similar to: Tip: update dovecot MD5 password from PAM

>>>>> Aki Tuomi <aki.tuomi at dovecot.fi>: > On 2017-03-25 17:54, Steinar Bang wrote: >> This is a PAM module that listens for password changes, and will update >> the MD5 password for a user, in a file that dovecot can read, when the >> user's password is changed: >> https://github.com/steinarb/pam_dovecotmd5pwd >> >> Caveat

> On March 26, 2017 at 2:24 PM Steinar Bang <sb at dod.no> wrote: > > > >>>>> Aki Tuomi <aki.tuomi at dovecot.fi>: > > > On 2017-03-25 17:54, Steinar Bang wrote: > >> This is a PAM module that listens for password changes, and will update > >> the MD5 password for a user, in a file that dovecot can read, when the > >>

On 2017-03-25 17:54, Steinar Bang wrote: > This is a PAM module that listens for password changes, and will update > the MD5 password for a user, in a file that dovecot can read, when the > user's password is changed: > https://github.com/steinarb/pam_dovecotmd5pwd > > Caveat emptor! (Works for me...! :-) ) Maybe you could update the PAM module to upgrade user's

>>>>> Aki Tuomi <aki.tuomi at dovecot.fi>: > Is there some reason you cannot protect your users with TLS/SSL? I do use SSL. I don't understand what that have to do with the preference of CRAM-MD5 over plain text auth? > Using CRAM-MD5 is not very secure option, since you have to store the > password in clear text. Plain MD5 is almost plaintext these days. I

Is there any other mechanism than using passwd files with md5-hashed passwords created by dovecotpw that will support cram-md5 authentication? Has anyone created setups where the passwd databases reside in the individual users home directories? Is it possible to persuade dovecotpw to update the passwd databases automatically. Having to use a text editor to paste in the passwords sets a high

I prefer not to use clear text passwords, even over an encrypted connection. With IMAP, the only such mechanism with widespread client support is CRAM-MD5 (please correct my if I'm wrong... I'd love to be corrected here...). On the dovecot 2 wiki, the only way I've found to implement CRAM-MD5 support, is to use a passwd-like file: http://wiki2.dovecot.org/HowTo/CRAM-MD5 I am

Hello! I'm trying to run somthing called Scifinder, and the program is performing quite well. The only problem is that all the buttons in the program have no icons (they are all blank), and this makes it a bit difficult to use... When I use the the program, I get thousands of the error messages below. I suppose the messages has got something to do with the missing icons. Any suggestions on

>>>>> Aki Tuomi <aki.tuomi at dovecot.fi>: > On 09.09.2017 12:33, Steinar Bang wrote: >> When a message is copied to a folder on dovecot with mbox storage, is >> the mtime of the saved mbox file set to the time of the save? [snip!] > Internaldate is picked from the separating 'From' line in mbox file. > "From user at example.org Thu Oct 20

When a message is copied to a folder on dovecot with mbox storage, is the mtime of the saved mbox file set to the time of the save? Or is the mtime set to the Date: field of the source message that is saved? If there is a difference in the behaviour, do someone know the dovecot version number where the change happened? The reason I'm asking is a problem reported on the Gnus imap client in

Hi, I've been running a Linux machine (RedHat 4.1 kernel 2.0.27) with Samba 1.9.16p9 (built by RedHat) for about 1 year now. Everything has been working just fine, but recently I increased the number of users. When I get to about 75 users the whole system goes down, with messages like: Unable to load interpreter No more processes File table overflow If I manage to kill Samba, the system

To Whom It May Concern, I have been informed that there is a public domain software called "R" which is available through ftp://stat.auckland.ac.nz. I've tried the address but I can't find the software itself. Can you help me on this. Thanks. Belen Razo -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- r-help mailing list -- Read

To Whom It May Concern, I have been informed that there is a public domain software called "R" which is available through ftp://stat.auckland.ac.nz. I've tried the address but I can't find the software itself. Can you help me on this. Thanks. Belen Razo -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- r-help mailing list -- Read

[Apologies if this gets through twice. I sent it first without subscribing, but it seems like it got stuck in the moderation queue, so I subscribed and re-sent it.] I'm doing some work on audio fingerprinting for a school project (more precisely, my master's thesis. I got a hint on #vorbis that I might want to look into the internal floor representations in libvorbisenc to get out audio

Gnus use a lot of custom flags to represent the messages state wrt. Gnus. How well are these flags supported in dovecot? How fast are access to them? (Ie. will dovecot have to open the message and parse the headers) Are they supported when using imapsync to transfer messages from a different IMAP server? (I guess I'll find out soon, because I'm using imapsync to transfer messages

I'm trying to understand the newbus and acpi interactions on this Dell R620 that result in the Broadcom adapter board being probed "backwards" or just plain out of order in comparison to the connector layout and the linux tg3 driver. We seem to be detecting PCI0:2:0 before PCI0:1:0. This seems odd to me. When I replace the broadcom daughter card with an intel daughter card, this

It is a jolly bad idea to use the same password for both email and system access. On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. (I tried to protect dovecot passwords with bcrypt, but the

On 27.03.2017 01:13, Ruga wrote: > It is a jolly bad idea to use the same password for both email and system access. > > On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. > > (I

Package: xen-utils-3.0.3-1 Version: 3.0.3-0-2 Severity: important After installing Xen and setting up (network-script 'network-bridge netdev=eth0') I no longer have a sane IPv6 address in the dom0: inet6 2001:700:300:d03f:fcff:ffff:feff:ffff/64 scope global dynamic valid_lft 2591977sec preferred_lft 604777sec This is probably since xenbr0 has a MAC address of fe:ff:ff:ff:ff:ff;

Hey all, Attached you will find an experimental patch which allows me to play with a derived JIT class. With this patch I've alleviated my concerns with forcing cross module behavior for all users of JIT. However this introduces some new semantics, and kind of circumvents the EngineBuilder API. More important though, I have not addressed any concern about using stub functions in eager

Thanks to work from Johnny, linux 3.18.12 with all the x4c blktap goodness have been built and are now in the virt6-testing repo. I've also uploaded libvirt 1.2.15. As you may have seen earlier today, virt6-testing also includes an updated 4.4.2 package with the latest security update (XSA-133). The kernel has had some basic testing (by myself, Johnny, and another community member), but