Re: [courier-users] Error after copying maildirs
>> I copied the .maildir - folders within the single homedirs onto the new >> server, chown'ed them to the new UIDs/GIDs and configured postfix to >> deliver to them. This works good. But here's my problem: When opening >> the maildirs with Thunderbird (Courier over IMAP), and accessing a >> folder other than Inbox, then the following error is printed: "Unable to >> >> open this mailbox". I double checked the permissions and tried to create >> > > Not just the permission, but the ownership of all files and > subdirectories > in the maildir, and that it must match the userid and the groupid defined > in > the account record. Hi Sam, Thank you for your answer. I set the ownership (user and group) recursively on the whole maildir folder. I used the UID and GID of the system. What do you mean with "account record"? Is there another database? Greets Marc -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Error after copying maildirs
Marc Richter writes: I copied the .maildir - folders within the single homedirs onto the new server, chown'ed them to the new UIDs/GIDs and configured postfix to deliver to them. This works good. But here's my problem: When opening the maildirs with Thunderbird (Courier over IMAP), and accessing a folder other than Inbox, then the following error is printed: "Unable to open this mailbox". I double checked the permissions and tried to create Not just the permission, but the ownership of all files and subdirectories in the maildir, and that it must match the userid and the groupid defined in the account record. pgprvpS9cqrGn.pgp Description: PGP signature -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] [PATCH] disable aNULL-ciphers, maybe enable medium ciphers
Hanno Böck writes: Bernd Wurst told me that our cipher string (we're maintaining the server together) got once used as the default for courier, so you probably have that problem as well ;-) Yeah, I think he was the one that came up with the defaults. Defaults changed. I kept the MEDIUM ciphers switched off. The man page does not really say that MEDIUM includes the 128 bit ciphers, just "some of those". So, let's stick with HIGH ciphers only, and let OpenSSL decide what's a medium cipher and what's a high cipher. pgpQp3w8wipqn.pgp Description: PGP signature -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Error after copying maildirs
Hi list. I have a serious problem. The (v)server of a friend has been changed a week ago. On the old system there was a Debian/Postfix/CourierIMAP combination running for maildelivery. When he changed the server, he also changes the distro - it's ubuntu now. I don't know if this has anything to do with my problems, but I think I'll better give this hint. I copied the .maildir - folders within the single homedirs onto the new server, chown'ed them to the new UIDs/GIDs and configured postfix to deliver to them. This works good. But here's my problem: When opening the maildirs with Thunderbird (Courier over IMAP), and accessing a folder other than Inbox, then the following error is printed: "Unable to open this mailbox". I double checked the permissions and tried to create a folder by the same name as the existing one, but I always get this error. I thought this might have s.th. to do with the courier* files and folders, courier creates within every directory. I read on the net, that courier reindexes and recreates those files when needed and that they can be removed. So I did. But I still get this error. Courier don't recreate those files and folders, too. So how can I get courier to open those subfolders again? And what part did I wrong? I'd really, really be very glad about some help with this :( Greets, Marc -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] [PATCH] disable aNULL-ciphers, maybe enable medium ciphers
