search for: digineo

On 10.1.2019 18.28, Dominik Menke wrote: > I've missed a part at the end: > >> This leads me to my question: How do I force Dovecot to print at >> least a STARTTLS line after a client connects to port 4190? Looking > > ... at the default configuration files in /etc/dovecot/conf.d/ I don't > see an obvious difference. > > > --Dominik Can you provide

...and the connection will be encrypted (tested with roudcube webmail) > STARTTLS < OK "Begin TLS negotiation now." ... You can check if it works with tcpdump: tcpdump -nn -l -A -i eth0 port 4190 Best regards Gerald > Am 11.01.2019 um 09:59 schrieb Dominik Menke <dom at digineo.de>: > > Sure, here you go (I've masked a few unimportant fields, though): > > > # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.21 (92477967) > # OS: Linux 4.15.0-42-generic x86_64 Ubuntu 18.04.1 LTS > auth_default_realm =...

...RTTLS line after a client connects to port 4190? Looking >> >> ... at the default configuration files in /etc/dovecot/conf.d/ I don't >> see an obvious difference. >> >> >> --Dominik > > Can you provide output of `doveconf -n` > > Aki > -- Digineo GmbH Fahrenheitstra?e 15 28359 Bremen Telefon: +49 421 167 66 090 Telefax: +49 421 167 66 099 E-Mail: dom at digineo.de Internet: www.digineo.de Gesch?ftsf?hrer: Dipl.-Inf. Julian Kornberger Amtsgericht Bremen HRB 25061 USt-ID: DE 815023724

...STARTTLS > < OK "Begin TLS negotiation now." > > ... > > > You can check if it works with tcpdump: > > tcpdump -nn -l -A -i eth0 port 4190 > > > Best regards > Gerald > > >> Am 11.01.2019 um 09:59 schrieb Dominik Menke <dom at digineo.de>: >> >> Sure, here you go (I've masked a few unimportant fields, though): >> >> >> # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.21 (92477967) >> # OS: Linux 4.15.0-42-generic x86_64 Ubuntu 18.04.1 LTS &...

...on now." >> >> ... >> >> >> You can check if it works with tcpdump: >> >> tcpdump -nn -l -A -i eth0 port 4190 >> >> >> Best regards >> Gerald >> >> >>> Am 11.01.2019 um 09:59 schrieb Dominik Menke <dom at digineo.de>: >>> >>> Sure, here you go (I've masked a few unimportant fields, though): >>> >>> >>> ??? # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf >>> ??? # Pigeonhole version 0.4.21 (92477967) >>> ??? # OS: Linux 4.15.0-42-generic...

I've missed a part at the end: > This leads me to my question: How do I force Dovecot to print at least a > STARTTLS line after a client connects to port 4190? Looking ... at the default configuration files in /etc/dovecot/conf.d/ I don't see an obvious difference. --Dominik

> For reference: if you put ssl=yes there, the TLS layer is established > immediately. However, the standard ManageSieve protocol does not support > that (not currently anyway): only the establishment of the TLS layer > using the STARTTLS command is part of the standard. That is why your > clients fail to connect: they're speaking plaintext while the server is > speaking

On 1/13/19 12:23 PM, Stephan Bosch wrote: > With ssl=yes, the TLS layer is enabled immediately on the connection. Again, that's not what the documentation says: ssl=yes [...]: SSL/TLS is offered to the client, but the client isn't required to use it. If the client is not _required_ to use it, it _may_ chose plaintext transport, no? (I'm not here to argue, I'm

Hello list, I'm trying to get pidgeonhole/managesieve running, and I'm stuck connecting clients to the server (Dovecot 2.2.33.2-1ubuntu4.1 on an Ubnutu 18.04 machine). So far, my config looks like this: protocols = imap lmtp sieve disable_plaintext_auth = yes auth_mechanisms = plain login scram-sha-1 service managesieve-login { inet_listener sieve {