Displaying 20 results from an estimated 10000 matches similar to: "identify 143 vs 993 clients"
2020 May 26
5
identify 143 vs 993 clients
Hi,
On 25/05/2020 23:04, Voytek wrote:
> jumping here with a question, if I use 143 with STARTTLS, and, force
> TLS/SSL in configuration, that's equivalent from security POV, isn't
> it? and, same for 110 STARTTLS? Or am I missing something?
Interesting point, after some googling, I think you are right, and as
long as we have set "disable_plaintext_auth = yes" (and we
2020 May 29
3
identify 143 vs 993 clients
> Le 29 mai 2020 ? 11:17, Stuart Henderson <stu at spacehopper.org> a ?crit :
>
> On 2020-05-26, mj <lists at merit.unu.edu> wrote:
>> Hi,
>>
>> On 25/05/2020 23:04, Voytek wrote:
>>> jumping here with a question, if I use 143 with STARTTLS, and, force
>>> TLS/SSL in configuration, that's equivalent from security POV, isn't
2020 May 31
3
identify 143 vs 993 clients
On 29/05/20 11:27 pm, mj wrote:
> Thanks to all who participated in the interesting discussion.
>
> It seems my initial thought might have been best after all, and
> discontinuing port 143 might be the safest way proceed.
Yes and no. Some of the attack vectors mentioned are not reasonable and
it really depends on the client. Thunderbird, for example, used to have
settings for
2020 May 25
0
identify 143 vs 993 clients
> On 25/05/2020 21:48 mj <lists at merit.unu.edu> wrote:
>
>
> Hi,
>
> I am trying to find a nice way to identify dovecot clients that are
> still configured to use port 143 to connect to our mailserver, from the
> dovecot logs.
> I would then ask them to move over to 993, and finally disable port 143
> altogether.
>
> When looking at the dovecot
2017 Jun 14
4
question on password server =
Hi,
I would like to ask how exactly the "password server =" smb.conf option
works. The man pages say that the option is to "restrict Samba to to do
all its username/password validation using a specific remote server"
I know that we should normally leave it empty, to have samba
auto-discover the DCs. But my question is:
Suppose it's defined it like:
> password
2016 Dec 29
5
two listeners with different "driver = " configs
Hi,
I would like to have two seperate imap listeners, with different
authentication settings, but the mailstore and userbase etc will be
identical.
I know I can do this:
> service imap-login {
> inet_listener imap {
> port = 143
> }
> inet_listener imap2 {
> port = 144
> }
> }
But I'm unsure how to configure imap/143 with "driver =
2020 May 25
0
identify 143 vs 993 clients
On 26 May 2020 4:48:51 AM AEST, mj <lists at merit.unu.edu> wrote:
>I would then ask them to move over to 993, and finally disable port 143
>altogether.
>
jumping here with a question, if I use 143 with STARTTLS, and, force TLS/SSL in configuration, that's equivalent from security POV, isn't it? and, same for 110 STARTTLS?
Or am I missing something?
thanks,
V
--
Sent
2020 May 29
0
identify 143 vs 993 clients
Thanks to all who participated in the interesting discussion.
It seems my initial thought might have been best after all, and
discontinuing port 143 might be the safest way proceed.
Thanks again, valuable insights!
MJ
On 5/29/20 11:48 AM, Jean-Daniel wrote:
>
>
>> Le 29 mai 2020 ? 11:17, Stuart Henderson <stu at spacehopper.org
>> <mailto:stu at
2017 Oct 16
5
possible to use ldbedit in a safe way
On 10/16/2017 11:13 AM, Rowland Penny via samba wrote:
> On Mon, 16 Oct 2017 16:53:17 +0200
> mj via samba <samba at lists.samba.org> wrote:
>
>> Hi,
>>
>> dbcheck tells us we have two "dangling forward links" that I am
>> trying to get rid of. On my test domain, I have simply done
>>
>> ldbedit -e nano -H
2016 Jun 06
2
office 365
https://technet.microsoft.com/en-us/magazine/jj631606.aspx
goes through the steps I remember taking in a windows environment. As you
can see step 2 is to install ADFS this is what would need emulated with
some web server.
So I will try and google ADFS on apache or nginx or linux. I'll let you
know if I find anything interesting.
