similar to: dovecot as proxy and verification of the backends certificate

Displaying 20 results from an estimated 6000 matches similar to: "dovecot as proxy and verification of the backends certificate"

2015 Oct 13
0
dovecot as proxy and verification of the backends certificate
On 11 Oct 2015, at 20:04, Heiko Schlittermann <hs at schlittermann.de> wrote: > > Hello, > > I'm using a dovecot as proxy, connecting to one or more backends. > The backends use X.509 certificates. > > The proxy's passdb returns > > extra fields: > user=foo > proxy > host=backend1.<domain> > ssl=yes > nopassword=y
2016 Apr 27
3
Crash: setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL)
Hi, Using 2.2.9 (ubuntu 14.04 LTS) and sending the following command, the server crashes when I try to delete an annotation: ? login ? C: 2 setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL) Apr 27 09:29:16 backend1 dovecot: imap-login: Login: user=<heiko>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6651, secured Apr 27 09:29:16 backend1
2016 Feb 11
3
LMTP proxy does not pass RCPT TO: ... 5xx response back
Hello, I'm using dovecot 2.2.9 and a director/backend setup. On the director I've the LMTP in proxy mode, mapping the users to one of the backends. The backends to quota check and return the OverQuota message already at RCPT TO time. Here is what I typed, connected to the director Connection to director1 2525 port [tcp/*] succeeded! 220 director1.rz.hs-example.de Dovecot
2015 Oct 13
3
TLS communication director -> backend with X.509 cert checks?
Hello, using Dovecot 2.2.9 and a setup with directors and backends. The communication between directors and backends needs to be TLS secured. The director config contains a list of hostnames for the backends. (implicit list because of multiple A/AAAA records for a single hostname or explicit list of several host names) On connection setup from a client the director connects to the selected
2015 Oct 13
2
TLS communication director -> backend with X.509 cert checks?
Heiko Schlittermann <hs at schlittermann.de> (Mi 14 Okt 2015 00:10:50 CEST): > Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 23:49:20 CEST): > ? > > > > Proxying in general does check that hostname matches the SSL certificate, because both the hostname and IP address are sent to login process. So it should work in a way that host=<hostname> and
2016 Nov 21
2
Exim still accepting emails to nonexistent users
Hi, Heiko Schlittermann <hs at schlittermann.de> (Mo 21 Nov 2016 11:50:13 CET): > a) Routing stage > You need to interact with the user database dovecot uses. > Either you access the user database directory (flat file, LDAP, > whatever) or you use the ${readsocket?} feature of Exim to talk to > dovecot. The readsocket trick doesn't seem to work anymore. Using $
2016 May 31
2
Ubuntu package - Was: Re: doveadm-server protocol change?
Hi, Peter Chiochetti <pch at myzel.net> (Di 31 Mai 2016 10:31:50 CEST): > Not having installed any of the two, I can say, as a Ubuntu user: > In ppa "/etc/init.d/dovecot" is a symlink to "/lib/init/upstart-job" The 2.2.24 on 16.04 installs both /etc/init.d/dovecot /lib/systemd/system/dovecot.service > While xi packages places its own init script
2016 Apr 27
2
Crash: setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL)
On 27.04.2016 11:00, Heiko Schlittermann wrote: > Hi, > >> ? login ? >> C: 2 setannotation Trash "/vendor/cmu/cyrus-imapd/expire" ("value.shared" NIL) >> >> Apr 27 09:29:16 backend1 dovecot: imap-login: Login: user=<heiko>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=6651, secured >> Apr 27 09:29:16 backend1 dovecot: imap(heiko):
2015 Oct 13
2
TLS communication director -> backend with X.509 cert checks?
Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 21:36:40 CEST): ? > > I see: > > > > a) pass the host *names* to the director too, for CN verification > > purpose > > > > May be in struct mail_host could be a field for the original > > hostname we used to obtain the adress(es)? > > Does the attached patch work? Compiles,
2015 Nov 12
2
How to Restore emails
Hi, Mark Foley <mfoley at ohprs.org> (Do 12 Nov 2015 23:31:39 CET): > According to a message to this list from Oli Schacher, > http://www.dovecot.org/list/dovecot/2011-June/059493.html, all I need to do is copy the deleted > emails to their original folder and dovecot will take care of it: > ? > > exactly, just copy the mail from your backup back into the users > >
2016 Nov 21
2
Exim still accepting emails to nonexistent users
Hi Heiko, Here is the router: virtual_aliases: driver = redirect debug_print = "R: Check address using virtual_aliases for $local_part@$domain" allow_fail allow_defer hide data = CHECK_VIRTUAL_ALIASES user = vmail group = mail local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept
2016 Feb 12
2
Segmentation fault on doveadm search -A with a huge user base
Hi, I'm using dovecot 2.2.9 with a director/backend setup. The user base is about 4711 users currently. If I start at one of the directors doveadm search -A all savedbefore 5000d it terminates with doveadm(1rrissma): Error: doveadm server disconnected before handshake: EOF doveadm(1rrissma): Error: 2001:638:913:f33::5:ff:24245: Command search failed for 1phaaman: EOF
2016 May 30
4
doveadm-server protocol change?
