More testing, seems all my imap clients attempt to use ssl2 first, and
from the openssl mailing list:
Oops, should've made this clearer. It is only clients than need to avoid the
old SSLv2 compatible methods and only use SSLv3/TLSv1. Nothing needs to be
done to a server.
http://www.mail
Ok last info.
using OpenSSL 0.9.8g
openssl s_client -connect host:993
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : SSLv3
Cipher: DHE-RSA-AES256-SHA
Session-ID:
1E5
Just playing some more and noticed using:
gnutls-cli (GnuTLS) 2.4.2
always says compression isn't supported, even when version 2.0.4 says it was.
gnutls-cli 2.4.2 from ubuntu 9.04 x64, Compression: DEFLATE, NULL
gnutls-cli 2.0.4 from ubuntu 8.04 x64, Compression: LZO, DEFLATE, NULL
I also noti
The command I used was:
gnutls-cli --protocols NORMAL:+COMP-DEFLATE --insecure -p 993
I have tried the --comp option, but it always fails for me (ubuntu 8.04)
gnutls-cli (GnuTLS) 2.0.4
Redhat is 5.3
Freebsd is 6.3
Quoting Leonardo Rodrigues :
Timo Sirainen escreveu:
And DEFLATE gives the
On Wed, 2009-09-23 at 16:20 +0200, Oliver Eales wrote:
> is it possible to use the dovecot proxy feature for the mangaesieve
> server also ?
In theory at least. I don't know if anyone has really used it though.
signature.asc
Description: This is a digitally signed message part
On Fri, 2009-09-25 at 17:59 +0200, GanGan wrote:
> antispam-plugin.h: In function 'string_dict_init':
> antispam-plugin.h:119: erreur: too few arguments to function 'dict_init'
> antispam-plugin.h:120: attention : control reaches end of non-void
> function
Looks like you don't have the latest dove
On Mon, 2009-09-28 at 14:31 +0100, S. A. Woltering wrote:
> The problems we see are sporadic thunderbird error messages of the kind
> "cannot save message to Sent folder" and for some users with large-ish
> numbers of mail folders one or two of their folders are appearing empty.
Hmm. So .. Do you
On Mon, 2009-09-28 at 18:26 +0200, Osvaldo Alvarez Pozo wrote:
> " Error: Can't connect to auth server at /var/run/dovecot/auth-master:
> Permission denied"
..
> socket listen {
> master {
> path = /var/run/dovecot/auth-master
> mode = 0660
> user = vmail
> group = mai
Leonardo Rodrigues escreveu:
probably there's some build option on CentOS that is disabling
compression. If 0.9.8b on Fedora8 built in October/2007 can do it, so
0.9.8e on CentOS 5.3 built on September/2009 should be able to do it
too ... oh boy, i really hate those weirds compilation
On Mon, 2009-09-28 at 23:20 +0200, Mathieu BALCERAK wrote:
> Timo Sirainen a écrit :
> > On Sun, 2009-09-27 at 16:26 +0200, Mathieu BALCERAK wrote:
> >
> >> I have the same issue, when i upgrade to 1.2.5
> >> the quota per user work only if i remove the directive
> >> quota_rule=*:storage=2G
>
On Mon, 2009-09-28 at 22:20 +0100, Ed W wrote:
> Timo Sirainen wrote:
> >
> > The SQL code was for v1.0 and the lib-storage API has been simplified
> > since then, maybe not hugely but still pretty much. Maybe some day I'll
> > see about updating the SQL code for v2.0 API.
> >
> > Oh and some docum
Timo Sirainen a écrit :
On Sun, 2009-09-27 at 16:26 +0200, Mathieu BALCERAK wrote:
I have the same issue, when i upgrade to 1.2.5
the quota per user work only if i remove the directive
quota_rule=*:storage=2G
I set this rules as default for all my users except for 3 users.
