Re: doveconf error upon boot up

2018-10-31 Thread Stroller 
I've just started getting this error on Gentoo Linux.

I've been running dovecot-2.3.2.1 for some time and didn't notice it. I 
recently updated glibc from 2.26-r7 to 2.27-r6 and dovecot was hanging on 
startup.

Recompiling dovecot fixed the hang, but now I'm seeing the same error message 
as below.

Stroller

(please CC me on replies)


On 4/10/18, Jerry  wrote:
> 
> Error message upon boot up:
> 
> doveconf: error: t_readlink(/var/run/dovecot/dovecot.conf) failed:
> readlink() failed: No such file or directory
> 
> Starting dovecot.
> 
> Dovecot appears to start correctly

Re: OCSP Stapling and Certificate Transparency

2018-10-31 Thread Aki Tuomi 


 
 
  
   
  
  
   
On 31 October 2018 at 09:41 "Michael A. Peters" <
mpet...@domblogger.net> wrote:
   
   

   
   

   
   
On 05/01/2018 09:08 AM, Aki Tuomi wrote:
   
   
>
   
   
>> On 01 May 2018 at 19:03 Felipe Gasper < 
fel...@felipegasper.com
   
   
>> fel...@felipegasper.com>> wrote:
   
   
>>
   
   
>>
   
   
>> Hi,
   
   
>>
   
   
>> For CAs that do not include a signed certificate timestamp in their
   
   
>> newly-issued certificates, does Dovecot support either OCSP stapling
   
   
>> or the Certificate Transparency TLS extension?
   
   
>>
   
   
>> If the TLS extension is supported, how does the admin configure the
   
   
>> timestamp for each certificate?
   
   
>>
   
   
>> I’m wondering if any MUAs will follow Google’s lead and insist on CT.
   
   
>>
   
   
>> Thank you!
   
   
>>
   
   
>> -Felipe Gasper
   
   
>> Mississauga, Ontario
   
   
>
   
   

 Hi!

   
   

 We are planning to add ocsp stapling support. At least Thunderbird


 supports must-staple attribute.


 ---


 Aki Tuomi

   
   
Hi, is there any more news on this?
   
   

   
   
Note I don't *personally* need it, but I provide custom dovecot RPMs for
   
   
CentOS 7 and someone asked how to do it. They want to use a certificate
   
   
that has the "must staple" feature.
   
   

   
   
(I'm personally more interested in DANE support in clients, which
   
   
dovecot doesn't need to do anything for, that's client specific)
   
  
  
   It has not veen forgotten, just has not been done yet. We are bundling it together with other changes related to certificate handling.
  
  
   
  
  
   I cannot provide any schedule for it yet.
  
  
   
  
  
   ---
   Aki Tuomi

Re: OCSP Stapling and Certificate Transparency

2018-10-31 Thread Michael A. Peters 

On 05/01/2018 09:08 AM, Aki Tuomi wrote:



On 01 May 2018 at 19:03 Felipe Gasper < fel...@felipegasper.com
> wrote:


Hi,

For CAs that do not include a signed certificate timestamp in their
newly-issued certificates, does Dovecot support either OCSP stapling
or the Certificate Transparency TLS extension?

If the TLS extension is supported, how does the admin configure the
timestamp for each certificate?

I’m wondering if any MUAs will follow Google’s lead and insist on CT.

Thank you!

-Felipe Gasper
Mississauga, Ontario


Hi!

We are planning to add ocsp stapling support. At least Thunderbird
supports must-staple attribute.
---
Aki Tuomi


Hi, is there any more news on this?

Note I don't *personally* need it, but I provide custom dovecot RPMs for 
CentOS 7 and someone asked how to do it. They want to use a certificate 
that has the "must staple" feature.


(I'm personally more interested in DANE support in clients, which 
dovecot doesn't need to do anything for, that's client specific)

Re: Copying from a previous Dovecot server

2018-10-31 Thread Steffen Kaiser 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 30 Oct 2018, Peter Lindgren wrote:


Hello!
I have installed a new dovecot server on a new server, using imap and 
Maildir.

The old Maildirs are accessible on a mounted disk.
I have tried to copy a few folders manually, by first creating the folder on 
the new server through the a-mail client, and then copying the contents of 
the cur folder from the old to the new. Works fine, but is a manual process. 
I'm looking for a way to script this.


if you do not change the names of the mailboxes, copy the whole Maildir 
directory from old to new. Dovecot updates all files. At the first access 
of a mailbox, you probably see a "broken" warning and the repair takes 
place.


The warning and repair can probably be forced by doveadm index.

If you already added ACLs or something like that, you probably need to 
backup some files from the new Maildir.


Is it safe to copy a template folder to a new folder, and then copy the cur 
folder contents? The files that Dovecot creates in an empty folder have 
different contents, will Dovecot update them when the user retrieves the 
mails in that folder?


Or, can I just make a symlink to the old Maildir somewhere?

Peter



- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBW9lNBcQnQQNheMxiAQKrAggAvrcWrBuf9H72U4aOQd8SoiZTzuLpVuTV
lZah7ccYzQS62sfun+y49XndNiWWEIVLP3t7C6HPqiW1b4mr8+Hs56GhZOUac9kx
wih4CxROR4/75/Gzs3varoDYVaR1MmMkc15YE/sglmw4RbDhuX6PK3mct5Z7QzVr
sObSL+TuhLhGvzJiLJftknoiov3w44NeLKLNYweeISJ8D1vW/Xzc4B3LItPwXI/n
bhlZ619GdzHO5mSJmXZYTOEirn10XYMsesV3UKEy6ncr2txeprkTCaGe9CyPNXKf
giQm17LfgdGUpLEKQDx6BkCviMQWDOiw7Z60R9QDTS7YoeylIiZ8Gw==
=+S4G
-END PGP SIGNATURE-