Displaying 20 results from an estimated 300 matches similar to: "pop 110/995, imap 143/993 ?"
2017 Aug 21
4
pop 110/995, imap 143/993 ?
On 21/08/17 10:37, Gedalya wrote:
> On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
>> is there a 'preferred way'? should I tell users to use 143 over 993 ? or
>> 993 over 143? or?
> There is no concrete answer. There are various opinions and feelings about this.
> The opinion againt 993/995 is that these are not standard ports,
Out of curiosity, is there a
2017 Aug 21
2
pop 110/995, imap 143/993 ?
On 21/08/17 13:39, Robert Wolf wrote:
>
> On Mon, 21 Aug 2017, Sebastian Arcus wrote:
>
>>
>> On 21/08/17 10:37, Gedalya wrote:
>>> On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
>>>> is there a 'preferred way'? should I tell users to use 143 over 993 ? or
>>>> 993 over 143? or?
>>> There is no concrete answer. There
2017 Aug 21
0
pop 110/995, imap 143/993 ?
On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
> is there a 'preferred way'? should I tell users to use 143 over 993 ? or
> 993 over 143? or?
There is no concrete answer. There are various opinions and feelings about this.
The opinion againt 993/995 is that these are not standard ports, and there is no
need to allocate new ports for the secure version of each protocol since we
2017 Aug 21
0
pop 110/995, imap 143/993 ?
On Mon, 21 Aug 2017, Sebastian Arcus wrote:
>
> On 21/08/17 10:37, Gedalya wrote:
> > On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
> > > is there a 'preferred way'? should I tell users to use 143 over 993 ? or
> > > 993 over 143? or?
> > There is no concrete answer. There are various opinions and feelings about
> > this.
> > The
2017 Aug 21
0
pop 110/995, imap 143/993 ?
On Mon, 21 Aug 2017, Sebastian Arcus wrote:
> On 21/08/17 13:39, Robert Wolf wrote:
> >
> > On Mon, 21 Aug 2017, Sebastian Arcus wrote:
> >
> > >
> > > On 21/08/17 10:37, Gedalya wrote:
> > > > On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
> > > > > is there a 'preferred way'? should I tell users to use 143 over
2017 Aug 21
0
pop 110/995, imap 143/993 ?
On 21/08/17 22:18, Joseph Tam wrote:
>
> Lest anyone think STARTTLS MITM doesn't happen,
>
> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/
>
> Not only for security, I prefer port 993/995 as it's just plain simpler
> to initiate SSL from the get-go rather than to do some handshaking that
> gets you to the same
2017 Aug 22
0
pop 110/995, imap 143/993 ?
Gary <lists at lazygranch.com> writes:
> If I read this correctly, starttls will fail due to the MITM attack.
> That is the client knows security has been compromised.
I'm not sure what you man by "fail". STARTTLS is prone to MITM attacks
if a client has not been configured to refuse non-STARTTLS/SSL sessions.
For clients that will allow both secured and plaintext
2017 Aug 22
0
pop 110/995, imap 143/993 ?
On Tue, 22 Aug 2017, Ivan Warren wrote:
> Le 8/22/2017 ? 10:03 AM, Robert Wolf a ?crit?:
> >
> > WRONG!!! The email is stored plain-text on the first server and then it can
> > be
> > sent to other few MX servers over plain-text connection. I.e. encrypted
> > connection does not protect emails, but the authentication credentials.
> >
> >
> Indeed.
2017 Aug 22
0
pop 110/995, imap 143/993 ?
On Tue, 22 Aug 2017, Aki Tuomi wrote:
> else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you
> have enabled something like cram-md5.
Hi,
exactly, this is the reason, why plain-text is still needed. You don't need
encryption for authentication, if you have secure authentication. Without
knowing original password, the MITM cannot generate correct hash for login, so
2017 Aug 21
2
pop 110/995, imap 143/993 ?
Lest anyone think STARTTLS MITM doesn't happen,
https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/
Not only for security, I prefer port 993/995 as it's just plain simpler
to initiate SSL from the get-go rather than to do some handshaking that
gets you to the same point.
Joseph Tam <jtam.home at gmail.com>
2017 Aug 21
1
pop 110/995, imap 143/993 ?
On 21/08/17 16:25, Robert Wolf wrote:
> On Mon, 21 Aug 2017, Sebastian Arcus wrote:
>
>> On 21/08/17 13:39, Robert Wolf wrote:
>>>
>>> On Mon, 21 Aug 2017, Sebastian Arcus wrote:
>>>
>>>>
>>>> On 21/08/17 10:37, Gedalya wrote:
>>>>> On 08/21/2017 07:28 AM, voytek at sbt.net.au wrote:
>>>>>> is there a
2017 Aug 22
3
pop 110/995, imap 143/993 ?
On 22.08.2017 03:56, Peter wrote:
>>> Lest anyone think STARTTLS MITM doesn't happen,
>>>
>>> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/
> Right, the attack does happen, but it can be prevented by properly
> configuring the server and client.
Dovecot, by default, requires STARTTLS before accepting plaintext
2017 Aug 22
1
pop 110/995, imap 143/993 ?
Robert Wolf wrote:
>> else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you
>> have enabled something like cram-md5.
>
> Hi,
>
> exactly, this is the reason, why plain-text is still needed. You don't need
> encryption for authentication, if you have secure authentication. Without
> knowing original password, the MITM cannot generate correct hash
2017 Aug 22
0
pop 110/995, imap 143/993 ?
>> Lest anyone think STARTTLS MITM doesn't happen,
>>
>> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/
Right, the attack does happen, but it can be prevented by properly
configuring the server and client.
>> Not only for security, I prefer port 993/995 as it's just plain
>> simpler to initiate SSL from the get-go
2017 Aug 21
6
pop 110/995, imap 143/993 ?
If I read this correctly, starttls will fail due to the MITM attack. That is the client knows security has been compromised. Using SSL/TLS, the MITM can use SSL stripping. Since most Postifx conf use "may" for security, the message would go though unencrypted. Correct???
Is there something to enable for perfect forward security with starttls?
? Original Message ?
From: s.arcus at
2012 Jul 10
6
getting rid of old spam from +spam Maildir ?
I'm trying to setup per user '+spam' delivery from amavis tags, so that
each user gets any mails tagged as spam to 'spam' Maildir via +spam
Dovecot lmtp delivery.
after say 7 days I want to delete all spams older than 7 days,
if I simply delete mail files from the file system, is that a 'bad thing' ?
what is a proper way to do that, and scripts ?
for
2018 Jul 22
4
ot: LE server conf setup/ iPhone 'expired cert' message
I've installed LE certs on my Dovecot a while back, and, it has been
working OK since, but, today, an iPhone user said he can't get emails as
iphone says 'cert is expired', searching around, I see some other iPhone
similar issues reported, do I have my conf correct, I have;
# cat dovecot.conf | grep ssl
ssl = required
verbose_ssl = no
ssl_cert =
2014 Mar 25
1
Dovecot Port 993 and 995 not connecting.
Hello Mates,
I am facing a really weird issue with my mail server, somehow I cannot
connect using port 993.
It works with 143 but not 993 nor 995.
Here is a little bit of more information:
# telnet localhost 143
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+
2018 Nov 08
2
after reboot listen(*, 995) failed: Address already in use/listen(*, 993) failed: Address already in use
This is still happening after a reboot, Fedora 28. Restarting dovecot fixes
the problem. Does anyone know if it could be related to this bug
report? *https://bugzilla.redhat.com/show_bug.cgi?id=103401#c130
<https://bugzilla.redhat.com/show_bug.cgi?id=103401#c130> * and suggested
work around to add ports to /proc/sys/net/ipv4/ip_local_reserved_ports?
Nov 8 12:21:41 ourdomain dovecot[1386]:
2011 Apr 09
1
143 STARTTLS/ 993 SSL/TLS query
I'm testing my new dovecot server with Thundirbird
I can have it working on
port 143 with STARTTLS, or on
port 993 with SSL/TLS
my uderstanding is that on 993 I get encrypted 'password and mail transfer'
(yes ?)
so what happens if I use 143 with STARTTLS, is that equivalent to port 993
if STARTTLS is used ?
thanks for any insights..
--
Voytek