| View previous topic :: View next topic |
| Author |
Message |
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
 Posted: Thu Jul 28, 2005 2:13 pm Post subject: [CLOSED] Dovecot and Xinetd |
 |
|
Well, I have managed to get DC working and my God is is BLISTERINGLY fast compared to courier-imap. I STRONGLY and HIGHLY recommend that you call change over!!!  One quick question though, DC would not start as xinetd help the imap-ssl service on port 993. I had to stop xinetd to release port 993 and then start DC.
This is fine for now, but when the server boots in a couple of months, the chances are that DC will start after xinetd and hang. Is there anyway that I can turn off imap-ssl in DC for the moment?
Last edited by trossachs on Thu Jul 28, 2005 3:04 pm; edited 1 time in total |
|
| Back to top |
|
 |
depontius
Advocate
Joined: 05 May 2004
Posts: 3526
|
| Posted: Thu Jul 28, 2005 3:01 pm Post subject: |
|
|
Why are you letting xinetd start imaps at all? What is xinetd calling when someone tries to connect to the imaps port? Seems to me that if you've converted to Dovecot, then you've converted to Dovecot, and nobody else should have any business on either imap or imaps ports. Do you want someone other than Dovecot to be handling imaps?
Yes, you can turn off imaps in Dovecot, but it seems to me that what you should do is either remove both imap and imaps from /etc/xinetd.d, or go into /etc/xinetd/imap(s) and change "disable = no" to "disable = yes".
BTW, I switched servers a while back. The old server ran UW-IMAP on RedHat. The new server runs Dovecot on Gentoo.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
| Posted: Thu Jul 28, 2005 3:04 pm Post subject: |
|
|
That was a bit stupid wasn't it!  All disabled and done. Thanks depontius...  |
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3526
|
| Posted: Thu Jul 28, 2005 3:56 pm Post subject: |
|
|
Sorry for my demeaner, I wasn't meaning to call anyone stupid. When I first began using imap, it was with Cyrus, so I've moved servers twice, now. It can be a pain in the neck switching, and for all I knew you were doing something like that. But in the cold light of day, it's a heck of a lot easier to do when you've got two separate systems, and can move from one server on one system to a different server on the other. But I have used the imap/imaps trick to move between servers on one system. Pain in the neck.
I've been quite happy with Dovecot. My home install runs it, and in April I moved my mom's system to use it. She's one user on one computer, but tends to be "hard" on her computer and its data. She lives by her email, communicating with her family, so I figured it's safest out of her account.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
| Posted: Thu Jul 28, 2005 4:07 pm Post subject: |
|
|
| No offence taken mate. Believe me I have, in the last hour, seen a 100% increase in Webmail speed by using Dovecot rather than Courier-imap. And yes you are correct, it is ok if you have two systems to play with to experiment, but I don't have that. And who wants to have two mail servers with a user base under 200? It's not worth it. |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
| Posted: Thu Jul 28, 2005 4:09 pm Post subject: |
|
|
I just changed to dovecot - but for different reasons. courier-imap took an age to install from source, is bloated and isn't maintained in Gentoo at this time.
Another plus is that it uses saslauthd - just like postfix, so I don't have to run courier-authlib which means less resources.
I also like the way that dovecot is going - I even expressed my wish for GSSAPI authentication over at their wiki. |
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3526
|
| Posted: Thu Jul 28, 2005 4:52 pm Post subject: |
|
|
Can you tell me a little more about saslauthd?
I began following a long and tortured path over a year ago, and am still barely off the starting block. I'm trying to get Single System Sign-on, and I've found 2 documents purporting to help do that. The second one I found was Gentoo-based, so I've been using it. It's a mix of OpenLDAP, Heimdal Kerberos, SASL, and various little utilities like pam_ldap. I have OpenLDAP set up and running, but haven't been able to get a schema loaded in, it seems because I'm making some sort of stupid SSL mistake.
But I know that's not your topic, saslauthd is. I'll need to get into SASL too, and it might even be worthwhile moving things onto SASL authentication, even before I move SASL onto LDAP/Kerberos. At any rate, from what I've read on the OpenLDAP list, SASL is far from trivial, so I'm always open to collect insights. The OpenLDAP list also seems to have a serious OpenLDAP-only bent to it, and sometimes isn't terribly fond of helping with integration projects like this.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3526
|
| Posted: Thu Jul 28, 2005 7:21 pm Post subject: |
|
|
That's the one I'm using. As I said, I'm mired in SSL problem and can't get my schema loaded into OpenLDAP. Maybe I'll just blow away all of my certificates and CA, and start over.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
|
Networking & Security
