similar to: Spelling error in #define ?

Hi, I was looking into the new Authentication Policy feature: https://wiki2.dovecot.org/Authentication/Policy I had kinda hoped that I would be able to enfore this in a proxy running in front of several backends. This proxy does not authenticate. It use "nopassword". But I realize that the "succes" reported in the final authpolicy req. (command=report) is not what is

*Christian Felsing wrote: * > Please consider to add server side private/public key encryption for incoming mails. > If client logs on, the password is used to unlock users server side private key. > If mail arrives from MTA or any other source, mail is encrypted with users public key. > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported. >

Hi, For the upcoming 2.3 development, I'd like to re-suggest this: It seems the use of login_trusted_networks is overloaded. Example: * It's used for indicating which hosts you trust to provide XCLIENT remote IP's. (like a proxy) * It's used for indicating from which hosts you trust logins enough to disable auth penalty. (like in a webmail) Often these two uses cases have a

On 9/2/19 3:03 PM, Sami Ketola wrote: >> On 2 Sep 2019, at 15.25, Peter Mogensen via dovecot <dovecot at dovecot.org> wrote: ... >> Is there anyway for dsync to avoid moving Gigabytes of data for could >> just be "moved" by moving the mount? > > > Not tested but you can probably do something like this in the target server: > > doveadm backup -u

Hi, Quick question...I read in the docs that: "Master user is still subject to ACLs just like any other user, which means that by default the master user has no access to any mailboxes of the user." ... and that the standard workaround is to return master_user=%u from the userdb. But why is the master_user authn-id used in the ACLs and not the authz-id (requested-login-user) ?

Hi, It seems we are still able to reproduce this: http://www.dovecot.org/list/dovecot/2014-May/096367.html However... there's no longer any error-messages. It just silently changes permissions on some dovecot files in the source maildir. (most often dovecot-uidlist) We're running dsync as root, with hardwired userdb values for other reasons. So it has the OS permissions to change

On 09/15/2018 10:41 AM, Aki Tuomi wrote: > Point of sending the success ones is to maintain whitelist as well as > blacklist so you know which ones you should not tarpit anymore. We > know it does scale as we have very large deployments using the whole > three request per login model. > > "Success" in a proxy which is not it self authenticating is only whether it know

Hi, I've read the howto on overriding the global ssl_cert config by using filters like "local", "remote", "protocol", "local-name". However... is it possible to have a speciel certificate just for a listener where only the port is different? /Peter

Hi, Lately I've seen a few examples of users hitting the vsz_limit (usually trying to "delete" mails i Spam/Junk by moving them to Trash with a large dovecot.index.cache - which resulted in mails left/leaked in the tmp directory of Trash. Sometimes it seems the client gets into a state were it repeatedly tried to sync the client and server state so it does it again and again,

On 4/4/19 6:47 PM, dovecot-request at dovecot.org wrote: > For a typical Solr index, 60 seconds is an eternity. Most people aim > for query times of 100 milliseconds or less, and they often achieve > that goal. I'm pretty sure I get these while indexing, not querying. Apr 04 16:44:50 host dovecot[114690]: indexer-worker(me at example.com): Error: fts_solr: Indexing failed: Request

Hi, What's the recommended way to handling timeouts on large mailboxes given the hardwired request timeout of 60s in solr-connection.c: http_set.request_timeout_msecs = 60*1000; /Peter

Hi, I was wondering... If one had mdbox ALT path set to a shared storage mount (say, on NFS) and one wanted to move a mailbox to a different host... I guess it in principle wouldn't be necessary to copy all the ALT storage through dsync, when the volume could just be mounted on the new host. Is there anyway for dsync to avoid moving Gigabytes of data for could just be "moved" by

Hi, I understand from earlier discussions that the reason dovecot doesn't support proxying of other SASL mechanisms than those which supply the plaintext password is that in general it would be possible to proxy any SASL mechanism since it might protect against man-in-the-middle attacks (which would prevent proxying). However, that has led to choice between letting users use PLAIN (or

Hello Few questions regarding Doveadm-Expunge. 1. I have lazy expunge configure with this name space: .EXPUNGED Storage type: mdbox doveadm -Dv expunge -u user at domain mailbox ".EXPUNGED/*" savedbefore 7d I get some interesting outputs. doveadm(user at domain): Debug: expunge: box=.EXPUNGED/INBOX/mon uid=791 doveadm(user at domain): Debug: expunge: box=.EXPUNGED/INBOX/mon

Looking further at tcpdumps of the Dovecot->Solr traffic and Solr metrics it doesn't seem like there's anything suspicious apart from the TCP windows running full and Dovecot backing of ... until it times out and close the connection. >From my understanding of how Dovecot operates towards Solr it will flush ~1000 documents towards Solr in /update request until it has traversed the

Hello This command doveadm expunge -u "user at domain" mailbox ".namespace/*" savedbefore 7d writes these messages to std.error doveadm(user at domain): Info: expunge: box=.namespace/INBOX, uid=5932, msgid=<E1Puxwf-0001fD-Si at hostname>, size=1824 doveadm(user at domain): Info: expunge: box=.namespace/INBOX, uid=5933, msgid=<E1Puy0N-0001fI-No at hostname>,

On 21 March, 2018 - Aki Tuomi wrote: > Thank you for your thorough report, we'll look into it. Has anyone managed to reproduce this (using my transcript for example)? With mutt, I get this problem.. If I set 'imap_pipeline_depth=0' in .muttrc, I can't seem to reproduce it anymore. /Tomas -- Tomas Forsman, stric at cs.umu.se, http://people.cs.umu.se/stric/ `- SysAdmin at

On 05/05/2015 05:26 PM, Santiago Vila wrote: > I have just verified with IMAP commands. This is the procedure: > > telnet localhost 143 > > and then type this: > > A0001 CAPABILITY > A0002 LOGIN "bluser" "bluser" > A0003 SELECT "inbox-b" > A0004 EXPUNGE > A0005 FETCH 1:12 RFC822.SIZE > A0006 FETCH 1 RFC822.HEADER > A0007 FETCH

Dovecot is requiring two "expunge" calls before it deletes an email. It just seems to ignore the first expunge call, leaving the email file in the maildir cur/ folder. Any idea why? I even waited 10 seconds after setting the Deleted flag, but still the first expunge call did nothing.... 1 OK User logged in 2 select "INBOX" * FLAGS (\Answered \Flagged \Deleted \Seen

Hi! I have some questions about doveadm-expunge's debug messages. # /usr/local/bin/doveadm -Dv expunge -u <user> mailbox 'sa.*' SAVEDBEFORE 6h doveadm(root): Debug: Loading modules from directory: /usr/local/lib/dovecot doveadm(root): Debug: Module loaded: /usr/local/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Module loaded: