-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just my humble opinion:
We had ran a self-signed CA several years.
I would claim, that in theory this is more secure than using pre-installed
third party CAs. Using a self-signed cert per server might do for small
numers as well. However, when it
On 11/08/17 10:42, Joseph Tam wrote:
>> Or just ping me in #ghettoforge on Freenode and I'll generally get it
>> fixed quickly, if I haven't already seen it on the list and fixed it.
>
> Not all package maintainers are as responsive as you are. I've lost
> count of the number of problems reported
And iPhone just sits there for a long time, "sending". Sometimes it goes
through sometimes it doesn't.
It's super weird but it has to do with SSL_accept and not reading the message
fully.
I might restore my old certs see if that solves it. I'll try some other clients
and ip addresses as well,
I deleted the certificate already, but I think it only uses that for
imap/dovecot. I don't think it actually stores one for smtps (or am I not
talking sense here).
Sent from my iPhone
> On 10 Aug 2017, at 23:25, Joseph Tam wrote:
>
>
>> On Thu, 10 Aug 2017, Larry Rosenman wrote:
>>
>> Which
macOS mail for sure, latest OS.
I know it's not a dovecot issue, but I can't be sure as this all started after
I changed my dovecot cert. Does smtps using saslauthd through dovecot not have
anything to do with it? (But tls in main.cf uses different certs.
Anyway the bizarre thing is that my MacB
Or consider compiling it yourself from source. It may be more work, but
you get complete control over your versioning, your package dependencies,
etc. If a bug that affects you gets fixed on a bleeding edge version
(or is only available as a patch), you can fix it right away rather than
waiting
On Thu, 10 Aug 2017, Larry Rosenman wrote:
Which mail client on iOS?
Sorry, maybe not iOS, but definitely MacOSX Mail app.
Joseph Tam
Having gone through the process to get "approved" certificates a few times, I
don't believe it would be all that difficult to get a certificate with your
domain name from several of the "approved" certificate authorities. The
process some of them use to "certify" the applicant is pretty easy to
Which mail client on iOS?
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: larry...@gmail.com
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106
On 8/10/17, 3:58 PM, "dovecot on behalf of Joseph Tam"
wrote:
Alef Veld wri
Alef Veld writes:
I'm wondering if there is any cache for a certificate or something, my
maillog shows up something like 10 bytes read, -1. So it returns an
error. I deleted the accounts and created them again, still no go.
Anyone had anything similar before?
On top of the usual mail set
I can't see any security advantages of a self signed cert. If the keypair is
generated locally (which it should) a certificate signed by an external CA
can't be worse just by the additional signature of the external CA.
Better security can only be gained if all users are urged to remove all
pre
On 11/08/17 07:46, Joseph Tam wrote:
>> GhettoForge has dovecot22 packages as well which provide the latest
>> stable version of Dovecot for CentOS 6 and 7.
>
> Or consider compiling it yourself from source. It may be more work, but
> you get complete control over your versioning, your package de
I currently have Postfix Dovecot MySQL on Centos 6, looking at migrating
to new server
new server is CentOS 7.3, but, the Centos repo version is
dovecotx86_64 1:2.2.10-7.el7
what is the best way to install current release Dovecot on a new server ?
GhettoForge has dovecot22
> On 10 August 2017, at 04:37, Alef Veld wrote:
>
> I completely agree (having said that I'm pretty new to all this so I might be
> full of it).
>
> You should run your own CA if you have an active financial interest in your
> company (say your the owner). No added benefit to have your cert
On Thu, 10 Aug 2017 07:53:16 -0700
Gregory Sloop wrote:
> [...]
> Clearly there *are* issues with trusted CA's. But they also offer some value
> you can't get with a self-signed cert - especially to people who would
> connect to your servers, but who have no real relationship with you and thus
>
SvK> On Wed, 9 Aug 2017 08:39:30 -0700
SvK> Gregory Sloop wrote:
>> AV> So i’m using dovecot, and i created a self signed certificate
>> AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches
>> AV> my mail server.
>> AV> The first time it connects in mac mail however, it
On 10.08.2017 14:57, Alef Veld wrote:
> I generated a new certificate for dovecot, and ever since I have this
> weird problem that my iPhone can still receive mail but cannot send
> using that mailserver. Same for my iMac.
Mail is not sent through Dovecot, but through an MTA. Based on your
earlie
And it's weird because it takes a long time to send and sometimes it does get
sent.
Sent from my iPhone
> On 10 Aug 2017, at 13:57, Alef Veld wrote:
>
> So I generated a new certificate for dovecot, and ever since I have this
> weird problem that my iPhone can still receive mail but cannot s
I just need my internal users to download their mail, right now it's not
something I'm terribly worried about. I'm just glad I got it all working so far
:-)
Once I do my apache to SSL as well I'll probably get paid certificates or one
letsencrypt certificate for all.
Sent from my iPhone
> On
So I generated a new certificate for dovecot, and ever since I have this weird
problem that my iPhone can still receive mail but cannot send using that
mailserver. Same for my iMac.
My laptop works fine still and can do both.
Local issue you would say right.
I'm wondering if there is any cache
On 10.08.2017 09:18, Stephan von Krawczynski wrote:
> It would be far better to use a self-signed certificate that can be
> checked through some instance/host set inside your domain.
I have been running a CA for 15+ years, generating certificates only for
servers I personally maintain. Since my b
I completely agree (having said that I'm pretty new to all this so I might be
full of it).
You should run your own CA if you have an active financial interest in your
company (say your the owner). No added benefit to have your certificate
certified by a third party, why would they care about t
Hi,
I've noticed that in recent dovecot versions at least since 2.2.29 and
not in 2.2.12 a dovecot auth-worker will happily issue two
Lshared/passdb... queries on the same dict socket. Not always, but
sometimes.
It used to be that the dict client always closed the socket (AFAIK)
after 1 query. Bu
On 10/08/17 18:56, voy...@sbt.net.au wrote:
> I currently have Postfix Dovecot MySQL on Centos 6, looking at migrating
> to new server
>
> new server is CentOS 7.3, but, the Centos repo version is
>
> dovecotx86_64 1:2.2.10-7.el7
>
> what is the best way to install current rele
On Wed, 9 Aug 2017 08:39:30 -0700
Gregory Sloop wrote:
> AV> So i’m using dovecot, and i created a self signed certificate
> AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches
> AV> my mail server.
>
> AV> The first time it connects in mac mail however, it says the
> AV
25 matches
Mail list logo