The imap_quota re
Timo Sirainen wrote:
The SQL code was for v1.0 and the lib-storage API has been simplified
since then, maybe not hugely but still pretty much. Maybe some day I'll
see about updating the SQL code for v2.0 API.
Oh and some documentation about it would probably help a lot too. I
guess I should wri
On 9/28/2009 1:44 PM, Charles Marcus wrote:
On 9/28/2009 4:24 PM, Jeff Grossman wrote:
In fact there are lots of IMAP improvements in v3... I can't wait until
all my extensions catch up, and I figure out how to customize the UI the
way I want (e.g., how in the world do I get rid of the stupi
On 9/28/2009, Charles Marcus (cmar...@media-brokers.com) wrote:
> > You can't get rid of tabs per se, but you can make it so you don't use
> > > them. I hate tabs personally also. Go to Options, Advanced, Reading
> > > and Display, and select Open Messages In: An Existing Window or A New
> > > Wi
Hello Timo,
Thanks for your answer.
I finally have solved the problem. The users accounts in my postfix LDAP
virtual table were mapped as firstname.lastn...@localhost, instead of
firstname.lastn...@domain.com. In this case, deliver was not trying at
all to send the vacation message.
I have chang
2009/9/28 Patrick Domack
> Hmm, strange results.
>
> My dovecot compiled on freebsd using openssl doesn't do compression.
> But my dovecot compiled on redhat using openssl does do it.
>
> redhat openssl 0.9.8b
> freebsd openssl 0.9.7e (really old)
You don't say which version of FreeBSD you usin
On 9/28/2009 4:24 PM, Jeff Grossman wrote:
>> In fact there are lots of IMAP improvements in v3... I can't wait until
>> all my extensions catch up, and I figure out how to customize the UI the
>> way I want (e.g., how in the world do I get rid of the stupid Tabs??)
> You can't get rid of tabs per
On 9/28/2009 11:43 AM, Charles Marcus wrote:
On 9/28/2009, Ed W (li...@wildgooses.com) wrote:
In theory Thunderbird does this, but at least on my machine it just
repeatedly downloads the same message again and again in various ways
- it grinds to a halt every time I click on an email with a
On Seg, 2009-09-28 at 14:06 -0400, Timo Sirainen wrote:
> On Mon, 2009-09-28 at 19:02 +0100, Ed W wrote:
> > > Proxy servers are usually set between the webmail and the imap server.
> > >
> > > That's because webmails are a bitch regarding opening+closing
> > > connections and so the proxy gets mos
On Mon, 2009-09-28 at 20:11 +0100, Ed W wrote:
> > lib-storage API has existed since Dovecot v1.0 and it's used to abstract
> > out access to maildir, mbox, dbox, cydir, etc. SQL would fit right there
> > with those.
> >
>
> OK, I thought that was what you were going to be simplifying...
Nope.
On Mon, 2009-09-28 at 15:05 -0400, Josep L. Guallar-Esteve wrote:
> Will the upgrade from 0.99 to 1.1.19 change IMAP UIDs? Will this force me to
> remove the .imap folder from each user home directory?
The IMAP UIDs should be stored in X-UID: headers in mbox files in both
0.99 and 1.1. So in the
Timo Sirainen wrote:
On Mon, 2009-09-28 at 19:21 +0100, Ed W wrote:
In my mind this is more about what lib-storage API was supposed to
abstract out, whereas my filesystem API would be used simply for binary
data storage. The same FS API could be used to store both dbox files and
index files.
Timo Sirainen escreveu:
And DEFLATE gives the exact same error? LZO isn't supported by OpenSSL.
yes ... error from DEFLATE and LZO are exactly the same on
gnutls-cli output and maillog on the CentOS 5.3 box.
Well, not the same server but looks like this one works too:
gnutls-cli --pr
Hi Timo,
Thank you for answering.
On Monday 28 September 2009 02:22:06 pm Timo Sirainen wrote:
> On Thu, 2009-09-24 at 09:11 -0400, Josep L. Guallar-Esteve wrote:
> > I'm planning to upgrade using the instructions found at dovecot's wiki.
> > On http://atrpms.net/dist/el4/ it is offered in 3 diff
On Mon, 2009-09-28 at 15:38 -0300, Leonardo Rodrigues wrote:
> trying LZO and DEFLATE gives an error:
>
> [r...@correio dovecot]# gnutls-cli --insecure -p 993 localhost --comp
> LZO
..
> Sep 28 15:35:05 correio dovecot: imap-login: Disconnected (no auth
> attempts): rip=127.0.0.1, lip=127
On Mon, 2009-09-28 at 19:21 +0100, Ed W wrote:
> > In my mind this is more about what lib-storage API was supposed to
> > abstract out, whereas my filesystem API would be used simply for binary
> > data storage. The same FS API could be used to store both dbox files and
> > index files.
> >
>
>
On 9/28/2009, Ed W (li...@wildgooses.com) wrote:
> In theory Thunderbird does this, but at least on my machine it just
> repeatedly downloads the same message again and again in various ways
> - it grinds to a halt every time I click on an email with a decent
> sized attachment, even if I have alre
Timo Sirainen escreveu:
See if you can get gnutls-cli from somewhere (gnutls-utils package I
think?). Using the gnutls-cli command from my previous mail would show
if your OpenSSL is at least able to use compression. Anyway I wouldn't
be surprised if you couldn't find any clients that are really
On Mon, 2009-09-28 at 11:25 -0700, Eric Shubert wrote:
> >> 2. What is the preferred upgrade method? straight upgrade? (099 -> rpm
> >> -Fvh
> >> dovecot-1.2 ? Or upgrading one release at a time? (0.99 > 1.0 > 1.1 ...)
> >
> > Since you're using mbox, I think 0.99 -> 1.1 or 1.2 is fine.
>
> Wou
On Tue, 2009-09-22 at 10:02 -0700, Florin Andrei wrote:
> > ssl_require_client_cert = yes
> > remote_ip 192.168.0.0/16 {
> > ssl_require_client_cert = no
> > }
> >
> > That's almost possible in v2.0.
>
> "Almost"? :-)
Well, the problem is that this setting is checked by both auth process
and l
Timo Sirainen wrote:
On Thu, 2009-09-24 at 09:11 -0400, Josep L. Guallar-Esteve wrote:
I'm planning to upgrade using the instructions found at dovecot's wiki. On
http://atrpms.net/dist/el4/ it is offered in 3 different versions:
* dovecot 1..0.15-1_73.el4
* dovecot 1.1.19-1_96.el4
* dovecot
On Tue, 2009-09-22 at 18:41 -0700, Brandon Davidson wrote:
> I've attached a patch which seems to fix the obvious code issue. I can't
> guarantee it's the correct fix since this is my first poke at the
> Dovecot source, but it seems to have stopped the crashing on our test
> host.
It's the right f
On Thu, 2009-09-24 at 09:11 -0400, Josep L. Guallar-Esteve wrote:
> I'm planning to upgrade using the instructions found at dovecot's wiki. On
> http://atrpms.net/dist/el4/ it is offered in 3 different versions:
>
> * dovecot 1..0.15-1_73.el4
> * dovecot 1.1.19-1_96.el4
> * dovecot 1.2.5-0_100.
Timo Sirainen wrote:
On Mon, 2009-09-28 at 18:35 +0100, Ed W wrote:
I would have thought that your API will prefer to request message parts
where it can (eg header, body, mime part), and just issue a read_bytes,
where that's what the client is asking for otherwise. This would allow
the sto
On Thu, 2009-09-24 at 17:41 -0500, Steven F Siirila wrote:
> We are running dovecot 1.1.8 and are currently running it with 4 master
> processes (one for each of the protocols: imap, imaps, pop3, pop3s).
