On 14/5/23 09:14, Daniel L. Miller via dovecot wrote:
May 12 15:45:58 cloud1 dovecot: doveadm(194.165.16.78): Error: doveadm
client not compatible with this server (mixed old and new binaries?)
May 13 03:44:31 cloud1 dovecot: doveadm(45.227.254.48): Error: doveadm
client not compatible with
On 14/5/23 23:29, Daniel Miller via dovecot wrote:
I only allow explicit service traffic through. IMAPS, SMTPS, etc. If
doveadm is communicating via the IMAP(S) ports then all I can do via
firewall is block countries. Which of course I can but I'm asking
about any additional hardening for Dove
On 9/6/23 07:25, Richard Troy wrote:
The relaying only started and stopped when Dovecot was turned on or off.
Isn't it true that Dovecot performs an authentication function for
inbound connect requests, the successful of which then may use the
submission mechanism from what Postfix takes to
On 9/6/23 09:17, Richard Troy wrote:
However if your dovecot SASL is broken, say always permitting access
with or without correct password, then there will be a problem
I DID find a discrepancy: smtpd_helo_restrictions did NOT have
permit_sasl_authenticated. I made the change, of course an
On 6/7/23 10:17, joe a wrote:
Greetings from a new dovecot user.
Have setup dovecot on openSuse 15.4 with postfix as the MTA. Both are
the latest version in that distribution.
Simple virtual user setup using /etc/dovecot/passwd
Dovecot seems to be working and all the defined users are
auth
On 6/7/23 19:15, joe a wrote:
If your example was meant to show the correct way, I cannot see any
difference between that and what my posted config shows other than the
sequential (contiguous?) in your example.
Perhaps try the different configuration out? Or even better, stick to
one aui
On 6/7/23 20:49, joe a wrote:
On 7/6/2023 8:12 AM, jeremy ardley via dovecot wrote:
On 6/7/23 19:15, joe a wrote:
If your example was meant to show the correct way, I cannot see any
difference between that and what my posted config shows other than
the sequential (contiguous?) in your
On 4/9/23 14:03, Willy Manga wrote:
"fatal: no SASL authentication mechanisms"
--
try setting in dovecot
auth_debug = yes
auth_verbose = yes
and then restart both services and check logs when the problem occurs.
Also, be aware that dovecot usually 'subcontracts' the auth process to
pam,
On 5/9/23 14:31, Michel Verdier wrote:
dovecot with PAM needs plaintext method. So if postfix disable it they
can't share a method.
You have to be careful to require any plaintext client password to
travel over a TLS secured connection
smtpd_tls_auth_only = yes
More generally, it's good p
On 8/9/23 05:00, joe a wrote:
Any known issues with installing/running roundcube and dovecot on the
same server?
There is a generic issue with doing this. That is if you have roundcube
(or any other web mail interface) on the same server as dovecot, a
breach of the web interface could be q
On 8/9/23 07:38, dovecot--- via dovecot wrote:
Roundcube does not have direct file access to the emails even on the
same server. Roundcube opens a connection to dovecot, supplies the
user/pass/login credentials to dovecot, and dovecot fetches the email
stores and serves it to roundcube. There
On 8/9/23 16:24, Marc wrote:
Since when does a hacked website gain root?
A web search on 'linux web server exploits that gain root' will give
many examples.
Security design by first principle assumes that an attacker will gain
root access.
Best practise is to limit the damage that can c
On 6/11/23 03:25, Nick Lockheart wrote:
I can't use the real Dovecot IMAP server for auth, because it runs on
a separate server, and Postfix does not support TLS connections for SASL.
--
You should be able to use ssh with port forwarding to establish a TLS
connection between devices. Postfix
On 6/11/23 04:36, jeremy ardley via dovecot wrote:
You should be able to use ssh with port forwarding to establish a TLS
connection between devices. Postfix would see a remote SASL service as
a local service.
An alternative and possibly more reliable and easily configured
mechanism would
On 26/11/23 08:02, Steve Litt wrote:
Is the remote vendor going to take the same care in preserving your
data as you would? You could buy two 2TB spinning rust external hard
drives for seventy bucks each, so if one gets borked you have the
other. If you desire offsite, keep one in a bank safe
15 matches
Mail list logo
