similar to: Apache + SSL: default configuration rated "C" by Qualys Labs

On 26 April 2017 at 13:16, Steven Tardy <sjt5atra at gmail.com> wrote: > >> On Apr 26, 2017, at 2:58 AM, Nicolas Kovacs <info at microlinux.fr> wrote: >> >> The site is rated "C" > > The RHEL/CentOS out-of-the-box apache tls is a little old but operational. This Mozilla resource is excellent for getting apache tls config up-to-date. > >

On 26/04/17 16:16, James Hogarth wrote: > On 26 April 2017 at 13:16, Steven Tardy <sjt5atra at gmail.com> wrote: >> >>> On Apr 26, 2017, at 2:58 AM, Nicolas Kovacs <info at microlinux.fr> wrote: >>> >>> The site is rated "C" >> >> The RHEL/CentOS out-of-the-box apache tls is a little old but operational. This Mozilla resource is

Hi All First the essentials: dovecot --version: 2.2.15 /usr/local/etc/dovecot/conf.d/10-ssl.conf: ssl = required ssl_cert = </usr/local/openssl/certs/mail.domain.com.chained.dovecot.ecdsa.crt ssl_key = </usr/local/openssl/certs/mail.domain.com.ecdsa.key ssl_protocols = !SSLv2 !SSLv3 ssl_cipher_list =

> On Jul 29, 2018, at 6:02 PM, Alexander Dalloz <ad+lists at uni-x.org> wrote: > > Am 29.07.2018 um 21:02 schrieb J Doe: >> Hello, >> I have a question regarding SSL/TLS settings for Dovecot version 2.2.22. >> In: 10-ssl.conf there are two parameters: >> ssl_protocols >> ssl_cipher_list >> ssl_protocols is commented with ?SSL protocol to

Per my earlier post about system and virtual users, I have everything working, but I'm seeing the following message, and wondering: 1) does it matter? 2) is there a way to suppress it? I have an Exim /etc/aliases entry that sends root to me. Jul 13 14:38:47 thebighonker dovecot: auth-worker(13055): Error: passwd-file /etc/passwd: User root has invalid UID '0' doveconf -n: # 2.2.31

Using 2.3.0/0.5 and the below scripts/config, why doesn?t a mail addressed to ler_freebsd at lerctr.org get the FreeBSD flag? .dovecot.sieve points to master.sieve. Scripts: http://www.lerctr.org/~ler/sieve/ doveconf -n: thebighonker.lerctr.org /home/ler/sieve $ doveconf -n # 2.3.0 (c8b89eb): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.5.0 (d68c23a1) # OS: FreeBSD

Hi list, I'm configuring apache with https and I've a question about sslv3 deactivation. Running "openssl ciphers -v" I get a list of cypher suite of openssl like: ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ......... Each lines report relative protocol. Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like:

Updated (current) doveconf -n attached.... On Mon, Dec 25, 2017 at 04:33:16PM -0600, Larry Rosenman wrote: > FTR, this is being delivered via LMTP from Exim using the recommended transport / director. > > headers from one of my tests: > Return-Path: <ler at lerctr.org> > Delivered-To: ler at lerctr.org > Received: from thebighonker.lerctr.org > by

https://bugzilla.mozilla.org/show_bug.cgi?id=541130 The bug I see is using thunderbird 24.6 which is the latest update on centos 6.5. The issue is that every time I open an email with some "+" somewhere in the source (which I didn't traced yet) I get annoying message: An error occurred while loading or saving configuration information for thunderbird. Some of your configuration

Dear all, I tried to do a backport of 'ssl_prefer_server_ciphers' (http://hg.dovecot.org/dovecot-2.2/rev/897484f45a87/) to Dovecot 2.1 (namely the Debian version of Dovecot) and wanted to ask if there is any chance to integrate this feature into Dovecot 2.1 'upstream' as well. As the code structure changed quite a bit, I am not sure if my patch is complete. I tested it with pop3s

Hello, Is anyone using the welcome plugin? I'm trying to utilize it to send a message when a user first logs in to the system, containing important information for them to know. The plugin loads, I don't have a configuration problem, but the message never gets sent. What can I provide to more easily troubleshoot this? Thanks. Dave.