> The idea was to spread out the load so as to not overwhelm any one master.
I hope v2.0 will
On Thu, 2009-09-24 at 09:14 +0100, Andre Rodier wrote:
>
> * I use virtual file for users on postfix, and I also have a LDAP
> server for authentication. Do I have something to configure on
> dovecot to be sure that vacation is working with this
> configuration ?
deliver wants to
On Sun, 2009-09-27 at 16:26 +0200, Mathieu BALCERAK wrote:
> I have the same issue, when i upgrade to 1.2.5
> the quota per user work only if i remove the directive
> quota_rule=*:storage=2G
> I set this rules as default for all my users except for 3 users.
> The imap_quota report perfectly the qu
On Mon, 2009-09-28 at 15:07 -0300, Leonardo Rodrigues wrote:
> i have applied the provided patch, recompiled and installed dovecot
> 1.2.5 new binaries. This is what i get from logs:
>
> Sep 28 14:44:43 correio dovecot: imap-login: Login:
> user=, method=PLAIN, rip=189.114.xx.x,
> lip=200.1
On Mon, 2009-09-28 at 14:06 -0400, Timo Sirainen wrote:
> Yeah. imapproxy probably reduces the load a bit, but it probably isn't
> anything dramatic with Dovecot. My guess is that it would only reduce
> CPU load, but if it's at ~1% already then there's not that much point..
BTW. I'm only talking a
Timo Sirainen escreveu:
I think the compression support in OpenSSL is relatively new, so it's
entirely possible that it's only in v0.9.8 and newer.
from a fully upgraded CentOS 5.3 x86_64 box:
[r...@correio dovecot]# rpm -qi openssl
Name: openssl Relocations
On Mon, 2009-09-28 at 19:02 +0100, Ed W wrote:
> > Proxy servers are usually set between the webmail and the imap server.
> >
> > That's because webmails are a bitch regarding opening+closing
> > connections and so the proxy gets most of connection + auth + do
> > something + disconnect and keeps a
Patrick Domack wrote:
Hmm, strange results.
My dovecot compiled on freebsd using openssl doesn't do compression.
But my dovecot compiled on redhat using openssl does do it.
redhat openssl 0.9.8b
freebsd openssl 0.9.7e (really old)
Hey, we are up to 0.9.8k now...! Even 0.9.8b is over 3 years
Jose Celestino wrote:
On Seg, 2009-09-28 at 15:55 +0100, Ed W wrote:
You didn't get much answer to this - I'm probably not the best person to
answer, but
Are there any performance benefits to using a proxying server, or is it just
for splitting mailstores?
I think this is th
On Mon, 2009-09-28 at 18:35 +0100, Ed W wrote:
> I would have thought that your API will prefer to request message parts
> where it can (eg header, body, mime part), and just issue a read_bytes,
> where that's what the client is asking for otherwise. This would allow
> the storage engine to opt
Timo Sirainen wrote:
On Mon, 2009-09-28 at 17:57 +0100, Ed W wrote:
My only request to Timo was to kind of consider that a bunch of these
ideas from the audience will almost certainly involve splitting up the
mime message into component parts and that the abstracted interface
should try not
On Sat, 2009-09-26 at 15:51 -0400, Timothy Timmons wrote:
> I don't get the point of not just using vchkpw instead of trying to
> use libvpopmail, but hey, I'm dumb. ;)
You can use vchkpw with Dovecot's passdb checkpassword too.
As for vpopmail backend.. I thought
http://hg.dovecot.org/dovecot-1
On Mon, 2009-09-28 at 01:37 +0200, Andreas Ntaflos wrote:
> Hi list, but mainly Stephan :)
>
> when building and subsequently installing the new Sieve plugin I am
> coming across a small difficulty when it comes to "make install". The
> libraries lib90_sieve_plugin.* always get installed in the
Timo Sirainen wrote:
On Mon, 2009-09-28 at 09:00 -0700, paulmon wrote:
My current thinking is a key/value store as you've proposed. Something like
Hadoop components or Project Voldamort. Voldamort might be a better fit
from what I've read.
