We have long supported clients using whatever encryption scheme they
choose. I am trying to get perdition running with the same level of
support but am unable to have it successfully listen on both port 143
and 993 with STARTTLS and ssl/tls encryption.
ssl_mode used to allow ssl_* and / or tls_* but now it's only one or
the other not both.
Been messing around for ages, please help!
I've just upgraded my mail box to wheezy, and at the same time enabled
v6 on it, however I can't figure out what magic syntax is needed for
perdition to actual listen on v6.
The package in wheezy is 1.19~rc5-1+b1 which seems like it should have
v6 support, but it doesn't by default listen on v6, and with what seems
like the obvious setting:
Fails to start.
Nowhere in the docs can I see any examples with v6 addresses, so I don't
know if it's perhaps expecting [::] style or something different.
I'm happy to announce the release of perdition 2.1
This is a bugfix release.
Key changes since 2.0:
* Apply configured ciperhsuite preferences for outpand connections. This
is a fix for for CVE-2013-4584.
* Use 1.0 as the managesieve version
A full change log is provided by the Mercurial repository
Perdition 2.1 and the vanessa libraries that it depends on
are available from:
This series tries to make the configuration options symmetric and
predictable between incoming and outgoing connections, as mentioned in
It may change the semantics for existing configurations, though!
hi perdition folks--
I'm an emacs user. i know that's not to everyone's taste, but for those
of us who use emacs, it makes it easier to work on a source file without
modifying whitespace if the whitespace conventions are known to the One
True text editor :P
Placing the file below as .dir-locals.el in the root of the perdition
tree should make it easier for emacs users to contribute patches without
making accidental unnecessary whitespace changes:
;; emacs local configuration settings for perdition source
;; surmised by dkg on 2013-10-24 09:42:45-0400
(indent-tabs-mode . t)
(tab-width . 4)
(c-basic-offset . 4)
(c-file-style . "linux"))
I have installed Perdition on a server which (will) sits between my
mail server and mail gateway. Currently I am just running webmail via
the proxy and it works really great but my plan is to change the imap
CNAME to point to the proxy so that all connections from clients
(thunderbird, iphone, etc) will go via the proxy as well.
I have tested this and most clients worked fine as long as they were
using STARTTLS on port 143 or unencrypted connections (which won't be
allowed in production) however users connecting on port 993 seem "stuck"
to the real mailserver, I suspect it is some kind of SSL session thing.
Users connecting with STARTTLS immediately get a password prompt when
the DNS change is dected by their computer but with SSL on port 993 the
client fails to connect and / or sits there trying to connect
indefinately. Restarting perdition or the real mail server doesn't
change that behaviour.
The really weird thing is that it seemed to work for a handfull of
clients. Also, when changing the DNS back, some clients then remain
"stuck" to the proxy server instead (only port 993 users).
I am somewhat confused by the ssl_mode settings too. Advice would be
seriously appreciated :)
PS: same is true for POP on port 995.
PPS: The real server and the proxy have different certs, proxy has a
real one whereas the imap server has a self signed.