On Fri, 2011-12-30 at 07:49 +0100, Per olof Ljungmark wrote:
> On 12/29/11 18:54, Xavier Bestel wrote:
> > On 12/28/2011 09:00 AM, Josef Karliak wrote:
> >> Hi there,
> >> it maybe some error or bug somewhere - we use Samsung galaxy S2, android
> >> 2.3.3. I've set it up as a imap client. When I de
On 12/29/11 18:54, Xavier Bestel wrote:
> On 12/28/2011 09:00 AM, Josef Karliak wrote:
>> Hi there,
>> it maybe some error or bug somewhere - we use Samsung galaxy S2, android
>> 2.3.3. I've set it up as a imap client. When I delete a message, it
>> disapears from the phone email list. After "renew
On 12/28/2011 09:00 AM, Josef Karliak wrote:
> Hi there,
> it maybe some error or bug somewhere - we use Samsung galaxy S2, android
> 2.3.3. I've set it up as a imap client. When I delete a message, it
> disapears from the phone email list. After "renewing" mail box the
> deleted message is in the
On 12/28/2011 09:00 AM, Josef Karliak wrote:
> Hi there,
> it maybe some error or bug somewhere - we use Samsung galaxy S2, android
> 2.3.3. I've set it up as a imap client. When I delete a message, it
> disapears from the phone email list. After "renewing" mail box the
> deleted message is in the
Hi there,
it maybe some error or bug somewhere - we use Samsung galaxy S2,
android 2.3.3. I've set it up as a imap client. When I delete a
message, it disapears from the phone email list. After "renewing" mail
box the deleted message is in the new messages again. In the
imapd.conf file
On Sat, 21 Nov 2009, Rich Wales wrote:
> Recently, I installed new "StartSSL Free" SSL certificates from StartCom
> on these servers. After doing so, I could no longer connect securely to
> Cyrus in any mode (imaps, imap + starttls, pop3s, pop3 + starttls) -- the
> client sat for a long time befo
It turns out that my earlier problem with a StartCom SSL certificate
was that I was giving Cyrus a PEM file containing not only the
essentials (my server cert, my decrypted private key, and the CA
certs), but containing StartCom's revocation lists (CRL's) as well.
Apache and Postfix don't seem to
I'm running Cyrus 2.3.14 on two Ubuntu 9.10 (Karmic) servers.
Recently, I installed new "StartSSL Free" SSL certificates from StartCom
on these servers. After doing so, I could no longer connect securely to
Cyrus in any mode (imaps, imap + starttls, pop3s, pop3 + starttls) -- the
client sat for a
On 8/23/07, Nels Lindquist <[EMAIL PROTECTED]> wrote:
>
> Hi, all.
>
> I'm configuring a Cyrus IMAPD server for a number of virtual domains,
> and I'm concerned about a potential issue with SSL/TLS for the virtual
> hosts, which is that I can't find a way of
Hello again!
Goetz Babin-Ebell wrote:
> This question pops up occasionally in most list concerning SSL.
>
> You can only use one certificate for one IP address / port pair.
>
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP
>
> How much configuration similarity does there have to be between the
> different config files? Can I change anything except for the
> tls_[*]_file directives?
>
> Thanks very much for the information! I think this could work for us.
Make one master imapd.conf file with everything but the cert
Goetz Babin-Ebell wrote:
> This question pops up occasionally in most list concerning SSL.
>
> You can only use one certificate for one IP address / port pair.
>
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP addresses and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nels Lindquist schrieb:
> Hi, all.
Hello Nels,
> I'm configuring a Cyrus IMAPD server for a number of virtual domains,
> and I'm concerned about a potential issue with SSL/TLS for the virtual
> hosts, which is that I can'
Hi, all.
I'm configuring a Cyrus IMAPD server for a number of virtual domains,
and I'm concerned about a potential issue with SSL/TLS for the virtual
hosts, which is that I can't find a way of specifying different
certificates for each virtual host.
We strongly encourage users to
On Wed, 15 Jun 2005 22:00 , Jörg Eichhorn <[EMAIL PROTECTED]> said:
--On Mittwoch, 15. Juni 2005 18:59 +0200 Alexander Dalloz
<[EMAIL PROTECTED]> wrote:
To use IMAPS configure cyrus.conf - in the SERVICES section something
like
imaps cmd="imapd -s" listen="imaps" prefork=0
--On Mittwoch, 15. Juni 2005 18:59 +0200 Alexander Dalloz
<[EMAIL PROTECTED]> wrote:
To use IMAPS configure cyrus.conf - in the SERVICES section something
like
imaps cmd="imapd -s" listen="imaps" prefork=0
and generate the required certificates using OpenSSL. There are plenty
Am Mi, den 15.06.2005 schrieb Jörg Eichhorn um 11:46:
> is it possible to use SSL/TSL to connect to the cyrus imsp server?
