search for: privacyrequir

On 12/04/2019 08:42, Aki Tuomi via dovecot wrote: > On 12.4.2019 10.34, James via dovecot wrote: >> On 12/04/2019 08:24, Aki Tuomi via dovecot wrote: >> >>> Weakforced uses Lua so you can easily integrate DNSBL support into it. >> How does this help Dovecot block? >> A link to some documentation or example perhaps? >> >> >

...ports even though Dovecot repeatedly responds with -ERR [AUTH] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. xx NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. The irony is that even if it blunders onto a usable password, they wouldn't know it. Joseph Tam <jtam.home at gmail.com>

...LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED AUTH=DIGEST-MD5] Dovecot-2.0-sis ready. login wash at domain.co.ke S3ecreat BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. 2. When mdbox indexes are corrupted, are they automatically repaired/rebuilt or must I specify this in the configuration? How long does it take? Nov 01 12:08:04 pop3(wash at domain.co.ke): Error: Corrupted dbox file /var/...

thanks for your reply i intentionaly put the wrong password and checked the dovecot log and the message i got was # tail -f /var/log/dovecot.log | grep "xxx at yyy.com" Nov 25 08:47:46 imap-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx at yyy.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<xObTWqYIwgB/AAAB> but in the

...#39;. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Dovecot ready. 1 login gedalya 1234 * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. 1 NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. 2 logout * BYE Logging out 2 OK Logout completed. Connection closed by foreign host. (that's how it responds in my specific case as I disallow plaintext login) Or if you need TLS (like me): $ openssl s_client -start...

...n see that the value is correct using doveconf -a but it doesn't change anything. Whenever attempting to log in using IMAP I get this: * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. POP3 login attempts give this error: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections Besides adding disable_plaintext_auth=no to dovecot.conf I also tried adding it specifically to the imap...