similar to: dovecot's documentation dearth

Hi. Little story :-) I'm playing with dovecot 2.2.25 and multiple SSL certificates. ~7000 certificates which are loaded twice, so my dovecot has ~14 000 certificate pairs (14k key + 14k cert) in config. 14 000 local_name entries. Like these: local_name imap.example.com { ssl_cert = </etc/certs/cert1.pem ssl_key = </etc/certs/cert1.pem } local_name pop3.example.com { ssl_cert =

Hi, I'm using the Dovecot Prebuilt Binary: deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2 main I configured multiple SSL certificates with client TLS SNI (see http://wiki2.dovecot.org/SSL/DovecotConfiguration). Since my last update I get some warnings: doveconf: Warning: /etc/dovecot/conf.d/10-ssl.conf line 12: Global setting ssl_cert won't change the setting inside an

https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz.sig Note that the download URLs are now https with a certificate from Let's Encrypt. * dovecot.list.index.log rotation sizes/times were changed so that the .log file stays smaller and .log.2 is deleted sooner. + Added mail_crypt plugin that allows encryption of stored emails.

https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz.sig Note that the download URLs are now https with a certificate from Let's Encrypt. * dovecot.list.index.log rotation sizes/times were changed so that the .log file stays smaller and .log.2 is deleted sooner. + Added mail_crypt plugin that allows encryption of stored emails.

Hi all, I'm testing the SNI configuration from dovecot's wiki page, to have multiple domains. I'm using letsencrypt certificates. On the 10-ssl.conf, when I only use one domain, like this, it works : ssl_ca = </etc/letsencrypt/live/mail.mydomain.fr/chain.pem ssl_cert = </etc/letsencrypt/live/mail.mydomain.fr/cert.pem ssl_key =

Hello, Thanks for your answer. I read this Wiki tip, but it does not fit, as I serve emails for several domains, each using its iwn (potentioally enciphered) private key. I thus need to use the directive as port of a local_name block. I tried to create 2 blocks in 2 different files automatically loaded from conf.d: ### private.conf ### <-- prevented read permission for other than root:root

One step further in my quest to create a replacement mail server. I now have my old mail server (2.3.19.1, macOS + MacPorts) and my new (2.3.20, Alpine Linux, Docker, apk package). When I turn on replication it works, but, after a while I see: Jan 06 00:50:31 replicator: Panic: data stack: Out of memory when allocating 268435496 bytes Jan 06 00:50:32 replicator: Fatal: master:

How problematic is it to have default_vsz_limit = 0 in dovecot.conf? macOS+MacPorts had this as a requirement even. Gerben > On 6 Jan 2023, at 16:49, Paul Kudla <paul at scom.ca> wrote: > > > i ran into this as well > > here is the full config for mine with replication > > # cat dovecot.conf > # 2.3.14 (cee3cbc0d): /usr/local/etc/dovecot/dovecot.conf > #

As this is my first message to this ML: Hello! I am using a password-protected SSL key for my dovecot MDA. When I tried to use the ssl_key_password configuration directive as follow: ssl_key_password = </path/to/passfile it did not work as I logged the following: dovecot: imap-login: Error: SSL: Stacked error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt dovecot:

ok a little bit more info .... My servers all run under FreeBSD 12.xx which was also the base for the apple operating system origionally. setting default_vsz_limit = 0 i seem to remember trying with no so great results setting to zero can cause memory over runs (espically with replication) etc i found that when i used the config i sent eariler (vsz_limit is defaulted (not set )) everything

At least doveconf -n output would help. I guess related to authentication settings. Are there any errors in logs? > On 1 Jun 2017, at 12.14, Odhiambo Washington <odhiambo at gmail.com> wrote: > >> On 30 May 2017 at 21:16, Timo Sirainen <tss at iki.fi> wrote: >> >> https://dovecot.org/releases/2.2/dovecot-2.2.30.tar.gz >>

> On 19 Jan 2016, at 16:04, Nikolaos Milas <nmilas at noa.gr> wrote: > > On 19/1/2016 3:31 ??, Timo Sirainen wrote: > >> Change it the other way around: >> >> remote 127.0.0.1 { >> protocol imap { >> ... >> } >> } > > Thank you for your advice Timo (on "remote" blocks). > > So, the "remote"

Hi: I'm in the middle of recoverying from a tactical error copying around an Mac OS X 10.10.5 Time Machine backup (turns out Apple's instructions aren't great...), and I had rsync running for the past 6 hours repairing permissions/acls on 1.5 TB of data (not copying the data), and then it just died in the middle with: .L....og.... 2015-03-11-094807/platinum-bar2/usr/local/mysql

Hello, I'm using dovecot v2.0.21. According to http://wiki2.dovecot.org/SSL/DovecotConfiguration,dovecot 2.x supports different SSL certificate for different virtual hosts by using "local_name" directive, but I can't get it to work. When testing the certificate using "openssl s_client -connect domain.com:pop3s" I get the default certificate instead of

On 11.11.2016 12:22, Arkadiusz Mi?kiewicz wrote: > On Friday 11 of November 2016, Felipe Gasper wrote: >> Hello, >> >> We?re rolling out large SNI deployments for our mail servers. Each domain >> gets an entry like this in the config: >> >> local_name mail.foo.com { >> ssl_cert = </ssl/domain_tls/*.foo.com/combined >> ssl_key =

On 20.10.2016 15:52, Arkadiusz Mi?kiewicz wrote: > > ... -servername something If you want to try out, try applying this patch... >From 066edb5e5c14a05c90e9ae63f0b76fcfd9c1149e Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: Thu, 20 Oct 2016 16:06:27 +0300 Subject: [PATCH] login-common: Include local_name in login_var_expand_table This way it can be used

Working with SSL on fresh install of latest Ubuntu Artful + Dovecot seems broken somehow. Application is Dovecot listening for many SSL sites... Likely I've missed adding something simple to the config, related to local_name usage. Be great if someone can point out what I've missed, to setup multiple SSL certs for different host.domain entries in config. Thanks. _______ This works as

On 20.10.2016 15:41, Arkadiusz Mi?kiewicz wrote: > On Thursday 20 of October 2016, Aki Tuomi wrote: >> On 18.10.2016 14:16, Arkadiusz Mi?kiewicz wrote: >>> On Monday 17 of October 2016, KT Walrus wrote: >>>>> On Oct 17, 2016, at 2:41 AM, Arkadiusz Mi?kiewicz <arekm at maven.pl> >>>>> wrote: >>>>> >>>>> On Monday 30

Hello, We?re rolling out large SNI deployments for our mail servers. Each domain gets an entry like this in the config: local_name mail.foo.com { ssl_cert = </ssl/domain_tls/*.foo.com/combined ssl_key = </ssl/domain_tls/*.foo.com/combined } There are a couple problems we?re finding with this approach: 1) Dovecot wants to load everything at once, which has some machines taking

On Wednesday 21 of March 2018, Arkadiusz Mi?kiewicz wrote: > On Monday 19 of March 2018, Aki Tuomi wrote: > > https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz > > https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig > > [...] > > > - Fix local name handling in v2.2.34 SNI code, bug found by cPanel. > > That change broke handling of such