> If yes, how do i configure the certificates for the server?
> Jörg Eichhorn
To use IMAPS configure cyrus.conf - in the SERVICES section something
like
imaps
Hi all,
is it possible to use SSL/TSL to connect to the cyrus imsp server?
If yes, how do i configure the certificates for the server?
Thanks for help.
Jörg Eichhorn
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg
Is it possible to configure timsieved to listen on a ssl/tls
socket instead of requiring the client to issue start tls?
Or should I just use stunnel?
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus
Hi List-
I'm looking for a sieve client like sieveshell but one that supports
starttls for wrapping the entire data transfer session in ssl/tls
encryption. Does anyone know of such a client (either CLI or other)?
I've searched through the archives and found some discussions o
Pascal Gienger wrote:
Hi,
does anybody on the list already had the idea to use an information of a
client certificate for authentication in IMAPD?
This is exactly what the EXTERNAL SASL mechanism is designed for and is
available in Cyrus. If the client presents a TLS client cert, Cyrus
will mak
Hi,
does anybody on the list already had the idea to use an information of a
client certificate for authentication in IMAPD?
There could be 3 solutions for it:
1. the TLS part can pass information of the presented client certificate to
imapd, so a normal anonymous login would be sufficient - the
Hi,
I am running cyrus-imapd-2.2.5 under WhiteBox Linux 3 (Rebuild of rhel3)
with Berkley DB 4.1.25. I installed from Simon's RPMS after rebuilding from
his src RPM, and I am having issues with SSL/TLS.
A proportion of my SSL/TLS connections are failing for unknown reasons with
the foll
]: process 1 exited, status 0
[EMAIL PROTECTED] log]#
John Gibson wrote:
Hi, all.
I am having trouble authenticating to Cyrus IMAP using the pop3s port.
I would like to use SSL/TLS and pop for my user community.
I am using Berkeley DB as my database store (v. 4.2.52).
Are there
Hi, all.
I am having trouble authenticating to Cyrus IMAP using the pop3s port.
I would like to use SSL/TLS and pop for my user community.
I am using Berkeley DB as my database store (v. 4.2.52).
Are there separate databases that store id/pass information? I have
assumed up to now that
On Wed, 2004-01-14 at 19:03, Craig Ringer wrote:
> > He is - he's just using one signed by someone who was
> > signed by a known authority. Nothing needs to be installed in the
> > browser.
>
> OK - I must've misunderstood his initial email.
Yes, on re-reading my post after your initial messag
On Wed, 2004-01-14 at 16:05, Joe Rhett wrote:
> Use the exact same files for the web server as for the Cyrus mail server.
> They're both using the same library.
Well, in Apache I have the following, in addition to the usual
'SSLCertificateFile' and 'SSLCertificateKeyFile' directives:
SSLCertifi
Craig Ringer wrote:
That appears to depend on the client - it certainly doesn't work with
Mozilla, and Eudora needs some manual steps that the users seem to have
trouble with. OTOH, it _shouldn't_ work automatically; the cert is no
more inherently trustworthy than any random one somebody has gen
Joe Rhett wrote:
I expect that'd do it; you'll still need to install the CA certificate
in browsers, though. I have a similar setup, but with a CA cert
generated in-house.
No you don't. The server hands out both certificates during the
connection process. It just works ;-)
That appears to depend
se (and Comodo doesn't provide explicit instructions like it
> does for mod_ssl) and my understanding of SSL/TLS is a bit limited.
Use the exact same files for the web server as for the Cyrus mail server.
They're both using the same library.
And no, the CA file is to verify client
> I expect that'd do it; you'll still need to install the CA certificate
> in browsers, though. I have a similar setup, but with a CA cert
> generated in-house.
No you don't. The server hands out both certificates during the
connection process. It just works ;-)
> I then install the ca cert i
y key for most browsers to be happy with
it. It's not difficult with Apache and mod_ssl; I'm wondering if it
will work with Cyrus, perhaps using the 'tls_ca_file'? The docs are a
little sparse (and Comodo doesn't provide explicit instructions like it
does for mod_ssl) and my
wsers to be happy with
it. It's not difficult with Apache and mod_ssl; I'm wondering if it
will work with Cyrus, perhaps using the 'tls_ca_file'? The docs are a
little sparse (and Comodo doesn't provide explicit instructions like it
does for mod_ssl) and my understanding of
with Cyrus, perhaps using the 'tls_ca_file'? The docs are a
little sparse (and Comodo doesn't provide explicit instructions like it
does for mod_ssl) and my understanding of SSL/TLS is a bit limited.
