Perdition-users

perdition-users@vergenet.net

327 discussions

Looking for recent documentation for perdition

by brucet.cisco＠gmail.com

I want to use perdition on a Debian server that I want to use for email aggregation. I believe I have a fairly basic use case. I want to route Imap requests for each subdomain of a mail domain to a different private IP address. I found documentation on how to do this for Debian / Mysql here: https://opentodo.net/2012/04/configuring-an-imappop-proxy-with-perdition-and -mysql/ Unfortunately, this documentation seems quite old. I do not know if it is relevant to the latest version of perdition. Is there a different / newer version of config example documentation for perdition that someone can point me to? Bruce T

2 years, 9 months

Imap reverse / proxy in front of our clients machines.

by Brent Clark

Good day Guys We have a need to put an imap reverse / proxy in front of our clients machines. Google is not proving to be of any help. Is there way a way I can have perdition connect to the clients imap server based on their username? Ive been looking at delimiter, but perdition keeps looking "locally". So the idea is perdition looks at the username e.g. bob(a)variablemydomain.com perdition connects to variablemydomain.com:993. Many thanks Regards Brent Clark

4 years, 10 months

perdition.imaps[17045]: Fatal Error reading authentication information from client

by Marcus Schopen

Hi, when trying to connect to my cyrus imap through perdition with ssl + PLAIN I get the following error: perdition.imaps[17045]: Fatal Error reading authentication information from client ... Connecting directly to cyrus authentication with ssl + plain works fine. I checked my Evolution and Thunderbird client and both uses "Password" for authentication. Ciao Marcus

4 years, 12 months

Wildcards and perdition

by yugi

HI, Does perdition accept wildcards as certificate ? I am trying to set a deploy with one and I am getting always the error that was no possible to find the DH parameters. Anyone have problems with this ? Cheers Zeit uriboxmobile(a)gmail.com Please consider the environment before printing this email.

5 years, 2 months

Problems with TLS

by Peter Feigl

Hello ;) We are successfully running perdition, however in times of high load some SSL connections to perdition fail. Some work, but some do not. This leads to clients having to retry. It resolves itself when load is lessened. > openssl s_client -connect imap.server:993 CONNECTED(00000004) write:errno=104 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 176 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1523867288 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- Any ideas on how to debug this? Thanks for any help, Peter

5 years, 2 months

MySQL/MariaDB stored procedure or sql where clause

by Harald Paulsen

I'm working on a new setup where we would like to used stored procedures for an extra layer of security, in addition to having a where-clause to limit who can use a perdition-server. Has anyone made any patches to perdition / perditiondb_mysql to allow for either of these scenarios? Examples: 1) Use a stored procedure to return a result instead of giving the perdition mysql user access to the whole database. If I would have a table called "users" with the fields "email" and "mailserver" I could map these into perdition expected fields CREATE PROCEDURE perdition_lookup (parameter_user VARCHAR(128)) BEGIN SELECT email AS user, mailserver AS servername FROM users WHERE email = parameter_user LIMIT 1 END; Then perdition_mysql could be set up with CALL perdition_lookup(\U) or something similar. 2) We will use multiple perdition servers and only some users should be allowed to use one of the servers (while all of them are allowed to use the second one). The addition of a WHERE-clause in the configuration would help make this possible. Example: map_library_opt dbserver:3306:dbPerdition:tblPerdition:perdition:perditionpassword:mailserver:email:NULL:SomeExtraField='Y' Or for full flexibility allow overriding of the query like postfix or dovecot: # Perdition expects the fields "user", "servername" and "port" to be retured by the query. %u will be substituted # for what the user provided as login information map_library_query SELECT email AS user, mailserver AS servername, NULL as port FROM users WHERE email = '%u' AND SomeExtraField='Y' As an alternative, could I cheat with using query_key? query_key \U-Y map_library_opt dbserver:3306:dbPerdition:tblPerdition:perdition:perditionpassword:mailserver:CONCAT(email,'-',SomeExtraField):NULL -- Harald

5 years, 5 months

RFC8314?

by Marco

Hello, I though that implicit TLS was evil, (port 465 for SMTP submission was revoked) and STARTTLS encouraged. But I read a new RFC that promotes implicit TLS as a recommended access. https://tools.ietf.org/html/rfc8314#appendix-A Uhm... If I well understood, new SMTP,POP,IMAP services should offer implicit TLS as a favourite TLS negotiation. Anyway I hope that new versions of Perdition could support the STARTTLS/STLS for many years ;) Regards Marco

6 years, 1 month

GDBM - Querying per domain

by Miguel Ângelo Santos Pereira

Howdy folks, First of all, thank you for this awesome software. I mean, really thank you, this works flawlessly. Now, we got an issue here we have an email cluster and we're using perdition to authenticate to the proper server. Right now here's our popmap file: test@webmasterd.com:one.mxroute.com:110 test@ola.com:eagle.mxlogin.com:110 We need to add every single email there. We'd like to add like: *@domain:server:port Is this somehow possible? Exporting a domains list and a server is alright, however, emails are being created every minute, so we need to map the server as per the domain only, not the full username/email. Help would be appreciated. Cheers! -- *Com os meus melhores cumprimentos,* *Best Regards,* *Miguel Ângelo Santos Pereira*

6 years, 2 months

Secure Client-Initiated Renegotiation

by Hochreiter Martin

Running a testssl check we have one threat left on the tls port 143: Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), DoS threat Is there any chance to close that in perdition.imap4s.conf? _____________________ DI (FH) Martin Hochreiter Fachverantwortlicher Systemadministration IT und Infrastruktur Fachhochschule St. Pölten GmbH Matthias Corvinus-Straße 15, 3100 St. Pölten T: +43 (0) 2742 313 228 215 M: +43 (0) 676 847 228 215 E: <mailto:martin.hochreiter@fhstp.ac.at> martin.hochreiter(a)fhstp.ac.at I: <http://www.fhstp.ac.at/> www.fhstp.ac.at FN 146616m, LG St. Pölten, DVR 1028669F

6 years, 6 months

Outlook mobile Android - no connection possible

by Hochreiter Martin

Hi! We are using perdition 2.2 on Centos 6.9 and on the Outlook mobile (2.2.5) you cannot get imap/s to work. No matter if you use only server FQDN, or server FQDN:993 or FQDN:143 you always get Cant connect username password wrong As far as our students have told us it was working until june - gmail or other apps work fine. Any hints/tipps? _____________________ DI (FH) Martin Hochreiter Fachverantwortlicher Systemadministration IT und Infrastruktur Fachhochschule St. Pölten GmbH Matthias Corvinus-Straße 15, 3100 St. Pölten T: +43 (0) 2742 313 228 215 M: +43 (0) 676 847 228 215 E: <mailto:martin.hochreiter@fhstp.ac.at> martin.hochreiter(a)fhstp.ac.at I: <http://www.fhstp.ac.at/> www.fhstp.ac.at FN 146616m, LG St. Pölten, DVR 1028669F

6 years, 6 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users