search for: bsdpanic

Quoting SW <dovecot at bsdpanic.com>: > Hi All > > First the essentials: > > dovecot --version: 2.2.15 > > /usr/local/etc/dovecot/conf.d/10-ssl.conf: > > ssl = required > > ssl_cert = > </usr/local/openssl/certs/mail.domain.com.chained.dovecot.ecdsa.crt > > ssl_key = </usr/local...

I use MySQL to store my virtual users passwords and I am running the latest version of Dovecot. What I need to do is have one particular user have ONLY access to their email via Roundcube (webmail) and no IMAP/SMTP access. Therefore, how do I disable IMAP/SMTP access for just one user?

Hi All First the essentials: dovecot --version: 2.2.15 /usr/local/etc/dovecot/conf.d/10-ssl.conf: ssl = required ssl_cert = </usr/local/openssl/certs/mail.domain.com.chained.dovecot.ecdsa.crt ssl_key = </usr/local/openssl/certs/mail.domain.com.ecdsa.key ssl_protocols = !SSLv2 !SSLv3 ssl_cipher_list =

I've just done a test with K9 mail on Android 4.4.2 and this is what I see in the log: ECDHE-ECDSA-AES128-SHA (128/128 bits) But when using Thunderbird I see: ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits) I'm happy that Thunderbird is using a secure cipher but is Android? Is ECDHE-ECDSA-AES128-SHA ok/secure?

> Short: See my last answer - secure is never a black or white decission. > The chosen cypher will protect your traffic and its better than plain text. > > Long: The client negotiates the supported ciphers with the server and > chooses one that fits for him. I *guess* that k9/anroid simply does not > support the GCM cipher and therefore uses another one. To get the

Does the latest version of Dovecot support ECDSA certificates? I had a look in: http://wiki2.dovecot.org/SSL but it didn't answer my question. Can someone please help or point me in the right direction? I'd also like to know if I can run an RSA cert AND an ECDSA certificate at the same time in Dovecot (like you can in Postfix). Many thanks.

According to https://cipherli.st/ > ssl = yes > ssl_cert = </etc/dovecot.cert > ssl_key = </etc/dovecot.key > ssl_protocols = !SSLv2 !SSLv3 > ssl_cipher_list = AES128+EECDH:AES128+EDH > ssl_prefer_server_ciphers = yes # >Dovecot 2.2.6 > Is what you want. Ok, so I have changed my ssl_cipher_list to: ssl_cipher_list = AES128+EECDH:AES128+EDH Before I made this change

I use MySQL to store my virtual users, domains and aliases. My database is setup as follows: |CREATE| |TABLE| |`dovecot_passwords` (| |||`username` ||varchar||(100) ||NOT| |NULL||,| |||`appname` ||varchar||(50) ||NOT| |NULL||,| |||`||password||` varbinary(256) ||NOT| |NULL||,| |||PRIMARY| |KEY| |(`username`,`appname`)| |) I then add a users: | |INSERT| |INTO| |dovecot_passwords (username,