similar to: dovecot as proxy and verification of the backends certificate

On 11 Oct 2015, at 20:04, Heiko Schlittermann <hs at schlittermann.de> wrote: > > Hello, > > I'm using a dovecot as proxy, connecting to one or more backends. > The backends use X.509 certificates. > > The proxy's passdb returns > > extra fields: > user=foo > proxy > host=backend1.<domain> > ssl=yes > nopassword=y

Hi, Using 2.2.9 (ubuntu 14.04 LTS) and sending the following command, the server crashes when I try to delete an annotation: ? login ? C: 2 setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL) Apr 27 09:29:16 backend1 dovecot: imap-login: Login: user=<heiko>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6651, secured Apr 27 09:29:16 backend1

Hello, I'm using dovecot 2.2.9 and a director/backend setup. On the director I've the LMTP in proxy mode, mapping the users to one of the backends. The backends to quota check and return the OverQuota message already at RCPT TO time. Here is what I typed, connected to the director Connection to director1 2525 port [tcp/*] succeeded! 220 director1.rz.hs-example.de Dovecot

Hello, using Dovecot 2.2.9 and a setup with directors and backends. The communication between directors and backends needs to be TLS secured. The director config contains a list of hostnames for the backends. (implicit list because of multiple A/AAAA records for a single hostname or explicit list of several host names) On connection setup from a client the director connects to the selected

Heiko Schlittermann <hs at schlittermann.de> (Mi 14 Okt 2015 00:10:50 CEST): > Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 23:49:20 CEST): > ? > > > > Proxying in general does check that hostname matches the SSL certificate, because both the hostname and IP address are sent to login process. So it should work in a way that host=<hostname> and

Hi, Heiko Schlittermann <hs at schlittermann.de> (Mo 21 Nov 2016 11:50:13 CET): > a) Routing stage > You need to interact with the user database dovecot uses. > Either you access the user database directory (flat file, LDAP, > whatever) or you use the ${readsocket?} feature of Exim to talk to > dovecot. The readsocket trick doesn't seem to work anymore. Using $

Hi, Peter Chiochetti <pch at myzel.net> (Di 31 Mai 2016 10:31:50 CEST): > Not having installed any of the two, I can say, as a Ubuntu user: > In ppa "/etc/init.d/dovecot" is a symlink to "/lib/init/upstart-job" The 2.2.24 on 16.04 installs both /etc/init.d/dovecot /lib/systemd/system/dovecot.service > While xi packages places its own init script

On 27.04.2016 11:00, Heiko Schlittermann wrote: > Hi, > >> ? login ? >> C: 2 setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL) >> >> Apr 27 09:29:16 backend1 dovecot: imap-login: Login: user=<heiko>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6651, secured >> Apr 27 09:29:16 backend1 dovecot: imap(heiko):

Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 21:36:40 CEST): ? > > I see: > > > > a) pass the host *names* to the director too, for CN verification > > purpose > > > > May be in struct mail_host could be a field for the original > > hostname we used to obtain the adress(es)? > > Does the attached patch work? Compiles,

Hi, Mark Foley <mfoley at ohprs.org> (Do 12 Nov 2015 23:31:39 CET): > According to a message to this list from Oli Schacher, > http://www.dovecot.org/list/dovecot/2011-June/059493.html, all I need to do is copy the deleted > emails to their original folder and dovecot will take care of it: > ? > > exactly, just copy the mail from your backup back into the users > >

Hi Heiko, Here is the router: virtual_aliases: driver = redirect debug_print = "R: Check address using virtual_aliases for $local_part@$domain" allow_fail allow_defer hide data = CHECK_VIRTUAL_ALIASES user = vmail group = mail local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept

Hi, I'm using dovecot 2.2.9 with a director/backend setup. The user base is about 4711 users currently. If I start at one of the directors doveadm search -A all savedbefore 5000d it terminates with doveadm(1rrissma): Error: doveadm server disconnected before handshake: EOF doveadm(1rrissma): Error: 2001:638:913:f33::5:ff:24245: Command search failed for 1phaaman: EOF

> On May 30, 2016 at 10:26 PM Heiko Schlittermann <hs at schlittermann.de> wrote: > > > Heiko Schlittermann <hs at schlittermann.de> (Mo 30 Mai 2016 21:18:09 CEST): > > Hi Aki, > > > > aki.tuomi at dovecot.fi <aki.tuomi at dovecot.fi> (Mo 30 Mai 2016 20:57:58 CEST): > > ? > > > You can get packages from http://xi.dovecot.fi/debian/,

Hello, I'm just asking myself, how I get multiple quota rules into the LDAP userdb. Dovecot is 2.2.9 userdb_attrs = ? fooQuotaRule=quota_rule=%$ which allows me to have an user db entry as fooQuotaRule: *:storage=1000:messages=50 fooQuotaRule: Trash:storage=500 But, if I'd like to have another quota rule for a submailbox of that user? doveadm user returns the first

But if it won?t trust that copy, that invalidates the chain, right? On Sun, Jul 9, 2017 at 9:48 AM Heiko Schlittermann <hs at schlittermann.de> wrote: > Alexander Dalloz <ad+lists at uni-x.org> (So 09 Jul 2017 13:14:56 CEST): > ? > > It is wrong to send the root CA along with the intermediate and server > > certificates. The root CA cert must be in the CA trust

Hi, it seems that Squirrel mail uses Mailbox annotations for storing Expire times on the Server. It's an Cyrus server currently. (I've no clue how cyrexpire is able to read it's information from the annotiations) Does dovecot support some similiar mechanism? Or - does anybody know anything about how it's supposed to work on Cyrus and how it can be emulated/simulated with dovecot?

On Mon, 21 Sep 2015, Edgar Pettijohn wrote: > doveconf -n? doveconf -n|grep ssl should suffice: ssl = required ssl_ca = </usr/local/share/certs/ca-root-nss.crt ssl_cert = </path/to/my/file.pem ssl_key = </path/to/my/file.pem ssl_require_crl = no I'm using "ssl_ca = </usr/local/share/certs/ca-root-nss.crt" as a temporary workaround, even though this is not what

Hello, does dovecot support tls-on-connect for AF INET based auth-client sockets? Rationale behind my question: Exim can use the Dovecot auth-client socket to delegate the SMTP-AUTH authentication to Dovecot. Currently Exim supports the AF UNIX only for this socket. Jeremy makes progress in extending this to use AF INET sockets too. While it works with clear text communication already,

Hello, I'm using 2.2.13. For syncing I'm using repetitions of about the following (simplified for readability): state_file=.s doveadm \ -o imapc_master_user=<master> \ -o imapc_password=<pw> \ -o imapc_host=<host> \ -o mail_fsync=never \ backup -s "$(<.s)" -u "<user>" -R

Hi, I'm using dovecot 2.2.9 (but after checking src/auth/db-ldap.c in 2.2.13 there seems to be the same bug/feature). The userdb and passdb use LDAP. All further configuration is done in auth-ldap.conf.ext. uri = ldaps://<host>/ # tls = tls_cert_file = /etc/ssl/certs/client-cert.pem tls_key_file = /etc/ssl/certs/client-key.file Dovecot ignores the