similar to: dovecot security with IPv6

Hello, I wanted to set my own time intervals for shutdown. {poweroff,return,paused.return}, so I had to change sources, where it has been set in a hard way. poweroff: Sxx\r return: Zxx\r paused.return: SxxRyyyy\r Solution A: Why not adding an info about these commands in a generic way and issuing shutdown.{poweroff.xx,return.xx,paused.return.xxyyyy} Solution B: Why not creating a special

Hello, this is one more unfortunate case, when I run into problems with some non-standard configuration: if authorized keys file for user %u is /keys/%u or /keys/%u/.ssh/authorized_keys, I receive an error: sshd: Authentication refused: bad ownership or modes for directory / ! Whats the cure? I can't keep those files into /home easily... /Please let me know by cc to this mail address,

People, There is an imap client, which runs with user1 uid, but when its accessed to watch a maildir, whose (and its contents) ownership is user1:user1, this error occurs: dovecot: IMAP(user1): fchown(/path/user1/dovecot-uidlist.tmp, -1, 12(mail)) failed: Operation not permitted (egid=1000(user1), group based on /path/user1) dovecot.conf contains this line: mail_privileged_group = mail

Hello, Perhaps you could give some information here or redirect me, because it was not clear while reading manuals: how can connection timeout be set for sshd? Problem is, when some system is hibernated and it resumes, connections are dead. Mostly I made a successful workaround, but would be nice to know... Also, which version of ssh(d) support df on sshfs? I hope, is not a problem to enlighten

Hi list, my thanks to developers of nouveau first: I wonder how you put it together this far, where there's quite enough to appreciate! This question I have: strangely I can get each of 2 cards to work separately for a dualseat PC by toggling on/off fbcon=map: kernel option (compiled with CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY) -- by doing so I can have each card initialized and start

Hello list, I observed a problem with interactive bash script executed by ssh: when I pressed <Ctrl+C>, ssh was killed on client side, but script remained active in remote machine and didn't receive signal INT. Using option -t gives no problem like that, but should it be perceived as a normal behaviour in case without -t? Please send a reply to my address too...

Hi there, let me just ask if you know some good way to set up user chrooting in such a way, that each sftp user has its chroot directory entry somewhere (whatever path) and gets chrooted there upon its login? Maybe such feature is planned? Thanks... K.

Hello all! My first question about dovecot turns out to be: what if I have something outside of dovecot, which sometimes moves messages out of a mail folder and other times into it? Does that make any problem for dovecot or indexing? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a

Hey, as I understand from post [1], system folders with UTF-8 chars in their names will only be available for use with Dovecot2 and I certainly look forward to that, but somehow I was short of info about the current use of UTF characters like ?, ? etc. Should I just omit thinking about modified-UTF-7, avoid those characters for the time being and then with Dovecot2 create UTF-8 encoded

Hi all, is there some easy way to inform Dovecot about a new delivery, which has happened after postfix invoked maildrop, so the index files would be updated? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL:

If deliver gets run with a non-root userid like this: < | deliver -m path/to/NEWmaildir >, I wonder, is a connected IMAP MUA automatically notified, that the new message has arrived in the new folder? As I see from some experiments with Thunderbird, it has no problems with immediate notifications of new mail in previously existing folders, however, it has problems with the case of new

I found a post in this list [0], which says sieve scripts can be used to deliver mail as read. However, can it be done somehow conditionally, I mean, with a direct or indirect switch for deliver? For a nonexistent example, it would be simply < | deliver -m path/to/maildir -r > or maybe an environment variable could be exported to deliver sieve and checked there? (Still not sure if sieve

Hi, came here to ask, if there are any ideas about a possible Dovecot feature, which would allow execution of a specific mailfilter or other program after new message is *moved* in specified mail location? The practical benefit on my side would be, that there wouldn't be any need to do getmail cronjobs, which unnecessarily fill up logfiles... (primarily for easy spam learning and

People, where to read about how to make the most of the current Dovecot search capabilities, including squat and possibly also the related future plans? There are many aspects like IMAP protocol itself, extensions, current support into Dovecot, support among MUAs... Could you post some good links, please? -------------- next part -------------- A non-text attachment was scrubbed... Name:

Hi, After setting up a maildir tree with :LAYOUT=fs and accessing it with KMail and Thunderbird, various mail client-specific problems appeared, but, as I didn't try with maildir++, I would like to confirm here: does that matter for an IMAP client much if I store mail on server as ":LAYOUT=fs" or maildir++? Can it see differences? I would like to think, that IMAP protocol

Not wishing to extend this thread further, but ... > There are conspiracy theories out there that the NSA is involved with > bringing systemd to Linux so they can have easy access to *"unknown"* > bugs - aka backdoors - to all Linux installations using systemd *[1]*. They're conspiracy theories, and that's it. The bottom line is that in general people don't like

This morning I discovered this in my clamav report from one of our imap servers: /usr/share/nmap/scripts/irc-unrealircd-backdoor.nse: Unix.Trojan.MSShellcode-21 FOUND I have looked at this script and it appears to be part of the nmap distribution. It actually tests for irc backdoors. IRC is not used here and its ports are blocked by default both at the gateway and on all internal hosts.

Some of you probably already read this: http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 Interesting...I wonder what is the impact of all this on FreeBSD code. We may very well suppose that any government or corporation funded code can theoretically have some kind of backdoor inside. --Andy

Drew Hess wrote: > Anyway, consider the chances that someone will use the BSD license to make > proprietary changes to FLAC. Weigh that against the chances that FLAC Well, I think going GPL would be too much, only GPL softwares could use the library. BSD is too much too because changes in the software world (improvements, bugs, backdoors) would not be available to you. Only the hardware

ESET recently published an interesting post-mortem of the so-called "Operation Windigo" malware campaign [1]. OpenSSH backdoors (codename Linux/Ebury), described by ESET last month [2], are a key component of Windigo's attack surface. --mancha [1] http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf [2]