On 05.06.2017 11:02, awl1 wrote: > Resending - any ideas why I might get "IMAP session state is inconsistent" whenever emtyping the trash in Thunderbird? > > Thanks, > Andreas > > > Am 31.05.2017 um 00:02 schrieb awl1: >> All, >> >> having successfully compiled and set up Dovecot 2.2.29.1 on my Thecus NAS as a newbie without any further hassle,

Is it possible in pigeonhole? I.E. I do a fileinto :create "some/mail/box" How can I make it autosubscribe? doveconf -n: # 2.3.7.2 (3c910f64b): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 (7372921a) # OS: FreeBSD 12.0-STABLE amd64 # Hostname: thebighonker.lerctr.org auth_default_realm = lerctr.org auth_mechanisms = plain login auth_realms = lerctr.org

* Aki Tuomi <aki.tuomi at dovecot.fi>: > > > On 20.03.2017 14:30, Ralf Hildebrandt wrote: > > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt > > Leave the < out. It is misleading, I know, but it does say file. =) Makes no difference: # doveconf |fgrep ssl_client_ca ssl_client_ca_dir = ssl_client_ca_file = /etc/ssl/certs/ca-certificates.crt and with

Hello, I am building a new server on CentOS 7 and the global sieve filter can not be loaded. The debug shows: Nov? 9 15:23:09 mail dovecot: lmtp(11182, gao at mydomain.com): Debug: sieve: Pigeonhole version 0.4.2 initializing Nov? 9 15:23:09 mail dovecot: lmtp(11182, gao at mydomain.com): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global'

# Valid UID range for users, defaults to 500 and above. This is mostly # to make sure that users can't log in as daemons or other system users. # Note that denying root logins is hardcoded to dovecot binary and can't # be done even if first_valid_uid is set to 0. #first_valid_uid = 500 #last_valid_uid = 0 Aki > On July 18, 2017 at 9:23 PM Larry Rosenman <larryrtx at gmail.com>

Did you miss the part about 0 also being hardcoded? On Tue, Jul 18, 2017 at 1:34 PM Larry Rosenman <larryrtx at gmail.com> wrote: > On Tue, Jul 18, 2017 at 3:31 PM, Larry Rosenman <larryrtx at gmail.com> > wrote: > > > That didn't change it :( > > Jul 18 15:28:14 thebighonker dovecot: auth-worker(77908): Error: > > passwd-file /etc/passwd: User root has

Hi, I have a problem with INBOX subfolders and subscriptions which I can't solve... Maybe somebody has seen this, too... I can create regular subfolders (not in INBOX) and (un-)subscribe to them with Thunderbird. If I create subfolders in the INBOX with TB this seems to work now in v31 (just found this out), but with v24.6 neither INBOX subfolder creation nor subscriptions worked. When

> On Apr 26, 2017, at 2:58 AM, Nicolas Kovacs <info at microlinux.fr> wrote: > > The site is rated "C" The RHEL/CentOS out-of-the-box apache tls is a little old but operational. This Mozilla resource is excellent for getting apache tls config up-to-date. https://wiki.mozilla.org/Security/Server_Side_TLS

Currently I'm having massive problems with LMTP delivery into dovcot. dovecot/lmtp processes are piling up, eas using considerable amounts of CPU: # ps auxwww|fgrep dove root 20537 0.0 0.0 18124 1196 ? Ss 15:18 0:00 /usr/sbin/dovecot -c /etc/dovecot/dovecot.conf dovecot 20541 0.0 0.0 9620 1084 ? S 15:18 0:00 dovecot/anvil root 20542 0.0 0.0 9752