similar to: Dovecot LMTP Proxy + STARTTLS?

NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any ssl/starttls extra field is ignored https://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy Am 23. November 2017 09:31:41 MEZ schrieb Tobi <tobisworld at gmail.com>: >Hi > >I got dovecot 2.2.26 on a Centos7 with latest updates. Dovecot is >configured to act as director and delivers to my two backend

Hi thanks for the link. Read that page before but somehow missed the comment about ssl+lmtp proxy :-) Are there any plans to implement that to dovecot in future? Regards tobi Am 23.11.2017 um 18:38 schrieb Carsten Rosenberg: > NOTE: LMTP/doveadm proxying doesn't support SSL/TLS currently - any ssl/starttls extra field is ignored > >

Hi, when proxying lmtp from director to backend, director does not use STARTTLS. Delivering mails with postfix via lmtps to backend or director works encrypted. Is there a way to force the use of STARTTLS on dovecot director lmtp proxy? Regards, Matthias -- BOFH excuse #446: Mailer-daemon is busy burning your message in hell. (hbox storage?)

The wiki <http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy> page says this: "The connections created to the destination server can't be TLS/SSL encrypted.". Hrmm. Right now, with perdition, I'm forcing the use of STARTTLS on the internal connections. I'd just as soon get rid of perdition (to have one less moving part in my architecture), but I need the

How exactly is LMTP proxying supposed to work? According to the example on http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy I'm only seeing "proxy" in the password_query statements. But LMTP never sends a password. IMAP Proxying is working OK: Sep 24 12:51:09 imap-login: Info: proxy(ralf.hildebrandt at charite.de): started proxying to dovecot.charite.de:993:

Hi everyone! I have dovecot (1.2.11) on one our external mail servers acting as a proxy. The client (ifor now, my iphone) connects fine via ssl to the external mailserver but I can't seem to get a secure connection now to the internal destination imap server (between external mail server and internal imap server, it's going through port 143). Running tcpdump, I can clearly see my

Hi! With static db, you should use args instead override_fields. Aki > On 03 August 2018 at 16:42 grupo correo <grupodecorreo10 at gmail.com> wrote: > > > Hi, > I have configured 20-lmtp conf file to use proxy and into the protocol > section i added: > > passdb { > driver = static > override_fields = proxy=y protocol=smtp port=25 host=x.x.x.x >

Hello list we encounter a weird SSL issue with one of our dovecot (2.2.24 on Centos6) which we can only explain if our assumtion is correct Symptoms are that imaps connections (on port 993) suddenly get veeeery slow. Up to 180s for one connection with openssl s_client The thing we do not understand is that in the same time imap connections with starttls are just 1s. We can see that entropy on the

Op 25/06/2018 om 21:42 schreef Stephan Bosch: > > > > Op 14/06/2018 om 22:24 schreef grupo correo: >> Hi, >> I need to use lmtp server proxy, to proxy a remote smtp server, the >> documentation says "It's possible to use Dovecot LMTP server as a >> proxy to remote LMTP or SMTP servers", but i do not find how to >> configure. Can anybody

Hi, I need to use lmtp server proxy, to proxy a remote smtp server, the documentation says "It's possible to use Dovecot LMTP server as a proxy to remote LMTP or SMTP servers", but i do not find how to configure. Can anybody gel me to understand? Best regards -------------- next part -------------- An HTML attachment was scrubbed... URL:

Abstract from http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy > > host=s: The destination server's *IP address*. This field is required. > Note that currently it's required to use an IP address since no DNS > resolving is done. > Hello Timo, Here goes one more item for the v2.0 wishlist: Will it become possible to do dovecot imap proxying based on a

Hi, Trying to keep abusive/buggy IMAP clients at bay on a number of Dovecot proxy servers, I've reconfigured them to use "mail_max_userip_connections = 50" in the "protocol imap" section, followed by restarting Dovecot. Yet, I'm still seeing 160+ established connections from a single IP address for the same email account. Am I missing anything? # 2.2.27

Dave McGuire writes: >> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >> >> then setup fail2ban to manage extrafields > > Now that's a very interesting idea, thank you! I will investigate this. If you don't expect yor firewall to handle 45K+ IPs, I'm not how you expect dovecot will handle a comma separated string with 45K+ entries any

Hi, mail_max_userip_connections is only enforced at the backend level. The setting has no effect on proxy. If you want to force the limit then you can only do it in the backend. Sami > On 9 Mar 2017, at 12.05, Adi Pircalabu <adi at ddns.com.au> wrote: > > Quick follow-up: updated the proxies to 2.2.28, but I still couldn't find a way to limit the inbound IMAP connections per

On my POP3 server, I need to be able to control the use of STARTTLS by client IP address. Specifically: * Clients on certain internal subnets (e.g., 192.168.1.0/24) must not have the option to use TLS. If the client tries to use STARTTLS, the option should be rejected. This is to satisfy US FCC rules regarding the use of encryption over certain radio frequencies. * All other internal clients

Hello, I've been running dovecot for over 3 years now and it works with no problems. I have it setup so that it authenticates users against Active Directory via LDAP and so far no problems. What I would like to know is if there is any way that I could deny access for users trying to access email via cellphones or email clients outside the company. I can

Hi, I've been trying to build a password forwarding proxy to Gmail without success... The SSL connection to Dovecot is happening no problem (as far as I can tell), but for some reason the conversation between Dovecot and Gmail is getting timed out. I know this is supposed to be simple... :-( But could somebody please give me some help by pointing what I'm not doing right? No matter

Hi, I thought I read that anything from dovecot.conf can be overridden in a userdb lookup. Or a passdb lookup with "userdb_" prefix. But I tried for fun change log_path but it never worked. Is that because logging is special, already started logging before it comes to the passdb/userdb lookups? So are there some dovecot.conf settings that cannot be overridden? Thanks!

Hi, I have a postfix+dovecot-2.2.13 system and have configured it to support IMAPS on 993 with SSL/TLS. I'm noticing with users using Thunderbird, the autodetect defaults to IMAPS on 143 with STARTTLS. Which is preferred? Which is more secure? Which is more common? Why would someone choose one over the other? Can I ask the same question about SMTP and submission? Why would one choose 587

On 15 May 2018, at 12.06, Timo Sirainen <tss at iki.fi> wrote: > > If you look at .176's error log, do you see an error about "director_consistent_hashing settings differ between directors"? Have you set director_consistent_hashing=yes in the old directors? That is needed now, because the old non-consistent-hashing method is obsoleted. Unfortunately there's no easy