fripost-ansible/roles/IMAP/files/usr/local, branch master Fripost ansible scripts dovecot-auth-proxy: replace directory traversal with LDAP lookups. 2020-05-21T00:26:16+00:00 Guilhem Moulin guilhem@fripost.org 2020-05-20T23:35:28+00:00 5118f8d3394579a245b355c863c69410fe92e26e This provides better isolation opportunity as the service doesn't need to run as ‘vmail’ user. We use a dedicated system user instead, and LDAP ACLs to limit its access to the strict minimum. The new solution is also more robust to quoting/escaping, and doesn't depend on ‘home=/home/mail/virtual/%d/%n’ (we might use $entryUUID instead of %d/%n at some point to make user renaming simpler). OTOH we no longer lists users that have been removed from LDAP but still have a mailstore lingering around. This is fair. 
This provides better isolation opportunity as the service doesn't need
to run as ‘vmail’ user.  We use a dedicated system user instead, and
LDAP ACLs to limit its access to the strict minimum.

The new solution is also more robust to quoting/escaping, and doesn't
depend on ‘home=/home/mail/virtual/%d/%n’ (we might use $entryUUID
instead of %d/%n at some point to make user renaming simpler).

OTOH we no longer lists users that have been removed from LDAP but still
have a mailstore lingering around.  This is fair.
dovecot-auth-proxy: Bump protocol version to 2.2. 2020-05-20T13:27:50+00:00 Guilhem Moulin guilhem@fripost.org 2020-05-20T13:19:16+00:00 1df4c30a95abd9e7c6352e2b3d2766281c3e591d This a regression rom 829f4d830aefedd95a75e61cfc9aa3e03f039c6f. There are no relevant interface changes between 2.2.27 (stretch) and 2.3.4 (buster) cf. `git diff 2.2.27..2.3.4 src/lib-dict/dict-client.h` and https://github.com/dovecot/core/commits/2.3.4/src/lib-dict/dict-client.h . 
This a regression rom 829f4d830aefedd95a75e61cfc9aa3e03f039c6f.

There are no relevant interface changes between 2.2.27 (stretch) and
2.3.4 (buster) cf. `git diff 2.2.27..2.3.4 src/lib-dict/dict-client.h`
and https://github.com/dovecot/core/commits/2.3.4/src/lib-dict/dict-client.h .
Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch. 2018-12-09T19:25:40+00:00 Guilhem Moulin guilhem@fripost.org 2018-12-09T17:41:06+00:00 e2ddcfc51f66c2a52a401064eab005e793f148ee 






dovecot-auth-proxy: Fix synopsis line.
2017-06-05T14:55:32+00:00

Guilhem Moulin
guilhem@fripost.org

2017-06-05T14:55:32+00:00

c8da650022bdf56cae59c3e41733742829e0f049












dovecot: enable user iteration and add a cronjob for `doveadm purge -A`
2017-06-05T14:44:46+00:00

Guilhem Moulin
guilhem@fripost.org

2017-06-02T12:25:21+00:00

b7a7ceb88ed5b44959920cde170bc6aaa83026bb












IMAP: new script list-users.
2017-05-14T13:00:16+00:00

Guilhem Moulin
guilhem@fripost.org

2017-05-14T13:00:16+00:00

40eaa53a7bcfbf2f120ebff70e06a4657efcb8a7