My understanding of Hadoop is that it's mor
On Mon, 2009-09-28 at 12:55 -0400, Patrick Domack wrote:
> Hmm, strange results.
>
> My dovecot compiled on freebsd using openssl doesn't do compression.
> But my dovecot compiled on redhat using openssl does do it.
>
> redhat openssl 0.9.8b
> freebsd openssl 0.9.7e (really old)
I think the comp
On Mon, 2009-09-28 at 17:57 +0100, Ed W wrote:
> My only request to Timo was to kind of consider that a bunch of these
> ideas from the audience will almost certainly involve splitting up the
> mime message into component parts and that the abstracted interface
> should try not to throw away any
On Mon, 2009-09-28 at 09:00 -0700, paulmon wrote:
> My current thinking is a key/value store as you've proposed. Something like
> Hadoop components or Project Voldamort. Voldamort might be a better fit
> from what I've read.
My understanding of Hadoop is that it's more about distributed computi
paulmon wrote:
My current thinking if having the local delivery break messages up into
their component pieces, headers, from address, to address, spam scores, body
etc into various key:value relationships.
Whilst this looks appealing on the surface I think the details are going
to need some b
Hmm, strange results.
My dovecot compiled on freebsd using openssl doesn't do compression.
But my dovecot compiled on redhat using openssl does do it.
redhat openssl 0.9.8b
freebsd openssl 0.9.7e (really old)
Quoting Ed W :
Timo Sirainen wrote:
On Sep 22, 2009, at 9:08 PM, Leonardo Rodrigue
> There is a way to add 'alternate names'
Subject Altenative Names.
> but I don't think TBird (or most other Clients) will recognize them.
The only client I know of NOT suporting subjectAltName is plain old pine.
You may have a try at imaps://imap.math.uni-bonn.de (or at
https://www.math.uni-bon
Timo Sirainen wrote:
On Mon, 2009-09-28 at 16:01 +0100, Ed W wrote:
If your OpenSSL supports it, Dovecot supports it. I recently tested
this with gnutls-cli program, openssl s_client for some reason didn't
support it. I've no idea if any actual IMAP clients support it.
I think this
On Mon, 2009-08-10 at 14:33 -0700, Seth Mattinen wrote:
> Nothing forces you to switch from maildir, if you're happy with it :)
> But if you want to support millions of users, it's simpler to distribute
> the storage and disk I/O evenly across hundreds of servers using a
> database that was de
Charles Marcus wrote:
On 9/28/2009, Richard Hobbs (richard.ho...@crl.toshiba.co.uk) wrote:
One question though... before I accept the certificate, i get warnings.
One says the cert is not trusted (which is fine - it's self-signed). The
other warning, however, mentions a hostname mismatch. Is
Hi
since several day ago I'am trying to deliver to dovecot from dspam but
I hve several errors
in /var/log/dovecot-deliver.log I have
" Error: Can't connect to auth server at /var/run/dovecot/auth-master:
Permission denied"
in /var/log/mail.log I have
Delivery agent returned exit code 75: /usr/l
Leonardo Rodrigues wrote:
When searching for that, i found that there's already a RFC for a
COMPRESS imap extension ... as imagined, there are pretty few clients
that supports it Thunderbird 3 Beta supports it but asking
customers to use a Beta software is not acceptable. So, we'
Ed W escreveu:
I notice that the openssl docs require compression to be specifically
enabled and are somewhat scathing about support...
http://www.openssl.org/docs/ssl/SSL_COMP_add_compression_method.html
Anyone care to comment further?
