Re: [Dovecot] auth-ldap not resetting connection state after failed bind

2007-12-20 Thread Brendan
i believe i tracked it down to a couple lines in db_ldap_bind and fixed it - dovecot-auth is reconnecting to ldap in the condition where it was not previously: Thanks. http://hg.dovecot.org/dovecot-1.0/rev/8dcc215fbc06 timo, i think i found another spot where it won't reconnect. whe

[Dovecot] dovecot-auth: returning incorrect maildir for user (user seeing another user's mail)

2007-12-20 Thread Brendan
timo, here is an bizarre bug for you: i had (foolishly, it turns out) configured dovecot-auth to do ldap authentication binding with a prefect userdb (configs at end of message). everything worked fine, although with huge numbers of pop logins per second we started to see some pileup in the po

namespace directives from userdb not being applied

2022-07-13 Thread Brendan Braybrook
y namespace prefix collisions. the difference between 1:2.3.4.1-5+deb10u5 and 1:2.3.4.1-5+deb10u6 doesn't seem that great, and the bug tracker for it doesn't indicate anything around userdb would be patched (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970386) but the problem still seems to exist in 2.3.19 - can anyone else see the same thing happening with the current builds? thanks! -brendan

Re: namespace directives from userdb not being applied

2022-07-14 Thread Brendan Braybrook
On 2022-07-13 23:37, Aki Tuomi wrote: > >> On 14/07/2022 04:56 EEST Brendan Braybrook wrote: >> >> >> hi all, >> >> i'm having a strange issue. i have a few dovecot instances running: >> >> 1- debian 10 with debian's dovecot-core 1:2

Re: namespace directives from userdb not being applied

2022-07-14 Thread Brendan Braybrook
On 2022-07-14 11:04, Benny Pedersen wrote: > Brendan Braybrook skrev den 2022-07-14 19:22: > >> login_trusted_networks = 10.200.0.0/16 10.5.0.0/16 10.0.0.0/8 > > this is rendered to one single cidr 10.0.0.0/8 :) > > so 10.200... 10.5 can be removed without change

Re: namespace directives from userdb not being applied (update: with postlogin. SOLVED)

2022-08-24 Thread Brendan Braybrook
10 and 11, debian changed /bin/sh from bash to dash. dash, it appears, does not allow environment variables containing slashes. running env from the postlogin script showed it was missing the keys that contained a /: brendan@imap-p2-01:~$ sudo grep NAMESPACE /tmp/dovecot.login.env.dash USE

Re: multiple / backup sql servers for sql server access

2022-08-30 Thread Brendan Kearney
per https://doc.dovecot.org/configuration_manual/authentication/sql/, you can add more than one "host=" parameter in the "connect" directive, and leave dovecot to do round-robin load balancing. there will probably be a delay in processing while a failed database connection attempt times out.

Re: multiple / backup sql servers for sql server access

2022-08-30 Thread Brendan Kearney
info in the docs would be preferred. - jack On 8/30/22 07:57 AM, Brendan Kearney wrote: per https://doc.dovecot.org/configuration_manual/authentication/sql/, you can add more than one "host=" parameter in the "connect" directive, and leave dovecot to do round-rob

Re: Handling imap from outlook 365

2022-09-12 Thread Brendan Braybrook
> Microsoft Outlook 365 doesn’t allow a user to specify the account name > for an imap acout, only the email address. Thus f...@smith.com > tries to log in as “f...@smith.com > ” rather than “fred”. > > Has anyone seen a way to fix this (Microsoft h

Re: Custom post login scripting variables via ID command

2022-09-22 Thread Brendan Braybrook
> I wonder if dovecot would consider this feature request. In post login > scripting, given USER, IP, LOCAL_IP, and userdb lookup fields, are only > available, I want to push additional variables from web mail to dovecot > using ID commands yet I looked at the source in imap-login-cmd-id.c and > sc

Re: new feature: sieve forward plugin

2022-09-26 Thread Brendan Braybrook
perhaps it would be easiest to add a config option and support to get dovecot-LDA to use SRS forwarding (https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme)? that sorts out the SPF issue and DKIM still works fine (as none of the DKIM headers are changed). however, you then need to make sure you

Re: The end of Dovecot Director?

