RE: The future of SIS
On Mon, 16 Oct 2023, Marc wrote: > Is this feature really useful? I can imagine if you are twitter or ig and > everyone is posting the same video this could be usefull. Are there any stats > on this available, so you know what to expect implementing deduplication. In an office where people insist on mailing documents to everyone, and using email as a document storage system, yes, it is very useful. -- --- ==== Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Cannot reach documentation site
On Sun, 26 Feb 2023, Ken Bass wrote: > doc.dovecot.org does not have a DNS entry. It worked a few days ago, but not > now. [chris@newpop ~]$ host doc.dovecot.org doc.dovecot.org is an alias for talvi.dovecot.org. talvi.dovecot.org has address 94.237.105.223 talvi.dovecot.org has IPv6 address 2a04:3545:1000:720:acc1:5bff:fe5e:459 -- --- ==== Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris
Re: doveadm sending invalid AUTHENTICATE to uw-imap
For anyone searching in the future: The eventual cause turns out to be, as far as I can tell, something screwy in uw-imap or the base64 decode function it uses on this old Solaris server. It seems to be something odd with the number of characters in the hash. tl;dr I'm going to do my migration with 2 different master users with different length passwords, which will cover all cases and allow me to migrate all the users. Problem solved for this case. Now the long version for the archive: To diagnose the problem I eventually wrote a short perl program using IO::Socket::SSL that prints the UW-Imap banner and the '+' second prompt, logs what it receives back, and exits. This let me see that in all cases, doveadm sends the single line AUTHENTICATE command, so that wasn't the problem. It had never occurred to me to reverse the hash and see what was being sent. I had been testing from telnet / "openssl s_client" using a string "\0user@masteruser\0masterpass" . Doveadm is sending "user\0masteruser\0masterpass" . Different input, different results. Somewhere in my testing, I forgot to add the -n to echo -e "\0user@masteruser\-masterpass" | base64 (so the input to base64 had a trailing newline) and to my surprise, a user that didn't work before worked ! That mistake is how I figured out the extra character in the password was somehow making a difference. So -- since this is a one time migration, and it's repeatable, I've come up with the users that work with the padding, and the ones that work without, and will run the import each way for each list, turn off the legacy server and be done with this ! Thanks for the pointers, and if anyone else runs into this bizare situation hopefully they find this ! Of course if anyone knows why this happens I'd love to hear it. -Chris On Wed, 8 Feb 2023, Chris Candreva wrote: > > On Wed, 8 Feb 2023, Aki Tuomi wrote: > > > Can you try setting imapc_sasl_mechanisms to login, maybe it works better? > > And Stephan Bosch wrote: > > > Can you make a protocol log (tcp dump of commands sent by client and > > replies sent by server) for one of these sessions? e.g. using ngrep if > > connections aren't secured. > > > I was using imaps initially. Switching to imap over port 143 to do the > tcpdump had the side effect of switching to LOGIN authentication, > evidently uw-imap is sending different capability strings. It still > doesn't work though. Both from the error and the dump I can tell "doveadm" > is sending the user's id only without the "*masteruser" and the > master user password. > > Plain connection banner: > * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS > STARTTLS] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:45:22 > -0500 (EST) > > SSL Banner on 993: > * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS > AUTH=PLAIN AUTH=LOGIN] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 > 16:53:36 -0500 (EST) > > > > > > On 08/02/2023 06:24 EET Chris Candreva wrote: > > > > > > > > > I'm migrating a legacy uw-imap system to Dovecot, on a Rocky (RHEL) 8 > > > server running Dovecot 2.3.16-3 from their repos. I am using a master > > > user > > > to import all users for an imaps connection from the old server to the > > > new. On a trial run however, it worked for about half the users. Half are > > > giving an error of the form: > > > > > > dsync(user): Error: imapc(host:993): > > > Command '1 AUTHENTICATE PLAIN ' failed > > > with BAD: > > > 1 Missing or invalid argument to AUTHENTICATE > > > > > > I can't seem to get the IMAP command for the users that did work. > > > However, > > > on the face of it, that is an invalid AUTHENTICATE command. If I take > > > that > > > string and brake it up into (what I've googled is) the proper form of > > > multi-command form of > > > > > > 1 AUTHENTICATE PLAIN > > > + > > > > > > > > > then the login succeeds. I have not been able to find anyone else with > > > this problem in my search. Is this a known issue, is there a way to force > > > the multi-line AUTHENTICATE, something else I'm missing ? Any help is > > > appreciate on this! > > > > > > -Chris > > > > > > > > > > > > -- > > > --- > > > > > > Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris > > > > -- --- Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris
Re: doveadm sending invalid AUTHENTICATE to uw-imap
On Wed, 8 Feb 2023, Aki Tuomi wrote: > Can you try setting imapc_sasl_mechanisms to login, maybe it works better? And Stephan Bosch wrote: > Can you make a protocol log (tcp dump of commands sent by client and > replies sent by server) for one of these sessions? e.g. using ngrep if > connections aren't secured. I was using imaps initially. Switching to imap over port 143 to do the tcpdump had the side effect of switching to LOGIN authentication, evidently uw-imap is sending different capability strings. It still doesn't work though. Both from the error and the dump I can tell "doveadm" is sending the user's id only without the "*masteruser" and the master user password. Plain connection banner: * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:45:22 -0500 (EST) SSL Banner on 993: * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:53:36 -0500 (EST) > > On 08/02/2023 06:24 EET Chris Candreva wrote: > > > > > > I'm migrating a legacy uw-imap system to Dovecot, on a Rocky (RHEL) 8 > > server running Dovecot 2.3.16-3 from their repos. I am using a master user > > to import all users for an imaps connection from the old server to the > > new. On a trial run however, it worked for about half the users. Half are > > giving an error of the form: > > > > dsync(user): Error: imapc(host:993): > > Command '1 AUTHENTICATE PLAIN ' failed with > > BAD: > > 1 Missing or invalid argument to AUTHENTICATE > > > > I can't seem to get the IMAP command for the users that did work. However, > > on the face of it, that is an invalid AUTHENTICATE command. If I take that > > string and brake it up into (what I've googled is) the proper form of > > multi-command form of > > > > 1 AUTHENTICATE PLAIN > > + > > > > > > then the login succeeds. I have not been able to find anyone else with > > this problem in my search. Is this a known issue, is there a way to force > > the multi-line AUTHENTICATE, something else I'm missing ? Any help is > > appreciate on this! > > > > -Chris > > > > > > > > -- > > --- > > ==== > > Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris > -- --- Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris
doveadm sending invalid AUTHENTICATE to uw-imap
I'm migrating a legacy uw-imap system to Dovecot, on a Rocky (RHEL) 8 server running Dovecot 2.3.16-3 from their repos. I am using a master user to import all users for an imaps connection from the old server to the new. On a trial run however, it worked for about half the users. Half are giving an error of the form: dsync(user): Error: imapc(host:993): Command '1 AUTHENTICATE PLAIN ' failed with BAD: 1 Missing or invalid argument to AUTHENTICATE I can't seem to get the IMAP command for the users that did work. However, on the face of it, that is an invalid AUTHENTICATE command. If I take that string and brake it up into (what I've googled is) the proper form of multi-command form of 1 AUTHENTICATE PLAIN + then the login succeeds. I have not been able to find anyone else with this problem in my search. Is this a known issue, is there a way to force the multi-line AUTHENTICATE, something else I'm missing ? Any help is appreciate on this! -Chris -- --- Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris
