Displaying 17 results from an estimated 17 matches for "oliwel".
2020 Jan 18
2
Authentication per Service
Hi All,
I use dovecot (v2.3.4) with a SQL backend for user authentication,
passwords are
stored in CRAMMD5 format.
My SMTP server uses "doveadm auth" via auth-socket to perform sender
authentification. To shut down SMTP access for hacked passwords I want
to have a dedicated flag in the user database to allow/disallow SMTP for
a user withouth disabling his account for IMAP.
So, is
2020 Jan 18
1
Authentication per Service
...;br>
</div>
<div>
Sami
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 18 Jan 2020, at 10.30, Oliver Welter <
<a href="mailto:mail@oliwel.de">mail@oliwel.de</a>> wrote:
</div>
<div>
<br>
</div>
<div>
Hi All,
</div>
<div>
<br>
</div>
<div>
I use dovecot (v2.3.4) with a SQL backend for user authentication,...
2015 Mar 03
1
IP drop list
...did a quick hack for exactly this purpose - send offending IPs from my
mail server to the firewall "in a secure way". Its a python script that
uses the fail2ban syntax on the one end and feeds a (patched) pfSense on
the other end. You can find the scripts on github:
https://github.com/oliwel/fail2sense - be warned, its a first draft -
but it does the job here...For the unblock feature you need this patch
against pfsense https://github.com/pfsense/pfsense/pull/1444/
Oli
--
Protect your environment - close windows and adopt a penguin!
-------------- next part --------------
A non-...
2020 Jan 18
0
Authentication per Service
Hi,
can't you just check "account_locked" or similar flag in the password_query and user_query on your sql config?
Sami
> On 18 Jan 2020, at 10.30, Oliver Welter <mail at oliwel.de> wrote:
>
> Hi All,
>
> I use dovecot (v2.3.4) with a SQL backend for user authentication,
> passwords are
> stored in CRAMMD5 format.
>
> My SMTP server uses "doveadm auth" via auth-socket to perform sender
> authentification. To shut down SMTP access...
2015 Mar 02
1
Connect failed to database
Am 02.03.2015 um 19:30 schrieb Dan LaSota:
>>>
>>> Just some quick ideas
>>> * check if the mysql socket file has rw permissions for the dovecot user
>
> # ls -l /var/lib/mysql/mysql.sock
> srwxrwxrwx. 1 mysql mysql 0 Mar 1 19:33 /var/lib/mysql/mysql.sock
>>>
>>> * Try to run the mysql query as user dovecot (su dovecot)
>
> The dovecot
2015 Mar 03
2
IP drop list
Dave McGuire writes:
>>>> then setup fail2ban to manage extrafields
>>>
>>> Now that's a very interesting idea, thank you! I will investigate this.
>>
>> If you don't expect yor firewall to handle 45K+ IPs, I'm not how you
>> expect dovecot will handle a comma separated string with 45K+ entries
>> any better.
>
> My
2015 Jan 16
0
File locking issues
Hi All,
I upgrade my mail server from doveot 1.1.7 to 2.2.13 and encounter
problems with file locking issues.
The server has around 400 clients using IMAP and I get tons of "Warning:
fscking index file .. dovecot.index" and "Error: Corrupted transaction
log". Sometimes the transaction log problem is followed by "Panic: file
mail-transaction-log.c: line 350
2015 Jan 24
0
Corruption of index files
Hi List,
Am 21.01.2015 um 13:24 schrieb Oliver Welter:
> Hi All,
>
> after upgrading my mail server (dovecot 1.1.7 -> 2.2.13) I get tons of
> messages about corrupted index files in the syslog ("Error: Corrupted
> transaction log" and "Warning: fscking index file .. dovecot.index".
>
> I tried flock and even dotlock, but the problems persist.