2022-10-21 Thread Brendan Braybrook
On 2022-10-21 04:29, spi wrote: Am 21.10.22 um 13:14 schrieb Amol Kulkarni: Nginx has an mail proxy for pop, imap, smtp. Can it be used instead of director ? Nginx can authenticate imap/smtp (and probably pop3) users. If you that, you can define a backend server the session is routed to. Curren

Re: The end of Dovecot Director?

2022-10-21 Thread Brendan Braybrook
I setup load-balance cluster for clients with HAProxy + KeepAlived + Dovecot Director running in frontend servers, so sad we have to find an alternative to replace Director in such case. It's not about "small/medium" servers, but the demand of imap/pop3/lmtp proxy service, especially in load-b

Re: The end of Dovecot Director?

2022-10-24 Thread Brendan Braybrook
On 2022-10-21 13:25, dove...@ptld.com wrote: the problem that prevents most load balancers from handling the backend imap/pop traffic is that the load balancer needs to be aware of the context of each connection. which all boils down to the index files (only a single dovecot server can access a

Re: How do you scale dovecot for good performance with Roundcube webmailer in front? (hitting limits without exhausting resources)

2023-01-26 Thread Brendan Braybrook
are you running (squirrelmail's) imapproxy on the roundcube machine? it keeps user imap connections active to dovecot, meaning that roundcube doesn't have to constantly log back in via imap for each operation. that might help somewhat. (we just use the debian package version of imapproxy - it

Re: Redundant Database, Pgsql ?

2023-02-21 Thread Brendan Kearney
cluster.  this can allow for queries, instead of writes, and reporting functionality. best of luck, brendan kearney On 2/21/23 4:02 AM, Paul Kudla (SCOM.CA Internet Services Inc.) wrote: yes that seems to be the approach i setup a dns entry and pointed to 3 servers it does work round robin (i

Re: Redundant Database, Pgsql ?

2023-02-22 Thread Brendan Kearney
think about this, you have connect= host=host1 host=host2 ... when host1 fails, you must kick that host while it is down, each and every single time you want a new connection to the database. there is no record saying that box is down, no logic in the app saying i've already tried that box, so

Re: Redundant Database, Pgsql ?

2023-02-23 Thread Brendan Kearney
i didnt pick up on the fact that this was auth stuff, and not indexes (indices?) or other data.  LDAP is a hierarchical database, where the relationship between data is forced into a superior/subordinate structure.  if you ask enough people, they will say that LDAP is not an authentication plat

Re: Read-only / archive mode for IMAP mailboxes?

2023-03-20 Thread Brendan Braybrook
check out the imap acl support: https://doc.dovecot.org/configuration_manual/acl/ On 2023-03-20 10:12, Rᴇɴᴇ́ Pꜰᴇɪꜰꜰᴇʀ wrote: Hello! We are currently exploring email archiving solutions. Is there a way to use an IMAP mailbox in read-only / archive mode? The requirement is that delibveries of ne

Re: Anyone Watching Actvity from this network? Attempting Dovecot Buffer Overflows?

2023-11-16 Thread Brendan Kearney
s data is a few years old as the site was taken down and there is probably a lot of new or updated info.  a GeoDB subscription may be useful in the case you are looking at. brendan ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an e

Re: Anyone Watching Actvity from this network? Attempting Dovecot Buffer Overflows?

