Displaying 20 results from an estimated 6000 matches similar to: "v2.1.5 released"
2015 Jun 15
5
OpenSSH and CBC
Hello,
I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is
CBC therefore considered as broken and unsecure (in general or SSH
implementation)?
I also read a lot of references (see below) but still not clear to me
what's the actual "security status" of CBC and why it has been removed
in general.
http://www.openssh.com/txt/release-6.7
sshd(8): The default set
2006 May 01
1
Dovecot LDA with sendmail/Mailscanner (fwd)
Hello!
Noone has running a sendmail/Mailscanner/procmail/mbox environment?
Ciao,
Gerhard
---------- Forwarded message ----------
Date: Mon, 24 Apr 2006 20:27:56 +0200 (CEST)
From: Gerhard Wiesinger <lists at wiesinger.com>
To: dovecot at dovecot.org
Subject: [Dovecot] Dovecot LDA with sendmail/Mailscanner
Hello!
I'm running dovecot in a sendmail/Mailscanner/procmail/mbox
2015 Jun 16
2
OpenSSH and CBC
On 15.06.2015 21:31, Christian Weisgerber wrote:
> On 2015-06-15, Gerhard Wiesinger <lists at wiesinger.com> wrote:
>
>> I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is
>> CBC therefore considered as broken and unsecure (in general or SSH
>> implementation)?
> CBC modes in SSH use the last encrypted block of the previous packet
> as the IV
2008 Aug 16
2
Problem with squirrelmail and dovecot 1.1
Hello!
I'm running squirrelmail 1.4.8 (I know this is not the latest version) and
know I'm having troubles with:
1.) Folder list view
2.) Save to sent or Drafts folder.
Configuration worked well. I think it has to do with the upgrade from
dovecot 1.0 to 1.1 and the LIST command. Thunderbird/alpine work well.
Commands from rawlog are:
A002 LIST "" "~/Mail/Drafts"
2015 Dec 06
2
v2.2.20 release candidate released
On 05 Dec 2015, at 11:32, Gerhard Wiesinger <lists at wiesinger.com> wrote:
>
> Is it possible to configure the secure session caching mechanism?
> e.g. like in nginx: https://bjornjohansen.no/optimizing-https-nginx
I remember hearing about various security vulnerabilities in that earlier.. I guess they're fixed now then, unless people find more ways to exploit it. Anyway
2006 Jul 02
3
Dovecot deliver logging problem and procmail
Hello!
Currently I'm trying to integrate dovecot's deliver program into procmail.
So basically I'd write a patch for procmail to deliver not directly into
the mbox file but delivering with the dovecot deliver program.
Do you think this is a good concept?
For testing I use the commands discussed below. Currently I'm having a
problem that deliver doesn't recognize the
2007 Mar 01
7
1.0.rc25 released
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz.sig
Instead of having "Should v1.0 be released already" discussion, how
about having "What's still missing from wiki.dovecot.org and how could
it be improved" discussion? And what should the wiki exported to doc/
directory in the tarball look like?
* If time moves
2007 Mar 01
7
1.0.rc25 released
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz
http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz.sig
Instead of having "Should v1.0 be released already" discussion, how
about having "What's still missing from wiki.dovecot.org and how could
it be improved" discussion? And what should the wiki exported to doc/
directory in the tarball look like?
* If time moves
2015 Dec 03
8
v2.2.20 release candidate released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig
v2.2.20 probably will be released tomorrow or maybe during weekend.
+ Added mailbox { autoexpunge=<time> } setting. See
http://wiki2.dovecot.org/MailboxSettings for details.
+ ssl_options: Added support for no_ticket
+ imap/pop3/managesieve-login: Added
2015 Dec 03
8
v2.2.20 release candidate released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig
v2.2.20 probably will be released tomorrow or maybe during weekend.
+ Added mailbox { autoexpunge=<time> } setting. See
http://wiki2.dovecot.org/MailboxSettings for details.
+ ssl_options: Added support for no_ticket
+ imap/pop3/managesieve-login: Added
2014 Jun 28
2
Procmail to Sieve translation
Hello,
I'm trying to move from procmail to dovecot sieve.