> On May 30, 2016 at 10:26 PM Heiko Schlittermann <hs at schlittermann.de> wrote: > > > Heiko Schlittermann <hs at schlittermann.de> (Mo 30 Mai 2016 21:18:09 CEST): > > Hi Aki, > > > > aki.tuomi at dovecot.fi <aki.tuomi at dovecot.fi> (Mo 30 Mai 2016 20:57:58 CEST): > > ? > > > You can get packages from http://xi.dovecot.fi/debian/,
2016 Feb 11
2
Multiple quota rules from LDAP userdb?
Hello, I'm just asking myself, how I get multiple quota rules into the LDAP userdb. Dovecot is 2.2.9 userdb_attrs = ? fooQuotaRule=quota_rule=%$ which allows me to have an user db entry as fooQuotaRule: *:storage=1000:messages=50 fooQuotaRule: Trash:storage=500 But, if I'd like to have another quota rule for a submailbox of that user? doveadm user returns the first
2017 Jul 09
1
STARTTLS issue with sieve
But if it won?t trust that copy, that invalidates the chain, right? On Sun, Jul 9, 2017 at 9:48 AM Heiko Schlittermann <hs at schlittermann.de> wrote: > Alexander Dalloz <ad+lists at uni-x.org> (So 09 Jul 2017 13:14:56 CEST): > ? > > It is wrong to send the root CA along with the intermediate and server > > certificates. The root CA cert must be in the CA trust
2016 Feb 13
2
ANNOTATE plugin? Squirrel uses it for EXPIRATION information
Hi, it seems that Squirrel mail uses Mailbox annotations for storing Expire times on the Server. It's an Cyrus server currently. (I've no clue how cyrexpire is able to read it's information from the annotiations) Does dovecot support some similiar mechanism? Or - does anybody know anything about how it's supposed to work on Cyrus and how it can be emulated/simulated with dovecot?
2015 Sep 21
4
Dovecot proxy ignores trusted root certificate store
On Mon, 21 Sep 2015, Edgar Pettijohn wrote: > doveconf -n? doveconf -n|grep ssl should suffice: ssl = required ssl_ca = </usr/local/share/certs/ca-root-nss.crt ssl_cert = </path/to/my/file.pem ssl_key = </path/to/my/file.pem ssl_require_crl = no I'm using "ssl_ca = </usr/local/share/certs/ca-root-nss.crt" as a temporary workaround, even though this is not what
2020 Jan 24
2
auth-client via SSL?
Hello, does dovecot support tls-on-connect for AF INET based auth-client sockets? Rationale behind my question: Exim can use the Dovecot auth-client socket to delegate the SMTP-AUTH authentication to Dovecot. Currently Exim supports the AF UNIX only for this socket. Jeremy makes progress in extending this to use AF INET sockets too. While it works with clear text communication already,
2015 Nov 12
2
fail: doveadm backup -s "<state>" with a huuge number of mailboxes
Hello, I'm using 2.2.13. For syncing I'm using repetitions of about the following (simplified for readability): state_file=.s doveadm \ -o imapc_master_user=<master> \ -o imapc_password=<pw> \ -o imapc_host=<host> \ -o mail_fsync=never \ backup -s "$(<.s)" -u "<user>" -R
2015 Oct 08
2
Dovecot auth-ldap ignores tls_* settings when using ldaps://
Hi, I'm using dovecot 2.2.9 (but after checking src/auth/db-ldap.c in 2.2.13 there seems to be the same bug/feature). The userdb and passdb use LDAP. All further configuration is done in auth-ldap.conf.ext. uri = ldaps://<host>/ # tls = tls_cert_file = /etc/ssl/certs/client-cert.pem tls_key_file = /etc/ssl/certs/client-key.file Dovecot ignores the