similar to: Multiple SSL certs question

I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just "use whatever comes first in config" or try some kind of a "use most specific rule". The "most specific" kind of makes more sense initially, but then you start wondering how to handle e.g.: 1) User logs in to imap from 192.168.0.1.

Hello all; Is anyone knows if it's possible to have a dual certificate setup on dovecot like in postfix or apache ? i tried to add several crts in local name section : local_name imap.server.tdl { ssl_cert = <server_rsa_crt.pem ssl_key = <server_rsa_key.pem ssl_cert = <server_ecdsa_crt.pem ssl_key = <server_ecdsa_key.pem } but it seems that dovecot takes the last one (ecdsa)

at them moment, i've configured dovecot for a flat passwd-file, annd static userdb. from dovecot.conf, ... auth default { mechanisms = plain digest-md5 cram-md5 user = mail ... passdb passwd-file { args = /data/mail/users/imap_user_file } userdb static { args = static uid=mail gid=mail home=/data/mail/store/Domains/%d/Accounts/%n quota=maildir:storage=4096 nice=10 }

Hello there, I have been trying to make the patch work for libwrap(TCP Wrappers) posted on http://dovecot.org/patches <http://dovecot.org/patches%20Patch%20of%201.1> Patch of 1.1 but could not get it work. Any help will be highly appreciated. After compiling and running it I get error "Error: login_tcp_wrappers can't be used because Dovecot wasn't built with

Dovecot SNI is failing hard today. Server with n domains, each with a startssl certificate of its own, all certificates expired this morning. Decision: move to Letsencrypt. Firsr certificate issued and installed. Other domains in the pipeline. Dovecot server rebooted. Expected result: one domain returning the new cert, and the n-1 domains returning the expiration notification. Actual result: the

Hi Jeff, Thanks for your reply! Regarding grouping by remote address, I understand and for now I'll keep a close eye. Maybe it's an option to group by /24 for ipv4 and /64 for IPv6? We currently do that based on the logs but the OpenMetrics endpoint seem a lot easier. A slight hijack of the original question: but I tried to log only IP addresses (+ result) of failed login attempts but

I am not sure if this desired feature or not but when we are behind a local proxy ie. Nginx/Varnish then the new ShowException middleware doesn''t seem to properly detect the remote IP address and it appears as if every browser gets a local error page with a stack trace, etc. I''ve opened up a ticket on the rails bug tracker but I also would like to verify that this is in fact a

On 9/13/2016 10:00 PM, Edgar Pettijohn wrote: >> I'm attempting to capture a core-dump file, and gdb reports >> > >> > warning: core file may not match specified executable file. >> > > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core

Hi I'm having an issue with doveadm batch - the following command always crashes: doveadm batch : mailbox status all inbox Whereas the following work as expected: doveadm mailbox status all inbox doveadm batch : mailbox list Any assistance gratefully received. Debug output from the crash: Debug: Loading modules from directory: /usr/lib64/dovecot Debug: Module loaded:

I don't understand how to use multiple keys/certs on different IPs without SNI. http://wiki2.dovecot.org/SSL/DovecotConfiguration explains how to use different keys for different protocols like POP3 and IMAP. But how to bind those keys/ on IPs/Ports? Looks like it is not possible to use ssl_cert inside service { inet_listener {} } Is it still necessary to run multiple instances like

Can you provide some details on what those openssl commands returned? Aki On 20.07.2018 12:14, Martin Johannes Dauser wrote: > Hi, > > I recognised some funny behaviour on my server. IMAP clients which > won't send an Server Name Indication (SNI) sometimes get the wrong > certificate. I would expect that those clients always get the default > certificate (of my new

Hi Timo, I've got some errors with pop3 proxying and dovecot 2.1.9 I's occured on the proxy side: Aug 7 13:16:47 dev1 dovecot: pop3-login: Fatal: master: service(pop3-login): child 23046 killed with signal 11 (core dumped) Server side shows no error, and runs the same dovecot version. Thanks for your help. Best regards Tonio Buonaguidi Core dump: GNU gdb (GDB) 7.4.1-debian

Hello, Please bear with my inexperience ;) Some tinc configuration examples available on the Internet include a statement like this: "route add -net $subnet netmask $netmask gw $remote_ip", where $remote_IP is the VPN address of the remote host. Q1: Does this statement modify the behaviour of tinc (as compared to "ifconfig $interface $local_ip netmask $netmask")? Q2: If it

On 09/24/2015 09:23 AM, Jean-Baptiste Vignaud wrote: > Hello; > > Some issue with virtual storage and fts-lucene: > > Sep 24 08:12:16 imap(jbv00 at x <jbv00 at d1.dc.xandmail.com>xx): Panic: file > virtual-storage.c: line 370 (virtual_backend_box_close): assertion failed: > (mbox->backends_open_count > 0) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/4b5b8e6a4a32

On 10/15/20 2:02 PM, jeremy ardley wrote: >> how/where do I configure (just) the dovecot smtp-client -> submission_relay_host to only connect IPv4? > > It appears your host has A and AAAA records in your DNS. The clients will try IPV6 first if they see an AAAA record. > > If you don't need IPV6 for your host remove the AAAA record. All connections will then only use

Hi, with the latest dovecot-ee version (2.2.25.4 (5cb7c97)) if I run ?doveadm quota recalc -u alessio at skye.it? dovecot return a ?Segmentation fault? (but the quota is update fine). Since dovecot version 2.2.24.3 (55cdc32) works fine. This is my quota backends configuration: plugin { quota = maildir:UserQuota quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota } dict { sqlquota

Hello, I'm trying to setup the revised Polycom remote reboot script as found on: http://www.voip-info.org/tiki-index.php?page=Polycom+reboot+hardphone+script I'm not sure how to use this script, it's just a perl script, so I tried creating an executable perl script and running it, but I get the following: [root@asterisk1 agi-bin]# ./polycom_reboot.pl 192.168.3.205 Checking ARP

With my thanks to Brian West and his offering in the thread, "Subject: Re: [Asterisk-Users] Remote reload Cisco 7960" I offer PolyReboot.pl, a perl script for rebooting Polycom IP Phones PolyReboot.pl takes an IP address as a single argument and reboots the phone. You must have a cfg file in the Polycom style, i.e., 00ab00cd00ef.cfg - all lower case. Further, you need to use ftp for

Kevin wrote: > There is a reboot script posted on the wiki to reboot Polycom > telephones. When I execute this script, I get the following messages. > I am concerned as this is causing issues with asterisk and the PRI. > Does anyone have any ideas why this would be happening? > > > > asterisk console: > > -- Remote UNIX connection > -- Remote UNIX

Hi, I am setting up a dovecot instance to host a bunch of virtual domains, with ldap backing for auth. I am using a single hostname for test purposes, with a couple of entries in the diectory. If I use auth binds I get a result, but this does not suit the end purpose of the server. If I use ldapsearch with the same base, search filter, and credentials as the ldap auth config I get the correct