Debian Bug report logs - #1011037
dovecot-core: dovecot fail imap login

Reply or subscribe to this bug.

Display info messages

Message #5 received at [email protected] (full text, mbox, reply):

From: Robin Cook <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: dovecot-core: dovecot fail imap login

Date: Sun, 15 May 2022 18:56:05 -0500

Package: dovecot-core
Version: 1:2.3.18+dfsg1-1+b2
Severity: important

Dear Maintainer,

   * Started noticing that email clients couldn't get mail
   * If I disable SSL/STARTTLS and set clients to login with just password it then able to connect

-- Package-specific info:

dovecot configuration
---------------------
# 2.3.18 (9dd8408c18): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.18 (0bc28b32)
# OS: Linux 5.16.0-6-amd64 x86_64 Debian bookworm/sid 
# Hostname: phlare.wyrms.net
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  ___location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap sieve"
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
ssl = no
ssl_cert = </etc/letsencrypt/live/phlare.wyrms.net/fullchain.pem
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = passwd
}

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-6-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dovecot-core depends on:
ii  adduser              3.121
ii  init-system-helpers  1.62
ii  libapparmor1         3.0.4-2
ii  libbz2-1.0           1.0.8-5
ii  libc6                2.33-7
ii  libcap2              1:2.44-1
ii  libcrypt1            1:4.4.27-1.1
ii  libexttextcat-2.0-0  3.4.5-1
ii  libicu71             71.1-3
ii  liblua5.4-0          5.4.4-2
ii  liblz4-1             1.9.3-2
ii  liblzma5             5.2.5-2.1
ii  libpam-runtime       1.4.0-13
ii  libpam0g             1.4.0-13
ii  libsodium23          1.0.18-1
ii  libssl1.1            1.1.1o-1
ii  libstemmer0d         2.2.0-1
ii  libsystemd0          250.4-1
ii  libtirpc3            1.3.2-2
ii  libunwind8           1.3.2-2
ii  libwrap0             7.6.q-31
ii  libzstd1             1.5.2+dfsg-1
ii  lsb-base             11.1.0
ii  openssl              3.0.3-3
ii  ssl-cert             1.1.2
ii  ucf                  3.0043
ii  zlib1g               1:1.2.11.dfsg-4

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
pn  dovecot-gssapi        <none>
ii  dovecot-imapd         1:2.3.18+dfsg1-1+b2
pn  dovecot-ldap          <none>
pn  dovecot-lmtpd         <none>
ii  dovecot-lucene        1:2.3.18+dfsg1-1+b2
ii  dovecot-managesieved  1:2.3.18+dfsg1-1+b2
pn  dovecot-mysql         <none>
pn  dovecot-pgsql         <none>
pn  dovecot-pop3d         <none>
ii  dovecot-sieve         1:2.3.18+dfsg1-1+b2
pn  dovecot-solr          <none>
ii  dovecot-sqlite        1:2.3.18+dfsg1-1+b2
pn  dovecot-submissiond   <none>
pn  ntp                   <none>

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.3.18+dfsg1-1+b2
pn  dovecot-dev                    <none>
pn  dovecot-gssapi                 <none>
ii  dovecot-imapd                  1:2.3.18+dfsg1-1+b2
pn  dovecot-ldap                   <none>
pn  dovecot-lmtpd                  <none>
ii  dovecot-managesieved           1:2.3.18+dfsg1-1+b2
pn  dovecot-mysql                  <none>
pn  dovecot-pgsql                  <none>
pn  dovecot-pop3d                  <none>
ii  dovecot-sieve                  1:2.3.18+dfsg1-1+b2
ii  dovecot-sqlite                 1:2.3.18+dfsg1-1+b2

-- no debconf information

Message #10 received at [email protected] (full text, mbox, reply):

From: Mariana <[email protected]>

To: [email protected]

Subject: no subject

Date: Tue, 22 Nov 2022 04:09:50 +0100

Greetings,

Your own information out of your devices was copied to my personal storing with a assistance from my customized virus thru the wireless network, I had the opportunity to gain access to your system via the wifi device which you were linked to, a couple weeks earlier and I also currently have all the online-passwords and permission to access your social networking e-mail, contacts, and so forth.

The authorised driver kind as well as its other online fingerprints constantly changes & isn't trackable nor it's noticeable by different antivirus software.
But that's not all, I also got an permission to access your web cam and your internet browser history and what is happening in your display screen. Well I seen that you enjoy to see several mature web-sites & you do this frequently & it is likely you currently realize why I waited this long to message you. So anyway I glued a couple of your jerking footage with the screen footage & right now I demand an oscar. It is currently up to you to be able to decide if this video along with all your sensitive information will be revealed to all your contacts online community buddies or not. I'm presuming this really can ruin your status. 

However, there is definitely the right way to solve this: You will need to forward me 1400 $ (USD) through BTC (equivalent at the date of the swap itself). 
When this will occur I guarantee to delete your entire information from my host storing areas & i will just forget about you.
My personal BTC transaction address: 35ewWbarTSs6LCV7gPUkixKbExvFbzJ6NT
Remember to search on the internet exactly how purchase or forward bitcoin if you don't know how.
This is a trackable letter and I will find out once it's open. The email is likewise not monitored and there is no point in replying to me. You got right now 2 days from the moment you read it to send me the finances.

Your data will likely be revealed to people if you try to make contact with law enforcement or seek other 3rd party solution, and there is furthermore no point in altering passwords to your social networking, devices, or whatever, as I've previously downloaded every single thing into the host.

It's now your decision to perhaps act stupid or think about your feasible destiny and act wise.

Send a report that this bug log contains spam.