similar to: Certificate cache on iOS with sending mail

On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>

Cheers Remko and Ralph. I think there was some mention in the lets encrypt FAQ that certbot doesn't do email. But I understand I can use their generated very for dovecot, postfix and https? That would be good indeed. Anyone know of any manual, or can I just replace the certs in the dovecot and postfix locations with theirs? Do dovecot, postfix and apache all support .pem format? Sent from

Thanks Ralph, i?ll look into that. I think let?s encrypt uses certbot though and it can?t do email certificates (although i?m sure i can convert the cert i get from let?s encrypt, i?ll look into it. > On 9 Aug 2017, at 16:40, Ralph Seichter <m16+dovecot at monksofcool.net> wrote: > > On 09.08.2017 17:20, Alef Veld wrote: > >> So i?m using dovecot, and i created a self

Sent from my iPhone > On 14 Aug 2017, at 13:03, Alef Veld <alefveld at outlook.com> wrote: > > Hey Mike. > The iPhone and MacBook started working, but the two remaining iMacs still have problems. It's really weird. But if the first 2 are working it MUST be something local right? > > I removed the servers and re-added but no go. Maybe I'll need to remove the plist

Alef Veld writes: >> I'm wondering if there is any cache for a certificate or something, my >> maillog shows up something like 10 bytes read, -1. So it returns an >> error. I deleted the accounts and created them again, still no go. >> >> Anyone had anything similar before? On top of the usual mail set up problems (and it appears to be some SSL/STARTLS port

> On 10 August 2017, at 04:37, Alef Veld <alefveld at outlook.com> wrote: > > I completely agree (having said that I'm pretty new to all this so I might be full of it). > > You should run your own CA if you have an active financial interest in your company (say your the owner). No added benefit to have your certificate certified by a third party, why would they care

On Wed, 9 Aug 2017 08:39:30 -0700 Gregory Sloop <gregs at sloop.net> wrote: > AV> So i?m using dovecot, and i created a self signed certificate > AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches > AV> my mail server. > > AV> The first time it connects in mac mail however, it says the > AV> certificate is invalid and another

So i?m using dovecot, and i created a self signed certificate with mkcert.sh based on dovecot-openssl.cnf. The name in there matches my mail server. The first time it connects in mac mail however, it says the certificate is invalid and another server might pretend to be me etc. I then have the option of trusting it. Is this normal behaviour? Will it always be invalid if it?s not signed by a

Yes, yes, and yes. This is what I do for https://webmail.lerctr.org, imap.lerctr.org, smtp.lerctr.org, et al. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 E-Mail: larryrtx at gmail.com US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 On 8/9/17, 11:19 AM, "dovecot on behalf of Alef Veld" <dovecot-bounces at

Hi all. I?m a bit worried about the following read errors i see in my log lately. Mails still arrive and get sent fine, but what is going on with this? It doesn?t look good. Nothing has change on server side and i restarted all services (dovecot, postfix, saslauthd, sql ). Maybe it?s a temporary iPhone thing (the device im using to read and send mails, not the first time that happened. Maybe

Hi everyone. Nice to meet you. I?m new to dovecot and i came across a problem it seems. I setup a new user called sales with useradd, and gave it a password. Although it has a home directory, i set login to /sbin/nologin. When logging into the pop server on port 110 (with telnet) i get this in the logs: dovecot: pop3-login: Login: user=<sales>, method=PLAIN, rip=127.0.0.1,

I can't see any security advantages of a self signed cert. If the keypair is generated locally (which it should) a certificate signed by an external CA can't be worse just by the additional signature of the external CA. Better security can only be gained if all users are urged to remove all preinstalled trusted CAs from their mail clients (which seems impractical). Else an attacker could

On 09.08.2017 17:20, Alef Veld wrote: > So i?m using dovecot, and i created a self signed certificate with > mkcert.sh based on dovecot-openssl.cnf. The name in there matches my > mail server. > > The first time it connects in mac mail however, it says the certificate > is invalid and another server might pretend to be me etc. This is to be expected for self-signed

On 09.08.2017 17:49, Alef Veld wrote: > I think let?s encrypt uses certbot though and it can?t do email > certificates (although i?m sure i can convert the cert i get from > let?s encrypt, i?ll look into it. I'm not sure what you mean by "can?t do email certificates"? In any case, Let's Encrypt issues certificates that can be used by Dovecot for IMAP and simultaneously

On 09.08.2017 18:18, Alef Veld wrote: > Anyone know of any manual, or can I just replace the certs in the > dovecot and postfix locations with theirs? Do dovecot, postfix and > apache all support .pem format? Google "dovecot letsencrypt" is your friend. ;-) If you have questions about details, we can discuss them of course. Also, please limit your replies to my messages to the

Hello, I'm a Mac OS X user, and I got tired of typing my password every time I want to login, but didn't want to use ssh-agent and the like. So, I grabbed the code for OpenSSH 3.7p1, and made some modifications which allow passwords to be stored and recalled from the OS X Keychain. The reason I'm posting to this list is that I'd like to make these modifications available to

Sorry; here's the message I sent with the Keychain Patch yesterday. I didn't realize that the list wouldn't extract the text parts of the message. Enjoy. Hey all, Here's the patch to let SSH store passwords in the Mac OS X Keychain. I don't know whether you guys want to include it or not with the distribution; some people have said that since Keychain is not an open

Is there a centos recommended repository for centos 7 where I can obtain the keychain package? TIA, Pete

hello centos.. I am having a very annoying problem on my network right now. it looks like every time I try to add my ssh key to keychain I have to issue a command just to get my ssh subsystem communicating with the ssh-agent: I have this line in my .bashrc file $(keychain --eval --quick --quiet private_key1 private_key2 private_key3) If I try to perform ssh-add I get the message: [bluethundr

I deleted the certificate already, but I think it only uses that for imap/dovecot. I don't think it actually stores one for smtps (or am I not talking sense here). Sent from my iPhone > On 10 Aug 2017, at 23:25, Joseph Tam <jtam.home at gmail.com> wrote: > > >> On Thu, 10 Aug 2017, Larry Rosenman wrote: >> >> Which mail client on iOS? > > Sorry,