>
>
2015 Jan 25
0
Corruption of index files
Hi Andreas,
Am 25.01.2015 um 12:41 schrieb Andreas Schulze:
> Oliver Welter:
>>> after upgrading my mail server (dovecot 1.1.7 -> 2.2.13) I get tons of
>>> messages about corrupted index files in the syslog ("Error: Corrupted
>>> transaction log" and "Warning: fscking index file .. dovecot.index".
>>>
>> Some more debugging - I
2015 Mar 02
0
Connect failed to database
Am 02.03.2015 um 06:03 schrieb Dan LaSota:
> I have dovecot version 2.2.10
> dovecot -n output below
>
> I am seeing connection errors being written to my dovecot error log:
> Mar 1 19:51:15 mail dovecot: auth-worker(2224): Error: mysql(localhost): Connect failed to database (servermail): Access denied for user 'usermail'@'localhost' (using password: YES) - waiting
2015 Mar 02
0
IP drop list
Am 01.03.2015 um 23:16 schrieb Dave McGuire:
> On 03/01/2015 04:25 AM, Reindl Harald wrote:
>>> I wonder if there is an easy way to provide dovecot a flat text
>>> file of ipv4 #'s which should be ignored or dropped?
>>>
>>> I have accumulated 45,000+ IPs which routinely try dictionary
>>> and 12345678 password attempts. The file is too big to
2015 Jan 21
2
Corruption of index files
Hi All,
after upgrading my mail server (dovecot 1.1.7 -> 2.2.13) I get tons of
messages about corrupted index files in the syslog ("Error: Corrupted
transaction log" and "Warning: fscking index file .. dovecot.index".
I tried flock and even dotlock, but the problems persist.
The system is a VPS with an overlay filesystem which did work flawlessly
with the old dovecot
2015 Feb 07
2
TLS config check
Am 07.02.2015 um 10:10 schrieb SW:
> I've just done a test with K9 mail on Android 4.4.2 and this is what I
> see in the log:
>
> ECDHE-ECDSA-AES128-SHA (128/128 bits)
>
> But when using Thunderbird I see:
>
> ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits)
>
> I'm happy that Thunderbird is using a secure cipher but is Android? Is
> ECDHE-ECDSA-AES128-SHA
2015 Mar 04
2
IP drop list
Am 04.03.2015 um 21:45 schrieb Dave McGuire:
> On 03/04/2015 03:37 PM, Oliver Welter wrote:
>>>>> I would like to reiterate Reindl Harald's point above, since subsequent
>>>>> discussion has gotten away from it. If Dovecot had DNS RBL support
>>>>> similar to Postfix, I think quite a few people would use it, and
>>>>> thereby
2015 Feb 07
3
TLS config check
Am 07.02.2015 um 04:47 schrieb Reindl Harald:
>
> Am 06.02.2015 um 23:13 schrieb SW:
>> According to https://cipherli.st/
>>> ssl = yes
>>> ssl_cert = </etc/dovecot.cert
>>> ssl_key = </etc/dovecot.key
>>> ssl_protocols = !SSLv2 !SSLv3
>>> ssl_cipher_list = AES128+EECDH:AES128+EDH
>>> ssl_prefer_server_ciphers = yes #
2015 Jan 16
4
Outlook and TLSv.1
Hi Folks,
after adding TLSv1.2 to by TLS options a lot of Outlook users complaint
about connection errors, openssl s_client and Thunderbird works fine.
I found some posts about this but none of them had a real solution on
this - I meanwhile disabled TLSv1.2 which made the Outlook users happy.
I run dovecot 2.2.13, OpenSSL 1.0.1j 15 Oct 2014
ssl_cert = </var/qmail/control/servercert.pem
2015 Mar 04
4
IP drop list
Am 04.03.2015 um 21:03 schrieb Dave McGuire:
> On 03/04/2015 02:12 PM, Michael Orlitzky wrote:
>>> I would like to reiterate Reindl Harald's point above, since subsequent
>>> discussion has gotten away from it. If Dovecot had DNS RBL support
>>> similar to Postfix, I think quite a few people would use it, and thereby
>>> defeat the scanners far more