similar to: Disable ssl validation for replication?

Hi, I have two servers (HA configuration) on which I'm attempting to get replication working over SSL.? They're at two different sites, but connected via a site-site VPN. Everything seems to be fine, except that the certificates are not validating as I'm using IP addresses for the sync, as opposed to the public hostnames for which the certificates are valid, and so I get the

I'd considered doing it at the internal DNS server level which I wasn't a fan of because it's a separate server's config that I'd have to rely on to make sure this server was working.? The thought of the local hosts file slipped my mind.? That is a good idea; it meets my needs, and keeps everything in the same "create mail server" ansible file. Thank you! -Joseph

I guess what I don't understand is why the IP address approach is more attractive to you, and why you think the "public Internet" path is less good. Best regards, A -- Please excuse my clumbsy thums ---------- On December 21, 2017 12:47:47 AM Joseph Ward <jbwlists at hilltopgroup.com> wrote: > Hi, > > I have two servers (HA configuration) on which I'm

HotSlots Webmaster <webmaster at hotslots132.com> writes: > I have had Dovecot working fine with SSL for nearly two years now. It's > time to renew the SSL certificate, so I did (same CA). The new > certificate works fine in Apache and Postfix. But when I update Dovecot > to use the same certificate, and restart the server, Dovecot stops > responding to connects. > ...

On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>

St?phane Cottin writes: > dspam already send errors to syslog, the point here is to never loose > email contents. This was a wrong design, i'm now use a wrapper instead > ( see my previous post for details ). You're stilling going to lose contents. If dspam fails, the mail is dumped, the LDA returns exit code 75, and the MTA will probably issue a bounce Email to the sender.

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 07/08/2019 00:37 Joseph Tam via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote: </div>

St?phane Cottin writes: > A typical .qmail file : > > | /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2" > > When dspam segfault or is killed, preline receive an empty content and > only pass to dovecot-lda two headers ( Return-Path

Michael Felt <michael at felt.demon.nl> writes: >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >> written in pure shell script, so no python dependencies. >> https://github.com/Neilpang/acme.sh > > Thanks - I might look at that, but as Ralph mentions in his reply - > Let's encrypt certs are only for three months - never ending circus.

St?phane Cottin writes: >> You're stilling going to lose contents. If dspam fails, the mail >> is dumped, the LDA returns exit code 75, and the MTA will probably >> issue a bounce Email to the sender. > > from dovecot-lda man page : > > 75 A temporary failure. This is returned for almost all failures. See the log file for > details.

Is there some reason to use a mail.domain.com cert for mail rarher than just using domain.com for everything? Historically the subdomain were used because they were on different hardware. That is www was on one machine and mail was on another. ? Original Message ? From: dovecot at dovecot.org Sent: March 14, 2019 3:56 PM To: dovecot at dovecot.org Reply-to: jtam.home at gmail.com

Kevin writes: > Appreciate if you could help with this. I have been trying to address this > "slow search" issue for a while with very limited success(I was trying to > implement FTS also), so I will appreciate if you could support. When I'm stumped, one of the diagnostic tools I use is process tracing. Connect via IMAP, in another window/session process trace the IMAP

A mail user reported that he filled up his INBOX (despite reminders he was approaching his filesystem quota), and furthermore, he could not fix the situation because he couldn't expunge message he marked for deletion. The dovecot logs revealed the cause dovecot: imap(user): Error: open(/var/mail/user.lock) failed: Disc quota exceeded This created an impasse where a user cannot free

On Fri, 22 Jun 2018, Aki Tuomi wrote: >> Do I need to make a fresh dh.pem? The upgrade doc tells how to convert >> ssl-parameters.dat but how to make a new one? > > ... or you can make a fresh one using openssl > gendh 4096 > dh.pem This also works openssl dhparam -out dh.pem 4096 > Note that this will require quite a lot of entropy, so you should > probably

On Thu, 20 Dec 2018 at 15:54, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > On 20 December 2018 at 14:33 Odhiambo Washington < odhiambo at gmail.com> > wrote: > > > On Thu, 20 Dec 2018 at 15:23, Aki Tuomi < aki.tuomi at open-xchange.com> > wrote: > > > > > On 20 December 2018 at 14:10 Odhiambo Washington < odhiambo at gmail.com>

"Scott W. Sander" writes: > I have noticed that the name of my private server running dovecot appears > in email headers rather than the public-friendly name of my server. Which headers are you taking about? If you're talking about Received: headers, that's usually inserted by your MTA, not dovecot. Joseph Tam <jtam.home at gmail.com>

"Davide Marchi" <danjde at msw.it> writes: >> UW-IMAP's mailutil, imapsync, YippieMove and Larch. Whatever you use, *don't* use UW-IMAP's mailutil unless you got lots of time to kill. It is dreadfully slow -- I used it to export some of my users' mailboxes to Gmail or other remote mail servers, and I could almost cut&paste the messages faster. Like Aki

Timo announced: > https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz > https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz.sig > > Note that the download URLs are now https with a certificate from Let's Encrypt. wget complained about ERROR: certificate common name `wiki.dovecot.org' doesn't match requested host name `dovecot.org'. and indeed, the

Any guess at what would cause this? Feb 7 21:20:53 server dovecot: imap(user): Panic: file mailbox-list-fs-iter.c: line 447 (fs_list_get_roots): assertion failed: (full_fs_access) (Sorry, no core dump) According to my logs, this user couldn't start an IMAP session for a 2 hour stretch for hundreds of connections. Then the problem seemed to have went away. I logged back as that