's authuser. Doveconf should have remove that user=dauth but I don't think this will be an issue for anyone else unless they did their own chrooting as well, which they should know how to undo. Jerrale G. SC Senior Admin