similar to: enforce STARTTLS on port 110 with POP3?

I believe I have the configuration set to use START TLS on IMAP4 (143) and POP3 (110) ports. ?However, it does not seem to be working. ?Yet "STARTTLS" is listed as a capability (which tells me I probably do have it configured right). In the session below, 172.30.0.24 is the mail server I'm putting up. 64.26.60.229 is an outside mail service. A similar thing happens on POP3. The

In trying to determine why someone was unable to use port 110 w/STLS (POP) I had great difficulty finding the session in which the user switched to this port from using port 995. This is because Dovecot does not log any port number information. Furthermore, it isn't obvious to me if it logs whether a session was negotiated SSL (via STARTTLS w/IMAP or STLS w/POP) or started out SSL (ports 993

Hello, I have configured Dovecot to work perfectly on Thundrebird using SSL certificates with STARTTLS on port 110. When I try to add this account on Gmail I get the error: Nov 16 14:04:17 mail dovecot: auth: Debug: auth client connected (pid=31587) Nov 16 14:04:17 mail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=209.85.160.136, lip=192.168.100.94,

Hey Guys, I figured someone might have use of this at some point. I've created an iRule for our F5 Load Balancer which performs the following tasks: - Appends STLS to the POP3 Capability list (it does this blindly, so expects the backend POP3 server to not return this) - Watches for the STLS command and initiates SSL negotiation with the client (leaves the connection to the

Hi there, I am using DoveCot 1.0.7. I know it is real old, but we have to work with it. I have configured LDAP lookup with password prefetch in DoveCot. I can successfully receive emails through DoveCot, thus proving my password prefetch and user authentication are good. The problem is when I use Postfix to deliver message to DoveCot via LDA. My postfix master.cf looks like this: dovecot

Hi there, I am using DoveCot 1.0.7 and virtual users. We want to integrate with Postfix 2.3.3 to use DoveCot LDA to deliver messages to user mailbox. All users are stored in LDAP. DoveCot looks up user by LDAP access. Our user name is not necessarily part of the address. For instance, address "zhouy at xxxx" may be with user "yzhou", thus all messages to "zhouy at

Hello, is it possible to disable the announcment of STLS in the CAPA-command for the pop3-daemon? I want to support pop3s, but only at port 995, not through the STLS on port 110. The reason for this is that some clients have problems with this and strange errors appear (e.g. older imap-libs) although they don't seem to have a problem with pop3s through port 995. Regards Marten

Hi all, Is there a way to enforce STARTTLS for all connections, regardless their authentication mechanism? disable_plaintext_auth only takes care of the auth conversation, but I would like to have all communication encrypted. As far as I can see, this would only be possible when using imaps and disabling imap. However, I would like to have the other way around; disabling imaps and using imap for

> On 21/08/2020 17:56 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > > Aki Tuomi wrote in > <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: > |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > ... > |> Wietse Venema wrote in > |> <4BXSTk189nzJrP3 at spike.porcupine.org>: >

Aki Tuomi wrote in <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: ... |> Wietse Venema wrote in |> <4BXSTk189nzJrP3 at spike.porcupine.org>: |> ... |>|Steffen Nurpmeso: |> ... |>|> until SASL says it is done?!. How could EXTERNAL ever work

I tried some more things, such as setting starttls=NULL or ssl=NULL, which does the same as setting it to ?no?. Interestingly, if I set ssl=NULL and don?t set starttls at all, it still tries an SSL connection to the backend. Is there no way to use starttls or ssl depending on a variable? It could also be possible that I have starttls-backends and ssl-backends which would be a similar use-case to

Hi, I'm having a bit of a problem trying to setup a dovecot proxy. I have a setup with two nodes. One is a working Dovecot/Postfix mail server (node a). The other is running a dovecot proxy and roundcube webmail. Currently I can telnet to port 143 (or openssl s_client to port 993) to localhost on node b. I can then login to a test account on node a. This all works. However, once I instruct

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Try setting </div> <div> <br> </div> <div> login_trusted_networks = lb-ip/32 </div> <div> <br> </div> <div> See <a

On 15.07.2016 00:13, Edgar Pettijohn wrote: > > Sent from my iPhone > >> On Jul 14, 2016, at 3:56 PM, Michael Fox <news at mefox.org> wrote: >> >> On my POP3 server, I need to be able to control the use of STARTTLS by >> client IP address. Specifically: >> >> * Clients on certain internal subnets (e.g., 192.168.1.0/24) must not have >> the

Hi, I would like to disable offering starttls to clients for certain dovecot services. Background is that I want to do let a load balancer do the TLS stuff right on connect time and let dovecot only do plain imap without offering starttls (because the clients do imaps actually). Getting rid of the starttls feature offering works only if I set ssl = no globally only. Setting it in the service

Hi All, I am runnig sendmail 8.12.8. I am getting the below error. [root at mail MailScanner]# tail -f /var/log/maillog Jan 11 11:20:40 mail sendmail[10646]: STARTTLS: read error=generic SSL error (0) Jan 11 11:20:41 mail last message repeated 22494 times Jan 11 11:20:41 mail sendmail[10646]: STARTTLS: read error=generic SSL error (0) Jan 11 11:20:41 mail last message repeated 8894 times Jan 11

I have a user who has Mac OS 10.4.8 with Entourage X. The email server is sendmail 8.13.8 and is setup to use STARTTLS on a CentOS 4.4 system. It appears from everything I have googled that only Entourage 2004 will properly function with STARTTLS. Has anybody any experience with Entourage X ... specifically is there something I am missing regarding the CentOS server setup or are all Entourage

On my POP3 server, I need to be able to control the use of STARTTLS by client IP address. Specifically: * Clients on certain internal subnets (e.g., 192.168.1.0/24) must not have the option to use TLS. If the client tries to use STARTTLS, the option should be rejected. This is to satisfy US FCC rules regarding the use of encryption over certain radio frequencies. * All other internal clients

I'm testing my new dovecot server with Thundirbird I can have it working on port 143 with STARTTLS, or on port 993 with SSL/TLS my uderstanding is that on 993 I get encrypted 'password and mail transfer' (yes ?) so what happens if I use 143 with STARTTLS, is that equivalent to port 993 if STARTTLS is used ? thanks for any insights.. -- Voytek

NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any ssl/starttls extra field is ignored https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy Am 23. November 2017 09:31:41 MEZ schrieb Tobi <tobisworld at gmail.com>: >Hi > >I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is >configured to act as director and delivers to my two backend