similar to: failed login message

thanks for your reply i intentionaly put the wrong password and checked the dovecot log and the message i got was # tail -f /var/log/dovecot.log | grep "xxx at yyy.com" Nov 25 08:47:46 imap-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx at yyy.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<xObTWqYIwgB/AAAB> but in the

Greetings all, I have verified a bug that has long been attributed to lack of knowledge on the part of the user. Dovecot rejects StartSSL client certificates due to reject StartSSL root CA when doing client verification even though the appropriately constructed ca-bundle.pem has been created and applied vi ssl_ca = </etc/dovecot/ca-bundle.pem. openssl verify -CAfile ca-bundle.pem

I'm getting this in the log when proxying IMAP (three "valid certificate" messages, two "Invalid certificate" messages) Why is dovecot (acting as a proxy to another dovecot instance here) not recognizing the StartCom Extended Validation Server CA? . LOGIN ralf.hildebrandt at charite.de mypassword Sep 25 14:13:04 auth-worker(30859): Info: mysql(sql.charite.de): Connected

Hi All, I'm running TCP-based dsync replication on two dovecot nodes. Nowdays i tried to enable SSL (TCPS). I changed mail_replica prefix from tcp:* to tcps:* and added ssl=yes to the inet_listener. Then on running *doveadm sync* i'm getting the following message: " *doveadm(example at example.com <example at example.com>): Error: Couldn't initialize SSL context: Can't

Hi all, after upgrade from some 2.0 version to 2.2.19 (debian) i face map login problems: # doveconf -n # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot-debug.log hostname = test.my.domain.de

Am 12.01.2015 um 13:29 schrieb Jonas Plitt: > *doveadm(example at example.com <example at example.com>): Error: Couldn't > initialize SSL context: Can't load CA certs from directory /etc/ssl/certs: > error:02001024:system library:fopen:File name too longdoveadm: Error: > Failed to iterate through some users*" > > this is my config (part): > > *ssl_cert =

Hi there, Does anyone know how to do this: "Put all the certificates in the ssl_cert file. For example when using a certificate signed by TDC the correct order is: Dovecot's public certificate TDC SSL Server CA TDC Internet Root CA Globalsign Partners CA " I try to set these parameters in the conf.d/10-ssl.conf as below, but it seems doesn't work. ---

Hi, I'm running two Dovecot 2.2.9 Servers running replication. Users are the same. My Replication is very slow. Mails from Server one appear on Server two after 1-3 hours. Rarely i can see duplicated mails (Log message "Expunged message reappeared. Setting new UID"). This is my doveconf -n output: > # 2.2.9: /etc/dovecot/dovecot.conf > # OS: Linux 3.13.0-44-generic x86_64

Aha. Looks pretty cool, and it's really nice that it supports HTTP. On the other hand if I'm rate limiting the number of messages sent = number of times a client said RCPT TO, I guess it still has to be a postfix policy server? Anyway, thanks for pointing this out, I'm sure I'll use it :-) On 10/21/2017 02:16 PM, Aki Tuomi wrote: > Dovecot auth supports auth_policy_server

Quoting Gedalya <gedalya at gedalya.net>: > On 05/27/2015 09:55 AM, Rick Romero wrote: >> Quoting Gedalya <gedalya at gedalya.net>: >> >>> On 05/26/2015 10:37 AM, Ron Leach wrote: >>>> https://weakdh.org/sysadmin.html >>>> >>>> includes altering DH parameters length to 2048, and re-specifying the >>>> allowable

Gedalya-san I have a question. Currently, there are thousands of users. (In multi-domain) The setting of "auth_default_realm = example.co.jp" is Is it possible to set without affecting the current user? Thank you. -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of ????? Sent: Wednesday, October 28, 2020 4:16 PM To: 'Gedalya'

Dovecot auth supports auth_policy_server (v2.2.27+, https://wiki.dovecot.org/Authentication/Policy), which you could use for this. There is also https://github.com/PowerDNS/weakforced you can use as policy server, which can also do ratelimiting and such. It also integrates with postfix. Aki > On October 20, 2017 at 6:12 PM Gedalya <gedalya at gedalya.net> wrote: > > > No,

reopen 767295 thanks The 4.4.1-4 release only included one related fix there are actually two more: commit 379b351889a8f02abe30a06e2ce9ba8b381b91ab Author: Ian Campbell <ian.campbell at citrix.com> Date: Thu Nov 6 13:00:31 2014 +0000 tools: libxl: do not leak diskpath during local disk attach

Dear friends, First, thanks for helping me on ssh default option for smartcards. I recompiled SSH from CVS and it seems to work. I still have problems with: ssh-add -s /usr/lib/opensc-pkcs11.so Enter passphrase for PKCS#11: (I enter PIN code) SSH_AGENT_FAILURE Could not add card: /usr/lib/opensc-pkcs11.so pkcs11-tool --slot 1 -O Public Key Object; RSA 2048 bits label: Public Key ID:

On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote: > > On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > >> I do not see neither starttls.com nor letsencrypt.org between Authorities >> certificates. > > That?s because they are not top-tier CAs. I forgot to mention that letsencrypt.com uses one of its

I just modified mail-filter-out.sh like this: cat &nbsp;mail-filter-out.sh &nbsp; #!/bin/sh &nbsp; USER=$1 &nbsp; cat &gt; /tmp/tempfile &nbsp; cat /tmp/tempfile cat &nbsp;/tmp/tempfile This message is in MIME format. --nsmail-7bjyg3nr5o-7bmibqhut9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: base64

Awesome, thanks! Sent from my mobile device please excuse. 11.11.2017 2:48 PM "Gedalya" <gedalya at gedalya.net> napisa?(a): > On 11/10/2017 11:03 PM, Joseph Tam wrote: > > > > The toughest situation (using script techniques) is for > > CIDR ranges just shy of a full octet boundary e.g. /25. > > Actually there is a great tool for that, grepcidr >

No, it's entirely my own. If all you want to do is write client IP addresses to a database then your script will probably fit in 20 lines of code or so. On 10/20/2017 05:04 PM, j.emerlik wrote: > Which one policy server are you using ? > Someone from that list : http://www.postfix.org/addon.html > > 2017-10-20 16:53 GMT+02:00 Gedalya <gedalya at gedalya.net>: > >>

On Wed, June 15, 2016 10:48 am, Warren Young wrote: > On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote: >> >> On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> >> wrote: >> >>> I do not see neither starttls.com nor letsencrypt.org between >>> Authorities >>> certificates. >>

Hi, On 2015-11-12 08:03, Frank Rust wrote: > Hi all, > after upgrade from some 2.0 version to 2.2.19 (debian) i face map > login problems: > > # doveconf -n > # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.9 > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4 > auth_debug = yes > auth_debug_passwords = yes > auth_verbose = yes >