similar to: secure setup for imap hibernation

On Friday 27 of October 2017, Aki Tuomi wrote: > On 27.10.2017 11:20, Arkadiusz Mi?kiewicz wrote: > > Hi. > > > > What's the approach for securely enabling imap hibernation in case when > > each user uses different uid and gid? > > > > Looks like none and 0666 on hibernation and imap master sockets is the > > only way? > > > > Thanks,

Hi, Is there a way for dovecot to use a pool of sql (mysql) servers and load balance queries between these? Also fallback to next available sql server if connection to previous one fails. Can dovecot do such things currently? (If not this is feature request). -- Arkadiusz Mi?kiewicz PLD/Linux Team arekm / maven.pl http://ftp.pld-linux.org/

Hi. I'm using nologin with own reason [1]. That works fine. For example pop3 client gets nice message like "-ERR [AUTH] Account is locked. Please contact support." Unfortunately maillog lacks information details about why user was not allowed to log in. pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<testuser>, method=LOGIN, rip=1.1.1.1, lip=2.2.2.2,

On 20.10.2016 15:52, Arkadiusz Mi?kiewicz wrote: > > ... -servername something If you want to try out, try applying this patch... >From 066edb5e5c14a05c90e9ae63f0b76fcfd9c1149e Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: Thu, 20 Oct 2016 16:06:27 +0300 Subject: [PATCH] login-common: Include local_name in login_var_expand_table This way it can be used

2.2.36 (not migrated to 2.3 yet) reports such problem: > Nov 13 15:50:58 mbox dovecot: lmtp(xxx): session=<ACYRCtLk6ltiEQAALZVUYQ>, Error: open(/var/mail/xxx/mailboxes.lock1bf6ad16b7b8b703) failed: Disk quota exceeded > Nov 13 15:50:58 mbox dovecot: lmtp(xxx): session=<ACYRCtLk6ltiEQAALZVUYQ>, Error: Couldn't create mailbox list lock /var/mail/xxx/mailboxes.lock:

> On 13 November 2018 at 22:06 Arkadiusz Mi?kiewicz <arekm at maven.pl> wrote: > > > On 13/11/2018 15:54, Arkadiusz Mi?kiewicz wrote: > > > > 2.2.36 (not migrated to 2.3 yet) reports such problem: > > > >> Nov 13 15:50:58 mbox dovecot: lmtp(xxx): session=<ACYRCtLk6ltiEQAALZVUYQ>, Error: open(/var/mail/xxx/mailboxes.lock1bf6ad16b7b8b703)

On Thursday 11 of January 2018, Aki Tuomi wrote: > Seems we might've made a unexpected change here when we revamped the ssl > code. Revamped, interesting, can it support milions certs now on single machine? (so are certs loaded by demand and not wasting memory) > Aki -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )

Hello. The problem with dovecot/config processes never ending and spawning new one on each reload (https://www.dovecot.org/list/dovecot/2016-November/106058.html) is becoming a problem here: # ps aux|grep dovecot/config|wc -l 206 That's a lot of wasted memory - dovecot/config processes ate over 30GB of ram on 64GB box. Before killing dovecot/config processes: # free -m total

Is there a way to log SNI hostname used in TLS session? Info is there in SSL_CTX_set_tlsext_servername_callback, dovecot copies it to ssl_io->host. Unfortunately I don't see it expanded to any variables ( http://wiki.dovecot.org/Variables ). Please consider this to be a feature request. The goal is to be able to see which hostname client used like: May 30 08:21:19 xxx dovecot:

> On Oct 17, 2016, at 2:41 AM, Arkadiusz Mi?kiewicz <arekm at maven.pl> wrote: > > On Monday 30 of May 2016, Arkadiusz Mi?kiewicz wrote: >> Is there a way to log SNI hostname used in TLS session? Info is there in >> SSL_CTX_set_tlsext_servername_callback, dovecot copies it to >> ssl_io->host. >> >> Unfortunately I don't see it expanded to any

On 18.10.2016 14:16, Arkadiusz Mi?kiewicz wrote: > On Monday 17 of October 2016, KT Walrus wrote: >>> On Oct 17, 2016, at 2:41 AM, Arkadiusz Mi?kiewicz <arekm at maven.pl> wrote: >>> >>> On Monday 30 of May 2016, Arkadiusz Mi?kiewicz wrote: >>>> Is there a way to log SNI hostname used in TLS session? Info is there in >>>>

Hi. I'm considering dovecot migration from 2.2.36 run with openssl 1.0.2o to dovecot 2.3.3 run with openssl 1.1.1. Currently I have both variants running with identical configs and certs (the only differences are due to config syntax changes in dovecot 2.3), so for example on both I have: ssl_ca = </etc/openssl/certs/wildcard_ca.pem (this file contains single intermediate certificate of

> On 13 Nov 2018, at 21.06, Arkadiusz Mi?kiewicz <arekm at maven.pl> wrote: > > On 13/11/2018 15:54, Arkadiusz Mi?kiewicz wrote: >> >> 2.2.36 (not migrated to 2.3 yet) reports such problem: >> >>> Nov 13 15:50:58 mbox dovecot: lmtp(xxx): session=<ACYRCtLk6ltiEQAALZVUYQ>, Error: open(/var/mail/xxx/mailboxes.lock1bf6ad16b7b8b703) failed: Disk quota

On 23.03.2018 10:04, Arkadiusz Mi?kiewicz wrote: > On Thursday 22 of March 2018, Arkadiusz Mi?kiewicz wrote: >> I have a problem with some messages passed from exim to dovecot lmtp >> service: >> >> From exim debug: >> >> using socket /var/run/dovecot/lmtp >> LMTP<< 220 mbox8 ready >> LMTP>> LHLO mbox8... >> LMTP<<

On 20.10.2016 15:41, Arkadiusz Mi?kiewicz wrote: > On Thursday 20 of October 2016, Aki Tuomi wrote: >> On 18.10.2016 14:16, Arkadiusz Mi?kiewicz wrote: >>> On Monday 17 of October 2016, KT Walrus wrote: >>>>> On Oct 17, 2016, at 2:41 AM, Arkadiusz Mi?kiewicz <arekm at maven.pl> >>>>> wrote: >>>>> >>>>> On Monday 30

On Monday 21 of November 2016, @lbutlr wrote: > On Nov 21, 2016, at 7:39 AM, Arkadiusz Mi?kiewicz <arekm at maven.pl> wrote: > > reason is the only thing in maillog that allows to distinguish why user > > was not allowed to log in. > > Um? the only thing? How about where you set the reason in the first place? That "first" place is constantly changing

Hello. Is still true that mail_max_userip_connections cannot be overriden in userdb query? Want lower global and raise for some logins. https://www.dovecot.org/pipermail/dovecot/2017-July/108520.html -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )

On Tuesday 08 of December 2015, Gerhard Wiesinger wrote: > On 07.12.2015 20:13, Timo Sirainen wrote: > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz.sig > > > > This could be (one of) the last v2.2.x release. We're starting v2.3 > > development soon. > > Great! > > What's on

Quoting Arkadiusz Mi?kiewicz <arekm at maven.pl>: > Hi. > > I wonder if there any plans of finishing "multiple passwords for single > user" > feature? > <snip> > > Untill that happens (not that great) workaround exists: > http://wiki2.dovecot.org/Authentication/MultipleDatabases > > ? Whoops misfired Unless you want a single service to have

27.10.2016 16:39, Arkadiusz Mi?kiewicz wrote: > On Thursday 27 of October 2016, Timo Sirainen wrote: >> http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz >> http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig > Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25: > > From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001