Perdition-users

perdition-users@vergenet.net

327 discussions

Does Perdition Support TLSv1.1 and TLSv1.2

by Andreas Bauer

Hi all, I was searching the web and the mailing list, but couldn’t find an answer on this question: Does Perdition support TLS Version 1.1. and 1.2 for imaps? I tested perdition 1.19-rc5, which is included in Debian 7.4. It also includes "OpenSSL 1.0.1e 11 Feb 2013“ which does support it. When scanning with „sslscan localhost:993“, I don’t get any matching cipher, even if I’ve added them to the „ssl_listen_ciphers“ like this: ssl_listen_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS“ Thanks for your help! Cheers Andreas

10 years, 2 months

How to have plain, plain + starttls on port 143 AND ssl/tls on port 993?

by Alan McGinlay

Hi, We have long supported clients using whatever encryption scheme they choose. I am trying to get perdition running with the same level of support but am unable to have it successfully listen on both port 143 and 993 with STARTTLS and ssl/tls encryption. ssl_mode used to allow ssl_* and / or tls_* but now it's only one or the other not both. Been messing around for ages, please help! /A

10 years, 2 months

IPv6 listen syntax

by Julien Goodwin

I've just upgraded my mail box to wheezy, and at the same time enabled v6 on it, however I can't figure out what magic syntax is needed for perdition to actual listen on v6. The package in wheezy is 1.19~rc5-1+b1 which seems like it should have v6 support, but it doesn't by default listen on v6, and with what seems like the obvious setting: bind_address 0.0.0.0,:: Fails to start. Nowhere in the docs can I see any examples with v6 addresses, so I don't know if it's perhaps expecting [::] style or something different. Any pointers?

10 years, 2 months

[ANNOUNCE] perdition 2.1

by Simon Horman

Hi, I'm happy to announce the release of perdition 2.1 This is a bugfix release. Key changes since 2.0: * Apply configured ciperhsuite preferences for outpand connections. This is a fix for for CVE-2013-4584. * Use 1.0 as the managesieve version A full change log is provided by the Mercurial repository http://hg.vergenet.net/perdition/perdition/ Perdition 2.1 and the vanessa libraries that it depends on are available from: http://horms.net/linux/perdition/download/2.1/

10 years, 3 months

[PATCH] fix comment header for __perdition_ssl_log_certificate

by dkg＠fifthhorseman.net

# HG changeset patch # User dkg(a)fifthhorseman.net # Date 1391753933 18000 # Fri Feb 07 01:18:53 2014 -0500 # Node ID 851c073386f8e660920439a32c5faf0211f3149c # Parent 179fcc9a4fb8a4c6b207304db6e2c153388ce2b9 fix comment header for __perdition_ssl_log_certificate diff -r 179fcc9a4fb8 -r 851c073386f8 perdition/ssl.c --- a/perdition/ssl.c Fri Feb 07 01:10:06 2014 -0500 +++ b/perdition/ssl.c Fri Feb 07 01:18:53 2014 -0500 @@ -884,7 +884,7 @@ /********************************************************************** - * __perdition_ssl_check_certificate + * __perdition_ssl_log_certificate * Log the details of a certificate * pre: ssl: SSL object to log * cert: certificate to log

10 years, 3 months

[PATCH 0 of 3] normalize CA-loading behavior and configuration between incoming and outgoing

by dkg＠fifthhorseman.net

This series tries to make the configuration options symmetric and predictable between incoming and outgoing connections, as mentioned in Message-Id: 52F4719C.1020501(a)fifthhorseman.net. It may change the semantics for existing configurations, though!

10 years, 3 months

.dir-locals.el for perdition

by Daniel Kahn Gillmor

hi perdition folks-- I'm an emacs user. i know that's not to everyone's taste, but for those of us who use emacs, it makes it easier to work on a source file without modifying whitespace if the whitespace conventions are known to the One True text editor :P Placing the file below as .dir-locals.el in the root of the perdition tree should make it easier for emacs users to contribute patches without making accidental unnecessary whitespace changes: ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; emacs local configuration settings for perdition source ;; surmised by dkg on 2013-10-24 09:42:45-0400 ((c-mode (indent-tabs-mode . t) (tab-width . 4) (c-basic-offset . 4) (c-file-style . "linux")) ) ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; happy hacking, --dkg

10 years, 3 months

ssl on port 993 and plain / STARTTLS on port 143

by Alan McGinlay - SICS

Hi! I have installed Perdition on a server which (will) sits between my mail server and mail gateway. Currently I am just running webmail via the proxy and it works really great but my plan is to change the imap CNAME to point to the proxy so that all connections from clients (thunderbird, iphone, etc) will go via the proxy as well. I have tested this and most clients worked fine as long as they were using STARTTLS on port 143 or unencrypted connections (which won't be allowed in production) however users connecting on port 993 seem "stuck" to the real mailserver, I suspect it is some kind of SSL session thing. Users connecting with STARTTLS immediately get a password prompt when the DNS change is dected by their computer but with SSL on port 993 the client fails to connect and / or sits there trying to connect indefinately. Restarting perdition or the real mail server doesn't change that behaviour. The really weird thing is that it seemed to work for a handfull of clients. Also, when changing the DNS back, some clients then remain "stuck" to the proxy server instead (only port 993 users). I am somewhat confused by the ssl_mode settings too. Advice would be seriously appreciated :) /Alan PS: same is true for POP on port 995. PPS: The real server and the proxy have different certs, proxy has a real one whereas the imap server has a self signed.

10 years, 3 months

Perdition with Cluser mailserver

by Tjilik

Dear Simon Horman, I have cluster mail servers with IBM Domino server: server1.abc.com and server2.abc.com The data on these servers auto syncronize with Domino clustering task The configuration user1: server1.abc.com user2: server1.abc.com How solution in perdition to auto switch to server2 when server1 not available? Thank you Terima kasih Tji Lik Information System Consulting 0812-835-8838

10 years, 3 months

[ANNOUNCE] perdition 2.0

by Simon Horman

Hi, I'm happy to announce the release of perdition 2.0 This is the culmination of the 1.19-rc series of releases. A decision has been made to name the release 2.0 instead of 1.19 as there are significant changes since the release of 1.18 including support for a new protocol, managesieve. Key changes since v1.19-rc5: * Correct base64 calculation errors that resulted in managesieve authentication failing in some circumstances. * Use "imap" instead of "imap2" as default port for IMAP protocol A full change log is provided by the Mercurial repository http://hg.vergenet.net/perdition/perdition/ Perdition 2.0 and the vanessa libraries that it depends on are available from: http://horms.net/linux/perdition/download/1.19-rc5/ Debian unstable packages have been uploaded to Debian.Org and should be available in the Debian archive within 24 hours. http://packages.debian.org/source/unstable/perdition

10 years, 6 months

← Newer
1
2
3
4
5
6
7
8
9
...
33
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Perdition-users