Hello all,
is it possible to include some post-auth check in the password authentication?
So after dovecot has found a user allowed to login to execute some external
script for checking additional conditions which gives back simple true or
false wether the login should be allowed?
--
Regards,
St
On Thu, 11 Apr 2019 16:44:40 +0800
luckydog xf via dovecot wrote:
> Hi, list,
> [...]
>Thanks for any suggestions and ideas.
>
Hm, it seems most of the people answering have no real experience in
production with suchs setups.
Basically do this:
- setup keepalived as a cluster director on bo
On Thu, 11 Apr 2019 16:44:40 +0800
luckydog xf via dovecot wrote:
> Hi, list,
> [...]
>Thanks for any suggestions and ideas.
>
Hm, it seems most of the people answering have no real experience in
production with suchs setups.
Basically do this:
- setup keepalived as a cluster director on bo
On Thu, 14 Mar 2019 09:51:14 -0400
Phil Turmel via dovecot wrote:
> On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
>
> > Sorry I have to write this, but this is again pointing people in a fake
> > security direction.
>
> You should be sorry, because y
On Thu, 14 Mar 2019 12:13:15 +0100
"Guido Goluke, MajorLabel via dovecot" wrote:
> Op 14-03-19 om 11:46 schreef mick crane via dovecot:
> > Excuse dopey question.
> > I'm not exactly clear about certificates.
> > Apache2 default install has this snake oil certificate
> > Can make a new one for ap
On Mon, 20 Nov 2017 12:05:46 +0200
Sami Ketola wrote:
> > On 20 Nov 2017, at 10.50, Stephan von Krawczynski
> > wrote:
> >
> > AFAIK no complex director stuff would be needed then, right?
> > The second sentence implies that using file locking should also be
On Tue, 7 Nov 2017 21:40:55 +0200
Timo Sirainen wrote:
> On 7 Nov 2017, at 21.33, Stephan von Krawczynski wrote:
> >
> >
> > Me again have to stress that our former implementation of the lda process
> > did do exactly nothing to all the dovecot files, and everything
ch a config showed the sieve folder in the overview. Sometimes you
can even see a "dovecot" folder, which also disappears when sieve is outside.
--
Regards,
Stephan
>
> On 11/10/2017 3:07 AM, Stephan von Krawczynski wrote:
> > On Thu, 9 Nov 2017 21:02:44 -0500
> > Bill S
On Thu, 9 Nov 2017 21:02:44 -0500
Bill Shirley wrote:
> Set the sieve_global_dir like this.
> /etc/dovecot/conf.d/99-mystuff.conf:
> .
> .
> plugin {
> sieve = ~/Maildir/dovecot.sieve
> sieve_dir = ~/Maildir/sieve
> sieve_global_dir = /etc/dovecot/sieve/g
On Tue, 7 Nov 2017 19:19:23 +0200
Timo Sirainen wrote:
> On 7 Nov 2017, at 9.15, Stephan von Krawczynski wrote:
> >
> > On Tue, 07 Nov 2017 13:19:12 +1000
> > Noel Butler wrote:
> >
> >> mail_location Optionally disable indexes using :INDEX=MEMORY
On Tue, 07 Nov 2017 13:19:12 +1000
Noel Butler wrote:
> mail_location Optionally disable indexes using :INDEX=MEMORY
>
> don't use this on IMAP boxes, but is safe to use on SMTP and POP3's
> boxes though
>
> eg:
>
> mail_location =
> maildir:/var/vmail/%Ld/%1Ln/%1.1Ln/%2.1Ln/%Ln/Maild
On Mon, 6 Nov 2017 09:50:16 -0500
Tanstaafl wrote:
> On 11/6/2017, 4:01:19 AM, Stephan von Krawczynski
> wrote:
> > Still we are not content with it touching/locking dovecot.index.log. If
> > someone pointed at one location in the code where this could be disabled we
> &g
On Mon, 6 Nov 2017 08:37:11 +0200
Sami Ketola wrote:
> > On 5 Nov 2017, at 12.55, Stephan von Krawczynski
> > wrote: Sorry to say this setup works flawlessly for years. The only
> > addition we will make now is to do the delivery with dovecot-lda.
> > Everything else (in
On Sun, 5 Nov 2017 10:44:25 +0200
Sami Ketola wrote:
> > On 4 Nov 2017, at 10.31, Stephan von Krawczynski
> > wrote:
> >
> > On Sat, 4 Nov 2017 01:57:31 +0200
> > Sami Ketola wrote:
> >> Again that does not answer my question why? Why do you want
On Sat, 4 Nov 2017 01:57:31 +0200
Sami Ketola wrote:
> >>
> >> While it might be possible to disable all the other services except
> >> master I must ask why? How would the users be accessing their mails then?
> >>
> >> Sami
> >
> > Hello Sami,
> >
> > you did not read my first post. We are
On Fri, 3 Nov 2017 19:30:22 +0200
Sami Ketola wrote:
> > On 3 Nov 2017, at 18.23, Stephan von Krawczynski
> > wrote: Hello Aki,
> >
> > let me explain this a bit more. We do not intend to use only some copied
> > binary. Of course we would do a full installation
On Fri, 3 Nov 2017 17:53:47 +0200 (EET)
Aki Tuomi wrote:
> > On November 3, 2017 at 1:50 PM Stephan von Krawczynski
> > wrote:
> >
> >
> > Hello,
> >
> > we have a setup where SMTP/LDA and POP3/IMAP are on different physical
> > hosts.
Hello,
we have a setup where SMTP/LDA and POP3/IMAP are on different physical hosts.
They share the mail data via an external storage.
Now we would like to use dovecot-lda on the smtp host, so we wonder if the
lda binary works without starting dovecot from init. As there will be no
POP3/IMAP usage
On Sun, 20 Aug 2017 12:29:49 -0400
KT Walrus wrote:
> > On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski
> > wrote:
> >
> > On Sat, 19 Aug 2017 21:39:18 -0400
> > KT Walrus wrote:
> >
> >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawc
On Sat, 19 Aug 2017 21:39:18 -0400
KT Walrus wrote:
> > On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski
> > wrote:
> >
> > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
> > Joseph Tam wrote:
> >
> >> Michael Felt writes:
> >>
>
On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
Joseph Tam wrote:
> Michael Felt writes:
>
> >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is
> >> written in pure shell script, so no python dependencies.
> >> https://github.com/Neilpang/acme.sh
> >
> > Thanks - I might look at th
On Thu, 10 Aug 2017 07:53:16 -0700
Gregory Sloop wrote:
> [...]
> Clearly there *are* issues with trusted CA's. But they also offer some value
> you can't get with a self-signed cert - especially to people who would
> connect to your servers, but who have no real relationship with you and thus
>
On Wed, 9 Aug 2017 08:39:30 -0700
Gregory Sloop wrote:
> AV> So i’m using dovecot, and i created a self signed certificate
> AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches
> AV> my mail server.
>
> AV> The first time it connects in mac mail however, it says the
> AV
On Sat, 26 Mar 2016 13:34:34 +1000
Noel Butler wrote:
> On 21/03/2016 17:06, Andre Rodier wrote:
> > Hello,
> >
> > Sorry if I am off topic a little.