When i created this thread, some weeks ago, i hav
Timo Sirainen wrote:
On Sep 22, 2009, at 9:08 PM, Leonardo Rodrigues wrote:
is there anything that can be easily used to automatically compress
IMAP traffic between client and server ? I was thinking if the
SSL/TLS code enables some kind of compression as well.
If your OpenSSL supports it,
On Mon, 2009-09-28 at 16:01 +0100, Ed W wrote:
> > If your OpenSSL supports it, Dovecot supports it. I recently tested
> > this with gnutls-cli program, openssl s_client for some reason didn't
> > support it. I've no idea if any actual IMAP clients support it.
> >
>
> I think this kind of featur
On Seg, 2009-09-28 at 15:55 +0100, Ed W wrote:
> You didn't get much answer to this - I'm probably not the best person to
> answer, but
>
> > Are there any performance benefits to using a proxying server, or is it just
> > for splitting mailstores?
> >
>
> I think this is the main reason for
Timo Sirainen wrote:
On Sep 22, 2009, at 9:08 PM, Leonardo Rodrigues wrote:
is there anything that can be easily used to automatically compress
IMAP traffic between client and server ? I was thinking if the
SSL/TLS code enables some kind of compression as well.
If your OpenSSL supports it,
You didn't get much answer to this - I'm probably not the best person to
answer, but
Are there any performance benefits to using a proxying server, or is it just
for splitting mailstores?
I think this is the main reason for the proxying option. It would
appear that others have measured
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Timo Sirainen wrote:
> On Sep 28, 2009, at 9:31 AM, S. A. Woltering wrote:
>
>> The problems we see are sporadic thunderbird error messages of the kind
>> "cannot save message to Sent folder" and for some users with large-ish
>> numbers of mail folder
On Sep 28, 2009, at 9:31 AM, S. A. Woltering wrote:
The problems we see are sporadic thunderbird error messages of the
kind
"cannot save message to Sent folder" and for some users with large-ish
numbers of mail folders one or two of their folders are appearing
empty.
Client-side firewall/a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
Thanks for all the advice and help thus far. Dovecot is, mostly, working
really well in our HP-UX IA64 11.23 ServiceGuard failover environment.
Recently however, the system has been experiencing heavy load, due to
other factors and we've been
On 9/28/2009, Faisal Jaffar (fjaf...@swinburne.edu.my) wrote:
> Hi there. We're currently using Microsoft Transporter Suite to
> migrate emails from Dovecot to Exchange. One of the features available to
> migrate is using the IMAP server administrator account to access other
> users' mailboxes.
>
On 9/28/2009, Richard Hobbs (richard.ho...@crl.toshiba.co.uk) wrote:
> One question though... before I accept the certificate, i get warnings.
> One says the cert is not trusted (which is fine - it's self-signed). The
> other warning, however, mentions a hostname mismatch. Is there any way
> to put
Dear All,
Hi there. We're currently using Microsoft Transporter Suite to
migrate emails from Dovecot to Exchange. One of the features available to
migrate is using the IMAP server administrator account to access other
users' mailboxes.
How and what do I need to set this u
Hello,
Sorry people - i'm an idiot! ;-)
I was testing against our new hostnames that we setup for the new mail
server. Trouble was - these hostnames were setup initially to point at
the old mail server and are still doing so.
Having tested against the new mail server's IP address, everything wor
Hello,
Sorry people - my problem is actually the opposite of what I wrote
below... POP3 gives no encryption options whatsoever, and IMAP defaults
correctly, but still gives the option for no encryption.
Also, the SSL section of dovecot.conf is here: http://pastebin.ca/1582348
Thanks again!
Rich
Hello,
>> Is it possible to offer encrypted and non-encrypted services
>> simultaneously, so people have a choice of whether they want
>> security or not? I know that's a bit weird, but for testing
>> it would be useful.
>
> No problem. Basically you just need to specify the certificate
> (ssl_cer
75 matches
Mail list logo