Wil
--
Wil Cooley [EMAIL PROTEC
yrus:
./config ... --with-openssl=/usr/local/lib (where libssl.so is
installed).
BAM, ssl/tls works !!
Long story short for those using debian 2.2, make sure you either
install libssl-dev or if you compile openssl manually, make sure you add
the shared flag to your openssl ./config .
Thank you fo
t; To: 'Jeff Bert'; 'Ken Murchison'
> Cc: 'Cyrus Mailing List'
> Subject: RE: SSL/TLS
>
>
> So when I restart cyrus I get the same as jeff when I run netstat.
>
> I'm beginning to wonder if this maybe a compile issue. I just tried
> recompi
c: 'Cyrus Mailing List'
Subject: RE: SSL/TLS
also, i'd do a 'netstat -an | grep 993' to see if anything is listening
on that port... i get:
tcp 0 0.0.0.0:993 0.0.0.0:* LISTEN
and my imaps port works.
Jeff
> -Original Message-
> From: J
Jeff Bert wrote:
> i only get the cyrus master line... try to get all that other crap off
>
> you running masquerading for a home pc?
>
> if you're running a firewall why don't you turn it off for a sec and test
> it. Also, i'm no tcp/ip guru but all that extra taffic on 993? get rid
> of it
ay, May 22, 2002 1:16 PM
> To: Lee Hoffman
> Cc: 'Cyrus Mailing List'
> Subject: RE: SSL/TLS
>
>
> maybe you should look in /etc/xinetd.d/ and see if there is an imaps
> file floating unwarranted in there. maybe some other process is
> intercepting
> it...
lf Of Ken Murchison
> Sent: Wednesday, May 22, 2002 12:35 PM
> To: Lee Hoffman
> Cc: 'Cyrus Mailing List'
> Subject: Re: SSL/TLS
>
>
>
>
> Lee Hoffman wrote:
> >
> > The log was already at local6.debug. When I try to login, no imapd -s
> > process
From: Ken Murchison [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 3:13 PM
To: Lee Hoffman
Cc: 'Cyrus Mailing List'
Subject: Re: SSL/TLS
Lee Hoffman wrote:
>
> Im not sure if its being caused by login attempts via ssl (although it
> seems to happen when I try to log
gets killed but master doesn't know
about it.
I would try restarting master.
> Im going to try a recompile without the --with-ssl, any other ideas
> before I do so (Im trying to avoid it since this is a live server)?
This probably won't make a difference. imapd would complai
If you have a running 'imapd -s', then do an strace on it to see what it
is doing.
Ken
> -Original Message-
> From: Ken Murchison [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 22, 2002 2:52 PM
> To: Lee Hoffman
> Cc: 'Cyrus Mailing List'
> Subject:
in /etc/services
Lee
-Original Message-
From: Ken Murchison [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 2:52 PM
To: Lee Hoffman
Cc: 'Cyrus Mailing List'
Subject: Re: SSL/TLS
Lee Hoffman wrote:
>
> When I run /usr/local/ssl/bin/openssl s_client -conne
Subject: Re: SSL/TLS
Lee Hoffman wrote:
>
> This is VERY weird!!! When I telnet into the mailserver on 993:
>
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> . logout
> ^X
>
> No commands works, yet it says that its connected
Scratch that, that error prints out occasionally even when Im not trying
to log in via ssl.
Lee
-Original Message-
From: Ken Murchison [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 2:52 PM
To: Lee Hoffman
Cc: 'Cyrus Mailing List'
Subject: Re: SSL/TLS
Lee Hof
Lee Hoffman wrote:
>
> When I run /usr/local/ssl/bin/openssl s_client -connect localhost:993
>
> The following is printed:
>
> CONNECTED(0003)
>
> Then it just hangs.
Check imapd.log for errors. Is "imaps" listed in /etc/services?
Ken
--
Kenneth Murchison Oceana Matrix Ltd.
Softw
Jeff Bert wrote:
> well i don't have a CA either but I found that i'd get a little
> more of a delay without those extra lines in there pointing
> the ca to the same file that contains the key/cert and
> some errors in the log file...
>
> did you try compiling cyrus-imapd without --with-openss
Hi Lee!
