search for: regeneration

I went from a nightly of about 20051117 or so (about alpha4 generation) to 1.0beta1 yesterday, and dovecot is now spinning the CPU furiously apparently every ~10 minutes per: Jan 18 13:04:36 server dovecot: SSL parameters regeneration completed Jan 18 13:14:14 server dovecot: SSL parameters regeneration completed Jan 18 13:24:00 server dovecot: SSL parameters regeneration completed Jan 18 13:37:09 server dovecot: SSL parameters regeneration completed Jan 18 13:44:21 server dovecot: SSL parameters regeneration completed Jan 18 13...

...On 05/26/2015 10:37 AM, Ron Leach wrote: >> https://weakdh.org/sysadmin.html >> >> includes altering DH parameters length to 2048, and re-specifying the >> allowable cipher suites - they give their suggestion. > > It looks like there is an error on this page regarding regeneration. In > current dovecots ssl_parameters_regenerate defaults to zero, and this > means regeneration is disabled. The old default was 168 hours (1 week). > The language on http://wiki2.dovecot.org/SSL/DovecotConfiguration is > confusing and could be understood to mean that the current defau...

Hi, I'm currently trying to troubleshoot what appears to be a very subtle bug (most likely a race condition) in SPTPS that causes state to become corrupted during SPTPS key regeneration. The tinc version currently deployed to my production nodes is git 7ac5263, which is somewhat old (2014-09-06), but I think this is still relevant because the affected code paths haven't really changed since. The only difference is that since 2e7f68a this will not make the entire tinc process...

On Sat, May 16, 2015 at 04:53:33PM +0100, Etienne Dechamps wrote: > I believe there is a design flaw in the way SPTPS key regeneration > works, because upon reception of the KEX message the other nodes will > send both KEX and SIG messages at the same time. However, the node > expects SIG to arrive after KEX. Therefore, there is an implicit > assumption that messages won't arrive out of order. tinc makes no such &g...

Is it possible to regenerate the index files, on other conditions than the mbox file being read? For instance, it would be nice if I could regenerate the index for a specific mbox whenever procmail delivers mail to it. If theres no existing solution, would it be possible to make a small script with something like "nc" that could send an imap command to dovecot, so that dovecot would

To clear up a question regarding my earlier posting regarding random changes in a vector: Say you have a vector (1, -1, -1, 1, 1, -1). I want each value in the vector to have a probability that it will change signs when this vector is regenerated. For example, probability = 50%. When the vector is regenerated, the first value in the vector (1) has a 50% chance of switching to -1. If I

>It is not at this point emphasized anywhere, including on weakdh.org, that it is actually of high importance to regenerate your DH parameters frequently. That's not really correct. If you're using a prime of length at least 2048 bits, then the corresponding discrete-log problem is well-beyond the pre-computation ability of the NSA (or anyone else). It is computationally intensive to

Hi, We've been using dovecot in the lab now for quite a while and really like the results we're seeing. Underlying dovecot we're using maildir mailboxes. We have the need to manually remove maildir files from time to time. That is, by hand (we'll, actually by script) but not via imap or pop. Dues to dovecot's index caching (which I might add, we love most of the time)

I goofed adding some machines to my domain so now I have to do it all over. I removed the secrets.tdb and MACHINE.SID files, but when I join the domain again, the MACHINE.SID is not regenerated. How do I force them to be correctly regenerated on 2.2.4? Here's what I'm doing: 1. kill smb and winbind 2. delete secrets.tdb and MACHINE.SID 3. remove from NT4 PDC 4. add machine to NT4 PDC 5.

List, good afternoon, I was reading up on a TLS Diffie Hellman protocol weakness described here https://weakdh.org/sysadmin.html which is similar to the earlier FREAK attack, and can result in downgrade of cipher suites. Part of the solution workaround that the researchers describe for Dovecot here https://weakdh.org/sysadmin.html includes altering DH parameters length to 2048, and

Hello, after switching from version 2.2.7 to 2.2.7 I miss the loglines which say: ssl-params: Generating SSL parameters ssl-params: SSL parameters regeneration completed The configuration has not been changed and reads: | # 2.2.7: /usr/local/dovecot/etc/dovecot/dovecot.conf | # OS: Linux 2.6.35.14-106.fc14.i686.PAE i686 Fedora release 14 (Laughlin) ext3 | auth_mechanisms = plain login | default_vsz_limit = 512 M | first_valid_uid = 200 | last_vali...

...t;>> https://weakdh.org/sysadmin.html >>>> >>>> includes altering DH parameters length to 2048, and re-specifying the >>>> allowable cipher suites - they give their suggestion. >>> >>> It looks like there is an error on this page regarding regeneration. In >>> current dovecots ssl_parameters_regenerate defaults to zero, and this >>> means regeneration is disabled. The old default was 168 hours (1 week). >>> The language on http://wiki2.dovecot.org/SSL/DovecotConfiguration is >>> confusing and could be understoo...

...Ron Leach wrote: >>> https://weakdh.org/sysadmin.html >>> >>> includes altering DH parameters length to 2048, and re-specifying the >>> allowable cipher suites - they give their suggestion. >> >> It looks like there is an error on this page regarding regeneration. In >> current dovecots ssl_parameters_regenerate defaults to zero, and this >> means regeneration is disabled. The old default was 168 hours (1 week). >> The language on http://wiki2.dovecot.org/SSL/DovecotConfiguration is >> confusing and could be understood to mean that t...

Quick question: How does dovecot keep the message headers index file updated? Eg: if my MDA delivers an extra 10 messages while I'm logged in. How does the message index get updated? At what points is it regenerated? Thanks, Paul

Hello everyone, I'm having problems with DTMF regeneration on my incoming PRI. I see that when the calling party transmits a DTMF digit, it gets generated at my end at a slower rate. Normally this would not be a problem, but several of these calling party are alarm control panels that send DTMF digits at a pretty fast clip and require that the DTMF timin...

This is a patch for the regenerated configure related files. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20091013/eb1ed755/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: haiku.patch Type: text/x-patch Size: 11388 bytes Desc: not available URL:

...a link to the controller I''ve defined in routes.rb. That last part is what makes me think that routes.rb is set up correctly (or close to it); the link in the newly-generated index.html always reflects whatever entry I put in routes. If you can help me figure out how to get this file regeneration to stop, I would very much appreciate it. Thanks, Dieter -- Posted via http://www.ruby-forum.com/.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''ve created an ssh_keys class that just makes sure that all my Puppet managed hosts get the same set of hosts keys using the "sshkey" type. I also am starting to play with OSSEC HIDS which is a host based intrusion detection system. OSSEC HIDS has been letting me know that the MD5 and SHA1 hashes of /etc/ssh/ssh_known_hosts has

Thank you for providing excellent tools. I''d like to know about the partial site generation provided by webgen 0.5.2. http://rubyforge.org/forum/forum.php?forum_id=26516 > When a file that was in the menu changed, all files which > included a menu with a link to this file got regenerated, > too. However, that was not always necessary since the content > of the changed file

It's apparent I have some level of corruption in my mailboxes - something to do with the combination of mdbox, sis, and zlib. I should note that I know I have a mix of compressed and raw messages - if that makes any difference in identifying the problems. I think I need to somehow regenerate the mailboxes with issues. Is there a suggestion for how to accomplish this? Should I perhaps use