Am 11.06.20 um 18:08 schrieb @lbutlr:
On 10 Jun 2020, at 23:19, @lbutlr <kremels@kreme.com> wrote:
On 10 Jun 2020, at 23:18, @lbutlr <kremels@kreme.com> wrote:
IF it’s not permissions you need to provide doveconf -n output. Bloglines for any fall, panic, or error level events at a minimum.
Apologies, I did not see the attachments. Will look on a real screen later.
Looks like your main problem has ben solved, but I have a couple of comments on your doveconf:
args = scheme=CRYPT
CRYPT is a poor choice. SHA256-CRYPT is a decent choice. SHA512-CRYPT too. I din't go with ARGON because at the time my toolchain didn't support libsodium and my machine doesn't have the memory for it.
Thank you! I actually set this to a better value for each password in the passwd-file explicit, but it seems to be a good idea to change the default value in the config as well.
ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
Why are you doing this?
I set this according to this page: https://weakdh.org/sysadmin.html It was recommended in the ArchLinux wiki page for dovecot, but it might be outdated.