On Wed, 22 May 2002, Lee Hoffman wrote:
> This is VERY weird!!! When I telnet into the mailserver on 993:
You must speak SSL to port 993. Think of it as 'starttls'-less SSL.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind
which expects an SSL negotiation to be
made as soon as the connection is opened. Try doing this instead:
openssl s_client -connect localhost:993
> -Original Message-
> From: Scott M Likens [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 22, 2002 2:41 AM
> To: Lee Hoffman; &
Lee Hoffman wrote:
>This is VERY weird!!! When I telnet into the mailserver on 993:
>
>Trying 127.0.0.1...
>Connected to localhost.
>Escape character is '^]'.
>. logout
>^X
>
>No commands works, yet it says that its connected! '. logout' does
>nothing, '. starttls' does nothing etc... I checked i
Lee Hoffman wrote:
> This is VERY weird!!! When I telnet into the mailserver on 993:
> No commands works, yet it says that its connected! '. logout' does
> nothing, '. starttls' does nothing etc...
The "Hacker Test" that floated around the net several years ago hat the
two questions:
+++ Can yo
it sounds funny but in my 2.0.15 install I had STARTTLS
working without that configure option.
Jeff
> -Original Message-
> From: Lee Hoffman [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 22, 2002 7:41 AM
> To: 'Scott M Likens'; 'Jeff Bert'; [EMAIL PROTECT
From: Scott M Likens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 2:41 AM
To: Lee Hoffman; 'Jeff Bert'; [EMAIL PROTECTED]
Subject: RE: SSL/TLS
*sigh*
Telnet to your imap port and please verify that the STARTTLS command
exists...
Easiest way to do that instead of doing . logout
; > + go ahead
> > C:
> > L01 OK User logged in
> > Authenticated.
> > Security strength factor: 0
> >
> > Any other ideas?
> >
> > Lee
> >
> >
> > -Original Message-
> > From: Jeff Bert [mailto:[EMAIL PROTECTED]]
>
Jeff Bert wrote:
> lastly, i remember I had to put in
>
> tls_ca_path:
> tls_ca_file:
>
> into imapd.conf to get it working... maybe you should try that
> first.. then try the re-compile.
While I am _far_ from an authority on this subject, I will add here that I
didn't need to have the "ca
-
> From: Lee Hoffman [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 21, 2002 9:59 PM
> To: 'Jeff Bert'; [EMAIL PROTECTED]
> Subject: RE: SSL/TLS
>
>
> Here is my imapd.conf:
>
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: admin
iginal Message-----
> From: Jeff Bert [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 22, 2002 12:28 AM
> To: Lee Hoffman; [EMAIL PROTECTED]
> Subject: RE: SSL/TLS
>
> did you add these to your imapd.conf:
>
> tls_ca_path: /path-to-ca-folder/
> tls_ca_file: /path-to-ca-fi
002 12:28 AM
To: Lee Hoffman; [EMAIL PROTECTED]
Subject: RE: SSL/TLS
did you add these to your imapd.conf:
tls_ca_path: /path-to-ca-folder/
tls_ca_file: /path-to-ca-file/
tls_cert_file: /path-to-cert-file/
tls_key_file: /path-to-key-file/
?
> -Original Message-
> From: [EMAIL P
also, you should use:
# imtest -t "" -u lee -a lee -r server-name.com servername.com
Jeff
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Lee Hoffman
> Sent: Tuesday, May 21, 2002 8:21 PM
> To: [EMAIL PROTECTED]
> Subj
an
> Sent: Tuesday, May 21, 2002 8:21 PM
> To: [EMAIL PROTECTED]
> Subject: SSL/TLS
>
>
> Hey all,
> I'm trying to get SSL/TLS working on cyrus 2.0.16. I followed the
> instructions to a "T" to create the certificate. I also compiled cyrus
> -with-ssl=/usr/lo
> Here is the output from imtest:
>
> Server-name:~# imtest -t "" -u lee server-name.com
try to
imtest -t "" -a lee erver-name.com
On Wed, 2002-05-22 at 10:20, Lee Hoffman wrote:
> Hey all,
> I'm trying to get SSL/TLS working on cyrus 2.0.16. I
Hey all,
I'm trying to get SSL/TLS working on cyrus 2.0.16. I followed the
instructions to a "T" to create the certificate. I also compiled cyrus
-with-ssl=/usr/local/ssl (the latest version of openssl is installed,
and working with the sshd daemon). Anyway, cyrus (which is
authent
Date: Mon, 03 Dec 2001 15:16:16 -0800
From: David Wright <[EMAIL PROTECTED]>
A while back I wrote to the list asking about how by specify the
SSL/TLS cipher algorithms that cyrus imapd should accept (by
analogy with the SSLCipherSuite directive from Apache's mod_ssl).
