Happy New Year!
now for bad news, i'm back :)
On 30/12/2021 13:05, Mark Foster via mailop wrote:
On 29/12/2021 11:48 pm, Noel Butler via mailop wrote:
Mark, you do realise, that information *is already there* in the
header, well, for network operators it is, as its encrypted but
roundcube
On 2021-12-30 11:00, Nicolas JEAN via mailop wrote:
Il 29/12/2021 07:05, Slavko via mailop ha scritto:
I am not sure if that matters. IMO , when dovecot's auth policy will
reject the later (with real RIP), the roundcube's content will be
empty
(at least i hope), and client's IP will be blocked
Ahoj,
Dňa Thu, 30 Dec 2021 17:00:57 +0100 Nicolas JEAN via mailop
napísal:
> So I really want dovecot to know the originating IP for the _first_
> login attempt.
I tried the proposed patch and it works, that mean the remote ip is set
from first (login) request. That is indeed best solution.
Il 30/12/2021 19:46, Andrew C Aitchison ha scritto:
On Thu, 30 Dec 2021, Nicolas JEAN via mailop wrote:
From my understanding and tests, the first IMAP login attempt
forwarded to dovecot is the actual login to roundcube.
Is the first auth request to dovecot the first login attempt to
On Thu, 30 Dec 2021, Nicolas JEAN via mailop wrote:
Il 29/12/2021 07:05, Slavko via mailop ha scritto:
I am not sure if that matters. IMO , when dovecot's auth policy will
reject the later (with real RIP), the roundcube's content will be empty
(at least i hope), and client's IP will be blocked
Il 30/12/2021 04:39, John Levine via mailop ha scritto:
It appears that Mark Foster via mailop said:
Maybe I need to be clear that I both use Roundcube, and operate it on a
private MTA. I havn't seen how my HTTP(S) IP address was encoded in any
emails i've sent using Roundcube, even as the
Il 29/12/2021 07:05, Slavko via mailop ha scritto:
I am not sure if that matters. IMO , when dovecot's auth policy will
reject the later (with real RIP), the roundcube's content will be empty
(at least i hope), and client's IP will be blocked by fail2ban soon or
latter. Or i am wrong?
From my
It appears that Mark Foster via mailop said:
>Maybe I need to be clear that I both use Roundcube, and operate it on a
>private MTA. I havn't seen how my HTTP(S) IP address was encoded in any
>emails i've sent using Roundcube, even as the operator of that platform.
>
>Perhaps I missed something.
On 29/12/2021 11:58 pm, Noel Butler via mailop wrote:
On 29/12/2021 14:15, Mark Foster via mailop wrote:
I use Roundcube myself and as a /user/ of the software, it hadn't
occurred to me that, much like Gmail, people who send emails using
this webmail tool have /full anonymity/ (except, of
On 29/12/2021 11:48 pm, Noel Butler via mailop wrote:
abuse reports filed with them... there's little evidence of this to an
end-user/victim...)
I for one look forward to Roundcube building in the option to have
the web IP included in headers,
Mark, you do realise, that information *is
Am 29.12.21 um 13:32 schrieb Jaroslaw Rafa via mailop:
As far as I know, Gmail puts the originating IP of the client (browser)
connecting via HTTP into the first "Received" header, as plain text.
No, they don't. As a spamfighter, I'd wish they did, but I do understand the
related privacy
Dnia 29.12.2021 o godz. 20:48:25 Noel Butler via mailop pisze:
> >I for one look forward to Roundcube building in the option to have
> >the web IP included in headers,
>
> Mark, you do realise, that information *is already there* in the
> header, well, for network operators it is, as its
On 29/12/2021 14:15, Mark Foster via mailop wrote:
I use Roundcube myself and as a _user_ of the software, it hadn't
occurred to me that, much like Gmail, people who send emails using this
webmail tool have _full anonymity_ (except, of course, from the service
operator).
Should have
On 29/12/2021 14:15, Mark Foster via mailop wrote:
So your attitude is fine if you're a _good_ platform operator _and the
victim _
Most operators will be better operators, as most of us dont have tools
scanning its users emails to target advertising and christ knows what
else they do with
Ahoj,
Dňa Tue, 28 Dec 2021 18:08:24 +0100 Nicolas JEAN via mailop
napísal:
> Did you encounter the issue of the first IMAP connection not
> forwarding the actual client IP to dovecot?
OK, i try it, and i see it:
imap-login: Login: user=, method=PLAIN, rip=::1, ...
imap-login: Login: user=,
On 29/12/2021 03:50, Jaroslaw Rafa via mailop wrote:
It is Roundcube that is actually connecting to Dovecot/Postfix and
receiving/sending mail, not the user's browser, so the connecting IP
that
Dovecot/Postfix gets is technically correct. No need to change it. On
the
other hand, user's
Il 28/12/2021 20:00, Andrew C Aitchison via mailop ha scritto:
On Tue, 28 Dec 2021, Jaroslaw Rafa via mailop wrote:
Can't these restrictions be just moved from Dovecot/Postfix to Roundcube
itself? Roundcube definitely knows the value of the
$_SERVER["REMOTE_ADDR"]
variable and can make use of
Hi Slavko,
Il 28/12/2021 17:35, Slavko via mailop ha scritto:
Dňa 28. decembra 2021 15:55:57 UTC používateľ Nicolas JEAN via
mailop napísal:
At least with dovecot you can
usehttps://gitlab.com/takerukoushirou/roundcube-dovecot_client_ip
which can add client's IP to login information (via
On Tue, 28 Dec 2021, Jaroslaw Rafa via mailop wrote:
Dnia 28.12.2021 o godz. 07:17:43 Michael Peddemors via mailop pisze:
For us, the security value of passing the originating IP to the
Dovecot or SMTP layers for auth restrictions is paramount, as well
as other details on the originating
Dňa 28. decembra 2021 17:08:24 UTC používateľ Nicolas JEAN via mailop
napísal:
>Did you encounter the issue of the first IMAP connection not forwarding
>the actual client IP to dovecot? (the one sent from roundcube's login page)
Terrible to tell now, as i didn't care before and i am not at PC
Bonjour Dominique,
and thanks for your comments!
Il 28/12/2021 17:23, Dominique Rousseau via mailop ha scritto:
Le Tue, Dec 28, 2021 at 04:55:57PM +0100, Nicolas JEAN via mailop
[mailop@mailop.org] a écrit:
(...)
My conclusion is that today, there's no technical way to forward
client IPs from
On 12/28/21 09:27, Steven Champeon via mailop wrote:
I hope to die before that logic extends to hiding what channel you are
tuned into on a TV or radio for "privacy reasons". Infrastructure is
infrastructure, it's not like every packet you send has a social security
number or bank account
On 2021-12-28 11:27 a.m., Steven Champeon via mailop wrote:
I hope to die before that logic extends to hiding what channel you are
tuned into on a TV or radio for "privacy reasons". Infrastructure is
infrastructure, it's not like every packet you send has a social security
number or bank
on Tue, Dec 28, 2021 at 07:17:43AM -0800, Michael Peddemors via mailop wrote:
> The problem isn't 'technical', but rather political. There are
> those out there that believe by including the originating IP
> Address, you are exposing PPI (Private Personal Information) by
> including the IP
Dnia 28.12.2021 o godz. 07:17:43 Michael Peddemors via mailop pisze:
>
> For us, the security value of passing the originating IP to the
> Dovecot or SMTP layers for auth restrictions is paramount, as well
> as other details on the originating sender. (Country AUTH
> restrictions, OS Detection,
On 2021-12-28 17:55, Nicolas JEAN via mailop wrote:
My conclusion is that today, there's no technical way to forward
client IPs from roundcube to dovecot/postfix.
Doesn't the XFORWARD feature work for postfix? I thought that's how
amavis for example talks to postfix. Usually via a dedicated
Dňa 28. decembra 2021 15:55:57 UTC používateľ Nicolas JEAN via mailop
napísal:
>Still, even if I'm going to have all legalities cleared and my terms of
>service updated...
>My conclusion is that today, there's no technical way to forward client
>IPs from roundcube to dovecot/postfix.
At
Hi,
Le Tue, Dec 28, 2021 at 04:55:57PM +0100, Nicolas JEAN via mailop
[mailop@mailop.org] a écrit:
(...)
> >Possibly on install, it should ask the email operator for their
> >position, and 'maybe' warning them they should indicate that occurs
> >on their terms of service. But of course, most
Hi Michael,
Il 28/12/2021 16:17, Michael Peddemors via mailop ha scritto:
The problem isn't 'technical', but rather political. There are those
out there that believe by including the originating IP Address, you
are exposing PPI (Private Personal Information) by including the IP
Address.
Hi Nicolas,
The problem isn't 'technical', but rather political. There are those
out there that believe by including the originating IP Address, you are
exposing PPI (Private Personal Information) by including the IP Address.
Of course, I personally think this is baloney, as the email
Hi everyone,
I'd like to gather some thoughts on the following issue.
*Problem*
By default, roundcube login attempts (imap, smtp) are forwarded to
dovecot/postfix without the original client IP that makes the request
(possibly true of other webmail software).
This can't benefit from
31 matches
Mail list logo
