best authentification with ldap
hi, my goal is to use cyrus with ldap authentification (debian testing) for the moment I use SASL +sasldb + pam which work without any problem but i wonder if it the best solution cyril --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
sasl + ldap +CRAM-MD5
hi, here is my problem, I want cyrus to use the login and password from my ldap server I manage to make it work using saslauthd +pam +ldap or saslauthd + ldap in both case I can only use the plaintext authentification it seem normal for the pam solution but maybe there is more to do to make it work with ldap (saslauthd -a ldap -O /etc/saslauthd.conf) my saslauthd.conf ldap_servers: ldap://192.168.1.81 ldap_bind_dn: cn=admin,dc=sys,dc=org ldap_password: azerty ldap_version: 3 ldap_search_base: ou=People,dc=sys,dc=org ldap_timeout: 10 ldap_filter: uid=%u When I trying to log using imtest -m CRAM-MD5 -u cyril localhost I've got in /var/log/auth.log Mar 24 12:24:19 phil cyrus/imapd[3457]: OTP unavailable because can't read/write key database /etc/opiekeys: No such file or directory Mar 24 12:24:28 phil cyrus/imapd[3457]: no secret in database Is there a way to make my server to be a little more secure (without using ssl) hope you can help me cyril --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
directory name
hello I need to create folder with accent in th e name like "Tâches" or "éléments supprimés" but this name doesn't seem to be compatible with cyrus policy. Is there a way to have this name for a folder ??? I ve got the error with "cm Tâches" createmailbox: Invalid mailbox name thanks for you help cyril --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: mail to multiple users
hi do you have an example of a good configuration for the transport table thank Rich Wohlstadter a écrit : What would the MTA have to tell cyrus to do that, if even possible? the MTA would have to be configured to use LMTP to send the message and send the multiple recipients in one submission to the LMTP socket. One thing I found is that if your using postfix, you cannot configure it to use the local delivery daemon because it would break the email up into individual email and send them all seperate to the lmptd daemon. If you use postfix you need to create a transport table and bypass the local delivery daemon. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
high-availability again
Hi I'v seen in the list lot of discussion about availabity but none of them seem to give a complete answers I have been asked to build an high-availability for 5000 users I was wondering what is actually the best solution Using murder Idon' t really understand if it can help me. it's purpose is for load balancing. but some people on this list seem to use it for availabily like this - Server A - active accounts 1-100 - replicate accounts 101-200 from Server B - Server B - active accounts 101-200 - replicate accounts 1-100 from Server A If B goes down, A takes over the accounts it had replicated from B. if someone can explain the detail of this conf ? - the tool use to replicate ? - what configuration of the MUPDATE make it to switch the user to server A from B ?? Replication with rsync see to slow the 5000 user Cluster with block device but if you have a heavily corrupted filesystem. yau are stuck. and recovery can be long Using a SAN : Connect your two servers to a SAN, and store all of Cyrus' data on one LUN, which both servers have access to. Then, set your cluster software to automatically mount the file system before starting Cyrus. but if you have a heavily corrupted filesystem. yau are stuck. and recovery can be long --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: high-availability again