> >
> > I am looking for an email host provider that supports dovecot, sieve
> > and manage sieve. Ideally with the roundcube webmail and manages
On Sat, 19 Mar 2016 17:37:04 +1000
Noel Butler wrote:
> On 14/03/2016 18:49, Stephan von Krawczynski wrote:
> >
> >>
> >> and you've never seen these cause problems with FS? then you must be
> >> a
> >> newbie, in over 25 years I'v
On Mon, 14 Mar 2016 16:59:28 +1000
Noel Butler wrote:
> On 14/03/2016 09:59, Stephan von Krawczynski wrote:
> > On Mon, 14 Mar 2016 09:32:42 +1000
> > Noel Butler wrote:
> >
> >> On 13/03/2016 20:47, Stephan von Krawczynski wrote:
> >> > On Sun, 13 M
On Mon, 14 Mar 2016 09:32:42 +1000
Noel Butler wrote:
> On 13/03/2016 20:47, Stephan von Krawczynski wrote:
> > On Sun, 13 Mar 2016 09:45:06 +
> > James wrote:
> >
> >> On 11/03/2016 15:17, Stephan von Krawczynski wrote:
> >>
> >> >
On Sun, 13 Mar 2016 11:47:23 +0100
Stephan von Krawczynski wrote:
> On Sun, 13 Mar 2016 09:45:06 +
> James wrote:
>
> > On 11/03/2016 15:17, Stephan von Krawczynski wrote:
> >
> > > zfs set sync=disabled ?
> >
> > Only if you are happy to loos
On Sun, 13 Mar 2016 09:45:06 +
James wrote:
> On 11/03/2016 15:17, Stephan von Krawczynski wrote:
>
> > zfs set sync=disabled ?
>
> Only if you are happy to loose data on power failure.
I don't know the actual setup, but if you have no UPC you shouldn'
On Fri, 11 Mar 2016 11:58:00 -0300
Juan Bernhard wrote:
>
> El 11/03/2016 a las 11:22 a.m., Alessio Cecchi escribió:
> > Hi,
> >
> > I'm evaluating to switch from NetApp to a ZFS appliance (like Qsan). Our
> > setup is Dovecot, Maildir for email storage and NFS to share mailboxes
> > (more than
On Tue, 24 Jun 2014 17:03:09 +0200
Patrick De Zordo wrote:
> Don't use self signed certs! - Buy some, or use free services! Your
> reputation will grow!
I am sorry, but someone _has_ to say it: if anyone really thinks that a south
african or US entity selling certs is the way to "grow your repu
On Mon, 21 Apr 2014 17:26:13 +0200
Andreas Schulze wrote:
> Stephan von Krawczynski:
> > If there is no chance to convince Timo for something like a passwd-scheme
> > parameter useful for more people than just me I will probably rewrite the
> > stuff myself. Nevertheless if
On Mon, 21 Apr 2014 13:38:59 +0200
Benny Pedersen wrote:
> Stephan von Krawczynski skrev den 2014-04-21 09:33:
>
> > Or do I have to patch the source, and where if necessary?
>
> dovecot does not need passwd files, you can eg use any db that dovecot
> support, lets say
Hello all,
I am trying to use a setup where domains have separate passwd files with a
slightly different layout. Is there a way to tell dovecot that a passwd file
contains everything it looks for but on different positions inside the passwd
file line?
Standard passwd:
USERNAME:PASSWD:UID:GID:HOM
On Sat, 19 Apr 2014 10:20:39 +0200
Reindl Harald wrote:
> and where does it lead to trigger warnings all over the planet and train
> people to ignore them? in case of a mailserver that's not a real big
> problem because they amount of users is limited
>
> on a public website it is insane to pre
On Sat, 19 Apr 2014 09:40:07 +0200
Reindl Harald wrote:
> it is working, it is working as good as it can and if you compare the
> costs of 130 € for 3 years with support calls because self signed
> certificates and do a *real harm* by train ordinary users to ignore
> warnings just guess which way
On Sat, 19 Apr 2014 09:22:07 +0200
Reindl Harald wrote:
>
>
> Am 19.04.2014 09:14, schrieb Stephan von Krawczynski:
> > On Fri, 18 Apr 2014 13:57:47 -0400
> > Charles Marcus wrote:
> >
> >> Hi all,
> >>
> >> Ok, been wanting to do thi
On Fri, 18 Apr 2014 13:57:47 -0400
Charles Marcus wrote:
> Hi all,
>
> Ok, been wanting to do this for a while, and I after the Heartbleed
> fiasco, the boss finally agreed to let me buy some real certs...
Well, I guess one has to tell you that:
1) No certs no matter if self-signed or not woul
Honestly guys,
most people really have no long-term experiences with flash memory, be it SSD
or other forms of.
I can tell you from continously using simple CF-Cards as harddisks for about 5
years that _none_ ever got corrupted. Not a single one in 5 years. Taking into
account that CF is really no
On Thu, 11 Apr 2013 16:35:32 +0300
Timo Sirainen wrote:
> On 11.4.2013, at 16.24, Stephan von Krawczynski wrote:
>
> >> The MTA can work as it used to, if it can just set a group-read permission
> >> to the files. So your read-only user would belong to that read-only-g
On Thu, 11 Apr 2013 16:15:23 +0300
Timo Sirainen wrote:
> On 11.4.2013, at 16.07, Stephan von Krawczynski wrote:
>
> > On Thu, 11 Apr 2013 16:00:22 +0300
> > Timo Sirainen wrote:
> >
> >> On 11.4.2013, at 15.07, Stephan von Krawczynski wrote:
> >>
On Thu, 11 Apr 2013 16:00:22 +0300
Timo Sirainen wrote:
> On 11.4.2013, at 15.07, Stephan von Krawczynski wrote:
>
> > I try to configure dovecot to make all imap accesses read-only for a certain
> > user. I thought this would be possible by creating a global acl file (he
On Thu, 11 Apr 2013 15:08:31 +0200
Reindl Harald wrote:
>
>
> Am 11.04.2013 15:05, schrieb Stephan von Krawczynski:
> > Let me explain some more details, that seem important to understand:
> >
> > I cannot use acl files per folder/mailbox because the MTA creates
On Thu, 11 Apr 2013 16:00:22 +0300
Timo Sirainen wrote:
> On 11.4.2013, at 15.07, Stephan von Krawczynski wrote:
>
> > I try to configure dovecot to make all imap accesses read-only for a certain
> > user. I thought this would be possible by creating a global acl file (he
Let me explain some more details, that seem important to understand:
I cannot use acl files per folder/mailbox because the MTA creates folders
dynamically (re-orders mails in folders). So I really would need some idea to
tell dovecot to let a certain user access his mailbox/folders read-only, no
m
Hello all,
I try to configure dovecot to make all imap accesses read-only for a certain
user. I thought this would be possible by creating a global acl file (here
"global-acl") like:
user= lr
and
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
}
But that seems to be ignored. Wh
On Wed, 10 Apr 2013 11:36:24 +0300
Timo Sirainen wrote:
> On 10.4.2013, at 11.21, Stephan von Krawczynski wrote:
>
> > Sorry, it seems not that easy.
> > I had to find out that sylpheed works correctly now, but thunderbird does
> > not
> > show anything, just l
On Tue, 9 Apr 2013 22:07:01 +0200
Stephan von Krawczynski wrote:
> On Tue, 09 Apr 2013 21:19:25 +0200
> Steffen wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Stephan von Krawczynski wrote:
> > > On Tue, 9 Apr 2013 16:50:4
On Tue, 09 Apr 2013 21:19:25 +0200
Steffen wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Stephan von Krawczynski wrote:
> > On Tue, 9 Apr 2013 16:50:40 +0200 (CEST) Steffen Kaiser
> > wrote:
>
> > I tried to tell dovecot that is
> > mail
On Tue, 9 Apr 2013 16:50:40 +0200 (CEST)
Steffen Kaiser wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Mon, 8 Apr 2013, Stephan von Krawczynski wrote:
>
> > I am trying to do something very simple - at least thats what I thought.
> > I have some
Hello all,
I am trying to do something very simple - at least thats what I thought.
I have some fs, it contains folders and subfolders with email files ordered
like maildir. Now I try to set up dovecot on top simply to let some imap
account watch these email files. But I cannot see any folders at
51 matches
Mail list logo
