Displaying 20 results from an estimated 3000 matches similar to: "Dovecot + Weakforced Policy server"
2019 Jan 16
2
Dovecot + Weakforced Policy server
Hi Aki,
I've configured in this way:
vm-weakforced:~# printf 'wforce:super' | base64
d2ZvcmNlOnN1cGVy
vm-weakforced:~# cat /etc/dovecot/conf.d/95-policy.conf
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = some random string
auth_policy_server_api_header = "Authorization: Basic d2ZvcmNlOnN1cGVy
With the same result...
> WforceWebserver: HTTP
2019 Jan 16
0
Dovecot + Weakforced Policy server
Did you miss the closing quote from api_header? Also, can you turn on auth_debug=yes?
Aki
> On 16 January 2019 at 12:05 alberto bersol <alberto at bersol.info> wrote:
>
>
> Hi Aki,
>
> I've configured in this way:
>
> vm-weakforced:~# printf 'wforce:super' | base64
> d2ZvcmNlOnN1cGVy
>
> vm-weakforced:~# cat
2019 Jan 16
0
Dovecot + Weakforced Policy server
Hi!
You configure it like this:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = some random string
auth_policy_server_api_header = "Authorization: Basic d2ZvcmNlOkJydHpUNlRuTkZ4UUU="
the authorization blob is basically
printf 'wforce:super' | base64
Aki
> On 16 January 2019 at 10:06 alberto bersol <alberto at bersol.info> wrote:
>
>
2017 Aug 02
4
Auth Policy Server/wforce/weakforced
Is there explicit documentation available for the (probably trivial)
configuration needed for Dovecot and Wforce? I'm probably missing
something that should be perfectly obvious...
Wforce appears to start without errors. I added a file to dovecot's conf.d:
95-policy.conf:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = this_is_my_super_secret_something
2019 Mar 07
2
how to enable PowerDNS/Weakforced with Fedora and sendmail
So for auth_policy_server_api_header. is the value of our_password come from the hashed response or the plain-text password? What else am I doing wrong?
Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request "/" from 127.0.0.1:56416: Web Authentication failed
curl -X POST -H "Content-Type: application/json" --data '{"login?:?ouruser?, "remote":
2019 Mar 06
2
how to enable PowerDNS/Weakforced with Fedora and sendmail
I took suggestions from https://forge.puppet.com/fraenki/wforce to set
these in /etc/dovecot/conf.d/95-auth.conf
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = our_password
auth_policy_server_api_header = "Authorization: Basic
hash_from_running_echo-n_base64"
auth_policy_server_timeout_msecs = 2000
auth_policy_hash_mech = sha256
auth_policy_request_attributes =
2019 Mar 06
2
how to enable PowerDNS/Weakforced with Fedora and sendmail
We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to
test wforce, from https://github.com/PowerDNS/weakforced.
I see instructions at the Authentication policy support page,
https://wiki2.dovecot.org/Authentication/Policy
I see the Required Minimum Configuration:
auth_policy_server_url = http://example.com:4001/
auth_policy_hash_nonce = localized_random_string
But when I
2019 May 13
2
dovecot 2.2.36 and wforce
Hi list
I'm trying to setup dovecot 2.2.36 on a Centos6 to communicate with a
wforce daemon on the remote side. wforce is latest released from git
repo. Daemon part is working and I can successfully send queries from
remote systems to wforce via curl
For dovecot I configured in /etc/dovecot/conf.d/95-wforce.conf
> auth_policy_server_url = http://REMOTE_IP:8084/
>
2019 Mar 07
0
how to enable PowerDNS/Weakforced with Fedora and sendmail
In weakforced you have
webserver("0.0.0.0:8084", "THIS-IS-THE-PASSWORD-FOR-WFORCE")
Thus, you make the base64 blob as
~$ echo -n wforce:THIS-IS-THE-PASSWORD-FOR-WFORCE | base64
d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U=
And in dovecot you put
auth_policy_server_api_header = Authorization Basic d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U
Aki
> On 7
2019 Mar 07
0
how to enable PowerDNS/Weakforced with Fedora and sendmail
wforce is the username always.
auth_policy_hash_nonce should be set to a pseudorandom value that is
shared by your server(s). Weakforced does not need it for anything.
auth_policy_server_api_header should be set to Authorization: Basic
<echo -n wforce:our_password | base64>
without the < >.