Hi, Ok the solution with SAN seems good but did someone try this with the linx virtual server (lvs) ??? Dave McMurtrie a écrit : zorg wrote: Hi I'v seen in the list lot of discussion about availabity but none of them seem to give a complete answers I have been asked to build an high-availability for 5000 users I was wondering what is actually the best solution Using murder Idon' t really understand if it can help me. it's purpose is for load balancing. Murder, by itself does not give you high availability. It does give you scalability. but some people on this list seem to use it for availabily like this - Server A - active accounts 1-100 - replicate accounts 101-200 from Server B - Server B - active accounts 101-200 - replicate accounts 1-100 from Server A If B goes down, A takes over the accounts it had replicated from B. if someone can explain the detail of this conf ? - the tool use to replicate ? - what configuration of the MUPDATE make it to switch the user to server A from B ?? I'm not familiar with this. Replication with rsync see to slow the 5000 user It'd be tough to do this real-time. We used to have a setup where we'd rsync to a standby server each night. The plan was to use it as a warm-standy in case the primary server would happen to fail. Fortunately that never happened. Cluster with block device but if you have a heavily corrupted filesystem. yau are stuck. and recovery can be long I'm not sure exactly what you mean here, but I think it's safe to say that any time you have a corrupted filesystem it's bad whether it's a clustered filesystem or not. Using a SAN : Connect your two servers to a SAN, and store all of Cyrus' data on one LUN, which both servers have access to. Then, set your cluster software to automatically mount the file system before starting Cyrus. We're doing this. We have a 4-node Veritas cluster with all imap data residing on a SAN. Overall it's working quite well. We had to make some very minor cyrus code changes so it'd get along well with Veritas' cluster filesystem. This setup gives us high availability and scalability. but if you have a heavily corrupted filesystem. yau are stuck. and recovery can be long Again, yes. It would be bad if we had a corrupt filesystem. Thanks, Dave --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: high-availability again
Hi c ould you give me just some more explaination of what is the stage./ files used during LMTP delivery have unique filenames so if i underdstand what you saying. if the stage./ files used during LMTP delivery is the same for all the node of the cluster share the same SAN then there won't be any problem thank Ben Carter a écrit : Dave McMurtrie wrote: Amos wrote: What sort of changes did you have to make? We just had to change map_refresh() to call mmap() with MAP_PRIVATE instead of MAP_SHARED. Since mmap() is being called with PROT_READ anyway, this doesn't affect the operation of the application since the mapped region can never be updated. Veritas CFS was not very efficient about maintaining cache coherency across all cluster nodes when we were using MAP_SHARED. Everything worked, but under heavy load it became extremely slow. Actually, the important code change for any active/active cluster configuration is to make sure the stage./ files used during LMTP delivery have unique filenames across the cluster. There are some other setup differences related to this same issue such as symlinking /var/imap/proc, /var/imap/socket, and if you care /var/imap/log to local filesystem space on each cluster node. You could make these filenames unique across the cluster with code changes if you want to make the code changes for these also. We added a "clusternode" parameter to imapd.conf to accomplish this for the LMTP stage./ files. Otherwise, it just worked. Ben --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: backup without stopping the imap server?
Markus Heller a écrit : Dear list, I would like to ask once again as I have not received a positive answer yet. Does the cyrus imap server meanwhile offer the feature of a seemless / checkpointed backup that does not require to stop the service? Thanks in advance, Markus --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html I'm using LVM snapshot on linux box and it work perfectly --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
server work but strange log
