multiple doveadm ports?
Hello,
I am trying to add another doveadm listener but am struggling with that. The primary reason is that I want to enable replication between two systems and want the replication to be encrypted using TLS. However there are also other doveadm clients locally that are not using TLS and I don´t want to touch all of them.
I tried to define something like service doveadm { inet_listener { port = 2425 } inet_listener { port = 2426 ssl = true } } But didn´t get that to work. Is that not possible?
I also tried service doveadm { inet_listener { port = 2425 } inet_listener http { port = 2426 ssl = yes } }
but then I failed with plugin { mail_replica = https:dove2.example.com:2426 }
Can someone please share what is supported and what not, or any pointer to documentation that does? Thanks a lot! Regards, Joachim
On 02/03/2022 10:08 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello,
I am trying to add another doveadm listener but am struggling with that. The primary reason is that I want to enable replication between two systems and want the replication to be encrypted using TLS. However there are also other doveadm clients locally that are not using TLS and I don´t want to touch all of them.
I tried to define something like service doveadm { inet_listener { port = 2425 } inet_listener { port = 2426 ssl = true } } But didn´t get that to work. Is that not possible?
I also tried service doveadm { inet_listener { port = 2425 } inet_listener http { port = 2426 ssl = yes } }
but then I failed with plugin { mail_replica = https:dove2.example.com:2426 }
Can someone please share what is supported and what not, or any pointer to documentation that does? Thanks a lot! Regards, Joachim
There is no https support in mail replica, just tcps.
Aki
Hello Aki, Thanks for that clarification. All, and what about tcp + tcps listeners? I guess also not supported? Thanks Joachim
-----Ursprüngliche Nachricht----- Von: Aki Tuomi aki.tuomi@open-xchange.com Gesendet: Wednesday, 2 March 2022 09:13 An: Joachim Lindenberg dovecot@lindenberg.one; dovecot@dovecot.org Betreff: Re: multiple doveadm ports?
On 02/03/2022 10:08 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello,
I am trying to add another doveadm listener but am struggling with that. The primary reason is that I want to enable replication between two systems and want the replication to be encrypted using TLS. However there are also other doveadm clients locally that are not using TLS and I don´t want to touch all of them.
I tried to define something like service doveadm { inet_listener { port = 2425 } inet_listener { port = 2426 ssl = true } } But didn´t get that to work. Is that not possible?
I also tried service doveadm { inet_listener { port = 2425 } inet_listener http { port = 2426 ssl = yes } }
but then I failed with plugin { mail_replica = https:dove2.example.com:2426 }
Can someone please share what is supported and what not, or any pointer to documentation that does? Thanks a lot! Regards, Joachim
There is no https support in mail replica, just tcps.
Aki
Those inet listeners are just fine as long as you keep 'http' out of them.
Aki
On 02/03/2022 10:23 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello Aki, Thanks for that clarification. All, and what about tcp + tcps listeners? I guess also not supported? Thanks Joachim
-----Ursprüngliche Nachricht----- Von: Aki Tuomi aki.tuomi@open-xchange.com Gesendet: Wednesday, 2 March 2022 09:13 An: Joachim Lindenberg dovecot@lindenberg.one; dovecot@dovecot.org Betreff: Re: multiple doveadm ports?
On 02/03/2022 10:08 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello,
I am trying to add another doveadm listener but am struggling with that. The primary reason is that I want to enable replication between two systems and want the replication to be encrypted using TLS. However there are also other doveadm clients locally that are not using TLS and I don´t want to touch all of them.
I tried to define something like service doveadm { inet_listener { port = 2425 } inet_listener { port = 2426 ssl = true } } But didn´t get that to work. Is that not possible?
I also tried service doveadm { inet_listener { port = 2425 } inet_listener http { port = 2426 ssl = yes } }
but then I failed with plugin { mail_replica = https:dove2.example.com:2426 }
Can someone please share what is supported and what not, or any pointer to documentation that does? Thanks a lot! Regards, Joachim
There is no https support in mail replica, just tcps.
Aki
Thanks. Got TLS connection working now. However I get a replication failure for one user (with a large mail archive) using TLS. Trying
doveadm -D sync -u 'largemailboxuser@example.com' -d -N -l 30 -U
I see at the end: ... 2022-03-02 13:06:20 doveadm(1181): Debug: dict(file): dict destroyed 2022-03-02 13:06:20 doveadm(1181): Debug: dict(proxy): Waiting for dict to finish pending operations 2022-03-02 13:06:20 doveadm(1181): Debug: dict(proxy): dict destroyed 2022-03-02 13:06:20 doveadm(1181): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=124,uid=0): Disconnected: Connection closed (fd=9)
I got this twice. Switching back to not using TLS I don´t get a replication failure. Any thoughts?
Thanks, Joachim
-----Ursprüngliche Nachricht----- Von: Aki Tuomi aki.tuomi@open-xchange.com Gesendet: Wednesday, 2 March 2022 09:24 An: Joachim Lindenberg dovecot@lindenberg.one; dovecot@dovecot.org Betreff: Re: AW: multiple doveadm ports?
Those inet listeners are just fine as long as you keep 'http' out of them.
Aki
On 02/03/2022 10:23 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello Aki, Thanks for that clarification. All, and what about tcp + tcps listeners? I guess also not supported? Thanks Joachim
-----Ursprüngliche Nachricht----- Von: Aki Tuomi aki.tuomi@open-xchange.com Gesendet: Wednesday, 2 March 2022 09:13 An: Joachim Lindenberg dovecot@lindenberg.one; dovecot@dovecot.org Betreff: Re: multiple doveadm ports?
On 02/03/2022 10:08 Joachim Lindenberg dovecot@lindenberg.one wrote:
Hello,
I am trying to add another doveadm listener but am struggling with that. The primary reason is that I want to enable replication between two systems and want the replication to be encrypted using TLS. However there are also other doveadm clients locally that are not using TLS and I don´t want to touch all of them.
I tried to define something like service doveadm { inet_listener { port = 2425 } inet_listener { port = 2426 ssl = true } } But didn´t get that to work. Is that not possible?
I also tried service doveadm { inet_listener { port = 2425 } inet_listener http { port = 2426 ssl = yes } }
but then I failed with plugin { mail_replica = https:dove2.example.com:2426 }
Can someone please share what is supported and what not, or any pointer to documentation that does? Thanks a lot! Regards, Joachim
There is no https support in mail replica, just tcps.
Aki
participants (2)
-
Aki Tuomi
-
Joachim Lindenberg