Displaying 20 results from an estimated 2000 matches similar to: "different TLS protocols on different ports"
2018 Nov 14
2
different TLS protocols on different ports
Am 14.11.18 um 20:22 schrieb Aki Tuomi:
> Not possible I'm afraid.
Hello Aki,
is it not possible in 2.2.36 or not possible at all?
I stumbled upon RFC 8314 *) and I found it a welcome option to enforce more modern protocols/ciphers.
IMAPS/SUBMISSIONS aren't used widely (at least to my knowlege, many postmaster used to configure IMAP+SUBMISSION and STARTTLS)
Switching Clients to
2018 Nov 14
3
different TLS protocols on different ports
On Wed, 14 Nov 2018, Aki Tuomi wrote:
>> I'm providing IMAP+Starttls on port 143 for users with legacy MUA. So
>> I've to enable TLS1.0 up to TLS1.3 For IMAPS / port 993 I like to
>> enable TLS1.2 and TLS1.3 only.
>>
>> Is this possible with dovecot-2.2.36 / how to setup this?
>
> Not possible I'm afraid.
("Not possible" = challenge!)
2019 Dec 27
1
Disabling TLS 1.1 in Centos 7 cockpit
Sure did!
I am even playing with different options (including NONE) and it seems
to ignore the contents of ssl.conf
I have tried
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA:
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA
Environment=G_TLS_GNUTLS_PRIORITY=PFS
2018 Nov 14
0
different TLS protocols on different ports
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 14 November 2018 at 21:19 "A. Schulze" <
<a href="mailto:sca@andreasschulze.de">sca@andreasschulze.de</a>> wrote:
</div>
2019 Dec 27
2
Disabling TLS 1.1 in Centos 7 cockpit
Thanks, Randal for the response. But it did not work.
Here the results:
#yum info cockpit
Name : cockpit
Arch : x86_64
Version : 195.1
Release : 1.el7.centos.0.1
Size : 51 k
Repo : installed
>From repo : extras
Summary : Web Console for Linux servers
URL : https://cockpit-project.org/
License : LGPLv2+
[root at cockpit ~]# cat
2018 Nov 14
0
different TLS protocols on different ports
On 11/14/2018 01:46 PM, Joseph Tam wrote:
> On Wed, 14 Nov 2018, Aki Tuomi wrote:
>
>>> I'm providing IMAP+Starttls on port 143 for users with legacy MUA.? So
>>> I've to enable TLS1.0 up to TLS1.3 For IMAPS / port 993 I like to
>>> enable TLS1.2 and TLS1.3 only.
>>>
>>> Is this possible with dovecot-2.2.36 / how to setup this?
>>
2019 Oct 01
4
Change ciphers on samba
On 01.10.2019 14:06, Rowland penny via samba wrote:
> On 01/10/2019 12:51, Arkadiusz Karpi?ski wrote:
>>
>> On 30.09.2019 20:03, Rowland penny via samba wrote:
>>> On 30/09/2019 18:06, akarpinski wrote:
>>>> Samba version is 4.10.7
>>>>
>>>> smb.conf:
>>>>
>>>> # Global parameters
>>>> [global]
2017 Aug 27
3
[PATCH] Add support for lower TLS version than default
On 27 August 2017 08:32:06 CEST, Timo Sirainen <tss at iki.fi> wrote:
>> DEF(SET_STR, ssl_protocols),
>> DEF(SET_STR, ssl_cert_username_field),
>> DEF(SET_STR, ssl_crypto_device),
>> + DEF(SET_STR, ssl_lowest_version),
>
>Does it really require a new setting? Couldn't it use the existing
>ssl_protocols setting?
You need to set a minimal version.
2017 Aug 26
3
[PATCH] Add support for lower TLS version than default
The openssl library in Debian unstable (targeting Buster) supports
TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0.
If the admin decides to also support TLS1.[01] users he can then enable
the lower protocol version in case the users can't update their system.
Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
---
src/config/all-settings.c
2019 Dec 27
3
Disabling TLS 1.1 in Centos 7 cockpit
Hi, I'm using cockpit in standard port 9090 in a Centos 7 system.
Due to a suggestion from management, they want TLS 1.1 disabled
system-wide in all Linux boxes and TLS 1.2 enabled.