I found the translation script at
http://www.dovecot.org/tools/procmail2sieve.pl
It works well except the following use cases:
* ^From:.*myemail at mydomain.com.*
| formail -I"X-Priority: 2 (high)" -I"X-mydomain-com-seen: yes" |
$SENDMAIL -oi \
myemail at mydomain2.com \
myemail at mydomain3.com
:0c
*
2015 Aug 04
2
Dovecot sieve pigeonhole permission
Hello,
I'm running dovecot in a classical vmail.vmail setup with pigeonhole and
LMTP. Permission worked well in the initial setup but currently (maybe
after Fedora 22 update) I'm having the following permission issue:
lmtp(root): Error: 7fPZFOL9wFXePQAABcdabc: sieve: binary open: failed to
open: open(/etc/dovecot/sieve_after.svbin) failed: Permission denied
(euid=9999(vmail)
2015 Aug 05
1
Dovecot sieve pigeonhole permission
On 05.08.2015 13:06, Steffen Kaiser wrote:
> On Tue, 4 Aug 2015, Gerhard Wiesinger wrote:
>
>>
>> I'm running dovecot in a classical vmail.vmail setup with pigeonhole
>> and LMTP. Permission worked well in the initial setup but currently
>> (maybe after Fedora 22 update) I'm having the following permission
>> issue:
>>
>> lmtp(root):
2014 Jun 29
1
Dovecot and remote SASL Client via TLS
Hello,
Is it possible to configure Dovecot as SASL client for central
authentication (also remotely via TCP/TLS)?
Following use case:
IMAP server (host 1) <=> Windows Domain Controller and /etc/shadow
authenticator via pam (host2)
Should work as:
IMAP server (host 1) <=> SASL Client via TLS <=> Network <=> SASL Server
via TLS <=> Local SASL via pam <=>
2015 Jun 16
2
OpenSSH and CBC
Hi Gerhard,
This is not exactly true. CTR modes have the length field encrypted. etm
MAC modes and AES-GCM have the length field in cleartext.
CBC is dangerous because the length field is encrypted with CBC.
aes128-ctr + hmac-sha256 doesn't have any known vulnerability and
encrypts the packet length, but uses the bad practice of e&m.
chacha20-poly1305 encrypts both payload and packet
2016 Mar 16
2
v2.2.22 released
http://dovecot.org/releases/2.2/dovecot-2.2.22.tar.gz
http://dovecot.org/releases/2.2/dovecot-2.2.22.tar.gz.sig
+ Added doveadm HTTP API: See
http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP
+ virtual plugin: Mailbox filtering can now be done based on the
mailbox metadata. See http://wiki2.dovecot.org/Plugins/Virtual
+ stats: Added doveadm stats reset to reset global stats.
+ stats:
2016 Mar 16
2
v2.2.22 released
http://dovecot.org/releases/2.2/dovecot-2.2.22.tar.gz
http://dovecot.org/releases/2.2/dovecot-2.2.22.tar.gz.sig
+ Added doveadm HTTP API: See
http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP
+ virtual plugin: Mailbox filtering can now be done based on the
mailbox metadata. See http://wiki2.dovecot.org/Plugins/Virtual
+ stats: Added doveadm stats reset to reset global stats.
+ stats:
2006 Jul 05
2
Procmail patch for dovecot delivery
Hello!
As discussed in the previous thread about "Dovecot deliver logging
problem and procmail" I have made a small patch for procmail to deliver
through dovecot's deliver program (or any other delivery program).
So Procmail does not write the mailboxes directly any more. So delivery is
done through pipes and an external program which can deliver the files.
Since dovecot's
2013 Feb 25
5
v2.2.rc2 released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc2.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc2.tar.gz.sig
Looks like the last changes I did today just before rc1 release made it
just about unusable. This one is actually running on my servers. :)
2013 Feb 25
5
v2.2.rc2 released
http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc2.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc2.tar.gz.sig
Looks like the last changes I did today just before rc1 release made it
just about unusable. This one is actually running on my servers. :)