On Mon, Jun 6, 2016 at 1:53 PM, Jeff Sadowski <jeff.sadowski
2014 Mar 19
2
multiple dns forwarders
Hi,
To make our AD more robust, I'd like to provide more than one dns
forwarder, like for example:
dns forwarder = 8.8.8.8 8.8.4.4
However, this seems to break dns resolution completely (and without
logging errors in the logs!):
# Host test.com not found: 3(NXDOMAIN)
With only one forwarder things work:
$ test.com has address 208.64.121.161
Am I really allowed to specify only one
2020 May 29
0
identify 143 vs 993 clients
On 2020-05-26, mj <lists at merit.unu.edu> wrote:
> Hi,
>
> On 25/05/2020 23:04, Voytek wrote:
>> jumping here with a question, if I use 143 with STARTTLS, and, force
>> TLS/SSL in configuration, that's equivalent from security POV, isn't
>> it? and, same for 110 STARTTLS? Or am I missing something?
> Interesting point, after some googling, I think you
2016 Dec 31
2
two listeners with different "driver = " configs
It's very difficult at least. I can't instantly think any sensible way forward, but you might be able to get somewhere using %a variable.
Aki
> On December 31, 2016 at 11:38 AM mj <lists at merit.unu.edu> wrote:
>
>
> Hi,
>
> Does the lack of replies mean that what I'm asking is not possible?
>
> (or am I missing something SO obvious that nobody
2017 Oct 10
2
samba getting stuck, highwatermark replication issue?
Hi James,
Thanks for the quick reply.
On 10/09/2017 08:52 PM, lingpanda101 via samba wrote:
> You should be able to fix the 'replPropertyMetaData' errors with;
>
> samba-tool dbcheck --cross-ncs --fix --yes
> 'fix_replmetadata_unsorted_attid'
Yep, worked great! Fixed all of those replPropertyMetaData errors! :-)
> The highwatermark doesn't necessarily
2017 Jan 01
2
two listeners with different "driver = " configs
Or. maybe it is the holidays and people actually have a life?
On December 31, 2016 4:38:53 AM EST, mj <lists at merit.unu.edu> wrote:
>Hi,
>
>Does the lack of replies mean that what I'm asking is not possible?
>
>(or am I missing something SO obvious that nobody bothers to point it
>out..?)
>
>MJ
>
>On 12/29/2016 09:23 PM, mj wrote:
>> Hi,
>>
2017 Jul 29
5
under another kind of attack
On 07/25/2017 07:54 AM, mj wrote:
> Since we implemented country blocking,
Please don't do that. Balkanizing the Internet doesn't really benefit
anyone, and makes innovation a lot more difficult.
Instead, take a look at the fail2ban scenarios in this thread, which
solve the actual problem with a precision tool, instead of a hammer.
Doug
2015 Jan 23
3
Multiple attributes
Ho Mourik
Thanks for your reply, any other attribute which we can duplicate?
Br.
Umar
On Fri, Jan 23, 2015 at 1:47 PM, mourik jan heupink - merit <
heupink at merit.unu.edu> wrote:
> Hi,
>
> In AD, the attribute mail can only exist once.
>
> MJ
>
> On 01/23/2015 05:27 AM, Umar Draz wrote:
>
>> Hi All
>>
>> I am tying to create a user in SAMBA 4
2018 Mar 22
5
why is dovecot "Allowing any password"
On 03/21/2018 10:34 PM, @lbutlr wrote:
> The question is does it allow remote users to login with no password?
Yes, and the answer is: no.
> If not, then the message ie nearly notification that login without a password is potentially possible.
Yes, but a worrying one. That's why i decided to post here.
> I have no idea why you would have nopassword=y set in the first place, so it
2014 May 28
2
adding nt4 server to samba4 AD
Hi all,
I need to add a windows nt4 (sp6a) server to our samba-4.1.6 active
directory. I installed nt4 as a 'stand alone server'. So far it doesn't
work, I get:
When selecting to 'create a computer account in the domain':
- the machine account for this computer either does not exist or is
inaccessible
If I create a computer account manually, and do not check 'create a
2015 Nov 18
3
Permission Issues with GPO
None of my computers have a UID/GID and my GPO works fine.
Add the line i suggested to the share, and setup your rights
Gr.
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens mourik jan c
> heupink
> Verzonden: dinsdag 17 november 2015 18:55
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Permission Issues with