A while back I wrote to the list asking about how by specify the SSL/TLS cipher
algorithms that cyrus imapd should accept (by analogy with the SSLCipherSuite
directive from Apache's mod_ssl). I didn't receive a reply (which is fine) so now I
want to verify: is it true that there is
At 05:02 PM 10/3/2001 -0400, Ken Murchison wrote:
>Sorry about the late response, but I just got some time to look into
>this. Your fix allows Eudora to negotiate TLSv1, but does NOT fix the
>STARTTLS problem. I still can not get Eudora to do STARTTLS with an
>unmodified Cyrus.
Well, I just ran
Sorry about the late response, but I just got some time to look into
this. Your fix allows Eudora to negotiate TLSv1, but does NOT fix the
STARTTLS problem. I still can not get Eudora to do STARTTLS with an
unmodified Cyrus.
If you look closely at the log of your connection, you connected to an
At 08:41 AM 9/28/2001 -0400, Jeremy Beker wrote:
>Any ideas as to where on the Mac version one would set this?
I don't have a mac. I found this by looking at the on-line user's manual
in the Eudora web site. Hmmm. The manual is in an hqx file, and winzip
won't decompress it
The manuals are po
Any ideas as to where on the Mac version one would set this?
-Jeremy
At 12:31 AM -0400 9/28/01, Nick Simicich wrote:
>At 07:37 PM 9/27/2001 -0400, Nick Simicich wrote:
>
>>I had actually posted a trace of one of the sessions, extracted
>>from ethereal (before it started working). As you can s
At 07:37 PM 9/27/2001 -0400, Nick Simicich wrote:
>I had actually posted a trace of one of the sessions, extracted from
>ethereal (before it started working). As you can see, the verb being used
>in, in fact, STARTSSL. So I am of the opinion
I meant to type STARTTLS above, not STARTSSL. Just
I just successfully got Eudora to negotiate TLS with Cyrus. This applies
to Eudora 5.1.
A log extract which shows that I was able to connect in TLS is below ---
you will have to trust me that I did it from Eudora. The way to accomplish
this is to stop Eudora, and using an editor like emacs
At 07:46 AM 9/27/2001 -0500, Amos Gouaux wrote:
> > On Thu, 27 Sep 2001 01:05:53 -0400,
> > Nick Simicich <[EMAIL PROTECTED]> (ns) writes:
>
>ns> I did some searches in the archives. If there is anything similar,
>ns> searching on Eudora and ssl or tls didn't find it. Eudora will not
>ns
I apologize that this is a FAQ and will now scurry off to recompile. Yep,
that does it, it established a sslV3 connection immediately, authenticated
without a problem.
Are there more Eudora related questions in this 2.1 FAQ? Is it available
anywhere? Ah, you said it was available in CVS, I'l
No, it won't use TLS/SSL session on authentication mechanism. It
will connect to port 993 and use SSL for the entire session.
> On Thu, 27 Sep 2001 17:22:23 +0200 (CEST),
> rj45 <[EMAIL PROTECTED]> (r) writes:
r> I never could make eudora works with cyrus TLS/SSL
r> you say if I use a
I wil complain too!!
Rick
On Thu, 27 Sep 2001, Ken Murchison wrote:
>
>
> Nick Simicich wrote:
> >
> > I did some searches in the archives. If there is anything similar,
> > searching on Eudora and ssl or tls didn't find it. Eudora will not
> > complete TLS negotiation with Cyrus.
> >
> > I
> On Thu, 27 Sep 2001 01:05:53 -0400,
> Nick Simicich <[EMAIL PROTECTED]> (ns) writes:
ns> I did some searches in the archives. If there is anything similar,
ns> searching on Eudora and ssl or tls didn't find it. Eudora will not
ns> complete TLS negotiation with Cyrus.
Are you attempti
Nick Simicich wrote:
>
> I did some searches in the archives. If there is anything similar,
> searching on Eudora and ssl or tls didn't find it. Eudora will not
> complete TLS negotiation with Cyrus.
>
> I am running Redhat Roswell (the current Redhat Beta, 7.1+) on an Intel box.
>
> I am r
I did some searches in the archives. If there is anything similar,
searching on Eudora and ssl or tls didn't find it. Eudora will not
complete TLS negotiation with Cyrus.
I am running Redhat Roswell (the current Redhat Beta, 7.1+) on an Intel box.
I am running cyrus-imapd-2.0.15-HIERSEP-r2,
Hello again
I've configured my Cyrus 2.0.16 to work with SSL/TLS as the docs
included on the package says.
When I do:
imtest -t "" imaptest.unrc.edu.ar
i get the following:
C: C01 CAPABILITY
S: * OK test Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 AC
79 matches
Mail list logo