2023-11-16 Thread Brendan Kearney
1.888.892.7266 Email p...@scom.ca On 11/16/2023 9:31 AM, Brendan Kearney wrote: On 11/16/23 9:05 AM, Nick Lockheart wrote: Are there publicly available lists of IP ranges by region? There's no reason for any IP outside o

SASL binds

2016-01-01 Thread Brendan Kearney
? thanks in advance, brendan

sieve and authentication

2016-01-19 Thread Brendan Kearney
sm to the auth_mechanisms directive, but that does not work with Kerberos (or maybe my implementation of Kerberos in my environment). any ideas where i should be looking? thanks brendan

Re: sieve and authentication

2016-01-20 Thread brendan kearney
While that may be true, the RoundCubeMail plugin cannot talk to sieve, either. On Jan 19, 2016 11:24 PM, "Tim" wrote: > On 20/01/16 12:15, Brendan Kearney wrote: > >> when i telnet to the sieve instance running with dovecot, i see that SASL >> is supported, but

Re: Mailboxes on NFS or iSCSI

2016-06-22 Thread brendan kearney
I chose nfs for my env because I wanted multiple load balanced instances of dovecot to be able to access the mailbox files. If you use iscsi, you will need to pin the user to the dovecot instance that has the LUN mounted. For me, scalability and single point of failure was lost or lessened when

Re: Looking for GSSAPI config [was: Looking for NTLM config example]

2016-06-29 Thread brendan kearney
The last log line shows "user=<>". This indicates no credentials were presented. If the rip field matches the client ip you tested from, I would bet the appropriate kerberos ticket (imap/host.domain.tld@REALM) was not pulled for the authentication. On Jun 28, 2016 11:33 PM, "Mark Foley" wrote:

Re: Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]

2016-07-04 Thread Brendan Kearney
dap. in addition, the use of nfs for maildir mailboxes and load balanced nuances are covered. the doc is in odt format (libre office writer), and i have attempted to post it to this mailing list, but it was quarantined. if there is any interest in the doc, reach out to me. i welcome input and feedback on it. brendan

Re: Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]

2016-07-05 Thread Brendan Kearney
On 07/04/2016 02:40 PM, Aki Tuomi wrote: On 04.07.2016 17:40, Brendan Kearney wrote: On 07/04/2016 03:30 AM, Mark Foley wrote: Actually, I see that you used host.domain.name further down. That's a good substitute for mail.hprs.local. Also, not to be a literary critic, but it might not

Re: Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]

2016-07-06 Thread Brendan Kearney
On 07/04/2016 03:58 PM, Mark Foley wrote: Brendan - yes, go ahead and send that doc directly to my email address. I've got Maildir folders going, but not nfs; and I'm curious about your load balance. THX --Mark -Original Message- Date: Mon, 04 Jul 2016 10:40:06 -0400 Fro

Re: [Dovecot] Webmail Recommendation

2008-01-10 Thread Brendan Braybrook
I want to install webmail. I am using Dovecot with Exim4. Recommendations requested please. Squirrel Mail is very fast and has a lot of plug-ins. http://www.squirrelmail.org/ there is also a forked version of squirrelmail called overlook that is worth checking out: http://www.openit.it/in

[Dovecot] Error: dict: Leaked a t_pop() call

2010-06-19 Thread Brendan McCollam
fely ignored? 2) If it is something that should be addressed, do you think I would be better off trying to patch and recompile the 1.0.7 version, or just upgrading to a newer version of Dovecot (keeping in mind that 1.0.7 seems to be the latest available in CentOS repositories) Thank you for your time, and your outstanding software. -Brendan

Re: [Dovecot] Error: dict: Leaked a t_pop() call

2010-06-19 Thread Brendan McCollam
Date: Sat, 19 Jun 2010 20:43:13 +1000 From: Noel Butler Subject: Re: [Dovecot] Error: dict: Leaked a t_pop() call *shakes head* who cares what version they have, it is outdated, and any bugs may have been found and fixed years ago! The same applies to ancient debian versions as well, in ANY sof

[Dovecot] auth-ldap not resetting connection state after failed bind

2007-10-15 Thread Brendan Braybrook
timo, i think i found a small problem with the ldap implementation: when using auth_bind (this might be in all conditions, not just that one - i haven't tested further), if the server lost connection to the ldap server (ie, the ldap server died) dovecot-auth would never reconnect to the ldap s