Displaying 20 results from an estimated 4000 matches similar to: "Client-initiated secure renegotiation"
2016 Mar 10
2
Client-initiated secure renegotiation
On Thu, Mar 10, 2016 at 12:30 PM, Osiris <dovecot at flut.demon.nl> wrote:
> On 09-03-16 13:14, djk wrote:
>> On 09/03/16 10:44, Florent B wrote:
>>> Hi,
>>>
>>> I don't see any SSL configuration option in Dovecot to disable
>>> "Client-initiated secure renegotiation".
>>>
>>> It is advised to disable it as it can
2015 Jan 09
4
dovecot on wheezy, best ssl configuration ?
Hi all, when hardening dovecot against the POODLE vulnerability,
we followed the advise to disable SSL2 and SSL3
but this is giving problems with some email clients (claws-mail).
ssl_protocols = !SSLv2 !SSLv3
results in the following error:
dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, 
rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: 
error:1408A0C1:SSL
2015 Jan 09
2
dovecot on wheezy, best ssl configuration ?
Hi thanks for your help!
Trying to set your same parameters, when restarting dovecot, gives the 
error:
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf 
line 136: Unknown setting: ssl_prefer_server_ciphers
doveconf: Error: managesieve-login: dump-capability process returned 89
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf 
line 136: Unknown setting:
2020 Jun 27
2
SSL-Question
I set icecast.xmp:
    <listen-socket>
        <port>8000</port>
    </listen-socket>
    <listen-socket>
        <port>8443</port>
        <ssl>1</ssl>
    </listen-socket>
8000 work, 8443 not work. If set ssl to port 8000 not work nothing
V V sob., 27. jun. 2020 ob 18:13 je oseba Paul Martin <pm at nowster.me.uk>
napisala:
2020 Jun 11
2
Read-flag of mails don't update
On 10 Jun 2020, at 23:18, @lbutlr <kremels at kreme.com> wrote:
> IF it?s not permissions you need to provide doveconf -n output. Bloglines for any fall, panic, or error level events at a minimum.
Apologies, I did not see the attachments. Will look on a real screen later.
2017 Apr 27
2
confused with ssl settings and some error - need help
Hi,
To default dovecot.conf file I added (based on found documentation):
ssl = required
disable_plaintext_auth = yes     #change default 'no' to 'yes'
ssl_prefer_server_ciphers = yes
ssl_options = no_compression
ssl_dh_parameters_length = 2048
ssl_cipher_list =
2017 Apr 27
2
confused with ssl settings and some error - need help
Thank You for answers. But:
1. How should be properly configured ssl_cipher_list?
2. Ok, removed !TLSv1 !TLSv1.1.
3. Strange thing with ssl_protocols and ssl_cipher_list, because on older
server on Ubuntu 14.04 LTS, dovecot 2.2.9 and postfix 2.11.0 these two
lines looks exactly this same and no errors in mail.err file and mailes
works without any problem.
4. No, currently I don't use LMTP.
2017 Aug 23
3
socketpair failed: Too many open files on Debian 9
Hi @all,
after re-installing one of my two frontends/proxy-servers I get the
following error messages after some time (sometimes after 1h, sometimes
after 24h):
11:23:55 imap-login: Error: socketpair() failed: Too many open files
11:23:55 imap-login: Error: socketpair() failed: Too many open files
11:23:56 imap-login: Error: socketpair() failed: Too many open files
11:23:56 imap-login: Error:
2017 Aug 23
2
socketpair failed: Too many open files on Debian 9
I haven't done this on the old, working machine.
So there must be a difference between Debian 7 and 9 how open files are
handled?
Regards
Patrick
Aki Tuomi schrieb:
> You probably need to increase ulimit -n
> 
> Aki
> 
> 
> On 23.08.2017 14:10, Patrick Westenberg wrote:
>> Hi @all,
>>
>> after re-installing one of my two frontends/proxy-servers I get
2017 Mar 20
1
Deploying Diffie-Hellman for TLS
I have been reading up on TLS and Dovecot and came across this URL:
https://www.weakdh.org/sysadmin.html which recommended these settings
for Dovecot. I would like to know if they are correct? Some much
documentation on the web is pure garbage.
Dovecot
These changes should be made in /etc/dovecot.conf
Cipher Suites
2017 Apr 27
2
confused with ssl settings and some error - need help
Cipher list which You post provide better compatibility or security than
those which I currently have?