Hello, I have diiferent server but the last one i have installed seem to work without any problem but I have this log which appear all the time don't really know what is it and how to get rid of this here is the log Dec 13 10:48:25 server cyrus/imapd[21129]: _sasl_plugin_load failed on sasl_server_plug_init for plugin: kerberos4 Dec 13 10:48:32 server cyrus/imapd[21130]: server add_plugin entry_point error generic failure here is my imap.conf configdirectory: /var/lib/cyrus defaultpartition: default partition-default: /var/spool/cyrus/mail partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: yes admins: cyrus allowanonymouslogin: no popminpoll: 1 autocreatequota: 0 umask: 077 sieveusehomedir: false sievedir: /var/spool/sieve hashimapspool: true allowplaintext: yes sasl_mech_list: PLAIN sasl_pwcheck_method: saslauthd sasl_auto_transition: no tls_cert_file: /var/lib/cety/imap.fontaine38.fr.crt tls_key_file: /var/lib/cety/imap.fontaine38.fr.key tls_ca_file: /var/lib/cety/imap.fontaine38.fr.csr tls_ca_path: /etc/ssl/certs tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
sieve script and notify
Hi
I want to be notify to a another adress when a mail arrive so i try this
script and other without any success
can someone can explain me what am i doing wrong
require
["fileinto","reject","vacation","imapflags","relational","regex","notify"];
if true {
notify :method "mailto" :options "cy...@zorg.com"
:message "test";
}
thanks
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieve script and notify
Hi have manage to make it work by changing
sievenotifier: mailto in /etc/imap.conf
but don't know all the option og notify
Le 16/02/2011 00:04, zorg a écrit :
> Hi
> I want to be notify to a another adress when a mail arrive so i try this
> script and other without any success
> can someone can explain me what am i doing wrong
>
> require
> ["fileinto","reject","vacation","imapflags","relational","regex","notify"];
> if true {
>notify :method "mailto" :options "cy...@zorg.com"
>:message "test";
>
>}
>
> thanks
>
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
implementation of enotify in sieve
hi is it plan to implement enotify sieve rfc in cyrus http://tools.ietf.org/html//rfc5435 thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
auxprop ldapdb
Hello the documentation is not very clear to me If I want to use auxprop with ldapdb Do i have to store my user password in clear in ldap or is the another solution For the moment I m using saslauthd.conf but I wonder if I can use auxprop to be more secure Thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
virtual domain rename domain
Hello I have a virtual domain call foo.com with 60 mailbox I want to move/rename all my mailbox with the domain barr.com How can i do it Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Simple replication question
Hello I ve one cyrus imap server I want to create a replicated one I have read the documentation but nothing explain how two start the first replication If my slave master is empty how can i synchronise them the first time Thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
caldav and invitation
Hello I try to configure my cyrus to use caldav correctly Caldav working nice but when I try to invite someone nothing happen Let me explain I have to user "t...@test.domain.com" and "t...@test.domain.com" if t...@test.domain.com create a event and invite t...@test.domain.com i ve got this in the log imip_send_sendmail(t...@test.domain.com): Sendmail process terminated normally, exit status 0 But if i look in the calendar of titi or in the mailbox I see nothing (I ve have been testing with thunderbird and evolution) There is nothing explaining well how it is supposed to work in the cyrus documentation so maybe i'm missing something does someone could explain what to expect when i invite someone in a event Hope I'm clear Thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: caldav and invitation
Yes i have server handles invitations and same thing with thunderbird Le 10/11/2019 à 15:13, Adam Tauno Williams a écrit : i ve got this in the log imip_send_sendmail(t...@test.domain.com): Sendmail process terminated normally, exit status 0 But if i look in the calendar of titi or in the mailbox I see nothing (I ve have been testing with thunderbird and evolution) There is nothing explaining well how it is supposed to work in the cyrus documentation so maybe i'm missing something does someone could explain what to expect when i invite someone in a even Do you have "server handles invitations" in the account setup in Evolution? Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Create ics in another calendar (internal server error)