Hi, On some investigation of my servers, I found that my common ssl cipher string enables the aNULL-ciphers. Those are ciphers without any authentication of the server certificate and their usage is discouraged. Bernd Wurst told me that our cipher string (we're maintaining the server together) got once used as the default for courier, so you probably have that problem as well ;-) Beside, the current default string in courier disables the medium ciphers (which are mainly 128 bit ciphers). I think they're perfectly okay and it's quite questionable if the high ciphers are an improvement (e.g. the recent theoretical aes attacks only work on the 256bit version, not the 128 one). So I'm providing you two patches and ask that you apply at least one. courier-0.62.2-sslcipherstring-anull.diff : disable aNULL courier-0.62.2-sslcipherstring-anull-medium.diff : disable aNULL and enable MEDIUM -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail:ha...@hboeck.de http://schokokeks.org - professional webhosting diff -Naur courier-0.62.2/courier/courierd.dist.in courier-0.62.2-sslstring/courier/courierd.dist.in --- courier-0.62.2/courier/courierd.dist.in 2008-07-13 16:54:48.0 +0200 +++ courier-0.62.2-sslstring/courier/courierd.dist.in 2009-08-12 16:28:52.0 +0200 @@ -269,7 +269,7 @@ # # OpenSSL: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength" # # To enable SSL2, remove the obvious "!SSLv2" part from the above list. # diff -Naur courier-0.62.2/courier/module.esmtp/esmtpd.dist.in courier-0.62.2-sslstring/courier/module.esmtp/esmtpd.dist.in --- courier-0.62.2/courier/module.esmtp/esmtpd.dist.in 2009-06-02 05:04:25.0 +0200 +++ courier-0.62.2-sslstring/courier/module.esmtp/esmtpd.dist.in 2009-08-12 16:28:52.0 +0200 @@ -139,7 +139,7 @@ # When using the SSL23 protocol setting (see above), the following setting # should turn off SSL2 (leaving just SSL3 and TLS1) and all anonymous ciphers: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength" # # GnuTLS: # diff -Naur courier-0.62.2/courier/module.esmtp/esmtpd-ssl.dist.in courier-0.62.2-sslstring/courier/module.esmtp/esmtpd-ssl.dist.in --- courier-0.62.2/courier/module.esmtp/esmtpd-ssl.dist.in 2008-07-12 22:17:24.0 +0200 +++ courier-0.62.2-sslstring/courier/module.esmtp/esmtpd-ssl.dist.in 2009-08-12 16:28:52.0 +0200 @@ -163,7 +163,7 @@ # # OpenSSL: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength" # # To enable SSL2, remove the obvious "!SSLv2" part from the above list. # diff -Naur courier-0.62.2/imap/imapd-ssl.dist.in courier-0.62.2-sslstring/imap/imapd-ssl.dist.in --- courier-0.62.2/imap/imapd-ssl.dist.in 2008-07-12 22:17:24.0 +0200 +++ courier-0.62.2-sslstring/imap/imapd-ssl.dist.in 2009-08-12 16:28:52.0 +0200 @@ -147,7 +147,7 @@ # # OpenSSL: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength" # # To enable SSL2, remove the obvious "!SSLv2" part from the above list. # diff -Naur courier-0.62.2/imap/pop3d-ssl.dist.in courier-0.62.2-sslstring/imap/pop3d-ssl.dist.in --- courier-0.62.2/imap/pop3d-ssl.dist.in 2008-07-12 22:17:25.0 +0200 +++ courier-0.62.2-sslstring/imap/pop3d-ssl.dist.in 2009-08-12 16:28:52.0 +0200 @@ -134,7 +134,7 @@ # # OpenSSL: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength" # # To enable SSL2, remove the obvious "!SSLv2" part from the above list. # diff -Naur courier-0.62.2/tcpd/libcouriertls.c courier-0.62.2-sslstring/tcpd/libcouriertls.c --- courier-0.62.2/tcpd/libcouriertls.c 2009-06-27 18:32:50.0 +0200 +++ courier-0.62.2-sslstring/tcpd/libcouriertls.c 2009-08-12 16:28:52.0 +0200 @@ -567,7 +567,7 @@ SSL_CTX_set_options(ctx, SSL_OP_ALL); if (!ssl_cipher_list) - ssl_cipher_list="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength"; + ssl_cipher_list="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!an...@strength"; SSL_CTX_set_cipher_list(ctx, ssl_cipher_list); SSL_CTX_set_timeout(ctx, session_timeout); diff -Naur courier-0.62.2/courier/courierd.dist.in courier-0.62.2-sslstring/courier/courierd.dist.in --- courier-0.62.2/courier/courierd.dist.in 2008-07-13 16:54:48.0 +0200 +++ courier-0.62.2-sslstring/courier/courierd.dist.in 2009-08-12 16:29:57.0 +0200 @@ -269,7 +269,7 @@ # # OpenSSL: # -# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!n...@strength" +# TLS_CIP