On older software version these cipher list works well and not generate any
errors when I run Internal PCI scan test from https://cloud.tenable.com for
another server. But for new server with newer software during test I got
errors in mail.err.
2017-04-27 10:00 GMT+02:00 Aki Tuomi <aki.tuomi
2020 Jun 12
1
Read-flag of mails don't update
Am 11.06.20 um 18:08 schrieb @lbutlr:
> On 10 Jun 2020, at 23:19, @lbutlr <kremels at kreme.com> wrote:
>> On 10 Jun 2020, at 23:18, @lbutlr <kremels at kreme.com> wrote:
>>> IF it?s not permissions you need to provide doveconf -n output. Bloglines for any fall, panic, or error level events at a minimum.
>>
>> Apologies, I did not see the attachments. Will
2016 Apr 29
4
Changing Password Schemes
Good Day,
I have been following this tutorial without much luck - 
http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1
It is obvious to me that I am not following the instructions correctly 
and need to be shown what I am misunderstanding.
I have an old postfix + dovecot + Roundcube mailserver 
(mail.domain.Tld). Server clock is loosing time and
2018 Apr 23
2
imap-login segfaulting on 2.3.1
Hello,
I have a new director ring I am setting up on centos 7 with dovecot
2.3.1. I haven't been able to replecate this in testing, but as soon as
I start pushing production traffic to the new ring I see dozens of these  in the
logs:
Apr 18 00:34:00 d.director.imapd.sonic.net kernel: imap-login[163107]: segfault at 10 ip 00007ff625698dd5sp 00007ffe4b77bb28 error 4 in
2017 Jan 17
3
Correct settings for ssl protocols" and "ssl ciphers"
I have the following two settings in my "10-ssl.conf" file
# SSL protocols to use
ssl_protocols = !SSLv2
# SSL ciphers to use
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
I have seen different configurations while Googling. I am wondering
what the consensus is for the best settings for these two items. What
do the developers recommend?
Thanks!
-- 
Jerry
2017 Apr 30
2
confused with ssl settings and some error - need help
What kind of test are you running?
Aki
> On April 27, 2017 at 12:00 PM Poliman - Serwis <serwis at poliman.pl> wrote:
> 
> 
> I turned of ssl_cipher_list in dovecot.conf file (so it's default) but test
> still gives errors:
> Apr 27 08:55:06 serwer-1 dovecot: pop3-login: Error: SSL: Stacked error:
> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
2016 Apr 29
4
Changing Password Schemes
converting the passwords in the database from clear/plain text to 
SHA512-CRYPT
------------
You have a good day now, en mag jou m?re ook so wees,
Carl A Jeptha
On 2016-04-29 15:02, Steffen Kaiser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Fri, 29 Apr 2016, Carl A Jeptha wrote:
>
>> Good Day,
>> I have been following this tutorial without much
2018 Sep 07
1
Auth process sometimes stop responding after upgrade
Hi all;
I've upgraded a ring of dovecot directors from 2.2.15 to 2.2.36. After the 
upgrade I've got some instability: a few time per day per server, seemly at 
random, the auth process stop responding and the clients cannot authenticate 
any more:
Sep  6 14:45:51 imap-front13 dovecot: pop3-login: Warning: Auth process not 
responding, delayed sending initial response (greeting):
2016 Oct 30
2
Defining INDEX target to other location than maildir seems to have no effect.
Dovecot Version 2.2.13
Linux Distribution: Debian Jessie
CPU Architecture: x64
Filesystem: GlusterFS/NFS, XFS for Base System/Index Files.
Two Dovecot/Postfix nodes accessing same GlusterFS/NFS Maildir.
Regardless what i choose in mail_location (:INDEX=MEMORY or 
:INDEX=/var/indexes/%d/%n) all Mailbox index files will still get 
created within the users mail_location maildir: ~/Maildir
My
2017 Feb 01
2
Dovecot auth-worker error after cram-md5 auth
Is there any strange thing in these config lines?
2017-02-01 9:40 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
> doveadm log errors can be helpful too
>
>
> On 01.02.2017 10:25, Poliman - Serwis wrote:
> > I can check each logs, I have root privileges.
> >
> > 2017-02-01 9:04 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
> >
> >> Can