Hi Let me explain I want my admin to write event in default calendar of my user For example myad...@my.domain.com need to create event in user/myuser1/#calendars/Default put every time i this to add event (thunderbird, evolution, curl ) i have this in the log "HTTP/1.1 500 Internal Server Error" (error=The server encountered an internal error.) What am i missing ? Here is the mailbox i have and acl user/myuser1/#calendars/attachme...@my.domain.com (\HasNoChildren) user/myuser1/#calendars/defa...@my.domain.com (\HasNoChildren) user/myuser1/#calendars/in...@my.domain.com (\HasNoChildren) user/myuser1/#calendars/out...@my.domain.com (\HasNoChildren) user/myuser1/#calend...@my.domain.com (\HasNoChildren) user/myuser1/#notificati...@my.domain.com (\HasNoChildren) user/myus...@my.domain.com (\HasNoChildren) user/myus...@my.domain.com: myad...@my.domain.com lrswipkxtecdan myus...@my.domain.com lrswipkxtecdan user/myuser1/#calend...@my.domain.com: anyone 9 myad...@my.domain.com lrswipkxtecdan9 myus...@my.domain.com lrswipkxtecdan9 user/myuser1/#calendars/attachme...@my.domain.com: myus...@my.domain.com lrswipkxtecdan myad...@my.domain.com lrswipkxtecdan9 anyone r user/myuser1/#calendars/defa...@my.domain.com: anyone 9 myad...@my.domain.com lrswipkxtecdan9 myus...@my.domain.com lrswipkxtecdan9 user/myuser1/#calendars/in...@my.domain.com: myad...@my.domain.com lrswipkxtecdan9 anyone 789 myus...@my.domain.com lrswipkxtecdan789 user/myuser1/#calendars/out...@my.domain.com: myad...@my.domain.com lrswipkxtecdan9 anyone 9 myus...@my.domain.com lrswipkxtecdan789 user/myuser1/#notificati...@my.domain.com: myus...@my.domain.com lrswipkxtecdan myad...@my.domain.com lrswipkxtecdan9 Thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Create ics in another calendar (internal server error)
Hello, Nothing more in my log I manage to solve this issue in the debian changelog i have read that cyrus-imapd (3.0.8-6+deb10u3) buster-security; urgency=medium * Add patch to avoid mailbox creation as administrator (Closes: #CVE-2019-19783) So I have try to create the mail and the default calendar folder for myadmin Now it work Can't really explain without reading the code but it work (after some tests it work with only mailbox) So what i understand is that to write events in another calendar Thank Le 28/01/2020 à 10:26, Robert Stepanek a écrit : On Tue, Jan 28, 2020, at 10:22 AM, Zorg wrote: put every time i this to add event (thunderbird, evolution, curl ) i have this in the log "HTTP/1.1 500 Internal Server Error" (error=The server encountered an internal error.) Do you see any indicative error message in the log file (e.g. syslog)? Cheers, Robert Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Create calendar as admin and set the displayname
Hi Let me explain. I want my admin to create the calendar for myuser (setting the displayname and the supported-calendar-component-set) For example myad...@my.domain.com create user/myuser1/#calendars/Default using file mkcal.xml : xmlns:C="urn:ietf:params:xml:ns:caldav">My super calendar Mon calendrier xmlns:C="urn:ietf:params:xml:ns:caldav"> curl -v --user myad...@my.domain.com :12341234 --header "Content-Type: text/xml" -d @mkcal.xml -X MKCALENDAR http://192.168.45.42:8008/dav/calendars/user/myus...@mydomain.com/Default but if myuser connect the calendar is create but hte displayname and the supported-calendar-component-set and not set the admin see everything ok (the displayname and the supported-calendar-component-set) does it the way it should work ? and is there a way to set displayname and the supported-calendar-component-set for everyone the same ? Thanks Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
nginx as a proxy and https
Hi
Another question about caldav
I want to server it behind a proxy with nginx
Does someone have a conf example that work
because I have try this, but for the moment, I manage to make it work
without problem with davx, thunderbird, evolution but not with
iphone (OS/13.3 ,iOS/10.3.4)
I'm not really sure that it come from nginx maybe it's because i have
login like myus...@dav.mydomain.com
here is my log
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /.well-known/caldav HTTP/1.1" 301 0 "-" "iOS/10.3.4 (14G61)
accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND / HTTP/1.1" 207 280 "-" "iOS/10.3.4 (14G61) accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /principals/ HTTP/1.1" 405 347 "-" "iOS/10.3.4 (14G61)
accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /calendar/dav/myuser1%40dav.mydomain.com/user/ HTTP/1.1" 405
347 "-" "iOS/10.3.4 (14G61) accountsd/1.0"
but with davx i have (the %40 is replace by @)
81.82.83.84- myus...@dav.mydomain.com [03/Feb/2020:19:21:35 +0100]
"PROPFIND /dav/calendars/user/myus...@dav.mydomain.com/ HTTP/1.1" 207
616 "-" "DAVx5/2.6.3.1-ose (2020/01/18; dav4jvm; okhttp/3.12.6) Android/9"
here is my conf
server {
listen 443 ssl;
server_name dav.mydomain.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_dhparam /etc/ssl/dhparam.pem;
access_log /var/log/nginx/dav.ssl.access.log;
root /home/public;
location / {
proxy_pass http://192.168.12.24:8008/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
}
ssl_certificate
/etc/letsencrypt/live/dav.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key
/etc/letsencrypt/live/dav.mydomain.com/privkey.pem; # managed by Certbot
}
thanks
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
[SOLVED] nginx as a proxy and https
After searching a bit
I found this in cyrus log
Feb 2 13:59:50 caldav cyrus/http[28032]: [192.168.12.240] with
"Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Thunderbird/68.4.2 Lightning/68.4.2"; "PROPFIND /.well-known/caldav/
HTTP/1.0" (depth=0) => "HTTP/1.1 301 Moved Permanently"
(location=http://dav.mydomain.com/dav/calendars/)
I have notice that in the response it was "location=http" not
"location=https "
So to force cyrus to answer with https, I have modify cyrus conf
(imap.conf and cyrus.conf) to activate https and my nginx conf to proxy
to the cyrus https port (8443) by changing this line in my conf
proxy_pass http://192.168.12.24:8443/;
And now it work like a charm
Feb 2 14:45:52 caldav cyrus/http[28043]: [192.168.12.240] with
"Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Thunderbird/68.4.2 Lightning/68.4.2"; "PROPFIND /.well-known/caldav/
HTTP/1.0" (depth=0) => "HTTP/1.1 301 Moved Permanently"
(location=https://dav.mydomain.com/dav/calendars/)
Thanks
Le 03/02/2020 à 20:23, Zorg a écrit :
Hi
Another question about caldav
I want to server it behind a proxy with nginx
Does someone have a conf example that work
because I have try this, but for the moment, I manage to make it work
without problem with davx, thunderbird, evolution but not with
iphone (OS/13.3 ,iOS/10.3.4)
I'm not really sure that it come from nginx maybe it's because i have
login like myus...@dav.mydomain.com
here is my log
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /.well-known/caldav HTTP/1.1" 301 0 "-" "iOS/10.3.4 (14G61)
accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND / HTTP/1.1" 207 280 "-" "iOS/10.3.4 (14G61) accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /principals/ HTTP/1.1" 405 347 "-" "iOS/10.3.4 (14G61)
accountsd/1.0"
81.82.83.84 - myus...@dav.mydomain.com [03/Feb/2020:11:28:05 +0100]
"PROPFIND /calendar/dav/myuser1%40dav.mydomain.com/user/ HTTP/1.1" 405
347 "-" "iOS/10.3.4 (14G61) accountsd/1.0"
but with davx i have (the %40 is replace by @)
81.82.83.84- myus...@dav.mydomain.com [03/Feb/2020:19:21:35 +0100]
"PROPFIND /dav/calendars/user/myus...@dav.mydomain.com/ HTTP/1.1" 207
616 "-" "DAVx5/2.6.3.1-ose (2020/01/18; dav4jvm; okhttp/3.12.6)
Android/9"
here is my conf
server {
listen 443 ssl;
server_name dav.mydomain.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_dhparam /etc/ssl/dhparam.pem;
access_log /var/log/nginx/dav.ssl.access.log;
root /home/public;
location / {
proxy_pass http://192.168.12.24:8008/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
}
ssl_certificate
/etc/letsencrypt/live/dav.mydomain.com/fullchain.pem; # managed by
Certbot
ssl_certificate_key
/etc/letsencrypt/live/dav.mydomain.com/privkey.pem; # managed by Certbot
}
thanks
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
httpd server signature off
Hi for security reason i want to get rid off Cyrus-HTTP/3.0.6-Debian-3.0.6-6+deb1u1 Cyrus-SASL/2.1.23 OpenSSL/1.1 Zlib/1.2.10 LibXML2.9.5 SQLite/3.21.1 LibiCal/3.0 ICU4C/63.1 Jansson/2.12 Server at cyrus.domain.com Port 9443 like apache using ServerTokens Prod or ServerSignature Off Have I try serverinfo: off in imapd.conf but it don't work What should i do Cyril Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