Aki
On 6.3.2019 20.42, Robert Kudyba via dovecot wrote:
> I took suggestions
2017 Aug 04
0
Auth Policy Server/wforce/weakforced
On 8/4/2017 12:48 PM, Daniel Miller wrote:
> On 8/3/2017 6:11 AM, Teemu Huovila wrote:
>>
>> On 02.08.2017 23:35, Daniel Miller wrote:
>>> Is there explicit documentation available for the (probably trivial)
>>> configuration needed for Dovecot and Wforce? I'm probably missing
>>> something that should be perfectly obvious...
>>>
2017 Aug 03
0
Auth Policy Server/wforce/weakforced
On 02.08.2017 23:35, Daniel Miller wrote:
> Is there explicit documentation available for the (probably trivial) configuration needed for Dovecot and Wforce? I'm probably missing something that should be perfectly obvious...
>
> Wforce appears to start without errors. I added a file to dovecot's conf.d:
>
> 95-policy.conf:
> auth_policy_server_url =
2017 Sep 28
2
Conditionally disabling auth policy
On Wed, Sep 27, 2017 at 10:06 PM, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>
>
> On 27.09.2017 20:14, Mark Moseley wrote:
> > On Wed, Sep 27, 2017 at 10:03 AM, Marcus Rueckert <darix at opensu.se>
> wrote:
> >
> >> On 2017-09-27 16:57:44 +0000, Mark Moseley wrote:
> >>> I've been digging into the auth policy stuff with weakforced
2017 Sep 27
2
Conditionally disabling auth policy
On Wed, Sep 27, 2017 at 10:03 AM, Marcus Rueckert <darix at opensu.se> wrote:
> On 2017-09-27 16:57:44 +0000, Mark Moseley wrote:
> > I've been digging into the auth policy stuff with weakforced lately.
> There
> > are cases (IP ranges, so could be wrapped up in remote {} blocks) where
> > it'd be nice to skip the auth policy (internal hosts that I can trust,
2019 Apr 11
5
Mail account brute force / harassment
On 11/04/2019 11:43, Marc Roos via dovecot wrote:
> A. With the fail2ban solution
> - you 'solve' that the current ip is not able to access you
It is only a solution if there are subsequent attempts from the same
address. I currently have several thousand addresses blocked due to
dovecot login failures. My firewall is set to log these so I can see
that few repeat, those
2019 May 14
2
weakforced and GeoIP lookups
Hi Tobi,
This looks like you haven?t included the libmaxmind libraries before running configure. GeoIP support is only compiled in if it finds the right libs.
This would be libmaxminddb-dev on Ubuntu for example.
Neil
>> Hi list
>>
>> hope it's okay to ask weakforced questions here as well, but I could not
>> find a dedicated mailinglist for wforce.
>>
2017 Sep 27
2
Conditionally disabling auth policy
I've been digging into the auth policy stuff with weakforced lately. There
are cases (IP ranges, so could be wrapped up in remote {} blocks) where
it'd be nice to skip the auth policy (internal hosts that I can trust, but
that are hitting the same servers as the outside world).
Is there any way to disable auth policy, possibly inside a remote{}?
auth_policy_server_url complains that it
2019 May 14
2
weakforced and GeoIP lookups
Hi Tobi,
it should just work, but depends on the OS version.
./configure ?help tells you all the configure options, including:
--with-maxminddb-includedir
path to maxminddb include directory [default=auto]
--with-maxminddb-libdir path to maxminddb library directory [default=auto]
Neil
> On 14 May 2019, at 17:44, Tobi via dovecot <dovecot at dovecot.org>
2017 Sep 28
1
Conditionally disabling auth policy
On Thu, Sep 28, 2017 at 9:34 AM, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>
> > On September 28, 2017 at 7:20 PM Mark Moseley <moseleymark at gmail.com>
> wrote:
> >
> >
> > On Wed, Sep 27, 2017 at 10:06 PM, Aki Tuomi <aki.tuomi at dovecot.fi>
> wrote:
> >
> > >
> > >
> > > On 27.09.2017 20:14, Mark Moseley
2019 Apr 12
2
Mail account brute force / harassment
>
> Probably there's an existing solution for both problems (subsequent
> attempts and dnsbl):
>
> >
>