I have not found proper documentation on how to disable it for cockpit
(version 195.1 ships with Centos 7)
So far I have tried (https://cockpit-project.org/guide/149/https.html):
2018 Nov 14
0
different TLS protocols on different ports
> On November 14, 2018 at 12:46 PM "A. Schulze" <sca at andreasschulze.de> wrote:
<
> I stumbled upon RFC 8314 *) and I found it a welcome option to enforce more modern protocols/ciphers.
> IMAPS/SUBMISSIONS aren't used widely (at least to my knowlege, many postmaster used to configure IMAP+SUBMISSION and STARTTLS)
"IMAPS" has been used forever. Every
2015 Apr 17
4
Centos 5 & tls v1.2, v1.1
Yep, maybe using ssl offloading devices like (BigIP) that receives tls1.2
and tlsv1.2 and then re-encrypts traffic with tls1.0 might be "cheapest"
solution.
--
Eero
2015-04-17 14:15 GMT+03:00 Johnny Hughes <johnny at centos.org>:
> On 04/16/2015 05:00 PM, Eero Volotinen wrote:
> > in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5
> >
> > --
>
2020 Nov 10
10
Recommended Protocols?
Hello all:
For several years I have been running the following in a Linux server.
Dovecot Version: 2.0.9
*IMAP:*
Connection Security: SSL/TLS
Port: 993
Authentication Method: Normal Password
*SMTP:*
Connection Security: STARTTLS
Port: 587
Authentication Method: Normal Password
The E-mail client is Thunderbird on Windows.
I am preparing a new server, with Dovecot 2.2.36 and would like to know
2020 Apr 13
5
got a listener on 993
Hello,
Before I get in to my question is ssl on 993 or starttls on 143 better
from a security perspective?
I've noticed that I've got a dovecot listener on port 993, below is my
doveconf -n output I don't have an imaps listener uncommented should I
do so and set it's port to 0? Will that disable the 993 listener?
Thanks.
Dave.
# 2.3.10 (0da0eff44):
2010 Apr 11
4
Virusscanning
Hello list,
I use currently a non-dovecot pop3 proxy which has the ability
to scan all passing mails for viruses. And I like dovecot.
I have to combine both.
One (and the only) idea is to call a virusscanner a shellscript,
installed as PostLoginScript.
But I see multiple disadvantages:
1. it's a shellscript which tents to be slow.
2. it's called *on* the mailbox-host, not on a dedicated
2018 Oct 19
2
Future Releases
On 10/18/18 4:14 PM, Johnny Hughes wrote:
> On 10/18/2018 12:36 PM, Walter H. wrote:
>> On 18.10.2018 00:08, Johnny Hughes wrote:
>>> The bottom line .. we don't make the decision whether or not to use
>>> systemd or not.? We rebuild RHEL source code.
>> will there come a CentOS 6.11 which will be capable of TLS1.3 or HTTP/2?
>> I'm sure there will
2019 Oct 01
0
Change ciphers on samba
You looking for something like this i think?
Enable TLS1.2 ( and if supported TLS1.3) and allowes AES128 and EAS256.
tls priority = SECURE256:+SECURE128:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:-VERS-DTLS1.1
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Robert Marcano via samba
> Verzonden: dinsdag
2017 Nov 23
3
set parameter per user
Steffen Kaiser:
> Is the detail delived to Dovecot by the MTA at all?
sure!
have to say: I faked that example. In reality I tested the inverse way:
My lab setup actually *do* deliver to folders and
I saw, setting lmtp_save_to_detail_mailbox to 'no' still deliver to folder
while INBOX was expected.
so, correct hint: I should really try on an other system ...
But from my debug logs it
2015 Jan 25
1
Indexing Mail faster
Thomas Leuxner:
> namespace {
> location = virtual:~/mdbox/virtual
> prefix = Virtual/
> separator = /
> }
>
> $ cat virtual/Flagged/dovecot-virtual
> *
> Public/*
> flagged
once setup correctly it works like expected :-)
> Another example, the one I used in the original reply, is 'gluing'
> together archives as a single view:
>
> $
2018 Oct 18
4
Future Releases (was: What are the differences between systemd and non-systemd Linux distros?)
On 18.10.2018 00:08, Johnny Hughes wrote:
> The bottom line .. we don't make the decision whether or not to use
> systemd or not. We rebuild RHEL source code.
will there come a CentOS 6.11 which will be capable of TLS1.3 or HTTP/2?
I'm sure there will come a CentOS 8, but when is it probable to be released?
one of the most important things (for me), as I already noticed there
will